NETEXT D. Liu Internet-Draft Z. Cao Intended status: Informational B.Zhou Expires: September 9, 2010 China Mobile March 8, 2010 IKEv2 based flow control extension of PMIPv6 draft-liu-netext-flow-pmip-01 Abstract PMIPv6 is designed to provide network based mobility, it requries no changes to the UE. There are proposals to extend PMIPv6 to support flow mobility. Flow mobility requries the UE and the network have communication protocol to carry the flow control information. This document proposes to use the IKEv2 protocol to carry the flow control information between the UE and network. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on September 9, 2010. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Liu, et al. Expires September 9, 2010 [Page 1] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions used in this document . . . . . . . . . . . . . . 4 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. 4.1 Overview of using IKEv2 to carry flow control information . . . . . . . . . . . . . . . . . . . . . . . . . 6 5. 4.2 IKEv2 configuration payload extension . . . . . . . . . . 7 6. Security Considerations . . . . . . . . . . . . . . . . . . . 11 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13 9. Normative References . . . . . . . . . . . . . . . . . . . . . 14 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 15 Liu, et al. Expires September 9, 2010 [Page 2] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 1. Introduction There are proposals to extend PMIPv6 to support flow mobility. But there is currently no protocol is specified between the UE and network which is used to carry the flow control policies. Since PMIPv6 is aimed to provide network based mobility solution and no UE changes is required, it is not feasible to define new protocol between the UE and network which is used to carry the flow control information. This document proposes to use IKE protocol to carry the flow control information. Liu, et al. Expires September 9, 2010 [Page 3] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL","SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Liu, et al. Expires September 9, 2010 [Page 4] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 3. Terminology TBD Liu, et al. Expires September 9, 2010 [Page 5] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 4. Overview of using IKEv2 to carry flow control information IKEv2 is a protocol use for security parameter negotiation. It is usally used combine with IPSec. There are configuration payloads in IKEv2 which could be used for IP address allocation and other configuration purpose. This document proposes to use the configuration payloads to carry the flow control information. IKEv2/IPSec is also used for protecting mobility signalling in 3GPP. In 3GPP specification, s2b interface is un-trusted no-3GPP access which is based on PMIPv6. To protect the data, there is a IPSec tunnel need to be established between the UE and the un-trusted no- 3GPP access gateway(ePDG). This IPSec tunnel's security association and other security parameters is set up using IKEv2. Except for the security function, the IKEv2 protocol between the UE and no-3GPP access gateway(ePDG) is also used for IP address configuration. The IP address is carried by configuration payload in IKEv2. From the above discussion, we can see that there is a mandatory IKEv2 protocol exist between the UE and the network in 3GPP s2b interface. It is natural to consider extending this protocol to carry the network based flow control information. Liu, et al. Expires September 9, 2010 [Page 6] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 5. IKEv2 configuration payload extension IKEv2's configuration payload is defined to carry configuration information, for example: IP address allocation etc. The format of the configration payload is as follows: 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Next Payload !C! RESERVED ! Payload Length ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! CFG Type ! RESERVED ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! ! ~ Configuration Attributes ~ ! ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: Format of Configuration Payload of IKEv2 As figure 1 depicted, IKEv2 configuration payload has CFG Type and configuration attributes options. CFG Type includes CFG_REQUEST, CFG_REPLY, CFG_SET, CFG_ACK. "CFG_SET/CFG_ACK" allows an IKE endpoint to push configuration data to its peer. "CFG_REQUEST/ CFG_REPLY" allows an IKE endpoint to request information from its peer. Configuration attributes has the following format: 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ !R| Attribute Type ! Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ~ Value ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: Format of Configuration attributes Current specified attribute type include: Liu, et al. Expires September 9, 2010 [Page 7] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 Multi- Attribute Type Value Valued Length ======================= ===== ====== ================== RESERVED 0 INTERNAL_IP4_ADDRESS 1 YES* 0 or 4 octets INTERNAL_IP4_NETMASK 2 NO 0 or 4 octets INTERNAL_IP4_DNS 3 YES 0 or 4 octets INTERNAL_IP4_NBNS 4 YES 0 or 4 octets INTERNAL_ADDRESS_EXPIRY 5 NO 0 or 4 octets INTERNAL_IP4_DHCP 6 YES 0 or 4 octets APPLICATION_VERSION 7 NO 0 or more INTERNAL_IP6_ADDRESS 8 YES* 0 or 17 octets RESERVED 9 INTERNAL_IP6_DNS 10 YES 0 or 16 octets INTERNAL_IP6_NBNS 11 YES 0 or 16 octets INTERNAL_IP6_DHCP 12 YES 0 or 16 octets INTERNAL_IP4_SUBNET 13 YES 0 or 8 octets SUPPORTED_ATTRIBUTES 14 NO Multiple of 2 INTERNAL_IP6_SUBNET 15 YES 17 octets Figure 3: Attribute type This document proposes to extend the attribute type of the Configuration attributes , adding two new types: IPv4_FLOW_CONTROL/ IPv6_FLOW_CONTROL, the definition of this proposal is as follows: Multi- Attribute Type Value Valued Length ======================= ===== ====== ================== IPv4_FLOW_CONTROL 20 YES* 0 or x octets IPv6_FLOW_CONTROL 21 YES* 0 or x octets Figure 4: Attribute type extension The corresponding value of this proposed FLOW_CONTROL attribute is as follows: Liu, et al. Expires September 9, 2010 [Page 8] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MN-ID | BID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HNP | Action | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | start Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | End Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | start Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | End Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Start SPI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | End SPI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Start Source port | End Source port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Start Destination port | End Destination port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: FLOW_CONTROL Attribute value definition MN-ID: MN idendification of the mobile node. BID: Binding idendification associated with this flow and HNP. HNP: Home network prefix associated with this flow. Action: The action that the sender request the receiver to perform. Actions may include: Foward(1): request the receiver to foward the flow based on the HNP and BID. other values of action need further specified. Start Source Address: Start of source address of this flow. this address could be IPv4 or IPv6 address, depending on the FLOW_CONTROL type is IPv4 or IPv6. End Source Address: end of source address of this flow. this address could be IPv4 or IPv6 address, depending on the FLOW_CONTROL type is IPv4 or IPv6. Liu, et al. Expires September 9, 2010 [Page 9] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 Start Destination Address:start of destination address of this flow. this address could be IPv4 or IPv6 address, depending on the FLOW_CONTROL type is IPv4 or IPv6. End Destination Address:end of destination address of this flow. this address could be IPv4 or IPv6 address, depending on the FLOW_CONTROL type is IPv4 or IPv6. Start SPI: Start SPI of this flow. End SPI: End SPI of this flow. Start Source port: Start soure port of this flow. End Source port: End of source port of this flow. Start Destination port: Start of destination port of this flow. End Destination port: End of destination port of this flow. Liu, et al. Expires September 9, 2010 [Page 10] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 6. Security Considerations TBD Liu, et al. Expires September 9, 2010 [Page 11] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 7. IANA Considerations None Liu, et al. Expires September 9, 2010 [Page 12] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 8. Acknowledgments TBD Liu, et al. Expires September 9, 2010 [Page 13] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 9. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. Liu, et al. Expires September 9, 2010 [Page 14] Internet-Draft Flow Policy Provision Solution of PMIPv6 March 2010 Authors' Addresses Dapeng Liu China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: liudapeng@chinamobile.com Zhen Cao China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: caozhen@chinamobile.com Bo Zhou China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: zhoubo@chinamobile.com Liu, et al. Expires September 9, 2010 [Page 15]