Network Working Group P. Kim Internet-Draft Korea Polytechnic University Intended status: Informational S. Kim Expires: May 10, 2008 J. Jin KT Infra R&D Center November 11, 2007 Fast Handovers for Proxy Mobile IPv6 without Inter-MAG Signaling draft-pskim-netlmm-fastpmip6-00 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on May 10, 2008. Copyright Notice Copyright (C) The IETF Trust (2007). Kim et al. Expires May 10, 2008 [Page 1] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 Abstract To reduce handover latency for Proxy Mobile IPv6 (PMIPv6), this document proposes an alternative fast handover mechanism where only LMA exchange signaling with MAGs to set up the fast handover. That is, unlike existing mechanisms, inter-MAG signaling is not required in a system which operates the proposed mechanism for the fast handover. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Mechanism Operation . . . . . . . . . . . . . . . . . . . . . 4 4. Message Formats . . . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6 Intellectual Property and Copyright Statements . . . . . . . . . . 7 Kim et al. Expires May 10, 2008 [Page 2] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 1. Introduction In recent, to reduce handover latency for Proxy Mobile IPv6 (PMIPv6) in [1], fast handover mechanisms have been dealt as shown in [2][3]. In existing mechanisms[2][3], two relevant MAGs can exchange signaling to set up the fast handover of MNs. This can require these two MAGs to share an SA to protect fast handover related signaling messages as shown in [4]. Therefore, for the fast handover, all relevant MAGs must share an SA, independent of whether or not they are geographically adjacent. This might impact the amount of SA-related states on each MAG. Of course, if this is not a problem, the existing mechanisms[2][3] allow MAGs to exchange fast handover related signaling directly. This document proposes an alternative fast handover mechanism for PMIPv6, where only LMA exchange signaling with MAGs to set up the fast handover. That is, inter-MAG signaling is not required in a system which operates the proposed mechanism for the fast handover. Thus, this does not require two relevant MAGs to share an SA to protect fast handover related signaling messages. All the signaling messages for the fast handover between LMA and MAGs can be extended from the existing Fast Handover MIPv6 (FMIPv6) in [5]. 2. Terminology The terminology in this document is based on the definitions of PMIPv6[1] and FMIPv6[5], in addition to the ones specified in [2] as follows: [BS-ID, Proxy-CoA] tuple: Contains Proxy-CoA of an MAG and the Base Station (identified by BS-ID) which is attached to MAG. The tuple is probably manually configured or using other mechanisms that are out of scope. PMAG: Previous Mobile Access Gateway. The MN's default router prior to its handover. In this document, it has the same meaning as the Previous Access Router (PAR) of FMIPv6. NMAG: New Mobile Access Gateway. The MN's default router subsequent to its handover. In this document, it has the same meaning as the New Access Router (NAR) of FMIPv6. Kim et al. Expires May 10, 2008 [Page 3] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 3. Mechanism Operations As shown in Figure 1, in the proposed mechanism, MAGs (PMAG and NMAG) do not exchange signaling messages directly for the fast handover. A MAG exchanges signaling only with the LMA, which is associated with the attached MN. As a consequence, the LMA will proxy signaling messages between MAGs to set up the fast handover. The PMAG is currently doing the mobility related signaling on behalf of the MN as shown in [1]. Before the MN moves from PMAG to NMAG, negotiation occurs between the MN and serving base station (BS) connected to PMAG through L2 handover signaling. (1) When the L2 handover decision is made, the MN (or serving BS) sends the PMAG L2-HO information message in which target BS-ID is included. The details on L2-HO information is out of scope. (2) There are [BS-ID, Proxy-CoA] tuples in MAGs. Once receiving L2-HO information message, the PMAG collects MN's related context such as MN-Identifier, MN-HoA, MN-HNP, Proxy-CoA, MN's MAC address. In addtion, the PMAG retrieves NMAG's Proxy-CoA (N-Procy-CoA) from [BS-ID, Proxy-CoA] tuple. And then, the PMAG sends a Fast Proxy Binding Update (FPBU) message to the LMA to redirect the tunnel from the PMAG. The FPBU message contains N-Proxy-CoA and MN-Identifier. (3) After the LMA receives FPBU message, the LMA sends Handover Initiate (HI) message to NMAG where the HI message contains the PMAG's Proxy-CoA (P-Proxy-CoA) and MN-Identifier. (4) The NMAG then sends HAck to the LMA. Once HAck is received by the LMA, a bi-directional tunnel between PMAG and NMAG is established, and the P-Proxy-CoA and the N-Proxy-CoA are the tunnel's two ends. (5) Once the LMA successfully processes the HAck, the LMA sends Fast Proxy Binding Acknowledgement (FPBAck) message to the PMAG. (6) Packets destined to the MN are tunneled from the PMAG to the NMAG based on the MN-HoA. The PMAG decapsulates the packets received from the tunnel to the LMA, encapsulates into tunnel between PMAG and NMAG, and then sends them to NMAG. The NMAG buffers the packets until the link between NMAG and MN is ready. (7) The network access authentication is performed when MN attaches to target BS connected by NMAG. When a layer 2 link is established, the MN (or target BS) sends a L2-Up message including target BS-ID to the NMAG. Then, the link between MN and NMAG is ready. Kim et al. Expires May 10, 2008 [Page 4] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 (8) The NMAG delivers the buffered packets to the MN. MN PMAG NMAG LMA | | | | |--- (1) L2-HO --->| | | | |----------(2) FPBU ----------->| | | | | | | |<---(3) HI ---| | | | | | | |--(4) HAck -->| | | | | | |<---------(5) FPBAck ----------| | | | | Disconnect (6) forward packets buffering | | |===============>| | | | | | connect | | | | | | | |------------(7) L2-UP ------------>| | | | | | | (8) deliver packets | | |<==================================|<=============| | | | | Figure 1: Fast handover procedure for PMIPv6 4. Message Formats All the messages between LMA and PMAG/NMAG can be extended simply from the FMIPv6 protocol in [5]. 5. Security Considerations Security threats for the fast handover in network-based mobility management comprise the danger of unauthorized set up or redirect of an established forwarding path by a malicious node. Signaling messages between a MAG and an LMA must be authenticated by means of IPsec [6]. The use of IPsec between an LMA and a MAG follows [1]. Protection of signaling messages between an LMA and a MAG uses the mechanisms of Encapsulating Security Payload (ESP) [7] in transport mode with mandatory data origin authentication by means of a non-null payload authentication algorithm. In case setting up a security association between MAGs appears difficult, the proposed mechanism for the fast handover allows secure operation without mandating such security association. Kim et al. Expires May 10, 2008 [Page 5] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 6. References 6.1. Normative References None 8.2. Informative references [1] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", draft-ietf-netlmm-proxymip6-07 (work in progress), September 2007. [2] Xia, F., Sarikaya, B., "Mobile Node Agnostic Fast Handovers for Proxy Mobile IPv6", draft-xia-netlmm-fmip-mnagno-01 (work in progress), July 2007. [3] Sihun, P. et al., "Fast Localized Proxy Mobile IPv6 (FLPMIPv6)" draft-park-netlmm-fastpmip-00 (work in progress), February 2007. [4] Abeille, J., Liebsch, M., "Route Optimization for Proxy Mobile IPv6" draft-abeille-netlmm-proxymip6ro-00 (work in progress), May 2007. [5] Koodli, R., "Fast Handovers for Mobile IPv6", draft-ietf-mipshop-fmipv6-rfc4068bis-03 (work in progress), March 2007. [6] Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301, December 2005. [7] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005. Authors' Addresses Pyungsoo Kim Department of Electronics Engineering, Korea Polytechnic University, 2121 Jungwang-Dong, Shiheung City, Gyeonggi-Do 429-793 KOREA Phone: +82 31 8041 0489 EMail: pskim@kpu.ac.kr Kim et al. Expires May 10, 2008 [Page 6] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 Sang-Eon Kim Infra Lab., KT 17 Woomyeon-dong, Seocho-gu Seoul, 137-792 KOREA Phone: +82 2 526 6117 Email: sekim@kt.co.kr Jong-Sam Jin Infra Lab., KT 17 Woomyeon-dong, Seocho-gu Seoul, 137-792 KOREA Phone: +82 2 526 6117 Email: jongsam@kt.co.kr Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Kim et al. Expires May 10, 2008 [Page 7] Internet-Draft Fast Handovers for Proxy Mobile IPv6 November 2007 Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Kim et al. Expires May 10, 2008 [Page 8]