idnits 2.17.1 draft-liu-netext-flow-pmip-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 1 character in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (March 14, 2011) is 4792 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC3775' is defined on line 275, but no explicit reference was found in the text == Unused Reference: 'RFC5213' is defined on line 278, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-mext-flow-binding' is defined on line 283, but no explicit reference was found in the text == Unused Reference: 'RFC4306' is defined on line 289, but no explicit reference was found in the text ** Obsolete normative reference: RFC 3775 (Obsoleted by RFC 6275) -- Obsolete informational reference (is this intentional?): RFC 4306 (Obsoleted by RFC 5996) Summary: 2 errors (**), 0 flaws (~~), 6 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 NETEXT D. Liu 3 Internet-Draft Z. Cao 4 Intended status: Informational B. Zhou 5 Expires: September 14, 2011 China Mobile 6 March 14, 2011 8 IKEv2 based flow control extension of PMIPv6 9 draft-liu-netext-flow-pmip-03 11 Abstract 13 PMIPv6 is designed to provide network based mobility, it requries no 14 changes to the UE. There are proposals to extend PMIPv6 to support 15 flow mobility. Flow mobility requries the UE and the network having 16 communication protocol to carry the flow control messages. This 17 document proposes to use the extended IKEv2 protocol to carry the 18 flow control messages between the UE and network. 20 Status of this Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on September 8, 2011. 37 Copyright Notice 39 Copyright (c) 2011 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. Conventions used in this document . . . . . . . . . . . . . . . 3 56 3. Overview of using IKEv2 to carry flow control information . . . 3 57 4. IKEv2 configuration payload extension . . . . . . . . . . . . . 3 58 5. MN operation . . . . . . . . . . . . . . . . . . . . . . . . . 7 59 6. MAG operation . . . . . . . . . . . . . . . . . . . . . . . . . 7 60 7. LMA operation . . . . . . . . . . . . . . . . . . . . . . . . . 7 61 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 62 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 63 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 64 10.1. Normative References . . . . . . . . . . . . . . . . . . . 7 65 10.2. Informative References . . . . . . . . . . . . . . . . . . 8 66 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 68 1. Introduction 70 There are proposals to extend PMIPv6 to support flow mobility. But 71 there is currently no protocol is specified between the UE and 72 network which is used to carry the flow control policies. Since 73 PMIPv6 is aimed to provide network based mobility solution and no UE 74 changes is prefered, it is not feasible to define new protocol 75 between the UE and network which is used to carry the flow control 76 information. This document proposes to use extended IKE protocol to 77 carry the flow control information. 79 2. Conventions used in this document 81 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL","SHALL NOT", 82 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 83 document are to be interpreted as described in [RFC2119]. 85 3. Overview of using IKEv2 to carry flow control information 87 IKEv2 is used for security parameter negotiation. It is usally used 88 combine with IPSec. There are configuration payload options in IKEv2 89 which could be used for IP address allocation and other configuration 90 purposes. This document proposes to extend the configuration 91 payloads to carry the flow control information. 93 IKEv2/IPSec is also used for protecting mobility signalling in 3GPP. 94 In 3GPP architecture, s2b interface is based on PMIP and used for un- 95 trusted non-3GPP access. There is an IPSec tunnel between the UE and 96 the un-trusted non- 3GPP access gateway(ePDG). This IPSec tunnel's 97 security association and other security parameters are set up using 98 IKEv2. Except for the security function, the IKEv2 protocol between 99 the UE and no-3GPP access gateway(ePDG) is also used for IP address 100 configuration. The IP address is carried by configuration payload in 101 IKEv2. 103 From the above analysis, we can see that there is a mandatory IKEv2 104 protocol running between the UE and the network in 3GPP s2b 105 interface. It is natural to consider extending this protocol to 106 carry the flow mobility control information. 108 4. IKEv2 configuration payload extension 110 IKEv2's configuration payload is defined to carry configuration 111 information, for example: IP address allocation etc. The format of 112 the configration payload is as follows: 114 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 115 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 116 ! Next Payload !C! RESERVED ! Payload Length ! 117 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 118 ! CFG Type ! RESERVED ! 119 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 120 ! ! 121 ~ Configuration Attributes ~ 122 ! ! 123 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 125 Figure 1: Format of Configuration Payload of IKEv2 127 As Figure 1 depicted, IKEv2 configuration payload has CFG Type and 128 configuration attributes options. CFG Type includes CFG_REQUEST, 129 CFG_REPLY, CFG_SET, CFG_ACK. "CFG_SET/CFG_ACK" allows an IKE 130 endpoint to push configuration data to its peer. "CFG_REQUEST/ 131 CFG_REPLY" allows an IKE endpoint to request information from its 132 peer. 134 Configuration attributes has the following format: 136 1 2 3 137 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 138 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 139 !R| Attribute Type ! Length | 140 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 141 | | 142 ~ Value ~ 143 | | 144 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 146 Figure 2: Format of Configuration attributes 148 Current specified attribute type include: 150 Multi- 151 Attribute Type Value Valued Length 152 ======================= ===== ====== ================== 153 RESERVED 0 154 INTERNAL_IP4_ADDRESS 1 YES* 0 or 4 octets 155 INTERNAL_IP4_NETMASK 2 NO 0 or 4 octets 156 INTERNAL_IP4_DNS 3 YES 0 or 4 octets 157 INTERNAL_IP4_NBNS 4 YES 0 or 4 octets 158 INTERNAL_ADDRESS_EXPIRY 5 NO 0 or 4 octets 159 INTERNAL_IP4_DHCP 6 YES 0 or 4 octets 160 APPLICATION_VERSION 7 NO 0 or more 161 INTERNAL_IP6_ADDRESS 8 YES* 0 or 17 octets 162 RESERVED 9 163 INTERNAL_IP6_DNS 10 YES 0 or 16 octets 164 INTERNAL_IP6_NBNS 11 YES 0 or 16 octets 165 INTERNAL_IP6_DHCP 12 YES 0 or 16 octets 166 INTERNAL_IP4_SUBNET 13 YES 0 or 8 octets 167 SUPPORTED_ATTRIBUTES 14 NO Multiple of 2 168 INTERNAL_IP6_SUBNET 15 YES 17 octets 170 Figure 3: Attribute type 172 This document proposes to extend the attribute type of the 173 Configuration attributes , adding two new types: IPv4_FLOW_CONTROL/ 174 IPv6_FLOW_CONTROL, the definition of this proposal is as follows: 176 Multi- 177 Attribute Type Value Valued Length 178 ======================= ===== ====== ================== 179 IPv4_FLOW_CONTROL 20 YES* 0 or x octets 180 IPv6_FLOW_CONTROL 21 YES* 0 or x octets 182 Figure 4: Attribute type extension 184 The corresponding value of this proposed FLOW_CONTROL attribute is as 185 follows: 187 0 1 2 3 188 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 189 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 190 | MN-ID | BID | 191 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 192 | HNP | Action | 193 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 194 | start Source Address | 195 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 196 | End Source Address | 197 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 198 | start Destination Address | 199 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 200 | End Destination Address | 201 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 202 | Start SPI | 203 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 204 | End SPI | 205 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 206 | Start Source port | End Source port | 207 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 208 | start Destination port | End Destination port | 209 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 211 Figure 5: FLOW_CONTROL Attribute value definition 213 o MN-ID: MN idendification of the mobile node. 214 o BID: Binding idendification associated with this flow and HNP. 215 o HNP: Home network prefix associated with this flow. 216 o Action: The action that the sender request the receiver to 217 perform. Actions may include:Foward(1): request the receiver to 218 foward the flow based on the HNP and BID.other values of action 219 need further specified. 220 o Start Source Address: Start of source address of this flow. this 221 address could be IPv4 or IPv6 address, depending on the 222 FLOW_CONTROL type is IPv4 or IPv6. 223 o End Source Address: end of source address of this flow. this 224 address could be IPv4 or IPv6 address, depending on the 225 FLOW_CONTROL type is IPv4 or IPv6. 226 o Start Destination Address:start of destination address of this 227 flow. this address could be IPv4 or IPv6 address, depending on the 228 FLOW_CONTROL type is IPv4 or IPv6. 229 o End Destination Address:end of destination address of this flow. 230 this address could be IPv4 or IPv6 address, depending on the 231 FLOW_CONTROL type is IPv4 or IPv6. 233 o Start SPI: Start SPI of this flow. 234 o End SPI: End SPI of this flow. 235 o Start Source port: Start soure port of this flow. 236 o End Source port: End of source port of this flow. 237 o Start Destination port: Start of destination port of this flow. 238 o End Destination port: End of destination port of this flow. 240 5. MN operation 242 for flow mobility, MN decides when to initiate flow handover. MN 243 uses the above extended IKEv2 configureation payload extension to 244 send the flow control message. Flow mobility polilcy control 245 function need to communicate with the IKE module in the MN to carry 246 the flow mobility control information. 248 6. MAG operation 250 MAG needs to get the flow mobility control information from the IKE 251 configration payload extension. MAG then send PBU message with the 252 flow mobility extension. 254 7. LMA operation 256 LMA get flow control information from the PBU which carries the flow 257 mobility extension. Then it control the flow mobility action 258 accordingly. 260 8. Security Considerations 262 TBD 264 9. IANA Considerations 266 None 268 10. References 270 10.1. Normative References 272 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 273 Requirement Levels", BCP 14, RFC 2119, March 1997. 275 [RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support 276 in IPv6", RFC 3775, June 2004. 278 [RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K., 279 and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008. 281 10.2. Informative References 283 [I-D.ietf-mext-flow-binding] 284 Tsirtsis, G., Soliman, H., Montavont, N., Giaretta, G., 285 and K. Kuladinithi, "Flow Bindings in Mobile IPv6 and NEMO 286 Basic Support", draft-ietf-mext-flow-binding-11 (work in 287 progress), October 2010. 289 [RFC4306] Kaufman, C., "Internet Key Exchange (IKEv2) Protocol", 290 RFC 4306, December 2005. 292 Authors' Addresses 294 Dapeng Liu 295 China Mobile 296 Unit2, 28 Xuanwumenxi Ave,Xuanwu District 297 Beijing 100053 298 China 300 Email: liudapeng@chinamobile.com 302 Zhen Cao 303 China Mobile 304 Unit2, 28 Xuanwumenxi Ave,Xuanwu District 305 Beijing 100053 306 China 308 Email: caozhen@chinamobile.com 310 Bo Zhou 311 China Mobile 312 Unit2, 28 Xuanwumenxi Ave,Xuanwu District 313 Beijing 100053 314 China 316 Email: zhouboyj@chinamobile.com