Network Working Group J. Korhonen Internet-Draft Nokia Siemens Networks Intended status: Informational February 9, 2009 Expires: August 13, 2009 Proxy Mobile IPv6 Mobility Session Redirection Problem Statement draft-korhonen-netext-redirect-ps-00.txt Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 13, 2009. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract This document discusses a Proxy Mobile IPv6 mobility session redirection functionality at the Proxy Mobile IPv6 base protocol Korhonen Expires August 13, 2009 [Page 1] Internet-Draft Proxy Mobile IPv6 Redirection PS February 2009 level. The redirection functionality would allow a Local Mobility Anchor to redirect the Mobile Access Gateway during the Proxy Binding Update and Acknowledgement exchange to an alternative Local Mobility Anchor. The benefit of redirection at the protocol level is that it removes the dependence on having such functionality provided by the Authentication, Authorization and, Accounting elements or the Domain Name System in a Proxy Mobile IPv6 Domain. Furthermore, doing the redirection at the base protocol level reduces the amount of signaling, unnecessary costly setup of mobility sessions and unnecessary costly interactions with backend systems. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Redirection Approaches . . . . . . . . . . . . . . . . . . . . 4 4. Redirection Scenarios . . . . . . . . . . . . . . . . . . . . . 4 4.1. Redirection During the Initial Attach . . . . . . . . . . . 4 4.2. Redirection of an Active IP Mobility Session . . . . . . . 5 5. Proxy Mobile IPv6 Domain Considerations . . . . . . . . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . . 6 8.2. Informative References . . . . . . . . . . . . . . . . . . 6 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 6 Korhonen Expires August 13, 2009 [Page 2] Internet-Draft Proxy Mobile IPv6 Redirection PS February 2009 1. Introduction This document discusses a mobility session redirection functionality for the Proxy Mobile IPv6 (PMIPv6) protocol. The redirection functionality would allow a Local Mobility Anchor (LMA) to redirect the Mobile Access Gateway (MAG) during the Proxy Binding Update (PBU) and the Proxy Binding Acknowledgement (PBA) exchange to an alternative LMA. The benefit of redirection at the protocol level is that it removes the dependence on having such functionality provided by the Authentication, Authorization and, Accounting (AAA) elements or the Domain Name System (DNS) in a PMIPv6 Domain. Furthermore, doing the redirection at the base protocol level reduces the amount of signaling, unnecessary costly setup of mobility sessions and unnecessary costly interactions with backend systems. The redirection during the initial attach and the exchange of PBU/PBA messages seems to be the most natural place for redirection, because the mobility session setup is still in progress. Therefore, the redirection during the initial attach is also the main problem interest area of this document. The redirection of an active mobility session can be seen as a handover between LMAs. Accomplishing a handover between LMAs and maintaining the active mobility session, which may even include moving the Home Network Prefix (HNP) to a new topological location in the network, can be really challenging. Therefore, the redirection of an active mobility session is the secondary problem interest area of this document. The following sections evaluate existing solutions for redirection that may be used with PMIPv6. This document also briefly describes few use cases where redirection would be useful, and finally describes deployment consideration within a PMIPv6 Domain when redirection is used. 2. Terminology In addition to the terminology defined in RFC 5213 [RFC5213], the following terminology is also used: rfLMA The LMA which receives the PBU from a MAG and decides to redirect the IP mobility session, and forwards the PBU to the target LMA (r2LMA). Korhonen Expires August 13, 2009 [Page 3] Internet-Draft Proxy Mobile IPv6 Redirection PS February 2009 r2LMA The LMA to which a MAG was redirected to. During the redirection, the PBA is possibly sent to the MAG from this LMA. 3. Redirection Approaches The dependency on DNS for redirection may not be deterministic enough from the PMIPv6 Domain point of view, for example in cases where MAGs cache DNS responses. DNS based approach is also applicable only during the initial attach. Furthermore, globally deployed DNS has unpredictable latencies on dynamic DNS updates that again make DNS suboptimal tool for redirection. Using AAA for redirection is also another possibility. However, relying on the AAA infrastructure would mean, in most cases, unnecessary updates to a remote Policy Store and subsequent Policy Profile downloads before and after redirection. Compared to DNS based approach, the AAA infrastructure would allow initiating the redirection of an active mobility session. Another redirection approach would be utilizing Home Agent Switch [RFC5142] type of solution, which appears to be suitable especially initiating the redirection of an active mobility session. The drawback of this approach during the initial attach is increased signaling. One additional roundtrip is required to inform the MAG of a LMA redirection, one roundtrip to remove the existing binding on the old rfLMA, and one roundtrip to establish a new mobility session at the target r2LMA. Also, there is no guarantee that the mobility session continuity can be preserved. Furthermore, this approach would mean unnecessary creation of a "temporary" state in the rfLMA and unnecessary interactions with the backend systems. Based on the above observations, a more efficient redirection mechanism can be justified that would be part of the PMIPv6 base protocol and independent of external supporting infrastructures. The details of how a LMA determines the redirection and possibly the communication between LMAs in a PMIP6 Domain to maintain a list of available LMAs is outside the scope of this document. 4. Redirection Scenarios 4.1. Redirection During the Initial Attach This is the basic use case for the redirection functionality. A MAG sends an initial PBU for establishing a mobility session to a known LMA address within the PMIPv6 Domain. The MAG may find out the "well known" IP address or addresses of the LMA through various PMIPv6 Korhonen Expires August 13, 2009 [Page 4] Internet-Draft Proxy Mobile IPv6 Redirection PS February 2009 bootstrapping mechanisms [I-D.ietf-dime-pmip6] [I-D.korhonen-netlmm-lma-discovery]. The MAG receives the PBA from the r2LMA and will send subsequent PBUs and user traffic to the r2LMA. The MAG updates its Binding Cache and Policy Profile to reflect the r2LMA to which PBUs associated with the MN need to be sent. 4.2. Redirection of an Active IP Mobility Session This use case would allow a redirection of an active mobility session. The MAG would be redirected to a new r2LMA during a normal Binding Lifetime Extension PBU/PBA exchange. Reasons for doing so is, for example, moving Mobile Nodes (MS) anchored to a certain LMA to another in order to allow graceful shutdown of the LMA for maintenance purposes. Another reason could again be load balancing in abrupt change of load condition on the LMA, and therefore redirect some of the mobility sessions to another less loaded LMA. If there is a need to maintain mobility session continuity during the redirection, then additional functionality is required in LMAs and possibly in the PMIPv6 Domain routing system. A context transfer mechanism directly between LMAs, via a remote Policy Store or via some other control function would be an obvious requirement. However, context transfer specifics are outside the scope of this document. 5. Proxy Mobile IPv6 Domain Considerations The redirection problem discussed in this document is only possible between MAGs and LMAs that have an existing SA set up. It is the responsibility of the rfLMA that receives a PBU from a MAG to redirect the MAG to a such r2LMA whom the MAG already has a SA set up with. Furthermore, the rfLMA and the r2LMA must have a prior agreement and an established trust relationship to perform redirection. How a LMA learns and knows of other LMAs (where the mobility session can be redirected), is not covered by this problem statement. Dynamic establishment of a SA during redirection is not covered in this problem statement. 6. Security Considerations The security considerations of PMIPv6 signaling described in RFC 5213 [RFC5213] apply to this document. An incorrectly configured redirection functionality may cause unwanted redirection attempts to non-existing LMAs or to other LMAs that do not have and will not have a SA with the redirected MAG. At the same time, a falsely redirected Korhonen Expires August 13, 2009 [Page 5] Internet-Draft Proxy Mobile IPv6 Redirection PS February 2009 MAG will experience failing binding updates and failing creation of mobility sessions. An incorrectly configured redirection functionality may also cause biased load distribution within a PMIPv6 Domain. This document also assumes that the LMAs participating to the redirection have adequate prior agreement and trust relationship between each other. 7. IANA Considerations This document has no IANA actions. 8. References 8.1. Normative References [RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008. 8.2. Informative References [I-D.ietf-dime-pmip6] Korhonen, J., Bournelle, J., Muhanna, A., Chowdhury, K., and U. Meyer, "Diameter Proxy Mobile IPv6: Support For Mobile Access Gateway and Local Mobility Anchor to Diameter Server Interaction", draft-ietf-dime-pmip6-00 (work in progress), January 2009. [I-D.korhonen-netlmm-lma-discovery] Korhonen, J. and V. Devarapalli, "LMA Discovery for Proxy Mobile IPv6", draft-korhonen-netlmm-lma-discovery-00 (work in progress), October 2008. [RFC5142] Haley, B., Devarapalli, V., Deng, H., and J. Kempf, "Mobility Header Home Agent Switch Message", RFC 5142, January 2008. Korhonen Expires August 13, 2009 [Page 6] Internet-Draft Proxy Mobile IPv6 Redirection PS February 2009 Author's Address Jouni Korhonen Nokia Siemens Networks Linnoitustie 6 FIN-02600 Espoo FINLAND Email: jouni.nospam@gmail.com Korhonen Expires August 13, 2009 [Page 7]