Distributed Service Location and Session Management for Ad-hoc Networks Juhamatti Kettunen Nokia Research Center Computing Architectures Laboratory P.O. Box 407, FIN-00045 NOKIA GROUP, Finland juhamatti.kettunengnokia.com Abstract This paper presents distributed and authenticated service discovery and session management schemes. The SLP and SIP protocols have been enhancedfor use in ad-hoc networks. We have coupled the protocols with the AODV ad-hoc routing protocol to make the signaling as efficient as possible. The design has been implemented and tried out in a real ad-hoc network testbed. Our results show that the system is feasible in practice, and very efficient both in terms of bandwidth consumption and computational load. 1. Introduction Ad-hoc networks are dynamic networks, wherethe number of nodes and the network topology may change sporadically. Routing iS typically multi-hop, yet, this can be performed on the MAC layer or the IP layer. Due to their dynamic nature, ad-hoc networks must follow distributed computing because relyng on fixed centralized servers may not be possible. Distributed computing in ad-hoc networks can be based on electing certain nodes to perform centralized tasks, and re-elections in case of failure, or on distributing the same functionality evenly into all nodes. Primary design criteria for service discovery and session management in ad-hoc networks are distributed and standalone operation without support from the Internet, ability to handle node arrival and departure gracefully, support for pull and push information dissemination, support for any types of services and applications, mutual authentication, and small message sizes for energy efficiency. The SESSI project investigated services for ad-hoc networks, focusing on extensions to the Service Location Protocol v2 (SLP) [3] and the Session Initiation Protocol (SIP) [4] [8]. The key extensions to SLP include better authentication of the service announcement, and proactive dissemination of service availability without prior request. Fundamentally SLP fits quite well into an ad-hoc network [5]. 1-4244-0992-6/07/$25.OO © 2007 IEEE Jukka Manner, Antti Yld-Jaaski Helsinki University of Technology TML Laboratory P.O.Box 5400, 02015 TKK, Finland j manner, anttiyj gtml. hut. fi The basic SIP architecture includes an overlay network of centralized servers, e.g, registrars and proxies. A new extension to SIP, called distributed SIP (dSIP) [8, 9], removes the need for centralized servers, and enables initiating sessions in ad-hoc networks. The basic concept is that all SIP clients broadcast their bindings (SIP Addressof-Record and IP address) to other nodes in the network, or alternatively, request other users' bindings. This latter functionality can be implemented using SLP: users look for the service "SIP", and get in return the bindings of users. The SESSI project targeted W/LAN ad-hoc networks, e.g., IEEE 802.11 in ad-hoc mode, where all nodes communicate on the same IP link. In this paper, we extend the basic SESSI framework with the Ad-hoc On-demand Distance Vector (AODV) [14] routing protocol. With careful coupling of SLP and dSIP schemes and AODV, we are able to send these higher layer protocol messages in single AODV routing packets, saving a tremendous amount of bandwidth and energy. Without coupling, a node would send route requests, service requests, and its own proactive service announcements in separate messages, with additional replies coming back in individual messages. We show an implementation and proof-of-concept demonstration of a multihop ad-hoc network where users can look for services, including the service "SIP", and are able to initiate sessions, e.g., instant messaging or chat, with each other. Our system is fully distributed, thus, no single points of failure exist. There exists research and solutions for service discovery in ad-hoc networks (e.g., [6, 7, 10, 13]), but the solutions usually address only a specific type of ad-hoc network environment, solve only a subset ofthe design criteria discussed above, are based on mediators or other proxy functionality and do not consider the effect of the underlying ad-hoc routing protocols. An old and expired Internet Draft [5] discusses SLP and AODV integration, and a short paper [2] presents similar ideas using ns2. Our scheme follows those concepts, but our design goes much further in the integration, and security, and introduces the use of passive SLP. 2 Overall Architecture 2.3 The SESSI project had three goals: service discovery, session management, and security. One of the key design guidelines was flexibility in order to enable different applications and usage models, independency of routing protocols, and power efficiency. Service discovery is achieved with extensions to SLP, session management is handled with an extended version of SIP, and the security mechanisms allow various security levels depending on the application and user requirements. The project also designed functionality for interworking of applications between adhoc networks and the Internet, in addition to extensions to SIP-based instant messaging and presence services [8, 9]. AODV [14] is a reactive ad-hoc routing protocol. The route finding is based on broadcast network search and unicast replies of discovered paths. Packet duplicates and routing loops are identified with sequence numbering and routing table entries have a maximum lifetime. After route expiration, route discovery procedure is started. Network nodes maintain established routes and in case a link breaks on an active route, an error message is sent to the route users. A Route request (RREQ) is sent when the destination is not found from the route table or the route has expired. A node receiving a new RREQ searches its local routing table for a route to the indicated destination. If none is found, the RREQ is broadcast further. A route reply (RREP) is generated if the node is the destination of the RREQ or it has an active route to the destination. A RREP is unicast to the next hop towards the node which originated the RREQ. AODV supports global connectivity through gateways. Modified Router Solicitations and Router Advertisements advertise global IPv6 prefixes to the ad-hoc network. Service Discovery extensions [5] can be used for the services which are discovered in ad-hoc networks. Service Request (SREQ) and Service Reply (SREP) messages are used to extend AODV. To use Service Discovery extensions, the nodes must have a service binding table which includes service selector and IP address pairs with valid lifetime. When a node requires access to a service, a SREQ is included in an AODV RREQ message and broadcast through the network. The destination address is set to zero. When a node receives SREQ, it searches for a service binding. If it is found and a route to the source of the SREQ is available, a RREP with Service Reply extension is generated and the resulting SREP message is sent to the source of SREQ. If the route is not available, SREQ is re-broadcast. 2.1 Distributed Session Management In Distributed SIP (dSIP) all ad-hoc nodes incorporate a local SIP proxy and registrar [8, 9]. dSIP users register to the local SIP registrar which broadcasts a REGISTER message to the ad-hoc network. All listening SESSI nodes gain registration information into their local proxy. A SIP user list can be obtained with a local query to the local SIP registrar. The ad-hoc network registrations are separated from global registrations with an automatically added . local string in the contact address of REGISTER messages. When a user is invited to a session, local ad-hoc sessions use the local proxy and global sessions use preconfigured outbound SIP proxy/registrar. 2.2 Service Location In SLP aided SIP (sSIP), the local user registers to the local SIP registrar as with dSIP. However, instead of broadcasting REGISTER messages, the local SIP proxy registers the SIP service and SIP user as Address of Record (AOR) attribute to the local SLP daemon. SLP Service Requests for SIP service and SLP Attribute Requests for the AOR attributes are used to acquire local ad-hoc network SIP users. SLP requests can also be used to find network services like default gateway, DNS services and SIP proxies. Active mode service discovery is used as in standard SLP. Instead of active request-reply mode, a new passive mode can be used. A Service Advertisement is broadcast to the network on local service registration [8]. A new SLP Service Advertisement message is used to advertise services in the network. When lifetime is set to zero, the message can also be used to de-advertise services. Service Advertisements can be cached in forwarding nodes which cannot be done in request-reply architecture. As Engelstad et al. state [1], this seems to be very useful especially in distributed query-based environments; other results also support this functionality [6, 7, 13]. 2.4 AODV and Service Discovery Security Framework The security of SIP sessions relies on a new Authentication & Authorization (AA) module which uses asymmetric X.509 certificates for mutual authentication and confidentiality [8]. Two types of identities are used: user and group identities. The standard SLP authentication block does not allow mutual authentication and uses normal timestamps in authentication blocks. The SESSI SLP uses modified authentication blocks which include sender and group identifications and logical timestamps. Instead of calculating signatures over service specific values and timestamp, the modified SLP authentication block signature is calculated over the whole message. The authentication and confidentiality levels have their own user and group asymmetric keys. The modified authentication block is extended with plain text receiver ID and ID length fields (see Figure 1). Node I Authentication Level: Link ReEeier' ID Physical (1..N nodes) Node 2 Link SLPd: Create SLP Sgaig Message ID LeghSrieRqet(de)SLP:i~ sdreq AODVd: Check route AO DV: _11 (found: all nodes) sdreq 802.1llg: -- -> Confidentiality Level: ___________________________________________________________________ I SLP Servicesde R sde eceiver's Receiver'sRe quest Original SLPv2 Original SLPV2 Extension Block & Mesg ID edrMessage Body Authenticdation Blck)I RREQ Process sdreq H Encrypted with Sequence Encrypted with Shared Symmetric Key or Create SLP Receivers Public Key LiSymmetric Secret Key __ ~~~~~~~~~~ ~ ~~~~~~~~~~~~~~~~~~~~~~AODV Route RREQService Not encrypted Request (sdrep) [L4YReply AODVd: REPAODVd: Create RREP IBuffer sdrep Check route I I ~~~~~~11~RTS . i(none: create Original SLPv2 Extension Block & Receiver's Authentication Block LengthsLd Figure 1. Security level message structures. _RTSJ AODV Route- 3 Efficient Service Discovery with AODV ReplEP4 >4, ~~~~RREQ) - ACK ACK[~~~J~ RREP ' sdrep AODVd: Add route Send-Our work concentrated onthe integration of AODV and I RTS 011RSen ~~~~~~buffered ~RTS user bindings using SLP, the sosdrep SLP Service I~_CTS I called sSIP scheme. Our aim is to minimize the amount Reply sde of requests and traffic, taking into account the AODV and sdrep Sd:Adsrie sdrep AC link layer properties, thus, minimizing power consumption; to service list >11. ~several technical papers suggest that reactive protocols enCreate SLP Attribute able more efficient power control than proactive protocols ROVdCeques rattre attreq RT (found: Node 2) > RTS (node transceiver does not need to be active all the time). CLTttiutSTSAn example of service discovery without integrating Request AODV and SLP is shown in Figure 2. sSIP service disI ~~~~~~~~~~~aftreq attreq covery functions can be characterized to three functionaliiSLPd: Create ACK attreq ftibteRel AC Attiue el attrep ties: SLP Service Request, SLP Attribute Request and SLP aftrep ~ ~ ~ ~ ~ (at rep) E AODVd: Check tRTS Service Advertisement. Because both SLP and AODV use I [1* ~~~~~~~~~~~~~~~~~~~~~route _Y fud oe1 multicast in requests and unicast in replies, these properties SLP Attribute can be efficiently integrated. The existing proposal [5] mustRel-CTattrep be enhanced because SREQ and SREP messages are introIattrep C duced as additional routing extensions. If these service exACK tLodAddicEAO atrp atiuels tensions are used as specified, the AODV daemon in nodes must be extended to implement service discovery functions, or even a new routing table with service-destination pair. Figure 2. Network phases when service and attribute This creates additional overhead to routing. Thus, we conrequests are sent separately. sider plain flooding to be simple, yet, efficient, enough for our goal. Moreover, flooding has been shown to be very reliable and efficient compared to multicast in ad-hoc netseveral asymmetric checksums for every SLP message in works [12]-typically multicast is also sent as a broadcast the same AODV SLP extension of source. For efficiency, in many common link layers. the SESSI modified Authentication Block can be integrated The AODV SLP extension encapsulates several SLP to and used as AODV extension. There it can be used to messages into one AODV extension. The encapsulated guarantee authenticity or secrecy for all extensions and the messages are standard SLP messages with any preferred checksum can be calculated in one procedure. The Receiver combination. Services can be requested, replied or adverID authentication block trailers, described in Figure 1, are tised in the same SLP extension message. The encapsulated not needed either - the AODV destination can be used to SLP extension can be passed through an application interidentify the receiver. Moreover, the standard Authenticaface to a SLP daemon, which processes messages and offers tion Block of SLP is sufficient. The AODV Authentication replies whenever needed. Block is used as last included extension and the signature field is calculated over all AODV extensions. SLP, and querying SIP - 3.1 Authentication SESSI uses a modified Authentication Block to identify valid SLP messages. When several messages are included in one AODV message, it is not feasible to calculate 3.2 - - SLP Messages In the new coupled AODV-SLP scheme, five types of messages can be identified: Service Request (SREQ), Service Reply (SREP), Service Introduction (SINT), SerMultihop ad hooc -eernetW vice Advertisement (SADV) and Service De-advertisement fter6bh can include several different SLP Service (SDADV). SREQ Requests and SREP includes grouped SLP Service Reply bob@rode3 xdci0bff ce@node4xdcidab, i bob@nOdej3AXuClatSEa answers. SINT is used to merge several messages together, 3612 s X 0m 250!l128 e.g., SREQs and SADVs. The SINT group is useful when h0de8xdcabfi a node enters the network: all wanted services can be requested and own services advertised in a single message. Figure 4. Multi-hop ad-hoc peer-to-peer netWhen Figures 2 and 3 are compared, the main advanwork. tages of using SLP message grouping can be seen. In Figure 3, a SINT is sent to network. The overall network latency and overhead is efficiently reduced. This also tension with S I P SREQ, AOR Attribute Request and means that in contention-based network, the network overSADV for Bob's services (see Figure 5). Node8 floods all throughput will be much improved. Still, the same inthe SINT message. formation is gained from SINT as with service and attribute requests illustrated in Figure 2. Moreover, in addition to alice@node4 . ~~bob@node3 node8 I I the requests, Node 1 services are advertised to all receiving. pLPeer network nodes. E Node 1 SLPd: Create SLP Service and Attribute fl Request and Service Advertisement (SINT) SINT AODVd: Check route (found: all nodes) AODV Route Request SLP ServiceAdvertisement SLP Service Request SLP Attribute Request Link Link Physical nodes) Signaling: 802.1 l L RTS AODV Route Reply,S Repli/ SLP Service Replff SLPd: Add services and attributes to list AODVd: Add route SREP [ ACK AODV RR RR RREP + SREP AODV/SLP r1 Clhk uCTSte SREP SLPd: NT -RTS IXE EP g:L I _NVTE I SINT T Node 2 (1..N RTS SLP Attribute + SREP Process SINT Create SLP Service andI[ Attribute Reply 200 OK LI OK 200 I Aq (SREP) AODVd: Add route Buffer SREP (found: Node 1) Figure 5. Integrated session initiation. service discovery and CK CK Figure 3. Network phases when a AODVISLP integrated SINT message is sent. 2. Alice adds Bob's route to her route table and replies with an AODV SLP extension SREP message which includes Alice's Service Reply to service SIP and At- tribute Reply to attribute AOR. 3. Bob saves Alice's information and sends a SIP INAODV supports global connectivity through gateways. VITE to Alice at address sip:alice@node4.xdclab. Thus, SIP users can register to their pre-defined registrar fi.local for a session. Bob's local SIP proxy forwards servers, and initiate sessions with users outside the ad-hoc the invitation and node8 routes it further. network. If the ad-hoc network uses IPv4 and a NAT, a 4. Alice accepts the session and answers with a 200 OK SIP proxy must be located on the gateway, and its service announced to the ad-hoc network [11]. message to Bob at address. Alice's local SIP proxy forwards the 200 OK message and node8 routes it. When a user wants to start a SIP session, the SIP stack should first query the ad-hoc network for the target SIP ad5. Bob receives the confirmation and acknowledges it dress. If the user is found, the SIP session can be established with an ACK message. directly within the ad-hoc network. If the target is not found locally, and a gateway is available, a lookup can be estabcan initiate the actual applicalished through the gateway and outside SIP registrars. Afterthese ses,ithe ers used over this session tion e.g. Bob starts a MSRP client in An example of the power of our scheme in a network and Alice starts a MSRP client and connects depicted inFigure 4 isas follows:server mode, to Bob. When session is to be closed, a BYE message is 1. Bob broadcasts a SINT message as AODV SLP exsent by either of the parties. 4 Implementation and Experiments Our testbed for the design discussed above was composed of Nokia 770 Linux-based devices connected together with IEEE 802.1 Ig WLAN. An extended AODV routing daemon, SLP and SIP software were included in all ad-hoc network nodes. We used IPv6 stacks on the ad-hoc nodes, gateways, and external SIP servers, 4.1 Proof-of-concept Experiments Our experiments where composed of two phases, proofof-concept and functional experiments of our designs, and measurements for comparing decoupled AODV and SLP with our coupled approach. The proof-of-concept experiments considered (1) connectivity of nodes through a gateway with separated subnets, (2) connectivity of nodes through a gateway within the same subnet, and (3) multihop service discovery and connectivity between nodes. The environment included two laptop computers as gateway nodes which offered connectivity to outer networks SIP registration server and advertised their gateway services to the ad-hoc network. Gateways used different IEEE 802.1 Ig ad-hoc SSID on non-disturbing channels without authentication. Other ad-hoc nodes were the Nokia 770 devices with wireless networking capabilities. These nodes could move freely between ad-hoc networks and join in either one of these networks. After joining, a new registration was made to the outer SIP registration server to update location information. SIP sessions could be initiated with the other ad-hoc nodes, or through a gateway to other networks or back to the same inner network nodes. The AODV daemon was embedded in all network nodes, except the SIP registration server which was assumed to be located in the outer network. With AODV, a node did not need to be within gateway coverage area other nodes could provide connectivity if needed. Default standard AODV settings were used in the network without Hello messages. As a result of integration, a rather dynamic demonstration environment could be created. With the Nokia 770 Connectivity manager program, all ad-hoc networks in a certain area could be scanned at any time and after joining to the chosen ad-hoc network, SIP gateway and service users could be easily requested. If local users were found, they could be invited to a SIP-based chat session. If a gateway was found, other users could be reached with their SIP addresses through the gateway and SIP registration server. The AODV daemon offered multi-hop service discovery capabilities. In the measurement environment, service discovery could be done with several nodes and also over multiple hops with very low delay. 4.2 Measurements The measurement environment used was similar to Figure 4. The absolute performance of an ad-hoc network, particularly in our case the signaling performance of AODV and SLP, is totally dependent on the amount of interference and node movement. Since our aim was to compare the decoupled and coupled operation of AODV and SLP in terms of signaling load introduced into the network, we eliminated any outside interferences and background load of other user data. Thus, our measurements show a comparison of the two schemes, and a best-case operation in an unloaded network. Service discovery queries and replies were integrated as one AODV SLP extension which lowered overall service discovery query data traffic and minimized the delay of queries. The gain is less protocol headers and less individual messages. Several separated queries would add additional link, network and transport layer header overhead, and add contention for the shared wireless medium. Even though header information is only a small part of overall traffic distribution in common environments, its relative share of service discovery data is significant when the AODV SLP extension is not used. Savings of transmitted data are IEEE 802.11 (32 B), IPv6 (40 B) and UDP (8 B) headers reduced with AODV SLP extension header size (4 B). As an example, when a service request (SREQ) is flooded with one SLP Service Request and two SLP Attribute Requests and several service replies (SREPs) with one SLP Service Reply and one SLP Attribute Reply are received, the transmitted traffic gain Tg can be viewed in Equation (4) where n represents the number of replying nodes in the network, rr-eq the average request count, rep the average reply count, hreq and hrep the amount ofheader data of upper layers and c- the average hop count. With the non-integrated version (plain flooding of separated SLP messages), the service request would consist of three and the replies of two separated messages. The control traffic of different layers is not included in the equation. Xx2) x c (rkeq X hrq + r x Tintegrated (hreq + hrep x n) x c re-integrtd Tnon-integrated T Tg + Tintegrated 1) x hrq + (rra.. 1) X h X n)) x (1) (2) (3) (4) When SREQ size assumed to be 188 bytes, SREP size 96 bytes, r q = 3 and r - = 2, differences to overall traffic in one to five node environment can be viewed in Figure 6. The latencies in looking for and announcing services can be calculated with the following equations. The term i is the node internal processing delay. With our devices, the delay is very constant at around 2 ms. 32500- SIP users in the networks. All this functionality is fully dis- 30000- tributed and is therefore robust. Security frameworks are included in the system based on two distinct security services, authentication of data, and confidentiality. a) 20000 / Our scheme does not break the normal operation of the 0U 17500 S o \ NoninteqrSLP and SIP protocols. Furthermore, SIP is only used X sU 15000 8 12500 as a good and practical example, naturally any other service, e.g., gateway services, can be discovered through our 1)0007500scheme. In the future, we plan to extend our implementation to cover service location between separate networks, XDco 2500and instant messaging and presence services over SIP. Ex01 Number 2 3 4 of nodes in network periments with ad-hoc networks of tens of nodes and active users would also help us understand the scalability of the scheme. Furthermore, our solution could be integrated Figure 6. Data difference of service discovery with other ad-hoc routing protocols, such as, the proactive methods when c = 1.5. OLSR. We are specifically enthusiastic about the numerous successful proof-of-concept experiments which give us confidence to further develop the concepts presented. *- 27500= D 25000 22500- 5 (rrcq1 X RTTa,g 2 Dinegraed + (i + Dnon-integrated D9 = ((rk.q + rv,_l References Dnon-integrated x n) = x RTTa,gx 2 + x ) (i + (5) 2 /) RTTavg / xn (6) 2 Dg + Dintegrated RTTa\) - (1 + nn) (7) x i (8) The delay difference between the non-integrated and integrated solutions grows tremendeously with the size of the network. For example, if the average request-reply count is only five, our integrated solution is over five times faster than the ordinary non-integrated signaling. The time it takes for announcing the SLP services between three nodes in an empty network is very short. In our experiments, it took on average 13 ms to get an answer from the closest peer, and 20 ms from the peer two-hops away. With larger multi-hop and multi-path ad-hoc networks this delay grows exponentially. Still, we expect the delay to remain reasonable even in large networks. caused by the radio interference and background trafraioServiocaused Sevieavailability depends naturally on the packet loss by the radio interference and background traf- fic. Periodic retransmissions are used to solve the packet loss. The retransmission procedure per node could be based dynamically on an estimate of the link quality and background load, i.e., interface load. 5. Summary and Conclusions This paper showed efficient service location for wireless ad-hoc networks. AODV was extended to carry SLP service requests, and the SIP stack made use of SLP in discovering [1] P. E. Engelstad, Y Cheng, R. Koodli, and C. E. Perkins. Serdiscovery architectures for on-demand ad hoc networks. Ad Hoc & Sensor Wireless Networks, 2(1), 2006. [2] Z. Fan and E. G. Ho. Service discovery in mobile ad hoc networks. In IEEE WOWMON, pages 457-459, 2005. [3] E. Guttman, C. Perkins, J. Veizades, and M. Day. Service location protocol, version 2. RFC 2608, IETF, June 1999. [4] J. Rosenberg et al. SIP: Session initiation protocol. RFC 3261 (Standards Track), IETF, June 2002. RTTavgvice [5] R. Koodli and C. E. Perkins. Service discovery in ondemand ad hoc networks. Internet draft (work in progress), IETF, 2002. [6] H. Koubaa and E. Fleury. A fully distributed mediator based service location protocol in adhoc networks. In IEEE Globe- com, pages 2949-2953, Service location protocol overhead [7] H. Koubaa and E. Fleury.2001. in the random graph model for ad hoc networks. In ISCC, pages 49-54, 2002. [8] L. Kallstrom et al. A framework for seamless service interworking in ad-hoc networks. Computer Communications, 29:3277-3294, October 2006. S. Leggio, J. Manner, and K. Raatikainen. Secure service discovery for ad-hoc networks. In IEEE Globecom, 2006. [10] V. Lenders, M. May, and B. Plattner. Service discovery in mobile ad hoc networks: A field theoretic approach. Perva[9] sive and Mobile Computing, 1:343-370, September 2005. [11] J. Manner, S. Leggio, and K. Raatikainen. An internet sip gateway for ad-hoc networks. In IEEE IWWAN, 2006. [12] K. Obraczka and K. Viswanath. Flooding for reliable multicast in multi-hop ad hoc networks. Wireless Networks, 7:627-634, November 2001. [13] S. Penz. Slp-based service management for dynamic ad-hoc networks. In MPAC, pages 1-8, 2005. [14] C. Perkins, E. Belding-Royer, and S. Das. Ad hoc ondean ditac veto rotn rtcl F 51BF July 2003. July 2003.