The IEEE 802.11s Mesh Networking Amendment Dan Harkins Guido R. Hiertz
advertisement
The IEEE 802.11s Mesh Networking Amendment 2011-03-14 – IEEE 802 plenary meeting – Singapore IEEE doc. 11-11-0380-00 Dan Harkins Guido R. Hiertz ARUBA NETWORKS Dee Denteneer Kazuyuki Sakoda PHILIPS Guenael Strutt POWERWAVE TECHNOLOGIES PHILIPS SONY Jarkko Kneckt NOKIA Michael Bahr SIEMENS AG 2 Outline Motivation Introduction to 802.11s Usage scenarios 802.11s architecture The Mesh BSS – Mesh Discovering – Peering – Security Multi hopping – Path selection (reactive) – Power save – Radio resource management MBSS connected to external STAs Wrap up Conclusion 3 Motivation for the tutorial STA L STA P AP STA STA M M AP STA STA M M P STA 4 Why a tutorial? 2nd recirculation Sponsor Ballot completed March 5 with 95% approval rate Timeline targets approval to forward to ExCom by July 2011 STA L STA P AP STA STA M M AP STA STA M M P STA 5 Outline of the tutorial • What’s new in 802.11s? • Design principles • Topologies of increasing complexity Lightweight, low power nodes Wireless backhaul Interworking P AP STA M Mesh network STA L STA P AP STA STA M M AP STA STA M M P M AP M STA STA range extension STA L STA STA STA M P STA STA Infrastructure networks Peer-to-peer island 6 Introduction to Mesh STA L STA P AP STA STA M M AP STA STA M M P STA 7 Benefit #1: it’s wireless! Can form larger scale wireless network without adding wired backhaul – Networked devices go where wires cannot AP M AP M AP AP M STA L STA P AP STA STA M M M AP STA STA M M P STA 8 Benefit #2: it’s self-forming! Network grows as devices are added – Coverage is expanded with minimal configuration M M M M M M M M M M M M STA L STA P AP STA STA M M AP STA STA M M P STA 9 Benefit #3: it’s self-healing! Resilient to single point of failure – Network continues to operate during maintenance M M Out of service M M M M M M M Out of service M M M 10 Benefit #4: it has no hierarchy! Can deploy, extend, modify, and pullout the wireless network easily with minimal cost/overhead Mesh stations can be client devices – True ad hoc networking with relaxed range restriction – No (re-)configuration delays because there is no need to define a master station or cluster “Infrastructure” mesh stations can be deployed, upgraded, replaced or removed regardless of role 11 Usage Scenarios STA L STA P AP STA STA M M AP STA STA M M P STA 12 IEEE 802.11s Mesh Usage Scenarios 1 3 5 Residential / Home Office Siemens-Pressebild / Siemens Press Picture Industrial / M2M 2 4 University Campus Community Area Park Area 6 Smart Metering/ Smart Grid Campus/Community/Public Access P AP STA STA M M Public Safety/Emergency STA L STA AP STA STA M M P STA pictures (1)(2)(3)(4) IEEE doc 11-04/0662r16, (5) Siemens Press Picture, (6) IEEE doc 11-09-1313r5 13 Backhaul Mesh wired LAN STA AP STA STA STA L P M M M AP STA STA M P STA •Campus/ Community/Public 2 Access 3 •Office •Industrial 5 •Smart Metering/ Smart Grid 6 14 Client Mesh wired LAN STA L STA P AP STA STA M M AP STA STA M M P STA •Home Networks •Emergency/Public Safety •Industrial/M2M •Smart Metering/Smart Grid 1 4 5 6 15 Mixed (backhaul & client) Mesh wired LAN STA L STA P AP STA STA M M AP STA STA M M P STA •Home Networks •Office •Emergency/ Public Safety 1 3 4 16 The 802.11s architecture Extensions required for multi-hop communications STA L STA P AP STA STA M M AP STA STA M M P STA 17 What has changed on the inside? 802.11 STA 802.11 Mesh STA New Mesh Functions 3 802.1X Peering Management Addressing Same frame format Addressing + Mesh Ctrl EDCA EDCA reusable PHY No H/W change Association SAE 1. 2. 3. 802.1X Needed serious improvements (IBSS replacement, safe disassociation, instance management etc.) 2 SAE EDCA MCCA 2 1 PHY MCCA provides much-needed determinism SAE provides much-needed 802.11-based security New mesh functions include routing, power management, synchronization … STA L STA P AP STA STA M M AP STA STA M M P STA 18 Nothing has changed from the outside MSDU source MSDU destination MSDU MAC SAP MPDU Mesh Mesh STA 4 STA 6 Mesh Mesh STA 7 STA 1 Mesh STA 5 Mesh Mesh Mesh STA 2 STA 8 STA 3 Mesh mesh BSS (MBSS) STA 10 Mesh STA 9 Mesh STA 11 Transparent forwarding to/from any 802 STA STA L STA P AP STA STA M M AP STA STA M M P STA 19 The Mesh BSS Mesh Discovery Peering Mesh Security 20 Mesh discovery When a STA boots up, it first locates neighbor mesh STAs Reuse traditional mechanism in 802.11 – Passive scan (use beacon frames) – Active scan (use Probe request/response) Is there anybody out there? M M M I am here! M I am here! STA L STA P AP STA STA M M AP STA STA M M P STA I am here! M 21 Mesh discovery (cont’d) The “Mesh profile” uniquely identifies the network – “Mesh ID” (Information Element in mgmt. frames): Octet string identification of the network, similar to SSID – Other active attribute identifiers: the active protocol set Mesh Profile of STA-A Supplemental information: – “Connected to gate” – “Number of mesh peerings” STA L STA P AP STA STA M M AP STA STA M M P STA Mesh Profile of STA-B 22 Mesh Peering A distributed, non-hierarchical, and non-exclusive agreement to communicate Each mesh STA manages its own peerings with other mesh STAs Peering Establishing Protocol – A true peer-to-peer protocol – Each side offers and agrees to parameters that define the terms of the peering and govern communication – Two modes for secured peering (AMPE) or unsecured peering (MPM) STA L STA P AP STA STA M M AP STA STA M M P STA 23 How is peering done Capability check via profile matching A peering has attributes that must be agreed upon – Each side must make an offer of attributes to use for a potential peering – Each side must confirm the agreed-upon attributes that define the peering After each side has offered and confirmed agreement, the peering is established Each side can initiate a peering and both sides can initiate the peering simultaneously STA L STA P AP STA STA M M AP STA STA M M P STA 24 How Peering is Done Initiator Responder offer offer confirm confirm STA L STA P AP STA STA M M AP STA STA M M P STA 25 How Peering is Done Initiator Responder offer offer confirm confirm STA L STA P AP STA STA M M AP STA STA M M P STA 26 How Peering is Done Initiator Initiator offer confirm STA L STA P AP STA STA M M AP STA STA M M P STA offer confirm 27 Mesh Security– Simultaneous Authentication of Equals (SAE) Peer-to-Peer – Non-hierarchical, mutual authentication Uses only a password Resistant to attack – Can use short, easyto-remember, weak passwords – Sharing a password among mesh points does not lessen security STA L STA P AP STA STA M M AP STA STA M M P STA Distributed – No centralized server Robust security – Misuse-resistant A standard RSN authentication method for all of 802.11 – Can be as a drop-in replacement to WPA(2)-PSK in BSS, IBSS, and PBSS networks – Fixes well-known security problem! 28 How SAE is performed AKM advertising support for SAE in RSN IE in beacons and probe responses SAE is after discovery but before peering or association Uses 802.11 authentication frames Simple two message exchange – Same type of exchange used for peering Each side first commits to a guess of the password Each side then confirms its guess and verifies the peer’s guess – Successful termination results in a PMK – Unsuccessful termination does not leak any information about the password STA L STA P AP STA STA M M AP STA STA M M P STA 29 Establishing Secure Peerings Discovery – Identifies peer SAE – Derives shared key AMPE – Establish peering Subsequent traffic is protected STA L STA P AP STA STA M M AP STA STA M M P STA 30 Mesh Peering: A Better Approach to Peer-to-peer networking Better than Bluetooth – Easy-to-use, ad-hoc, auto-discovery – Secure peering with short key – High speed data transfer between peers Secure, direct, link establishment – No pre-provisioning or “protected setup” necessary – Link is directly established between the peers without need for role determination – The right tool for the right job STA L STA P AP STA STA M M No need to implement functionality of multiple roles (e.g. STA and AP) Security is integrated into link establishment AP STA STA M M P STA 31 Multi-hopping in the Mesh BSS Path selection (reactive) Power save Radio resource management Wireless Mesh network = multi-hop topology ≠ master-slave topology 32 Path Selection Determines paths from source mesh STA to destination mesh STA in an MBSS, possibly over multiple hops Paths are stored in forwarding information HWMP, the Hybrid Wireless Mesh Protocol, is the mandatory default path selection protocol Path selection extensibility framework for use of other path selection protocols Active path selection protocol indicated by path selection protocol identifier in Mesh Configuration IE HWMP can be always configured for interoperability STA L STA P AP STA STA M M AP STA STA M M P STA 33 Hybrid Wireless Mesh Protocol (HWMP) Default Routing protocol in 802.11s Reactive path selection as basic path selection mechanism (always available) – path is only established if needed (on-demand) – no path selection control traffic if no data is sent – on-demand path discovery mechanism – works with arbitrary path selection metrics Proactive path selection tree to designated mesh STAs (can be configured at root mesh STAs) described later STA L STA P AP STA STA M M AP STA STA M M P STA 34 Path Discovery in HWMP Path Request (PREQ) O A T B E C PREQ reverse path PREP forward path STA L STA P AP STA STA M M AP STA STA M M P STA D F O – Path Originator T – Path Target 35 Forwarding info @ “D“ after PREQ Destination Mesh STA Address O Destination HWMP Sequence Number 14 Next Hop Address C Precursor List link metric (O-A) + link metric (A-B) + link metric (B-C) + link metric (C-D) Path Metric Number of Hops 4 Lifetime of Forwarding Information STA L STA P AP STA STA M M AP STA STA M M P STA <lifetime> 36 Path Discovery in HWMP Path Reply (PREP) O A T B E D F C PREQ reverse path PREP forward path STA L STA P AP STA STA M M AP STA STA M M P STA O – Path Originator T – Path Target 37 Forwarding Info @ “D” after PREP O T 14 2011 recipient for forwarding C E PERR forwarding, loop prevention (E, <lifetime>) (C, <lifetime>) link metric (O-A) + link metric (A-B) + link metric (B-C) + link metric (C-D) link metric (T-F) + link metric (F-E) + link metric (E-D) 4 3 <lifetime> <lifetime> Destination Mesh STA Address loop prevention Destination HWMP Sequence Number Next Hop Address Precursor List best quality path Path Metric Number of Hops timeout of unused forwarding information Lifetime of Forwarding Information STA L STA P AP STA STA M M AP STA STA M M P STA 38 The Simplest Path Discovery O PREQ PREP T PREP T … easily extensible PREQ O STA L STA P AP STA STA M M AP STA STA M M P STA 39 Further Features of HWMP Path repair – If path gets disrupted, Path Error (PERR) is generated at link break and propagated towards source mesh STA – Source mesh STA set ups new path to destination mesh STA – PERR used for indication of different error conditions STA L STA P AP STA STA M M AP STA STA M M P STA Non-forwarding mesh STA – Is only mesh source or mesh destination but does not forward frames for other mesh STAs – Participates in HWMP, but does not propagate HWMP control messages – Increases the risk of disconnected MBSS 40 Frame format So… What do we do with this forwarding information? 2 Octets 2 Octets 6 Octets 6 Octets 6 Octets 2 Octets 6 Octets 2 Octets 4 Octets 0-7955 Octets 4 Octets Frame Control Duration/ID Address 1 Address 2 Address 3 Sequence Control Address 4 QoS Control HT Control Body FCS Receiver Address Mesh Transmitter Destination Address Address Mesh Source Address Mesh Control 6, 12, 18, or 24 Octets 1 Octet Mesh Flags 2 Bits Address Extension Mode 1 Octet 4 Octets 0, 6, 12, or 18 Octets Mesh Time To Live (TTL) Mesh Sequence Number Mesh Address Extension 6 Bits Reserved Mesh Source Address Destination Address Mesh Control field provides address extension (six addresses), TTL, & Sequence Number Mesh Control field is encrypted as part of data STA L STA P AP STA STA M M AP STA STA M M P STA Source Address 41 Multi-hopping in the Mesh BSS Power save in the Mesh BSS Wireless Mesh network = multi-hop topology ≠ master-slave topology 42 Power save Optimized power consumption for the whole network – Any device may operate in power save – Power constrained devices limit forwarding and minimize power consumption Instant power-up Relaxed transition to sleep – Deep & light sleep – Good responsiveness of the network STA L STA P AP STA STA M M AP STA STA M M P STA 43 Interaction between power save and forwarding Frames are buffered for Power save mesh STAs Power saving mesh STAs can limit participation in forwarding: – Mesh STA may limit the amount of peerings – Mesh STA may operate in non-forwarding mode Only create paths for own traffic – Link metrics may account for power constraints STA L STA P AP STA STA M M AP STA STA M M P STA 44 Power save and peerings Each mesh peering consists of two mesh power modes: – Local mesh power mode, a promise to the peer – Peer mesh power mode, a promise by the peer Power modes of different mesh peerings are independent from each other Mesh STA may operate in Doze state (radio off) only if no peering requires operation in Awake state (radio on) STA L STA P AP STA STA M M AP STA STA M M P STA 45 Mesh power modes Mesh STAs communicate their mesh power mode for each link: – Active mode Mesh STA available at any time – Light sleep mode Monitoring peer STA beacons Responsible to fetch buffered data – Deep sleep mode Not monitoring peer STA beacons Not responsible for fetching buffered data STA L STA P AP STA STA M M AP STA STA M M P STA 46 Link-specific mesh power modes Mesh power mode can be set dynamically “per link” Weak link M3 M4 Active mode M1 Light sleep mode M2 Safe link STA L STA P AP STA STA M M AP STA STA M M P STA M5 Deep sleep mode 47 Power save details Going to active mode is safe – Transmissions cannot be missed, i.e. signaling is done with group- and individually-addressed frames Going to power save is less safe – Transmissions may be missed if peer is assumed to be available, i.e. individuallyaddressed frames are used The service periods maintain power saving devices available during the individually addressed data transmission STA L STA P AP STA STA M M AP STA STA M M P STA 48 Multi-hopping in the Mesh BSS Topics in radio resource management Wireless Mesh network = multi-hop topology ≠ master-slave topology 49 Radio resource management Main challenges: – Hidden node problem mitigation – Distributed management – Minimize and localize the effect of topology dynamics Some topics from 802.11s radio resource management – Robust neighbor discovery – Distributed resource reservation – Synchronization STA L STA P AP STA STA M M AP STA STA M M P STA 50 Hidden node problem Interference STA2 STA1 STA4 STA3 MBCA mitigates beacon collisions in 2 hop range MCCA enables distributed reservation access STA L STA P AP STA STA M M AP STA STA M M P STA 51 Mesh Beacon Collision Avoidance (MBCA) Beacon protection from hidden nodes – Passive scan, power management, and distributed reservation (MCCA) rely on Beacon frames – Need to protect from the interference from hidden nodes – MBCA provides a tool for the mitigation – MBCA reports on Beacon frames even beyond the MBSS STA L STA P AP STA STA M M AP STA STA M M P STA 52 Distributed resource reservation (MCCA) MCCA (MCF coordinated channel access) enables allocation of deterministic channel time without central coordinator Deterministic channel access (i.e., TDMA type of channel assignment) is more efficient in some cases OK. I am receiving traffic from I will reserve channel for mesh STA1 from 6am to 7am in my local time. Please confirm if it is OK. STA1 STA2 P AP STA STA M M AP STA STA M STA4 STA L STA mesh STA4 from 7:30am to 9:30am. Please do not interfere. M P STA STA3 53 Distributed resource reservation (MCCA) After the negotiation process, orthogonal channel time will be allocated for MCCAOP owner DTIM Interval (DTIM duration) / (MCCAOP Periodicity) Offset t MCCAOP Duration MCCAOP of mesh STA k STA L STA P AP STA STA M M MCCAOP of mesh STA n AP STA STA M M P STA 54 Synchronization 802.11s defines the default synchronization method “Neighbor Offset Synchronization” – Do not have “global timer” in the network – Each node runs its own TSF timer and manages the time differences between its neighbors – Try to minimize the impact of topology changes Time difference to STA1: -09:15:15 STA3: +06:27:12 Time difference to STA2: +09:15:15 STA2 Local time: 09:27:50am STA1 Local time: 00:12:35am STA L STA P AP STA STA M M AP STA STA M M P STA Time difference to STA2: -06:27:12 STA3 Local time: 03:55:02pm 55 MBSS with mesh gates connected to external STAs Proactive path selection Mesh gate & proxy 6-address frame format 56 Proactive routing A proactive routing functionality is necessary because – Certain nodes are gateways to other networks and faster path setup can be ensured – Some nodes receive more traffic than others Proactive routing is centered around a root node, which may (or may not) be a mesh gate Two methods are available: Recall the PREQ: •Broadcast propagation •Unicast destination Proactive PREQ All reverse paths are established with one PREQ message – Broadcast propagation – Broadcast destination Forward path is established (normally) with a PREP – On-demand, or proactively (configurable) STA L STA P AP STA STA M M AP STA STA M M P STA Proactive RANN Reuses the PREQ messages – Unicast propagation – Unicast destination A Root Announcement message provides a set of candidate paths Reverse path is established (normally) with a PREP 57 Forwarding information Proactive Path Request Node A C Node C Dest. NH M Dest. NH M R R 1 R R 1 Destination address R Node D A D Node B Dest. NH M Dest. NH M R R 2 R A 2 B Next hop node Node E E PREQ Dest. NH M R D 2 reverse path forward path is created as in reactive method STA L STA P AP STA STA M M AP STA STA M M P STA • on-demand (only when needed) • immediately (proactive) • configured at root mesh STA R – Root 58 Proactive Root Annoucement R A G B E D F C RANN candidate path STA L STA P AP STA STA M M AP STA STA M M P STA No forwarding information affected R – Root 59 Unicast Path Request T A O B E D F C PREQ reverse path PREP forward path STA L STA P AP STA STA M M AP STA STA M O – Path Originator T – Path Target M P STA PREP method is unchanged 60 Proxy STAs that are outside the MBSS are reached through a proxy Mesh STA (gate) Proxy information is carried through PREQs and PREPs – The originator STA does not know whether the target is inside or outside the MBSS until the PREP is received Proxy information can also be communicated via Proxy Updates STA L STA P AP STA STA M M M AP STA STA M P STA 61 Path Request with Proxy info Node O Dest. Proxy T P Intermediate nodes don’t need to know about external addresses O Node O Dest. NH M P A 7 A P B In the example, the reverse path has already been created P AP STA STA E D reverse path PREP forward path STA M M M F C PREQ L STA T AP STA STA M P STA O – Path Originator T – Path Target P – Mesh Proxy 62 End to end 802 communication SA mesh SA link STA 33 Portal Gate Mesh TA mesh link STA 1 802.x LAN Mesh STA 4 RA Mesh mesh link STA 6 mesh DA mesh link Mesh DA Gate STA 2 mesh path end to end 802 communication Transmitter Address Mesh STA 6 Mesh STA 4 STA L STA P AP STA STA M M M AP STA STA M P STA Mesh Destination Address Mesh STA 2 Mesh Source Address Mesh STA 1 link STA 22 infrastructure BSS mesh BSS (MBSS) Receiver Address AP STA 17 Destination Address Source Address STA 22 STA 33 63 Wrap Up 64 û The big picture … û 802.3 J Gate C Gatel B Mesh STA C Mesh STA B 802.3 Gate D Internet router Mesh STA D Mesh STA Y Mesh STA E SS B Portal E AP L BSS L Mesh STA Y SS A A B Gate A Mesh STA G Mesh STA F Mesh STA A Mesh BSS 802.16 Mesh STA K Mesh STA J AP K E Mesh STA U D BSS K Mesh STA W Mesh STA V 802.11s Mesh Link (forwarding, may be part of a mesh path) 802.11s Mesh Link (non-forwarding) P AP STA STA M M 802.11 link within Basic Service Set (BSS) STA L STA Link released after transitioning to new location AP STA STA M M P STA C BSS M B Mesh STA H BS C AP M 65 One broadcast domain The 802.11s mesh appears as a single, logical broadcast domain Support for spanning tree guarantees loop free connectivity with external networks û AP STA STA M M 802.3 Mesh STA Y SS B Portal E AP L BSS L SS A A Mesh STA G BS C Mesh STA F Mesh STA A Mesh BSS Mesh STA K Mesh STA J AP K E Mesh STA U STA STA C BSS M B Gate A 802.16 AP M B Mesh STA H D BSS K Mesh STA V M P Mesh STA E Mesh STA Y Mesh STA W AP Internet router Mesh STA D STA M Mesh STA C Gate D STA L P J Gate C Gatel B Mesh STA B – Gates B&C blocked STA û 802.3 66 Transparent integration Via Gate D, 802.3 station J integrates transparently with the 802.11s mesh û Mesh STA C 802.3 Gate D Mesh STA Y SS B BSS L A Mesh STA G BS C STA Mesh BSS Mesh STA K STA STA M Mesh STA F Mesh STA A Mesh STA J AP M P STA C BSS M B Gate A 802.16 AP M B Mesh STA H STA M M Portal E AP L SS A L AP Mesh STA E Mesh STA Y AP K E D BSS K Mesh STA V STA Internet router Mesh STA D Mesh STA W P J Gate C Gatel B Mesh STA B Mesh STA U STA û 802.3 67 Works as Distribution System Medium The 802.11 concept relies on a central AP that forms a Basic Service Set (BSS) Interconnected by 802.11s & 802.3, stations can transition to and from APs K, L & M within BSSs K, L & M, respectively STA AP STA STA M M M û 802.3 J Gate C Gatel B Mesh STA C Mesh STA B 802.3 Gate D Internet router Mesh STA D Mesh STA Y SS B Mesh STA E Portal E AP L BSS L Mesh STA Y SS A A Mesh STA G BS C Mesh STA F Mesh STA A Mesh BSS Mesh STA K Mesh STA J AP K E Mesh STA U D BSS K Mesh STA W Mesh STA V AP STA STA M P STA C BSS M B Gate A 802.16 AP M B Mesh STA H STA L P û 68 Mobility within the Mesh û 802.11s enables a mobile Mesh STA Y to establish a new mesh link to Mesh STA C and to release mesh links to Mesh STAs A and H û 802.3 J Gate C Gatel B Mesh STA C Mesh STA B 802.3 Gate D Mesh STA Y SS B Mesh STA E BSS L SS A A Mesh STA G BS C Mesh STA F Mesh STA A Mesh BSS AP K E Mesh STA U D BSS K Mesh STA W Mesh STA V STA L AP STA STA M M AP STA STA M M P STA C BSS M B Gate A 802.16 AP M B Mesh STA H Mesh STA K P Portal E AP L Mesh STA Y Mesh STA J STA Internet router Mesh STA D 69 Mesh Networking û Owing to its mesh capabilities, Mesh STA U connects simultaneously to the printer Mesh STA W, the storage device Mesh STA V and maintains internet connectivity via Mesh STA J. P AP STA STA M M AP 802.3 Internet router Mesh STA D Mesh STA Y SS B Mesh STA E Portal E AP L BSS L Mesh STA Y SS A A Mesh STA G BS C Mesh STA F Mesh STA A Mesh BSS Mesh STA K Mesh STA J AP K E Mesh STA U D BSS K Mesh STA W Mesh STA V STA C BSS M B Gate A 802.16 AP M B Mesh STA H STA M P Mesh STA C Gate D STA M J Gate C Gatel B Mesh STA B STA L STA û 802.3 However, as a non-forwarding mesh device, it does not interconnect Mesh STAs W, V and J. 70 Transient Network 802.11s mesh integrates with other 802 networks (802.3, 802.16 etc.) û Mesh STA C 802.3 Gate D Mesh STA Y SS B AP STA STA M M Portal E AP L BSS L SS A A Mesh STA G BS C Mesh STA F Mesh STA A Mesh BSS Mesh STA K Mesh STA J AP K E Mesh STA U AP STA M P STA C BSS M B Gate A 802.16 AP M B Mesh STA H STA M Mesh STA E Mesh STA Y STA L Internet router Mesh STA D D BSS K Mesh STA V P J Gate C Gatel B Mesh STA B Mesh STA W STA û 802.3 71 Conclusion Transparent integration of other 802 networks Minimal manual configuration needed No change to 802.11 hardware – All-software solution STA L STA P AP STA STA M M AP STA STA M M P STA Opens up new markets – Standardized range extension – Collaborative networks Truly ad hoc Solves old problems – Peer-to-peer – Authentication
