Add to collection(s) Add to saved
  1. Business
  2. Accounting
  3. Managerial Accounting

PtP Links across IEEE 802 Bridged Infrastructure Omniran-13-0064-00-0000 Max Riegel NSN

advertisement 
Omniran-13-0064-00-0000
PtP Links across IEEE 802 Bridged Infrastructure
Date: 2013-08-28
Authors:
Name
Affiliation
Phone
Email
Max Riegel
NSN
+491732938240
maximilian.riegel@nsn.com
Notice:
This document does not represent the agreed view of the OmniRAN EC SG. It represents only the views of the participants listed in the
‘Authors:’ field above. It is offered as a basis for discussion. It is not binding on the contributor, who reserve the right to add, amend or withdraw
material contained herein.
Copyright policy:
The contributor is familiar with the IEEE-SA Copyright Policy <http://standards.ieee.org/IPR/copyrightpolicy.html>.
Patent policy:
The contributor is familiar with the IEEE-SA Patent Policy and Procedures:
<http://standards.ieee.org/guides/bylaws/sect6-7.html#6> and <http://standards.ieee.org/guides/opman/sect6.html#6.3>.
Abstract
The presentation introduces the requirements of point-to-point links across bridged
infrastructures and provides initial thoughts on potential solutions.
1
Omniran-13-0064-00-0000
Point-to-Point Links across
IEEE 802 bridged infrastructure
(OmniRAN Gap Analysis)
Max Riegel
NSN
2
Omniran-13-0064-00-0000
ToC
• Access Network Scenario
– Further considerations
• References for Link Requirements
• Bridged Access Network Solutions
– PtP Link Solution Approaches
• MAC-in-MAC
• MACsec
• Control Plane issues
– Link Management during a session
• Conclusion
3
Omniran-13-0064-00-0000
Access Network Szenario
SSPN = Subscription Service Provider Network
SSPN
A
SSPN
B
•
Point-to-point link behavior is required to
– Enforce all traffic passing through the SSPN
– Isolate terminal communication in a shared infrastructure
•
Mobility support is required in the bridged infrastructure
– Without impacting IP connectivity, i.e. IP session has to be maintained while moving
•
Point-to-point link state signalling required towards SSPN
4
Omniran-13-0064-00-0000
Further Considerations
• An access network may be
deployed by multiple SSPNs
– Making use of VLAN tag to
segregate access domains
• An SSPN may deploy VLANs
to differentiate services
SSPN
A
SSPN
B
– E.g. setting up dedicated VLANs for data, guest and voice
terminals
• Terminals being either end-stations or bridges eventually
deploying (C-)VLAN
– C-VLAN tag may be carried over to terminals
• Access network may be spotty and being spread across large
areas
– Making use of provider bridging to connect together disjunct
access areas
5
Omniran-13-0064-00-0000
References for Link Requirements
• 3GPP Trusted WLAN Access to EPC
TS 23.402 V11.6.0 (2013-03)
Intranet / Internet
– Support for non-seamless WLAN offload
(NSWO) or single PDN connection into EPC
– Definition of a
Trusted WLAN Access Network
• WLAN Access Network,
• Trusted WLAN AAA Proxy
• Trusted WLAN Access Gateway
Trusted WLAN AAA
Proxy
SWw
STa
WLAN
Access
Network
– Requiring a point-to-point link
S2 a
Trusted WLAN
between UE and Trusted WLAN
Access Gateway
Access Gateway across WLAN
Access Network
– Requiring also link state signaling of WLAN Access Network towards
Trusted WLAN Access Gateway
• Very similar requirements exist also in other access networks
carrying Ethernet frames between terminal and access router
– E.g. WiMAX
6
Omniran-13-0064-00-0000
Bridged Access Network Solutions
supporting point-to-point link behavior
Access Network Model – desired solution
STA
IP
DLL
PHY
AP/BS
DLL
PHY
DLL
PHY
AR/Ctrl
DLL
PHY
DLL
PHY
DLL
PHY
DLL
PHY
IP
DLL
PHY
Access Network Model – nowadays real world solution
STA
IP
DLL
PHY
AP/BS
DLL
PHY
ETH
GRE
IP
ETH
PHY
GW
ETH
PHY
ETH
PHY
ETH
GRE
IP
ETH
PHY
ETH
PHY
AR/Ctrl
IP
ETH
PHY
7
Omniran-13-0064-00-0000
PtP Link Solution Approaches
• Establish dedicated VLAN for each terminal
– Q-in-Q
• Scalability issue, max 4094 ptp links may not be enough
– MAC-in-MAC
• Seems to be feasible, for further study
• Establish secured connection for each
terminal across bridged infrastructure
– MACsec
• Seems to be feasible, for further study
8
Omniran-13-0064-00-0000
MAC-in-MAC (Provider Backbone Bridging)
Some Thoughts
• AP/BS effectively representing ‘BEB’
• Link identified by B-SA + I-SID
– B-SA uniquely correlated to terminal MAC address
• Would it work using terminal MAC as B-SA (C-SA = B-SA)?
– B-DA represents access router peer
– I-SID for further study;
• Mobility support by learning B-bridges
• How would link establishment be done?
– Which protocol to use to dynamically configure PBBN?
• Link state signaling?
• Security threats by dangling entries in filtering
database in B-bridge?
9
Omniran-13-0064-00-0000
MACsec
Some Thoughts
• MACsec establishes single hop across multiple bridges
• MACsec peers are terminal specific port in AP/BS and access
router at the border of the access network
• Control protocol by 802.1X
– EAP based establishment of security association
• How to tie with EAP based access authentication
– Well defined link state management
• Mobility support?
– Wouldn’t be a kind of 802.11r applicable to MAC sec ptp links?
• Scalability and performance issues
– MACsec Ys well distributed on AP/BS side, however the entity at
the access router peer may have to handle a huge number of
sessions.
– MACsec without confidentiality to keep performance
requirements low?
10
Omniran-13-0064-00-0000
Dynamic PtP Link management adds to the
Control Plane
Terminal
Core
Access Network
Service
Control Plane
Scanning
Network Selection
Association
Authentication
Link Establishment
Host Configuration
Application
User Plane
Application
Application
Transport
Transport
Network
Data Link
Data Link Data Link
Physical Physical
Physical
Medium
Data Link Data Link
Physical Physical
Data Link
Physical Physical
Medium
Medium
Network
Network Network
Data Link Data Link
Physical
Medium
Scope of IEEE 802
11
Omniran-13-0064-00-0000
Link Management during a session
Access Network
ANQP
Scanning
AAA
DHCP
Policy
Configuration
Application
Network Selection
Association
Authentication
Authorization
Link Establishment
Accounting
Host Configuration
Application
Policy Control
Link Mobility
Application
Host Config Release
Disassociation
Link Teardown
Accounting
Access Technology
Control I/f
12
Omniran-13-0064-00-0000
Conclusion
• Point-to-point links across bridged infrastructures
are feasible
• MACsec seems to provide the more promising
approach for realization of ptp links
– Well suited control protocol available by 802.1X
– Works across any bridged infrastructure
• Creates single hop over multiple bridges
– Well defined link state signaling and management
– Further investigations necessary regards mobility
support.
• Proposed next step: create a detailed functional
description based on MACsec
13
Related documents
September 7, 2010 PHY 741 – Problem Set #6
September 7, 2010 PHY 741 – Problem Set #6
Lakeside Intermediate School Fifth Grade Mr. Backer`s Class
Lakeside Intermediate School Fifth Grade Mr. Backer`s Class
Phy 133: Things to know:
Phy 133: Things to know:
Download
advertisement