Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
MobileNAT(Mobility across Heterogeneous
Address Spaces)
Presented by Kundan Singh(Columbia University)
Joint work with Milind Buddhikot,Adiseshu Hari and Scott Miller
AgendaMotivationArchitectureImplementationComparison with current approachesSummary
(26 slides, 60 min)
30-Aug-02 2
Current Trends
Explosive growth in connected devicesHeterogeneity• Access: 802.11, 3G,
Ethernet• Provider• Address space
IPv4 vs IPv6Public vs Private
802.11
3G
Private address
30-Aug-02 3
NATPublic Addr A
The goal
Private AddressSpace
Internet
NAT
802.11802.11 Ethernet
PDSN
NAT
RoutedIP Network
www.cnn.com
(1) (2)
(3)
(4)
(5)
Preserve session for1. inter access-point2. inter sub-net3. inter-NAT4. to 3G network5. to public network
Access-point
Router
Router with NAT
MobileNAT(Mobility across Heterogeneous
Address Spaces)
Presented by Kundan Singh(Columbia University)
Joint work with Milind Buddhikot,Adiseshu Hari and Scott Miller
AgendaMotivationArchitectureImplementationComparison with current approachesSummary
30-Aug-02 5
Problem with IP address
IP address overloaded• Host identification• Routing information
Change in IP address breaks TCP/socket connection
128.59.16.149
135.180.32.4
128.59.16.149135.180.32.480 1733
135.180.32.4128.59.16.1491733 80
TCP association
MN(mobile node)
CN (corresponding node)
135.180.54.7
135.180.54.7128.59.16.1491733 80
movesMN
30-Aug-02 6
Two addresses
Two IP addresses• Virtual IP (fixed host-id)• Actual IP (routable; changes)
128.59.16.149
135.180.32.6 A=135.180.54.7
128.59.16.149135.180.32.480 1733
135.180.32.4128.59.16.1491733 80
135.180.32.4128.59.16.1491733 80
moves
V=135.180.32.4
Actual IP
Virtual IP
MN MN
CN
ApplicationSocket
TCP/UDPIP
Addr “A”
Shim Layer
Addr “V”
Net IF
Anchor node (AN)
30-Aug-02 7
Packet forwarding mechanisms:tunneling or translation
Tunneling• Outer: CN=>A or HA=>A• Inner: CN=>V• Header overhead
128.59.16.149
A=135.180.54.7
moves
V=135.180.32.4
128.59.16.149
A=135.180.54.7
moves
V=135.180.32.4
128.59.16.149135.180.32.4
128.59.16.149135.180.32.4
128.59.16.149135.180.54.7
128.59.16.149135.180.32.4
128.59.16.149135.180.54.7
MN
CN
MN
CN
AN AN
Translation• More processing overhead• Not an issue if NAT1 is
already present
1NAT is described later
30-Aug-02 8
Address allocation using DHCP
Virtual and actual IP allocated using DHCPNew DHCP options• MN sends current virtual IP
address (or 0.0.0.0 if none) in the request
• Server sends the allocated actual and virtual IP addresses in the response
• Actual IP is allocated based on relay agent IP
10.0.1.5
10.0.1.x
DHCP server
DHCP relay agent
10.0.2.9
10.0.2.x
10.0.2.2
30-Aug-02 9
Overview of NA(P)T
NATPublic Addr135.180.32.1-7
Private Address Space(10.0.0.0-10.255.255.255)
Internet
128.59.16.149
CN
10.0.1.5
10.0.1.x 10.0.2.x
10.0.7.x
Packet processing rules need to be changed in the event of mobility
10.0.1.5128.59.16.1491756 80
135.180.32.4128.59.16.1497088 80
out
In-1
Packet processing rule
30-Aug-02 10
Mobility manager and MIDCOM
NAT
Internet
10.0.1.5
10.0.1.x 10.0.2.x
MIDCOM to control NAT rulesMobility manager IP in DHCP response
relay relay
relay
DHCP server
Mobility manager
Change of leaseNAT rules
30-Aug-02 11
Example
Address assignmentPacket flow when MN is private and CN is publicMN moves to a new subnetPacket flow after mobility to a new subnetPacket flow when MN and CN are in the same NAT domainPacket flow when MN is private and CN is public and MN moves to new NAT domain
30-Aug-02 12
Address assignment
NAT
Internet
DHCP server
DHCP request(my virtual IP = 0.0.0.0)(my Mac address)
DHCP response(your virtual IP = 10.128.0.2)(your actual IP = 10.0.1.5)
DHCP server
Mobility manager
NAT
30-Aug-02 13
Packet flow
NAT picks up an external IP and port
NAT
(1)
(2) (3)
135.180.32.4:708810.0.1.5:1756
CN
Internet
Application
Socket
TCP/UDP
IP
Addr “A”
SHIM LayerAddr “V”
Net IF
10.0.1.5:1756
10.128.0.2:1756
10.128.0.2128.59.16.1491756 80
10.0.1.5128.59.16.1491756 80
135.180.32.4128.59.16.1497088 80
128.59.16.14910.128.0.280 1756
128.59.16.14910.0.1.580 1756
128.59.16.149135.180.32.480 7088
Shim
Shim NAT
NAT
30-Aug-02 14
Inter-subnet mobility
NAT
CN
Internet
DHCP server
DHCP request(my virtual IP = 10.128.0.2)(my Mac address)
DHCP response(your virtual IP = 10.128.0.2)(your actual IP = 10.0.2.7)
DHCP server
Mobility manager
10.0.1.x
10.0.2.x
S:10.0.1.5:1756 D:128.59.16.149:80S:135.180.32.4:7088 D:same
change
10.0.2.7
NAT rules
30-Aug-02 15
Packet flow after the node moves
MN application or CN do not know about change in actual IP
NAT
(1)
(2)
(3)
135.180.32.4:708810.0.2.7:1756
CN
Internet
10.128.0.2128.59.16.1491756 80
Application
Socket
TCP/UDP
IP
Addr “A”
SHIM LayerAddr “V”
Net IF
10.0.2.7128.59.16.1491756 80
135.180.32.4128.59.16.1497088 80
128.59.16.14910.128.0.280 1756
128.59.16.14910.0.2.780 1756
128.59.16.149135.180.32.480 7088
Shim
Shim NAT
NAT
30-Aug-02 16
Intra-domain sessions
Optimization: new signaling message between two MobileNAT clients to route the packets directly
NAT
V=10.128.0.2A=10.0.1.5
A=10.0.4.9
MN
CN
V=10.128.0.2A=10.0.2.7
MNMoves
30-Aug-02 17
Inter-domain mobility
Mobility manager of visited NAT fetches the existing connection mapping from mobility manager of the home NATIf MN moves to public address space, Shim layer acts as visited NATDynamic home agent: use visited NAT as home NAT for new sessionTunneling between visited and home NAT
Home NATCN
Internet
Visited NAT
MN
MN
moves
MobileNAT(Mobility across Heterogeneous
Address Spaces)
Presented by Kundan Singh(Columbia University)
Joint work with Milind Buddhikot,Adiseshu Hari and Scott Miller
AgendaMotivationArchitectureImplementationComparison with current approachesSummary
30-Aug-02 19
Implementation: client (Win XP)
Shim-layer driver to capture DHCP packets and translate IP addressesMobileNAT client application acting as DHCP client and serverHandles ARP for nodes in other sub-nets
ApplicationSocket
TCP/UDPIP
Addr “A”
Shim LayerAddr “V”
Net IF
MobileNATClient
Server Client
10.128.0.2 /255.0.0.0
10.0.1.5 /255.255.255.0
MobileNATClient
MobileIP Client
Network and interface selector
DHCP server - client
Unified mobility client (on-going work)
30-Aug-02 20
Implementation: DHCP server and NAT (Linux)
DHCP server
PRE-ROUTINGDestination NAT
POST-ROUTINGSource NAT
NAT connectiontrackingVirtual IP range
Actual IP range
DHCP server to allocate virtual and actual IPActual IP is based on subnet of DHCP relay agentMM is integrated into DHCP serverNAT using netfilter, iptables, ip_conntrack and ip_natmodules
MobileNAT(Mobility across Heterogeneous
Address Spaces)
Presented by Kundan Singh(Columbia University)
Joint work with Milind Buddhikot,Adiseshu Hari and Scott Miller
AgendaMotivationArchitectureImplementationComparison with current approachesSummary
30-Aug-02 22
Similarities/Differences with current proposals
Translation mode vs. tunneling• Packet size vs processing overhead• Two addresses per MN; can afford since private addresses• No external FA needed
Signaling• Using DHCP (new options) and a per-domain Mobility Manager (MM)
Routing path• No change in routers or CN; but change in MN, NAT and DHCP server• Dynamic home agent (I.e., the NAT)
30-Aug-02 23
Comparison to existing schemes
Schemes considered in following chartMobile IP• Extensions: Location Register (MIP-LR), Route Optimization (MIP-RO)
Micro-mobility schemes Cellular IPHawaiiIntra-Domain Mobility Protocol (IDMP)Hierarchical Mobile IP (HMIP)
IPv6Application level mobility mechanism• SIP
Virtual NAT• Similar address translation in the client stack• Targeted for connection migration where both end-points implements vNAT
30-Aug-02 24
Comparison chart
N
IN
IN
N
Y
Y
Y
virtual
N
N
N
N
Virtual NAT
N
-
IN
-
Y
Y
Y
-
-
-
Y
-
MIP RO
N/YNNNYYYYYTriangular route
YY--YYYNYNon-mobile IP nodes
YINYINYYYYY1NAT supportNO--FAFAYYFARouter modify?YY-YYYYYYMN modify?
OO--YYNN-Intra-tunnel
N
DHCP/MM
CoA
UD
O
N
Mobile NAT
N
Y
HA
Y
O
Y
IPv6
-
Y
SIPN
N
N
SIP
Y
Y
-
-
N
-
MIP LR
NNNNNCN modify?
YYYDataYsignaling
LCoACoACoAHAHAHost ID
YYYYOPaging
YYYYYInter-tunnel
YYYNYMIP messaging
IDMP TeleMIP
HMIP (RR)
HawaiiCIPMIP
Y: yes N: no - :N/A O: optional IN:independent UD: Under Development1: We assume Mobile IP with UDP tunneling for NAT
30-Aug-02 25
Mobile NAT Advantages
Problems in existing approaches• Huge infrastructure change (CIP, IPv6, routers, even deploying FA)• Not much discussion on optimizing intra-domain sessions• Require tunneling overhead, inter, intra or both• Triangular routing• Modification in CN
MobileNAT approach• Addresses rapid growth in end-devices, which most likely will have private
addresses due to slow deployment of IPv6• Assume the presence of NA(P)T in a domain
Roaming and services across heterogeneous address spacesReduce problem space to only private address space
• Choice between tunneling and address translationAddresses bandwidth limitations of wireless links
• Use existing protocols (DHCP, ICMP) for signaling• Discourage changing routing infrastructure• Can co-exist with MobileIP
30-Aug-02 26
On-going work
Scalability:• Subdivide domains into smaller NAT-ed domains• Multiple NATs per domain
Security• DHCP authentication and Access-point authentication/encryption• Works with IP-sec (AH mode and UDP tunnel) and SSL
Paging: • Re-use of existing IP-multicast based paging
Possible deployment issues• Changing every MN driver (similar to Mobile IP)• Mobility to 3G network• Location information distribution• Allow incremental deployment
Other issues• Does not solve NAT problems where application layer message uses IP address
(FTP, SIP, RTSP)• Fast hand-off for micro-mobility• Intra-domain sessions on inter-domain mobility• Combined MobileIP and MobileNAT client
30-Aug-02 27
Summary
Main Ideas• Virtual IP for host identification; actual IP for routing• Address translation in client as well as in NAT• Existing protocols like DHCP for signaling• Mobility manager to handle nodes in a domain• NAT acts as a dynamic home agent • Inter-NAT packet flow for inter-domain mobility
No change in routers or no need for FA• Change In MN, NAT and DHCP server
Demonstrated a simple inter-subnet mobility