IEEE NJ Coast Section Seminar on Wireless LAN & IP Telephony Session W3 Toward 4G Networks Ramachandran Ramjee, Ph.D. [email protected] ramjee

IEEE NJ Coast Section Seminar on Wireless LAN &

IP Telephony

Session W3Toward 4G Networks

Session W3Toward 4G Networks

Ramachandran Ramjee, [email protected]

http://www.bell-labs.com/~ramjee

Mar 27, 2002 2IEEE NJ Coast Section seminar on Wireless LAN & IP Telephony

Wide-Area Wireless Standards EvolutionWide-Area Wireless Standards Evolution

3G/ IMT-2000 Capable

Existing Spectrum New Spectrum

IS-95-A/cdmaOne

IS-95-A/cdmaOne

IS-95-B/cdmaOne

IS-95-B/cdmaOne

IS-136TDMA

IS-136TDMA

136 HSEDGE

136 HSEDGE

GSMGSM

GSM GPRSGSM GPRS EDGEEDGE

WCDMAWCDMA

cdma2000 1X (1.25 MHz)

cdma2000 3X (5 MHz)

HSCSDHSCSD

1XEV DO: HDR (1.25 MHz)1XEV DO: HDR (1.25 MHz)

2G “2.5G”1G

AnalogAMPS

AnalogAMPS

TACSTACS


Other wireless standardsOther wireless standards 802.11/802.11b - 2-11 Mbps - uses 2.4GHz spectrum 802.11a - 54 Mbps - Orthogonal Frequency Division Multiplexing

(OFDM) HiperLan2 - 50Mbps - local-area networks - uses 5GHz spectrum Bluetooth - 720 kbps - very limited range using 2.4GHz spectrum ARDIS - 19.2 Kbps - IBM/Motorola - slotted CSMA MOBITEX - 9.6 Kbps - RAM mobile-slotted CSMA CDPD - 19.2 Kbps - DSMA/CD using AMPS Metricom - Frequency Hopped SS - 28.8 Kbps, 128 kbps upgrade -

uses the ISM 900 Mhz band iDEN - 20kbps - uses Mobile IP, supports WAP DECT/CT2 - cordless, low-mobility - 32kbps - FDMA/TDMA PHS - cordless system for microcell/indoor use, Japan - 128 Kbps -

TDMA iMode - 9.6 Kbps - packet data service, currently uses PDC WAP - Wireless Application Protocol - currently circuit-switched data


ObservationsObservations

The ‘G’ in #G stands for Generation and typically refers to the generation of wide-area wireless network’s air interface

While the 4G air interface has not been standardized yet, a plethora of wireless standards are prevalent and will continue to co-exist

Dominant among these are CDMA2000, WCDMA, and 802.11-based systems

Today, each of these air interfaces has its own network architecture standards though the network provides similar functionality of mobility and location management

A unified network architecture based on IP that provides a common mobility and location management mechanism can serve as the 4G network of the future while different air interfaces simply plug into this network


OutlineOutline

Motivation IP Mobility

– Macro-mobility: Mobile IP

– Micro-mobility: HAWAII

IP Paging– HA/FA paging

– Domain paging

Interworking of Wireless LANs with 3G Networks


Motivation: Why IP?

Migration of wireless access networks to IP allows– Support for anticipated growth of the wireless

Internet access• merging of services for wireline and wireless networks

• merging of wireless voice and data networks

– Reduced product and operational costs of IP infrastructure• availability of “commodity” hardware, software, and services

• increased efficiency of packet-based networks for combining voice and data


Industry Directions for Wireless Networking

Cellular Telecom Approach– Efforts to define wireless data networking standard (General

Packet Radio Service/GPRS, UMTS) begin before full impact of Internet explosion is felt

Internet-Based Approach– Use Internet standards for networking and mobility with

extensions to inter-operate and support cellular air interfaces (e.g., GPRS, CDMA)

GPRS/UMTS standards begin

1990 1995 2002153M Internet

Users

1998

3M Internet Users

1994

1992

FPLMTS standards begin

1st UMTS customers


Clash of models

Telecom/cellular model Approach: Extend current wireless circuit-based infrastructure to

support wireless internet data– Flexibility at the cost of complexity and efficiency (e.g. X.25

support in GPRS, PPP support in CDMA)+ Rich functionality through experience (e.g., paging, micro-

mobility)

Internet modelApproach: Extend current internet data-based infrastructure to

support wireless internet data+ Simplicity using IP (support other protocols, e.g. X.25, through

tunneling if necessary)– Missing functionality (e.g., paging, micro-mobility)


Emerging Mobile Packet Networks: GPRS and UMTS

Compatible with cellular telecom networks+ may be deployed leveraging existing infrastructure– requires separate advances from the Internet

Specialized nodes manage mobility and forward packets+ requires no changes to fixed hosts or intermediate routers– results in tunneling and triangular routing– special failure recovery mechanisms needed

Inter-SGSN handoffs always managed by GGSN– high update overhead– slow handoffs

IntranetMDSGSN

GGSN

Host

Regular routingTunneled packetsusing GTP

InternetSGSN

RadioAccess

Networks


Emerging Mobile Packet Networks: CDMA2000 and 802.11 (Mobile IPv4)

Compatible with regular IP networks and hosts+ most Internet advances apply

Specialized agents manage mobility and forward packets+ requires no changes to fixed hosts or routers– results in tunneling and triangular routing– special failure recovery mechanisms needed

Handoffs always managed by Home Agent– high update overhead– slow handoffs

MD FA

HA

HostInternet

Regular routingTunneled packetsusing Mobile IP

FA

RadioAccess

Networks


Local and Wide-area wireless data networks– high and low mobility users

IP functionality in access network elements including base stations– homogeneous IP-based access network

Diverse applications– quality of service support necessary

Mobility has to be processed locally

Trends


Micro-mobility: Design Goals

Scalability– process updates locally

Limit disruption– forward packets if necessary

Efficiency– avoid tunneling where possible

Quality of Service (QoS) support– local restoration of reservations

Reliability– leverage fault detection mechanisms in routing protocols

Transparency– minimal impact at the mobile host


Hierarchy through domains – Mobile-IP for movement between domains– HAWAII Path Setup for movement within domain

Users retain their unique IP address while moving within a domain– Home address could be dynamically assigned– Co-located care-of address used in foreign domain

Unique and unchanging address limits updates to Home Agent and simplifies QoS support in the network

Hierarchy and unique address


HAWAII: Enhanced Mobile IP

Distributed control: Reliability and scalability– host-based routing entries in routers on path to mobile

Localized mobility management: Fast handoffs– updates only reach routers affected by movement

Minimized or Eliminated Tunneling: Efficient routing– dynamic, public address assignment to mobile devices

DomainRouter

RR

R R R R

DomainRouter

RR

R R R R

Local mobility Local mobilityMobile IP

Internet

MD


HAWAII

Mobile IP

Internet

1.1.1.100->port 4, 239.0.0.1

1.1.1.100-> port 3, 239.0.0.1

1.1.1.100->wireless, 239.0.0.1

R

23

1

R1

23 4

5

MY IP: 1.1.1.100BS IP:1.1.1.5

1

R2 3

4 R1

23 4

5

R 2 3

14 4

DomainRootRouter 2

DomainRootRouter 1

5

BS1

2

34

5

BS2 BS3 BS4

1

Power-up


Host-based routing entries maintained as soft-state

Base-stations and mobile hosts periodically refresh the soft-state

HAWAII leverages routing protocol failure detection and recovery mechanisms to recover from failures

Recovery from link/router failures

Soft-State


HAWAII

Mobile IP

Failure Recovery

Internet

1.1.1.100->port 3, 239.0.0.1

1.1.1.100-> port 4, 239.0.0.1

1.1.1.100->wireless, 239.0.0.1

R

23

1

R1

23 4

5

MY IP: 1.1.1.100BS IP:1.1.1.5

1

R2 3

4 R1

23 4

5

R 2 3

14 4

DomainRootRouter 2

DomainRootRouter 1

5

BS1

2

3

BS2 BS3 BS4

1


Host-based routing within the domain

Path setup schemes selectively update local routers as users move

Path setup schemes customized based on user, application, or wireless network characteristics

Micro-mobility handled locally with limited disruption to user traffic

Path Setup Schemes


HAWAII

Mobile IP

Internet

1.1.1.100->port 3 (4), 239.0.0.1

1.1.1.100-> port 3, 239.0.0.1

R

23

1

R1

23 4

5

MY IP: 1.1.1.100BS IP:1.1.1.2

R2 3

4 R1

23 4

5

R 2 3

14 4

DomainRootRouter 2

DomainRootRouter 1

5

BS1

2 34

1.1.1.100->wireless, 239.0.0.1 1 5

BS2 BS3 BS4

1.1.1.100->port 1(wireless), 239.0.0.1

1

Micro-Mobility


MY IP: 1.1.1.100BS IP:1.1.2.1COA IP:1.1.2.200

Internet

1.1.2.200->port 2, 239.0.0.1

1.1.2.200-> port 3, 239.0.0.1

1.1.2.200->wireless, 239.0.0.2

HAWAII

Mobile IP

R

23

1

R1

23 4

5

1

R2 3

4 R1

23 4

5

R 2 3

14 4

DomainRootRouter 2

DomainRootRouter 1

5

BS1

2

34

5

BS2 BS3 BS4

1

Mobile IP Home Agent:1.1.1.100-> 1.1.2.200

6

7

Macro-Mobility


Simulation Topology


Performance: Audio and Video


TCP - Web transfers in Mobile IP: Interaction between Tunneling and TCP Path MTU discovery results in 1 round trip wasted for each object.

TCP - File transfers: 5-15% improvement over Mobile IP

Performance: TCP


Update RatesUpdate Rates

Domain Router

Router 1...

BS1 BS-20... BS1 BS20

• 39 users/sq. miles• users moves at 112 Km/hr.• base stations cover 7 Km2

Network Model

TBLBLM

DBDB

16

2

IP

16YTR

BDLRBL

TBLBLH

BDDB

M

DBDB

162

2

Mobile IP Updates at Home Agent:

Hawaii Updates at Domain Router:

Hawaii

M-IP

<<1, local mobility

aggregation

Router 7

BD Base stations/domain routerRD 2nd level routers/DR User densityv User velocityLB Base station perimterTR HAWAII refresh timerY # of updates/messageTM Mobile IP lifetime % users outside home domain

– Varies linearly with # of base stations

– Varies O(BD1/2)


Performance: Update Rates

Scalability at the Domain Root Router– Number of entries: entries are from a given domain’s IP

subnet -> perfect hashing for route lookup.

– Number of updates: updates for Mobile IP varies linearly with the number of base stations in domain whereas in HAWAII, updates vary with the square root of number of base stations in domain.

Based on FreeBSD implementation, for a typical network configuration, update ratio of Mobile IP to HAWAII is 3:1 and CPU utilization ratio is 9:1.


Standardization: IETF SeaMoby Working Group

Draft-seamoby-ietf-mm-problem-01.txt identifies the goals for a new IETF micro-mobility protocol: Mobility without changing routable IP address Use Mobile IP for inter-domain mobility Use Mobile IP for signaling from the mobile host IP version neutral Optimized routing Plug & Play Inter-technology/heterogeneous mobility support Inter-operate with existing QoS protocols

HAWAII appears an excellent fit! Work is in IRTF now.


Previous Foreign Agent Notification Extension (Route Optimization draft)

NAI extension (NAI draft) Mobile challenge-response extension (Challenge

Response draft) NAI in foreign agent advertisements to detect domain

changes (Private addresses draft) Register with foreign agent while using co-located

addresses Allow split Mobile-IP registrations at the foreign agent

(regionalized tunnel draft)

Changes from Mobile IP (rfc2002)


HAWAII: Benefits Summary

Scalability through reduced updates as micro-mobility transparent to home agents

Limited disruption of traffic as Path Setup Schemes are optimized for the environment

Efficiency through reduced data packet header overhead as no tunneling in a (large) home/power-up domain

Ease of QoS support: unique address Reliability through soft-state Transparency to hosts that use Mobile IP Integration with existing wireless infrastructure


OutlineOutline





– Domain paging



Mobile Host State Diagram

“Idle” mobile hosts update network less frequently than “active” mobile hosts

Network has only approximate location information for idle mobile hosts Network determines the exact location by paging to deliver packets

What is Paging?


IP Paging Outline

Motivation IP Paging Architectures Performance IETF Standardization (SeaMoby Working

Group) Summary


Paging in wireless networks (1): GPRS, UMTS

Paging for voice initiated differently (MSC) from data (SGSN)+ may be deployed leveraging existing infrastructure– requires separate mechanisms

Specialized nodes, protocols (BSSGP) manage paging+ requires no changes to intermediate routers– separate advances from other paging protocols– special failure recovery mechanisms needed

IntranetMDSGSN

GGSN

Host

Regular routingTunneled packetsusing GTP

InternetSGSN

RadioAccess

Networks


Paging in wireless networks (2): CDMA2000, Mobile IP

Paging for voice initiated differently (MSC) from data (RAN/MSC)

+ may be deployed leveraging existing infrastructure– requires separate mechanisms– No paging in Mobile IP

Specialized nodes, protocols (IS2001) manage paging+ requires no changes to fixed hosts or routers– separate advances from other paging protocols– special failure recovery mechanisms needed

MD FA

HA

HostInternet

Regular routingTunneled packetsusing Mobile IP

FA

RadioAccess

Networks


As wireless access networks migrate to IP, IP paging allows

common infrastructure to support different wireless technologies – seamless merging of LAN/WAN– avoids duplication of paging protocols, resulting in cost

savings

deployment of sophisticated paging algorithms– leverages the support of multicast, if available– user-customized paging areas

Why IP paging?


Efficiencylimit updates from mobile host when idle to conserve battery

power

Scalabilitypush paging initiation closer to base station

Reliabilityallow paging initiation to occur at any router/base station

(no single point of failure)

Flexibilityallow for fixed, hierarchical, or user-defined paging areas

IP Paging Goals


IP Paging ArchitecturesIP Paging Architectures

Internet

Home Agent

ForeignAgent

ForeignAgent

ForeignAgent

R

R

R

DomainPagingArea

Mobile IPPaging Area

3 Options:• Home Agent Paging

– Home agent buffers packets and initiates page to all Foreign Agents– Can be controlled by corporate network– Does not scale

• Foreign Agent Paging– Last active Foreign agent buffers packets and initiate paging– Distributes load

• Domain Paging– Fully distributed, very scaleable and reliable

Uniform mobility management– wireless LANs, outdoor

Old FA initiates page

HA initiates page

Any router initiates page


Home Agent (HA) Paging

Centralized at HA Simple implementation Issues/concerns

– Inefficient signaling: long delays if HA far from mobile host

– Scalability at HA

– Multicast-based addressing of paging area needs global visibility, scalability of paging areas


Foreign Agent (FA) Paging

Initiated at previously attached FA

Distributed among different foreign agents in paging area

Simple implementation

Efficient: paging restricted to local domain

Issues/concerns– Reliability when previous FA

crashes– Requires FA deployment


Domain Paging

Initiated at any node (router/base station) in path from mobile to root router

Completely distributed among different nodes in domain

Highly scalable, reliable to node failures

Efficient: paging restricted to local domain

Issues/concerns– implementation complexity– router support


Router operationRouter operation

Routing Pagingentry entry State Operation

YES YES Active Regular ForwardingYES NO Active No paging supportNO NO Null Forward if default route exists,

else discardNO YES Standby Paging:

If (packet arrives from DRR or I am DRR) If (node is base station or no refresh from downlink port or queuesize < threshold) Initiate paging else Forward to port in paging entry Endif

else Forward along default route

Endif


Implementation

All three paging protocols implemented in FreeBSD

Paging protocol processing in user space, data forwarding in kernel space

Paging implementation does not affect fast path performance - use of virtual interfaces

Implementation used to measure processing load of different paging tasks - results to drive large scale simulation


MY IP: 1.1.1.100BS IP:1.1.1.2

Internet

1.1.1.100->port 3, 239.0.0.1

1.1.1.100-> port 3, 239.0.0.1

R

23

1

R1

23 4

5 R2 3

4 R1

23 4

5

R 2 3

14 4

DomainRootRouter 2

DomainRootRouter 1

5

BS1

4 11

1.1.1.100->wireless, 239.0.0.1 2 3

BS2 BS3 BS4

1

2

Buffer

HAWAII

PagingData

Paging


Scalability (latency)

Simulation parameters– 36-90 zones per domain– paging area size = 6– real, synthetic traces– processing times from

implementation

HA paging needs 5 processors for comparable performance

FA paging scalable

Domain paging supports highest paging load


Scalability (updates)

Large Paging Area size results in fewer updates but increases latency due to higher paging processing load

In FA/HA paging, updates can occur due to movement or when user is paged and found at new location

In Domain paging, updates are only due to movement - results in least number of updates


IP Paging – Reliability ResultsIP Paging – Reliability Results

componenti iMTTF

iMRTU

)(

)(

MtFAHAHA tNttU R)(

MtFAFAHAFA tNtttU R)(

MtFAHADomain tNttU R)(

Definition Value

U Unavailability tHA HA recovery time 120 s tFA FA recovery time 120 s tR Router recovery time 30 s N Number of intermediate routers 2 tM Mean time between failure 1 month P(user moved from FA) 0.1 P(user changed domains) 0.5

Internet

Home Agent

IPPaging Area

R

FA

R

FAFAFA

R

DR/HA

R

R

RRR

R

Mobile IP ModelDomain Model


IP Paging – Reliability ResultsIP Paging – Reliability Results

Domain

HA

FA

FA

Domain

HA


Standardization: IETF SeaMoby Working Group

Draft-ietf-seamoby-paging-problem-statement-02.txt identifies need for IP paging (now RFC 3132)

Draft-ietf-seamoby-paging-requirements-02.txt identifies following requirements (now RFC 3154):

– minimize impact on host’s power consumption– on receiving page, host must re-establish layer three link– efficient utilization of layer two, if available– support existing mobility protocols– flexible support for different paging areas– allow arbitrary mapping between paging areas, subnets– robust against failures, packet losses

FA, Domain paging suitable candidates!


Summary

IP-based wireless access networks - efficient, cost-effective IP paging allows common infrastructure to support different

wireless interfaces including CDMA, GPRS, wireless LAN etc.Proposed three paging architectures: each has its applicability

– HA paging useful in small networks with complete administrative control

– FA paging simple, scalable, easily deployable– Domain paging scalable, flexible, reliable, most efficient

Future work– Standardization– Flexible and user-specific paging mechanisms


OutlineOutline





– Domain paging



Integrated Wireless Access Networks Integrated Wireless Access Networks

Ubiquitous access to Internet and applications Always-on high speed packet data access Islands of multi-technology RF access networks connected to core IP

network

Core IPNetwork

RadioAccessNetwork

RadioAccessNetwork

Service Provider“Home” Network

Billing

Authentication

Mobility

Service Provider“Home” Network

Billing

Authentication

MobilityRoaming

Agreements

RadioAccessNetwork

The next wave of Internet access will be through high-speed wireless packet access

Wide Area WirelessLocal Area WirelessHotspot/Enterprise

4G Wireless?


Overview

Goal– Integrate 802.11 and wide-area wireless networks

Motivation– Ability to choose 802.11 where available (substantial cost-bandwidth

advantage)

– 3G/802.11 integration can enhance existing wireless services and offer new services.

Approach– Integrate 802.11 with CDMA2000 &/or UMTS access networks for

data service Benefits

• seamless mobility

• wider application spectrum

• lower access/transport cost for high bandwidth services


Background

Infrastructure

• 802.11 Network– low cost, high-data rate (11Mbps 54Mbps)– unlicensed spectrum potential interference– short range– ORiNOCO, Apple, Cisco, etc.

• 2G/2.5G/3G Network– high cost, low data rate (153kbps 2Mbps)– licensed spectrum less interference– long range– Lucent, Nortel, Nokia, Ericsson, etc.

End device

• Various new devices being announcedE.g. VisorPhone (Handspring) includesPDA with 2G+ capability:mobile phone ,messaging,internet access, ...

• Palm and Motorolaannounced PDA withGPRS (2.5G) capability

• NeoPoint, Sony, etc. claim 802.11/CDMA or 802.11/GSM prototypes

Observations

• Dissimilar networks and infrastructure• Need for current end devices and applications to adapt between one network type and another


Public Wireless Access Networks:Why are they different?Public Wireless Access Networks:Why are they different? Security is a major concern where a wireless shared medium is used in a public

environment– More susceptible to eavesdropping and man-in-the-middle attacks– Not behind firewall of friendly colleagues– Secure access into the enterprise

Accessing service on other provider’s networks– Roaming agreements, global roaming, shared revenue agreements– Perform authentication and accounting for roaming subscribers

Mobility– Efficient, seamless handoff of data sessions while moving across networks

Authentication– User authenticates to the network– Authentication at different layers: L2, L3, VPN, HTTPS

Integrated service across different air-interface technologies Management and Home policy

– Distribute per user home policy and QoS levels of service to roamed networks– Minimize exchanges with home network through efficient protocols and optimizations

QoS/ Levels of Service– Air interface contention, fair network usage, and alleviating congestion in hot spot areas– Cannot statically configure based on IP addresses

Mobile Client Software– Mask complexities from the user: configuration, reauthentication, network selection


Challenges for Public Wireless Data AccessChallenges for Public Wireless Data Access

Security is a major concern where a wireless shared medium is used in a public environment

Enabling roaming across networks– enable integrated service across different air-interface technologies (e.g. 802.11 and

3G networks)– Perform authentication and accounting for roaming subscribers– Shared revenue arrangements to allow other service provider’s subscribers on

network

Improving the subscriber’s experience– Minimizing subscriber interaction when roaming across networks and networks

using different air interface technologies– One-time user authentication– Automatic client terminal configuration for network

Being able to offer levels of service, fair network usage, and alleviating network congestion in hot spot areas


Infrastructure Challenges Authentication, Authorization, and Accounting (AAA)

– 3G networks use Home Location Register (HLR) and AAA servers to perform authentication of link-layer and network-layer sessions

– 802.11 networks have their own link-layer authentication mechanismsPerform separate administration or Merge user authentication profiles

Mobility– 3G networks allow for hierarchical mobility management with link-layer

handoff, micro-mobility and macro-mobility support

– 802.11 networks support link-layer mobility and IP mobility mechanisms Perform IP mobility or use 3G mobility mechanisms in 802.11

Quality of Service (QoS) support– Large disparity in bandwidth availability between 3G and 802.11

– 3G networks, unlike 802.11, are designed and engineered for QoS End device adaptation and QoS support in 802.11

Two approaches to address these challenges:. Interconnect 3G networks with 802.11 using IP: peer-to-peer integration. Integrate 802.11 into 3G networks: access network integration


Approach 1:Peer-to-Peer Integration

Overview– Different administrative

domains connected through IP

– Cross domain roaming is supported by using standard IP mobility, AAA

Advantages– Easy to build (works today!)– Fits All-IP philosophy

Disadvantages– Requires Mobile IP in end

device for seamless roaming– Potentially slower handoff and

inefficient data path

Intranet/Internet

AAA

HLR

802.11 Wireless

3G Network

AAAM-IPAgent

M-IPAgent

Public/EnterpriseData Network

BS BSBS

3G AirInterface

BS BSBS

3G AirInterface

AccessNetwork

3G Core Network

802.11 Air Interface

802.11AP

802.11AP


802.11AP

802.11AP


Approach 2: Access Network Integration Overview

– Operate 802.11 clusters under the same 3G access network

– Mobility, AAA supported by same mechanisms in 3G network

Advantages– Faster handoffs and more

efficient transport– Integrated HLR/AAA

Disadvantages– Customized 3G Gateway

necessary for each network (CDMA, UMTS) results in high cost

Internet

Integrated 3G/802.11 Network

M-IPAgent

BS BSBS

3G AirInterface

BS BSBS

3G AirInterface

AccessNetwork

3G Core Network


802.11BS

802.11BS


802.11BS

802.11BS

AAA

HLR

3G Gateway


Complete Service PictureComplete Service Picture

Wireless CarrierNetwork

3GAccess

MobileStarStarbucks

“Store-front”

WayportAirport/

EnterpriseWayportAirport/

Enterprise

TerminalPossibilities

Applications/Content

Authentication

Accounting

Mobility/Roaming

Agreements

CorporateNetwork

Applications/Content

Accounting/Billing

AuthenticationVPN

3GAccess

HandoffPossibilities

IntertechInternetwk

Handoff

IntratechIntranetwk

Handoff

IntratechIntranetwk

HandoffIntratech

InternetwkHandoff

IntratechInternetwk

Handoff

IntratechInternetw

kHandoff

RoamingBroker

Seamless Mobility/Roaming for Subscriber/

Negotiated Rates with Partners

One Bill fromWireless Carrier/

Bundled Data Package

Uninterrupted Applications:Streaming, Email, Corporate VPN, Web

Dual Interface Built-in 802.11 Combined Air Card

SubscriberService

WirelessAccess

NetworkSupport

802.11802.11

Built-in 802.113G data card

Internet


HomeAAA

HomeAgent

Hot-spot 802.11

Access Router

802.11Access Points

802.11 Gateway

“Home” network(3G carrier)

BSBS

3G WirelessAccess BSC

PCF or SGSN

Local AAA

PDSN or GGSN

Internet

Dual-mode terminal w/MobileIP client

802.11/3G Integration Architecture using Peer-to-Peer Approach and IP mobility

BillingServers


Industry 802.11 Security StatusIndustry 802.11 Security Status

Problems with existing products– Same shared static key used for encryption– Weak encryption through RC4 and short keys– User access is not authenticated to network servers– Proprietary solutions do not interoperate

802.11i Working Group Solutions– Per packet authentication– Temporary encryption keys and frequent rekeying– Stronger AES encryption and longer keys– Adoption of 802.1X standard


What is 802.1X?What is 802.1X?

Framework for port-based network access control Allows authentication & key derivation through EAP schemes

– Extensible Authentication Protocol (RFC 2284)– Reuse RADIUS infrastructure to carry EAP frames– Avoids preconfiguration of encryption keys at user terminals

Standard is not specific to wireless or 802.11 Allows 802.11 Access Points to support many different EAP

schemes– 802.11 working group did not mandate particular EAP scheme

InternetLocal AAAHomeAAA

“Home” Network

802.11Access Point

802.11 Network

802.1XEAPOL

Radius w/EAP-Message

Radius Direct to HAAA or through Broker AAA

EAP support


EAP-SKE scheme for 802.11 SecurityEAP-SKE scheme for 802.11 Security

HomeAAA

HomeAgent

802.11 Gateway

Internet

“Home” Network

EAP-SKE (Shared Key Exchange) solution

– Authenticate user to Home AAA with minimal protocol exchange

– Provide mutual authentication

– Home-AAA dynamically generates and distributes per-user per-session keys

– Use separate keys for authentication and encryption; keys are never passed over the air

– Commonality with MobileIP and 3GPP2 standards• Use same authentication credentials• Use same keyed hash function (HMAC-MD5)

– Works with 802.1X, the accepted standard for initiating authentication with 802.11 access points

EAP-SKE IETF draft– http://search.ietf.org/internet-drafts/draft-salgarelli-

pppext-eap-ske-00.txt

Performs Authentication,

GeneratesEncryption key

andkey material

802.1X/EAPOLexchangeover air

Radiusexchange

Algorithm to constructencryption key from passed

key material

Goal: dynamically establish security relationship between user and public 802.11 access points with no prior configuration and no subscription with owner of 802.11 network


HomeAAA

HomeAgent

“Home” network(3G carrier)

Internet

Roaming Agreements Among 802.11 Service Providers

BillingServers

802.11Access Points

802.11 Gateway

Large 802.11WISP Service Provider

(e.g. Wayport)

BrokerAAA Shared Revenue

Settlement DB

802.11Access Points

802.11 Gateway

802.11Access Points

802.11 Gateway

RoamingAgreement

Large 802.11WISP

(Wayport)

802.11WISPService Aggregator

BrokerAAA

Shared RevenueSettlement DB

RoamingAgreement

Small 802.11 WISP

(Company X)

Small 802.11 WISP

(Company Y)

Same backend infrastructureSupports 3G and 802.11


QoS Features for 802.11QoS Features for 802.11

802.11 QoSover air

Gold Service User

Silver Service User

Bronze Service User

10 Mbps

HomeAAA

HomeAgent

802.11 Gateway

IP QoS onaccess bottleneck

Edge Router

Access Router

10 Mbps 10 Mbps

Internet

Need QoS functionality in two spots of possible congestion

– IP QoS on oversubscribed access link

– QoS for 802.11 air interface

Per user Level of Service policy obtained from Home AAA database in AAA protocol exchange

– dynamic rate limiting

Gateway maps user population in 802.11 cells for achieving fairness and preserving service level guarantees

DiffServ packet marking and traffic policing

– Gateway can mark packets even with Mobile IP tunnels

– Home agent marks packets for 802.11 destined traffic

Goal: Offering per user levels of service and fairness to subscribers in 802.11 networks


Integration Summary Integration Summary

802.11/3G integration provides choice of wireless internet access while allowing seamless mobility

IP-based peer-to-peer interworking Solution easily extends to other types of wireless access

– HDR, 802.11a, OFDM, Hiperlan2

Adapting CDMA2000 standards (security, accounting, mobility) for the 802.11 environment allows client software and backend servers can support both networks

Commonality across CDMA2000 and UMTS for integration with 802.11

– UMTS needs to have support for IETF protocols


Conclusion

IP-based wireless access networks are efficient and cost-effective

Combination of HAWAII for micro-mobility and Mobile IP for macro-mobility supports seamless and scalable handoffs

IP paging allows common infrastructure to support different wireless interfaces including CDMA, GPRS, Wireless LAN etc.

802.11/3G integration provides choice of wireless internet access while allowing seamless mobility

Documents

IEEE NJ Coast Section Seminar on Wireless LAN & IP Telephony Session W3 Toward 4G Networks Ramachandran Ramjee, Ph.D. [email protected] ramjee