1 / 7

Detection of Network Attachment (DNA) and Handoff ECSG

Detection of Network Attachment (DNA) and Handoff ECSG. Bernard Aboba Microsoft July 2003. Problem Statement. Statement 1: There is a need to develop a handoff standard that allows a mobile terminal to optimize detection of network attachment (DNA) at Layer 3. Statement 2:

eunice
Download Presentation

Detection of Network Attachment (DNA) and Handoff ECSG

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Detection of Network Attachment (DNA) and Handoff ECSG Bernard Aboba Microsoft July 2003 Bernard Aboba, Microsoft

  2. Problem Statement • Statement 1: • There is a need to develop a handoff standard that allows a mobile terminal to optimize detection of network attachment (DNA) at Layer 3. • Statement 2: • There is a need to develop a handoff standard that permits a mobile terminal to switch between one point of attachment and another with minimal latency. Bernard Aboba, Microsoft

  3. DNAv4 Model • “Hints” – non-definitive indications whether the host has connected to a previously encountered subnet • L2 hints: 802.11 SSID, Infrastructure/Adhoc, IEEE 802 LLDP traffic • L3 hints: IRDP • “Most Likely” point of attachment (POA) • Best guess, based on hints • By default: previous point of attachment • Reachability detection • ARP Request sent to “most likely” default gateway • Address re-acquisition • Used only if client retains a valid lease • DHCPREQUEST sent in INIT-REBOOT state Bernard Aboba, Microsoft

  4. DNAv4 Strawman Proposal • Formulate “most likely” point of attachment • Is IPv4 LL ever “most likely” ? • Probably not • May wish to test reachability to all networks with valid IP leases prior to configuring an IPv4 LL address • Check for valid IP address lease (<T1) • If valid, perform reachability detection on default gateway of “most likely” network • If reachability succeeds, reuse address • Note: To handle movement between private networks, need to match *both* IP address and MAC address of default gateway • If reachability fails send DHCPREQUEST in INIT-REBOOT state • If no valid IP address lease, or no response to DHCPREQUEST after retransmission, go to INIT state • If DHCP fails, do we allocate IPv4 LL address? • Empirical evidence is that this is invalid much of the time, but it could be required. • If IPv4LL is allocated, how often do we attempt to obtain a routable IP address? Bernard Aboba, Microsoft

  5. Issues with IEEE 802.11 “Hints” • SSID not a reliable indicator of subnet change • Lots of APs advertising “default” SSID • SSID -> subnet mapping not unique • IEEE 802.1X-2001 supports dynamic VLAN assignment • STAs within the same SSID may not be assigned the same VLANID • AP discovery mechanisms limited to coverage area • Since Beacon/Probe Responses not audible outside the coverage area, not possible to discover APs outside of the coverage area • Result: Handoff needs to be completed within the coverage overlap area • Virtual AP confusion • Station may become alarmed by sharing of PMK between Virtual APs within the same physical AP • Need physical AP identifier • “Link up” confusion • IEEE 802.11i defines two Association protocols! • Secure association protocol: 4-way + group key handshake • Insecure Association Protocol: Association/Reassociation • Result: state machine complexity, DoS vulnerabilities • IEEE 802.11i and IEEE 802.11f have different definitions of Association • IEEE 802.11f triggered on insecure Association/Reassociation • IEEE 802.11i triggered on secure association • Observed Results • Hosts assigning IPv4LL address when DHCP server is available Bernard Aboba, Microsoft

  6. Potential Solutions • Subnet change indications • Subnet provided in last message of secure association protocol • Allows subnet to be learned prior to DNA • Allows for dynamic VLAN assignment • Virtual AP confusion • Physical AP identifier independent of BSSID • Discovery outside the coverage area • Addition of “Neighbor” IE to the Beacon/Probe Response • Provides BSSID of neighboring APs • Allows pre-authentication to be initiated outside coverage overlap area • “Link up” Confusion • Define a single “Link up” trigger in IEEE 802.11i: 4-way + group key handshake • Add Association/Reassociation fields to 4-way handshake to allow secure verification • Add “delete” message to 4-way handshake to allow for secure Disassociation/Deauthentication • Rename 4-way handshake + group key handshake to “secure association” • Treat insecure Association/Reassociation as vestigial if it cannot be removed Bernard Aboba, Microsoft

  7. Motion • To straw poll on the proposed problem statements • - Problem Statement 1 • - Problem Statement 2 Bernard Aboba, Microsoft

More Related