330 likes | 464 Views
Wireless Networks. Lecture 30 QoS in WLAN / Mobile IP Dr. Ghalib A. Shah. Outlines. Last lecture Limitations of QoS in IEEE 802.11 Overview of 802.11e Traffic Categories EDCF HCF Mobile IP Care-of-address, MIP Protocol (Discovery, Registration, Tunneling) Routing Inefficiencies
E N D
Wireless Networks Lecture 30 QoS in WLAN / Mobile IP Dr. Ghalib A. Shah
Outlines • Last lecture • Limitations of QoS in IEEE 802.11 • Overview of 802.11e • Traffic Categories • EDCF • HCF • Mobile IP • Care-of-address, • MIP Protocol (Discovery, Registration, Tunneling) • Routing • Inefficiencies • MIPv6
Last Lecture • Types of Attack • Goals of 802.11 Security • Access control, data integrity, confidentality • WEP Protocol • WEP Authentication • Security flaws in original 802.11 • Physical threat, impersonation, mutual authentication, dictionary attacks, DOS • 802.1x Security • AKM Operations with AS • AKM operations with PSK • IBSS Security model
QoS Limitations of 802.11 • DCF (Distributed Coordination Function) • Only support best-effort services • No guarantee in bandwidth, packet delay and jitter • Throughput degradation in the heavy load • PCF (Point Coordination Function) • Inefficient central polling scheme • Unpredictable beacon frame delay due to incompatible cooperation between CP and CFP modes • Transmission time of the polled stations is unknown
Overview of 802.11e • Formed in Sep. 1999. TheQoSbaseline document was approved in November 2000. The first draft was available in late 2001. • Aim to support both IntServ and DiffServ • New QoS mechanisms • EDCF (Enhanced DCF) • HCF (Hybrid Coordination Function) • Backwardly compatible with the DCF and PCF
QoS is realized by introducing traffic categories (TCs) • MSDUs are delivered through multiple backoff instances running as virtual stations • Each instance is parameterized with TC specific parameters • AIFS, CWmin, CWmax, Persistance factor (PF) • For legacy DCF, AIFS=DIFS, PF=2, CWmin < 15 • CWnew[TC] = (CWold[TC]+1) x PF -1
0 <= I <= j <= 3 I, j are AC [0,1,2,3] • CWmin[i] >= CWmin[j], CWmax[i] >= CWmax[j], AFIS[i] >= AFIS[j]
EDCF (Enhanced DCF) • Enhanced DCF • Also support bursting • Different parameters for different TC/AC • Replace DIFS with AIFS (AIFS>DIFS) which is shorter for audio and video traffic. • Audio = Video < Data • CWmin and CWmax • Audio < Video < Data • Different Persistence Factor (PF) • For EDCF, AIFS>=DIFS, PF=1-16, CWmin=0-255
HCF (Hybrid CF) • Provides policing and deterministic channel access by controlling the channel through the HC (Hybrid Coordinator) • Operate in CFP and CP
Detecting the channel as being idle for PIFS, shorter than DIFS, gives the HC high priority over EDCF • HCF model can provide Guaranteed Services with a much higher probability than pure EDCF • A signaling protocol can be used to facilitate admission control and specify service rate requirement
Mobile IP: Basics • Proposed by IETF (Internet Engineering Task Force) • Standards development body for the Internet • Mobile IP allows a mobile host to move about without changing its permanentIP address • Each mobile host has a home agenton its home network • Mobile host establishes a care-of address when it's away from home
Example Network B Foreign Agent Home network A Internet Home Agent Network C Mobile Node Corresp. Node C slide by Konidala M. Divyan [3]
Mobile IP: Basics, Cont. • Correspondent hostis a host that wants to send packets to the mobile host • Correspondent host sends packets to the mobile host’s IP permanent address • These packets are routed to the mobile host’s home network • Home agent forwards IP packets for mobile host to current care-of address • Mobile host sends packets directly to correspondent, using permanent home IP as source IP
Mobile IP: Care-of Addresses • Whenever a mobile host connects to a remote network, two choices: • care-of can be the address of a foreign agenton the remote network • foreign agent delivers packets forwarded from home agent to mobile host • care-of can be a temporary, foreign IP address obtained through, e.g., DHCP • home agent tunnels packets directly to the temporary IP address • Regardless, care-of address must be registered with home agent
Mobile Node registers at its Home Agent Network B Foreign Agent Network A Internet Mobile Node Home Agent Network C • Mobile Node sends Binding Update • Home Agent replies with Binding Acknowledgement Corresp. Node C slide by Konidala M. Divyan [3]
Protocol • In order to support mobility, Mobile IP includes three capabilities: 1. Discovery 2. Registration 3. Tunneling
Discovery • Mobile Agents send ICMP router advertisements with mobility agent advertisement extension periodically informing mobile nodes of its presence. • Mobile node is responsible for the discovery process. • In order to receive an advertisement, the mobile node may optionally request one from an agent or simply wait for the next advertisement.
Registration • Mobile node recognizes that it is on a foreign network, acquires a Care-of-Address and requests its home agent to forward its data packets to the foreign agent. • The process of registration requires 4 steps: 1. Mobile node request forwarding service by sending registration request to the foreign agent.
Registration 2. Foreign agent relays this request to the home agent. 3. Home agent accepts or denies the request and sends registration reply to the foreign agent. 4. Foreign agent relays this reply to Mobile node.
Tunneling • After registration, an IP tunnel is set up between the home agent and care-of-address of the mobile node. • Home agent broadcasts gratuitous ARP request which causes all nodes in the subnet to update their ARP caches to map the mobile nodes IP address to the home agents link level address. • Thus home agent receives packets destined to the mobile node, and forwards the packets to the foreign agent through the IP tunnel.
Tunneling • In the foreign network, decapsulation is done by the foreign agent or by the mobile node itself. • A correspondent node assumes that the reply from the mobile node is coming from its home network and continues to send the packet to the home agent.
IP header IP header data data IP-in-IP Tunneling • Packet to be forwarded is encapsulated in a new IP packet • In the new header: • Destination = care-of-address • Source = address of home agent • Protocol number = IP-in-IP IP header
Triangle Routing (Mobile IPv4) Network B Network A Internet Mobile Node Network C Home Agent • Corresp. Node C initiates communication with Mobile Node and sends packets to MN‘s home address • Home Agent intercepts packets and forward them to the Mobile Node (proxy functionality) • Mobile Node replies directly to Corresp. Node C Corresp. Node C slide by Konidala M. Divyan [3]
Routing Inefficiency Mobile host and correspondent host might even be on the same network!! correspondent host home agent
Route Optimizations • Possible Solution: • Home agent sends current care-of address to correspondent host • Correspondent host caches care-of address • Future packets tunneled directly to care-of address • But! • An instance of the cache consistency problem arises... • Cached care-of address becomes stale when the mobile host moves • Potential security issues with providing care-of address to correspondent
Issues in Mobile IP 1. Handoff: • When mobile node changes its point of attachment, a handoff sequence is initiated. • During or immediately after the handoff , packet losses may occur due to delayed propagation of new location information which degrades the quality of service. • Solved by introducing access point probing functionality in the mobile node to identify the current access point it is attached with.
Issues in Mobile IP 2. Replay attacks: • A Bad Guy could obtain a copy of a valid Registration Request, store it, and then “replay” it at a later time, thereby registering a bogus care-of address for the mobile node • To prevent that the Identification field is generated is a such a way as to allow the home agent to determine what the next value should be • In this way, the Bad Guy is thwarted because the Identification field in his stored Registration Request will be recognized as being out of date by the home agent (timestamps or nonces are used for Identification field) Mobile IP: Security Issues [4]
Issues in Mobile IP • Redundancy: What if the home agent doesn't answer a registration request? • Registration request to broadcast address • Rejection carries new home agent ID • "Ingress" filtering • Routers which see packets coming from a direction from which they would not have routed the source address are dropped
Mobile IPv6 Roaming Network B Network D Network A Internet Network C Home Agent • Mobile Node sends Binding Updates to Home Agent and all Corresp. Nodes, which already received a previous Binding Update from this Mobile Node Corresp. Node C slide by Konidala M. Divyan [3]
Summary • Last lecture • Limitations of QoS in IEEE 802.11 • Overview of 802.11e • Traffic Categories • EDCF • HCF • Mobile IP • Care-of-address, • MIP Protocol (Discovery, Registration, Tunneling) • Routing • Inefficiencies • MIPv6