220 likes | 303 Views
11s Architecture and MIB Structure. Date: 2009-01-16. Authors:. Abstract.
E N D
11s Architecture and MIB Structure Date: 2009-01-16 Authors: L. Chu et al.
Abstract In the IEEE 802.11 Baseline standard, a STA is a device with one 802.11-conformant MAC and PHY interface to the wireless medium. 802.11s defines a mesh STA as a STA that implements the mesh facility. The current 11s draft in clause 11B supports multiple radio (MAC/PHY) mesh devices which is difficult to be described by the current mesh STA. Also, there are several comments (341, 873, 1947, 1949) about 11s architecture (with multiple radios) and about the MIB that need to be addressed. This presentation tries to address these issues. L. Chu et al.
Related Comments and Resolutions • Comment 341 (The reference architecture for the MP is not defined in the 802.11s spec.) • Reject (Insufficient detail/reference to determine what the commenter would like changed.) • Comment 1947 (Merely defining a list of object type definitions is not sufficient to instantiate the objects. And dot11MeshPointConfigEntry is not defined.) • Open • Comment 1949 (This subclause talks about each PHY on a different channel, but it fails to acknowledge that there is a 1:1 correspondence between MAC and PHY - i.e. there are no rules in the MAC that allow a MAC entity to talk to multiple PHY entities on different channels (e.g. channel access and NAV are clearly channel specific). Furthermore, the architecture is silent on whether an MLME can be shared between multiple MAC entities. I believe some of the state in the MLME is clearly MAC-instance specific (e.g. TSF time), while others may not be. There are no clause 10 interfaces that would allow a dual-channel devices to bridge mesh management frames between different MLME instances.) • Open. L. Chu et al.
Related Comments and Resolutions • Comment 873 (The reference architecture for the MP is not defined in the 802.11s spec.) • Counter (Refer 11s architecture to Figure 6-1) • This resolution is inaccurate, Figure 6-1 only addresses the data plane architecture Figure 6-1 MAC data plane architecture L. Chu et al.
Baseline STA Assumption • In the IEEE 802.11 Baseline standard, a device can include multiple STAs (interfaces) in it. • Each interface has a single unique MAC address, MAC and PHY. • When a device includes multiple STAs, the interaction among multiple STAs is not defined by the standard. • This interaction is not defined by the reference model nor the MIB. MAC_SAP MLME_SAP MAC Sublayer MLME SME PHY_SAP MLME-PLME_SAP Note: in this presentation, there is a one-to-one correspondence between every STA, radio, and interface in a multiple-radio mesh device. PLMP Sublayer PLME PLME_SAP PMD_SAP PMD Sublayer L. Chu et al.
Baseline MIB Structure ieee802dot11 dot11SMT dot11mac dot11phy dot11RegulatoryClassesTable dot11StationConfigTable dot11QoSCounterTable dot11PhyErpTable dot11OperationTable dot11PhyOperationTable IfIndex0 IfIndexN IfIndex0 IfIndex0 IfIndexN IfIndexN dot11StationConfigEntry dot11StationConfigEntry dot11OperationEntry dot11OperationEntry dot11PhyOperationEntry dot11PhyOperationEntry dot11Res L. Chu et al.
Single Radio Mesh Device Scenario • All mesh devices are in one mesh network. • Each Mesh device has an active radio. • Each STA has its own MAC address to identify it. • The current 11s draft can totally describe this kind of mesh device. MP3,1 MP6,1 MP3 MP2,1 MP6 MP2 MP5,1 MP7,1 Mesh Network 1 MP5 MP7 MP1,1 MP8,1 MP4,1 MP1 MP8 MP4 L. Chu et al.
MPy Multiple Radio Mesh Device: Scenario 1 • All mesh devices are in one mesh network. • Multiple radios in a Mesh device are active simultaneously. • Each radio (STA) has its own MAC address to identify it. • A mesh device with multiple radios selects one MAC address as its identifier. • The relationship between the mesh device identifier and other interface identifier in a mesh device is used for security optimization in the current draft. • The 802.11s architecture can not describe this kind of devices. MP3,2 MP3,1 MP6,1 MP3 Radio/STA/Interface MP2,1 MP6 MP7,2 MP2 MP5,1 MP7,1 MPy,2 MPy,1 Mesh Network 1 MP5 MP7 MP1,1 STA ID STA ID MP4,2 MP8,1 MP4,1 Different color links depict radios working in different channels. MP1 MP8 MP4 L. Chu et al.
MPy Multiple Radio Mesh Device: Scenario 2 • Some mesh devices are in more than one mesh network simultaneously. • A multiple-radio mesh device uses different radios for different mesh networks if it joins more than one mesh network simultaneously. • Each mesh network may use different routing protocols or the same routing protocol. • Each mesh network may use different security protocols, or the same security protocol with different keys. • Different MAC addresses are selected as mesh device’s identifiers for different joining networks. • 802.11s architecture can not describe this kind of device. MP3,2 MP9,1 MP3,1 Radio/STA/Interface MP6,1 MP6,2 MP3 MP9 MP2,1 MP6 Mesh Network 2 MPy,2 MP7,3 MPy,1 MP2 MP5,1 MP7,1 MP7,2 Mesh Network 1 MP5 MP7 STA ID STA ID MP1,1 MP4,2 MP8,1 Different color links depict radios working in different channels. MP4,1 MP1 MP8 MP4 L. Chu et al.
Proposed MP Reference Model • MP routing, forwarding, key management, link management are on top of all STAs. • A mesh entity is required to show these relationships • When a mesh device joins multiple mesh networks simultaneously, the interaction among mesh entities/multiple STAs in different networks are not defined by the standard. • This is implied by the reference model and the MIB hierarchy. MAC_SAP Routing, Forwarding, Key Management, Link Management… MLME_SAP MLME_SAP MAC Sublayer MAC Sublayer MLME MLME SME SME PHY_SAP MLME-PLME_SAP MLME-PLME_SAP PHY_SAP PLME_SAP PLCP+PMD PLME_SAP PLME PLCP+PMD PLME L. Chu et al.
Proposed MP Reference Model (Cont’d) • A mesh entity may include single-radio independent mesh enhancements: • MP routing, • Forwarding, • Key management etc. • A mesh STA may include single-radio related mesh enhancements: • Beaconing and synchronization, • Mesh power saving, • Congestion control, • MDA etc. MAC_SAP Mesh Entity (Routing, Forwarding, Key Management, Link Management…) MLME_SAP MLME_SAP MAC Sublayer MAC Sublayer MLME MLME SME SME PHY_SAP MLME-PLME_SAP MLME-PLME_SAP PHY_SAP PLME_SAP PLCP+PMD PLME_SAP PLME PLCP+PMD PLME L. Chu et al.
Possible 11s MIB Structure • Within the MIB, a “mesh area” is introduced where the correspondence between interfaces used by the mesh device and the particular mesh network used by the interface are kept. • The “mesh area” could facilitate access to the mesh security optimizations and the routing optimizations by doing their processing by mesh area instead of by interface. ieee802dot11 dot11SMT dot11mac dot11phy dot11PhyOperationTable dot11RegulatoryClassesTable dot11StationConfigTable dot11QoSCounterTable dot11PhyErpTable dot11OperationTable IfIndex0 IfIndexN IfIndex0 IfIndexN IfIndex0 dot11PhyOperationEntry dot11PhyOperationEntry IfIndexN dot11StationConfigEntry dot11StationConfigEntry dot11OperationEntry dot11OperationEntry dot11Res dot11Mesh dot11MeshMACTable dot11MeshAreaTable dot11RoutingTable dot11SecurityTable Indexing could be by mesh area or by interface IfIndex0 IfIndexN Area0 AreaN Area0 AreaN AreaN Area0 dot11MeshAreaEntry dot11MeshAreaEntry dot11MMACtEntry dot11MMACEntry dot11RoutingEntry dot11RoutingEntry dot11SecuriytEntry dot11SecurityEntry CongestCtl Mesh ID MDA Interface ID Table etc Power Saving L. Chu et al.
MP3,2 MP3,1 MP6,2 MP2,2 MP6,1 MP3 MP2,1 MP6 MP2 MP5,2 MP5,1 MP1,2 MP1,1 MP5 MP4,2 MP4,1 MP1 MP4 Mesh Area and Virtual Mesh Network • Mesh area can also be used to create multiple virtual mesh networks in a physical mesh network. • A physical radio implements multiple logical radios (logical MAC/PHY pairs). • Each virtual mesh network may use different routing protocols or the same routing protocol. • Each virtual mesh network may use different security protocols or the same security protocol with different key. • In each device, different MAC addresses are selected as the identifiers for different joining networks. Virtual Mesh Network 1 with green virtual link Virtual Mesh Network 2 with red virtual link L. Chu et al.
802.11s needs a new reference model to describe multiple-radio devices correctly. A mesh entity is added. Mesh area MIB should be added to support mesh security optimization and mesh routing optimization. Virtual mesh networks can be easily supported. The mesh MIB should be reorganized based on the baseline MIB style. Conclusion L. Chu et al.
Do you think 11s need to do more work on 11s architecture and MIB? Yes No Abstain Do you think this presentation sets a proper direction to address LB comments regarding 11s architecture and the 11s MIB? Yes No Abstain Straw Poll L. Chu et al.
Backup Slides L. Chu et al.
Mesh Security Optimization • The initial authentication should only be launched once when an MP join the mesh network, no matter how many radios it has. • Authentication credential is issued one MP device. • One PMK-MKD and one MKDK for an MP, shared by all the radios. • Different radio in the same MP should use different PTK. • Distribute keys for radios of the device through one time initial authentication procedure. • There should be one MPTK-KD between an MA and MKD. • The communication between MKD and MP is not tied to a peer link with MAC addresses. L. Chu et al.
Mesh Security Optimization (Cont’d) • Clarify two identifiers • MP-ID: the identifier of the MP. It could be one of the MAC addresses of the MP if it has more than one PHY, and it could not be changed once it determined. • MPA: the MAC address of the communicating radio module of the MP. • Three roles when MP doing authentication and key hierarchy, and different ID names to identify the roles which actually is ‘MP-ID’. • Amend the current security solution defined in D2.0 • Bind PMK-MKD ,MKDK and PMK-MA to SP-ID instead of SPA • MeshTopLevelKeyData = KDF-768(XXKey, “Mesh Key Derivation”,MeshID, MKD-NAS-ID, MKDD-ID, SPA SP-ID) • Only one MPTK-KD between an MA and MKD • The key is to protect the communication between the two node entities, not the link level • PTKs should bind with peer link MAC addresses • Rename the ‘MA-ID’ into ‘MAA’ (Mesh Authenticator Address), because the MAA has the same definition of ‘MA-ID’ in 802.11s D2.0 L. Chu et al.
IP Routing and Forwarding • There is one routing/forwarding which are on top of all interfaces. Routing TCP/UDP IP Forwarding LLC/MAC LLC/MAC PHY PHY L. Chu et al.
Bridging • There is one routing/forwarding for all interfaces. Higher Layer Entities (Spanning Tree Protocol Entity, Bridge Management etc.) LLC LLC MAC Relay Entity MAC MAC PHY PHY L. Chu et al.
Another Possible 11S MIB Structure ieee802dot11 dot11SMT dot11mac dot11phy dot11RegulatoryClassesTable dot11StationConfigTable dot11QoSCounterTable dot11PhyErpTable dot11OperationTable dot11PhyOperationTable IfIndex0 IfIndexN IfIndex0 IfIndex0 IfIndexN IfIndexN dot11StationConfigEntry dot11StationConfigEntry dot11OperationEntry dot11OperationEntry dot11PhyOperationEntry dot11PhyOperationEntry dot11Res dot11MeshAreaTable CongestCtl MDA Power Saving dot11RoutingTable dot11SecurityTable Area0 AreaN dot11MeshAreaEntry dot11MeshAreaEntry IfIndex0 IfIndex0 IfIndexN IfIndexN dot11RoutingEntry dot11RoutingEntry dot11SecuriytEntry dot11SecurityEntry Mesh LDevice ID Interface ID Table etc L. Chu et al.
References [1] IEEE Std 802.11TM – 2007 IEEE Standard for Information technology – Telecommunications and information exchange between systems – Local and metropolitan area networks – Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications [2] Donald E. Eastlake 3rd, IEEE-08-0493/32, “Letter Ballot 126 Comment Resolutions” [3] IEEE 802.1DTM – 2004 IEEE Standard for Local and metropolitan area networks Medium Access Control (MAC) Bridges [4] Changdong Fan et al. 11-08/317r6, “Authentication and key management of MP with multiple radios”. [5] Steve Emeott et al. 11-081448, “Selection of a Mesh Authentication Protocol” L. Chu et al.