430 likes | 589 Views
3G Packet Data Architecture -- An Overview --. Parviz Yegani June 17, 1999. Outline. TSG-P/TR-45.6 Overview Requirements Protocol Options Functional Architecture Logical Architecture Protocol Architecture IMT-2000 Logical Interfaces R-P Interface Requirements
E N D
3G Packet Data Architecture -- An Overview -- Parviz Yegani June 17, 1999
Outline • TSG-P/TR-45.6 Overview • Requirements • Protocol Options • Functional Architecture • Logical Architecture • Protocol Architecture • IMT-2000 Logical Interfaces • R-P Interface Requirements • R-P Interface Architecture Choices • Service Examples • Acronyms
TSG-P/TR-45.6 Overview • Scope: Define IMT-2000 network architectures to support packet data services. • TR45.6 formed in August 98 and chaired by Mark Munson (GTE). • TR45.6 work will eventually be handed over to TSG-P (formed in January 99) • Driven by CDMA community. • Deliverables: Architecture document by 2Q99. • Based on IETF protocols (e.g. Mobile IP).
Requirements • Access to public Internet or private networks from home IMT-2000 network. • Access to public Internet or private networks from visited IMT-2000 network. • Direct access without going through home IMT-2000 network. • Indirect access via home IMT-2000 network. • Support dynamic and static IP address configuration. • For Mobile IP, MS’s home address and home agent may be dynamically assigned. • Support public and private IP address configuration. • Support simultaneous IP addresses in the MS. • Provide Authentication Authorization Accounting (AAA) functions. • AAA functions for packet data services are indexed by NAI (e.g. yegani@ericsson.com).
Protocol Options - Simple IP • MS’s address is dynamically assigned by PDSN via IPCP. • Limited mobility within PDSN serving area. • When crossing PDSN boundary, MS’s address changes, affecting MS’s applications.
Protocol Options - Basic Mobile IP • Same as CDG’s Mobile IP Implementation Guideline (based on the current version of RFC 2002). • MS’s home address and HA are fixed. • Registration authentication is required between MS and HA. • If FA and HA are in different administrative domains, registration authentication is required between FA and HA. • A shared secret is needed for two entities to authenticate each other. Each shared secret is provisioned manually.
Protocol Options - Enhanced Mobile IP • Include new extensions (e.g. NAI Extension) in the next version of RFC 2002. • Use DIAMETER for AAA services. • Each MS has one shared secret with an AAA server. • Each mobility agent (FA or HA) has one shared secret with an AAA server. • AAA server of each different administrative domain has one shared secret with a broker AAA server. • This removes the problem of meshing shared secrets among mobility agents and MSs. • MS’s home address and HA may be dynamically assigned. • Charles Perkins and Pat Calhoun are leading this development effort in IETF.
IMT-2000 Reference Model(Public Internet Access with Simple IP)
IMT-2000 Logical Interfaces (1 of 3)(Public Internet Access for HA in the serving IMT-2000 network with Mobile IP)
IMT-2000 Logical Interfaces (2 of 3)(Public Internet Access for HA assigned in the serving IMT-2000 network with Mobile IP)
IMT-2000 Logical Interfaces (3 of 3)(Public Internet Access for External Network Access with Mobile IP)
R-P Interface Requirements(1 of 3) • RN-PDSN (R-P) uses a unique link layer ID for each session. • The PDSN maintains the association between the IP/NAI and the link ID. • The link ID should be such that it can easily be recovered after a handoff from an old RN to a new RN. • Handoff information from one RN to another is exchanged across this interface • No reachability information (e.g., whether mobile is dormant/active) is communicated across this interface. • The link layer association is maintained even when mobile is dormant. This facilitates reconnection when mobile comes out of dormancy. • The link protocol shall be able to efficiently transport the widely ranging data rates expected for 3G packet service. It should minimize any additional latency.
R-P Interface Requirements(2 of 3) • Congestion control and security mechanisms in the link protocol shall be optional. • ATM, frame relay, and tunneled IP networks are suitable link layer subnetworks for this interface. • Packet data accounting information is communicated over this interface. • The RN shall establish a link connection to initiate a packet data session. • The RN or PDSN may tear down a link connection to close down a packet data session. • The R-P interface in Version 1 shall be capable of transporting PPP frames, and shall identify the QoS of each PPP frame. The R-P interface in Version 1 applies to mobile access using a PPP data link layer.
R-P Interface Requirements(3 of 3) • The R-P interface in Version 2 shall be capable of transporting level 3 IP packets, and shall identify the QoS of each packet. The R-P interface in Version 2 applies to mobile access using a simplified data link layer. This requirement is under study • Note: PPP is supported over the R-P interface in Version 2.
Direct-Connect Architecture Advantages • Defines an interface between the PDSN and the BSC • Keeps most knowledge of the radio access network out of the PDSN • A simple solution that allows to progress work on the standards while solving the most common problem (PDSN to BSC connectivity) • This solution can be extended to address the Ax interface as needed • The solution minimizes new interfaces and elements • The solution does not penalize either large or small BS vendors. Disadvantages • A packet zone spans multiple BSCs which may cause data loss (location tracking is not done on at least BSC boundaries)
2-Tier Architecture Advantages • Defines an interface between the PCF (or Anchor BSC) and the BSC • Provides the ability to have small BSC systems and thus require the centralized PCF to cover multiple BSCS • Minimizes the signaling traffic caused by packet zone boundary crossing by allowing a single packet zone to span multiple BSCs
Service Examples • Simple IP • Example 1: Private network access from home IMT-2000 network. • Example 2: Public Internet access from visited IMT-2000 network. • Basic Mobile IP • Example 3: Public Internet access from home IMT-2000 network. • Example 4: Public Internet access from visited IMT-2000 network. • Enhanced Mobile IP • Example 5: Private network access from IMT-2000 network.
Example 1 - Private Network Access from Home Network via Simple IP • MS is assigned with an IP address from PDSN via IPCP. • MS may use Mobile IP collocated COA for private network access. • MS uses the IWF-assigned address as the collocated COA. • HA is in the private network. • Mobile-IP tunnel is between MS and HA. • MS may use end-to-end IP Security. • There is no Mobile-IP infrastructure in home IMT-2000 network. • MS may use L2TP for private network access. • MS uses the IWF-assigned address as the LAC address. • LNS is in the private network. • L2TP tunnel is between MS and LNS. • There is no L2TP infrastructure in home IM-2000 network. • MS may use other end-to-end VPN schemes (e.g. PPTP) for private network access.
Example 2 - Public Internet Access from Visited Network via Simple IP (1 of 2) • This is an example of ISP roaming, where the MS’s home ISP is an IMT-2000 network or a wire-line network. • MS requests packet data service in visited IMT-2000 network. • MS’s airlink access is authenticated via VLR/HLR. • MS initiates a PPP session with PDSN. • MS is authenticated by home ISP via CHAP and proxy RADIUS. • IWF sends a CHAP Challenge to MS. • MS replies a CHAP Response containing hashed secrets and NAI. • IWF forwards hashed secrets and NAI to visited RADIUS server. • Based on NAI, visited RADIUS server sends hashed secrets and NAI to home RADIUS server. • Home RADIUS server uses NAI to identify the user and authenticates the hashed secrets. • MS is assigned with an IP address from PDSN via IPCP.
Example 2 - Public Internet Access from Visited Network via Simple IP (2 of 2)
Example 3 - Public Internet Access from Home Network via Basic Mobile IP (1 of 2) • MS requests packet data service. • MS’s airlink access is authenticated via HLR. • MS initiates a PPP session with IWF. • MS performs Mobile-IP Agent Discovery. • MS receives Agent Advertisement from IWF/FA. • Agent Advertisement contains FA’s COA. • If FA’s COA is new, MS performs Mobile-IP Registration: • MS sends a Registration Request (home address, HA address, MS-HA authentication extension, etc.) to the FA. • FA forwards the Registration Request to HA. • HA authenticates the MS, binds MS’s home address to FA’s COA, and sends Registration Reply (lifetime, etc.) to the FA. • FA adds the MS to visitor list and forwards the Registration Reply to the MS. • MS authenticates the HA. • If FA’s COA is old, MS doesn’t perform Mobile-IP Registration.
Example 3 - Public Internet Access from Home Network via Basic Mobile IP (2 of 2)
Example 4 - Public Internet Access from Visited Network via Basic Mobile IP • If roaming agreement exists between home and visited IMT-2000 networks, MS may access to public Internet from visited IMT-2000 network via home IMT-2000 network. • HA is in home IMT-2000 network, because MS’s home address and HA are fixed. • FA is in visited IMT-2000 network. • FA-HA authentication is required. FA-HA shared secrets are manually provisioned. This is manageable if the FA-HA mesh is small and static. • Disadvantages: • The provision of FA-HA authentication will be unmanageable if the number of roaming agreements increases and FA-HA mesh becomes more dynamic. • Because MS’s HA is fixed, Basic Mobile IP does not allow MS to access to public Internet directly from visited IMT-2000 network without going through home IMT-2000 network.
Example 5 - Private Network Access via Enhanced Mobile IP (1 of 4)
Example 5 - Private Network Access via Enhanced Mobile IP (2 of 4) • MS • Receives Agent Advertisement from FA. • Sends Registration Request to FA. • Registration Request includes NAI, home address = 0, HA address = 0, hashed secret between MS and home AAA server, etc.. • FA • Sends AAA-MN-Request (AMR) to visited AAA server. • AMR includes Registration Request, hashed secret between FA and visited AAA server, etc.. • Visited AAA server • Authenticates the AMR. • Sends Proxy AMR to home AAA server, based on MS’s NAI. • Proxy AMR includes Registration Request, hashed secret between visited and home AAA servers, etc..
Example 5 - Private Network Access via Enhanced Mobile IP (3 of 4) • Home AAA server • Authenticates the Proxy AMR • Authenticates the Registration Request. • Assigns a HA to the MS, because MS’s HA address is zero. • Sends Home-Agent-Request (HAR) to the chosen HA. • HAR includes Registration Request, hashed secret between home AAA server and HA, etc.. • HA • Authenticates the HAR. • Assigns a home address to the MS, because MS’s home address is zero. The home address is included in the Registration Reply. • Binds the MS’s home address to the FA’s COA. • Sends Home-Agent-Answer (HAA) to home AAA server. • HAA includes Registration Reply, hashed secret between HA and home AAA server, etc..
Example 5 - Private Network Access via Enhanced Mobile IP (4 of 4) • Home AAA server • Authenticates the HAA. • Include the hashed secret between Home AAA server and MS in the Registration Reply. • Sends AAA-MN-Answer (AMA) to visited AAA server. • AMA includes Registration Reply, hashed secret between home and visited AAA servers, etc.. • Visited AAA server • Authenticates the AMA. • Sends Proxy AMA to FA. • Proxy AMA includes Registration Reply, hashed secret between visited AAA server and FA, etc.. • FA • Authenticates the Proxy AMA. • Adds the MS to the visitor list. • Sends Registration Reply to the MS. • MS authenticates the Registration Reply.
Acronyms (1 of 2) • AAA Authentication Authorization Accounting • AMA AAA-MN-Answer • AMR AAA-MN-Request • CDG CDMA Development Group • CHAP Challenge Handshake Authentication Protocol • COA Care-Of Address • FA Foreign Agent • HA Home Agent • HAA Home Agent Answer • HAR Home Agent Request • HLR Home Location Register • IETF Internet Engineering Task Force • IPCP Internet Protocol Control Protocol • ISP Internet Service Provider • IWF Inter-Working Function
Acronyms (2 of 2) • L2TP Level-2 Tunneling Protocol • LAC L2TP Access Concentrator • LCP Link Control Protocol • LMF Location Management Function • LNS L2TP Network Server • MS Mobile Station • NAI Network Address Identifier • PCF Packet Control Function • PDSN Packet Data Service Node • PPP Point-to-Point Protocol • PPTP Point-to-Point Tunneling Protocol • PRF Packet Routing Function • RADIUS Remote Authentication Dial-In User Service • VPN Virtual Private Network • VLR Visited Location Register