address spaces) agenda - bell labs · dhcp/ mm coa ud o n mobile nat n y ha y o y ipv6-y sip n n n...

MobileNAT(Mobility across Heterogeneous

Address Spaces)

Presented by Kundan Singh(Columbia University)

Joint work with Milind Buddhikot,Adiseshu Hari and Scott Miller

AgendaMotivationArchitectureImplementationComparison with current approachesSummary

(26 slides, 60 min)

30-Aug-02 2

Current Trends

Explosive growth in connected devicesHeterogeneity• Access: 802.11, 3G,

Ethernet• Provider• Address space

IPv4 vs IPv6Public vs Private

802.11

3G

Private address

30-Aug-02 3

NATPublic Addr A

The goal

Private AddressSpace

Internet

NAT

802.11802.11 Ethernet

PDSN

NAT

RoutedIP Network

www.cnn.com

(1) (2)

(3)

(4)

(5)

Preserve session for1. inter access-point2. inter sub-net3. inter-NAT4. to 3G network5. to public network

Access-point

Router

Router with NAT


Address Spaces)




30-Aug-02 5

Problem with IP address

IP address overloaded• Host identification• Routing information

Change in IP address breaks TCP/socket connection

128.59.16.149

135.180.32.4

128.59.16.149135.180.32.480 1733

135.180.32.4128.59.16.1491733 80

TCP association

MN(mobile node)

CN (corresponding node)

135.180.54.7

135.180.54.7128.59.16.1491733 80

movesMN

30-Aug-02 6

Two addresses

Two IP addresses• Virtual IP (fixed host-id)• Actual IP (routable; changes)

128.59.16.149

135.180.32.6 A=135.180.54.7

128.59.16.149135.180.32.480 1733

135.180.32.4128.59.16.1491733 80

135.180.32.4128.59.16.1491733 80

moves

V=135.180.32.4

Actual IP

Virtual IP

MN MN

CN

ApplicationSocket

TCP/UDPIP

Addr “A”

Shim Layer

Addr “V”

Net IF

Anchor node (AN)

30-Aug-02 7

Packet forwarding mechanisms:tunneling or translation

Tunneling• Outer: CN=>A or HA=>A• Inner: CN=>V• Header overhead

128.59.16.149

A=135.180.54.7

moves

V=135.180.32.4

128.59.16.149

A=135.180.54.7

moves

V=135.180.32.4

128.59.16.149135.180.32.4

128.59.16.149135.180.32.4

128.59.16.149135.180.54.7

128.59.16.149135.180.32.4

128.59.16.149135.180.54.7

MN

CN

MN

CN

AN AN

Translation• More processing overhead• Not an issue if NAT1 is

already present

1NAT is described later

30-Aug-02 8

Address allocation using DHCP

Virtual and actual IP allocated using DHCPNew DHCP options• MN sends current virtual IP

address (or 0.0.0.0 if none) in the request

• Server sends the allocated actual and virtual IP addresses in the response

• Actual IP is allocated based on relay agent IP

10.0.1.5

10.0.1.x

DHCP server

DHCP relay agent

10.0.2.9

10.0.2.x

10.0.2.2

30-Aug-02 9

Overview of NA(P)T

NATPublic Addr135.180.32.1-7

Private Address Space(10.0.0.0-10.255.255.255)

Internet

128.59.16.149

CN

10.0.1.5

10.0.1.x 10.0.2.x

10.0.7.x

Packet processing rules need to be changed in the event of mobility

10.0.1.5128.59.16.1491756 80

135.180.32.4128.59.16.1497088 80

out

In-1

Packet processing rule

30-Aug-02 10

Mobility manager and MIDCOM

NAT

Internet

10.0.1.5

10.0.1.x 10.0.2.x

MIDCOM to control NAT rulesMobility manager IP in DHCP response

relay relay

relay

DHCP server

Mobility manager

Change of leaseNAT rules

30-Aug-02 11

Example

Address assignmentPacket flow when MN is private and CN is publicMN moves to a new subnetPacket flow after mobility to a new subnetPacket flow when MN and CN are in the same NAT domainPacket flow when MN is private and CN is public and MN moves to new NAT domain

30-Aug-02 12

Address assignment

NAT

Internet

DHCP server

DHCP request(my virtual IP = 0.0.0.0)(my Mac address)

DHCP response(your virtual IP = 10.128.0.2)(your actual IP = 10.0.1.5)

DHCP server

Mobility manager

NAT

30-Aug-02 13

Packet flow

NAT picks up an external IP and port

NAT

(1)

(2) (3)

135.180.32.4:708810.0.1.5:1756

CN

Internet

Application

Socket

TCP/UDP

IP

Addr “A”

SHIM LayerAddr “V”

Net IF

10.0.1.5:1756

10.128.0.2:1756

10.128.0.2128.59.16.1491756 80

10.0.1.5128.59.16.1491756 80

135.180.32.4128.59.16.1497088 80

128.59.16.14910.128.0.280 1756

128.59.16.14910.0.1.580 1756

128.59.16.149135.180.32.480 7088

Shim

Shim NAT

NAT

30-Aug-02 14

Inter-subnet mobility

NAT

CN

Internet

DHCP server

DHCP request(my virtual IP = 10.128.0.2)(my Mac address)

DHCP response(your virtual IP = 10.128.0.2)(your actual IP = 10.0.2.7)

DHCP server

Mobility manager

10.0.1.x

10.0.2.x

S:10.0.1.5:1756 D:128.59.16.149:80S:135.180.32.4:7088 D:same

change

10.0.2.7

NAT rules

30-Aug-02 15

Packet flow after the node moves

MN application or CN do not know about change in actual IP

NAT

(1)

(2)

(3)

135.180.32.4:708810.0.2.7:1756

CN

Internet

10.128.0.2128.59.16.1491756 80

Application

Socket

TCP/UDP

IP

Addr “A”

SHIM LayerAddr “V”

Net IF

10.0.2.7128.59.16.1491756 80

135.180.32.4128.59.16.1497088 80

128.59.16.14910.128.0.280 1756

128.59.16.14910.0.2.780 1756

128.59.16.149135.180.32.480 7088

Shim

Shim NAT

NAT

30-Aug-02 16

Intra-domain sessions

Optimization: new signaling message between two MobileNAT clients to route the packets directly

NAT

V=10.128.0.2A=10.0.1.5

A=10.0.4.9

MN

CN

V=10.128.0.2A=10.0.2.7

MNMoves

30-Aug-02 17

Inter-domain mobility

Mobility manager of visited NAT fetches the existing connection mapping from mobility manager of the home NATIf MN moves to public address space, Shim layer acts as visited NATDynamic home agent: use visited NAT as home NAT for new sessionTunneling between visited and home NAT

Home NATCN

Internet

Visited NAT

MN

MN

moves


Address Spaces)




30-Aug-02 19

Implementation: client (Win XP)

Shim-layer driver to capture DHCP packets and translate IP addressesMobileNAT client application acting as DHCP client and serverHandles ARP for nodes in other sub-nets

ApplicationSocket

TCP/UDPIP

Addr “A”

Shim LayerAddr “V”

Net IF

MobileNATClient

Server Client

10.128.0.2 /255.0.0.0

10.0.1.5 /255.255.255.0

MobileNATClient

MobileIP Client

Network and interface selector

DHCP server - client

Unified mobility client (on-going work)

30-Aug-02 20

Implementation: DHCP server and NAT (Linux)

DHCP server

PRE-ROUTINGDestination NAT

POST-ROUTINGSource NAT

NAT connectiontrackingVirtual IP range

Actual IP range

DHCP server to allocate virtual and actual IPActual IP is based on subnet of DHCP relay agentMM is integrated into DHCP serverNAT using netfilter, iptables, ip_conntrack and ip_natmodules


Address Spaces)




30-Aug-02 22

Similarities/Differences with current proposals

Translation mode vs. tunneling• Packet size vs processing overhead• Two addresses per MN; can afford since private addresses• No external FA needed

Signaling• Using DHCP (new options) and a per-domain Mobility Manager (MM)

Routing path• No change in routers or CN; but change in MN, NAT and DHCP server• Dynamic home agent (I.e., the NAT)

30-Aug-02 23

Comparison to existing schemes

Schemes considered in following chartMobile IP• Extensions: Location Register (MIP-LR), Route Optimization (MIP-RO)

Micro-mobility schemes Cellular IPHawaiiIntra-Domain Mobility Protocol (IDMP)Hierarchical Mobile IP (HMIP)

IPv6Application level mobility mechanism• SIP

Virtual NAT• Similar address translation in the client stack• Targeted for connection migration where both end-points implements vNAT

30-Aug-02 24

Comparison chart

N

IN

IN

N

Y

Y

Y

virtual

N

N

N

N

Virtual NAT

N

-

IN

-

Y

Y

Y

-

-

-

Y

-

MIP RO

N/YNNNYYYYYTriangular route

YY--YYYNYNon-mobile IP nodes

YINYINYYYYY1NAT supportNO--FAFAYYFARouter modify?YY-YYYYYYMN modify?

OO--YYNN-Intra-tunnel

N

DHCP/MM

CoA

UD

O

N

Mobile NAT

N

Y

HA

Y

O

Y

IPv6

-

Y

SIPN

N

N

SIP

Y

Y

-

-

N

-

MIP LR

NNNNNCN modify?

YYYDataYsignaling

LCoACoACoAHAHAHost ID

YYYYOPaging

YYYYYInter-tunnel

YYYNYMIP messaging

IDMP TeleMIP

HMIP (RR)

HawaiiCIPMIP

Y: yes N: no - :N/A O: optional IN:independent UD: Under Development1: We assume Mobile IP with UDP tunneling for NAT

30-Aug-02 25

Mobile NAT Advantages

Problems in existing approaches• Huge infrastructure change (CIP, IPv6, routers, even deploying FA)• Not much discussion on optimizing intra-domain sessions• Require tunneling overhead, inter, intra or both• Triangular routing• Modification in CN

MobileNAT approach• Addresses rapid growth in end-devices, which most likely will have private

addresses due to slow deployment of IPv6• Assume the presence of NA(P)T in a domain

Roaming and services across heterogeneous address spacesReduce problem space to only private address space

• Choice between tunneling and address translationAddresses bandwidth limitations of wireless links

• Use existing protocols (DHCP, ICMP) for signaling• Discourage changing routing infrastructure• Can co-exist with MobileIP

30-Aug-02 26

On-going work

Scalability:• Subdivide domains into smaller NAT-ed domains• Multiple NATs per domain

Security• DHCP authentication and Access-point authentication/encryption• Works with IP-sec (AH mode and UDP tunnel) and SSL

Paging: • Re-use of existing IP-multicast based paging

Possible deployment issues• Changing every MN driver (similar to Mobile IP)• Mobility to 3G network• Location information distribution• Allow incremental deployment

Other issues• Does not solve NAT problems where application layer message uses IP address

(FTP, SIP, RTSP)• Fast hand-off for micro-mobility• Intra-domain sessions on inter-domain mobility• Combined MobileIP and MobileNAT client

30-Aug-02 27

Summary

Main Ideas• Virtual IP for host identification; actual IP for routing• Address translation in client as well as in NAT• Existing protocols like DHCP for signaling• Mobility manager to handle nodes in a domain• NAT acts as a dynamic home agent • Inter-NAT packet flow for inter-domain mobility

No change in routers or no need for FA• Change In MN, NAT and DHCP server

Demonstrated a simple inter-subnet mobility

address spaces) agenda - bell labs · dhcp/ mm coa ud o n mobile nat n y ha y o y ipv6-y sip n n n...

Documents