Date post: | 05-Jan-2016 |
Category: |
Documents |
Upload: | philomena-pitts |
View: | 213 times |
Download: | 1 times |
A policy-based per-flow mobility management system
design
M. Kantor, G. Ormazabal, R. State, T. Engel
IPTComm 2015, 6th October 2015, Chicago
• Motivation
• Network architecture
• OpenFlow-enabled Multi-Mode Terminal mobile device (OF-MMT) architecture
• Per-flow mobility management architecture
• Policy engine logic architecture
• End-to-end network connectivity
• Conclusions
Agenda
• Mobile devices
– support a variety of network interfaces (Wi-Fi, 3G, WiMAX, LTE, ...)
– connect to several networks at the same time
• Diverse and heterogeneous network connectivity
– increase reliability and performance, using the links
• sequentially
• in parallel
– schedule intelligently applications
• smart selection of network access
• best user experience while consuming network services
Motivation (1)
Seamless handover!
• Seamless handover requirements
– routing / rerouting
– reconfiguration
– location management
– address management
– session identification
– session migration
– smart selection of network access
Network Function Virtualization (NFV) + Software Defined Networking (SDN)
Motivation (2)
Network Architecture
OF-MMT Architecture
OF-MMT’s Open vSwitch Architecture
Per-flow Mobility Management Architecture
Policy Engine Logic Architecture
• SDN network attachment • SDN network connectivity management• Host-based mobility - tunnel establishment• Per-application flow table• Data transfer
End-to-end Network Connectivity
• Detection of a mobile device attachment
– Based on mobile device's physical interface MAC address
– OF-enabled switch SDN domain controller: Packet-in message
• SDN device access control
– Authentication request: SDN Flow Manager candidate network SDN domain controller
– Security Manager MAC layer credential data
• Network authentication and IP address assignment
– Local SDN controller DHCP request IP address for physical mobile device interface
– Before assigning IP address interception for network authentication procedure
– Security Manager IP layer credential data
• Binding cache entry created at candidate network SDN domain controller
– Mobile device’s physical interface routable IP address
– Mobile device's physical interface MAC address
– First-hop OF-enabled switch’ s identifier
– Binding entry lifetime
• Binding cache entry forwarded to the MCN
SDN Network Attachment
Host-based Mobility – Tunnel Establishment• Virtual IP address assigned to VMI virtual interface
– Identifies the mobile device's VMI at the CN
– Remains constant independently of any IP readdressing of the mobile device's physical interfaces
• Tunneling mechanisms used to encapsulate VMI's applications generated packets
– Mapping virtual IP address to physical IP address
– Virtual IP address used as a source IP address
– Mobile device's physical interface IP stack hidden to the VMI's applications
– Tunnel-flow association
Applied overlay tunneling approach full decoupling of the real mobile device physical interfaces and the VMIs virtual interfaces
• Flow handover decision: PE Flow Manager SDN Flow Manager
• SDN Flow Manager tasks
– Selection of the physical tunnel
– Binding creation between the flow identifier FID and the tunnel identifier TID
– Creation and management of per-application flow entry in flow table
Per-application Flow Table
Flows switched seamlessly
between different physical access transport networks
without affecting any active TCP sessions
sourced by VMI's applications!
• Routable IP address assigned to physical interface
– IP address from mobile device’s network of the initial attachment (home domain)
• Several collaborating SDN domains
– at least one SDN domain controller per SDN domain
– network path between mobile devices SDN domain controller(s)
– communication between SDN domain controllers through east/westbound interface
– SDN domain controller no location information outside of its own controlled domain
• Mobility Control Node (MCN)
– keeps the current location information of mobile devices
– randevouz point when both mobile devices are moving concurrently
– supports inter-domain path computation between OF-MMT and CN
• Inter-domain route distribution
– traditional routing protocols, BGP and OSPF, may be leveraged and extended
SDN Network Connectivity Management
• Forwarding of flow packets in mobile device
– realized by the Open vSwitch kernel module
– follows the installed flow entry
– packets encapsulated in the selected tunnel
– sent through mobile device's physical interface towards the corresponding VMI in CN
• Forwarding of flow packets in the network
– packets transmitted through the network path
Data Transfer
• Context-aware per-flow mobility-enabled architecture involving novel network tools afforded by SDN/NFV technology
• SDN architecture complemented with a control middleware abstracting networking complexity, and providing a policy-based decision making system
• Policies taking into account context information, providing granular network access control, on a per-application basis
• Provisioning of mobility capabilities by using physical to virtual address encapsulation (tunneling)
– Mobility execution by a simple flow table entry update
• Proposed approach providing user and mobile device independence, from network and access technologies
Conclusions
Thank you!
Flowchart
General Open vSwitch Architecture