| RFC 8885 | PMIPv6 DMM and DLIF | October 2020 |
| Bernardos, et al. | Experimental | [Page] |
Distributed Mobility Management solutions allow networks to be set upin such a way thattraffic is distributed optimally and centrallydeployed anchors are not relied upon to provide IP mobility support.¶
There are many different approaches to address Distributed Mobility Management-- for example, extending network-based mobility protocols (like Proxy MobileIPv6) or client-based mobility protocols (like Mobile IPv6), among others. Thisdocument follows the former approach and proposes a solution based on ProxyMobile IPv6, in which mobility sessions are anchored at the last IP hop router(called the mobility anchor and access router). The mobility anchor and accessrouter is an enhanced access router that is also able to operate as a localmobility anchor or mobility access gateway on a per-prefix basis. The documentfocuses on the required extensions to effectively support the simultaneousanchoring several flows at different distributed gateways.¶
This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation.¶
This document defines an Experimental Protocol for the Internet community. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are candidates for any level of Internet Standard; see Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained athttps://www.rfc-editor.org/info/rfc8885.¶
Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
The Distributed Mobility Management (DMM) paradigm aims at minimizing the impactof currently standardized mobility management solutions, which are centralized(at least to a considerable extent)[RFC7333].¶
The two most relevant examples of current IP mobility solutions are MobileIPv6[RFC6275] and Proxy Mobile IPv6 (PMIPv6)[RFC5213]. These solutions offermobility support at the cost of handling operations at a cardinal point (i.e.,themobility anchor) and burdening it with data forwarding and controlmechanisms for a large number of users. The mobility anchor is the home agentfor Mobile IPv6 and the local mobility anchor for PMIPv6. As stated in[RFC7333], centralized mobility solutions are prone to severalproblems and limitations: longer (sub-optimal) routing paths, scalabilityproblems, signaling overhead (and most likely a longer associated handoverlatency), more complex network deployment, higher vulnerability due to theexistence of a potential single point of failure, and lack of granularity of themobility management service (i.e., mobility is offered on a per-node basisbecause it is not possible to define finer granularity policies, for example,on a per-application basis).¶
The purpose of DMM is to overcome the limitations ofthe traditional centralized mobility management[RFC7333][RFC7429]; the main concept behind DMM solutions is indeed bringingthe mobility anchor closer to the mobile node (MN). Following this idea, thecentral anchor is moved to the edge of the network and is deployed in thedefault gateway of the MN. That is, the first elements that provide IPconnectivity to a set of MNs are also the mobility managers for those MNs. Inthis document, we call these entities Mobility Anchors and Access Routers(MAARs).¶
This document focuses on network-based DMM; hence, the starting point is makingPMIPv6 work in a distributed manner[RFC7429]. Mobility ishandled by the network without the MN's involvement. But differently fromPMIPv6, when the MN moves from one access network to another, the routeranchoring the MN's address may change, hence requiring signaling between the anchors to retrieve theMN's previous location(s). Also, a key aspect of network-based DMM is that aprefix pool belongs exclusively to each MAAR in the sense that those prefixesare assigned by the MAAR to the MNs attached to it and are routable atthat MAAR. Prefixes are assigned to MNs attached to a MAAR at that time, but remainwith those MNs as mobility occurs, remaining always routable at that MAAR aswell as towards the MN itself.¶
We consider partially distributed schemes, where only the data plane isdistributed among access routers similar to mobile access gateways (MAGs), whereas the control plane iskept centralized towards a cardinal node (used as an information store), whichis discharged from any route management and MN's data forwarding tasks.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14[RFC2119][RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The following terms used in this document are defined in the PMIPv6specification[RFC5213]:¶
The following terms used in this document are defined in the Mobile IPv6(MIPv6) specification[RFC6275]:¶
The following terms are used in this document:¶
The following terms are defined and used in this document:¶
The solution consists of decoupling the entities that participate in the dataand the control planes: the data plane becomes distributed and managed by theMAARs near the edge of the network, while the control plane, besides those onthe MAARs, relies on a central entity called the Central Mobility Database (CMD). Inthe proposed architecture, the hierarchy present in PMIPv6 between LMA and MAGis preserved but with the following substantial variations:¶
The MAARs leverage the CMD to access and update information related to the MNs,which is stored as mobility sessions; hence, a centralized node maintains a global viewof the network status. The CMD is queried whenever an MN is detected joining/leaving the mobility domain. It might be a fresh attachment, a detachment, ora handover, but as MAARs are not aware of past information related to a mobilitysession, they contact the CMD to retrieve the data of interest and eventuallytake the appropriate action. The procedure adopted for the query and themessage exchange sequence might vary to optimize the update latency and/or thesignaling overhead. Here, one method for the initial registration and three different approaches for updating the mobility sessions using PBUs andPBAs are presented. Each approach assigns a different role to the CMD:¶
The solution described in this document allows per-prefix anchoringdecisions -- for example, to support the anchoring of some flows at a central Home-DPA(like a traditional LMA) or to enable an application to switch to the locallyanchored prefix to gain route optimization, as indicated in[RFC8563]. This type of per-prefix treatment would potentially requireadditional extensions to the MAARs and signaling between the MAARs and the MNsto convey the per-flow anchor preference (central, distributed), which are notcovered in this document.¶
Note that an MN may move across different MAARs, which might result in severalP-MAARs existing at a given moment of time, each of them anchoring a differentprefix used by the MN.¶
Initial registration is performed when an MN attaches to a network for the firsttime (rather than attaching to a new network after moving from a previous one).¶
In this description (shown inFigure 1), it is assumed that:¶
Upon MN attachment, the following operations take place:¶
Note that:¶
In the diagram shown inFigure 1 (and subsequent diagrams),the flow of packets is presented using '*'.¶
+-----+ +---+ +--+ |MAAR1| |CMD| |CN| +-----+ +---+ +*-+ | | * MN | * +---+ attach. | ***** _|CMD|_detection | flow1 * / +-+-+ \ | | * / | \ local BCE | * / | \ allocation | * / | \ |--- PBU -->| +---*-+-' +--+--+ `+-----+ | BCE | * | | | | | | creation |MAAR1+------+MAAR2+-----+MAAR3| |<-- PBA ---| | * | | | | | local BCE | +---*-+ +-----+ +-----+ finalized | * | | Pref1 * | | +*-+ | | |MN| | | +--+ Operations sequence Packet flow
Note that the registration process does not change regardless of the CMD's modes(relay, locator, or proxy) described in the following sections. The procedure is depicted inFigure 1.¶
Upon MN mobility, if the CMD behaves as a PBU/PBA relay, the following operations take place:¶
+-----+ +---+ +-----+ +--+ +--+|MAAR1| |CMD| |MAAR2| |CN| |CN|+-----+ +---+ +-----+ +*-+ +*-+ | | | * * | | MN * +---+ * | | attach. ***** _|CMD|_ * | | det. flow1 * / +-+-+ \ *flow2 | |<-- PBU ---| * / | \ * | BCE | * / | ******* | check+ | * / | * \ | update | +---*-+-' +--+-*+ `+-----+ |<-- PBU*---| | | * | | *| | |route | | |MAAR1|______|MAAR2+-----+MAAR3|update | | | **(______)** *| | | |--- PBA*-->| | +-----+ +-*--*+ +-----+ | BCE | * * | update | Pref1 * *Pref2 | |--- PBA*-->| +*--*+ | | route ---move-->|*MN*| | | update +----+ Operations sequence Data Packet flowPBU/PBA messages with * contain a new mobility option
For MN's next movements, the process is repeated, but the number of P-MAARsinvolved increases (according to the number of prefixes that the MN wishes tomaintain). Indeed, once the CMD receives the first PBU from the new S-MAAR, itforwards copies of the PBU to all the P-MAARs indicated in the BCE, namely theP-MAAR registered as the current P-CoA (i.e., the MAAR prior to handover) plus the onesin the P-MAAR list. Those P-MAARs reply with a PBA to the CMD, whichaggregates all of the PBAs into one PBA to notify the S-MAAR, which finally can establish the tunnelswith the P-MAARs.¶
It should be noted that this design separates the mobility management at theprefix granularity, and it can be tuned in order to erase old mobility sessionswhen not required, while the MN is reachable through the latest prefix acquired.Moreover, the latency associated with the mobility update is bound to the PBA sentby the furthest P-MAAR, in terms of RTT, that takes the longest time to reachthe CMD. The drawback can be mitigated by introducing a timeout at the CMD, bywhich, after its expiration, all the PBAs so far collected are transmitted, andthe remaining are sent later upon their arrival. Note that, in this case, theS-MAAR might receive multiple PBAs from the CMD in response to a PBU. The CMDSHOULD follow the retransmissions and rate-limiting considerations described inSection 3.6, especially when aggregating and relayingPBAs.¶
When there are multiple P-MAARs, e.g., k MAARs, a single PBU received bythe CMD triggers k outgoing packets from a single incoming packet. This may leadto packet bursts originating from the CMD, albeit to different targets. PacingmechanismsMUST be introduced to avoid bursts on the outgoing link.¶
The handover latency experienced in the approach shown before can be reduced ifthe P-MAARs are allowed to directly signal their information to the new S-MAAR.This procedure reflects what was described inSection 3.2 upto the moment the P-MAAR receives the PBU with the Serving MAAR option. At that point,a P-MAAR is aware of the new MN's location (because of the S-MAAR's address inthe Serving MAAR option), and, besides sending a PBA to the CMD, it also sends a PBAto the S-MAAR, including the prefix it is anchoring. This latter PBA does notneed to include new options, as the prefix is embedded in the HomeNetwork Prefix (HNP) option and theP-MAAR's address is taken from the message's source address. The CMD isreleased from forwarding the PBA to the S-MAAR as the latter receives a copy directlyfrom the P-MAAR with the necessary information to build the tunnels and set theappropriate routes.Figure 3 illustrates the new messagesequence. The data forwarding is unaltered.¶
+-----+ +---+ +-----+ +--+ +--+|MAAR1| |CMD| |MAAR2| |CN| |CN|+-----+ +---+ +-----+ +*-+ +*-+ | | | * * | | MN * +---+ * | | attach. ***** _|CMD|_ * | | det. flow1 * / +-+-+ \ *flow2 | |<-- PBU ---| * / | \ * | BCE | * / | ******* | check+ | * / | * \ | update | +---*-+-' +--+-*+ `+-----+ |<-- PBU*---| | | * | | *| | |route | | |MAAR1|______|MAAR2+-----+MAAR3|update | | | **(______)** *| | | |--------- PBA -------->| +-----+ +-*--*+ +-----+ |--- PBA*-->| route * * | BCE update Pref1 * *Pref2 | update | +*--*+ | | | ---move-->|*MN*| | | | +----+ Operations sequence Data Packet flowPBU/PBA messages with * contain a new mobility option
A further enhancement of previous solutions can be achieved when the CMD sendsthe PBA to the new S-MAAR before notifying the P-MAARs of the location change.Indeed, when the CMD receives the PBU for the new registration, it is already inpossession of all the information that the new S-MAAR requires to set up thetunnels and the routes. Thus, the PBA is sent to the S-MAAR immediately after aPBU is received, including the Previous MAAR option in this case. In parallel, aPBU is sent by the CMD to the P-MAARs containing the Serving MAAR option to notifythem about the new MN's location so that they receive the information to establishthe tunnels and routes on their side. When P-MAARs complete the update, theysend a PBA to the CMD to indicate that the operation has concluded and theinformation is updated in all network nodes. This procedure is obtained fromthe first procedure rearranging the order of the messages, but the parameterscommunicated are the same. This scheme is depicted inFigure 4, where, again, the data forwarding is kept untouched.¶
+-----+ +---+ +-----+ +--+ +--+|MAAR1| |CMD| |MAAR2| |CN| |CN|+-----+ +---+ +-----+ +*-+ +*-+ | | | * * | | MN * +---+ * | | attach. ***** _|CMD|_ * | | det. flow1 * / +-+-+ \ *flow2 | |<-- PBU ---| * / | \ * | BCE | * / | ******* | check+ | * / | * \ | update | +---*-+-' +--+-*+ `+-----+ |<-- PBU*---x--- PBA*-->| | * | | *| | |route | route |MAAR1|______|MAAR2+-----+MAAR3|update | update | **(______)** *| | | |--- PBA*-->| | +-----+ +-*--*+ +-----+ | BCE | * * | update | Pref1 * *Pref2 | | | +*--*+ | | | ---move-->|*MN*| | | | +----+ Operations sequence Data Packet flowPBU/PBA messages with * contain a new mobility option
The de-registration mechanism devised for PMIPv6 cannot be used as is in thissolution because each MAAR handles an independent mobilitysession (i.e., a single prefix or a set of prefixes) for a given MN, whereas theaggregated session is stored at the CMD. Indeed, if a P-MAAR initiatesa de-registration procedure because the MN is no longer present on the MAAR'saccess link, it removes the routing state for the prefix(es), thatwould be deleted by the CMD as well, hence defeating any prefix continuityattempt. The simplest approach to overcome this limitation is to deny a P-MAARto de-register a prefix, that is, allowing only an S-MAAR to de-registerthe whole MN session. This can be achieved by first removing any L2detachment event so that de-registration is triggered only when the bindinglifetime expires, hence providing a guard interval for the MN to connect to anew MAAR. Then, a change in the MAAR operations is required, and at this stage,two possible solutions can be deployed:¶
The node sending PBUs (the CMD or S-MAAR)SHOULD make use ofthe timeout to also deal with missing PBAs (to retransmit PBUs). TheINITIAL_BINDACK_TIMEOUT[RFC6275]SHOULD be used for configuringthe retransmission timer. The retransmissions by the nodeMUST use anexponential backoff process in which the timeout period is doubled upon eachretransmission until either the node receives a response or the timeout periodreaches the value MAX_BINDACK_TIMEOUT[RFC6275]. The nodeMAYcontinue to send these messages at this slower rate indefinitely. The nodeMUST NOT send PBU messages to a particular node more than MAX_UPDATE_RATE timeswithin a second[RFC6275].¶
One of the main challenges of a network-based DMM solution is how to allow aMN to simultaneously send/receive traffic that is anchored atdifferent MAARs and how to influence the MN's selection process of itssource IPv6 address for a new flow without requiring special support from theMN's IP stack. This document defines the DLIF, which is a software construct in the MAAR that can easily hidethe change of associated anchors from the MN.¶
+---------------------------------------------------+ ( Operator's ) ( core ) +---------------------------------------------------+ | | +---------------+ tunnel +---------------+ | IP stack |===============| IP stack | +---------------+ +-------+-------+ | mn1mar1 |--+ (DLIFs) +--|mn1mar1|mn1mar2|--+ +---------------+ | | +-------+-------+ | | phy interface | | | | phy interface | | +---------------+ | | +---------------+ | MAAR1 (o) (o) MAAR2 (o) x x x x prefA::/64 x x prefB::/64 (AdvPrefLft=0) x x (o) | +-----+ prefA::MN1 | MN1 | prefB::MN1 (deprecated) +-----+
The basic idea of the DLIF concept is the following: each S-MAAR exposesitself to a given MN as multiple routers, one per P-MAARassociated with the MN. Let's consider the example shown inFigure 5: MN1 initially attaches to MAAR1,configuring an IPv6 address (prefA::MN1) from a prefix locally anchored at MAAR1(prefA::/64). At this stage, MAAR1 plays the role of both anchoring and servingMAAR and also behaves as a plain IPv6 access router. MAAR1 creates a DLIF to communicate (through a point-to-point link) with MN1, exposing itselfas a (logical) router with specific MAC and IPv6addresses (e.g., prefA::MAAR1/64 and fe80::MAAR1/64) using the DLIFmn1mar1. As explained below, these addresses represent the "logical" identity ofMAAR1 for MN1 and will "follow" the MN while roaming within thedomain (note that the place where all this information is maintained and updatedis out of scope of this document; potential examples are to keep it on the homesubscriber server -- HSS -- or the user's profile).¶
If MN1 moves and attaches to a different MAAR of the domain (MAAR2 in theexample ofFigure 5), this MAAR willcreate a new logical interface (mn1mar2) to expose itself to MN1, providingit with a locally anchored prefix (prefB::/64). In this case, since the MN1 hasanother active IPv6 address anchored at MAAR1, MAAR2 also needs to create anadditional logical interface configured to resemble the one used by MAAR1 tocommunicate with MN1. In this example, MAAR1 is the only P-MAAR (MAAR2 is thesame as S-MAAR), so only the logical interface mn1mar1is created. However, the same process would be repeated if moreP-MAARs were involved. In order to keep the prefix anchored at MAAR1 reachable, atunnel between MAAR1 and MAAR2 is established and the routing is modifiedaccordingly. The PBU/PBA signaling is used to set up the bidirectional tunnelbetween MAAR1 and MAAR2, and it might also be used to convey theinformation about the prefix(es) anchored at MAAR1 and the addresses ofthe associated DLIF (i.e., mn1mar1) to MAAR2.¶
+------------------------------------------+ +----------------------+| MAAR1 | | MAAR2 ||+----------------------------------------+| |+--------------------+|||+------------------++------------------+|| ||+------------------+|||||+-------++-------+||+-------++-------+||| |||+-------++-------+|||||||mn3mar1||mn3mar2||||mn2mar1||mn2mar2|||| ||||mn1mar1||mn1mar2|||||||| LMAC1 || LMAC2 |||| LMAC3 || LMAC4 |||| |||| LMAC5 || LMAC6 |||||||+-------++-------+||+-------++-------+||| |||+-------++-------+|||||| LIFs of MN3 || LIFs of MN2 ||| ||| LIFs of MN1 |||||+------------------++------------------+|| ||+------------------+|||| MAC1 (phy if MAAR1) || || MAC2 (phy if MAAR2)|||+----------------------------------------+| |+--------------------+|+------------------------------------------+ +----------------------+ x x x x x x (o) (o) (o) | | | +--+--+ +--+--+ +--+--+ | MN3 | | MN2 | | MN1 | +-----+ +-----+ +-----+
Figure 6 shows the logical interface concept in moredetail. The figure shows two MAARs and three MNs. MAAR1 is currently serving MN2and MN3, while MAAR2 is serving MN1. Note that an S-MAAR always plays therole of anchoring MAAR for the attached (served) MNs. Each MAAR has one singlephysical wireless interface as depicted in this example.¶
As discussed before, each MN always "sees" multiple logical routers -- one peranchoring MAAR -- independently of its currently S-MAAR. From the point ofview of the MN, these MAARs are portrayed as different routers, although the MNis physically attached to a single interface. This is achieved bythe S-MAAR configuring different logical interfaces. MN1 is currently attached to MAAR2 (i.e., MAAR2 is its S-MAAR) and, therefore,it has configured an IPv6 address from MAAR2's pool (e.g., prefB::/64). MAAR2has set up a logical interface (mn1mar2) on top of its wireless physicalinterface (phy if MAAR2), which is used to serve MN1. This interface has alogical MAC address (LMAC6) that is different from the hardware MAC address (MAC2) ofthe physical interface of MAAR2. Over the mn1mar2 interface, MAAR2 advertisesits locally anchored prefix prefB::/64. Before attaching to MAAR2, MN1 wasattached to MAAR1 and configured a locally anchored address at that MAAR,which is still being used by MN1 in active communications. MN1 keeps "seeing" aninterface connecting to MAAR1 as if it were directly connected to the twoMAARs. This is achieved by the S-MAAR (MAAR2) configuring an additionalDLIF, mn1mar1, which behaves as the logical interfaceconfigured by MAAR1 when MN1 was attached to it. This means that both the MACand IPv6 addresses configured on this logical interface remain the sameregardless of the physical MAAR that is serving the MN. The informationrequired by an S-MAAR to properly configure this logical interfaces can beobtained in different ways: as part of the information conveyed in the PBA, froman external database (e.g., the HSS) or by other means. As shown in the figure,each MAAR may have several logical interfaces associated with each attached MNand always has at least one (since an S-MAAR is also an anchoring MAAR forthe attached MN).¶
In order to enforce the use of the prefix locally anchored at the S-MAAR,the RAs sent over those logical interfaces playing the role ofanchoring MAARs (different from the serving one) include a zero preferred prefixlifetime (and a non-zero valid prefix lifetime, so the prefix remains validwhile being deprecated). The goal is to deprecate the prefixes delegated bythese MAARs (so that they will no longer be serving the MN). Note that ongoingcommunications may keep on using those addresses even if they are deprecated,so this only affects the establishment of new sessions.¶
The DLIF concept also enables the following use case:suppose that access to a local IP network is provided by a given MAAR (e.g.,MAAR1 in the example shown inFigure 5)and that the resources available at that network cannot be reached from outsidethe local network (e.g., cannot be accessed by an MN attached to MAAR2). This issimilar to the local IP access scenario considered by 3GPP, where a localgateway node is selected for sessions requiring access to services providedlocally (instead of going through a central gateway). The goal is to allow an MNto be able to roam while still being able to have connectivity to this local IPnetwork. The solution adopted to support this case makes use of more specificroutes, as discussed in RFC 4191[RFC4191], when the MN moves to a MAAR differentfrom the one providing access to the local IP network (MAAR1 in theexample).These routes are advertised through the DLIF wherethe MAAR is providing access to the local network (MAAR1 in thisexample). In this way, if MN1 moves from MAAR1 to MAAR2, any active session thatMN1 may have with a node on the local network connected to MAAR1 will survivevia the tunnel between MAAR1 and MAAR2. Also, any potential future connectionattempt to the local network will be supported even though MN1 is nolonger attached to MAAR1, so long as a source address configured from MAAR1 isselected for new connections (see[RFC6724], rule 5.5).¶
This section defines extensions to the PMIPv6[RFC5213] protocol messages.¶
A new flag (D) is included in the PBU to indicate that thePBU is coming from a MAAR or a CMD and not from a MAG. The rest of the PBU format remains the same as definedin[RFC5213].¶
0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence # |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+|A|H|L|K|M|R|P|F|T|B|S|D| Rsrvd | Lifetime |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |. .. Mobility Options .. .| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
A new flag (D) is included in the PBA to indicate thatthe sender supports operating as a MAAR or CMD. The rest of the PBA format remains the same as defined in[RFC5213].¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Status |K|R|P|T|B|S|D| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Sequence # | Lifetime |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |. .. Mobility Options .. .| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
A new Anchored Prefix option is defined for use with the PBU and PBA messages exchanged between MAARs and CMDs.Therefore, this option can only appear if the D bit is set in a PBU/PBA. Thisoption is used for exchanging the MN's prefix anchored at the anchoringMAAR. There can be multiple Anchored Prefix options present in the message.¶
The Anchored Prefix option has an alignment requirement of 8n+4. Its format isas follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Type | Length | Reserved | Prefix Length |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ Anchored Prefix +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
A new Local Prefix option is defined for use with the PBU and PBA messages exchanged between MAARs or between a MAARand a CMD. Therefore, this option can only appear if the D bit is set in aPBU/PBA. This option is used for exchanging a prefix of a local network that isonly reachable via the anchoring MAAR. There can be multiple Local Prefixoptions present in the message.¶
The Local Prefix option has an alignment requirement of 8n+4. Its format isas follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Type | Length | Reserved | Prefix Length |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ Local Prefix +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
This new option is defined for use with the PBA messages exchanged by the CMD to a MAAR. This option is used to notify theS-MAAR about the P-MAAR's global address and the prefix anchored to it.There can be multiple Previous MAAR options present in the message.¶
The Previous MAAR option has an alignment requirement of 8n+4. Its format isas follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Type | Length | Reserved | Prefix Length |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ Previous MAAR +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ Home Network Prefix +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
This new option is defined for use with the PBU messageexchanged between the CMD and a P-MAAR. This option is used to notify theP-MAAR about the current S-MAAR's global address. Its format is asfollows:¶
The Serving MAAR option has an alignment requirement of 8n+6. Its format is asfollows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ S-MAAR's Address +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
A new DLIF Link-Local Address option is defined for use with the PBA message exchanged between MAARs and between a MAAR and a CMD.This option is used for exchanging the link-local address of the DLIF to beconfigured on the S-MAAR so it resembles the DLIF configured on theP-MAAR.¶
The DLIF Link-Local Address option has an alignment requirement of 8n+6. Itsformat is as follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ +| |+ DLIF Link-Local Address +| |+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
A new DLIF Link-Layer Address option is defined for use with the PBA message exchanged between MAARs and between a MAAR and a CMD. Thisoption is used for exchanging the link-layer address of the DLIF to beconfigured on the S-MAAR so it resembles the DLIF configured on theP-MAAR.¶
The format of the DLIF Link-Layer Address option is shown below. Based on thesize of the address, the optionMUST be aligned appropriately,as per the mobilityoption alignment requirements specified in[RFC6275].¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Type | Length | Reserved |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |+ DLIF Link-Layer Address +. ... .| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
A variable length field containing the link-layer address of the logicalinterface to be configured on the S-MAAR.¶
The content and format of this field (including octet and bit ordering) is asspecified inSection 4.6 of [RFC4861] for carrying link-layeraddresses. On certain access links where the link-layer address is not used orcannot be determined, this option cannot be used.¶
This document defines six new mobility options: Anchored Prefix, Local Prefix,Previous MAAR, Serving MAAR, DLIFLink-Local Address, and DLIF Link-Layer Address. IANA has assigned Type valuesfor these options from the same numbering space asallocated for the other mobility options in the "Mobility Options" registrydefined inhttp://www.iana.org/assignments/mobility-parameters.¶
This document reserves a new flag (D) with a value of 0x0010 in the "Binding Update Flags"registry and a newflag (D) with a value of 0x02 in the "Binding Acknowledgment Flags" of the "Mobile IPv6 parameters"registry (http://www.iana.org/assignments/mobility-parameters).¶
The protocol extensions defined in this document share the same securityconcerns of PMIPv6[RFC5213]. It is recommended thatthe signaling messages, PBU and PBA,exchanged between the MAARs be protected using IPsec, specifically by using the establishedsecurity association between them. This essentially eliminates the threatsrelated to the impersonation of a MAAR.¶
When the CMD acts as a PBU/PBA relay, the CMD may act as a relay of a single PBUto multiple P-MAARs. In situations with many fast handovers (e.g., withvehicular networks), multiple previous (e.g., k) MAARs may exist. In thissituation, the CMD creates k outgoing packets from a single incoming packet.This bears a certain amplification risk. The CMDMUST use a pacing approach inthe outgoing queue to cap the output traffic (i.e., the rate of PBUs sent) tolimit this amplification risk.¶
When the CMD acts as a MAAR locator, mobility signaling (PBAs) is exchangedbetween P-MAARs and the current S-MAAR. Hence, security associations areREQUIRED toexist between the involved MAARs (in addition to the ones needed with the CMD).¶
Since de-registration is performed by timeout, measuresSHOULD be implemented tominimize the risks associated with continued resource consumption (DoS attacks),e.g., imposing a limit on the number of P-MAARs associated with a given MN.¶
The CMD and the participating MAARsMUST be trusted parties authorized performall operations relevant to their role.¶
There are some privacy considerations to consider. While the involved partiestrust each other, the signaling involves disclosing information about theprevious locations visited by each MN, as well as the active prefixes they areusing at a given point of time. Therefore, mechanismsMUST be in place to ensurethat MAARs and CMDs do not disclose this information to other parties or use itfor other ends than providing the distributed mobility support specified in thisdocument.¶
The authors would like to thankDirk von Hugo,John Kaippallimalil,Ines Robles,Joerg Ott,Carlos Pignataro,Vincent Roca,Mirja Kühlewind,Éric Vyncke,Adam Roach,Benjamin Kaduk, andRoman Danyliw for the comments on thisdocument. The authors would also like to thankMarco Liebsch,Dirk von Hugo,Alex Petrescu,Daniel Corujo,Akbar Rahman,Danny Moses,Xinpeng Wei, andSatoru Matsushima for their comments and discussion on the documents[DISTRIBUTED-ANCHORING] and[DMM-PMIP], on which the present document is based.¶
The authors would also like to thankLyle Bertz andDanny Moses for theirin-depth review of this document and their very valuable comments andsuggestions.¶