Omniran13 0064 00 0000 Pt P Links across

Omniran-13 -0064 -00 -0000 Point-to-Point Links across IEEE 802 bridged infrastructure (Omni. RAN Gap

Omniran-13 -0064 -00 -0000 To. C • Access Network Scenario – Further considerations •

Omniran-13 -0064 -00 -0000 Access Network Szenario SSPN = Subscription Service Provider Network SSPN

Omniran-13 -0064 -00 -0000 Further Considerations • An access network may be deployed by

Omniran-13 -0064 -00 -0000 References for Link Requirements • 3 GPP Trusted WLAN Access

Omniran-13 -0064 -00 -0000 Bridged Access Network Solutions supporting point-to-point link behavior Access Network

Omniran-13 -0064 -00 -0000 Pt. P Link Solution Approaches • Establish dedicated VLAN for

Omniran-13 -0064 -00 -0000 MAC-in-MAC (Provider Backbone Bridging) Some Thoughts • AP/BS effectively representing

Omniran-13 -0064 -00 -0000 MACsec Some Thoughts • MACsec establishes single hop across multiple

Omniran-13 -0064 -00 -0000 Dynamic Pt. P Link management adds to the Control Plane

Omniran-13 -0064 -00 -0000 Link Management during a session Access Network ANQP Scanning AAA

Omniran-13 -0064 -00 -0000 Conclusion • Point-to-point links across bridged infrastructures are feasible •

Slides: 13

Download presentation

Omniran-13 -0064 -00 -0000 Pt. P Links across IEEE 802 Bridged Infrastructure Date: 2013 -08 -28 Authors: Name Affiliation Phone Email Max Riegel NSN +491732938240 maximilian. riegel@nsn. com Notice: This document does not represent the agreed view of the Omni. RAN EC SG. It represents only the views of the participants listed in the ‘Authors: ’ field above. It is offered as a basis for discussion. It is not binding on the contributor, who reserve the right to add, amend or withdraw material contained herein. Copyright policy: The contributor is familiar with the IEEE-SA Copyright Policy <http: //standards. ieee. org/IPR/copyrightpolicy. html>. Patent policy: The contributor is familiar with the IEEE-SA Patent Policy and Procedures: <http: //standards. ieee. org/guides/bylaws/sect 6 -7. html#6> and <http: //standards. ieee. org/guides/opman/sect 6. html#6. 3>. Abstract The presentation introduces the requirements of point-to-point links across bridged infrastructures and provides initial thoughts on potential solutions. 1

Omniran-13 -0064 -00 -0000 Point-to-Point Links across IEEE 802 bridged infrastructure (Omni. RAN Gap Analysis) Max Riegel NSN 2

Omniran-13 -0064 -00 -0000 To. C • Access Network Scenario – Further considerations • References for Link Requirements • Bridged Access Network Solutions – Pt. P Link Solution Approaches • MAC-in-MAC • MACsec • Control Plane issues – Link Management during a session • Conclusion 3

Omniran-13 -0064 -00 -0000 Access Network Szenario SSPN = Subscription Service Provider Network SSPN A SSPN B • Point-to-point link behavior is required to – Enforce all traffic passing through the SSPN – Isolate terminal communication in a shared infrastructure • Mobility support is required in the bridged infrastructure – Without impacting IP connectivity, i. e. IP session has to be maintained while moving • Point-to-point link state signalling required towards SSPN 4

Omniran-13 -0064 -00 -0000 Further Considerations • An access network may be deployed by multiple SSPNs – Making use of VLAN tag to segregate access domains • An SSPN may deploy VLANs to differentiate services SSPN A SSPN B – E. g. setting up dedicated VLANs for data, guest and voice terminals • Terminals being either end-stations or bridges eventually deploying (C-)VLAN – C-VLAN tag may be carried over to terminals • Access network may be spotty and being spread across large areas – Making use of provider bridging to connect together disjunct access areas 5

Omniran-13 -0064 -00 -0000 References for Link Requirements • 3 GPP Trusted WLAN Access to EPC TS 23. 402 V 11. 6. 0 (2013 -03) – Support for non-seamless WLAN offload (NSWO) or single PDN connection into EPC – Definition of a • WLAN Access Network, • Trusted WLAN AAA Proxy • Trusted WLAN Access Gateway – Requiring a point-to-point link between UE and Trusted WLAN Access Gateway across WLAN Access Network – Requiring also link state signaling of WLAN Access Network towards Trusted WLAN Access Gateway • Very similar requirements exist also in other access networks carrying Ethernet frames between terminal and access router – E. g. Wi. MAX 6

Omniran-13 -0064 -00 -0000 Bridged Access Network Solutions supporting point-to-point link behavior Access Network Model – desired solution STA IP DLL PHY AP/BS DLL PHY AR/Ctrl DLL PHY IP DLL PHY Access Network Model – nowadays real world solution STA IP DLL PHY AP/BS DLL PHY ETH GRE IP ETH PHY GW ETH PHY ETH GRE IP ETH PHY AR/Ctrl IP ETH PHY 7

Omniran-13 -0064 -00 -0000 Pt. P Link Solution Approaches • Establish dedicated VLAN for each terminal – Q-in-Q • Scalability issue, max 4094 ptp links may not be enough – MAC-in-MAC • Seems to be feasible, for further study • Establish secured connection for each terminal across bridged infrastructure – MACsec • Seems to be feasible, for further study 8

Omniran-13 -0064 -00 -0000 MAC-in-MAC (Provider Backbone Bridging) Some Thoughts • AP/BS effectively representing ‘BEB’ • Link identified by B-SA + I-SID – B-SA uniquely correlated to terminal MAC address • Would it work using terminal MAC as B-SA (C-SA = B-SA)? – B-DA represents access router peer – I-SID for further study; • Mobility support by learning B-bridges • How would link establishment be done? – Which protocol to use to dynamically configure PBBN? • Link state signaling? • Security threats by dangling entries in filtering database in B-bridge? 9

Omniran-13 -0064 -00 -0000 MACsec Some Thoughts • MACsec establishes single hop across multiple bridges • MACsec peers are terminal specific port in AP/BS and access router at the border of the access network • Control protocol by 802. 1 X – EAP based establishment of security association • How to tie with EAP based access authentication – Well defined link state management • Mobility support? – Wouldn’t be a kind of 802. 11 r applicable to MAC sec ptp links? • Scalability and performance issues – MACsec Ys well distributed on AP/BS side, however the entity at the access router peer may have to handle a huge number of sessions. – MACsec without confidentiality to keep performance requirements low? 10

Omniran-13 -0064 -00 -0000 Dynamic Pt. P Link management adds to the Control Plane Terminal Service Core Access Network Control Plane Scanning Network Selection Association Authentication Link Establishment Host Configuration Application User Plane Applicatio n Transport Network Data Link Physical Medium Data Link Physica l l Medium Networ k Network Data Link Physica l l Applicatio n Transport Network Data Link Physical Medium Scope of IEEE 802 11

Omniran-13 -0064 -00 -0000 Link Management during a session Access Network ANQP Scanning AAA DHCP Policy Configuration Application Network Selection Association Authentication Authorization Link Establishment Accounting Host Configuration Application Policy Control Link Mobility Application Host Config Release Disassociation Link Teardown Accounting Access Technology Control I/f 12

Omniran-13 -0064 -00 -0000 Conclusion • Point-to-point links across bridged infrastructures are feasible • MACsec seems to provide the more promising approach for realization of ptp links – Well suited control protocol available by 802. 1 X – Works across any bridged infrastructure • Creates single hop over multiple bridges – Well defined link state signaling and management – Further investigations necessary regards mobility support. • Proposed next step: create a detailed functional description based on MACsec 13