IPv 6 in the 3 G network Copyright

Скачать презентацию IPv 6 in the 3 G network Copyright

04fdea470d41441445e2d717888b3008.ppt

Количество слайдов: 58

IPv 6 for mobile - why? ? § Address space problem • Projected over 1 billion mobiles by 2005 • Not enough IPv 4 addresses especially in Asia • Eg-. In China, there 100+ million handsets and far less IP addresses… • IPv 6 addresses – unique address / addresses • Eliminate the use of NAT • Overcome addressing / compatibility problems § Operational advantages – eg stateless autoconfiguration § Mobile IPv 6 more efficient, can be used in future Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 2

IPv 6 Recap: New header format Ver. Traffic Class Flow Label Payload Length Next Header Ver. Hop Limit Hdr Len Type of Service Identification Time to Live Total Length Fragment Offset Flg Protocol Header Checksum Source Address (128 bits) Destination Address Options. . . IPv 4 Header Destination Address (128 bits) IPv 6 Header Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 3

IPv 6 Recap: Key changes in IPv 6 header § Addresses increased 32 bits -> 128 bits § Flow Label field added § Time to Live -> Hop Limit § Protocol -> Next Header § Type of Service -> Traffic Class § Fragmentation fields moved out of base header § IP options moved out of base header § Header Checksum eliminated § Header Length field eliminated Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 4

Text Representation of Addresses “preferred” form: 1080: 0: FF: 0: 8: 800: 200 C: 417 A compressed form: FF 01: 0: 0: 0: 43 becomes IPv 4 -embedded: 0: 0: 0: FFFF: 13. 1. 68. 3 or Copyright © 2003 Juniper Networks, Inc. FF 01: : 43 : : FFFF: 13. 1. 68. 3 CONFIDENTIAL www. juniper. net 5

General Format of Unicast Addresses global routing prefix subnet ID interface ID n bits m bits 128 -n-m bits § Hierarchical structure in global routing prefix and interface ID (ala CIDR) § the interface ID is equivalent to the “host field" in an IPv 4 address § if leading bits of address = 000, interface ID may be any width § if leading bits of address ≠ 000, interface ID is 64 bits wide Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 6

Configuring Interface IDs There are several options for configuring the interface ID of an address: • DHCPv 6 (configures whole address) • Manual configuration (of interface ID or whole address) • automatic derivation from 48 -bit IEEE 802 address or 64 -bit IEEE EUI-64 address • pseudo-random generation “Stateless” autoconfiguration, when combined with high-order part of the address learned via Router Advertisements Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 7

IPv 6 for 3 G – How? § Extend GPRS / GTP to handle IPv 6 addresses during PDP setup § Methods to obtain IPv 6 address • Static • Dynamic • Stateless • Stateful – using DHCPv 6 (for increased control) Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 8

Dynamic Stateless Autoconfiguration MT BSS / UTRAN GGSN SGSN 1. Activate PDP Context Request (PDP type = IPv 6, PDP Address = empty, …) MT extracts Interface-ID from the link local address 2. Create PDP Context request 3. Create PDP context response (PDP address = link local address, . . ) 4. Activate PDP context accept GGSN configured to advertise only one network prefix 5. Router Solicitation 6. Router Advertisement (M flag = 0, Network Prefix…) 7. Neighbor Solicitation 8. GGSN initiated PDP context modification procedure GGSN updates the SGSN and MT with the full IPv 6 address Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 9

Recommendations from the IETF IPv 6 WG to 3 GPP § Uniqueness: Each prefix must not be assigned to more than one primary PDP context § Allow 3 GPP nodes to use multiple identifiers within those prefixes, including randomly generated identifiers § Multiple prefixes may be assigned to each primary context § Work in progress… Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 10

Types of Transition Mechanisms § Dual Stacks • IPv 4/IPv 6 coexistence on one device § Tunnels • For tunneling IPv 6 across IPv 4 clouds • Later, for tunneling IPv 4 across IPv 6 clouds • IPv 6 <-> IPv 6 and IPv 4 <-> IPv 4 § Translators • IPv 6 <-> IPv 4 Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 11

Transition Scenario – Dual IPv 4/IPv 6 Stack Native IPv 4 Network GGSN IPv 4 Host Native IPv 6 Network IPv 6 Host Dual Stack v 4/v 6 host Dual Stack Router IPv 4 / IPv 6 PDP Context Copyright © 2003 Juniper Networks, Inc. Separated approach – simple and efficient Possible as mobile usually closed system environment GGSN is a dual stack device Could be native IP interconnects, and also IPv 4 PE and IPv 6 PE (6 PE)) CONFIDENTIAL www. juniper. net 12

Tunnel and Transition Types (many!) § Configured tunnels - Router to router § Automatic tunnels • Tunnel Brokers (RFC 3053) • Server-based automatic tunneling • 6 to 4 (RFC 3056) • Router to router • ISATAP (Intra-Site Automatic Tunnel Addressing Protocol) • Host to router, router to host, Maybe host to host • 6 over 4 (RFC 2529) • Host to router, router to host • IPv 64 • For mixed IPv 4/IPv 6 environments • DSTM (Dual Stack Transition Mechanism) • IPv 4 in IPv 6 tunnels etc…. Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 13

Transition Scenario – Tunneling Options Diagrams - Gopinath Rao Sinniah, AIMST Practical transition; within backbone constraints Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 14

Network Address Translation - Protocol Translation (NAT-PT) IPv 4 Pool: 120. 130. 26/24 IPv 6 prefix: 3 ffe: 3700: 1100: 2/64 IPv 6 Network IPv 4 Network Mapping Table Inside 3 ffe: 3700: 1100: 1: 210: a 4 ff: fea 0: bc 97 DNS Outside 120. 130. 26. 10 Source = 3 ffe: 3700: 1100: 1: 210: a 4 ff: fea 0: bc 97 Dest = 3 ffe: 3700: 1100: 2: : 204. 127. 202. 4 NAT-PT Source = 120. 130. 26. 10 Dest = 204. 127. 202. 4 Source = 204. 127. 202. 4 Dest = 120. 130. 26. 10 v 4 host. 4 net. org 204. 127. 202. 4 Source = 3 ffe: 3700: 1100: 2: : 204. 127. 202. 4 Dest = 3 ffe: 3700: 1100: 1: 210: a 4 ff: fea 0: bc 97 v 6 host. 6 net. com 3 ffe: 3700: 1100: 1: 210: a 4 ff: fea 0: bc 97 Copyright © 2003 Juniper Networks, Inc. Greater complexity Limited NAT/FW ALG support today Must be an interim step only CONFIDENTIAL www. juniper. net 15

3 GPP Release 5 End-End Qo. S Framework § T 3. 207 – End-end Qo. S architecture: § Complements 23. 107 describes Quality of Service for the "GPRS Bearer Service“ (main developments in Rel 4) § Introduces a PDF – Policy Decision Function (policy Server) to interwork between applications and IP bearer service (GGSN = Policy Enforcement Point). Also possible mapping between GPRS and IP bearer services. § Allows use of either Diffserv or Intserv (or both!) Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 17

Qo. S requirements in UE and GGSN UE GGSN Diff. Serv Edge Function Optional Required RSVP/Int. Serv Optional IP Policy Enforcement Point Optional Required (*) Capability Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 18

23. 107 4 Qo. S classes are defined in UMTS refer TS 23. 107 Traffic class Conversational class conversational RT Fundamental characteristics -Preserve time relation (variation) between information entities of the stream Conversational pattern (stringent and low delay ) Example of the application - Voice - Vo. IP, video calls Copyright © 2003 Juniper Networks, Inc. Streaming class streaming RT Interactive class Interactive best effort Background best effort -Preserve time relation (variation) between information entities of the stream -Request response pattern -Preserve payload content -Destination is not expecting the data within a certain time -Preserve payload content - Streaming video - Web browsing - Machine polling - Background download of emails, non realtime video downloads CONFIDENTIAL www. juniper. net 19

UMTS bearer attributes defined for each bearer traffic class Conversational class Streaming class Interactive class Background class Maximum bitrate X X Delivery order X X Maximum SDU size X X SDU format information X X SDU error ratio X X Residual bit error ratio X X Delivery of erroneous SDUs X X Transfer delay X X Guaranteed bit rate X X Traffic class Traffic handling priority Note – these map down into Radio Bearer Qo. S capabilities, which are similar in makeup X Allocation/Retention priority X X Source statistics descriptor X X Signalling indication Copyright © 2003 Juniper Networks, Inc. X X X CONFIDENTIAL www. juniper. net 20

Value ranges for UMTS Bearer Service Attributes Conversational class Streaming class Interactive class Background class <= 16 000 (2) <= 16 000 - overhead (2) (3) Yes/No <=1 500 or 1 502 (4) (5) Yes/No/- (6) Residual BER 5*10 -2, 5*10 -3, 10 -4, 10 -5, 10 -6 5*10 -2, 5*10 -3, 10 -4, 10 -5, 10 -6 4*10 -3, 10 -5, 6*10 -8 (7) SDU error ratio 10 -2, 7*10 -3, 104, 10 -5 10 -1, 10 -2, 7*10 -3, 10 -4, 10 -5 10 -3, 10 -4, 10 -6 Transfer delay (ms) 100 – maximum value 280 (8) – maximum value Guaranteed bit rate (kbps) <= 16 000 (2) Traffic class Maximum bitrate (kbps) Delivery order Maximum SDU size (octets) SDU format information Delivery of erroneous SDUs Traffic handling priority Allocation/Retention priority Source statistic descriptor Signalling Indication Copyright © 2003 Juniper Networks, Inc. 1, 2, 3 (9) 1, 2, 3 Speech/unknown Yes/No (9) CONFIDENTIAL www. juniper. net 21

Mapping from R 97/98 GPRS Qo. S attributes to Release 99 onwards Resulting R 99 Attribute Name Traffic class Derived from R 97/98 Attribute Value 5 'no' 1, 2, 3, 4 5 8 1 2 32 3 64 4 128 5 256 6 512 7 1024 8 2048 9 1 1 2 2 3 3 yes' 'no' Copyright © 2003 Juniper Networks, Inc. 1, 2, 3, 4 16 Maximum SDU size 4, 5 10 -5 'yes' Delivery order 3 4*10 -3 Allocation/Retention priority 1, 2 10 -3 Maximum bitrate [kbps] 3 10 -6 10 -4 Delivery of erroneous SDUs 2 3 Residual bit error ratio 1 'no' 1 500 octets Name 4 1 2 SDU error ratio 1, 2, 3 Background Traffic handling priority Interactive Delay class (Fixed value) Delay class Reliability class Peak throughput class Precedence class Reordering the GGSN(Information in the SGSN and Required PDP Contexts) CONFIDENTIAL www. juniper. net 22

IP Co. S Basics Key Functions Per-flow Rate Policing Traffic Classification & Marking Priority Queuing Congestion Avoidance SP W R R • IP Flow RED • IP Precedence bits, DSCP Byte • MPLS Co. S bits 100% • Incoming Physical Interface Stream • Incoming Logical Interface • Destination IP address • Application (stateful) etc… 100% PLP=1 Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL 100% PLP=0 www. juniper. net 23

Converged Network Co. S Design § In a voice / best effort network, three classes (at least) of service are necessary: • IP network control traffic • Low bandwidth requirements, not sensitive to latency, jitter • Must not be starved • Voice signaling and bearer traffic • Highest latency and jitter requirements • Best effort data traffic • Whatever capacity is left § More complex configurations may or may not be needed in other network designs (e. g. with VPN service) § More classes = more complexity, no way around this. Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 24

Real World Case Study – Customer Qo. S allocations MPLS EXP Bits Forwarding Behaviour 000 Best Effort 001 Assured Forwarding 11 011 Expedited Forwarding 101 Network Control 1 / Assured Forwarding 21 111 Network Control 2 / Assured Forwarding 31 IP Traffic (UMTS Best Effort Class) Queue 0 - Queue 2 High Network Control 3 / Assured Forwarding 41 110 Drop Probability Expedited Forwarding 1 100 Hardware Queue Assured Forwarding 12 010 Traffic Type Copyright © 2003 Juniper Networks, Inc. 3 G Signalling traffic UMTS Streaming Class Unified Messaging client Low Queue 1 3 G AAL 2 traffic (UMTS Conversational Class) Low Queue 3 Network Control UMTS Interactive Class High Low High CONFIDENTIAL www. juniper. net 25

Real World Case Study – Customer Qo. S allocations § Queue implementation on network routers Hardware Queue WRR weighting Queue depth Queue 0 IP traffic 60% 60 % Queue 1 3 G AAL 2 traffic 25 % 10% Queue 2 3 G Signalling traffic 10 % 10% Queue 3 Copyright © 2003 Juniper Networks, Inc. Traffic Type Network Control 5% 20% CONFIDENTIAL Expedited Forwarding (strict priority for voice) www. juniper. net 26

What is Diff-Serv TE ? § Diff-Serv: scheduling/queuing behavior at each node depends on traffic type (indicated by DSCP/EXP setting ) - hop by hop Qo. S § MPLS TE: use of constraints to control placement of LSPs. Typically, various traffic classes share the same LSP. Bandwidth reservations do not take account of the classes of traffic involved. § MPLS Diff-Serv TE: • Traffic divided into up to eight Class-Types. • CSPF and RSVP take the Class-Type into account when computing path of LSP. • Results in More granular bandwidth reservation. § On each link in network, can have separate bandwidth constraints for each type of traffic • E. g. limit the bandwidth taken by voice LSPs on a link to a maximum of 40%, data LSPs take the rest. Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 27

Co. S / Qo. S & Forwarding § Diff-Serv-aware MPLS Traffic Engineering § Guaranteed bandwidth for MPLS • Combines MPLS Diff. Serv and Diff. Serv TE • Provides strict point to point Qo. S guarantees Aggregated State (DS) Aggregate Admission Control (DS-TE) Aggregate Constraint-based Routing (DS-TE) No state Aggregated state Per-Flow state MPLS Diff-Serv + MPLS DS-TE Best effort RSVP v 1 & Int-Serv Diff-Serv MPLS Guaranteed Bandwidth Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 28

Components of DS-TE § Three components: • Per-class admission control – RSVP extensions, IGP extensions • Per-class input policing at the edge – LSP Policing • Per-class scheduling (one queue for all traffic of a given class) – Diff. Serv • Aggregated scheduling: a class queue carries many LSPs § THE RESULT: • Admission control + policing at the edge + dedicated queue = guaranteed bandwidth Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential CONFIDENTIAL www. juniper. net 29

Layer 2 Migration VC to MPLS Qo. S Mapping VPs ATM Control Traffic Queues PE to PE E-LSPs (PSN Tunnel) Qo. S Flows Based on EXP Bits CBR VBR rt (CLP 0, CLP 1) VBR nrt (CLP 0, CLP 1) ABR/UBR (CLP 0, CLP 1) CBR (10% bw) ->CT 3 VBR rt (20% bw) ->CT 2 VBR nrt (20% bw) ->CT 1 ABR/UBR (50% bw) CT 0 ATM Interface Copyright © 2003 Juniper Networks, Inc. Trunk VPN Label (Pseudo Wire) POS Interface CONFIDENTIAL www. juniper. net 30

3 G Release 6 TS 23. 221 Circuit switched call control server BICC RTP or AAL 2 UDP/IP or AAL 2 Node. B Iu cs Iu b H. 248 TDM ATM IP PSTN Iu ps USIM IP/AAL 5 IMS enhancements for conversational Internet Corporate Multimedia Broadcast/Multicast Service (MBMS) – conferencing etc UMTS/GPRS - WLAN Interworking Definition in R 6, implementation sooner Copyright © 2003 Juniper Networks, Inc. Service charging enhancements SIP IP Multimedia CSCF CONFIDENTIAL www. juniper. net 32

Service based charging and control § Convergence of service differentiation, service specific policies and charging policies • IP flow-based charging • Enable differentiated online and offline charging for the traffic flows belonging to different services (a. k. a. different service data flows) even if they use the same PDP Context. • Dynamic policy control enhancements (also ties in with Qo. S) • Enable service based local policy control over IP bearer resources to evolve separately from SIP services. § Requirements: • Ability to classify IP traffic into services based on content (stateful. Eg- URI) • Ability to apply flexible charging rules and service based local policy control based on service classification • Ability to enforce IP bearer policies for multiple services Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 33

Service based charging and control Online Charging System* CAMEL SCP Service Data Flow Based Credit Control Service Data Flow Based Charging Rules Function Gy Gx Traffic Plane Function AF Rx Gq Go Policy Decision Function § Timescale: • 3 GPP Release 6 • Early realization by some vendors at the GGSN Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 34

3 G complimentary access technologies § Access technologies that compliment a 3 G FDD network by providing high-speed data services in hot-spot areas • 802. 11 based WLAN, HSDPA, TDD / portable broadband § Requirements: • Existing core networks to support connectivity to WLAN, TDD access networks • Allow access to PS services (e. g. IMS) from WLAN access networks • Ability to handle additional transport capacity as a result of higher bandwidth § Timescale: • 3 GPP Release 6 for basic WLAN inter-working scenarios • Realization of basic scenarios by many vendors • HSDPA in 3 GPP Release 5 Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 35

3 G complimentary access technologies Intranet / Internet 3 GPP Visited Network CGw/CCF Packet Data Gateway Wi OCS Wx HSS r' /G f W Wm 3 GPP AAA Server D' Wn Ws/Wc Wn Wireless Access Gateway Scenario 3 Wf Wg Wo WLAN Access Network WLAN UE 3 GPP AAA Proxy Wr/Wb HLR CGw/ CCF 3 GPP Home Network PS Service Network Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 36

Agenda § Mobile overview and the transition to 3 G § 2. 5 G data networks § 3 G - phases of deployment. Focus areas: • Layer 2/MPLS migration • IP RAN and transition techniques • IP Multimedia subsystem and Qo. S • ‘Push to Talk’ example • IPv 6 § WLAN integration options § Case studies Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 37

High level Scenarios § VPN / Network level integration § Authentication / billing integration • Web logon: SMS delivered password • SIM integration § 3 GPP work – ongoing (GRPS/WCDMA) § Real time handover • Mobile IP Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 38

VPN / Network Level integration eg- Leading Asian Wireless Operator § Integration of VPN access for mobile corporate users regardless of access type § Outsource remote access management from corporates, and aggregate users in a layer 3 VPN – common point of subscriber management § Network diagram: Mobile users mapped into corporate VPNs IPSEC / L 2 TP (RFC 3193) MPLS Backbone MPLS Wi. Fi User with native Windows Client Native L 2 TP LAC GGSN 3 G and PHS users Copyright © 2003 Juniper Networks, Inc. E Series (PE) & Tunnel Gateway M Series (P) CONFIDENTIAL www. juniper. net 39

Authentication / Billing integration § First approach: web login approach for WLAN • Username and password login or/ • One time password delivered by SMS/text message § Billing integration – WLAN charges appear on normal mobile bill – backend integration. • Flat rate or time / usage based § Examples of this approach: Verizon Wireless, Telstra Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 40

GPRS/CDMA Example Telstra Corp. Australia § Mobile centric service, launched in August 2003 § Public WLAN access to the Internet and corporate VPNs § Available in hotspot locations throughout Australia • Target of 600 hotspot locations in 2004 • International roaming through the Wireless Broadband Alliance § Use of centralised control functions (E Series + SDX) The "Wireless Hotspot" service is expected to become our "workhorse" mobile data network, especially for corporate users, providing greater bandwidth in high traffic locations than our cellular GPRS and 1 x. RTT mobile networks. - Ted Pretty, Telstra Mobile Group Managing Director Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 41

Mobile Operator focus – Simple billing for Telstra mobile customers § Time based billing; hourly rate § Login via a password delivered by SMS to a Telstra mobile • Usage appears on customers normal mobile Bill § Lowered barriers to uptake • No special WLAN subscription needed – casual pay-per-user • Captive portal logon using DHCP – no client software required § Credit card payment option for non-Telstra post-paid mobile customers § Inbound roaming also supported (eg with Wireless Broadband Alliance partners), can enable wholesale offering also Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 42

How it works - Step One • User opens up web browser and tries to go to Google • Session directed to captive portal software (SDX) • Choice to enter mobile phone number or username and password • Mobile phone number entered Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 43

Step Three • Upon successful authentication, captive portal is released and original web destination is loaded. • Mini-logout window to facilitate signoff. • Usage billed to user’s mobile phone bill once finished Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 45

Authentication on WLAN using 802. 1 X and EAP on 802. 11 - overview Access Point Association RADIUS Server Ethernet Access blocked 802. 11 Associate-Request 802. 11 RADIUS 802. 11 Associate-Response EAPOW-Start EAPOW EAP-Request/Identity EAP-Response/Identity EAP-Request EAP-Response (credentials) EAP-Success EAPOW-Key (WEP) Source: Microsoft Copyright © 2003 Juniper Networks, Inc. Radius-Access-Request Radius-Access-Challenge Radius-Access-Request Radius-Access-Accept Access allowed CONFIDENTIAL www. juniper. net 46

Maintaining subscriber control when using 802. 1 x/EAP environment “Transparent RADIUS relay” concept § § § 802. 1 x access points have Radius client, EAP messages encapsulated in Radius messages Host MAC address in the calling-station-attribute Radius relay (BRAS) uses @domain name to forward Radius request to an external EAP capable Radius proxy or server BRAS relay stores Host MAC address and awaits authorization data (VR to use, IP pool/address to use, filters, etc) DHCP request, based on the host MAC address, creates subscriber interface in proper context allocates IP address, assign default policies. SDX with no Web login Access point creates Radius authentication and accounting (stop) Policy Control IDAS = Integrated DHCP Access Server Bridge d circu it 802. 1 x AP IDAS GRE, routed, DSL, FR, ATM, LL, Metro. E Radius Relay Premium Content Internet MPLS VPN 802. 1 x AP Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 47

PWLAN and Mobile § 3 GPP standards org defined five scenarios for PWLAN integration with 3 G • From common authentication to seamless handover of voice service • Specified 802. 1 x based authentication • Part of 3 GPP Release 6, specified in TS 23. 234 § But, real deployments are occurring well in advance of 3 GPP R 6……so: § GSM Association WLAN Task Force issued guidelines for pre Release 6 • Wed based login initially transitioning to 3 GPP release 6 spec § A SIM located in WLAN cards will use authentication based on EAP/SIM • Eg- Use of SIM dongle § EAP to SS 7 gateways will allow mobile HLR / HSSs to authenticate the WLAN card Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 48

Authenticating against the GSM HLR § Existing database with all mobile subscriber information § Existing provisioning and customer care systems are used § EAP/SIM can offer GSM equivalent authentication and encryption § Gateway between RADIUS/IP and MAP/SS 7 is required • Eg Funk Software Steel Belted Radius/SS 7 Gateway • Ulticom Signalware SS 7 software • Sun server E 1/T 1 interface card • An overview of the product is in this attachment: • Major vendors Ericsson, Siemens, Nokia all have or are developing their own offer Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 49

802. 1 x EAP/SIM authentication from HLR Transparent RADIUS relay MAP SS 7 GW Authenticator Client EAPo. L BRAS AC, RADIUS/SS-7 (RADIUS Relay) GW HLR RADIUS Client Authentication Gr Interface DHCP Discover Client – IP Address Assignment DHCP Offer DHCP Request DHCP Ack {address = End User address from GGSN} Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 50

Tight integration proposed by 3 GPP HLR GPRS Tunneling Protocol Client Authenticator EAPo. L Access Controller, RADIUS/SS-7 RADIUS Relay GW HLR GGSN RADIUS Client Authentication Gr Interface Create PDP Context {IP, transparent mode APN, IMSI/NSAPI, MSISDN, dynamic address requested} Create PDP Context Response {End User Address} DHCP Discover Client – IP Address Assignment DHCP Offer DHCP Request DHCP Ack {address = End User address from GGSN} Lease expiration Delete PDP Context Request Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 51

Real time handover… § Many access types – WLAN, 3 G, GPRS… § Mobile IP could provide reasonable real-time macro roaming between cellular and WLAN access types (also alternates such as 802. 16/Wi. Max) § Supported for dual mode CPE/handsets • Eg- Dual Mode NEC cellphone with WLAN as trialed in Do. Co. Mo • PDAs with WLAN and CDMA 1 x/EVDO or GPRS/WCDMA • Notebooks with cellular data or dual mode cards § Off the shelf client software available today – IPUnplugged, Birdstep § Challenges- Vo. IP, WLAN automated logon (eg- 802. 1 x could solve this), applications/OS can handle address changes Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 52

Overview of Mobile IPv 4 (RFC 2002) CN 5. 4. FA 1. and 2. HA 3. Internet MN § 1. MN discovers Foreign Agent (FA) § 2. MN obtains COA (FA - Care Of Address) § 3. MN registers with FA which relays registration to HA § 4. HA tunnels packets from CN to MN through FA § 5. FA forwards packets from MN to CN or reverse tunnels through HA (RFC 3024) Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 53

Mobile IP Interworking with UMTS/GPRS § Recommends use of FA Care Of Addresses (Co. A), not collocated, to conserve IPv 4 addresses Source: 3 GPP Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 54

Overview of Mobile IPv 6 Removes need for external FA in future 3 GPP systems CN 4. 3. HA 1. MN 2. Internet § 1. MN obtains IP address using stateless or stateful autoconfiguration § 2. MN registers with HA § 3. HA tunnels packets from CN to MN § 4. MN sends packets directly to CN or via tunnel to HA • Binding Update from MN to CN removes HA from path. Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 56

3 G- Mobile Data Networks To Summarise… § Interworking different wireless access types is possible in many ways – benefits to the end users § Short term migration of FR and ATM over MPLS infrastructure can help cut network and operations costs § Mobile networks are moving to IP both at network transport and application layer… • IP UTRAN option – IP out to the base station site • IP Multimedia subsystem – native IP clients in devices • Push To Talk is a wildcard; could accelerate IP requirements in the mobile network before 3 G becomes widescale § MPLS, Qo. S / Diff. Serv TE, IPv 6 and transition techniques are key requirements in the new mobile carrier network! Copyright © 2003 Juniper Networks, Inc. CONFIDENTIAL www. juniper. net 57