Internet DRAFT - draft-gundavelli-v6ops-community-wifi-svcs
draft-gundavelli-v6ops-community-wifi-svcs
V6OPS WG S. Gundavelli
Internet-Draft M. Grayson
Intended status: Informational Cisco
Expires: October 25, 2013 P. Seite
France Telecom - Orange
Y. Lee
Comcast
April 23, 2013
Service Provider Wi-Fi Services Over Residential Architectures
draft-gundavelli-v6ops-community-wifi-svcs-06.txt
Abstract
The tremendous growth in Wi-Fi technology adoption over the last
decade has met the ultimate possible goal of 100% adoption rate. All
most every new mobile device is now equipped with IEEE 802.11-based
wireless interface and with pre-configured policy to prefer Wi-Fi to
cellular access. Matching this evolution is every service provider's
desire to offer Wi-Fi based broadband services; a new business
opportunity even for fixed line operators. Operators are exploring
options to monetize their existing networks, most with nation-wide
footprint, to build a high-speed Wi-Fi service that can be the basis
for offering new wireless broadband services. This document
identifies the requirements for supporting these new Wi-Fi community
services and the mobility tools which have been standardized in IETF
that can be used for enabling these architectures.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 25, 2013.
Copyright Notice
Gundavelli, et al. Expires October 25, 2013 [Page 1]
Internet-Draft Service Provider Wi-Fi Services April 2013
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Gundavelli, et al. Expires October 25, 2013 [Page 2]
Internet-Draft Service Provider Wi-Fi Services April 2013
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Conventions and Terminology . . . . . . . . . . . . . . . . . 5
2.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 5
2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
3. Deployment Models . . . . . . . . . . . . . . . . . . . . . . 7
4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.1. IPv6 Addressing Model for SP WiFI Architectures . . . . . 9
4.2. Subscriber Authentication & Service Authorization . . . . 9
4.3. Location-based Services . . . . . . . . . . . . . . . . . 9
4.4. Local Services Access & Internet Traffic Offload . . . . . 10
4.5. Web-based Authentication Support . . . . . . . . . . . . . 10
4.6. Transparent Auto Login (TAL) . . . . . . . . . . . . . . . 10
4.7. Multiple WLAN SSID Support . . . . . . . . . . . . . . . . 11
4.8. Multiple Home Network Service (APN) Access . . . . . . . . 11
4.9. CPE Identity and Authorization . . . . . . . . . . . . . . 11
4.10. Mobility within the WLAN Access Network . . . . . . . . . 11
4.11. Mobility across WLAN and Macro Access . . . . . . . . . . 12
4.12. Differentiated Services for Users behind RG . . . . . . . 12
4.13. Lawful Intercept (LI) . . . . . . . . . . . . . . . . . . 12
4.14. Subscriber Management and Charging . . . . . . . . . . . . 13
4.15. Handling the Walk-by Users . . . . . . . . . . . . . . . . 14
4.16. Overlapping IPv4 Address Support . . . . . . . . . . . . . 14
4.17. Service Provisioning & Monitoring . . . . . . . . . . . . 14
5. Solution Approaches & Considerations . . . . . . . . . . . . . 15
5.1. PMIPv6 MAG on the RG: Layer-3 Encapsulation between
CPE and Access Gateway . . . . . . . . . . . . . . . . . . 15
5.2. Ethernet-over-IP Support on the RG: Layer-2
Encapsulation between CPE and Access Gateway . . . . . . . 15
5.3. Local Aggregation for Subscriber Control and Internet
Offload . . . . . . . . . . . . . . . . . . . . . . . . . 15
5.4. Mobility Chaining: Integration with Mobile Packet Core . . 15
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
7. Security Considerations . . . . . . . . . . . . . . . . . . . 15
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 16
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16
9.1. Normative References . . . . . . . . . . . . . . . . . . . 16
9.2. Informative References . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17
Gundavelli, et al. Expires October 25, 2013 [Page 3]
Internet-Draft Service Provider Wi-Fi Services April 2013
1. Introduction
The tremendous growth in Wi-Fi technology adoption over the last
decade has met the ultimate possible goal of 100% adoption rate. All
most every new mobile device is now equipped with IEEE 802.11-based
wireless interface and these devices are typically pre-configured
with a policy to prefer Wi-Fi to cellular access. This so called,
"cheap access based on unlicensed spectrum", is no longer considered
an unreliable access, but with all the available protocol tools and
with maturity in technology, building a reliable broadband service
that can meet the committed service-level agreements is proving to be
a non-issue.
Matching this evolution is every service provider's desire to offer
Wi-Fi based broadband services; a new business opportunity even for
both fixed and mobile operators. The demand for bandwidth is only
growing with the availability of new smart devices, new technology
applications and with all the content in the Internet. Furthermore,
an increasing percentage of mobile consumption is happening in the
home and so DSL/Cable operators are exploring options to monetize
their existing networks, most with nation-wide footprint, to build a
high-speed, nation-wide Wi-Fi service that can be the basis for
offering new wireless broadband services and for building roaming
agreements with traditional mobile operators, who are unable to meet
the mobile subscriber growth due to the finite licensed spectrum
available for macro-cell deployments. Every residential CPE device
that the operator owns can now be enabled to provide Wi-Fi service
and new community Wi-Fi hotspots can be built in any location where
there is fixed line coverage. A wireless service based on unlicensed
spectrum, and leveraging existing transport is a huge incentive for
operators to enter this new market.
To support these business goals, operators are looking at mobility
architectures for supporting various requirements. Not all
requirements are well understood, and neither are the implications
with the chosen solution approaches for each of those requirements.
The choice of the architecture has an implication on the CPE
evolution and on the core infrastructure feature requirements.
Therefore, the sole purpose and the goal of this document is to
present all the requirements, identify the protocol tools and any
potential gaps. This analysis is important for enabling the network
vendors and the mobile operators to make the right design choices and
leverage the existing tools that the mobility groups in IETF have
already developed and discourage them from adopting proprietary, non-
standard mechanisms or developing redundant alternatives.
Gundavelli, et al. Expires October 25, 2013 [Page 4]
Internet-Draft Service Provider Wi-Fi Services April 2013
== == == == == ==
== ==
== Wi-Fi Service Cloud ==
== (Public SSID) ==
== ==
== ==
== ==
== ==
- - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - -
- - - - - - - - -
- - -
(Public SSID) (Public SSID) (Public SSID)
+------------+ +------------+ +------------+
| Residential| | Provider | | Residential|
|Access Point| |Access Point| |Access Point|
+------------+ +------------+ +------------+
(Private SSID) (Private SSID)
- -
- - - - - -
- - - - - - - - - -
- - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - -
Figure 1: Wi-Fi Cloud Over Residential Gateways
2. Conventions and Terminology
2.1. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2.2. Terminology
This document uses the following abbreviations and definitions:
Community Wi-Fi Service
It is a Wi-Fi based broadband service offered by a service
provider. The Wi-Fi Access Points that are part of this service
are owned and managed by the operator, and physically located in
carrier premises. These operator owned CPE's typically have a
large Wi-Fi coverage area, operated on a higher signal power.
Gundavelli, et al. Expires October 25, 2013 [Page 5]
Internet-Draft Service Provider Wi-Fi Services April 2013
There could also be the residential Access Points that are part of
this service, located in the subscriber homes, that are part of
this service and allowing community access to a public SSID along
with a private SSID for their personal access.
Wi-Fi Operator
A service provider that offers Community Wi-Fi services. Wi-Fi
operator can be a wireline operator, mobile operator or an
operator offering both wireline and mobile services.
Residential Gateway (RG)
It is a network device that is located in the Customer premises
and is also referred to as Residential CPE (Customer Premises
Equipment). This device is connected to service providers network
and defines the demarcation point between the provider and the
customer. In the context of this document this is hosting the
802.11 Access Point function.
WLAN controller (WLC)
It is an entity responsible for performing radio resource
management (RRM) on the Access Points, system-wide mobility policy
enforcement and centralized forwarding function for the user
traffic.
Mobile Gateway
It is network entity anchoring IP traffic in the mobile core
network. This entity allocates an IP address which is
topologically valid in the mobile network and may act as a
mobility anchor if handover between mobile and Wi-Fi is supported.
Home/Roaming User
The home user is the owner of the network where the Residential
Gateway is located and is paying for the service associated with
that Residential Gateway. A Roaming User is a visitor from the
operator's home network, or from a partner's network and is
allowed to access broadband services using that Residential
Gateway and over a Public SSID.
Access Point Name (APN)
Gundavelli, et al. Expires October 25, 2013 [Page 6]
Internet-Draft Service Provider Wi-Fi Services April 2013
Its the name of a packet data network. This APN concept was first
introduced in GPRS by 3GPP to enable legacy Intelligent Networking
(IN) approaches to be applied to the newly deployed IP packet data
services. In roaming deployments, the APN construct was visible
to the visited network and allowed legacy IN charging solutions to
be supported. Defining an application specific APN then allowed
application charging to be supported.
Addressing Models
The term Per-MN-Prefix model [RFC5213] is used to refer to an
addressing model where there is a unique network prefix or
prefixes assigned for each mobile node. The term Shared-Prefix
model [RFC5213] is used to refer to an addressing model where the
prefix(es) are shared by more than one node.
3. Deployment Models
Figure 2 illustrates the most common residential and hotspots Wi-Fi
deployment models.
Gundavelli, et al. Expires October 25, 2013 [Page 7]
Internet-Draft Service Provider Wi-Fi Services April 2013
_----_ _----_ _----_
_( )_ _( )_ _( )_
(Operator-1) (Operator-2) (Operator-3)
(_ _) (_ _) (_ _)
-+-- -+-- '-+--'
+--------+ +--------+ +--------+
| Mobile | | Mobile | | Mobile |
|gateway | |gateway | |gateway |
+--------+ +--------+ +--------+
| | |
+-------------. | .-------------+
| | |
| | |
| | |
| | |
+--------+ _----_
+---+ | | _( )_
|AAA|. . . . . . . | Access |----------( Internet )
+---+ ...... | Aggreg | (_ _)
| . | Gateway| '----'
+--------+ . +--------+
|Web Auth|..... | | |
| Portal | | | +-------------+
+--------+ | | |
| | +-----+
+---------------+ | | AR |
| +-----+ +-----+
+-----+ | WLC | * ---------*
| CPE | | | ( LAN )
|(RG | +-----+ * ---------*
+-----+ / \ / \
. +----+ +----+ +----+ +----+
/ \ |WiFi| |WiFi| |WiFi| |WiFi|
MN MN | AP | | AP | | AP | | AP |
+----+ +----+ +----+ +----+
Community . .
WiFi user / \ / \
MN MN MN MN
Figure 2: WLAN Service for Retail Model
4. Requirements
Gundavelli, et al. Expires October 25, 2013 [Page 8]
Internet-Draft Service Provider Wi-Fi Services April 2013
4.1. IPv6 Addressing Model for SP WiFI Architectures
The selection of the richt IPv6 addressing model for the SP WiFI
architectures is an important consideration. There are these two
IPv6 addressing models:
o Unique-Prefix Model - As per this addressing model, home network
prefix(es) assigned to a mobile node are for its exclusive use and
no other node shares an address from that prefix (other than the
Subnet-Router anycast address [RFC4291] that is used by the IPv6
access router hosting that prefix on that link). There could be
multiple unique IPv6 prefixes assigned to each mobile node.
o Shared-Prefix model - The IPv6 prefix that is assigned to the
mobile node is a shared prefix. There can be more than one mobile
node that can be using IPv6 addresses from that prefix.
3GPP architecture supports Unique-Prefix model for the mobile node's
PDN connections. This decision was largely influenced by the IETF
recommendation to 3GPP to support this specific addressing model. In
the context of SP WIFI, there are clearly scenarios where a mobile
node may perform an inter-technology handover from the macro network
to the WLAN access network and handoff the session and is important
that the addressing model is the same in both the access
architectures. Even in deployment models where such handovers are no
envisioned, such as an WLAN access aggregation architecture with no
mobile packet core integration, there are sufficient reasons for
adopting the Unique Prefix model.
4.2. Subscriber Authentication & Service Authorization
Community Wi-Fi service is designed to be available for public
access. Wi-Fi operator must authenticate users before offering
services to them. Once a user is authenticated, Wi-Fi operator will
authorize services based on the user identity. There are many
authentication mechanisms, such as 802.1x, Web-authentication, WISPr
that the operator may deploy for this purpose.
4.3. Location-based Services
In many deployments, there is a need for the mobile operator to
provide differentiated services and policing to the mobile nodes
based on the access network to which they are attached. Policy
systems in mobility architectures such as PCC and ANDSF in 3GPP
system allow configuration of policy rules with conditions based on
the access network information. For example, the service treatment
for the mobile node's traffic may be different when they are attached
to a access network owned by the home operator than when owned by a
Gundavelli, et al. Expires October 25, 2013 [Page 9]
Internet-Draft Service Provider Wi-Fi Services April 2013
roaming partner. The service treatment can also be different based
on the configured Service Set Identifiers (SSID) in case of IEEE
802.11 based access networks. Other examples of location services
include the operator's ability to display a location specific Web
Page, or apply tariff based on the location.
4.4. Local Services Access & Internet Traffic Offload
In the integrated WLAN-EPC architectures, the mobile node's IP
traffic is always tunneled back from the access network to the mobile
gateway in the home network. However, with the exponential growth in
the mobile data traffic, mobile operators are exploring new ways to
offload some of the IP traffic flows at the nearest access edge where
ever there is an internet peering point, as supposed to carrying it
all the way to the mobility anchor in the home network. Not all IP
traffic need to be routed back to the home network, some of the non-
essential traffic which does not require IP mobility support can be
offloaded at the mobile access gateway in the access network. This
approach provides greater leverage and efficient usage of the mobile
packet core which help lowering transport cost.
4.5. Web-based Authentication Support
Most Public Wireless LAN (PWLAN) deployments today use web-based
authentication for authorizing the user for network access. Web-
based mode of authentication is considered a legacy mode, for its
weak security properties, and there are efforts to replace it with
802.1x-based security mechanisms. However, a very high percentage of
the PWLAN deployments are still using using this authentication mode
and operators are not willing to move away from this mode any time
soon. The reason being, lack of support for 802.1x/EAP support on
the 100's of millions of handsets that are out there, and for the
lack of client software in the laptops running various operating
systems versions. This is forcing the operators to support web-based
authentication.
4.6. Transparent Auto Login (TAL)
In many deployments, there is a need to support Transparent Auto
Login capability. This is essentially an approach for maintaining
Authenticated state for a user, for a duration of time. Once an
authenticated user disconnects and re-attaches to the network, the
network should allows instant access without forcing the user to re-
authenticate.
Gundavelli, et al. Expires October 25, 2013 [Page 10]
Internet-Draft Service Provider Wi-Fi Services April 2013
4.7. Multiple WLAN SSID Support
A Wi-Fi Operator may broadcast multiple SSIDs. In case Residential
Wi-Fi hotspots, there can be one set of private SSIDs specific to
that home user and there can be another set of public SSIDs for wider
community use. In case of public hotspots, the operator can
advertise the public SSID for its own subscribers and also public
SSID's belonging to other operators with whom the operator has
roaming relationships.
4.8. Multiple Home Network Service (APN) Access
The 3GPP system architecture supports the concept of an Access Point
Name (APN). An APN can identify a particular routing domain and can
be used by 3GPP operators to segment user traffic. APNs are included
in the session establishment signaling sent by 3GPP User Equipments
(UEs), identifying which routing domain they want to be connected to.
Furthermore, 3GPP has defined a system architecture which supports
the ability of a single UE to have simultaneous connectivity to a
plurality of APNs, and be allocated multiple IPv4 addresses and/or
IPv6 prefixes from the network.
There is a need to ensure multiple APN access for a subscriber in the
community Wi-Fi network.
4.9. CPE Identity and Authorization
There are two known models with respect to CPE roll out. The
consumer may purchase a device off the shelf and plugin to the
network, or the operator at the time of service creation may have
shipped a new device with the pre-provisioned service configuration.
In either case, the operator needs to be able to identify the device
based on the IP address and associate that to a given location.
The Wi-Fi network performs access control of UEs, via the CPE acting
as AAA supplicant. As a result, the mobile network does not
authenticate directly the user but shall trust the CPE performing the
authentication.
4.10. Mobility within the WLAN Access Network
The mobile node should have the ability to roam within the Wi-Fi
domain. Depending on the deployment model, the mobile node may roam
across different IP subnets. To survive to such handover, some
applications (e.g. VPN, streaming) need the IP address to be
preserved.
A WLAN network may include a large number of Wi-Fi base stations. In
Gundavelli, et al. Expires October 25, 2013 [Page 11]
Internet-Draft Service Provider Wi-Fi Services April 2013
some occasions, two or more Wi-Fi base stations may cover the same
area. When a subscriber receives Wi-Fi service in this overlapped
area, the device may bounce between different base stations. This is
typical Proximity problem. In this scenario, it is important for the
WLAN to offer mobility to the subscriber as such the subscriber can
continue the services without changing its IP address.
4.11. Mobility across WLAN and Macro Access
A mobile node should have the ability to handover from macro network
to the Wi-Fi network and be able to retain IP address configuration
and be able to access the home operator services.
4.12. Differentiated Services for Users behind RG
A Wi-Fi operator enabling Hotspot Services on a residential gateway
is required to ensure the service levels for the home user is not
impacted as a result of opening up the service for public usage. The
home user should always have preferred access over public users and
the operator may be bound to meet the Service Level Agreements. This
essentially requires the operator to be able to differentiate the
service flows and apply differentiated service treatment. The
operator should be able to enforce QoS policing and labeling of
packets to enforce QoS differentiation.
A single operator has deployed both a fixed access network and a
mobile access network. In this scenario, the operator may wish a
harmonized QoS management on both accesses. However the fixed access
network does not implement a QoS control framework. So, the operator
may choose to rely on the mobile network, specifying the standard
framework to provide a QoS control, to enforce the QoS policy from
the mobile gateway to the Wi-Fi Access network.
4.13. Lawful Intercept (LI)
Lawful Intercept [RFC2119] stands for legally authorized interception
and monitoring of communications to and from a subscriber under
Surveillance by a Law Enforcement Agency. In most of the countries,
there are legal obligations for Service Providers to facilitate the
intercept of any subscriber's communication if requested by law
enforcement agencies. Communications Assistance for Law Enforcement
Act (CALEA), the United States wiretapping law passed in 1994 is an
example for such legal mandates. This section talks about Lawful
Intercept solution requirements that are operators are required to
support when offering WLAN services.
The following are the key considerations with respect to supporting
Lawful Intercept capability in Wi-Fi architectures.
Gundavelli, et al. Expires October 25, 2013 [Page 12]
Internet-Draft Service Provider Wi-Fi Services April 2013
o The operator should have the ability to capture IP traffic from
any of the mobile nodes for which the operator is offering Wi-Fi
services.
o The ability to identify the Geo-location of the mobile node to the
nearest WLAN access point.
o The ability to track the mobile node's roaming within the network,
even when there are no active IP flows.
o The ability to pre-provision Lawful Intercept for an inactive
mobile node so that that the capture of IP traffic can be
initiated anytime new IP flows associated to that mobile node are
detected.
o Lawful Intercept (LI) should be undetectable by the intercept
subject
o Mechanisms should be in place to limit unauthorized personnel from
performing or knowing about lawfully authorized intercepts
o If the information being intercepted is encrypted by the service
provider and the service provider has access to the keys, then the
information should be decrypted before delivery to the Law
Enforcement Agency (LEA) or the encryption keys should be passed
to the Law Enforcement Agency to allow them to decrypt the
information.
4.14. Subscriber Management and Charging
It refers to the capability to manage network resources on a per
subscriber, and eventually on a per-flow, basis. Subscriber
management should be able to maintain a user context associating the
user identifier with specific network resource (e.g. IP address,
default router, mobility/traffic anchoring point,...), QoS profile,
billing context and specific network functions (e.g. legal
interception). The user context includes traffic selectors if
subscriber management is on a per flow basis. Subscriber management
should be done according to the user subscription, the user
preferences and/or operator policies.
The ability to charge the subscriber is the fundamental business
requirement before an operator can deploy the Wi-Fi service. The
operator should have the ability to enforce charge the subscriber by
usage and enforce quota policies. This is the basis for keeping the
service operational and managing inter-operator roaming agreements.
Gundavelli, et al. Expires October 25, 2013 [Page 13]
Internet-Draft Service Provider Wi-Fi Services April 2013
4.15. Handling the Walk-by Users
In the case of community Wi-Fi, the network is an open network with
the SSID visible to any wireless LAN device. This essentially
creates a situation where any walk-by user's mobile terminal
automatically gets connected to the Wi-Fi network and results in a
subscriber session creation. The user may not be having any
intention in connecting to the Wi-fi network and infact may not be
using the mobile device, but the device gets attached to the network
and a subscriber session and other network resources get locked up
for that user session. The situation is especially worse in public
hotspots such as train stations, or Airports where there is high
traffic. This is important that this situation is correctly handled.
4.16. Overlapping IPv4 Address Support
The transition from IPv4 to IPv6 is a long process, and during this
period of transition, the Wi-Fi operators will have to continue to
offer IPv4 services. However, these operators may not have
sufficient public IPv4 addresses for all the Wi-Fi devices in their
network. For addressing this IPv4 exhaust issue, operators may have
to leverage transitioning technologies such as NAT64, Dual-Stack
Lite, 6rd or other approaches. These operators may also choose to
segment the network into regions and two regions may use overlapped
IPv4 address space to provide IPv4 services to users.
In a different scenario, a roaming user from a partners network, with
an established mobility session with her home network, may be using a
private IPv4 address and this IPv4 address may be overlapping with
the address space that is being used in this access network.
Furthermore, the IPv4 address space that is used for assignment to
Wi-Fi subscribers should not conflict with the IPv4 addresses used on
the Cable/DSL transport network.
The Wi-Fi operator should be able to handle all these scenarios
related to overlapping private IPv4 address usage.
4.17. Service Provisioning & Monitoring
Deployment of any community based Wi-Fi access will require
additional Wi-Fi specific configuration on a per Residential Gateway
basis. In order to support scalable deployment, the Service
Providers should be able to provision these configuration options
remotely. This remote provisioning frame work must support the
following:
Gundavelli, et al. Expires October 25, 2013 [Page 14]
Internet-Draft Service Provider Wi-Fi Services April 2013
o Secure provisioning of the RG with community WiFi parameters to
minimize the theft of service
o Ability to separate the private home subscriber traffic from the
community WiFi traffic in the access network
o Privacy and protection of private Residential subscriber traffic
from the community WiFi users
o Ability to remotely shut down an Residential Gateway which has
been hijacked by hackers and is being used for DoS attacks.
o Ability to temporarily disable services for the community based
WiFi support while maintaining service to the Residential fixed
broadband subscriber
o Seamless integration of the WiFi provisioning aspects of the
Residential Gateway into the existing RG provisioning
infrastructure implemented by the Fixed Broadband Providers
o Dynamic Service Monitoring Capability for managing the Wi-Fi
Service.
5. Solution Approaches & Considerations
The following section identifies the different mobility approaches
that Wi-Fi operator can leverage for deploying this Wi-Fi services.
5.1. PMIPv6 MAG on the RG: Layer-3 Encapsulation between CPE and Access
Gateway
5.2. Ethernet-over-IP Support on the RG: Layer-2 Encapsulation between
CPE and Access Gateway
5.3. Local Aggregation for Subscriber Control and Internet Offload
5.4. Mobility Chaining: Integration with Mobile Packet Core
6. IANA Considerations
This document does not require any IANA actions.
7. Security Considerations
This specification identifies the requirements for enabling Community
Gundavelli, et al. Expires October 25, 2013 [Page 15]
Internet-Draft Service Provider Wi-Fi Services April 2013
Wi-Fi Services over Residential architectures and the potential
solution approaches for addressing those requirements. The security
analysis for each of those requirements are covered in those
respective sections.
8. Acknowledgements
The authors would like to thank Bill Choinski, John Coppola and
Sangeeta Ramakrishnan for all the discussions related to Service
Provider Wi-Fi Service requirements. The authors would also like to
thank Byju Pularikkal for all the discussions and text contributions
related to Lawful Interception and Service Provisioning.
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
9.2. Informative References
[I-D.gundavelli-netext-multiple-apn-pmipv6]
Gundavelli, S., Grayson, M., Lee, Y., Deng, H., and H.
Yokota, "Multiple APN Support for Trusted Wireless LAN
Access", draft-gundavelli-netext-multiple-apn-pmipv6-01
(work in progress), February 2012.
[I-D.gundavelli-netext-pmipv6-wlan-applicability]
Gundavelli, S., "Applicability of Proxy Mobile IPv6
Protocol for WLAN Access Networks",
draft-gundavelli-netext-pmipv6-wlan-applicability-03 (work
in progress), April 2012.
[I-D.ietf-netext-pmip6-qos]
Liebsch, M., Seite, P., Yokota, H., Korhonen, J., and S.
Gundavelli, "Quality of Service Option for Proxy Mobile
IPv6", draft-ietf-netext-pmip6-qos-00 (work in progress),
June 2012.
[I-D.ietf-netext-pmipv6-sipto-option]
Gundavelli, S., Zhou, X., Korhonen, J., and R. Koodli,
"IPv4 Traffic Offload Selector Option for Proxy Mobile
IPv6", draft-ietf-netext-pmipv6-sipto-option-07 (work in
progress), October 2012.
Gundavelli, et al. Expires October 25, 2013 [Page 16]
Internet-Draft Service Provider Wi-Fi Services April 2013
[I-D.liebsch-netext-pmip6-authiwk]
Gundavelli, S., Liebsch, M., and P. Seite, "PMIPv6 inter-
working with WiFi access authentication",
draft-liebsch-netext-pmip6-authiwk-05 (work in progress),
September 2012.
[RFC2663] Srisuresh, P. and M. Holdrege, "IP Network Address
Translator (NAT) Terminology and Considerations",
RFC 2663, August 1999.
[RFC3924] Baker, F., Foster, B., and C. Sharp, "Cisco Architecture
for Lawful Intercept in IP Networks", RFC 3924,
October 2004.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006.
[RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K.,
and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008.
[RFC5844] Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy
Mobile IPv6", RFC 5844, May 2010.
[RFC6757] Gundavelli, S., Korhonen, J., Grayson, M., Leung, K., and
R. Pazhyannur, "Access Network Identifier (ANI) Option for
Proxy Mobile IPv6", RFC 6757, October 2012.
[TS23402] 3GPP, "Architecture enhancements for non-3GPP accesses",
2010.
Authors' Addresses
Sri Gundavelli
Cisco
170 West Tasman Drive
San Jose, CA 95134
USA
Email: sgundave@cisco.com
Gundavelli, et al. Expires October 25, 2013 [Page 17]
Internet-Draft Service Provider Wi-Fi Services April 2013
Mark Grayson
Cisco
11 New Square Park
Bedfont Lakes, FELTHAM TW14 8HA
ENGLAND
Email: mgrayson@cisco.com
Pierrick Seite
France Telecom - Orange
4, rue du clos courtel BP 91226
Cesson-Sevigne, 35512
France
Email: pierrick.seite@orange-ftgroup.com
Yiu L. Lee
Comcast
One Comcast Center
Philadelphia, PA 19103
U.S.A.
Email: yiu_lee@cable.comcast.com
URI: http://www.comcast.com
Gundavelli, et al. Expires October 25, 2013 [Page 18]