Beruflich Dokumente
Kultur Dokumente
Guillaume Gottardi - Consulting Systems Engineer Patrice Nivaggioli - Consulting Systems Engineer
Cisco Confidential
Introduction 3GPP Architecture readiness for IPv6 : Dual-Stack in UMTS 3GPP Architecture readiness for IPv6 : Dual-Stack in LTE IPv6 only endpoints ? Dual-Stack deployment scenarios IPv6 only deployment scenarios Conclusion
Cisco Confidential
Introduction
Presentation_ID
Cisco Confidential
Cisco Confidential
simultaneous updates
Bandwidth hogging, concurrent
unique characteristics
2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Key Benefits: Subscriber aware NAT - per subscriber control - per subscriber accounting Large Scale (further enhanced by distribution) Highly available (incl. geo-redundancy)
Key Benefits: Integrated NAT for multiple administrative domains (operational separation) Large Scale Overlapping private IPv4 domains (e.g. w/ VPNs)
PE
10.1.1.1
10.1.2.1
IPv4 Internet
10.1.1.1
10.1.1.1
PE
IP/MPLS
10.1.1.1
Limited IPv4 life extension for large domains Run-out of private IPv4 addresses (more than ~16M addresses needed)
Approaches Standalone CGN: Access tunnels extended to NAT44 (e.g. using MPLS VPN) Gateway-Initiated Dual Stack Lite (draft-ietf-softwire-gateway-init-ds-lite-02) Gateway-Integrated NAT w/ distributed local address pools Per gateway RFC1918 address space
Cisco Confidential
Presentation_ID
Cisco Confidential
GPRS/UMTS
AAA/HLR
Gr Gb Gn/Gp Gc Gi
BTS
GERAN (2.5G)
Internet
NodeB
UTRAN (3G)
Iu
SGSN
IPv4 only: UE GGSN link is IPv4 only IPv6 only: UE GGSN link is IPv6 only IPv4v6 (>= Rel. 9): UE GGSN link transports IPv4 and IPv6 (and has /64 prefix and IPv4 address configured)
Cisco Confidential
PCRF/AAA/DHCP
Deployment examples:
IPv4-Public
IPv6 as default for IMS, Youtube, iTunes, Google IPv4 as default for IPv4 internet IPv4 as fallback for roaming roaming
NodeB RNC
IPv6 impacts handsets, SGSN, GGSN, DNS, AAA, Policy Server, Billing, Gi-nodes/VAS platforms, OSS/BSS IPv6 and Dual Stack are well supported by 3GPP Standards 3G Pre-release 9 infrastructure requires PDP context per IP-Stack It doesnt solve the IPv4 exhaustion issue as IPv4 address is assigned to the handset It allows offload IPv4 infrastructure (NAT) to native off-net IPv6 services (Youtube...) and on-net (IMS/RCS...)
Cisco Confidential
10
PCRF/AAA/DHCP
Deployment examples:
IPv4-Public
IPv6 as default for IMS, Youtube, iTunes, Google IPv4 as default for IPv4 internet IPv4 as fallback for roaming roaming
NodeB RNC
3GPP R9 lifts the dedicated PdP context per stack restriction, and introduces the IPv4v6 PdP context supports Optimized design which requires less ressources and signalling as for dedicated stack case Considerations to request an IPv4 address on-demand ((e.g., when an application binds to an IPv4 socket interface)
Cisco Confidential
11
Select GGSN for given APN UE Attach Request Create PDP Context Request (APN, QoS, PDP-type=IPv6,) Option 1 empty UE IP-address for dynamic allocation Option 2 Option 3 Create PDP Context Reply (UE IP-address, Protocol config options (e.g. DNS-server list,), cause) Router Solicitation Router Advertisement DHCPv6 Information Request DHCPv6 Reply DHCPv6 Reply
2010 Cisco and/or its affiliates. All rights reserved.
SGSN
GGSN
AAA
DHCP
/64 prefix allocation: 3 Options: Local Pool, AAA, DHCP /64 prefix allocation from local pool Prefix Retrieval DHCPv6 PD Prefix communicated to SGSN
Attach Accept
SLAAC
Design Considerations
Content providers RAN NodeB Femto HNB RNC Gn Ga (GTP) Gn/Gp (GTP) Core Network GRX Ga (GTP) Ga (GTP) DNS IXC GGSN IMS Core RADIUS QS DHCP Signaling Data DPI NAT Policy WAP DMZ Internet
SGSN
Element eNodeB RNC SGSN HLR/HSS GGSN Billing DPI, Quote Server WAP, Data Accelerator Firewalls DNS
Design consideration (If IPv6 is used for internet & internal Apps)
Charging Billing System Radio layer. Gateway
Impact
No
Iu-CS/Iu-PS can use IPv4 backhaul Initiate mobile APN query & authentication IPv6 capable IPv6 PDP, standards IPv6 features, prefix allocation Mediation and processing of IPv6 CDR Pre-paid implementation, IPv6 parsing & CDR capability IPv6 packet compressions, cache capability IPv6 rules capability, performance IPv6 DNS capability
Cisco Confidential
13
Presentation_ID
Cisco Confidential
14
3GPP 23.401/23.402
HSS S6a (DIAMETER) SWx (DIAMETER)
PCRF
S12 (GTP-U)
UTRAN
GERAN
S4 (GTP-C, GTP-U) SGSN S3 (GTP-C) MME S11 (GTP-C) S1-MME (S1-AP) S10 (GTP-C)
Gx (Gx+) PDN-GW
Gxa (Gx+)
Gxb (Gx+)
S5 (PMIPv6, GRE)
E-UTRAN
UE
eNB
S1-U (GTP-U)
S-GW
S5 (GTP-C, GTP-U)
SWm (DIAMETER) S2a (PMIPv6, GRE MIPv4 FACoA) S2b SWa (PMIPv6, (TBD) GRE) ePDG STa (RADIUS, DIAMETER) SWn (TBD) Trusted Non-3GPP IP Access Untrusted Non-3GPP IP Access SWu (IKEv2, MOBIKE, IPSec)
Cisco Confidential
15
Dual Stack results in 2 EPC Bearers (i.e. two interfaces on PGW); Can be supported within the same APN
Cisco Confidential
17
Within EPS bearer setup signaling (typical) DHCPv4 (DHCP optional on UE and PGW)
IPv6 Address Configuration: 1 Method
Stateless Address Autoconfiguration after the bearer setup /64 prefix for the UE-PGN connection
Cisco Confidential
18
UE Attach Request
MME
SGW
PGW
AAA
DHCP
Create Session Request Create Session Request (APN, QoS, (APN, QoS, PDN-type=IPv6,) PDN-type=IPv6,) Option 1 Option 2 Option 3 Create Session Reply (UE IP-address, Protocol config options, cause) Router Solicitation Router Advertisement Create Session Reply (UE IP-address, Protocol config options (e.g. DNS-server list,), cause)
/64 prefix allocation: 3 Options: Local Pool, AAA, DHCP /64 prefix allocation from local pool Prefix Retrieval DHCPv6 PD Prefix communicated to SGW/MME
Attach Accept
SLAAC
Gateway Focused
Enable IPv6 customer applications
Control Protocols
v6 AVPs in Gx, Gy, Rf v6 AVPs/VSAs for S6b v6 IE in GTP v6 IE in GTP-C v6 LI SNMP, UDP, FTP
Addressing
ICMPv6, ND, SLAAC, Stateless-DHCPv6 Prefix allocation w/ priotity from Local-pool, Radius, DHCP Mobile-specific parameterization (29.061, clause 11.2.1.3.4)
Session Services
Per APN & interface redirect, ...
Security
Control Protocols
Gx, Gy, Rf over v6 S6b over v6 GTP over v6 GTP-C over v6 SNMPv6, FTPv6, UDP for LI SNMPv6
Security
Cisco Confidential 20
/60 /64
Entertainment; Video/TV/Voice
/60 /64
Approach
DHCPv6 Prefix Delegation added to 3GPP Architecture Follows draft-ietf-v6ops-ipv6-cpe-router
Cisco Confidential
21
subnet
IPv6 UE
Requesting Router
IPv6 Bearer
/64
PDN-GW
Delegating Router
/56
Route announced
Prefix Delegation
subnet
/64
Cisco Confidential
22
Presentation_ID
Cisco Confidential
23
IPv6 user plane with 3GPP defined tunneling: - GTP - PMIP/GRE - IPsec
Access Network: - native IPv4 and/or - native IPv6 - v6 tunneling options, e.g. 6PE apply as well
IPv6
eNB
SGW
IPv6
IPv6 only as a default service Simplify operations, optimize resource usage IPv4 kept as a backup service in case IPv6 not available (eg roaming) Still, bridging the IPv6 only islands with Public IPv4 resources is a must
Cisco Confidential
24
stateful
stateless
1. 2. 3. 4. 5. 6.
IPv6 Network
IPv4 Internet
IPv6 Network
IPv4 Network
IPv6 Internet
IPv4 Network
IPv6 Network
IPv4 Network
IPv6 Network
Cisco Confidential
25
Stateless
State creation Flow does NOT create any state in the translator, algorithmic operation performed on packet headers 1:1 mappings (one IPv4 address used for each translation to an IPv6 host), no IPv4 address savings IPv6 systems must have IPv4translatable addresses (RFC6052)
Stateful
Each flow creates state in the translator. amount of state based on O(# of translations) N:1 mappings (like NAPT with NAT44), save IPv4 addresses IPv6 systems may use any IPv6 addresses
Address Savings
Address Space
Cisco Confidential
26
Handset OS
Cisco Confidential
27
Cisco Confidential
28
IPv4 Application IPv4 Network Stack BIH IPv6 Network Stack IPv6 transport PGW IPv6 CNAT IPv4
IPv6
BIH function makes the needed Bump-in-the-API (BIA) and the Bump-in-the-Stack (BIS) changes
IPv4 Application
Socket API (IPv4) (Socket API Translator): Ext. Name resolver, Address mapper, function mapper TCP/UDP over IPv6 Interface Driver BIA
IPv4 Application
Cisco Confidential
29
Presentation_ID
Cisco Confidential
30
GGSN P-GW
IPv4 Internet
Incoming Responses: AAAA and/or A Records AAAA and/or A Records DNS Outgoing Responses: AAAA and/or A Records
IPv6 address allocated to UE via SLAAC/GGSN-PGW, IPv4 address allocated at PdP-context / bearer setup Mobile Gateway performs Inline Services, Header Insertion can be used for user identity propagation GGSN-PGW provides IPv4 MSISDN and IPv6 MSISDN correlation via RADIUS/DIAMETER to LI and Service Platforms No NAT involved, except in case of Private IPv4 where NAT44 is required
Cisco Confidential 31
Presentation_ID
Cisco Confidential
32
IPv6 address
RADIUS (MSISDN, IPv6) Lawful Interception RADIUS (IPv6, IPv4, Ports) GGSN P-GW Stateful NAT64 AFT Incoming Responses: A Records with IPv4 address
IPv6-Only Endpoint
IPv4 Internet
AAAA Records with synthesized Outgoing Responses: A Records with IPv4 NAT64 CGN address Address: PREFIX:IPv4 Portion:(SUFFIX) DNS64
IPv6 address allocated to UE via SLAAC/GGSN-PGW GGSN-PGW provides IPv6 MSISDN correlation via RADIUS/DIAMETER to LI Stateful NAT64 provides IPv6 IPv4 Ports correlation via RADIUS/DIAMETER/NETFLOW to LI DNS64/NAT64 synthesizes destination/target IPv4 addresses in AAAA records
Cisco Confidential
33
IPv6 address
Lawful Interception RADIUS (MSISDN, IPv4, Ports) GGSN P-GW Stateful NAT64 AFT Incoming Responses: A Records with IPv4 address
IPv6-Only Endpoint
IPv4 Internet
AAAA Records with synthesized Outgoing Responses: A Records with IPv4 NAT64 GW address Address: PREFIX:IPv4 Portion:(SUFFIX) DNS64
IPv6 address allocated to UE via SLAAC/GGSN-PGW Stateful NAT64 is performed on the Mobile Gateway GGSN-PGW provides IPv4, Ports MSISDN correlation via RADIUS/DIAMETER DNS64/NAT64 synthesizes destination/target IPv4 addresses in AAAA records
Cisco Confidential
34
IPv6 address
RADIUS (MSISDN, IPv6) RADIUS (IPv6, IPv4, Ports) GGSN P-GW Stateful NAT64 AFT
IPv6-Only Endpoint
IPv4 Internet
Incoming Responses: A Records with IPv4 address AAAA Records with synthesized Outgoing Responses: A Records with IPv4 NAT64 CGN Address Address: PREFIX:IPv4 Portion:(SUFFIX) DNS64
IPv6 address allocated to UE via SLAAC/GGSN-PGW GGSN-PGW provides IPv6 MSISDN correlation via RADIUS/DIAMETER Stateful NAT64 provides IPv6 IPv4 Ports correlation via RADIUS/DIAMETER/NETFLOW DNS64/NAT64 synthesizes destination/target IPv4 addresses in AAAA records NAT44 is used to translate private to public source IPv4 addresses (if private IP address is used on Stateful NAT64)
Cisco Confidential 35
IPv6 address
IPv6-Only Endpoint
Incoming Responses: A Records with IPv4 address AAAA Records with synthesized Outgoing Responses: A Records with IPv4 NAT64 GW Address Address: PREFIX:IPv4 Portion:(SUFFIX) DNS64
IPv6 address allocated to UE via SLAAC/GGSN-PGW Stateful NAT64 is performed on the Mobile Gateway Mobile Gateway performs Inline Services, Header Insertion can be used for user identity propagation GGSN-PGW provides IPv4, Ports MSISDN correlation via RADIUS/DIAMETER to LI and Service Platforms DNS64/NAT64 synthesizes destination/target IPv4 addresses in AAAA records
Cisco Confidential 36
Conclusion
Presentation_ID
Cisco Confidential
38
Dual-Stack challenges
3G: < Rel. 9: 2 PDP contexts needed dual stack (cost and scalability concern) Current OS-behavior (preferences, stack-selection) Often BSS/OSS/PCC infrastructure uses the IP-address/prefix to identify the subscriber: There can only be one address/prefix not two Operational overhead to operate two networks (routing, addressing, etc.)
Multiple SPs re-consider their strategy and consider IPv6-only UE connectivity (along with stateful NAT64) v6 only service offering options considered simple service: v6-only phones not so smart phones advanced service: v6/v4 phones with v6-only connectivity will require BIH/NAT46 on handset (there are still a lot of IPv4 only applications out there)
Cisco Confidential
39
NA(P)T44 Deployment
NAT on Gateway or Router/Standalone device: Both options considered Private IPv4 run out: Regionalization or GI-DS-lite NAT-Standalone deployments: How to select the appropriate NAT device?
Cisco Confidential
40
Thank you.