The increasing proliferation of mobile devices with Internet access contributed to clarify some important limitations of TCP/IP stack regarding mobility, multihoming, traceability and security. In its original design, Internet IP addresses were overloaded to simultaneously support host identification (ID) and location (Loc). As a consequence, application functionality can be affected when IP addresses are changed to update mobile nodes location. This dual functionality causes many problems in the current Internet, especially in supporting mobility. To deal with this limitations several solutions based on the idea of ID/Loc splitting have been proposed. In this position paper we present and compare some of them, summarizing their main features and limitations. We also identify opportunities and challenges for future research in the area as well as expected impacts/relations with other Future Internet aspects.
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Host Identification and Location Decoupling a Comparison of Approaches
1. Host Identification and Location Decoupling:
A Comparison of Approaches
Bruno Magalhães Martins Antônio Marcos Alberti
Instituto Nacional de Telecomunicações - Inatel Instituto Nacional de Telecomunicações - Inatel
P.O. Box 05 - 37540-000 P.O. Box 05 - 37540-000
Santa Rita do Sapucaí - MG - Brazil Santa Rita do Sapucaí - MG - Brazil
brunom@mtel.inatel.br alberti@inatel.br
Abstract - The increasing proliferation of mobile devices with finally the traceability of users and their terminals in the case
Internet access contributed to clarify some important limitations of of misconduct actions [2].
TCP/IP stack regarding mobility, multihoming, traceability and Multihoming means to have multiple simultaneous access
security. In its original design, Internet IP addresses were
connections for a network or host. Therefore, multiple
overloaded to simultaneously support host identification (ID) and
location (Loc). As a consequence, application functionality can be locators must be used for the same network or host, at the
affected when IP addresses are changed to update mobile nodes same time. It enables access redundancy, load balancing and
location. This dual functionality causes many problems in the adequate provider selection.
current Internet, especially in supporting mobility. To deal with With ID/Loc splitting, IDs are used by the application and
this limitations several solutions based on the idea of ID/Loc transport layers to identify a node, while the locators are used
splitting have been proposed. In this position paper we present and by network layer to logically locate them in the topology and
compare some of them, summarizing their main features and route packets to/from the nodes. Based on this principle,
limitations. We also identify opportunities and challenges for
several approaches were proposed in literature and standards.
future research in the area as well as expected impacts/relations
with other Future Internet aspects. In this scenario, this paper aims to present, analyze
qualitatively and discuss some of the ID/Loc splitting
Keywords– ID/Loc splitting, mobility, location, identification, approaches, identifying opportunities for future research and
multihoming. summarizing their main features and limitations.
The remaining of this paper is organized as follows.
I. INTRODUCTION Section II presents some protocols and architectures for
ID/Loc splitting; Section III discusses them, summarizing
The Internet is underpinned by principles established for over
their main features and limitations; finally, in Section IV we
40 years, when memory resources, processing and
conclude the paper.
communication were very limited. Its tremendous success and
diversity of applications have made claims far beyond for what
II. PROTOCOLS AND ARCHITECTURES FOR ID/LOC SPLITTING
it was originally proposed. Its popularization in environments
quite different from the time of its conception has placed in There exists several protocols and architectures for host
evidence many of its limitations, specially regarding scalability, ID/Loc splitting. The great majority is based in IP protocol.
mobility, multicast, multihoming, content distribution, unique The Mobile IP, HIP (Host Identity Protocol), LISP (Locator
identification and location of physical and logical network ID Separation Protocol) and MILSA (Mobility and
entities [1]. In general, the solution of these problems has been Multihoming Supporting Identifier Locator Split
to create new protocols to patch the architecture. However, this Architecture) are approaches that frequently appear in
approach has created a veritable "patchwork", which hinders literature.
the development of the network, preventing more meaningful A. Mobile IP
solutions to existing problems.
One of the main causes of these problems is the overload of The Mobile IP [3] (RFC-3344) was standardized by IETF
IP addresses, since IP-based networks use a single address for (Internet Engineering Task Force) as an approach to provide
both identification and location of hosts on the network. That is, IP devices mobility. The core idea is to designate two IP
the IP address has dual functionality. addresses for every device: (i) the home-address, which is a
Ensuring mobility is a major challenge when designing a new static address that works as an ID for the node at the
generation network, i.e. ensuring that users can move not only application layer; and (ii) the care-of-address, which locates
within your local network, but also change the access network the node at the network layer. The latter is dynamically
without loss of connectivity. Besides the logical coupling associated to node according to its current location on the
between hosts identifiers and locators, other challenges for network.
mobility support are the management of mobile devices The approach defines two basic components in the
location data, the routing of packets to/from these devices, architecture: the local agent and the foreign agent, which are
signaling the change from a home network to a visited one, and responsible to attribute respectively the home-address and the
care-of-address. A mobile device receives periodic
2. notification from an agent. It deduces it changed network when topology.
it stops to receive notifications from a local agent and it starts to Also, according to [8], the main idea of HIP is to create a
receive notifications from a foreign agent [4]. new namespace between network and transport layers of
The data sent to the Mobile Node (MN) are intercepted by the current Internet. This new layer – host identification layer –
local agent, which is responsible to store its current location. uses a host identifier (HI) to identify nodes in the network
The local agent encapsulates the data and retransmits them to and to create a dynamic mapping with its locator (IP
the foreign agent at the visited network. The foreign agent address). In other words, the host identification layer
retransmits the data to the MN. A mapping (or indirection) of corresponds to an indirection point between the HI and the
the home-address with the respective care-of-address is host locator.
required. Therefore, in Mobile IP devices can change its
The communication between hosts using HIP is not tied to
location without loss in connectivity. Figure 1 illustrates Mobile
the dual semantics of the IP address, allowing a host to be
IP functionality.
uniquely identified in the application and transport layers
through the new namespace and located by IP address.
Briefly, the HIP does not use the IP address as a node
identifier, since it decouples upper layers from network layer
Therefore, a node can move without losing its active
connections.
The host identity (HI) is static and globally unique. It was
developed thinking in the TCP/IP stack, but there is the
possibility to use it with other protocol stacks. This feature
makes HIP an interesting solution for post-IP or non-IP
technologies. In addition, each HI is uniquely associated
with a host and it is the result of a cryptographic hash
function. The purpose of using encryption to create host
Fig. 1. Mobile IP functionality. identifiers is the possibility to authenticate connections in
Despite the mobility support offered by Mobile IP approach non-trusted networks. Moreover, the public key-based
and its great popularity in cellular networks, in [4] it is shown encryption allows each name to be considered statistically
that there is a considerable communication efficiency loss, since unique in a global environment.
tunneling increases overhead. Besides efficiency, there is the
Figure 2 partially illustrates TCP/IP protocol stack (left) in
triangular routing problem, where a packet destined to the MN
contrast to the new HIP protocol stack (right). In the latter,
needs to visit its home network before being routed to the
the host identifier and its locator are separated from each
current location. This introduces an extra delay, which could be
very high for real time interactive communications. Mobile other. The IP address will continue to act as a locator, while
IPv6 avoids triangular routing using a routing optimization the HI is responsible for identifying the end host.
approach, where packets can be send directly to the care-of-
address agent.
B. HIP – Host Identity Protocol
According to several references in literature [6][7][8], the
standard Mobile IP does not fully solve the problems of
mobility and safety on the Internet, because it relies on the IP
routing to route packets, where a malicious user can
impersonate another and make a Denial of Service (DoS)
attack. For example, through false address notification Fig. 2. Current Internet (left) and HIP protocol (right) [6].
messages.
C. LISP – Locator Id Separation Protocol
According to [8], there are three critical flaws in the current
Internet namespace. Firstly, the dynamic readdressing can not LISP [9] is a proposal from Cisco Systems with a similar
be managed directly; secondly, the anonymity can not be goal to those of HIP and Mobile IP protocols, i.e. to support
provided consistently and reliably; finally, there is no mobility and multihoming in TCP/IP networks. However,
authentication for systems and packets. These deficiencies stem LISP protocol is based on address mapping between edge
from the fact that the current computing platforms inefficiently and core IP networks and IP tunneling over UDP (User
use the current namespace. Datagram Protocol) for packet delivery. According to [9],
However, other proposals have been studied. HIP [8] (RFC LISP is a protocol used to implement IP address separation
4423) is an alternative to Mobile IP protocol and it is based on in EIDs (Endpoint Identifiers) and RLOCs (Routing
creating a new namespace, which provides a static name to the Locators). This mechanism requires neither changes in the
host in order to uniquely identify them. Thus, a given IP end hosts, nor changes in the infrastructure of existing
address is used only for the location of host on the network databases.
3. LISP deployment occurs at edge routers of an IP network, performance and to support mobility; (iii) separation of the
whose IP addresses are used as routing locators (RLOC) for identifier and locator to provide transparency to the
hosts on their domain. These routers are responsible for application and transport layers.
mapping EIDs on hosts locators [10]. Also according to [7], a domain represents a group of
Since the target domain has been determined by the ITR hosts in the same hierarchy and it is responsible for
(Ingress Tunnel Router), this router performs a search for a assigning the identifier for entities in its scope. Domains
map in an RLOC EID to determine the routing path to the from the same hierarchy establish trust relations, while the
ETR (Egress Tunnel Router). Packets sent to the recipient are zone is a topologically aggregated physical unit responsible
encapsulated (a datagram inserted into another) in the ITR for assigning and aggregating hosts connected to them.
The logical link between a domain and a zone is
with a new header, where the destination IP address in the
maintained by the RZBS (Zone Bridging Realm Server).
datagram is configured as the destination RLOC IP address.
This server can be designed considering particularities of a
This RLOC is responsible for routing to the destination
certain domain hierarchy. In other words, a domain
domain. In the area of the recipient, the ETR will decapsulate authority is responsible for identifying hosts belonging
the packet and route it according to the EID of the destination logically to him, while a zone authority holds the
host. This process creates a tunnel between the edge routers. information of one or more addresses or locators of such
Figure 3 illustrates the operation of LISP. hosts. The RZBS takes care of mapping domains and zones,
dynamically mapping host identifiers on locators. Figure 4
illustrates MILSA.
Fig. 3. LISP functioning [11].
Consider the scenario of Figure 3, where the SourceNode
(EID = 1.0.0.1) wants to communicate with the Fig. 4. MILSA conceptual architecture [7].
DestinationNode (EID = 2.0.0.2). Since the ITR (RLOC =
11.0.0.1) knows the chosen destination ETR (RLOC = The two terminals MILSA user identifiers illustrated in
12.0.0.2), it encapsulates the data containing the EID of Figure 4 could be "User-1.Subdomain-1.Domain-A" and
SourceNode and sends them to the DestinationNode ETR. "User-2.Subdomain-2.Domain-B", respectively. The
The ETR, in turn, receives data and forwards them to the leftmost part of the identifier would be designed as flat and
DestinationNode through its EID 2.0.0.2. In other words, the the rest of the name could be conceived in a hierarchical
manner, in order to represent the logical position at the
SourceNode knows the EID identifier of the DestinationNode
domain hierarchy. Figure 5 illustrates name composition in
and the ITR knows ETR RLOC`s locator.
MILSA.
Despite the overhead added by this encapsulation and the
inflexibility to use LISP in post-IP or non-IP architectures,
there are many benefits achieved by separating the current
address space in EIDs and RLOCs: (i) the routing table size
reduction at the DFZ (Default-Free Zone); (ii) the
multihoming support for sites that are connected to different Fig. 5. MILSA name formation example.
service providers (in which they can control their own flow
policies); and (iii) the easier IP readdressing when customers The flat part of the name must be unique in the
change service operators [9]. subdomain to avoid conflicts and it can be created based on
public key encryption or hash algorithms. If both users are
D. MILSA – Mobility and Multihoming Supporting
in the same subdomain, there is no need to use full names,
Identifier Locator Split Architecture
it is necessary, therefore, only the leftmost part of the name.
The MILSA architecture [7] was proposed as a solution to
the problems of naming, addressing and routing in the current E. Akari ID/Loc Decoupling Approach
Internet. There are three principles adopted in MILSA: (i) The Akari [1] project involves Japanese government,
separation of trust relations, called domains, and the relations universities and the private sector to design and implement
of connectivity, called zones; (ii) separation between the a new generation network by the year 2015. The project's
functions of signaling and data plan, in order to improve motto is "a little light in the darkness that points to the
4. future" and its philosophy is to seek the ideal architecture for host’s proprietary public key, in a process similar to what
a new generation network. happens on HIP with the HIT (Host Identity Tag). Such
Akari Project has three basic principles that underlie the HIDs are released on the network or to a name resolution
creation of a new generation network: (i) the KISS (Keep It system, while host’s proprietary private key is kept
Simple, Stupid) principle, which states that the network layer confidential to enable further authentication. The HID
should be kept as simple as possible; (ii) real world based delivery is used in access or edge networks. For
connection principle, which supports the interaction of the global scale, MCP approach is to form HIDs hierarchically,
virtual world with the real world and that confirms the including Autonomous System (AS) number [14].
necessity identification and location decoupling; and (iii), the To locate the backbone nearby some host, MCP uses a
principle of sustainable development, which means that the network locator (LOC). It is used to delivery data packets
network must become a free environment for progress and between core backbones. At the access or edge networks,
development, being able to meet society's demand for many HIDs are used to communicate. To support host mobility,
decades [1]. network locator is updated to reflect its current position,
The Akari proposed architecture uses distinct sets of while HID remains static. Mapping (or indirection
entities to identify and locate hosts on the network. However, resolution) between LOC and HID is dynamically done
this proposal is quite different from those previously through a system called LBS (LOC Binding System).
mentioned, since it is independent of the interconnection Figure 7 illustrates MCP protocol stack compared to
technology. In other words, the solution proposed by the TCP/IP.
Akari project can be applied in post-IP or non-IP networks.
Akari identifiers can be hierarchical or flat. Identifiers
hierarchically established can support greater network
coverage and scalability as well as to provide tips to locators
resolution. However, they may require a central authority to
assign its hierarchical components. Moreover, the flat
identifiers allow network nodes to create your identifiers
autonomously. The project authors consider very important
for both types of identifiers the deployment of a high
availability identification/location mapping database [1].
Also according to Harai [1], a host can be identified by two
ways: by name and/or by its identifier (ID). A name can be
local or global. Local names are unique on the local network
and are used for host identification and network management.
These names are generated by the combination of
representative host related words, i.e. their function in
context, owner, serial number or date and time of installation
of the host on the network.
Consider the protocol stack of Figure 6. The application
layer sends data to the transport layer through an interface
identified by the primary source and destination IDs, in
addition to the related application port number. The transport
layer, in turn, inserts the transport header in the packet and
sends it to the identity layer through another interface also
identified the primary ID. In the identity layer, the primary
identifier is mapped to an active identifier, which is inserted Fig. 6. Akari proposal for an identity layer between transport and network
layers. Adapted from [1].
in the header of this layer. A second mapping between the
active identifier and the host locators is also done by this
identity layer. Then, this layer inserts the active identifier in
the packet and sends this packet to the network layer through
an interface identified by source and destination locators.
Finally, the source and destination locators are entered into
the network layer header and the packet is then sent to its
destination.
F. MCP – Mobility Control Protocol
Fig. 7. TCP/IP stack (left) compared to MCP (right).
MCP is a South Korean approach to deal with host mobility
in future networks. It was developed on the scope of MOFI MCP network layer is divided into two sublayers: host
(Mobile Oriented Future Internet) project. According to [14], communication sublayer and packet delivery sublayer.
hosts are uniquely and statically identified by a HID (Host Host communication contains two protocols: ADP (Access
Identifier). HIDs are obtained by a 128 bits hash function of a
5. Delivery Protocol) and BDP (Backbone Delivery Protocol), Akari identifiers are totally flexible, independent of the
respectively used on access and backbone networks. interconnection technology. In addition, they are created
based on the result of a hash function of the host name,
III. COMPARISON OF PRESENTED APPROACHES which in turn is legible and captures network hierarchical
The choice of the naming scheme is an important starting information at local and global level.
point in designing a network architecture, since many aspects Security support in Mobile IP uses IPSec, while LISP
(such as security and routing) are dependent on how the security is based on the mapping process from EIDs to
names are designed. Consider Mobile IP and LISP. Both are RLOCs. HIP, MILSA, Akari and MCP use the concept of
based on the current Internet hierarchical naming scheme. cryptographic identities to encrypt information as a way of
They divide IP address space in two hierarchical namespaces implementing security for packets transmission.
to support host ID/Loc splitting. On the other side, HIP uses a Regarding mobility, Mobile IP does not provide
flat namespace to uniquely identify hosts and IP addresses to transparent support for mobility, i.e. to update the location
location them in the network topology. Moreover, MILSA of a mobile node the local agent must intervene creating the
and Akari identifiers are partially plane and partially previously cited triangular routing. This fact implies in long
hierarchical. MILSA identifiers are IP-based, but can be waiting times while updating the location records. Also, it
adapted to be used with another type of protocol. can cause packet loss. The routing optimization for Mobile
According to Harai [1], most of these approaches are based IPv6 attempts to address such problem, but it requires
on inflexible identifiers (using IP addresses), such as Mobile considerable changes to both end hosts [7].
IP and LISP, or based on identifiers generated by public key The LISP approach has some drawbacks such as
cryptography, such as the HIP. The advantage of using IP- increased overhead and delays caused by the mapping of
based identifiers is that current Internet applications can still EIDs to RLOCs. Packet loss is also a concern. In HIP,
be used without change. However, these approaches are packet loss can happen when two communication terminals
inflexible and can not be used in post-IP or non-IP move at the same time.
architectures. On the other side, identifiers based on public Table 1 summarizes the comparisons between the main
key cryptography or hash functions are long and unreadable features of ID/Loc splitting protocols.
for humans, despite its advantages in terms of security.
TABLE I – ID/LOC SPLITTING COMPARISON TABLE.
Mobile IP HIP LISP MILSA Akari MCP
aming Hierarchical (IP); Flat; opaque names. Hierarchical (IP); Partially flat, Flat with a hierarchical Flat, but hierarchical
Scheme legible names. legible names. partially portion. Legible names for portion being studied to
hierarchical. local and global names in the work world-wide.
hierarchical part.
Routing Only IP – Inflexible. IP, post-IP or non-IP Only IP – Inflexible. IP routing. Can use Fully flexible. Routing IP, but can be adapted
– Flexible. ROFL. Partially independent of transport to become flexible.
flexible. technology.
Security IPSec. Public key Related to EID- Public key Public key cryptography and Public key
cryptography. Deny RLOC mapping. cryptography. hash function. cryptography and hash
of service problem. function.
Performance Increased overhead; Overhead on host Increased overhead, Overhead on HMS Overhead on identity layer. Overhead on HID-LOC
triangular routing; identifica-tion layer. latency in EID- layer. mapping.
waiting on update RLOC mappings.
registration.
Packet loss Due to long waiting When two terminals Can occur due to Not analyzed. Not analyzed. Not analyzed
periods on record move at the same mapping delay.
update. time.
Internet. All approaches are concerned with security
IV. CONCLUSION
aspects, but some of them restricted to current IP security
The host ID/Loc splitting is one of the most important solutions. Therefore, more holistic and integrated designs
solutions to address the shortcomings of mobility, are required, e.g. to support trust networks; to
multihoming, security, and other problems associated with accommodate information ID/Loc splitting; to support not
dual functionality of IP addresses. Although there are today only hosts mobility, but also other entities mobility; to
several proposals to separate the identification and location of enable automatic functionalities in order to reduce human
networked devices, as Jianli describes in [7], most of them do intervention, etc. Finally, performance is a concern in
not provide a comprehensive solution for the relationship approaches that use tunneling or dual addressing. The
among identifiers, names, locators and routing. solutions that create new layers increase the overhead,
In this position paper we have provided a qualitative decreasing efficiency. Is the approach to create new layers
comparison among some important approaches for ID/Loc the best one?
splitting. We can observe a great diversity of approaches. From this comparison, we identified some issues and
Some maintain compatibility with IP, but are unable to open research challenges: (i) what is the most appropriate
support experimentation and to be integrated with post-IP name scheme for a new Internet: flat, hierarchical, mixed or
6. both? (ii) should routing be compatible with IP? (iii) how to
support multi-path, multicast and anycast routing on these
proposals? (iv) how to support millions or billions of
networked devices in the so called Internet of Things (IoT)?
In other words, how to enable scalability? (v) several
proposals for a new Internet also perform
information/location decoupling. How to create more holistic
approaches for ID/Loc splitting and indirection resolution?
(vi) how to analyze performance of these and other proposals?
Many of these questions need to be answered.
REFERENCES
[1] HARAI, Hiroaki. et al. Akari (2007) ew Generation etwork
Architecture AKARI Conceptual Design (ver2.0), Available at project
web site1 in March 2011.
[2] IN Min-kyo, LEE Seung-yun, KIM Dae-young. Splitting mechanism for
IP into Identifier and Locator in G . 2007.
[3] PERKINS C. RFC3344 - IP Mobility Support for IPv4. 2002.
[4] RAMACHANDRAN, Kishore. Mobile IP - deployment after a decade.
2005.
[5] JOHNSON D., PERKINS C. and ARKKO J. RFC 3775 Mobility
Support in IPv6. 2004.
[6] BARBATO, Wander. A mobilidade na Internet com o padrão HIP.
2007.
[7] JIANLI Pan, SUBHARTHI Paul, RAJ Jain, MIC Bowman. MILSA: A
Mobility and Multihoming Supporting Identifier Locator Split
Architecture for aming in the ext Generation Internet. 2008.
[8] MOSKOWITZ, R. NIKANDER, P. RFC 4423 - Host Identity Protocol
(HIP) Architecture. 2006.
[9] LEWIS, D.; MEYER, D.; FARINACCI, D.; FULLER, V. Locator/ID
Separation Protocol (LISP). Work in Progress. 2010. Disponível em
http://tools.ietf.org/html/draft-ietf-lisp-06 LISP Draft 06, January 2010.
[10] IANNONE, L., SAUCEZ, D., BONAVENTURE, O., OpenLISP: An
Open Source Implementation of the Locator/ID Separation Protocol.
2009.
[11] MEYER, D. The Locator/Identifier Separation Protocol (LISP). The
Internet Protocol Journal, Volume 11, No. 1. Available at
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ ipj_11-
1/111_lisp.html. 2010.
[12] CAESAR Matthew, CONDIE Tyson, KANNAN Jayanthkumar,
LAKSHMINARAYANAN Karthik, STOICA Íon. SHENKER Scott
ROFL: Routing on Flat Labels. 2006.
[13] CAMPISTA, Miguel Elias M. et al., Interconexão de Redes na Internet
do Futuro: Desafios e Soluções. 2010. Technical report available at
author web site2 in March 2011.
[14] KIM Ji In and KOH Seok Joo . Mobility Control Protocol for MOFI.
September 2010.
1
http://akari-project.nict.go.jp/eng/conceptdesign.htm#Akari_6
2
http://www.gta.ufrj.br/ftp/gta/TechReports/CFM10.pdf. 2010.