Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Support for Network-based User Mobility with LISP
1. Support for
Network-based
User Mobility with LISP
ANDREA GALVANI
S U P E R VISO R
PR O F. F U LVI O R I S S O
ACA D E MI C T U TO R S
P R O F. A L B E R T CA B E L LO S -A PA R ICIO
M.S. A L B E R TO R ODR IG UEZ -NATAL
4. Scenario
The user decides to change Wi-Fi network
The connection is dropped and has to be reinitialized
5. Scenario
The user decides to change Wi-Fi network
The connection is dropped and has to be reinitialized
6. Problem
A TCP connection is represented by a
4-tuple:
<source IP, source Port, destination IP, destination port>
When the user moves, his IP changes
The TCP connection is released
7. “Network-based”
Host-based: additional software needs to be
installed on the user’s host
Network-based:
No modifications to users’ devices
required
The network components take care of
the mobile hosts’ mobility
8. Goals
Connection continuity when roaming across
Wi-Fi networks
Users’ devices use standard TCP/IP stack
Network components are in charge of
managing users’ mobility
Minimize modifications to other components
Keep a high level of abstraction for future
developments
9. State of the art
IETF standards
•Mobile IP v4 / v6
•Proxy Mobile IP v6
Adopted in 3G networks
...No standards for Wi-Fi networks
10. IP address constraint
The IP address represents two properties at the
same time
• User’s identity
• User’s location
User’s location changes → User’s IP changes
11. LISP
Locator/ID Separation Protocol
Loc/ID split
• One address space for user’s identity
(EID – Endpoint IDentifier)
• One address space for user’s location
(RLOC – Routing LOCator)
User’s location changes → User’s RLOC changes
12. LISP overview
• xTR (Edge Router)
RLOC: 130.1.1.3
• Subnetwork with EID-prefix
• Users in the network are
given an EID from the prefix
• A Map-Server is used for
storing mappings
• A Map-Resolver for
retrieving mappings
EID – RLOC
10.1.1.0/24 – 130.1.1.3
EID: 10.1.1.7
EID-prefix:
10.1.1.0 /24
13. LISP in a nutshell
RLOC: 130.1.1.3
IP
ping
RLOC: 150.1.1.5
2
10.1.1.1 → 10.1.2.3
ICMP
Internet
1
3
Map-Reply
10.1.2.3 – 150.1.1.5
EID: 10.1.1.1
EID-prefix:
10.1.1.0 /24
EID: 10.1.2.3
EID-prefix:
10.1.2.0 /24
14. LISP in a nutshell
RLOC: 130.1.1.3
Internet
RLOC: 150.1.1.5
4
IP
10.1.1.1 → 10.1.2.3
ICMP
ping
IP
UDP
4341 -> 4341
LISP
ICMP
EID-prefix:
10.1.1.0 /24
10.1.1.1 → 10.1.2.3
ICMP
ping
(Data)
IP
EID: 10.1.1.1
IP
130.1.1.3 → 150.1.1.5
5
10.1.1.1 → 10.1.2.3
ping
RLOC: global scope
EID: local scope
EID: 10.1.2.3
EID-prefix:
10.1.2.0 /24
17. Solution Design – LISP-ROAM
A solution to be implemented by Internet
Service Providers
New mobility service
Full trust agreement
Possibility to roam across every network
User is assigned a fixed EID
18. Five Steps
Everytime a user connects to a network...
1.
User authentication
2.
User’s EID retrieval
3.
User’s local configuration
4. User’s home Map-Server retrieval
5.
User’s location update
20. 2. User’s EID retrieval
Access-Request
alice, ***
2
3
Access-Accept
EID = 10.1.2.121
alice@domainA.com
***
1
domainA.com
Username
Password
EID
alice
***
10.1.2.121
bob
***
10.1.2.137
The RADIUS Server can store
multiple attributes
It’s possible to store user’s EID
The RADIUS Server returns
the EID embedded in the
Access-Accept
21. 3. User’s local configuration
• If the user is in his
home network
He’s part of the EIDprefix
10.1.1.169
EID-prefix:
10.1.1.0 /24
22. 3. User’s local configuration
• If the user is in his home
network
10.1.2.122
He’s part of the EID-prefix
• If the user is foreign
A local virtual interface is
created
The xTR is the default
gateway for the user
10.1.2.121
EID-prefix:
10.1.2.120 /30
EID-prefix:
10.1.1.0 /24
23. User’s home Map-Server
One Map-Server per
domain
All Map-Servers form a
Distributed Mapping
System
Home Map-Server
of domain A
Map-Register
10.3.3.0/24 – 130.1.1.3
Authenticated
130.1.1.1
130.1.1.3
Home Map-Server
Home domain’s Map-Server
Every xTR knows the key
related to its EID-prefix
EID-prefix:
10.1.1.0 /24
EID-prefix:
10.3.3.0 /24
domainA.com
24. 4. User’s home Map-Server
When a foreign user connects to a network
the xTR has to retrieve user’s home Map-Server’s...
1. Address
Can be done using the LISP infrastructure
...or through other systems (DNS)
2. Key
...use RADIUS attributes
30. Handover test
Latency / Packet loss
1. User home / foreign
•
User connects to his home / a foreign network
2. User known / unknown
•
User has connected before to the network
33. ...other proposals
No full trust between ISPs
ISPs don’t share Map-Servers’ key
No fixed EID for user
LISP-MAC
LISP-RADIUS
34. LISP-MAC
•User assigned to a specific xTR of the domain
Home xTR
•MAC Mapping System
MAChost – IPHomexTR
•When a user connects to a foreign network
Dialogue between foreign and home xTR
36. LISP-RADIUS
• User assigned to a specific xTR of the domain
Home xTR
• When a user connects to a foreign network
Dialogue between foreign and home xTR
•802.1x dialogue
User authentication
IPHomexTR
38. Conclusions
LISP-ROAM actually achieves connection continuity
in user mobility
It can be considered a suitable solution for realistic
scenarios (buildings, campuses, ...)
The solution has been tested in a small scope but can
be considered being implemented in wider scenarios
(ISP level)
The assumptions made allow future extension /
interoperability with 3G operators
39. Video demo
Mobile host switching between Wi-Fi networks,
while communicating with Correspondent Node
(ping / TCP)
40. Thanks for your attention
bit.ly/lisp-roam
Andrea Galvani
and.galva@gmail.com