Network Working Group C. Ng
Request for Comments: 4889 Panasonic Singapore Labs
Category: Informational F. Zhao
UC Davis
M. Watari
KDDI R&D Labs
P. Thubert
Cisco Systems
July 2007
Network Working Group C. Ng
Request for Comments: 4889 Panasonic Singapore Labs
Category: Informational F. Zhao
UC Davis
M. Watari
KDDI R&D Labs
P. Thubert
Cisco Systems
July 2007
Network Mobility Route Optimization Solution Space Analysis
网络移动路径优化解空间分析
Status of This Memo
关于下段备忘
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The IETF Trust (2007).
版权所有(C)IETF信托基金(2007年)。
Abstract
摘要
With current Network Mobility (NEMO) Basic Support, all communications to and from Mobile Network Nodes must go through the Mobile Router and Home Agent (MRHA) tunnel when the mobile network is away. This results in increased length of packet route and increased packet delay in most cases. To overcome these limitations, one might have to turn to Route Optimization (RO) for NEMO. This memo documents various types of Route Optimization in NEMO and explores the benefits and tradeoffs in different aspects of NEMO Route Optimization.
在当前网络移动性(NEMO)基本支持下,当移动网络不在时,所有与移动网络节点之间的通信都必须通过移动路由器和归属代理(MRHA)隧道。在大多数情况下,这会导致数据包路由的长度增加和数据包延迟增加。为了克服这些限制,人们可能不得不转向NEMO的路由优化(RO)。本备忘录记录了NEMO中各种类型的路线优化,并探讨了NEMO路线优化不同方面的好处和权衡。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Benefits of NEMO Route Optimization . . . . . . . . . . . . . 4
3. Different Scenarios of NEMO Route Optimization . . . . . . . . 6
3.1. Non-Nested NEMO Route Optimization . . . . . . . . . . . . 6
3.2. Nested Mobility Optimization . . . . . . . . . . . . . . . 8
3.2.1. Decreasing the Number of Home Agents on the Path . . . 8
3.2.2. Decreasing the Number of Tunnels . . . . . . . . . . . 9
3.3. Infrastructure-Based Optimization . . . . . . . . . . . . 9
3.4. Intra-NEMO Optimization . . . . . . . . . . . . . . . . . 10
4. Issues of NEMO Route Optimization . . . . . . . . . . . . . . 11
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Benefits of NEMO Route Optimization . . . . . . . . . . . . . 4
3. Different Scenarios of NEMO Route Optimization . . . . . . . . 6
3.1. Non-Nested NEMO Route Optimization . . . . . . . . . . . . 6
3.2. Nested Mobility Optimization . . . . . . . . . . . . . . . 8
3.2.1. Decreasing the Number of Home Agents on the Path . . . 8
3.2.2. Decreasing the Number of Tunnels . . . . . . . . . . . 9
3.3. Infrastructure-Based Optimization . . . . . . . . . . . . 9
3.4. Intra-NEMO Optimization . . . . . . . . . . . . . . . . . 10
4. Issues of NEMO Route Optimization . . . . . . . . . . . . . . 11
4.1. Additional Signaling Overhead . . . . . . . . . . . . . . 11
4.2. Increased Protocol Complexity and Processing Load . . . . 12
4.3. Increased Delay during Handoff . . . . . . . . . . . . . . 12
4.4. Extending Nodes with New Functionalities . . . . . . . . . 13
4.5. Detection of New Functionalities . . . . . . . . . . . . . 14
4.6. Scalability . . . . . . . . . . . . . . . . . . . . . . . 14
4.7. Mobility Transparency . . . . . . . . . . . . . . . . . . 14
4.8. Location Privacy . . . . . . . . . . . . . . . . . . . . . 15
4.9. Security Consideration . . . . . . . . . . . . . . . . . . 15
4.10. Support of Legacy Nodes . . . . . . . . . . . . . . . . . 15
5. Analysis of Solution Space . . . . . . . . . . . . . . . . . . 16
5.1. Which Entities Are Involved? . . . . . . . . . . . . . . . 16
5.1.1. Mobile Network Node and Correspondent Node . . . . . . 16
5.1.2. Mobile Router and Correspondent Node . . . . . . . . . 17
5.1.3. Mobile Router and Correspondent Router . . . . . . . . 17
5.1.4. Entities in the Infrastructure . . . . . . . . . . . . 18
5.2. Who Initiates Route Optimization? When? . . . . . . . . . 18
5.3. How Is Route Optimization Capability Detected? . . . . . . 19
5.4. How is the Address of the Mobile Network Node
Represented? . . . . . . . . . . . . . . . . . . . . . . . 20
5.5. How Is the Mobile Network Node's Address Bound to
Location? . . . . . . . . . . . . . . . . . . . . . . . . 20
5.5.1. Binding to the Location of Parent Mobile Router . . . 21
5.5.2. Binding to a Sequence of Upstream Mobile Routers . . . 23
5.5.3. Binding to the Location of Root Mobile Router . . . . 24
5.6. How Is Signaling Performed? . . . . . . . . . . . . . . . 26
5.7. How Is Data Transmitted? . . . . . . . . . . . . . . . . . 27
5.8. What Are the Security Considerations? . . . . . . . . . . 28
5.8.1. Security Considerations of Address Binding . . . . . . 28
5.8.2. End-to-End Integrity . . . . . . . . . . . . . . . . . 30
5.8.3. Location Privacy . . . . . . . . . . . . . . . . . . . 30
6. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 31
7. Security Considerations . . . . . . . . . . . . . . . . . . . 32
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 32
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32
9.1. Normative References . . . . . . . . . . . . . . . . . . . 32
9.2. Informative References . . . . . . . . . . . . . . . . . . 33
4.1. Additional Signaling Overhead . . . . . . . . . . . . . . 11
4.2. Increased Protocol Complexity and Processing Load . . . . 12
4.3. Increased Delay during Handoff . . . . . . . . . . . . . . 12
4.4. Extending Nodes with New Functionalities . . . . . . . . . 13
4.5. Detection of New Functionalities . . . . . . . . . . . . . 14
4.6. Scalability . . . . . . . . . . . . . . . . . . . . . . . 14
4.7. Mobility Transparency . . . . . . . . . . . . . . . . . . 14
4.8. Location Privacy . . . . . . . . . . . . . . . . . . . . . 15
4.9. Security Consideration . . . . . . . . . . . . . . . . . . 15
4.10. Support of Legacy Nodes . . . . . . . . . . . . . . . . . 15
5. Analysis of Solution Space . . . . . . . . . . . . . . . . . . 16
5.1. Which Entities Are Involved? . . . . . . . . . . . . . . . 16
5.1.1. Mobile Network Node and Correspondent Node . . . . . . 16
5.1.2. Mobile Router and Correspondent Node . . . . . . . . . 17
5.1.3. Mobile Router and Correspondent Router . . . . . . . . 17
5.1.4. Entities in the Infrastructure . . . . . . . . . . . . 18
5.2. Who Initiates Route Optimization? When? . . . . . . . . . 18
5.3. How Is Route Optimization Capability Detected? . . . . . . 19
5.4. How is the Address of the Mobile Network Node
Represented? . . . . . . . . . . . . . . . . . . . . . . . 20
5.5. How Is the Mobile Network Node's Address Bound to
Location? . . . . . . . . . . . . . . . . . . . . . . . . 20
5.5.1. Binding to the Location of Parent Mobile Router . . . 21
5.5.2. Binding to a Sequence of Upstream Mobile Routers . . . 23
5.5.3. Binding to the Location of Root Mobile Router . . . . 24
5.6. How Is Signaling Performed? . . . . . . . . . . . . . . . 26
5.7. How Is Data Transmitted? . . . . . . . . . . . . . . . . . 27
5.8. What Are the Security Considerations? . . . . . . . . . . 28
5.8.1. Security Considerations of Address Binding . . . . . . 28
5.8.2. End-to-End Integrity . . . . . . . . . . . . . . . . . 30
5.8.3. Location Privacy . . . . . . . . . . . . . . . . . . . 30
6. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 31
7. Security Considerations . . . . . . . . . . . . . . . . . . . 32
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 32
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32
9.1. Normative References . . . . . . . . . . . . . . . . . . . 32
9.2. Informative References . . . . . . . . . . . . . . . . . . 33
Network Mobility Route Optimization Problem Statement [1] describes operational limitations and overheads incurred in a deployment of Network Mobility (NEMO) Basic Support [2], which could be alleviated by a set of NEMO Route Optimization techniques to be defined. The term "Route Optimization" is used in a broader sense than already defined for IPv6 Host Mobility in [3] to loosely refer to any approach that optimizes the transmission of packets between a Mobile Network Node and a Correspondent Node.
网络移动性路由优化问题陈述[1]描述了在部署网络移动性(NEMO)基本支持[2]时产生的操作限制和开销,这可以通过一组待定义的NEMO路由优化技术来缓解。术语“路由优化”的使用范围比[3]中已定义的IPv6主机移动性更广,泛指优化移动网络节点和对应节点之间的数据包传输的任何方法。
Solutions that would fit that general description were continuously proposed since the early days of NEMO, even before the Working Group was formed. Based on that long-standing stream of innovation, this document classifies, at a generic level, the solution space of the possible approaches that could be taken to solve the Route Optimization-related problems for NEMO. The scope of the solutions, the benefits, and the impacts to the existing implementations and deployments are analyzed. This work should serve as a foundation for the NEMO WG to decide where to focus its Route Optimization effort, with a deeper understanding of the relative strengths and weaknesses of each approach.
自NEMO成立之初,甚至在工作组成立之前,就不断提出符合这一总体描述的解决方案。基于这一长期的创新流,本文件在通用层面上对NEMO解决路线优化相关问题的可能方法的解决空间进行了分类。分析了解决方案的范围、好处以及对现有实施和部署的影响。这项工作应该作为NEMO WG的基础,以决定在哪里集中其路线优化工作,更深入地了解每种方法的相对优势和弱点。
It should be beneficial for readers to keep in mind the design requirements of NEMO [4]. A point to note is that since this document discusses aspects of Route Optimization, the reader may assume that a mobile network or a mobile host is away when they are mentioned throughout this document, unless it is explicitly specified that they are at home.
读者应牢记NEMO[4]的设计要求。需要注意的一点是,由于本文档讨论了路由优化的各个方面,读者在本文档中提及移动网络或移动主机时,可能会假设它们不在家,除非明确指定它们在家。
It is expected that readers are familiar with terminologies related to mobility in [3] and [5], and NEMO-related terms defined in [6]. In addition, the following Route Optimization-specific terms are used in this document:
读者应熟悉[3]和[5]中与机动性相关的术语,以及[6]中定义的与NEMO相关的术语。此外,本文件中使用了以下路线优化专用术语:
Correspondent Router (CR)
通讯路由器(CR)
This refers to the router that is capable of terminating a Route Optimization session on behalf of a Correspondent Node.
这是指能够代表对应节点终止路由优化会话的路由器。
Correspondent Entity (CE)
代理实体(CE)
This refers to the entity that a Mobile Router or Mobile Network Node attempts to establish a Route Optimization session with. Depending on the Route Optimization approach, the Correspondent Entity may be a Correspondent Node or Correspondent Router.
这是指移动路由器或移动网络节点试图与之建立路由优化会话的实体。根据路由优化方法,对应实体可以是对应节点或对应路由器。
NEMO Route Optimization addresses the problems discussed in [1]. Although a standardized NEMO Route Optimization solution has yet to materialize, one can expect it to show some of the following benefits:
NEMO路线优化解决了[1]中讨论的问题。尽管标准化的NEMO路线优化解决方案尚未实现,但可以预期它将显示以下一些好处:
o Shorter Delay
o 短延迟
Route Optimization involves the selection and utilization of a lesser-cost (thus generally shorter and faster) route to be taken for traffic between a Mobile Network Node and its Correspondent Node. Hence, Route Optimization should improve the latency of the data traffic between the two end nodes. This may in turn lead to better overall Quality of Service characteristics, such as reduced jitter and packet loss.
路由优化涉及为移动网络节点与其对应节点之间的通信选择和利用成本较低(因此通常更短更快)的路由。因此,路由优化应该改善两个终端节点之间的数据通信的延迟。这可能反过来导致更好的整体服务质量特性,例如减少抖动和数据包丢失。
o Reduced Consumption of Overall Network Resources
o 减少了整个网络资源的消耗
Through the selection of a shorter route, the total link utilization for all links used by traffic between the two end nodes should be much lower than that used if Route Optimization is not carried out. This would result in a lighter network load with reduced congestion.
通过选择较短的路由,两个终端节点之间的流量使用的所有链路的总链路利用率应远低于不进行路由优化时使用的链路利用率。这将减轻网络负载,减少拥塞。
o Reduced Susceptibility to Link Failure
o 降低链路故障的易感性
If a link along the bi-directional tunnel is disrupted, all traffic to and from the mobile network will be affected until IP routing recovers from the failure. An optimized route would conceivably utilize a smaller number of links between the two end nodes. Hence, the probability of a loss of connectivity due to a single point of failure at a link should be lower as compared to the longer non-optimized route.
如果双向隧道沿线的链路中断,则进出移动网络的所有流量都将受到影响,直到IP路由从故障中恢复。可以想象,优化的路由将在两个终端节点之间利用较少数量的链路。因此,与较长的非优化路由相比,由于链路上的单点故障而导致连接丢失的概率应更低。
o Greater Data Efficiency
o 提高数据效率
Depending on the actual solution for NEMO Route Optimization, the data packets exchanged between two end nodes may not require as many levels of encapsulation as that in NEMO Basic Support. This would mean less packet overheads and higher data efficiency. In particular, avoiding packet fragmentation that may be induced by the multiple levels of tunneling is critical for end-to-end efficiency from the viewpoints of buffering and transport protocols.
根据NEMO路由优化的实际解决方案,两个终端节点之间交换的数据包可能不需要像NEMO基本支持中那样多的封装级别。这将意味着更少的数据包开销和更高的数据效率。特别地,从缓冲和传输协议的角度来看,避免可能由多个隧道级别引起的分组碎片对于端到端效率至关重要。
o Reduced Processing Delay
o 减少处理延迟
In a nested mobile network, the application of Route Optimization may eliminate the need for multiple encapsulations required by NEMO Basic Support, which may result in less processing delay at the points of encapsulation and decapsulation.
在嵌套移动网络中,路由优化的应用可以消除NEMO基本支持所需的多个封装的需要,这可能导致封装和去封装点的处理延迟更少。
o Avoiding a Bottleneck in the Home Network
o 避免家庭网络中的瓶颈
NEMO Route Optimization allows traffic to bypass the Home Agents. Apart from having a more direct route, this also avoids routing traffic via the home network, which may be a potential bottleneck otherwise.
NEMO路由优化允许流量绕过本地代理。除了拥有更直接的路由之外,这还避免了通过家庭网络路由流量,否则这可能是一个潜在的瓶颈。
o Avoid the Security Policy Issue
o 避免安全策略问题
Security policy may forbid a Mobile Router from tunneling traffic of Visiting Mobile Nodes into the home network of the Mobile Router. Route Optimization can be used to avoid this issue by forwarding traffic from Visiting Mobile Nodes directly to their destinations without going through the home network of the Mobile Router.
安全策略可以禁止移动路由器将访问移动节点的流量隧道传输到移动路由器的家庭网络中。路由优化可用于避免此问题,方法是将访问移动节点的流量直接转发到其目的地,而无需通过移动路由器的家庭网络。
However, it should be taken into consideration that a Route Optimization mechanism may not be an appropriate solution since the Mobile Router may still be held responsible for illegal traffic sent from its Mobile Network Nodes even when Route Optimization is used. In addition, there can be a variety of different policies that might conflict with the deployment of Route Optimization for Visiting Mobile Nodes. Being a policy issue, solving this with a protocol at the policy plane might be more appropriate.
然而,应当考虑到,路由优化机制可能不是合适的解决方案,因为即使在使用路由优化时,移动路由器仍可能对从其移动网络节点发送的非法流量负责。此外,可能存在各种不同的策略,这些策略可能与用于访问移动节点的路由优化的部署相冲突。作为一个政策问题,在政策层面上用协议解决这个问题可能更合适。
o Avoid the Instability and Stalemate
o 避免不稳定和僵局
[1] described a potential stalemate situation when a Home Agent is nested within a mobile network. Route Optimization may circumvent such stalemate situations by directly forwarding traffic upstream. However, it should be noted that certain Route Optimization schemes may require signaling packets to be first routed via the Home Agent before an optimized route can be established. In such cases, a Route Optimization solution cannot avoid the stalemate.
[1] 描述了当归属代理嵌套在移动网络中时可能出现的僵局。路由优化可以通过直接向上游转发流量来避免这种僵局。然而,应当注意,某些路由优化方案可能要求在可以建立优化路由之前首先经由归属代理路由信令分组。在这种情况下,路线优化解决方案无法避免僵局。
There are multiple proposals for providing various forms of Route Optimization in the NEMO context. In the following sub-sections, we describe the different scenarios that would require a Route Optimization mechanism and list the potential solutions that have been proposed in that area.
在NEMO环境下,提供各种形式的路线优化有多种建议。在以下小节中,我们将描述需要路由优化机制的不同场景,并列出在该领域提出的潜在解决方案。
The Non-Nested NEMO Route Optimization involves a Mobile Router sending binding information to a Correspondent Entity. It does not involve nesting of Mobile Routers or Visiting Mobile Nodes. The Correspondent Entity can be a Correspondent Node or a Correspondent Router. The interesting case is when the Correspondent Entity is a Correspondent Router. With the use of Correspondent Router, Route Optimization session is terminated at the Correspondent Router on behalf of the Correspondent Node. As long as the Correspondent Router is located "closer" to the Correspondent Node than the Home Agent of the Mobile Router, the route between Mobile Network Node and the Correspondent Node can be said to be optimized. For this purpose, Correspondent Routers may be deployed to provide an optimal route as illustrated in Figure 1.
非嵌套NEMO路由优化涉及移动路由器向对应实体发送绑定信息。它不涉及移动路由器的嵌套或访问移动节点。对应实体可以是对应节点或对应路由器。有趣的情况是,对应实体是对应路由器。通过使用对应路由器,代表对应节点在对应路由器处终止路由优化会话。只要对应路由器比移动路由器的归属代理“更靠近”对应节点,移动网络节点和对应节点之间的路由就可以说是优化的。为此,可以部署相应的路由器以提供最佳路由,如图1所示。
************************** HAofMR
* #*#
* #*# +---------------------+
CN #*# | LEGEND |
o #*# +---------------------+
o ############### #*# | #: Tunnel |
CR ooooooooooooooo MR | *: NEMO Basic route |
############### | | o: Optimized route |
MNN +---------------------+
************************** HAofMR
* #*#
* #*# +---------------------+
CN #*# | LEGEND |
o #*# +---------------------+
o ############### #*# | #: Tunnel |
CR ooooooooooooooo MR | *: NEMO Basic route |
############### | | o: Optimized route |
MNN +---------------------+
Figure 1: MR-CR Optimization
图1:MR-CR优化
This form of optimization can carry traffic in both directions or independently for the two directions of traffic:
这种形式的优化可以在两个方向上承载流量,也可以在两个方向上独立承载流量:
o From MNN to CN
o 从MNN到CN
The Mobile Router locates the Correspondent Router, establishes a tunnel with that Correspondent Router and sets up a route to the Correspondent Node via the Correspondent Router over the tunnel. Traffic to the Correspondent Node would no longer flow through the Home Agent anymore.
移动路由器定位对应路由器,与该对应路由器建立隧道,并通过隧道上的对应路由器建立到对应节点的路由。到对应节点的流量将不再通过归属代理。
o From CN to MNN
o 从CN到MNN
The Correspondent Router is on the path of the traffic from the Correspondent Node to the Home Agent. In addition, it has an established tunnel with the current Care-of Address (CoA) of the Mobile Router and is aware of the Mobile Network Prefix(es) managed by the Mobile Router. The Correspondent Router can thus intercept packets going to the mobile network, and forward them to the Mobile Router over the established tunnel.
对应路由器位于从对应节点到归属代理的流量路径上。此外,它有一个已建立的隧道,其中包含移动路由器的当前转交地址(CoA),并知道由移动路由器管理的移动网络前缀。相应的路由器因此可以截获到移动网络的数据包,并通过已建立的隧道将其转发到移动路由器。
A straightforward approach to Route Optimization in NEMO is for the Mobile Router to attempt Route Optimization with a Correspondent Entity. This can be viewed as a logical extension to NEMO Basic Support, where the Mobile Router would send Binding Updates containing one or more Mobile Network Prefix options to the Correspondent Entity. The Correspondent Entity, having received the Binding Update, can then set up a bi-directional tunnel with the Mobile Router at the current Care-of Address of the Mobile Router, and inject a route to its routing table so that packets destined for addresses in the Mobile Network Prefix will be routed through the bi-directional tunnel.
NEMO中路由优化的一种简单方法是移动路由器尝试使用相应实体进行路由优化。这可以被视为NEMO基本支持的逻辑扩展,其中移动路由器将向对应实体发送包含一个或多个移动网络前缀选项的绑定更新。接收到绑定更新的对应实体随后可以在移动路由器的当前转交地址处与移动路由器建立双向隧道,并将路由注入其路由表,以便目的地为移动网络前缀中的地址的分组将通过双向隧道路由。
The definition of Correspondent Router does not limit it to be a fixed router. Here we consider the case where the Correspondent Router is a Mobile Router. Thus, Route Optimization is initiated and performed between a Mobile Router and its peer Mobile Router. Such solutions are often posed with a requirement to leave the Mobile Network Nodes untouched, as with the NEMO Basic Support protocol, and therefore Mobile Routers handle the optimization management on behalf of the Mobile Network Nodes. Thus, providing Route Optimization for a Visiting Mobile Node is often out of scope for such a scenario because such interaction would require extensions to the Mobile IPv6 protocol. This scenario is illustrated in Figure 2.
对应路由器的定义并不将其限制为固定路由器。这里我们考虑通信路由器是移动路由器的情况。因此,在移动路由器及其对等移动路由器之间发起并执行路由优化。此类解决方案通常要求保持移动网络节点不变,如NEMO基本支持协议,因此移动路由器代表移动网络节点处理优化管理。因此,为访问的移动节点提供路由优化通常超出了这种场景的范围,因为这种交互需要对移动IPv6协议进行扩展。此场景如图2所示。
HAofCR ********************************** HAofMR
#*# #*#
#*# #*# +---------------------+
#*# #*# | LEGEND |
#*# #*# +---------------------+
#*# ############### #*# | #: Tunnel |
CR ooooooooooooooo MR | *: NEMO Basic route |
| ############### | | o: Optimized route |
MNN2 MNN1 +---------------------+
HAofCR ********************************** HAofMR
#*# #*#
#*# #*# +---------------------+
#*# #*# | LEGEND |
#*# #*# +---------------------+
#*# ############### #*# | #: Tunnel |
CR ooooooooooooooo MR | *: NEMO Basic route |
| ############### | | o: Optimized route |
MNN2 MNN1 +---------------------+
Figure 2: MR-MR Optimization
图2:MR-MR优化
This form of optimization can carry traffic for both directions identically:
这种形式的优化可以为两个方向提供相同的流量:
o MNN1 to/from MNN2
o MNN1至/自MNN2
The Mobile Router locates the Correspondent Router, establishes a tunnel with that Correspondent Router, and sets up a route to the Mobile Network Node via the Correspondent Router over the tunnel. Traffic to the Mobile Networks Nodes would no longer flow through the Home Agents.
移动路由器定位对应路由器,与该对应路由器建立隧道,并通过隧道上的对应路由器建立到移动网络节点的路由。到移动网络节点的流量将不再流经归属代理。
Examples of this approach include Optimized Route Cache (ORC) [7][8] and Path Control Header (PCH) [9].
此方法的示例包括优化路由缓存(ORC)[7][8]和路径控制报头(PCH)[9]。
Optimization in Nested Mobility targets scenarios where a nesting of mobility management protocols is created (i.e., Mobile IPv6-enabled host inside a mobile network or multiple Mobile Routers that attach behind one another creating a nested mobile network). Note that because Mobile IPv6 defines its own Route Optimization mechanism in its base protocol suite as a standard, collaboration between this and NEMO protocols brings various complexities.
嵌套移动优化的目标是创建移动管理协议嵌套的场景(即,移动网络内支持移动IPv6的主机或相互连接的多个移动路由器创建嵌套移动网络)。请注意,由于移动IPv6在其基本协议套件中定义了自己的路由优化机制作为标准,因此该协议与NEMO协议之间的协作带来了各种复杂性。
There are two main aspects in providing optimization for Nested Mobility, and they are discussed in the following sub-sections.
为嵌套移动性提供优化有两个主要方面,下面的小节将讨论这两个方面。
The aim is to remove the sub-optimality of paths caused by multiple tunnels established between multiple Mobile Nodes and their Home Agents. Such a solution will seek to minimize the number of Home Agents along the path, by bypassing some of the Home Agent(s) from the original path. Unlike the scenario where no nesting is formed and only a single Home Agent exists along the path, bypassing one of the many Home Agents can still be effective.
其目的是消除由多个移动节点与其归属代理之间建立的多个隧道引起的路径次优性。这样的解决方案将通过绕过原始路径中的一些归属代理来寻求沿路径最小化归属代理的数量。与不形成嵌套且路径上只存在一个主代理的场景不同,绕过多个主代理中的一个仍然是有效的。
Solutions for Nested Mobility scenarios can usually be divided into two cases based on whether the nesting involves Mobile IPv6 hosts or only involves Mobile Routers. Since Mobile IPv6 defines its own Route Optimization mechanism, providing an optimal path for such hosts will require interaction with the protocol and may require an altering of the messages exchanged during the Return Routability procedure with the Correspondent Node.
根据嵌套是涉及移动IPv6主机还是仅涉及移动路由器,嵌套移动场景的解决方案通常可分为两种情况。由于移动IPv6定义了其自身的路由优化机制,因此为此类主机提供最佳路径将需要与协议交互,并且可能需要改变在与对应节点的返回路由性过程中交换的消息。
An example of this approach include Reverse Routing Header (RRH) [10].
该方法的一个示例包括反向路由报头(RRH)[10]。
The aim is to reduce the amplification effect of nested tunnels due to the nesting of tunnels between the Visiting Mobile Node and its Home Agent within the tunnel between the parent Mobile Router and the parent Mobile Router's Home Agent. Such a solution will seek to minimize the number of tunnels, possibly by collapsing the amount of tunnels required through some form of signaling between Mobile Nodes, or between Mobile Nodes and their Home Agents, or by using routing headers to route packets through a discovered path. These limit the consequences of the amplification effect of nested tunnels, and at best, the performance of a nested mobile network will be the same as though there were no nesting at all.
其目的是减少由于访问移动节点及其归属代理之间的隧道嵌套在父移动路由器和父移动路由器的归属代理之间的隧道内而产生的嵌套隧道的放大效应。这样的解决方案将寻求最小化隧道的数量,可能通过在移动节点之间或移动节点与其归属代理之间通过某种形式的信令来压缩所需的隧道数量,或者通过使用路由报头通过发现的路径来路由包。这些限制了嵌套隧道放大效应的后果,最好的情况是,嵌套移动网络的性能将与完全没有嵌套的情况相同。
Examples of this approach include the Reverse Routing Header (RRH) [10], Access Router Option (ARO) [11], and Nested Path Info (NPI) [12].
这种方法的示例包括反向路由报头(RRH)[10]、访问路由器选项(ARO)[11]和嵌套路径信息(NPI)[12]。
An infrastructure-based optimization is an approach where optimization is carried out fully in the infrastructure. One example is to make use of Mobility Anchor Points (MAPs) such as defined in HMIPv6 [13] to optimize routes between themselves. Another example is to make use of proxy Home Agent such as defined in the global Home Agent to Home Agent (HAHA) protocol [14]. A proxy Home Agent acts as a Home Agent for the Mobile Node, and acts as a Mobile Node for the Home Agent, Correspondent Node, Correspondent Router, and other proxies. In particular, the proxy Home Agent terminates the MRHA tunnel and the associated encryption, extracts the packets, and re-encapsulates them to the destination. In this case, proxy Home Agents are distributed in the infrastructure and each Mobile Router binds to the closest proxy. The proxy, in turn, performs a primary binding with a real Home Agent for that Mobile Router. Then, the proxy might establish secondary bindings with other Home Agents or proxies in the infrastructure, in order to improve the end-to-end path. In this case, the proxies discover each other using some form of Next Hop Resolution Protocol, establish a tunnel and exchange the relevant Mobile Network Prefix information in the form of explicit prefix routes.
基于基础架构的优化是一种完全在基础架构中进行优化的方法。一个例子是利用HMIPv6[13]中定义的机动性锚点(地图)来优化它们之间的路线。另一个例子是使用代理归属代理,如全球归属代理到归属代理(HAHA)协议[14]中定义的。代理归属代理充当移动节点的归属代理,并充当归属代理、对应节点、对应路由器和其他代理的移动节点。特别地,代理归属代理终止MRHA隧道和相关的加密,提取数据包,并将其重新封装到目的地。在这种情况下,代理归属代理分布在基础设施中,每个移动路由器绑定到最近的代理。代理,反过来,执行与该移动路由器的真实归属代理的主绑定。然后,代理可以与基础结构中的其他主代理或代理建立辅助绑定,以改进端到端路径。在这种情况下,代理使用某种形式的下一跳解析协议相互发现,建立隧道并以显式前缀路由的形式交换相关移动网络前缀信息。
Alternatively, another approach is to use prefix delegation. Here, each Mobile Router in a nested mobile network is delegated a Mobile Network Prefix from the access router using DHCP Prefix Delegation [15]. Each Mobile Router also autoconfigures its Care-of Address from this delegated prefix. In this way, the Care-of Addresses of each Mobile Router are all formed from an aggregatable address space
或者,另一种方法是使用前缀委托。这里,嵌套移动网络中的每个移动路由器使用DHCP前缀委派从接入路由器委派一个移动网络前缀[15]。每个移动路由器也会根据该授权前缀自动配置其转交地址。这样,每个移动路由器的转交地址都是从一个可聚合的地址空间形成的
starting from the access router. This may be used to eliminate the multiple tunnels caused by nesting of Mobile Nodes.
从接入路由器开始。这可用于消除由移动节点嵌套引起的多个隧道。
A Route Optimization solution may seek to improve the communications between two Mobile Network Nodes within a nested mobile network. This would avoid traffic being injected out of the nested mobile network and route them within the nested mobile network. An example is the optimized route taken between MNN1 and MNN2 in Figure 3 below.
路由优化解决方案可寻求改善嵌套移动网络内两个移动网络节点之间的通信。这将避免从嵌套移动网络中注入流量,并在嵌套移动网络中路由流量。下图3中MNN1和MNN2之间的优化路线就是一个例子。
+--------+ +--------+ +--------+ +--------+
| MR2_HA | | MR3_HA | | MR4_HA | | MR5_HA |
+------+-+ +---+----+ +---+----+ +-+------+
\ | | /
+--------+ +------------------------------+
| MR1_HA |----| Internet |-----CN
+--------+ +--------------+---------------+
|
+----+----+
| MR1 |
+----+----+
|
---+-----------+-----------+---
| | |
+---+---+ +---+---+ +---+---+
| MR5 | | MR2 | | MR4 |
+---+---+ +---+---+ +---+---+
| | |
---+--- +---+---+ ---+---
MNN2 | MR3 | MNN3
+---+---+
|
----+----
MNN1
+--------+ +--------+ +--------+ +--------+
| MR2_HA | | MR3_HA | | MR4_HA | | MR5_HA |
+------+-+ +---+----+ +---+----+ +-+------+
\ | | /
+--------+ +------------------------------+
| MR1_HA |----| Internet |-----CN
+--------+ +--------------+---------------+
|
+----+----+
| MR1 |
+----+----+
|
---+-----------+-----------+---
| | |
+---+---+ +---+---+ +---+---+
| MR5 | | MR2 | | MR4 |
+---+---+ +---+---+ +---+---+
| | |
---+--- +---+---+ ---+---
MNN2 | MR3 | MNN3
+---+---+
|
----+----
MNN1
Figure 3: An Example of a Nested Mobile Network
图3:嵌套移动网络的示例
One may be able to extend a well-designed NEMO Route Optimization for "Nested Mobility Optimization" (see Section 3.2) to provide for such kind of Intra-NEMO optimization, where, for example in Figure 3, MNN1 is treated as a Correspondent Node by MR5/MNN2, and MNN2 is treated as a Correspondent Node by MR3/MNN1.
可以将精心设计的NEMO路由优化扩展为“嵌套移动性优化”(见第3.2节),以提供此类NEMO内部优化,例如,在图3中,MNN1被MR5/MNN2视为对应节点,MNN2被MR3/MNN1视为对应节点。
Another possibility is for the "Non-Nested NEMO Route Optimization" technique (see Section 3.1) to be applied here. Using the same example of communication between MNN1 and MNN2, both MR3 and MR2 can
另一种可能性是在此处应用“非嵌套NEMO路线优化”技术(见第3.1节)。使用MNN1和MNN2之间通信的相同示例,MR3和MR2都可以
treat MR5 as Correspondent Routers for MNN2, and MR5 treats MR3 and MR2 as Correspondent Routers for MNN1. An example of this approach is [16], which has the Mobile Routers announce their Mobile Network Prefixes to other Mobile Routers in the same nested Mobile Network.
将MR5视为MNN2的对应路由器,将MR3和MR2视为MNN1的对应路由器。这种方法的一个例子是[16],它让移动路由器向同一嵌套移动网络中的其他移动路由器宣布其移动网络前缀。
Yet another approach is to flatten any nested Mobile Network so that all nested Mobile Network Nodes appear to be virtually on the same link. Examples of such approaches include delegating a single prefix to the nested Mobile Network, having Mobile Routers to perform Neighbor Discovery on behalf of their Mobile Network Nodes, and exposing a single prefix over the entire mobile network using a Mobile Ad-Hoc (MANET) protocol. In particular, it might prove useful to develop a new type of MANET, specialized for the NEMO problem, a MANET for NEMO (MANEMO). The MANEMO will optimize the formation of the nested NEMO and maintain inner connectivity, whether or not a connection to the infrastructure can be established.
另一种方法是展平任何嵌套的移动网络,使所有嵌套的移动网络节点看起来几乎位于同一链路上。此类方法的示例包括将单个前缀委托给嵌套移动网络,使移动路由器代表其移动网络节点执行邻居发现,以及使用移动自组织(MANET)协议在整个移动网络上公开单个前缀。特别是,开发一种专门用于NEMO问题的新型移动自组网(MANET for NEMO,MANEMO)可能会证明是有用的。无论是否可以建立与基础设施的连接,MANEMO将优化嵌套NEMO的形成并保持内部连接。
Although Route Optimization can bring benefits as described in Section 2, the scenarios described in Section 3 do so with some tradeoffs. This section explores some general issues that may impact a NEMO Route Optimization mechanism.
尽管路线优化可以带来第2节中所述的好处,但第3节中所述的场景会带来一些折衷。本节探讨可能影响NEMO路线优化机制的一些一般问题。
The nodes involved in performing Route Optimization would be expected to exchange additional signaling messages in order to establish Route Optimization. The required amount of signaling depends on the solution, but is likely to exceed the amount required in the home Binding Update procedure defined in NEMO Basic Support. The amount of signaling is likely to increase with the increasing number of Mobile Network Nodes and/or Correspondent Nodes, and may be amplified with nesting of mobile networks. It may scale to unacceptable heights, especially to the resource-scarce mobile node, which typically has limited power, memory, and processing capacity.
执行路由优化所涉及的节点将被期望交换额外的信令消息以建立路由优化。所需的信令量取决于解决方案,但可能超过NEMO基本支持中定义的主绑定更新过程中所需的信令量。信令量可能随着移动网络节点和/或对应节点数量的增加而增加,并且可能随着移动网络的嵌套而放大。它可能会扩展到不可接受的高度,特别是对于资源稀缺的移动节点,移动节点通常具有有限的功率、内存和处理能力。
This may lead to an issue that impacts NEMO Route Optimization, known as the phenomenon of "Binding Update Storm", or more generally, "Signaling Storm". This occurs when a change in point of attachment of the mobile network is accompanied with a sudden burst of signaling messages, resulting in temporary congestion, packet delays, or even packet loss. This effect will be especially significant for wireless environment where bandwidth is relatively limited.
这可能会导致影响NEMO路由优化的问题,称为“绑定更新风暴”现象,或更一般的“信令风暴”。当移动网络的连接点的改变伴随着信令消息的突然突发,导致临时拥塞、分组延迟甚至分组丢失时,就会发生这种情况。这种影响对于带宽相对有限的无线环境尤其重要。
It is possible to moderate the effect of Signaling Storm by incorporating mechanisms such as spreading the transmissions burst of
通过加入诸如传播突发信号传输等机制,可以缓和信号风暴的影响
signaling messages over a longer period of time, or aggregating the signaling messages.
在较长时间内发送信令消息,或聚合信令消息。
Even so, the amount of signaling required might be overwhelming, since large mobile networks (such as those deployed on a train or plane) may potentially have a large number of flows with a large number of Correspondent Nodes. This might suggest a need to have some adaptive behavior that depends on the amount of signaling required versus the effort needed to tunnel home.
即使如此,所需的信令量可能是巨大的,因为大型移动网络(例如部署在火车或飞机上的网络)可能具有大量具有大量对应节点的流。这可能意味着需要一些适应性行为,这取决于所需的信号量与隧道回家所需的努力。
It is expected that NEMO Route Optimization will be more complicated than NEMO Basic Support. Thus, complexity of nodes that are required to incorporate new functionalities to support NEMO Route Optimization would be higher than those required to provide NEMO Basic Support.
预计NEMO路线优化将比NEMO基本支持更加复杂。因此,结合新功能以支持NEMO路由优化所需的节点复杂性将高于提供NEMO基本支持所需的节点复杂性。
Coupled with the increased complexity, nodes that are involved in the establishment and maintenance of Route Optimization will have to bear the increased processing load. If such nodes are mobile, this may prove to be a significant cost due to the limited power and processing resources such devices usually have.
再加上复杂性的增加,参与建立和维护路由优化的节点将不得不承担增加的处理负载。如果这些节点是移动的,由于这些设备通常具有有限的功率和处理资源,这可能被证明是一个巨大的成本。
Due to the diversity of locations of different nodes that Mobile Network Node may signal with and the complexity of NEMO Route Optimization procedure that may cause several rounds of signaling messages, a NEMO Route Optimization procedure may take a longer time to finish its handoff than that in NEMO Basic Support. This may exacerbate the overall delay during handoffs and further cause performance degradation of the applications running on Mobile Network Nodes.
由于移动网络节点可能发送信号的不同节点的位置的多样性以及NEMO路由优化过程的复杂性(可能导致多轮信令消息),NEMO路由优化过程可能需要比NEMO基本支持中更长的时间来完成其切换。这可能会加剧切换期间的总体延迟,并进一步导致在移动网络节点上运行的应用程序的性能下降。
Another NEMO-specific delay during handoff is that in a nested mobile network, a child Mobile Network Node may need to detect or be notified of the handoff of its parent Mobile Router so that it can begin signaling its own Correspondent Entities. Apart from the compromise of mobility transparency and location privacy (see Section 4.7 and Section 4.8), this mechanism also increases the delay during handoffs.
切换期间的另一个NEMO特定延迟是,在嵌套移动网络中,子移动网络节点可能需要检测其父移动路由器的切换或被通知其父移动路由器的切换,以便其可以开始向其自己的对应实体发信号。除了移动透明性和位置隐私性的折衷(参见第4.7节和第4.8节),该机制还增加了切换期间的延迟。
Some of the solutions for Mobile IPv6, such as Fast Handovers for Mobile IPv6 [17], may be able to alleviate the increase in handoff delay.
移动IPv6的一些解决方案,如移动IPv6的快速切换[17],可能能够缓解切换延迟的增加。
In order to support NEMO Route Optimization, some nodes need to be changed or upgraded. Smaller number of nodes required to be changed will allow for easier adoption of the NEMO Route Optimization solution in the Internet and create less impact on existing Internet infrastructure. The number and the types of nodes involved with new functionalities also affect how much of the route is optimized. In addition, it may also be beneficial to reuse existing protocols (such as Mobile IPv6) as much as possible.
为了支持NEMO路由优化,需要对一些节点进行更改或升级。需要更改的节点数量越少,互联网上就越容易采用NEMO路由优化解决方案,对现有互联网基础设施的影响也就越小。新功能所涉及的节点数量和类型也会影响路由的优化程度。此外,尽可能多地重用现有协议(如移动IPv6)也可能有益。
Possible nodes that may be required to change include the following:
可能需要更改的节点包括:
o Local Fixed Nodes
o 局部固定节点
It may prove to be difficult to introduce new functionalities at Local Fixed Nodes, since by definition, any IPv6 node can be a Local Fixed Node. This might mean that only those Local Fixed Nodes that are modified can enjoy the benefits of Route Optimization.
可能很难在本地固定节点上引入新功能,因为根据定义,任何IPv6节点都可以是本地固定节点。这可能意味着只有经过修改的本地固定节点才能享受路由优化的好处。
o Visiting Mobile Nodes
o 访问移动节点
Visiting Mobile Nodes in general should already implement Mobile IPv6 functionalities, and since Mobile IPv6 is a relatively new standard, there is still a considerable window to allow mobile devices to implement new functionalities.
一般来说,访问移动节点应该已经实现了移动IPv6功能,而且由于移动IPv6是一个相对较新的标准,因此仍然有相当大的窗口允许移动设备实现新功能。
o Mobile Routers
o 移动路由器
It is expected that Mobile Routers will implement new functionalities in order to support Route Optimization.
预计移动路由器将实现新功能,以支持路由优化。
o Access Routers
o 接入路由器
Some approaches require access routers, or nodes in the access network, to implement some new functionalities. It may prove to be difficult to do so, since access routers are, in general, standard IPv6 routers.
一些方法需要接入路由器或接入网络中的节点来实现一些新功能。这可能证明很难做到,因为接入路由器通常是标准的IPv6路由器。
o Home Agents
o 国内代理
It is relatively easier for new functionalities to be implemented in Home Agents.
在家庭代理中实现新功能相对比较容易。
o Correspondent Nodes
o 对应节点
It may prove to be difficult to introduce new functionalities at Correspondent Nodes, since by definition, any IPv6 node can be a Correspondent Node. This might mean that only those Correspondent Nodes that are modified can enjoy the benefits of Route Optimization.
可能很难在对应节点上引入新功能,因为根据定义,任何IPv6节点都可以是对应节点。这可能意味着只有经过修改的对应节点才能享受路由优化的好处。
o Correspondent Routers
o 通讯路由器
Correspondent Routers are new entities introduced for the purpose of Route Optimization, and therefore new functionalities can be defined as needed.
相应的路由器是为了路由优化而引入的新实体,因此可以根据需要定义新的功能。
One issue that is related to the need for new functionalities as described in Section 4.4 is the need to detect the existence of such functionalities. In these cases, a detection mechanism might be helpful to allow the initiator of Route Optimization to detect whether support for the new functionalities is available. Furthermore, it might be advantageous to have a graceful fall back procedure if the required functionalities are unavailable.
与第4.4节所述新功能相关的一个问题是需要检测此类功能的存在。在这些情况下,检测机制可能有助于允许路由优化的发起方检测对新功能的支持是否可用。此外,如果所需的功能不可用,则具有优雅的回退过程可能是有利的。
Given the same number of nodes, the number of Route Optimization sessions would usually be more than the number of NEMO Basic Support tunnels. If all Route Optimization sessions of a mobile network are maintained by a single node (such as the Mobile Router), this would mean that the single node has to keep track of the states of all Route Optimization sessions. This may lead to scalability issues especially when that single node is a mobile device with limited memory and processing resources.
给定相同数量的节点,路由优化会话的数量通常会超过NEMO基本支持隧道的数量。如果移动网络的所有路由优化会话由单个节点(例如移动路由器)维护,这意味着单个节点必须跟踪所有路由优化会话的状态。这可能会导致可伸缩性问题,特别是当单个节点是内存和处理资源有限的移动设备时。
A similar scalability issue may be faced by a Correspondent Entity as well if it maintains many route-optimized sessions on behalf of a Correspondent Node(s) with a large number of Mobile Routers.
如果一个通信实体代表一个大型路由器维护一个类似的可伸缩性问题,那么该通信实体也可能面临这一问题。
One advantage of NEMO Basic Support is that the Mobile Network Nodes need not be aware of the actual location and mobility of the mobile network. With some approaches for Route Optimization, it might be necessary to reveal the point of attachment of the Mobile Router to the Mobile Network Nodes. This may mean a tradeoff between mobility transparency and Route Optimization.
NEMO基本支持的一个优点是移动网络节点不需要知道移动网络的实际位置和移动性。对于路由优化的一些方法,可能需要揭示移动路由器与移动网络节点的连接点。这可能意味着在移动性透明性和路由优化之间进行权衡。
Without Route Optimization, the Correspondent Nodes are not aware of the actual location and mobility of the mobile network and its Mobile Network Nodes. To achieve Route Optimization, it might be necessary to reveal the point of attachment of the Mobile Router to the Correspondent Nodes. This may mean a tradeoff between location privacy [18] and Route Optimization.
在没有路由优化的情况下,对应节点不知道移动网络及其移动网络节点的实际位置和移动性。为了实现路由优化,可能需要显示移动路由器与对应节点的连接点。这可能意味着位置隐私[18]和路由优化之间的权衡。
In Mobile IPv6, a mobile node can decide whether or not to perform Route Optimization with a given Correspondent Node. Thus, the mobile node is in control of whether to trade location privacy for an optimized route. In NEMO Route Optimization, if the decision to perform Router Optimization is made by the Mobile Router, it will be difficult for Mobile Network Nodes to control the decision of having this tradeoff.
在移动IPv6中,移动节点可以决定是否对给定的对应节点执行路由优化。因此,移动节点控制是否以位置隐私换取优化路由。在NEMO路由优化中,如果执行路由器优化的决策是由移动路由器做出的,则移动网络节点将难以控制进行此权衡的决策。
As Mobile Router and Home Agent usually belong to the same administration domain, it is likely that there exists a security association between them, which is leveraged by NEMO Basic Support to conduct the home Binding Update in a secure way. However, NEMO Route Optimization usually involves nodes from different domains (for example, Mobile Router and Correspondent Entity); thus, the existence of such a security association is not a valid assumption in many deployment scenarios. For this reason, the security protection of NEMO Route Optimization signaling message is considered "weaker" than that in NEMO Basic Support. It is expected that some additional security mechanisms are needed to achieve the same or similar level of security as in NEMO Basic Support.
由于移动路由器和归属代理通常属于同一个管理域,因此它们之间可能存在安全关联,NEMO Basic Support利用该关联以安全的方式执行归属绑定更新。然而,NEMO路由优化通常涉及来自不同域的节点(例如,移动路由器和对应实体);因此,在许多部署场景中,这种安全关联的存在不是一个有效的假设。因此,NEMO路由优化信令消息的安全保护被认为比NEMO基本支持中的安全保护“弱”。预计需要一些额外的安全机制来实现与NEMO基本支持相同或类似的安全级别。
When considering security issues of NEMO Route Optimization, it might be useful to keep in mind some of the security issues considered when Mobile IPv6 Route Optimization was designed as documented in [19].
在考虑NEMO路由优化的安全问题时,可能需要记住在设计移动IPv6路由优化时考虑的一些安全问题,如[19]中所述。
NEMO Basic Support is designed so that all legacy Mobile Network Nodes (such as those that are not aware of the mobility of the network they are in, and those that do not understand any mobility protocols) can still reach and be reached from the Internet. Some Route Optimization schemes, however, require that all Mobile Routers implement the same Route Optimization scheme in order for them to operate. Thus, a nested Mobile Router may not be able to achieve Route Optimization if it is attached to a legacy Local Fixed Router.
NEMO基本支持的设计使所有传统移动网络节点(例如,那些不知道其所在网络的移动性的节点,以及那些不了解任何移动性协议的节点)仍然可以从Internet访问。然而,一些路由优化方案要求所有移动路由器实现相同的路由优化方案,以便它们能够运行。因此,如果嵌套移动路由器连接到传统的本地固定路由器,则它可能无法实现路由优化。
As described in Section 3, there are various different approaches to achieve Route Optimization in Network Mobility Support. In this section, we attempt to analyze the vast solution space of NEMO Route Optimization by asking the following questions:
如第3节所述,有各种不同的方法来实现网络移动性支持中的路由优化。在本节中,我们试图通过提出以下问题来分析NEMO路线优化的巨大解决空间:
1. Which entities are involved?
1. 涉及哪些实体?
2. Who initiates Route Optimization? When?
2. 谁发起路线优化?什么时候
3. How is Route Optimization capabilities detected?
3. 如何检测路由优化功能?
4. How is the address of the Mobile Network Node represented?
4. 移动网络节点的地址是如何表示的?
5. How is the Mobile Network Node's address bound to location?
5. 移动网络节点的地址如何绑定到位置?
6. How is signaling performed?
6. 信号是如何执行的?
7. How is data transmitted?
7. 数据是如何传输的?
8. What are the security considerations?
8. 安全考虑是什么?
There are many combinations of entities involved in Route Optimization. When considering the role each entity plays in Route Optimization, one has to bear in mind the considerations described in Section 4.4 and Section 4.5. Below is a list of combinations to be discussed in the following sub-sections:
路线优化涉及许多实体组合。在考虑每个实体在路线优化中所起的作用时,必须牢记第4.4节和第4.5节中所述的注意事项。以下是将在以下小节中讨论的组合列表:
o Mobile Network Node and Correspondent Node
o 移动网络节点和对应节点
o Mobile Router and Correspondent Node
o 移动路由器和对应节点
o Mobile Router and Correspondent Router
o 移动路由器与对应路由器
o Entities in the Infrastructure
o 基础设施中的实体
A Mobile Network Node can establish Route Optimization with its Correspondent Node, possibly the same way as a Mobile Node establishes Route Optimization with its Correspondent Node in Mobile IPv6. This would achieve the most optimal route, since the entire end-to-end path is optimized. However, there might be scalability issues since both the Mobile Network Node and the Correspondent Node may need to maintain many Route Optimization sessions. In addition,
移动网络节点可以与其对应节点建立路由优化,可能与移动IPv6中移动节点与其对应节点建立路由优化的方式相同。这将实现最佳路由,因为整个端到端路径都经过了优化。然而,可能存在可伸缩性问题,因为移动网络节点和对应节点都可能需要维护许多路由优化会话。此外
new functionalities would be required for both the Mobile Network Node and Correspondent Node. For the Mobile Network Node, it needs to be able to manage its mobility, and possibly be aware of the mobility of its upstream Mobile Router(s). For the Correspondent Node, it needs to be able to maintain the bindings sent by the Mobile Network Nodes.
移动网络节点和对应节点都需要新的功能。对于移动网络节点,它需要能够管理其移动性,并且可能知道其上游移动路由器的移动性。对于对应节点,它需要能够维护移动网络节点发送的绑定。
Alternatively, the Mobile Router can establish Route Optimization with a Correspondent Node on behalf of the Mobile Network Node. Since all packets to and from the Mobile Network Node must transit the Mobile Router, this effectively achieves an optimal route for the entire end-to-end path as well. Compared with Section 5.1.1, the scalability issue here may be remedied since it is possible for the Correspondent Node to maintain only one session with the Mobile Router if it communicates with many Mobile Network Nodes associated with the same Mobile Router. Furthermore, with the Mobile Router handling Route Optimization, there is no need for Mobile Network Nodes to implement new functionalities. However, new functionality is likely to be required on the Correspondent Node. An additional point of consideration is the amount of state information the Mobile Router is required to maintain. Traditionally, it has been generally avoided having state information in the routers to increase proportionally with the number of pairs of communicating peers.
或者,移动路由器可以代表移动网络节点与对应节点建立路由优化。由于进出移动网络节点的所有数据包都必须经过移动路由器,因此这也有效地实现了整个端到端路径的最佳路由。与第5.1.1节相比,这里的可伸缩性问题可以得到纠正,因为如果对应节点与与与同一移动路由器相关联的多个移动网络节点通信,则其可能仅与移动路由器保持一个会话。此外,通过移动路由器处理路由优化,移动网络节点无需实现新功能。但是,相应节点上可能需要新功能。另一个需要考虑的问题是移动路由器需要维护的状态信息量。传统上,通常避免路由器中的状态信息随着通信对等点对的数量成比例地增加。
Approaches involving Mobile Routers and Correspondent Routers are described in Section 3.1. The advantage of these approaches is that no additional functionality is required for the Correspondent Node and Mobile Network Nodes. In addition, location privacy is relatively preserved, since the current location of the mobile network is only revealed to the Correspondent Router and not to the Correspondent Node (please refer to Section 5.8.3 for more discussions). Furthermore, if the Mobile Router and Correspondent Router exchange prefix information, this approach may scale well since a single Route Optimization session between the Mobile Router and Correspondent Router can achieve Route Optimization between any Mobile Network Node in the mobile network, and any Correspondent Node managed by the Correspondent Router.
第3.1节描述了涉及移动路由器和相应路由器的方法。这些方法的优点是,对应节点和移动网络节点不需要额外的功能。此外,位置隐私相对保留,因为移动网络的当前位置仅向对应路由器而非对应节点透露(更多讨论请参考第5.8.3节)。此外,如果移动路由器和对应路由器交换前缀信息,则该方法可以很好地扩展,因为移动路由器和对应路由器之间的单个路由优化会话可以实现移动网络中任何移动网络节点之间的路由优化,以及由对应路由器管理的任何对应节点。
The main concern with this approach is the need for a mechanism to allow the Mobile Router to detect the presence of the Correspondent Router (see Section 5.3 for details), and its security impact. Both the Mobile Router and the Correspondent Router need some means to verify the validity of each other. This is discussed in greater detail in Section 5.8.
这种方法的主要关注点是需要一种机制来允许移动路由器检测对应路由器的存在(详情见第5.3节)及其安全影响。移动路由器和相应的路由器都需要某种手段来验证彼此的有效性。第5.8节对此进行了更详细的讨论。
A deployment consideration with respect to the use of Correspondent Router is the location of the Correspondent Router relative to the Correspondent Node. On one hand, deploying the Correspondent Router nearer to the Correspondent Node would result in a more optimal path. On the other hand, a Correspondent Router that is placed farther away from the Correspondent Node can perform Route Optimization on behalf of more Correspondent Nodes.
关于使用对应路由器的部署考虑是对应路由器相对于对应节点的位置。一方面,将对应路由器部署到更靠近对应节点的位置将产生更优的路径。另一方面,距离对应节点较远的对应路由器可以代表更多对应节点执行路由优化。
Approaches using entities in the infrastructure are described in Section 3.3. The advantages of this approach include, firstly, not requiring new functionalities to be implemented on the Mobile Network Nodes and Correspondent Nodes, and secondly, having most of the complexity shifted to nodes in the infrastructure. However, one main issue with this approach is how the Mobile Router can detect the presence of such entities, and why the Mobile Router should trust these entities. This may be easily addressed if such entity is a Home Agent of the Mobile Router (such as in the global Home Agent to Home Agent protocol [14]). Another concern is that the resulting path may not be a true optimized one, since it depends on the relative positions of the infrastructure entities with respect to the mobile network and the Correspondent Node.
第3.3节介绍了在基础设施中使用实体的方法。该方法的优点包括,首先,不需要在移动网络节点和对应节点上实现新功能,其次,将大部分复杂性转移到基础设施中的节点。然而,这种方法的一个主要问题是移动路由器如何检测这些实体的存在,以及为什么移动路由器应该信任这些实体。如果该实体是移动路由器的归属代理(例如在全局归属代理到归属代理协议[14]中),则可以容易地解决这一问题。另一个问题是,结果路径可能不是真正的优化路径,因为它取决于基础设施实体相对于移动网络和对应节点的相对位置。
Having determined the entities involved in the Route Optimization in the previous sub-section, the next question is which of these entities should initiate the Route Optimization session. Usually, the node that is moving (i.e., Mobile Network Node or Mobile Router) is in the best position to detect its mobility. Thus, in general, it is better for the mobile node to initiate the Route Optimization session in order to handle the topology changes in any kind of mobility pattern and achieve the optimized route promptly. However, when the mobile node is within a nested mobile network, the detection of the mobility of upstream Mobile Routers may need to be conveyed to the nested Mobile Network Node. This might incur longer signaling delay as discussed in Section 4.3.
在上一小节中确定了参与路由优化的实体之后,下一个问题是这些实体中的哪一个应该启动路由优化会话。通常,正在移动的节点(即移动网络节点或移动路由器)处于检测其移动性的最佳位置。因此,一般来说,移动节点最好发起路由优化会话,以便处理任何类型的移动模式中的拓扑变化,并迅速实现优化的路由。然而,当移动节点位于嵌套移动网络内时,可能需要将上游移动路由器的移动性的检测传送到嵌套移动网络节点。如第4.3节所述,这可能导致更长的信令延迟。
Some solution may enable the node on the correspondent side to initiate the Route Optimization session in certain situations. For instance, when the Route Optimization state that is already established on the Correspondent Entity is about to expire but the communication is still active, depending on the policy, the Correspondent Entity may initiate a Route Optimization request with the mobile node side.
某些解决方案可使对应侧的节点在某些情况下发起路由优化会话。例如,当在对应实体上已经建立的路由优化状态即将到期但通信仍然处于活动状态时,根据策略,对应实体可以与移动节点侧发起路由优化请求。
There is also the question of when Route Optimization should be initiated. Because Route Optimization would certainly incur tradeoffs of various forms, it might not be desirable for Route Optimization to be performed for any kind of traffic. This is, however, implementation specific and policy driven.
还有一个问题是什么时候应该启动路线优化。由于路线优化肯定会导致各种形式的折衷,因此可能不希望对任何类型的交通执行路线优化。然而,这是具体实施和政策驱动的。
A related question is how often signaling messages should be sent to maintain the Route Optimization session. Typically, signaling messages are likely to be sent whenever there are topological changes. The discussion in Section 4.1 should be considered. In addition, a Lifetime value is often used to indicate the period of validity for the Route Optimization session. Signaling messages would have to be sent before the Lifetime value expires in order to maintain the Route Optimization session. The choice of Lifetime value needs to balance between different considerations. On one hand, a short Lifetime value would increase the amount of signaling overhead. On the other hand, a long Lifetime value may expose the Correspondent Entity to the risk of having an obsolete binding cache entry, which creates an opportunity for an attacker to exploit.
一个相关的问题是,为了维持路由优化会话,应该多久发送一次信令消息。通常,只要拓扑发生变化,就可能发送信令消息。应考虑第4.1节中的讨论。此外,寿命值通常用于指示路由优化会话的有效期。为了维持路由优化会话,必须在生存期值到期之前发送信令消息。生命周期值的选择需要在不同的考虑因素之间进行平衡。一方面,较短的生存期值会增加信令开销。另一方面,较长的生存期值可能会使对应实体面临过时绑定缓存项的风险,从而为攻击者提供攻击机会。
The question here is how the initiator of Route Optimization knows whether the Correspondent Entity supports the functionality required to established a Route Optimization session. The usual method is for the initiator to attempt Route Optimization with the Correspondent Entity. Depending on the protocol specifics, the initiator may receive (i) a reply from the Correspondent Entity indicating its capability, (ii) an error message from the Correspondent Entity, or (iii) no response from the Correspondent Entity within a certain time period. This serves as an indication of whether or not the Correspondent Entity supports the required functionality to establish Route Optimization. This form of detection may incur additional delay as a penalty when the Correspondent Entity does not have Route Optimization capability, especially when the Route Optimization mechanism is using in-band signaling.
这里的问题是路由优化的发起人如何知道对应实体是否支持建立路由优化会话所需的功能。通常的方法是,发起者尝试与对应实体进行路由优化。根据协议细节,发起方可接收(i)来自对应实体的指示其能力的回复,(ii)来自对应实体的错误消息,或(iii)在特定时间段内没有来自对应实体的响应。这表明对应实体是否支持建立路线优化所需的功能。当对应实体不具有路由优化能力时,特别是当路由优化机制使用带内信令时,这种形式的检测可能招致额外延迟作为惩罚。
When the Correspondent Entity is not the Correspondent Node but a Correspondent Router, an immediate question is how its presence can be detected. One approach is for the initiator to send an Internet Control Message Protocol (ICMP) message containing the address of the Correspondent Node to a well-known anycast address reserved for all Correspondent Routers [7][8]. Only the Correspondent Router that is capable of terminating the Route Optimization session on behalf of the Correspondent Node will respond. Another way is to insert a Router Alert Option (RAO) into a packet sent to the Correspondent Node [9]. Any Correspondent Router en route will process the Router Alert Option and send a response to the Mobile Router.
当对应实体不是对应节点而是对应路由器时,一个直接的问题是如何检测它的存在。一种方法是,发起方将包含对应节点地址的因特网控制消息协议(ICMP)消息发送到为所有对应路由器保留的众所周知的选播地址[7][8]。只有能够代表对应节点终止路由优化会话的对应路由器才会响应。另一种方法是将路由器警报选项(RAO)插入发送到对应节点的数据包中[9]。途中的任何对应路由器将处理路由器警报选项,并向移动路由器发送响应。
Both approaches need to consider the possibility of multiple Correspondent Routers responding to the initiator, and both approaches will generate additional traffic or processing load to other routers. Furthermore, both approaches have yet to consider how the initiator can verify the authenticity of the Correspondent Routers that responded.
这两种方法都需要考虑多个对应路由器响应发起者的可能性,并且这两种方法都会对其他路由器产生额外的业务量或处理负载。此外,这两种方法还没有考虑发起人如何验证应答的应答路由器的真实性。
Normally, Route Optimization would mean that a binding between the address of a Mobile Network Node and the location of the mobile network is registered at the Correspondent Entity. Before exploring different ways of binding (see Section 5.5), one must first ask how the address of the Mobile Network Node is represented. Basically, there are two ways to represent the Mobile Network Node's address:
通常,路由优化意味着移动网络节点的地址和移动网络的位置之间的绑定在对应实体处注册。在探索不同的绑定方式(参见第5.5节)之前,必须首先询问移动网络节点的地址是如何表示的。基本上,有两种方式来表示移动网络节点的地址:
o inferred by the use of the Mobile Network Prefix, or
o 通过使用移动网络前缀推断,或
o explicitly specifying the address of the Mobile Network Node.
o 明确指定移动网络节点的地址。
Using the Mobile Network Prefix would usually mean that the initiator is the Mobile Router, and has the benefit of binding numerous Mobile Network Nodes with one signaling. However, it also means that if location privacy is compromised, the location privacy of an entire Mobile Network Prefix would be compromised.
使用移动网络前缀通常意味着发起方是移动路由器,并且具有用一个信令绑定多个移动网络节点的优点。然而,这也意味着,如果位置隐私受到损害,则整个移动网络前缀的位置隐私将受到损害。
On the other hand, using the Mobile Network Node's address would mean that either the initiator is the Mobile Network Node itself or the Mobile Router is initiating Route Optimization on behalf of the Mobile Network Node. Initiation by the Mobile Network Node itself means that the Mobile Network Node must have new functionalities implemented, while initiation by the Mobile Router means that the Mobile Router must maintain some Route Optimization states for each Mobile Network Node.
另一方面,使用移动网络节点的地址将意味着发起方是移动网络节点本身,或者移动路由器代表移动网络节点发起路由优化。由移动网络节点本身发起意味着移动网络节点必须实现新的功能,而由移动路由器发起意味着移动路由器必须为每个移动网络节点保持一些路由优化状态。
In order for route to be optimized, it is generally necessary for the Correspondent Entity to create a binding between the address and the location of the Mobile Network Node. This can be done in the following ways:
为了优化路由,通信实体通常需要在移动网络节点的地址和位置之间创建绑定。这可以通过以下方式完成:
o binding the address to the location of the parent Mobile Router,
o 将地址绑定到父移动路由器的位置,
o binding the address to a sequence of upstream Mobile Routers, and
o 将地址绑定到上游移动路由器序列,以及
o binding the address to the location of the root Mobile Router.
o 将地址绑定到根移动路由器的位置。
These are described in the following sub-sections.
以下各小节将对此进行说明。
By binding the address of Mobile Network Node to the location of its parent Mobile Router, the Correspondent Entity would know how to reach the Mobile Network Node via the current location of the parent Mobile Router. This can be done by:
通过将移动网络节点的地址绑定到其父移动路由器的位置,通信实体将知道如何通过父移动路由器的当前位置到达移动网络节点。这可以通过以下方式实现:
o Binding Update with Mobile Network Prefix
o 使用移动网络前缀绑定更新
This can be viewed as a logical extension to NEMO Basic Support, where the Mobile Router would send binding updates containing one or more Mobile Network Prefix options to the Correspondent Entity. The Correspondent Entity having received the Binding Update, can then set up a bi-directional tunnel with the Mobile Router at the current Care-of Address of the Mobile Router, and inject a route to its routing table so that packets destined for addresses in the Mobile Network Prefix would be routed through the bi-directional tunnel.
这可以被视为NEMO基本支持的逻辑扩展,其中移动路由器将向对应实体发送包含一个或多个移动网络前缀选项的绑定更新。接收到绑定更新的对应实体随后可以在移动路由器的当前转交地址处与移动路由器建立双向隧道,并将路由注入其路由表,以便目的地为移动网络前缀中的地址的分组将通过双向隧道路由。
Note that in this case, the address of the Mobile Network Node is implied by the Mobile Network Prefix (see Section 5.4).
注意,在这种情况下,移动网络节点的地址由移动网络前缀暗示(参见第5.4节)。
o Sending Information of Parent Mobile Router
o 发送父移动路由器的信息
This involves the Mobile Network Node sending the information of its Mobile Router to the Correspondent Entity, thus allowing the Correspondent Entity to establish a binding between the address of the Mobile Network Node to the location of the parent Mobile Router. An example of such an approach would be [11].
这涉及移动网络节点向对应实体发送其移动路由器的信息,从而允许对应实体在移动网络节点的地址与父移动路由器的位置之间建立绑定。这种方法的一个例子是[11]。
o Mobile Router as a Proxy
o 作为代理的移动路由器
Another approach is for the parent Mobile Router to act as a "proxy" for its Mobile Network Nodes. In this case, the Mobile Router uses the standard Mobile IPv6 Route Optimization procedure to bind the address of a Mobile Network Node to the Mobile Router's Care-of Address. For instance, when the Mobile Network Node is a Local Fixed Node without Mobile IPv6 Route Optimization functionality, the Mobile Router may initiate the Return Routability procedure with a Correspondent Node on behalf of the Local Fixed Node. An example of such an approach would be [20][21][22].
另一种方法是父移动路由器充当其移动网络节点的“代理”。在这种情况下,移动路由器使用标准移动IPv6路由优化过程将移动网络节点的地址绑定到移动路由器的转交地址。例如,当移动网络节点是没有移动IPv6路由优化功能的本地固定节点时,移动路由器可以代表本地固定节点与对应节点发起返回路由性过程。这种方法的一个例子是[20][21][22]。
On the other hand, if the Mobile Network Node is a Visiting Mobile Node, it might be necessary for the Visiting Mobile Node to delegate the rights of Route Optimization signaling to the Mobile
另一方面,如果移动网络节点是访问移动节点,则访问移动节点可能需要将路由优化信令的权利委托给移动节点
Router (see [23] for an example of such delegation). With this delegation, either the Visiting Mobile Network Node or the Mobile Router can initiate the Return Routability procedure with the Correspondent Node. For the case where the Return Routability procedure is initiated by the Visiting Mobile Node, the Mobile Router will have to transparently alter the content of the Return Routability signaling messages so that packets sent from the Correspondent Node to the Visiting Node will be routed to the Care-of Address of the Mobile Router once Route Optimization is established. The case where the Return Routability procedure is initiated by the Mobile Router is similar to the case where the Mobile Network Node is a Local Fixed Node.
路由器(参见[23]了解此类委托的示例)。通过该委托,访问的移动网络节点或移动路由器都可以启动与对应节点的返回可路由性过程。对于由访问的移动节点发起返回路由性过程的情况,移动路由器必须透明地改变返回可路由性信令消息的内容,以便一旦建立路由优化,从对应节点发送到访问节点的分组将被路由到移动路由器的转交地址。由移动路由器发起返回路由性过程的情况类似于移动网络节点是本地固定节点的情况。
For all of the approaches listed above, when the Mobile Network Node is deeply nested within a Mobile Network, the Correspondent Entity would need to gather Binding Updates from all the upstream Mobile Routers in order to build the complete route to reach the Mobile Network Node. This increases the complexity of the Correspondent Entity, as the Correspondent Entity may need to perform multiple binding cache look-ups before it can construct the complete route.
对于上面列出的所有方法,当移动网络节点深入嵌套在移动网络中时,对应实体将需要从所有上游移动路由器收集绑定更新,以便构建到达移动网络节点的完整路由。这增加了对应实体的复杂性,因为对应实体在构建完整路由之前可能需要执行多个绑定缓存查找。
Other than increasing the complexity of the Correspondent Entity, these approaches may incur extra signaling overhead and delay for a nested Mobile Network Node. For instance, every Mobile Router on the upstream of the Mobile Network Node needs to send Binding Updates to the Correspondent Entity. If this is done by the upstream Mobile Routers independently, it may incur additional signaling overhead. Also, since each Binding Update takes a finite amount of time to reach and be processed by the Correspondent Entity, the delay from the time an optimized route is changed till the time the change is registered on the Correspondent Entity will increase proportionally with the number of Mobile Routers on the upstream of the Mobile Network Node (i.e., the level of nesting of the Mobile Network Node).
除了增加对应实体的复杂性之外,这些方法可能会为嵌套的移动网络节点带来额外的信令开销和延迟。例如,移动网络节点上游的每个移动路由器都需要向对应实体发送绑定更新。如果这是由上游移动路由器独立完成的,则可能会产生额外的信令开销。此外,由于每个绑定更新需要有限的时间到达对应实体并由对应实体处理,因此从优化路由改变到在对应实体上注册改变的时间的延迟将随着移动网络节点上游的移动路由器的数量成比例地增加(即,移动网络节点的嵌套级别)。
For "Binding Update with Mobile Network Prefix" and "Sending Information of Parent Mobile Router", new functionality is required at the Correspondent Entity, whereas "Mobile Router as a Proxy" keeps the functionality of the Correspondent Entity the same as a Mobile IPv6 Correspondent Node. However, this is done at an expense of the Mobile Routers, since in "Mobile Router as a Proxy", the Mobile Router must maintain state information for every Route Optimization session its Mobile Network Nodes have. Furthermore, in some cases, the Mobile Router needs to look beyond the standard IPv6 headers for ingress and egress packets, and alter the packet contents appropriately (this may impact end-to-end integrity, see 5.8.2).
对于“使用移动网络前缀绑定更新”和“发送父移动路由器的信息”,对应实体需要新功能,而“作为代理的移动路由器”保持对应实体的功能与移动IPv6对应节点相同。然而,这是以移动路由器为代价的,因为在“作为代理的移动路由器”中,移动路由器必须维护其移动网络节点具有的每个路由优化会话的状态信息。此外,在某些情况下,移动路由器需要查看标准IPv6报头以外的入口和出口数据包,并适当更改数据包内容(这可能会影响端到端完整性,请参见5.8.2)。
One advantage shared by all the approaches listed here is that only mobility protocol is affected. In other words, no modification is
这里列出的所有方法的一个共同优点是,只有移动协议受到影响。换句话说,不需要修改
required on other existing protocols (such as Neighbor Discovery). There is also no additional requirement on existing infrastructure (such as the access network).
其他现有协议(如邻居发现)上需要。对现有基础设施(如接入网络)也没有额外要求。
In addition, having upstream Mobile Routers send Binding Updates independently means that the Correspondent Entity can use the same binding cache entries of upstream Mobile Routers to construct the complete route to two Mobile Network Nodes that have common upstream Mobile Routers. This may translate to lower memory consumption since the Correspondent Entity need not store one complete route per Mobile Network Node when it is having Route Optimization sessions with multiple Mobile Network Nodes from the same mobile network.
此外,让上游移动路由器独立地发送绑定更新意味着对应实体可以使用上游移动路由器的相同绑定缓存条目来构造到具有公共上游移动路由器的两个移动网络节点的完整路由。这可以转化为较低的内存消耗,因为当对应实体与来自同一移动网络的多个移动网络节点进行路由优化会话时,它不需要为每个移动网络节点存储一个完整的路由。
For a nested Mobile Network Node, it might be more worthwhile to bind its address to the sequence of points of attachment of upstream Mobile Routers. In this way, the Correspondent Entity can build a complete sequence of points of attachment from a single transmission of the binding information. Examples using this approach are [10] and [12].
对于嵌套移动网络节点,将其地址绑定到上游移动路由器的连接点序列可能更值得。通过这种方式,对应实体可以从绑定信息的单个传输构建完整的连接点序列。使用这种方法的例子有[10]和[12]。
Different from Section 5.5.1, this approach constructs the complete route to a specific Mobile Network Node at the mobile network side, thus offering the opportunity to reduce the signaling overhead. Since the complete route is conveyed to the Correspondent Entity in a single transmission, it is possible to reduce the delay from the time an optimized route is changed till the time the change is registered on the Correspondent Entity to its minimum.
与第5.5.1节不同,该方法构建了到移动网络侧特定移动网络节点的完整路由,从而提供了减少信令开销的机会。由于在单个传输中将完整的路由传送到对应实体,因此可以将从改变优化路由到在对应实体上登记改变的时间的延迟减少到最小。
One question that immediately comes to mind is how the Mobile Network Node gets hold of the sequence of locations of its upstream Mobile Routers. This is usually achieved by having such information inserted as special options in the Router Advertisement messages advertised by upstream Mobile Routers. To do so, not only must a Mobile Router advertise its current location to its Mobile Network Nodes, it must also relay information embedded in Router Advertisement messages it has received from its upstream Mobile Routers. This might imply a compromise of the mobility transparency of a mobile network (see Section 4.7). In addition, it also means that whenever an upstream Mobile Router changes its point of attachment, all downstream Mobile Network Nodes must perform Route Optimization signaling again, possibly leading to a "Signaling Storm" (see Section 4.1).
一个立即浮现在脑海中的问题是,移动网络节点如何掌握其上游移动路由器的位置序列。这通常是通过将此类信息作为特殊选项插入到由上游移动路由器广告的路由器广告消息中来实现的。要做到这一点,移动路由器不仅必须向其移动网络节点公布其当前位置,还必须中继从其上游移动路由器接收到的路由器公告消息中嵌入的信息。这可能意味着移动网络的移动性透明度有所降低(见第4.7节)。此外,这还意味着每当上游移动路由器改变其连接点时,所有下游移动网络节点都必须再次执行路由优化信令,可能导致“信令风暴”(参见第4.1节)。
A different method of conveying locations of upstream Mobile Routers is (such as used in [10]) where upstream Mobile Routers insert their current point of attachment into a Reverse Routing Header embedded
传输上游移动路由器位置的另一种方法是(如在[10]中使用),其中上游移动路由器将其当前连接点插入嵌入的反向路由报头中
within a packet sent by the Mobile Network Node. This may raise security concerns that will be discussed later in Section 5.8.2.
在由移动网络节点发送的分组内。这可能会引起安全问题,稍后将在第5.8.2节中讨论。
In order for a Correspondent Entity to bind the address of a Mobile Network Node to a sequence of locations of upstream Mobile Routers, new functionalities need to be implemented on the Correspondent Entity. The Correspondent Entity also needs to store the complete sequence of locations of upstream Mobile Routers for every Mobile Network Node. This may demand more memory compared to Section 5.5.1 if the same Correspondent Entity has a lot of Route Optimization sessions with Mobile Network Nodes from the same nested Mobile Network. In addition, some amount of modifications or extension to existing protocols is also required, such as a new type of IPv6 routing header or a new option in the Router Advertisement message.
为了使对应实体将移动网络节点的地址绑定到上游移动路由器的位置序列,需要在对应实体上实现新的功能。通信实体还需要为每个移动网络节点存储上游移动路由器位置的完整序列。如果同一对应实体与来自同一嵌套移动网络的移动网络节点有大量路由优化会话,则与第5.5.1节相比,这可能需要更多内存。此外,还需要对现有协议进行一些修改或扩展,例如新类型的IPv6路由报头或路由器广告消息中的新选项。
A third approach is to bind the address of the Mobile Network Node to the location of the root Mobile Router, regardless of how deeply nested the Mobile Network Node is within a nested Mobile Network. Whenever the Correspondent Entity needs to forward a packet to the Mobile Network Node, it only needs to forward the packet to this point of attachment. The mobile network will figure out how to forward the packet to the Mobile Network Node by itself. This kind of approach can be viewed as flattening the structure of a nested Mobile Network, so that it seems to the Correspondent Entity that every node in the Mobile Network is attached to the Internet at the same network segment.
第三种方法是将移动网络节点的地址绑定到根移动路由器的位置,而不管移动网络节点在嵌套移动网络中的嵌套深度如何。每当通信实体需要将数据包转发到移动网络节点时,它只需要将数据包转发到此连接点。移动网络将自行确定如何将数据包转发到移动网络节点。这种方法可以被看作是将嵌套移动网络的结构扁平化,因此在对应实体看来,移动网络中的每个节点都在同一网段连接到Internet。
There are various approaches to achieve this:
实现这一目标有多种方法:
o Prefix Delegation
o 前缀授权
Here, each Mobile Router in a nested mobile network is delegated a Mobile Network Prefix from the access router (such as using Dynamic Host Configuration Protocol (DHCP) Prefix Delegation [15]). Each Mobile Router also autoconfigures its Care-of Address from this delegated prefix. In this way, the Care-of Addresses of Mobile Routers are all from an aggregatable address space starting from the access router. A Mobile Network Node with Mobile IPv6 functionality may also autoconfigure its Care-of Address from this delegated prefix, and use standard Mobile IPv6 mechanism's to bind its Home Address to this Care-of Address.
这里,嵌套移动网络中的每个移动路由器被从接入路由器(例如使用动态主机配置协议(DHCP)前缀委派[15])委派一个移动网络前缀。每个移动路由器也会根据该授权前缀自动配置其转交地址。这样,移动路由器的转交地址都来自从接入路由器开始的可聚合地址空间。具有移动IPv6功能的移动网络节点还可以根据该委派前缀自动配置其转交地址,并使用标准移动IPv6机制将其家庭地址绑定到此转交地址。
Examples of this approach include [24], [25], and [26].
这种方法的示例包括[24]、[25]和[26]。
This approach has the advantage of keeping the implementations of Correspondent Nodes unchanged. However, it requires the access
这种方法的优点是保持对应节点的实现不变。但是,它需要访问权限
router (or some other entity within the access network) and Mobile Router to possess prefix delegation functionality, and also maintain information on what prefix is delegated to which node. How to efficiently assign a subset of Mobile Network Prefix to child Mobile Routers could be an issue because Mobile Network Nodes may dynamically join and leave with an unpredictable pattern. In addition, a change in the point of attachment of the root Mobile Router will also require every nested Mobile Router (and possibly Visiting Mobile Nodes) to change their Care-of Addresses and delegated prefixes. These will cause a burst of Binding Updates and prefix delegation activities where every Mobile Router and every Visiting Mobile Node start sending Binding Updates to their Correspondent Entities.
路由器(或接入网络中的某些其他实体)和移动路由器,以拥有前缀委派功能,并维护关于将哪个前缀委派给哪个节点的信息。如何有效地将移动网络前缀的子集分配给子移动路由器可能是一个问题,因为移动网络节点可能以不可预测的模式动态地加入和离开。此外,根移动路由器连接点的更改还将要求每个嵌套的移动路由器(以及可能访问的移动节点)更改其转交地址和委派前缀。这些将导致绑定更新和前缀委派活动的爆发,其中每个移动路由器和每个访问的移动节点开始向其对应实体发送绑定更新。
o Neighbor Discovery Proxy
o 邻居发现代理
This approach (such as [27] and [28]) achieves Route Optimization by having the Mobile Router act as a Neighbor Discovery [29] proxy for its Mobile Network Nodes. The Mobile Router will configure a Care-of Address from the network prefix advertised by its access router, and also relay this prefix to its subnets. When a Mobile Network Node configures an address from this prefix, the Mobile Router will act as a Neighbor Discovery proxy on its behalf. In this way, the entire mobile network and its access network form a logical multilink subnet, thus eliminating any nesting.
这种方法(例如[27]和[28])通过让移动路由器充当其移动网络节点的邻居发现[29]代理来实现路由优化。移动路由器将根据其接入路由器公布的网络前缀配置转交地址,并将该前缀中继到其子网。当移动网络节点根据该前缀配置地址时,移动路由器将代表其充当邻居发现代理。这样,整个移动网络及其接入网络形成一个逻辑多链路子网,从而消除任何嵌套。
This approach has the advantage of keeping the implementations of Correspondent Nodes unchanged. However, it requires the root Mobile Router to act as a Neighbor Discovery proxy for all the Mobile Network Nodes that are directly or indirectly attached to it. This increases the processing load of the root Mobile Router. In addition, a change in the point of attachment of the root Mobile Router will require every nested Mobile Router (and possibly Visiting Mobile Nodes) to change their Care-of Addresses. Not only will this cause a burst of Binding Updates where every Mobile Router and every Visiting Mobile Node start sending Binding Updates to their Correspondent Entities, it will also cause a burst of Duplicate Address Discovery messages to be exchanged between the mobile network and the access network. Furthermore, Route Optimization for Local Fixed Nodes is not possible without new functionalities implemented on the Local Fixed Nodes.
这种方法的优点是保持对应节点的实现不变。但是,它要求根移动路由器充当直接或间接连接到它的所有移动网络节点的邻居发现代理。这增加了根移动路由器的处理负载。此外,根移动路由器连接点的改变将要求每个嵌套的移动路由器(以及可能访问的移动节点)改变其转交地址。这不仅将导致绑定更新的突发,其中每个移动路由器和每个访问的移动节点开始向其对应实体发送绑定更新,还将导致在移动网络和接入网络之间交换重复地址发现消息的突发。此外,如果没有在本地固定节点上实现的新功能,本地固定节点的路由优化是不可能的。
o Hierarchical Registrations
o 分级注册
Hierarchical Registration involves Mobile Network Nodes (including nested Mobile Routers) registering themselves with either their parent Mobile Routers or the root Mobile Router itself. After registrations, Mobile Network Nodes would tunnel packets directly
分层注册涉及移动网络节点(包括嵌套的移动路由器)向其父移动路由器或根移动路由器本身注册自己。注册后,移动网络节点将直接通过隧道传输数据包
to the upstream Mobile Router they register with. At the root Mobile Router, packets tunneled from sub-Mobile Routers or Mobile Network Nodes are tunneled directly to the Correspondent Entities, thus avoiding nested tunneling.
到他们注册的上游移动路由器。在根移动路由器处,从子移动路由器或移动网络节点通过隧道传输的数据包直接通过隧道传输到对应实体,从而避免嵌套隧道。
One form of such an approach uses the principle of Hierarchical Mobile IPv6 [13], where the root Mobile Router acts as a Mobility Anchor Point. It is also possible for each parent Mobile Router to act as Mobility Anchor Points for its child Mobile Routers, thus forming a hierarchy of Mobility Anchor Points. One can also view these Mobility Anchor Points as local Home Agents, thus forming a cascade of mobile Home Agents. In this way, each Mobile Router terminates its tunnel at its parent Mobile Router. Hence, although there are equal numbers of tunnels as the level of nestings, there is no tunnel encapsulated within another.
这种方法的一种形式使用分层移动IPv6的原理[13],其中根移动路由器充当移动锚定点。每个父移动路由器也可以充当其子移动路由器的移动锚定点,从而形成移动锚定点的层次结构。还可以将这些移动锚定点视为本地归属代理,从而形成移动归属代理的级联。这样,每个移动路由器在其父移动路由器处终止其隧道。因此,尽管有与嵌套级别相同数量的隧道,但没有封装在另一个隧道中的隧道。
Examples of this approach include [30], [31], [32], and [33].
这种方法的示例包括[30]、[31]、[32]和[33]。
An advantage of this approach is that the functionalities of the Correspondent Nodes are unchanged.
这种方法的优点是对应节点的功能保持不变。
o Mobile Ad-Hoc Routing
o 移动自组织路由
It is possible for nodes within a mobile network to use Mobile Ad-hoc routing for packet-forwarding between nodes in the same mobile network. An approach of doing so might involve a router acting as a gateway for connecting nodes in the mobile network to the global Internet. All nodes in the mobile network would configure their Care-of Addresses from one or more prefixes advertised by that gateway, while their parent Mobile Routers use Mobile Ad-hoc routing to forward packets to that gateway or other destinations inside the mobile network.
移动网络中的节点可以使用移动自组织路由在同一移动网络中的节点之间进行分组转发。这样做的一种方法可能涉及路由器作为网关,用于将移动网络中的节点连接到全球互联网。移动网络中的所有节点都将从该网关播发的一个或多个前缀配置它们的转交地址,而它们的父移动路由器使用移动自组织路由将数据包转发到该网关或移动网络内的其他目的地。
One advantage that is common to all the approaches listed above is that local mobility of a Mobile Network Node within a nested mobile network is hidden from the Correspondent Entity.
上述所有方法共有的一个优点是,嵌套移动网络内的移动网络节点的本地移动性对对应实体隐藏。
In general, Route Optimization signaling can be done either in-plane, off-plane, or both. In-plane signaling involves embedding signaling information into headers of data packets. A good example of in-plane signaling would be Reverse Routing Header [10]. Off-plane signaling uses dedicated signaling packets rather than embedding signaling information into headers of data packets. Proposals involving the sending of Binding Updates fall into this category.
通常,路由优化信令可以在飞机内、飞机外或两者中进行。面内信令涉及将信令信息嵌入到数据包的报头中。平面内信令的一个很好的例子是反向路由报头[10]。非平面信令使用专用信令分组,而不是将信令信息嵌入数据分组的报头中。涉及发送绑定更新的提案属于这一类。
The advantage of in-plane signaling is that any change in the mobile network topology can be rapidly propagated to the Correspondent Entity as long as there is a continuous stream of data to be transmitted. However, this might incur a substantial overhead on the data packets. Off-plane signaling, on the other hand, sends signaling messages independently from the data packet. This has the advantage of reducing the signaling overhead in situations where there are relatively fewer topological changes to the mobile network. However, data packet transmission may be disrupted while off-plane signaling takes place.
面内信令的优点是,只要存在要传输的连续数据流,移动网络拓扑中的任何变化都可以快速传播到对应实体。然而,这可能会在数据包上产生大量开销。另一方面,非平面信令独立于数据分组发送信令消息。这具有在移动网络拓扑变化相对较少的情况下减少信令开销的优点。然而,当发生离机信令时,数据分组传输可能中断。
An entirely different method of signaling makes use of upper-layer protocols to establish the bindings between the address of a Mobile Network Node and the location of the mobile network. Such binding information can then be passed down to the IP layer to insert the appropriate entry in the Binding Cache or routing table. An example of such a mechanism is [34], which uses the Session Initiation Protocol (SIP) to relay binding information.
一种完全不同的信令方法利用上层协议在移动网络节点的地址和移动网络的位置之间建立绑定。然后,可以将此类绑定信息传递到IP层,以便在绑定缓存或路由表中插入适当的条目。这种机制的一个例子是[34],它使用会话发起协议(SIP)来中继绑定信息。
With Route Optimization established, one remaining question to be answered is how data packets can be routed to follow the optimized route. There are the following possible approaches:
建立路由优化后,剩下的一个需要回答的问题是如何路由数据包以遵循优化的路由。有以下几种可能的方法:
o Encapsulations
o 封装
One way to route packets through the optimized path is to use IP-in-IP encapsulations [35]. In this way, the original packet can be tunneled to the location bound to the address of the Mobile Network Node using the normal routing infrastructure. Depending on how the location is bound to the address of the Mobile Network Node, the number of encapsulations required might vary.
通过优化路径路由数据包的一种方法是在IP封装中使用IP[35]。通过这种方式,可以使用正常的路由基础设施将原始分组通过隧道传输到绑定到移动网络节点地址的位置。根据位置如何绑定到移动网络节点的地址,所需的封装数量可能会有所不同。
For instance, if the Correspondent Entity knows the full sequence of points of attachment, it might be necessary for there to be multiple encapsulations in order to forward the data packet through each point of attachment. This may lead to the need for multiple tunnels and extra packet header overhead. It is possible to alleviate this by using Robust Header Compression techniques [36][37][38] to compress the multiple tunnel packet headers.
例如,如果对应实体知道连接点的完整序列,则可能需要有多个封装,以便通过每个连接点转发数据包。这可能导致需要多个隧道和额外的数据包头开销。通过使用健壮的报头压缩技术[36][37][38]来压缩多个隧道分组报头,可以缓解这种情况。
o Routing Headers
o 路由头
A second way to route packets through the optimized path is to use routing headers. This is useful especially for the case where the Correspondent Entity knows the sequence of locations of upstream Mobile Routers (see Section 5.5.2), since a routing header can
通过优化路径路由数据包的第二种方法是使用路由头。这尤其适用于通信实体知道上游移动路由器位置顺序的情况(见第5.5.2节),因为路由报头可以
contain multiple intermediate destinations. Each intermediate destination corresponds to a point of attachment bound to the address of the Mobile Network Node.
包含多个中间目的地。每个中间目的地对应于绑定到移动网络节点的地址的连接点。
This requires the use of a new Routing Header type, or possibly an extension of the Type 2 Routing Header as defined by Mobile IPv6 to contain multiple addresses instead of only one.
这需要使用新的路由头类型,或者可能是移动IPv6定义的类型2路由头的扩展,以包含多个地址,而不是仅包含一个地址。
o Routing Entries in Parent Mobile Routers
o 父移动路由器中的路由条目
Yet another way is for parent Mobile Routers to install routing entries in their routing table that will route Route Optimized packets differently, most likely based on source address routing. This usually applies to approaches described in Section 5.5.3. For instance, the Prefix Delegation approach [24][25][26] would require parent Mobile Routers to route packets differently if the source address belongs to the prefix delegated from the access network.
另一种方法是,父移动路由器在其路由表中安装路由条目,这些条目将以不同方式路由优化的数据包,最有可能基于源地址路由。这通常适用于第5.5.3节所述的方法。例如,如果源地址属于从接入网络委派的前缀,前缀委派方法[24][25][26]将要求父移动路由器以不同方式路由分组。
The most important security consideration in Route Optimization is certainly the security risks a Correspondent Entity is exposed to by creating a binding between the address of a Mobile Network Node and the specified location(s) of the mobile network. Generally, it is assumed that the Correspondent Entity and Mobile Network Node do not share any pre-existing security association. However, the Correspondent Entity must have some ways of verifying the authenticity of the binding specified, else it will be susceptible to various attacks described in [19], such as snooping (sending packets meant for a Mobile Network Node to an attacker) or denial-of-service (DoS) (flooding a victim with packets meant for a Mobile Network Node) attacks.
路由优化中最重要的安全考虑当然是通信实体通过在移动网络节点的地址和移动网络的指定位置之间创建绑定而面临的安全风险。通常,假定对应实体和移动网络节点不共享任何预先存在的安全关联。但是,通信实体必须有一些方法来验证指定绑定的真实性,否则它将容易受到[19]中所述的各种攻击,例如窥探(向攻击者发送用于移动网络节点的数据包)或拒绝服务(DoS)(用用于移动网络节点的数据包淹没受害者)攻击。
When the binding is performed between the address of the Mobile Network Node and one Care-of Address (possibly of the Mobile Router; see Section 5.5.1 and Section 5.5.3), the standard Return Routability procedure specified in Mobile IPv6 might be sufficient to provide a reasonable degree of assurance to the Correspondent Entity. This also allows the Correspondent Entity to re-use existing implementations. But in other situations, an extension to the Return Routability procedure might be necessary.
当在移动网络节点的地址和一个转交地址(可能是移动路由器的地址;参见第5.5.1节和第5.5.3节)之间执行绑定时,移动IPv6中规定的标准返回路由性程序可能足以向对应实体提供合理程度的保证。这还允许对应实体重用现有实现。但在其他情况下,可能需要对返回可路由性过程进行扩展。
For instance, consider the case where the Mobile Router sends a Binding Update containing Mobile Network Prefix information to the Correspondent Entity (see Section 5.5.1). Although the Return
例如,考虑移动路由器向相应实体发送包含移动网络前缀信息的绑定更新的情况(参见第5.5.1节)。虽然返回
Routability procedure allows the Correspondent Entity to verify that the Care-of and Home Addresses of the Mobile Router are indeed collocated, it does not allow the Correspondent Entity to verify the validity of the Mobile Network Prefix. If the Correspondent Entity accepts the binding without verification, it will be exposed to attacks where the attacker tricks the Correspondent Entity into forwarding packets destined for a mobile network to the attacker (snooping) or victim (DoS); [39] discusses this security threat further.
可路由性程序允许对应实体验证移动路由器的转交地址和家庭地址是否确实并置,但不允许对应实体验证移动网络前缀的有效性。如果对应实体在未经验证的情况下接受绑定,则会受到攻击,攻击者会诱使对应实体将目的地为移动网络的数据包转发给攻击者(窥探)或受害者(DoS);[39]进一步讨论了这种安全威胁。
The need to verify the validity of network prefixes is not constrained to Correspondent Entities. In approaches that involve the Correspondent Routers (see Section 5.1.3), there have been suggestions for the Correspondent Router to advertise the network prefix(es) of Correspondent Nodes that the Correspondent Router is capable of terminating Route Optimization on behalf of to Mobile Network Nodes. In such cases, the Mobile Network Nodes also need a mechanism to check the authenticity of such claims. Even if the Correspondent Routers do not advertise the network prefix, the Mobile Network Nodes also have the need to verify that the Correspondent Router is indeed a valid Correspondent Router for a given Correspondent Node.
验证网络前缀有效性的需要并不局限于相应的实体。在涉及对应路由器的方法中(参见第5.1.3节),有建议对应路由器公布对应节点的网络前缀,对应路由器能够代表移动网络节点终止路由优化。在这种情况下,移动网络节点还需要一种机制来检查此类声明的真实性。即使对应路由器不公布网络前缀,移动网络节点也需要验证对应路由器确实是给定对应节点的有效对应路由器。
In Section 5.5.2, the registration signaling involves sending the information about one or more upstream Mobile Routers. The Correspondent Entity (or Home Agent) must also have the means to verify such information. Again, the standard Return Routability procedure as defined in [3] is inadequate here, as it is not designed to verify the reachability of an address over a series of upstream routers. An extension such as attaching a routing header to the Care-of Test (CoT) message to verify the authenticity of the locations of upstream Mobile Routers is likely to be needed. The risk, however, is not confined to Correspondent Entities. The Mobile Network Nodes are also under the threat of receiving false information from their upstream Mobile Routers, which they might pass to Correspondent Entities (this also implies that Correspondent Entities cannot rely on any security associations they have with the Mobile Network Nodes to establish the validity of address bindings). There are some considerations that this kind of on-path threat exists in the current Internet anyway especially when no (or weak) end-to-end protection is used.
在第5.5.2节中,注册信令涉及发送关于一个或多个上游移动路由器的信息。代理实体(或本国代理)还必须有核实此类信息的手段。同样,在[3]中定义的标准返回可路由性程序在这里是不充分的,因为它不是为了验证一个地址在一系列上游路由器上的可达性而设计的。可能需要诸如将路由报头附加到转交测试(CoT)消息以验证上游移动路由器位置的真实性之类的扩展。然而,风险并不局限于代理实体。移动网络节点还面临从其上游移动路由器接收虚假信息的威胁,这些信息可能会传递给对应实体(这也意味着对应实体不能依赖其与移动网络节点的任何安全关联来建立地址绑定的有效性)。目前的互联网中存在着这种路径上的威胁,特别是在没有(或弱)端到端保护的情况下。
All these concerns over the authenticity of addresses might suggest that perhaps a more radical and robust approach is necessary. This is currently under extensive study in various Working Groups of the IETF, and many related documents might be of interest here. For instance, in Secure Neighbor Discovery (SEND) [40], Cryptographically Generated Addresses (CGAs) [41] could be used to establish the
所有这些对地址真实性的担忧可能表明,也许有必要采取更激进、更稳健的方法。目前,IETF的各个工作组正在对此进行广泛研究,许多相关文件可能对此感兴趣。例如,在安全邻居发现(SEND)[40]中,可以使用加密生成的地址(CGA)[41]来建立
ownership of Care-of Addresses. [42] employs the Home Agent to check the signaling messages sent by Mobile Routers to provide a way for Correspondent Entities to verify the authenticity of Mobile Network Prefixes specified. [18] documents various proposed enhancements to the Mobile IPv6 Route Optimization mechanism that might be applied to NEMO Route Optimization as well, such as [43], which allows the Correspondent Entity to authenticate a certain operator's Home Agent by verifying the associated certificate. The Host Identity Protocol (HIP) [44] with end-host mobility considerations [45] may be extended for NEMO Route Optimization as well.
保管地址的所有权。[42]使用归属代理检查移动路由器发送的信令消息,为通信实体提供验证指定移动网络前缀真实性的方法。[18] 记录了移动IPv6路由优化机制的各种拟议增强功能,这些功能也可能应用于NEMO路由优化,例如[43],它允许通信实体通过验证相关证书来验证特定运营商的归属代理。具有终端主机移动性考虑的主机标识协议(HIP)[44]也可扩展用于NEMO路由优化。
In addition, interested readers might want to refer to [46], which discussed the general problem of making Route Optimization in NEMO secure and explored some possible solution schemes. There is also a proposed mechanism in [23] for Mobile Network Node to delegate some rights to their Mobile Routers, which may be used to allow the Mobile Routers to prove their authenticities to Correspondent Entities when establishing Route Optimization sessions on behalf of the Mobile Network Nodes.
此外,感兴趣的读者可能希望参考[46],其中讨论了NEMO安全中路由优化的一般问题,并探讨了一些可能的解决方案。[23]中还提出了一种机制,用于移动网络节点将一些权利委托给其移动路由器,该机制可用于允许移动路由器在代表移动网络节点建立路由优化会话时向对应实体证明其身份。
In some of the approaches, such as "Mobile Router as a Proxy" in Section 5.5.1, the Mobile Router sends messages using the Mobile Network Node's address as the source address. This is done mainly to achieve zero new functionalities required at the Correspondent Entities and the Mobile Network Nodes. However, adopting such a strategy may interfere with existing or future protocols, most particularly security-related protocols. This is especially true when the Mobile Router needs to make changes to packets sent by Mobile Network Nodes. In a sense, these approaches break the end-to-end integrity of packets. A related concern is that this kind of approach may also require the Mobile Router to inspect the packet contents sent to/by Mobile Network Nodes. This may prove to be difficult or impossible if such contents are encrypted.
在一些方法中,例如第5.5.1节中的“移动路由器作为代理”,移动路由器使用移动网络节点的地址作为源地址发送消息。这主要是为了实现对应实体和移动网络节点所需的零新功能。然而,采用这种策略可能会干扰现有或未来的协议,尤其是与安全相关的协议。当移动路由器需要对移动网络节点发送的数据包进行更改时,尤其如此。从某种意义上说,这些方法破坏了数据包的端到端完整性。一个相关的关注点是,这种方法还可能要求移动路由器检查发送到/由移动网络节点发送的分组内容。如果对这些内容进行加密,这可能会很困难或不可能。
The concern over end-to-end integrity arises for the use of a Reverse Routing Header (see Section 5.5.2) too, since Mobile Routers would insert new contents to the header of packets sent by downstream Mobile Network Nodes. This makes it difficult for Mobile Network Nodes to protect the end-to-end integrity of such information with security associations.
使用反向路由报头(见第5.5.2节)也会引起对端到端完整性的担忧,因为移动路由器会将新内容插入下游移动网络节点发送的数据包报头。这使得移动网络节点难以通过安全关联来保护此类信息的端到端完整性。
Another security-related concern is the issue of location privacy. This document currently does not consider the location privacy threats caused by an on-path eavesdropper. For more information on
另一个与安全相关的问题是位置隐私问题。该文件目前不考虑由路径窃听者所造成的位置隐私威胁。有关
that aspect, please refer to [18]. Instead, we consider the following three aspects to location privacy:
关于这方面,请参考[18]。相反,我们考虑以下三个方面的位置隐私:
o Revelation of Location to Correspondent Entity
o 向对应实体披露位置
Route optimization is achieved by creating a binding between the address of the Mobile Network Node and the current location of the Mobile Network. It is thus inevitable that the location of the Mobile Network Node be revealed to the Correspondent Entity. The concern may be alleviated if the Correspondent Entity is not the Correspondent Node, since this implies that the actual traffic end point (i.e., the Correspondent Node) would remain ignorant of the current location of the Mobile Network Node.
路由优化是通过在移动网络节点的地址和移动网络的当前位置之间创建绑定来实现的。因此,不可避免地向对应实体揭示移动网络节点的位置。如果对应实体不是对应节点,则可减轻该关注,因为这意味着实际业务端点(即,对应节点)将保持对移动网络节点的当前位置的无知。
o Degree of Revelation
o 揭露程度
With network mobility, the degree of location exposure varies, especially when one considers nested mobile networks. For instance, for approaches that bind the address of the Mobile Network Node to the location of the root Mobile Router (see Section 5.5.3), only the topmost point of attachment of the mobile network is revealed to the Correspondent Entity. For approaches such as those described in Section 5.5.1 and Section 5.5.2, more information (such as Mobile Network Prefixes and current locations of upstream Mobile Routers) is revealed. Techniques such as exposing only locally-scoped addresses of intermediate upstream mobile routers to Correspondent Entities may be used to reduce the degree of revelation.
随着网络移动性的增加,位置暴露的程度会发生变化,特别是当考虑嵌套移动网络时。例如,对于将移动网络节点的地址绑定到根移动路由器位置的方法(参见第5.5.3节),只有移动网络的最顶端连接点向对应实体显示。对于第5.5.1节和第5.5.2节中描述的方法,将显示更多信息(例如移动网络前缀和上游移动路由器的当前位置)。可以使用诸如仅向对应实体公开中间上游移动路由器的本地作用域地址的技术来降低公开的程度。
o Control of the Revelation
o 启示录的控制
When Route Optimization is initiated by the Mobile Network Node itself, it is in control of whether or not to sacrifice location privacy for an optimized route. However, if it is the Mobile Router that initiates Route Optimization (e.g., "Binding Update with Mobile Network Prefix" and "Mobile Router as a Proxy" in Section 5.5.1), then control is taken away from the Mobile Network Node. An additional signaling mechanism between the Mobile Network Node and its Mobile Router can be used in this case to prevent the Mobile Router from attempting Route Optimization for a given traffic stream.
当路由优化由移动网络节点本身发起时,它控制是否为优化的路由牺牲位置隐私。但是,如果是移动路由器发起路由优化(例如,第5.5.1节中的“使用移动网络前缀绑定更新”和“移动路由器作为代理”),则控制权将从移动网络节点移开。在这种情况下,可以使用移动网络节点与其移动路由器之间的附加信令机制来防止移动路由器尝试对给定业务流进行路由优化。
The problem space of Route Optimization in the NEMO context is multifold and can be split into several work areas. It will be critical, though, that the solution to a given piece of the puzzle be compatible and integrated smoothly with others. With this in mind,
NEMO环境下的路径优化问题空间是多方面的,可以划分为多个工作区域。然而,解决某一难题的方案必须与其他方案兼容并顺利集成,这一点至关重要。有鉴于此,,
this document attempts to present a detailed and in-depth analysis of the NEMO Route Optimization solution space by first describing the benefits a Route Optimization solution is expected to bring, then illustrating the different scenarios in which a Route Optimization solution applies, and next presenting some issues a Route Optimization solution might face. We have also asked ourselves some of the basic questions about a Route Optimization solution. By investigating different possible answers to these questions, we have explored different aspects to a Route Optimization solution. The intent of this work is to enhance our common understanding of the Route Optimization problem and solution space.
本文件试图对NEMO路线优化解决方案空间进行详细和深入的分析,首先描述路线优化解决方案预期带来的好处,然后说明路线优化解决方案应用的不同场景,接下来介绍路由优化解决方案可能面临的一些问题。我们还问了自己一些关于路线优化解决方案的基本问题。通过调查这些问题的不同可能答案,我们探索了路线优化解决方案的不同方面。这项工作的目的是加强我们对路径优化问题和解空间的共同理解。
This is an informational document that analyzes the solution space of NEMO Route Optimization. Security considerations of different approaches are described in the relevant sections throughout this document. Particularly, please refer to Section 4.9 for a brief discussion of the security concern with respect to Route Optimization in general, and Section 5.8 for a more detailed analysis of the various Route Optimization approaches.
这是一份分析NEMO路线优化解决方案空间的信息性文件。本文件相关章节中描述了不同方法的安全注意事项。具体而言,请参考第4.9节,了解有关路线优化的一般安全问题的简要讨论,以及第5.8节,了解各种路线优化方法的更详细分析。
The authors wish to thank the co-authors of previous versions from which this document is derived: Marco Molteni, Paik Eun-Kyoung, Hiroyuki Ohnishi, Felix Wu, and Souhwan Jung. In addition, sincere appreciation is also extended to Jari Arkko, Carlos Jesus Bernardos, Greg Daley, Thierry Ernst, T.J. Kniveton, Erik Nordmark, Alexandru Petrescu, Hesham Soliman, Ryuji Wakikawa, and Patrick Wetterwald for their various contributions.
作者希望感谢本文件的前几个版本的共同作者:Marco Molteni、Paik Eun Kyong、Hiroyuki Ohnishi、Felix Wu和Souhwan Jung。此外,我们还衷心感谢贾里·阿尔科、卡洛斯·耶稣·贝尔纳多斯、格雷格·戴利、蒂埃里·恩斯特、T.J.克尼维顿、埃里克·诺德马克、亚历山大·彼得雷斯库、赫萨姆·索利曼、柳吉·瓦基卡瓦和帕特里克·维特瓦尔德所作的各种贡献。
[1] Ng, C., Thubert, P., Watari, M., and F. Zhao, "Network Mobility Route Optimization Problem Statement", RFC 4888, July 2007.
[1] Ng,C.,Thubert,P.,Watari,M.,和F.Zhao,“网络移动路径优化问题声明”,RFC 4888,2007年7月。
[2] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. Thubert, "Network Mobility (NEMO) Basic Support Protocol", RFC 3963, January 2005.
[2] Devarapalli,V.,Wakikawa,R.,Petrescu,A.,和P.Thubert,“网络移动(NEMO)基本支持协议”,RFC 3963,2005年1月。
[3] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support in IPv6", RFC 3775, June 2004.
[3] Johnson,D.,Perkins,C.,和J.Arkko,“IPv6中的移动支持”,RFC 37752004年6月。
[4] Ernst, T., "Network Mobility Support Goals and Requirements", RFC 4886, July 2007.
[4] Ernst,T.,“网络移动性支持目标和要求”,RFC 48862007年7月。
[5] Manner, J. and M. Kojo, "Mobility Related Terminology", RFC 3753, June 2004.
[5] Way,J.和M.Kojo,“机动性相关术语”,RFC 3753,2004年6月。
[6] Ernst, T. and H-Y. Lach, "Network Mobility Support Terminology", RFC 4885, July 2007.
[6] Ernst,T.和H-Y.Lach,“网络移动支持术语”,RFC 48852007年7月。
[7] Wakikawa, R., Koshiba, S., Uehara, K., and J. Murai, "ORC: Optimized Route Cache Management Protocol for Network Mobility", 10th International Conference on Telecommunications, vol 2, pp 1194-1200, February 2003.
[7] Wakikawa,R.,Koshiba,S.,Uehara,K.,和J.Murai,“ORC:用于网络移动性的优化路由缓存管理协议”,第十届国际电信会议,第2卷,第1194-1200页,2003年2月。
[8] Wakikawa, R. and M. Watari, "Optimized Route Cache Protocol (ORC)", Work in Progress, November 2004.
[8] Wakikawa,R.和M.Watari,“优化路由缓存协议(ORC)”,正在进行的工作,2004年11月。
[9] Na, J., Cho, S., Kim, C., Lee, S., Kang, H., and C. Koo, "Route Optimization Scheme based on Path Control Header", Work in Progress, April 2004.
[9] Na,J.,Cho,S.,Kim,C.,Lee,S.,Kang,H.,和C.Koo,“基于路径控制报头的路由优化方案”,正在进行的工作,2004年4月。
[10] Thubert, P. and M. Molteni, "IPv6 Reverse Routing Header and its application to Mobile Networks", Work in Progress, February 2007.
[10] Thubert,P.和M.Molteni,“IPv6反向路由头及其在移动网络中的应用”,正在进行的工作,2007年2月。
[11] Ng, C. and T. Tanaka, "Securing Nested Tunnels Optimization with Access Router Option", Work in Progress, July 2004.
[11] Ng,C.和T.Tanaka,“使用接入路由器选项保护嵌套隧道优化”,正在进行的工作,2004年7月。
[12] Na, J., Cho, S., Kim, C., Lee, S., Kang, H., and C. Koo, "Secure Nested Tunnels Optimization using Nested Path Information", Work in Progress, September 2003.
[12] Na,J.,Cho,S.,Kim,C.,Lee,S.,Kang,H.,和C.Koo,“使用嵌套路径信息的安全嵌套隧道优化”,正在进行的工作,2003年9月。
[13] Soliman, H., Castelluccia, C., El Malki, K., and L. Bellier, "Hierarchical Mobile IPv6 Mobility Management (HMIPv6)", RFC 4140, August 2005.
[13] Soliman,H.,Castelluccia,C.,El Malki,K.,和L.Bellier,“分层移动IPv6移动性管理(HMIPv6)”,RFC 41402005年8月。
[14] Thubert, P., Wakikawa, R., and V. Devarapalli, "Global HA to HA protocol", Work in Progress, September 2006.
[14] Thubert,P.,Wakikawa,R.,和V.Devarapalli,“全球医管局对医管局协议”,进展中的工作,2006年9月。
[15] Troan, O. and R. Droms, "IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6", RFC 3633, December 2003.
[15] Troan,O.和R.Droms,“动态主机配置协议(DHCP)版本6的IPv6前缀选项”,RFC 3633,2003年12月。
[16] Baek, S., Yoo, J., Kwon, T., Paik, E., and M. Nam, "Routing Optimization in the same nested mobile network", Work in Progress, October 2005.
[16] Baek,S.,Yoo,J.,Kwon,T.,Paik,E.,和M.Nam,“同一嵌套移动网络中的路由优化”,正在进行的工作,2005年10月。
[17] Koodli, R., "Fast Handovers for Mobile IPv6", RFC 4068, July 2005.
[17] Koodli,R.,“移动IPv6的快速切换”,RFC 4068,2005年7月。
[18] Vogt, C. and J. Arkko, "A Taxonomy and Analysis of Enhancements to Mobile IPv6 Route Optimization", RFC 4651, February 2007.
[18] Vogt,C.和J.Arkko,“移动IPv6路由优化增强的分类和分析”,RFC 4651,2007年2月。
[19] Nikander, P., Arkko, J., Aura, T., Montenegro, G., and E. Nordmark, "Mobile IP Version 6 Route Optimization Security Design Background", RFC 4225, December 2005.
[19] Nikander,P.,Arkko,J.,Aura,T.,黑山,G.,和E.Nordmark,“移动IP版本6路由优化安全设计背景”,RFC 42252005年12月。
[20] Bernardos, C., Bagnulo, M., and M. Calderon, "MIRON: MIPv6 Route Optimization for NEMO", 4th Workshop on Applications and Services in Wireless Network, Online: http://www.it.uc3m.es/cjbc/papers/miron_aswn2004.pdf, August 2004.
[20] Bernardos,C.,Bagnulo,M.,和M.Calderon,“米隆:针对NEMO的MIPv6路由优化”,第四期无线网络应用和服务研讨会,在线:http://www.it.uc3m.es/cjbc/papers/miron_aswn2004.pdf,2004年8月。
[21] Calderon, M., Bernardos, C., Bagnulo, M., Soto, I., and A. Oliva, "Design and Experimental Evaluation of a Route Optimisation Solution for NEMO", IEEE Journal on Selected Areas in Communications (J-SAC), vol 24, no 9, September 2006.
[21] Calderon,M.,Bernardos,C.,Bagnulo,M.,Soto,I.,和A.Oliva,“NEMO路由优化解决方案的设计和实验评估”,IEEE通信选定领域杂志(J-SAC),第24卷,第9期,2006年9月。
[22] Bernardos, C., Bagnulo, M., Calderon, M., and I. Soto, "Mobile IPv6 Route Optimisation for Network Mobility (MIRON)", Work in Progress, July 2005.
[22] Bernardos,C.,Bagnulo,M.,Calderon,M.,和I.Soto,“网络移动性的移动IPv6路由优化(MIRON)”,正在进行的工作,2005年7月。
[23] Ylitalo, J., "Securing Route Optimization in NEMO", Workshop of 12th Network and Distributed System Security Syposuim, NDSS Workshop 2005, online: http://www.isoc.org/isoc/conferences/ ndss/05/workshop/ylitalo.pdf, February 2005.
[23] Ylitalo,J.,“NEMO中的安全路由优化”,第12届网络和分布式系统安全系统研讨会,NDSS研讨会2005,在线:http://www.isoc.org/isoc/conferences/ ndss/05/workshop/ylitalo.pdf,2005年2月。
[24] Perera, E., Lee, K., Kim, H., and J. Park, "Extended Network Mobility Support", Work in Progress, July 2003.
[24] Perera,E.,Lee,K.,Kim,H.,和J.Park,“扩展网络移动支持”,正在进行的工作,2003年7月。
[25] Lee, K., Park, J., and H. Kim, "Route Optimization for Mobile Nodes in Mobile Network based on Prefix Delegation", 58th IEEE Vehicular Technology Conference, vol 3, pp 2035-2038, October 2003.
[25] Lee,K.,Park,J.和H.Kim,“基于前缀授权的移动网络中移动节点的路由优化”,第58届IEEE车辆技术会议,第3卷,第2035-2038页,2003年10月。
[26] Lee, K., Jeong, J., Park, J., and H. Kim, "Route Optimization for Mobile Nodes in Mobile Network based on Prefix Delegation", Work in Progress, February 2004.
[26] Lee,K.,Jeong,J.,Park,J.,和H.Kim,“移动网络中基于前缀委托的移动节点路由优化”,正在进行的工作,2004年2月。
[27] Jeong, J., Lee, K., Park, J., and H. Kim, "Route Optimization based on ND-Proxy for Mobile Nodes in IPv6 Mobile Network", 59th IEEE Vehicular Technology Conference, vol 5, pp 2461-2465, May 2004.
[27] Jeong,J.,Lee,K.,Park,J.,和H.Kim,“IPv6移动网络中基于ND代理的移动节点路由优化”,第59届IEEE车辆技术会议,第5卷,第2461-2465页,2004年5月。
[28] Jeong, J., Lee, K., Kim, H., and J. Park, "ND-Proxy based Route Optimization for Mobile Nodes in Mobile Network", Work in Progress, February 2004.
[28] Jeong,J.,Lee,K.,Kim,H.,和J.Park,“移动网络中基于ND代理的移动节点路由优化”,正在进行的工作,2004年2月。
[29] Narten, T., Nordmark, E., and W. Simpson, "Neighbor Discovery for IP Version 6 (IPv6)", RFC 2461, December 1998.
[29] Narten,T.,Nordmark,E.,和W.Simpson,“IP版本6(IPv6)的邻居发现”,RFC24611998年12月。
[30] Kang, H., Kim, K., Han, S., Lee, K., and J. Park, "Route Optimization for Mobile Network by Using Bi-directional Between Home Agent and Top Level Mobile Router", Work in Progress, June 2003.
[30] Kang,H.,Kim,K.,Han,S.,Lee,K.,和J.Park,“通过在归属代理和顶级移动路由器之间使用双向来优化移动网络的路由”,正在进行的工作,2003年6月。
[31] Lee, D., Lim, K., and M. Kim, "Hierarchical FRoute Optimization for Nested Mobile Network", 18th Int'l Conf on Advance Information Networking and Applications, vol 1, pp 225-229, 2004.
[31] Lee,D.,Lim,K.,和M.Kim,“嵌套移动网络的分层FRoute优化”,第18届国际先进信息网络和应用会议,第1卷,第225-229页,2004年。
[32] Takagi, Y., Ohnishi, H., Sakitani, K., Baba, K., and S. Shimojo, "Route Optimization Methods for Network Mobility with Mobile IPv6", IEICE Trans. on Comms, vol E87-B, no 3, pp 480- 489, March 2004.
[32] Takagi,Y.,Ohnishi,H.,Sakitani,K.,Baba,K.,和S.Shimojo,“移动IPv6网络移动性的路由优化方法”,IEICE Trans。《通讯》,第E87-B卷,第3期,第480-489页,2004年3月。
[33] Ohnishi, H., Sakitani, K., and Y. Takagi, "HMIP based Route optimization method in a mobile network", Work in Progress, October 2003.
[33] Ohnishi,H.,Sakitani,K.,和Y.Takagi,“移动网络中基于HMIP的路由优化方法”,正在进行的工作,2003年10月。
[34] Lee, C., Zheng, J., and C. HUang, "SIP-based Network Mobility (SIP-NEMO) Route Optimization (RO)", Work in Progress, October 2006.
[34] Lee,C.,Zheng,J.,和C.HUang,“基于SIP的网络移动性(SIP-NEMO)路由优化(RO)”,正在进行的工作,2006年10月。
[35] Conta, A. and S. Deering, "Generic Packet Tunneling in IPv6 Specification", RFC 2473, December 1998.
[35] Conta,A.和S.Deering,“IPv6规范中的通用数据包隧道”,RFC 2473,1998年12月。
[36] Bormann, C., Burmeister, C., Degermark, M., Fukushima, H., Hannu, H., Jonsson, L-E., Hakenberg, R., Koren, T., Le, K., Liu, Z., Martensson, A., Miyazaki, A., Svanbro, K., Wiebke, T., Yoshimura, T., and H. Zheng, "RObust Header Compression (ROHC): Framework and four profiles: RTP, UDP, ESP, and uncompressed", RFC 3095, July 2001.
[36] Bormann,C.,Burmeister,C.,Degermark,M.,Fukushima,H.,Hannu,H.,Jonsson,L-E.,Hakenberg,R.,Koren,T.,Le,K.,Liu,Z.,Martenson,A.,Miyazaki,A.,Svanbro,K.,Wiebke,T.,Yoshimura,T.,和H.Zheng,“鲁棒头压缩(ROHC):框架和四个配置文件:RTP,UDP,ESP和未压缩”,RFC 3095,2001年7月。
[37] Jonsson, L-E., "RObust Header Compression (ROHC): Terminology and Channel Mapping Examples", RFC 3759, April 2004.
[37] Jonsson,L-E,“鲁棒头压缩(ROHC):术语和信道映射示例”,RFC 3759,2004年4月。
[38] Minaburo, A., Paik, E., Toutain, L., and J. Bonnin, "ROHC (Robust Header Compression) in NEMO network", Work in Progress, July 2005.
[38] Minaburo,A.,Paik,E.,Toutain,L.,和J.Bonnin,“NEMO网络中的ROHC(鲁棒头压缩)”,正在进行的工作,2005年7月。
[39] Ng, C. and J. Hirano, "Extending Return Routability Procedure for Network Prefix (RRNP)", Work in Progress, October 2004.
[39] Ng,C.和J.Hirano,“扩展网络前缀(RRNP)的返回可路由性程序”,正在进行的工作,2004年10月。
[40] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure Neighbor Discovery (SEND)", RFC 3971, March 2005.
[40] Arkko,J.,Kempf,J.,Zill,B.,和P.Nikander,“安全邻居发现(SEND)”,RFC 39712005年3月。
[41] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, March 2005.
[41] Aura,T.,“加密生成地址(CGA)”,RFC 39722005年3月。
[42] Zhao, F., Wu, F., and S. Jung, "Extensions to Return Routability Test in MIP6", Work in Progress, February 2005.
[42] Zhao,F.,Wu,F.,和S.Jung,“MIP6中返回路由性测试的扩展”,正在进行的工作,2005年2月。
[43] Bao, F., Deng, R., Qiu, Y., and J. Zhou, "Certificate-based Binding Update Protocol (CBU)", Work in Progress, March 2005.
[43] Bao,F.,Deng,R.,Qiu,Y.,和J.Zhou,“基于证书的绑定更新协议(CBU)”,正在进行的工作,2005年3月。
[44] Moskowitz, R., Nikander, P., Jokela, P., and T. Henderson, "Host Identity Protocol", Work in Progress, April 2007.
[44] Moskowitz,R.,Nikander,P.,Jokela,P.,和T.Henderson,“主机身份协议”,正在进行的工作,2007年4月。
[45] Henderson, T., "End-Host Mobility and Multihoming with the Host Identity Protocol", Work in Progress, March 2007.
[45] Henderson,T.,“使用主机身份协议的终端主机移动和多宿”,正在进行的工作,2007年3月。
[46] Calderon, M., Bernardos, C., Bagnulo, M., and I. Soto, "Securing Route Optimization in NEMO", Third International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks, WIOPT 2005, pages 248-254, April 2005.
[46] Calderon,M.,Bernardos,C.,Bagnulo,M.,和I.Soto,“NEMO中的安全路由优化”,第三届移动、自组网和无线网络建模和优化国际研讨会,WIOPT 2005,第248-254页,2005年4月。
Authors' Addresses
作者地址
Chan-Wah Ng Panasonic Singapore Laboratories Pte Ltd Blk 1022 Tai Seng Ave #06-3530 Tai Seng Industrial Estate, Singapore 534415 SG
陈华吴松下新加坡实验室私人有限公司,地址:新加坡泰生大道1022号,邮编:534415
Phone: +65 65505420
EMail: chanwah.ng@sg.panasonic.com
Phone: +65 65505420
EMail: chanwah.ng@sg.panasonic.com
Fan Zhao University of California Davis One Shields Avenue Davis, CA 95616 US
范昭加利福尼亚大学戴维斯一护大道戴维斯,CA 95616美国
Phone: +1 530 752 3128
EMail: fanzhao@ucdavis.edu
Phone: +1 530 752 3128
EMail: fanzhao@ucdavis.edu
Masafumi Watari KDDI R&D Laboratories Inc. 2-1-15 Ohara Fujimino, Saitama 356-8502 JAPAN
日本Saitama Ohara Fujimino第2-1-15号大原藤野市Masafumi Watari KDDI研发实验室有限公司356-8502
EMail: watari@kddilabs.jp
EMail: watari@kddilabs.jp
Pascal Thubert Cisco Systems Village d'Entreprises Green Side 400, Avenue de Roumanille Batiment T3, Biot - Sophia Antipolis 06410 FRANCE
Pascal Thubert Cisco Systems Village d'Enterprises Green Side 400,法国索菲亚安提波利斯市比奥区鲁曼尼耶大道T3号,邮编:06410
EMail: pthubert@cisco.com
EMail: pthubert@cisco.com
Full Copyright Statement
完整版权声明
Copyright (C) The IETF Trust (2007).
版权所有(C)IETF信托基金(2007年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。