Network Selection Bernard Aboba Microsoft Month 2002 doc.: IEEE 802.11-02/0638r0 May 2004 Network Selection Bernard Aboba Microsoft http://www.ietf.org/internet-drafts/draft-ietf-eap-netsel-problem-00.txt Bernard Aboba, Microsoft John Doe, His Company
Outline Problem Definition Current Work Items Virtual APs Summary May 2004 Outline Problem Definition Current Work Items Virtual APs Summary Bernard Aboba, Microsoft
Challenges for Public Access WLAN May 2004 Challenges for Public Access WLAN Minimizing channel conflicts In some locations (e.g. airports) multiple networks are becoming the norm. Airlines are installing 802.11 networks for use in baggage reconciliation and roving ticket counters Multiple wireless ISPs often also want to serve airport customers Radio interference is an issue In the US and Europe 802.11b networks can support only 3 non-overlapping channels In France and Japan only one channel is available Once the channels are utilized by existing APs, additional APs will interfere and reduce performance Minimizing capital expenditures In this economic environment, raising capital is difficult Undesirable to build out multiple networks in the same location - why not build one network and share it? Attaining high utilization of deployed Access Points Profitability enhanced by filling in periods of low usage on the “diurnal curve” Implies a need to serve many different types of customers: business, consumers, etc. Minimizing support costs Desirable to support a wide variety of clients without having to preconfigure them Bernard Aboba, Microsoft
Wouldn’t It Be Great If… May 2004 Wouldn’t It Be Great If… A single network could be shared by multiple providers? Each provider could retain the flexibility to announce their own network, and select the services they wish to provide (rates, security mechanisms, etc.)? Each provider could manage their own users without interfering with other providers? Customers could discover any of the offered networks without needing to pre-configure their stations? To get there, we need to solve the Network Selection Problem! Bernard Aboba, Microsoft
Aspects of Network Selection May 2004 Aspects of Network Selection Access Network Discovery Which access point to attach to? Identifier Selection Which identity and credentials to use in this AP? Selection of roaming intermediaries How to route the AAA conversation to the home network? Payload Routing How to route payload traffic in the right way Filters and mandatory tunnels Bernard Aboba, Microsoft
An alternative decomposition May 2004 An alternative decomposition Discovery Access networks and access points Home networks available through these Mediating networks Decision Manual or automatic Automatic is preferred Most likely needs some pre-provisioned preference information Indicating the selected network Attach to the chosen network and access point Provide the chosen identity and home domain Possibly provide some hints about mediating networks Bernard Aboba, Microsoft
When is Network Selection an Issue? May 2004 When is Network Selection an Issue? More than one network is available, each with different characteristics. The user has multiple credentials, and needs to decide which to use to authenticate to a particular network. There is more than one roaming path between the access and home network, and service parameters or pricing differs between them. The roaming relationships between access and home networks are so complicated that current AAA protocols cannot route the requests to the home network based solely on the Network Access Identifier (NAI). Payload packets get routed or tunneled differently, based on the roaming relationship path. This may have an impact on the available services or their pricing. Providers share the same infrastructure, such as wireless access points. Bernard Aboba, Microsoft
Some Thoughts… All four problems are relevant. May 2004 Some Thoughts… All four problems are relevant. Potential need for new solutions, at least for the three first problems. The problems are very hard if you consider them with large number of networks, fast handoffs, security, and automatic decisions. The proliferation of multiple network selection technologies within IEEE 802, IETF, and 3GPP would be bad. Solving all problems with current link layers and existing network access devices may not be possible. Phasing? Bernard Aboba, Microsoft
Feedback from 3GPP SA2 WLAN group May 2004 Feedback from 3GPP SA2 WLAN group What parts of the problem does 3GPP want to solve? Problem 1 (Access Network Discovery) and 3 (AAA routing) are relevant to 3GPP. Problem 2 (Identifier Selection) is considered at this stage out of scope. Problem 4 (Payload Routing) is considered a separate problem within SA2 scope and is still under discussion. Observations [J. Arkko] 3GPP uses existing L2 mechanisms for problem 1, expects an IETF solution for problem 3 Needed for 3GPP Release 6 Bernard Aboba, Microsoft
Recommendations from IETF 59 May 2004 Recommendations from IETF 59 There is current interest in problem 1 (access network selection) Problem 1 belongs to layer 2 Long-term, discovery is most efficient at layer 2 There is current interest in problem 3 (roaming intermediary selection) Problem 3 needs at least partial IETF work, though intermediary discovery could also be done at layer 2 Any IETF intermediary discovery solution would necessarily be short-term Other problems are lower priority… Bernard Aboba, Microsoft
IETF Work In Network Selection May 2004 IETF Work In Network Selection Access Network Discovery No chartered work yet Identifier Selection draft-ietf-pkix-wlan-extns-05.txt Product of the PKIX WG Selection of roaming intermediaries draft-arkko-roamops-rfc2486bis-00.txt Included in RADEXT WG Charter Payload Routing Improvements to AAA filtering and redirection capabilities, proposed in RADEXT WG Charter Bernard Aboba, Microsoft
Thinking About the Access Netowrk Discovery Problem May 2004 Thinking About the Access Netowrk Discovery Problem Why are existing solutions not adequate? WFA: Public Access MRD Why are recently proposed standards not adequate? IEEE 802.1ab, IEEE 802.1af Bernard Aboba, Microsoft
What is a Virtual Access Point? May 2004 What is a Virtual Access Point? A “Virtual Access Point” is a logical entity that exists within a physical Access Point (AP). Each Virtual AP appears to stations (STAs) to be an independent physical AP. Virtual APs emulate the operation of physical APs at the MAC layer. Virtual APs provide partial emulation of the IP and Application Layer behavior of physical APs. Emulating the operation of a physical AP at the radio frequency layer is typically not possible unless multiple radios are available. Bernard Aboba, Microsoft
Is It “Virtual” Or Is It Real? Only Your Radio Knows For Sure! May 2004 Is It “Virtual” Or Is It Real? Only Your Radio Knows For Sure! Physical APs Channel 6 Channel 6 SSID: Foo BSSID: A Rates: 5.5,11 Security: WPA SSID: Bar BSSID: B Rates: 1,2,5.5,11 Security: Open Beacon/Probe Response AP B STA AP A Virtual APs Channel 6 SSID: Foo BSSID: A Rates: 5.5,11 Security: WPA SSID: Bar BSSID: B Rates: 1,2,5.5,11 Security: Open AP A Bernard Aboba, Microsoft
What Is Required for a Virtual AP? May 2004 What Is Required for a Virtual AP? Multiple SSIDs. Support for multiple SSID advertisement by APs Support for STA discovery for advertised SSIDs. Multiple capability advertisements. Each Virtual AP can advertise its own set of capabilities. Pre-authentication routing. Determination of the target SSID prior to Association (for routing of pre-authentication traffic). Multiple VLANs. Allow a unique VLAN (and unique default key) to be assigned to each Virtual AP. Multiple RADIUS configurations. Multiple RADIUS configurations, one for each virtual AP. Multiple virtual SNMP MIBs. A virtual MIB instance per Virtual AP. Bernard Aboba, Microsoft
The State of “Virtual APs” Today May 2004 The State of “Virtual APs” Today IEEE 802.11-1999 does not provide guidance on required MAC-layer behavior of “Virtual APs” Multiple approaches taken by AP vendors Different assumptions made by NIC vendors Interoperability, reliability problems abound Solution: WFA addressing the issue in the Public Access Group MRD near completion; requires separate BSSID for each advertised configuration Test plan to come Bernard Aboba, Microsoft
How Well do Virtual APs Scale? May 2004 How Well do Virtual APs Scale? Velayos & Karlsson “Techniques to Reduce IEEE 802.11b Handover Time”, Swedish Royal Institute of Technology http://www.it.kth.se/~hvelayos/papers/TRITA-IMIT-LCN%20R%2003-02%20Handover%20in%20IEEE%20802.pdf Bernard Aboba, Microsoft
Problems with IEEE 802.1 Solutions May 2004 Problems with IEEE 802.1 Solutions IEEE 802.1ab only supports “announcements”, not request/response Designed as an IEEE 802.1 “slow protocol” IEEE 802.1af Discovery not oriented towards wireless Does not address rate negotiation issue May not support existing 802.11 Information Elements In pre-auth, APs from other networks are not reachable Unlikely to be implemented on 802.11 APs Bernard Aboba, Microsoft
Recommendations Work needed on enhanced scaling for network discovery May 2004 Recommendations Work needed on enhanced scaling for network discovery Existing Beacon/Probe mechanism does not scale Problem with increasing dynamic range of rates Problem with large number of Virtual APs Problem with increasing Beacon/Probe Response size Work in progress does not address discovery issues Discovery of APs whose Beacons cannot be heard IEEE 802.11k Site Report only supports discovery of APs within the same administrative domain Existing IEEE 802 work does not address the problem IEEE 802.1ab, IEEE 802.af oriented toward wired, not wireless networks Bernard Aboba, Microsoft
May 2004 Feedback? Bernard Aboba, Microsoft