Dean Cheng 81 st IETF Quebec City RADIUS Extensions for CGN Configurations draft-cheng-behave-cgn-cfg-radius-ext-00 1 1.

Slides:

Advertisements

Similar presentations

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

Advertisements

© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Umut Girit  One of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer.

IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.

Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.

Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,

4: Addressing Working At A Small-to-Medium Business or ISP.

DHCP: Dynamic Host Configuration Protocol

Dean Cheng Jouni Korhonen Mehamed Boucadair

Network Layer4-1 DHCP: Dynamic Host Configuration Protocol Goal: allow host to dynamically obtain its IP address from network server when it joins network.

Access Protocols PPP vs. DHCP Chapter 5. Overview PPP DHCP User identities Assignment of IP addresses Assignment of other parameters.

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.

QUALCOMM Incorporated 1 Protocol Options for BSN- BSMCS Controller Interface Jun Wang, Kirti Gupta 05/16/2005 Notice: Contributors grant a free, irrevocable.

Pack-it Technology Highly versatile Internet connectivity solution for non-Internet enabled devices. Seamless interface with RS232, Ethernet, switches,

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Planning the Addressing Structure Working at a Small-to-Medium Business.

Dean Cheng Jouni Korhonen Mehamed Boucadair

Real-time Flow Management 2 BOF: Remote Packet Capture Extensions Jürgen Quittek NEC Europe Ltd, Heidelberg, Germany Georg Carle GMD.

1 RFC Transmission of IPv6 Packets over IEEE Networks Speaker: Li-Wen Chen Date:

RADIUS issues in IPv6 deployments draft-hu-v6ops-radius-issues-ipv6-01 J. Hu, YL. Ouyang, Q. Wang, J. Qin,

IPv6/IPv4 XLATE Trial Service for sharing IPv4 address Japan Internet Exchange Co., Ltd. Masataka MAWATARI.

1 RADIUS Attribute Harmonization and Informational guidelines for PWLAN Farid Adrangi Intel Corporation ( )

Dean Cheng Xiaohu Xu Joel Halpern Mohamed Boucadair

X xxx ZTE Discussion on cdma2000 Charging with PCC Title: Discussion on PCC Charging for cdma2000 1x and HRPD Sources: China Telecom, ZTE Contact:

Cisco Networking Academy S2 C9 TCP/IP. ensure communication across any set of interconnected networks Stack components such as protocols to support file.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Network Address Translation for IPv4 Routing And Switching.

SAVI Analysis for PANA with SLACC Yilan Ding IETF 79 draft-ding-savi-pana-with-slacc-00.

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Network Layer NAT, IPv6.

1 VLANs Relates to Lab 6. Short module on basics of VLAN switching.

Allow / express forward Drop NAT Policy Engine Enhancement Frame Ingress WebOS Policy Engine MAC source/dest address IP /not IP source/dest address /range.

IETF 77 RADEXT WG RADIUS Accounting extensions for IPv6 draft-maglione-radext-ipv6-acct-extensions-01 R. Maglione – Telecom Italia B. Varga - Magyar Telekom.

IP Protocol CSE TCP/IP Concepts Connectionless Operation Internetworking involves connectionless operation at the level of the Internet Protocol.

6DEPLOY. IPv6 Deployment and Support

IETF 78 RADIUS extensions for DS-Lite draft-maglione-softwire-dslite-radius-ext-00 R. Maglione – Telecom Italia A. Durand – Juniper Networks.

TCP/IP PROTOCOL UNIT 6. Overview of TCP/IP Application FTP, Telnet, SMTP, HTTP.. Presentation Session TransportHost-to-HostTCP, UDP NetworkInternetIP,

Packet Switch Network Server client IP Ether IPTCPData.

RADIUS attributes commonly used in fixed networks draft-klammorrissette-radext-very-common-vsas-00 Devasena Morrissette, Frederic Klamm, Lionel Morand.

1 K. Salah Module 5.1: Internet Protocol TCP/IP Suite IP Addressing ARP RARP DHCP.

IP - Internet Protocol No. 1  Seattle Pacific University IP: The Internet Protocol Kevin Bolding Electrical Engineering Seattle Pacific University.

Configuring NAT. Configuring Static NAT There are two basic tasks to perform when configuring static NAT translations: Create the mapping between the.

CCNA4-1 Chapter 7-1 NAT Chapter 11 Routing and Switching (CCNA2)

IETF 85 Use cases for MAP-T draft-maglione-softwire-map-t-scenarios-01 R. Maglione.

Attribute-Value Pairs For Provisioning Customer Equipment Supporting IPv4-Over-IPv6 Transitional Solutions Cathy Zhou; Tom Taylor; Qiong Sun draft-zhou-dime-4over6-provisioning-01.

WholeSale Model 10. WholeSale Model This feature enables the Nomadix device to act as an L2TP Access Concentrator (LAC) and initiate single or multiple.

Planning the Addressing Structure

© 2003, Cisco Systems, Inc. All rights reserved.

BGP extensions for Path Computation Element (PCE) Discovery in a BGP/MPLS IP-VPN draft-kumaki-pce-bgp-disco-attribute-03.txt Kenji Kumaki KDDI R&D Labs,

PANA Issues and Resolutions

NAT State Synchronization using SCSP draft-xu-behave-nat-state-sync-01

Instructor Materials Chapter 9: NAT for IPv4

draft-jeyatharan-netext-pmip-partial-handoff-02

Routing and Switching Essentials v6.0

Radius Attribute for MAP draft-jiang-softwire-map-radius-03

CIS 82 Routing Protocols and Concepts Chapter 11 NAT

Routing and Switching Essentials v6.0

Instructor Materials Chapter 9: NAT for IPv4

Problem & Proposal for User Plane Support for QoS Mapping

Planning the Addressing Structure

Planning the Addressing Structure

Chapter 15. Internet Protocol

MAPID for User Plane Support

CS4470 Computer Networking Protocols

Chapter 11: Network Address Translation for IPv4

Introduction to Networks

MAPID for User Plane Support

DHCP: Dynamic Host Configuration Protocol

Dayong GUO Sheng JIANG (Speaker) Remi Despres

M. Boucadair, J. Touch, P. Levis and R. Penno

Presentation transcript:

Dean Cheng 81 st IETF Quebec City RADIUS Extensions for CGN Configurations draft-cheng-behave-cgn-cfg-radius-ext

Motivation Scenario (in a broadband network)  User configuration is stored on a RADIUS server (user profile)  User’s broadband connection terminates at a BNG  CNG (e.g. NAT44) can be co-located on a BNG Problem to solve  How to leverage the existing RADIUS based infrastructure in broadband network to configure & manage subscriber based CGN parameters? Solution proposed  Pre-configure the CGN related parameters on the RADIUS server as part of the user profile. This information is propagated to the BNG/CGN by RADIUS messages exchange between BNG and RADIUS server.  CGN related user parameters are sent from BNG to RADIUS server. 2

Configure NAT44 TCP/UDP Session Limit via RADIUS AAA Server Access Request Service Request NAT44/NAS BNG User profile: Username pwd, IPv4 address, CGN TCP/UDP, Session Limit Access-Accept CGN-Session-Limit (TCP/UDP ports) Service Granted (other parameters) User RADIUSPPPoE/DHCP 3 Account Request CGN-Session-Limit (TCP/UDP ports) (NAT44 external port allocation and IPv4 address assignment)

Change NAT44 TCP/UDP Session Limit via RADIUS AAA Server NAT44/NAS BNG User profile: Username pwd, IPv4 address, CGN TCP/UDP, Session Limit User 4 TCP/UDP Port Limit (1024) CoA Request CGN-Session-Limit (TCP/UDP ports) TCP/UDP Port Limit (2048)

CGN-Session-Limit Attribute Type - TBD Length – 6 octets ST (3 bit) - 0: The limit as specified is applied to the sum of TCP ports, UDP ports and ICMP identifiers. 1: The limit as specified is applied to the sum of TCP ports and UDP ports. 2: The limit as specified is applied to TCP ports. 3: The limit as specified is applied to UDP ports. 4: The limit as specified is applied to ICMP identifiers. 5-7: Not used. Reserved – set to zero by sender and ignored by receiver. Session Limit - This field contains the maximum number that is imposed to the total number of TCP ports, or UDP ports, or the sum of the two, or ICMP Identifiers, or the sum of the three, depending on the value in the Session Type field, that the specific user can use during CGN operation. 5

Report NAT44 TCP/UDP Port Allocation Range via RADIUS AAA Server Access Request Service Request NAT44/NAS BNG User profile: Username pwd, IPv4 address, CGN TCP/UDP, Session Limit Access-Accept Service Granted User RADIUSPPPoE/DHCP 6 Account Request CGN-Session-Range for de-allocation CGN allocates a TCP/UDP port range for the user Account Request CGN-Session-Range for allocation CGN de-allocates a TCP/UDP port range for the user

CGN-Session-Range Attribute Type - TBD Length – (12 plus the length of Local Session ID) octets A-bit Flag – 0: The specified range is for allocation. 1: The specified range is for de-allocation. ST (Session Type) 2 bits: 0: The session range is applied to TCP ports. 1: The session range is applied to UDP port range. 2: The session range is applied to both TCP and UDP port range. 3: The session range is applied to ICMP identifier range. 7

CGN-Session-Range Attribute (Cont.) Reserved – set to zero by sender and ignored by receiver. External Session Range Start: This field contains the smallest TCP/UDP Port number or the smallest ICMP identifier number in the session range, which contains consecutive TCP/UDP ports or ICMP identifiers, depending on the value of Session Type. External Session Range End: This field contains the largest TCP/UDP Port number or the largest ICMP identifier number in the session range, which contains consecutive TCP/UDP ports or ICMP identifiers, depending on the value of Session Type. External IPv4 Address: This field contains the IPv4 address assigned to the associated subscriber to be used in the external realm. Local Session ID: This is an optional field and if presents, it contains a local session identifier at the customer premise, such as MAC address, interface ID, VLAN ID, PPP sessions ID, VRF ID,etc.The length of this field equals to the total attribute length minus 12 octets. 8

NAT44 Port Forwarding Configuration via RADIUS AAA Server Access Request Service Request NAT44/NAS BNG User profile: Username pwd IPv4 address Internal port External port Access-Accept CGN-Port-Forwarding-Map Service Granted (other parameters) Account Request CGN-Port-Forwarding-Map User (Create a port mapping for the user, and associate it with the internal and external IP address) RADIUSPPPoE/DHCP 9

Change NAT44 TCP/UDP Port Mapping via RADIUS AAA Server NAT44/NAS BNG User 10 Internal IP Address Port Map (a:X) CoA Request CGN-Port-Forwarding-Map) Internal IP Address Port Map (a:Y)) CoA Response CGN-Port-Forwarding-Map) User profile: Username pwd IPv4 address Internal port External port RADIUSPPPoE/DHCP

CGN-Forwarding-Port-Map Attribute Type - TBD Length – Depending on the value of the AF field, the length could be 8, 12 or 24 octets. AF (Address Family)- 2 bits: 0: no internal IP address 1: The internal address is an IPv4 address. 2: The internal address is an IPv6 address. 3: Unused. Reserved – set to zero by sender and ignored by receiver. Internal Port – The internal port for the CGN mapping. External Port – The external port for the CGN mapping. Internal IP address – if exists, contains the internal IPv4 or IPv6 address for the CGN mapping. 11

Next Step … Solicit review and assistance from RADEXT WG on the RADIUS elements in the draft Propose as a WG document in BEHAVE WG 12