A Policy Management Framework for Flow Distribution on Multihomed - PowerPoint PPT Presentation

A Policy Management Framework for Flow Distribution on Multihomed End Nodes Koshiro Mitsuya <mitsuya@sfc.wide.ad.jp> Romain Kuntz <kuntz@lsiit.u-strasbg.fr> Shinta Sugimoto <shinta@sfc.wide.ad.jp> Ryuji Wakikawa <ryuji@sfc.wide.ad.jp> Jun Murai <jun@wide.ad.jp> 1

Table of Contents • Motivations • Scenario • Requirements • Current Situation • New Framework • Conclusion 2

Motivations Contemplated multihomed environment • Node equipped with multiple (wireless) network accesses • Especially true in mobile environment • multiple communication paths , • Maintained by one or multiple multihoming protocols (MIP6/MCoA, SHIM6, SCTP , etc.) • Each has multiple goals and benefits, • Ubiquitous access, fault tolerance, load sharing, ... • Flow Distribution: distribute flow via multiple available paths 3

Motivations How to achieve flow distribution • User/Application creates its desired policies , • Described in term of cost, bandwidth, delay, jitter, etc. • The policy management framework confronts them to the characteristics of each available path • Resulting the filter rules , • Filter rules used as input to the OS-specific filtering framework , • Filter rules exchanged among peer hosts. 4

Example Scenario reque ster  ow policy mpro dist. filter rule reque anchor node ster policy reque ster paths with different mpro step-2 characteristics policy mpro  ow mpro  ow dist. step-1 dist. mpro mpro reque filter filter ster rule step-3 rule mutihomed node correspondent policy Legend: mpro = multihoming protocol stack functional node entity  ow dist. =  ow distribution mechanism 5

Requirements for the policy management framework R1: Policy description: language definition R1.1 Makes the relation between flow and path characteristics, R1.2 Multihoming protocol independent. R2: Multiple requesters (local or remote) management R3: Policy resolution to filter rules and error management R4: Filter rules description , R5: Filter rules transport, R6: Multiple filter rules processing, R7: Transport security 6

Current Situation Summary of existing specifications Multihoming protocol Flow distribution in Multihoming Protocol principles specifications implementations Mobile-IPv6 Multiple CoA binded to MCoA, Flow Binding, based Ipfilter, PF, Netfilter a single HoA Flow distribution (MIPv6, NEMO) Upper Layer ID (ULID) Policy DB in the SHIM6 SHIM6 based mapped to one or SHIM6 API, Netfilter IP sub-layer, Multihoming SHIM API more locators Host ID (HI, public key) HIP based mapped to one or Multihoming SHIM API impossible several IP addresses Transport layer SCTP based SCTP socket API Socket API, library protocol 7

Current Situation Main Principles • Identifier/locator separation concept, • Flow Distribution achieved by choosing proper locator, • Locator set by configuring filter rules (via Socket API, OS-specific framework, etc.), 8

Current Situation Main Issues • Usually associates the flow to a system or protocol- oriented path ID (eg: BID for MCoA), ‣ Protocol-dependent • Usually do not exchange filter rules among hosts (HIP , SHIM6, SCTP). ‣ Cannot specify e.g. round-trip path • Flow distribution tightly depends on the OS on which the implementation is running ‣ Hard to define a generic flow distribution architecture. 9

New Framework Main Principles ➡ Unified Policy management framework on top of the various flow distribution mechanisms, ➡ Using the existing mechanisms given by the OS. 10

New Framework Main Principles • Policy Data Set: • Describes flow in terms of costs, bandwidth, delay, jitter, etc. • Policy Management Framework: • Confront the policy data set against the interfaces’ characteristics, • Produce filter rules, • Install / send filter rules to peer hosts. 11

New Framework The Policy Data Set • Generic language to define a common policy data set whatever the multihoming protocol or OS is running on the node (R1.2) , • Set of Policy Rules: • Tells which policy (flow + action) to apply when some conditions are met (R1.1) . 12

New Framework The Policy Data Set policy data set policy rule target host policy rule conditions target host policy policy target host policy target host policy policy conditions policy policy policy policy rule policy policy policy target host conditions policy policy conditions = expected network characteristics policy = selector + action 13

New Framework Policy Management Framework • Processes the Policy Data Sets from multiple sources (R2) , • Confront the user policies with the actual path’s characteristics to produce filter rules (R3, R4) , • Uses the existing filtering framework to install the rules on local host (R6) , • Send the filter rules for remote host (R5, R7) 14

Policy Policy Policy data set data set data set Policy C. data set E. policy condition exchanger list of decision available network resources Set of policies B. path D. characteristics path (path ID, examiner decision characteristics)  lter rules (  ow ID, list of available path ID) paths remote host X.  lter rule X.  lter rule exchanger exchanger  lter rules for remote host A. path local maintainer  lter F.  lter rule encoder rules F.  lter rule encoder e.g. PF e.g. Net  lter con  guration  le con  guration local  le G.protocol- G.protocol- G.protocol- G.protocol- dependent  ltering dependent  ltering dependent  ltering dependent  ltering framework framework framework framework Multihoming Multihoming Multihoming Multihoming Protocol Protocol Protocol Protocol 15

Conclusion • Defined requirements for a policy management framework, • Draft framework working on top of several multihoming protocols, • Next steps: • Grammar definition for the Policy Data Set, • draft-mitsuya-monami6-flow-distribution-policy • Framework implementation and evaluation. 16

Thank you, Any questions? Romain Kuntz <kuntz@lsiit.u-strasbg.fr>