Download Admission Control in IP Multicast over Heterogeneous Access

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Net bias wikipedia , lookup

UMTS wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

TV Everywhere wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

IEEE 1355 wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Distributed firewall wikipedia , lookup

Wireless security wikipedia , lookup

Computer network wikipedia , lookup

Airborne Networking wikipedia , lookup

Network tap wikipedia , lookup

Deep packet inspection wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Transcript
Admission Control in IP Multicast over
Heterogeneous Access Networks
Pedro Santos (PT Inovação)
António Pinto, Manuel Ricardo (INESC Porto)
Franscisco Fontes, Teresa Almeida (PT Inovação)
Portugal Telecom Inovação, S.A. / INESC Porto
Outline
• Introduction
• IP Multicast
• Reference Network Scenario
– UMTS / xDSL / WiMAX
• Proposed Solution
• Results
• Conclusions
May 17
NGMAST'08
2
Introduction
• The general goals of this project were:
– To design a solution capable of performing
• multicast receiver access control (e.g. TV channels)
• multicast sender access control (e.g. User generated content)
– ... in an heterogeneous access network scenario
– Implement a prototype for validation purposes
May 17
NGMAST'08
3
IP Multicast
• One data stream per group of receivers
– Packet replication done by network nodes
– Multicast groups represented by IP addresses
• (* ,G)  Any-Source Multicast (ASM)
• (S,G)  Source-Specific Multicast (SSM)
• Group management
– IPv4  Internet Group Management Protocol (IGMP)
– IPv6  Multicast Listener Discovery (MLD)
• Forwarding protocols
– Protocol Independent Multicast (PIM-SM/SSM/BiDir)
– Distance Vector Multicast Routing Protocol (DVMRP)
May 17
NGMAST'08
4
IP Multicast
May 17
NGMAST'08
5
IP Multicast
• IP Multicast  Open architecture
– Receivers are free to join any group
– Sources are free to transmit to any group
 Makes IP multicast-based commercial
services difficult to implement
• Solutions
– End-to-end encryption of data streams
– Control access to multicast sessions
May 17
NGMAST'08
6
Objectives
• IP multicast streaming over heterogeneous access
networks
– UMTS, xDSL, WiMAX
• Identify network nodes where to perform
– access control
– authorization
– resource management
• Support for multicast sources
– in the core network (known & authorized SP)
– in the access network (user generated content)
• Authentication, authorization and record of multicast
sessions
• Implement a prototype to validate the proposed solution
May 17
NGMAST'08
7
Reference Network Scenario
May 17
NGMAST'08
8
UMTS
• GGSN  Multicast router
• Native multicast support
– Multimedia Broadcast/Multicast Service (MBMS)
• New functional element (BM-SC)
• Inter-operable with IP Multicast (IGMP & IPv4 Class D)
• Only for downstream traffic
– The reference point from the content provider to the BMSC is not standardised by 3GPP in this release of the
specification.
“3GPP TS 23.246 v8.2.0”
May 17
NGMAST'08
9
xDSL
• BNG/BRAS  Multicast router
• DSL-Forum TR-101 – Two Connection types
– PPPoE
• Point-to-point connection CPE  BNG
• Packet replication done at the BNG
 Access control to multicast flows @ BNG
– IPoE
• Every network element performs packet replication
• L2 control over packet replication necessary at the DSLAM
 Access control to multicast flows @ BNG and DSLAM
May 17
NGMAST'08
10
WiMAX
• ASN-GW  Multicast router
• SS  ASN-GW connection
– Identified by a 16bit number (CID)
– Upstream unicast connections (exclusively)
– Downstream multicast connections possible (mCID) but...
• mCID are unidirectional in nature
• not fitted for power-conservative systems
• only efficient for large groups (nº of subscribed SSs)
 Access control to multicast flows @ ASN-GW
May 17
NGMAST'08
11
Proposed Solution
• User authentication
– Done at network attachment
• Access control done at the network access node
–
–
–
–
Members detection  IGMP messages
Sources detection  UDP multicast messages
Access Authorization  AAA server
Policy Enforcement  Access Control Lists (ACLs)
• Multicast profile per user/subscriber
• Multicast session id
– IP header  Source address (SA), destination address (DA)
– IGMP message  Group source address (GSA), group
destination address (GDA)
May 17
NGMAST'08
12
Multicast Control - MSC
May 17
NGMAST'08
13
Prototype (Multicast Controller)
May 17
NGMAST'08
14
Results
• Multicast controller basic functionalities
–
–
–
–
–
authenticated user detection/verification
detection of multicast join/leave messages
detection of multicast source transmissions
multicast authorization checks
multicast traffic filtering (according to authZ checks)
• Successful functional validation
– authorized/unauthorized group join request
– multicast transmission to an authorized/unauthorized group
– unauthorize a source/member after transmission/reception
has begun
• Processed up to 1250 IGMP requests/sec
May 17
NGMAST'08
15
Conclusions
• Multicast control done at access node
– GGSN (UMTS)
– BNG or BNG & DSLAM (xDSL)
– ASN-GW (WiMAX)
• Application & Network agnostic
–
–
–
–
No changes needed to applications or network protocols
Minimal user impact (only network elements are affected)
Access control done at network layer
... L2 control may be required (If L2 packet replication)
• Access control is subscriber “centric”
May 17
NGMAST'08
16
Questions
?
May 17
NGMAST'08
17