Hypervisor of Wireless Gateways/Interfaces for ...

Hypervisor of Wireless Gateways/Interfaces for Mobility and Multihoming of a New Generation of Mobile Laboratory Ibrahima NGOM1, Hamadou SALIAH-HASSANE2, Claude LISHOU3 and Samuel OUYA4 1

Ecole Supérieure Polytechnique/UCAD, Dakar, Sénégal, [email protected] Téléuniversité/UQAM, Montréal, Canada, [email protected] 3 École Supérieure Polytechnique/UCAD, Dakar, Sénégal, [email protected] 4 École Supérieure Polytechnique/UCAD, Dakar, Sénégal, [email protected] 2

Abstract Today, the Internet mobility raises a great deal of interest. Identifiers should be assigned stable and not take into account the ever changing topology of the Internet. Locators should instead be very similar to the topology to be effective to reach a host. The separation of the identifier and locator is a consensus point (both feasible and desirable) of the Working Group RRG (Routing Research Group) of the IRTF for mobility and multihoming. Host Identity Protocol (HIP) proposes a new architecture based on the principle of distinguishing the identity of a node (Identifier) and the means to locate it (Locator). A central system or hypervisor is proposed by combining multiple wireless gateways/interfaces. This combination forms almost a backbone around the mobile laboratory. The hypervisor takes the separation of the identifier and locator into account by implementing the HIP protocol mechanisms. To ensure the mobility of the mobile laboratory, a global identifier or HI (Host Identifier) is assigned to the hypervisor and multiple locators are associated to each wireless gateway/interface by mapping the HI to provide the multi-homing. A Rendezvous system is used to locate the mobile laboratory via these locators. HI does not contain topological information, if the hypervisor switches from Wi-Fi to a 3G, HI should not change and a mobile laboratory locator changes while ensuring the maintenance of existing sessions, as if the mobile laboratory had not budged.

Keywords: Hypervisor, Wireless gateways/interfaces, Mobile Laboratory, Identifier, Locator, Mobility, Multihoming.

1. Introduction Today, the most common computers often have multiple network interfaces. The laptop has a wired interface, a Wi-Fi, a 3G and Bluetooth. The Smartphone has a Wi-Fi interface and a 3G. In [1], the proposed model of a new generation of mobile laboratory uses a central system to ensure its interconnection to the wireless systems available International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

nearby. This central system is multi-gateways/multi-interfaces. The arising question is how to manage this multiplicity of networks interfaces. This paper proposes to manage multiplicity of interfaces using a wireless Interworking Gateway Hypervisor (wIGH), see [1], without requiring laboratory applications to choose them the interface. wIGH incorporates subsystems in order to provide continuous mobility and a multi-homing context, respectively. One subsystem collects information from various sources (DHCP, routes announcements (RA, Router Advertisement), manual configuration, etc.) and a Mobility controller system then offers choices that are global to the wIGH hypervisor or specific to a gateway/interface. wIGH implements HIP protocol mechanism [2].

2. Wireless gateways hypervisor, wIGH For the mobility and multi-homing character of the mobile laboratory, separating the identifier and the locator is required. The wIGH central system adopts this separation by implementing the HIP protocol mechanisms. For mobility of the mobile laboratory, an HI identifier is assigned to the wIGH hypervisor and several locators (gateways/interfaces addresses) will be associated by mapping them to ensure multihoming. A correspondence system, or mapping, between the HI and the wIGH IP addresses is required. HI will not contain topological information that is to say, if the hypervisor switches from Wi-Fi connection to a 3G, HI should not change and the locator changes while ensuring the maintenance of existing sessions, as if the mobile laboratory had not moved. During mobility of the mobile laboratory, it is not practical to put wIGH locators in the DNS server; the proposed solution is to use a rendezvous server appointment (appointments Server or RVS), which ensures the mapping between the HI identifier and the locator and then relay it to the correspond node. 2.1. Principle of wIGH hypervisor On the inner side of the mobile laboratory, wIGH has only one shared interface that serves as a gateway to internal components. For this interface, several virtual sub interfaces are created, and then mutualised to give a hypervisor. A common identifier is used for identifying these gateways/interfaces, that is to say the wIGH hypervisor, and each virtual interface can be attributed to a locator of the access network connected via an active wireless gateway. An internal closure at the hypervisor is considered to link virtual interfaces or virtual gateways in order to form a single access point to the mobile laboratory. On the outer side, wIGH hosts a set of wireless gateways/interfaces which individually and dynamically associates it to the wireless systems available nearby. A preferences network list is always calculated by a mobility controller for mobility candidates. Several wireless gateways are active at a time. The hypervisor will then ensure the mobility management and multi-homing behaviour of the mobile laboratory maintaining active sessions while offering a transparent change of locators by HIP mechanisms accompanied by a rendezvous system. Each virtual sub interface is directly connected to an active wireless gateway/interface. Each of the gateways/interfaces is, in turn, connected, to a wireless access network providing an Internet access. The laboratory IP packets are identified by global HIT (Host Identifier Tag) of wIGH and the routing requires making a link between the global HI of wIGH and the locators of wireless International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

gateways from attached access networks. In the DNS server, wireless gateways locators are not registered to be mapped or linked to this global identifier. To locate the mobile laboratory, the hostname, FQDN, of wIGH is also mapped with an IP address of a rendezvous server (RVS) [4]. The RVS role is to manage the correspondence between the global HIT of wIGH and each of the locators which are dynamically attributed by the attached access networks. To ensure mutualization, each virtual gateway is assigned a virtual identifier or virtual Host Identity (vHI) which has the same HIT format of fixed size 128 bits, the size of an IPv6 address. A prefix ORCHID [5] the 2001:10::/28 is used to avoid any collision with the "real" IPv6 addresses. The vHI is designed, by applications, to be stored as an IP address. The hypervisor, wIGH, is mainly composed of a sub-system (see [1]) for recording and processing wireless networks contextual information and profiles of laboratory applications called Information Processing System (IPS), of an Access Network Management (ANM) and a Virtual Interworking Gateway (ViG) for the pooling of wireless gateways/interfaces, see Figure 1.

Figure 1. Hypervisor subsystems

2.2. Communication with mobile laboratory In order not create a bottleneck and avoid the load of the dynamic registration of locators in the RVS, one the concept of virtual locator or vID (virtual IDentifier) was then introduced. This one is a virtual HoA (Home Address) predefined and assigned by the access provider or Service Provider (SP) activating a wIGH wireless gateway for the mobile laboratory. Associated to the global HI, the vHI are registered in the RVS with priority criteria updated by the mobility controller [1] of the wIGH. In the RVS, a correspondence is recorded between the vHI and the vID of the associated wireless gateway. Priorities in the RVS define an active wireless gateways ranking obtained by a calculation using MADM methods in Mobility Controller, see [1]. To communicate with the mobile laboratory, an initiator node sends a query to the DNS server [6] which responds giving the IP address of the RVS. Then, the node sends an HIP association request to RVS server which relays the request to the wIGH using vID identifier of the gateway/interface according to the list of preferences. In the provider network, the vID is mapped to HoA or CoA of the involved gateway/interface following the case where it is attached to the mother network or to the visited network. After receiving the association request via the gateway/interface, wIGH returns directly an R1 packet to that node without using the RVS. This package contains a cryptographic puzzle which that should be resolved. It contains the security parameters of the session, the HIT of this initiator node and the answering machine. It also includes information creating a security association or ESP SA (ESP Security Association) [7] and this International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

package is signed; the Diffie Hellman session then begins between the node and the mobile laboratory (wIGH). DNS

HI, vHI1, vHI2, vHI3, ...

{

lab.labader.ca

SP1

Mapping vID1 HoA w=2 vID2 CoA w=1

Mapping server

HA+LRVS

RVS

VG1 vID1

4

VG2

vHI1 w=1 vHI2 w=2 vHI3 w=3 vHI... w=...

vHI HI(CN)

vID2

LM

2

{

HI(wIGH)

lab.labader.ca lab.labader.ca

vID

HI(wIGH) IP(RVS)

1

3

IP(CN)

SP2 VG3

HA+LRVS

5

vID3

SP3 wIGH

VG...

vID...

HA+LRVS

CN cn.esp.sn

Figure 2. Initiation of connection with mobile laboratory The initiator and the mobile laboratory are taking any of the other knowledge of their HIT and IP address; HIT for the identification and the IP address for the location. A HIP packets exchange continues until HIP association is accepted by both parties. However, the data transmission starts between that node and the mobile laboratory via the involved gateway/interface.

3. Mobile laboratory mobility In the proposed mobile laboratory model, in [1], the central node wIGH is wireless multi-gateways/multi-interfaces. Each wireless gateway may change attachment point during the mobile laboratory mobility. Based on the HIP mechanisms and the use of RVS or rendezvous server, the mobile laboratory mobility is transparently possible with the exchange of updater messages or UPDATE messages as follows: - The notification to the corresponding node of IP address change via an UPDATE message containing the new locator. - The association of the new address with the HIT global identifier of wIGH with an UPDATE message containing ECHO_REQUEST parameter to verify the IP address. - The response with a UPDATE acknowledgement message containing ECHO_REQUEST parameter to validate the new IP address. In the proposed mobility architecture, the fundamental entities are the RVS on the Internet [4], the RVS access network or L-RVS (Local RVS) proposed in [8], the RVS link access or S-RVS (subnet RVS) proposed in [9] and the m-RVS (mobile RVS) that is introduced in the wIGH hypervisor. These entities are responsible for monitoring the mobile laboratory movement and the exchange of required signalling messages for the mobility of the latter. RVS is on the Internet and allows locating the mobile laboratory. Each wIGH gateway/interface is already pre-recorded in an access network or home network. The L-RVS resides in an access network and is responsible for maintaining location information of a wireless gateway connected and pre-recorded. It checks and updates the network prefix of this one. L-RVS plays the same role as the HA (Home Agent); they can be co-located. The S-RVS is the entity that resides on access link to exercise the signalling related to wireless gateway mobility or the mobile laboratory International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

one. It also supports the detection of attachment points (AP) of a wireless gateway and initiates UPDATE messages to the L-RVS. S-RVS is co-located at the AR (Access Router). The m-RVS resides in the wIGH and is co-located with wireless gateways. Associated with each vID of a wireless gateway in the L-RVS, it serves as a mapping server for all the components of the mobile laboratory. It is responsible for initiating the advance UPDATE messages that are sent to the L-RVS attached before the attachment point change. During the mobility of the mobile laboratory, when a wireless gateway leaves an attachment point for another attachment point, m-RVS sends to L-RVS an UPDATE message LU1, accompanied by an aggregation flag telling him to prepare an update of the network prefix of the already pre-recorded wireless gateway. That first LU1 message contains the virtual identifier or vID considered as a fixed locator of wireless m-RVS/gateway beside the L-RVS. At reception of a LU1 message, L-RVS is then informed of a possible change of attachment point of m-RVS and prepares to perform an update of the network prefix of this one (wireless gateway ) by mapping the vID to a network valid IP address where the new attachment point or S-RVS is. At the time of the wireless gateway detection, this one sends parallel to the L-RVS a LU'1 UPDATE message. This LU'1 message contains a recording flag of the detected wireless gateway. At the reception of the LU'1 message, L-RVS maps the vID to an IP address. In the micro-mobility case, L-RVS ignores the LU1 message sent by the m-RVS and send a LU'2 UPDATE message to S-RVS indicating that the m-RVS may retain as locator the same IP address. In the macro-mobility case, L-RVS updates the correspondence between the vID and the new IP address and relays the LU1 UPDATE message to the corresponding node. And the exchange of two other UPDATE messages will directly follow between the m-RVS and the corresponding node. These two messages are respectively for an association of the new IP address to HIT of the wireless m-RVS/gateway wireless and for the validation as locator of the new IP address.

{

labader.licef.ca, HI

vHI1, vHI2, vHI3, ...

SP1

HI.m-RVS

vID2

Mapping vID1 vID2

S-RVS1

RVS

HoA w=0 CoA w=1

HA+LRVS ’2

LU1

Fixed Labo

LU

’1

vID1

P S E

VG2

X

LU

VG1

D

RA

1

TA

LU

S-RVS2

A

vID2

LU 2

VG3 vID3

LU 3

wIGH

VG...

CN

vID...

m-RVS

cn.ucad.sn

Figure 3. Micro-mobility and Macro-mobility of wireless gateway/interface in wIGH 3.1. Micro-Mobility In the micro-mobility case (changing attachment point in the same network) Figure 3, when a mobile laboratory wireless gateway leaves the current attachment point that is the S-RVS1, to another attachment point that is the S-RVS2, the latter detects it and two UPDATE messages are exchanged between the network S-RVS2 and L-RVS to redirect International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

the mobile laboratory traffic at the new attachment point. S-RVS2 sends to L-RVS a first UPDATE message that is LU'1 containing a registration flag. At the reception, the latter verifies and updates the wireless gateway recording; it responds to S-RVS2 sending a second UPDATE message that is LU'2 containing the same network prefix including the wireless gateway IP address of pre-recorded from the L-RVS via the previous attachment point. At reception, the S-RVS2 uses the content of LU’2 and sends an advertisement message that is RA (Router Advertisement) including the wireless gateway same current network prefix to retain the same IP address. Session is so maintained and the traffic is transparently redirected to the new attachment point by L-RVS to the corresponding node (CN). 3.2. Macro-Mobility In the macro-mobility case Figure 3, when a mobile laboratory wireless gateway leaves an attachment point to a new attachment point, the mobile RVS or m-RVS sends a LU1 UPDATE message to the L-RVS with an aggregating flag announcing to prepare an update for the pre-recorded gateway network prefix. This LU1 first message contains the wireless gateway virtual identifier or vID as wireless m-RVS/gateway locator. After updating this network prefix, L-RVS can then anticipate the LU1 UPDATE message sends to the corresponding node. It parallelly sends the LU'2 UPDATE message to the new attachment point, which then sends a RA announcement message to the wireless gateway. In the LU1 message relayed to CN, L-RVS maps and replaces only the virtual locator or vID by IP address updated in the network prefix because an m-RVS aggregation permits and allows it to join the same SA security associations for m-RVS. When the wireless gateway leaves the current attachment point that is the S-RVS1 in the new attachment point favour that is the S-RVS2 in another network? This one detects it and two UPDATE messages are exchanged between the network S-RVS2 and L-RVS. S-RVS2 sends to L-RVS an UPDATE message that is LU'1 containing a recording flag. At reception, it checks and updates the wireless gateway recording; it responds to S-RVS2 by sending an UPDATE message that is LU'2 that contains the updated network prefix including the wireless gateway/m-RVS new IP address. At reception, the S-RVS2 uses the contents of LU'2 and sends an announcement message that is RA (Router Advertisement), to the wireless gateway/m-RVS including the new network prefix to apply. At LU1 UPDATE message reception, advanced via the L-RVS, CN updates the association of the new IP address to the mobile laboratory HIT and directly resends a LU2 UPDATE message to wireless m-RVS/gateway. The LU2 message contains a ECHO_REQUEST parameter in which is placed a sequence of characters to verify the mobile laboratory new location address, that is the wireless gateway/m-RVS. The mobile laboratory responds, via the m-RVS, to this message by an LU3 UPDATE acknowledgment message repeating this sequence of characters in a ECHO_RESPONSE parameter. At reception of the LU3 message, CN is confirmed of this new locator validation and communication can safely restart between the mobile laboratory and CN.

International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

3.3. Intersystem Mobility In the mobile laboratory proposed model [1], an inter-systems mobility case may be removed by the wIGH hypervisor multi-homing character. If wIGH is well dimensioned with wireless systems heterogeneity, a wireless gateway connected to its mother wireless system is of best preference to a wireless gateway connected to a wireless visitor system. The multi-homing in [10] is then preferable to inter-system mobility. However, the inter-system mobility of the mobile laboratory is summarized in Figure 4. HI, vHI1, vHI2, vHI3, ...

{

lab.labader.ca

Ma p p

SP1

vID1 vID2

HA+ S-RVS

VG1

ing

w= 1 H o A w= 2 CoA

1 L R VS

LU’2

LU’1

X VG2

2 L R VS FA+ S S-RV

vID3

VG...

AT A

LU

1

Mapping vID3

wIGH

ES PD

LU 2

R.A

R. S

VG3

Fixed Labo

LU1

vID1

vID2

RVS

HoA w=1

LU3

CN

vID... m-RVS

SP2

cn.esp.sn

Figure 4: Inter-system mobility of a gateway/interface of the mobile laboratory When a mobile laboratory wireless gateway moves from a mother network, that is LRVS1 to a visitor network that is L-RVS2, this one sends to L-RVS1 a LU1 UPDATE message with an aggregation flag announcing to prepare a network prefix update. LRVS1 is then waiting for a prefix network UPDATE message to relay the LU1 message to the CN. When moving the mobile laboratory, the wireless gateway sends a solicitation message or Router Solicitation (RS) in the mother network. After detection of the RS via the access router or S-RVS, this one relays to L-RVS2 a Binding Update message or BU. L-RVS2 checks BU and sends an LU'1 UPDATE message to the LRVS1 of the mother network of the wireless gateway/m-RVS. The LU'1 message includes a CoA (Care of Address) address. Then, the L-RVS1 updates the network prefix of this one and relays the LU1 UPDATE message received from CN, informing at the same time the vID address and IP address of the L-RVS2 in a LOCATOR parameter. Parallelly, it responds to L-RVS2 by a LU'2 UPDATE message to signify it the possibility to relay messages directly from CN to the wireless gateway/m-RVS. At LU'2 reception, L-RVS2 sends BU Ack (acknowledgment Binding Update) to the SRVS that relays to the wireless gateway/m-RVS for the CoA. At the same time, LRVS1 also creates a tunnel with L-RVS2 to be able to relay messages to the wireless gateway. This additional option allows anticipating the case where L-RVS2 would not be able to relay messages to the wireless gateway without mother network. This is possible by duplicated addresses placed in the LOCATOR parameter of the LU1 message. At reception of the LU1 message, CN uses the LOCATOR parameter and sends a LU2 UPDATE message to each two IP addresses to verify the mobile laboratory new IP address. A LU2 message is sent to L-RVS1 who ignores because having already creates a redirecting tunnel of messages to the wireless gateway/m-SVR International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

via the L-RVS2. Another LU2 message is directly sent to L-RVS2 by CN because one of the two IP addresses is the L-RVS2 one. At the LU2 reception, the LRVS2 uses the contents of LU2 and LU'2 to relay messages to the wireless gateway/m-RVS. If the LRVS2 has the possibility to relay the messages to the wireless gateway without the mother network, then the LU2 message is relayed to the wireless gateway / m-RVS. In this case, the wireless gateway directly responds to CN a LU3 UPDATE message via visitor network without the messages pass through the mother network. If the L-RVS2 can't directly relay the CN messages without intermediary, it relays the LU2 message coming from CN to the L-RVS1 which one responds to CN a LU3 message in order to valid the vID address as the mobile laboratory new address locator. At LU3 message reception, CN is then confirmed of the vID address validity as new mobile laboratory locator and continues the session with the vID mapped to CoA by the L-RVS1 which relays the CN message to the wireless gateway via the tunnel created with L-RVS2. The case is a typical case to the IP mobility.

4. Multihoming in wIGH hypervisor The mobile laboratory multi-homing is possible with the following exchange messages:  The notification to the corresponding node of the list of wIGH locators candidates for locator changing by means of a UPDATE packet containing a parameter LOCATORS.  The association of the new locator with the wIGH global HIT identifier. To inform the CN of a new SA, wIGH sends the old SPI value. CN uses the destination address of the UPDATE message to update an SA. However, CN must check the accessibility of the location address before sending a large amount of data in the mobile laboratory.  The response with an ECHO_REQUEST packet to valid the new locator. Guests must check the accessibility of the IP address before exchanging a large amount of data for this location. For mobile laboratory mobility and multi-homing, SA security associations are created and each of them concerns or links a group of locators. This implementation ensures the IP address change or locator of a session transparently without breaking it, because a sent UPDATE package retains the same SA security association between the two parties. For a group of locators, an SA allows ensuring that the UPDATE packet is authentic and retains the current session with a change of IP address. The UPDATE package informs the new IP address to use for further communication. Thus, wIGH serves as a mixed gateway for the mobile laboratory inner components to the heterogeneous and omnipresent wireless systems. It provides the ability to manage several IP addresses under the same identity (HIT) which is not affected by the IP addresses change. It so offers an uninterrupted session with a change of locator for applications.

5. Conclusion This paper is proposing ways to make sure that the components of a mobile laboratory are always connected to various Internet access points anytime, anywhere and where ubiquitous heterogeneous wireless systems are available. A joint mixture of dynamic International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh

and automatic wireless, heterogeneous and pervasive intercommunication system is then provided to the proposed mobile laboratory. To achieve this goal, a central node wIGH is able to access multiple wireless networks simultaneously and it selects the best network among the wireless networks available nearby. It uses the HIP mechanisms and RVS mechanism for mobility and multihoming of the mobile laboratory. In some future work, the authors will propose an experimental model based on the mobility architecture suggested in this paper.

6. Acknowledgements The authors thank the Canadian Innovation Funds for the support given to set the infrastructure that has allowed them to perform part of the research carried on in this paper and accommodate the doctoral student co-directed in the L@d (Lab at Distance) of LICEF Research Center LICEF. They also thank the Association for the Development of Education in Africa (ADEA) for granting a scholarship that allowed the doctoral student to participate in the conference iCEER 2013 in Marrakesh. They also thank the LTI and LIRT laboratories at “Ecole Superieure Polytechnique de Dakar (Université Cheikh Anta DIOP de Dakar, UCAD)” for their support for this purpose.

References [1]

[2] [3] [4] [5] [6] [7] [8]

[9]

[10]

Ngom I., Saliah-Hassane, H. and Lishou, C., "Mobile Laboratory Model for Next-Generation Heterogeneous Wireless Systems." Internet Accessible Remote Laboratories: Scalable E-Learning Tools for Engineering and Science Disciplines. IGI Global, 2011. pp. 511-528. Perkins, C., "IP Mobility Support for IPv4", RFC 3344, August 2002. Moskowitz, R., Nikander, P., Jokela, P. and Handerson, T., "Host Identity Protocol (HIP) Architecture", RFC 5201, April 2008. Laganier, J. and Egert, L, "Host Identity Protocol (HIP) Rendezvous Extension", RFC 5204, April 2008. Nikander, P., Laganier, J., and F. Dupont, "An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)", RFC 4843, April 2007. P. Nikander P. and Laganier, J., "Host Identity Protocol (HIP) Domain Name System (DNS) Extensions", RFC 5205, April 2008. Iokela, P., Mosxowrrz, R. and Nikander, P., "Using ESP Transport with HIP", RFC 5202, April 2008. Ylitalo, J. Melén, P. Nikander, et al., "Re-thinking Security in IPbased MicroMobility," in Pro. Of the Informational Security Conference (ICS'04), Palo Alto, CA, USA, 2004, pp. 318-29. Muslam, Muhana and Chan, H. Anthony and Ventura, Neco, "Inter-subnet localized mobility support for host identity protocol". EURASIP Journal on Wireless Communications and Networking 2011:55, 2011. Henderson, T., Ed., "End-Host Mobility and Multihoming with the Host Identity Protocol", RFC 5206, April 2008.

International Conference on Engineering Education and Research 2013 1 July - 5 July 2013, Marrakesh