Hi Fred, Can this scenario not be realized by simply placing an HA in the enterprise network and using Mobile IP?
Alper On Sep 3, 2014, at 7:37 PM, Templin, Fred L wrote: > Hi, > > The specific passage from the new draft that I wanted the wg to > see is the following (with references to AERO removed). Please > review and send questions or comments. > > Thanks - Fred > [email protected] > > --- > > 3. A Day in the Life of an Enterprise Mobile Device User > > An enterprise network mobile device user ("Bill") begins his workday > by seating his primary end user device (EUD) (e.g., a laptop computer, > a tablet, a smart phone, etc.) in a docking station at his office desk > and turning the device on. The docking station connects Bill's EUD to > the enterprise wired LAN, and the EUD receives a Topologically-Fixed > Address (TFA) from the infrastructure. Bill's EUD further discovers > the DMM service within the enterprise network and requests a Topology > Independent Prefix (TIP)delegation. Bill's EUD receives the same TIP > delegation it gets every time it connects to the enterprise network, > because the DMM service has an administratively set mapping between > the TIP and Bill's EUD device ID. > > Bill's EUD can then access topologically-fixed enterprise services > using its TFA directly, and can access DMM services by using an > address from its TIP as the source address for tunneling over the > enterprise network. As Bill's workday unfolds, his EUD uses the DMM > service to correspond with other EUDs in peer-to-peer sessions, join > lengthy virtual conferencing sessions, access enterprise fileshares, > etc. The DMM service ensures that optimal routes are maintained so > that tunneled communications flow over direct paths and network > infrastructure elements are not unnecessarily over-burdened. > > While communications sessions such as the video conference are still > in progress, Bill leaves the office to attend a meeting in a nearby > conference room. He disconnects his EUD from the docking station and > in the process drops his connection to the wired LAN. The EUD > quickly enables a WiFi interface that searches for a Service Set > Identifier (SSID) that can provide wireless access within the > enterprise network. The EUD authenticates itself to the network via > the SSID using its pre-loaded certificates, and uses a securing > mechanism such as IEEE 802.1x to assure Confidentiality, Integrity > and Availability (CIA). The EUD receives a new TFA from the network, > then communicates its new TIP-to-TFA association to the DMM service > and any active peer correspondents. Any ongoing communications > sessions will continue to see the same (stable) TIP. > > Bill then leaves the enterprise campus to attend an off-site customer > meeting with his EUD still powered on and actively seeking to > maintain network connectivity. As Bill departs from the building, > the WiFi signal fades until it can no longer support communications, > and the EUD quickly enables a 4G cellular wireless interface that > connects Bill's EUD to a cellular service provider. The EUD then > locates the Internet address of an enterprise network security > gateway and initiates a VPN session with the gateway (which also acts > participates in the DMM service). The DMM service updates the routing > system, and Bill can continue to use the same TIP that was assigned > to his EUD when he started his workday even though the EUD is now > communicating over a VPN configured over the public Internet instead > of over the secured campus LAN. > > Bill subsequently arrives at the customer meeting at a public > restaurant with a WiFi hotspot. His EUD quickly powers up its WiFi > interface and powers down the 4G interface. The EUD uses DMM > signaling to communicate the new TFA to the security gateway and the > VPN survives the mobility event. Moreover, the EUD can continue to > use the same TIP it received at the beginning of the workday, and > ongoing communication sessions can continue until Bill explicitly > discontinues them. > > After the customer meeting, Bill leaves the restaurant and > subsequently passes through several additional transitions from WiFi > hotspots to 4G wireless. Again, the DMM service keeps the VPN > session alive, and the TIP assigned to the EUD remains in continuous > use in active communication sessions as well as to allow Bill to > receive notifications and process urgent requests. When Bill returns > to his office, the EUD discontinues use of the VPN while keeping its > TIP active after re-attaching to the campus LAN. > > Bill ends his workday, powers down his EUD and returns home. Bill > powers on his EUD to check e-mails, and connects to the enterprise > network via a VPN configured over his home ISP service. The EUD > again receives the same TIP that it used within the enterprise > network domain, and Bill can access DMM services the same as if he > was in the office. Bill finally shuts down for the evening, and > begins his next workday in the same fashion. Again, the EUD receives > the same TIP as always regardless of the access network point of > connection over which the EUD enters the enterprise. > >> -----Original Message----- >> From: dmm [mailto:[email protected]] On Behalf Of Templin, Fred L >> Sent: Tuesday, September 02, 2014 11:05 AM >> To: [email protected] >> Subject: [DMM] FW: I-D Action: draft-templin-aeroent-00.txt >> >> Hello, >> >> During the call today, there was some interest expressed in learning >> more about the enterprise network mobility use case. I have submitted >> a new brief document called "AERO Enterprise Network Profile" (below) >> that provides a discussion of distributed mobility management needs >> for enterprise networks. Although the document specifically cites AERO, >> the use case applies to any solution alternative that could meet the >> requirements. Also, I am not asking this document be considered as a >> dmm wg item at this time, but rather offering it for informational >> purposes. Please let me know if there are any questions or comments. >> >> Thanks - Fred >> [email protected] >> >> -----Original Message----- >> From: I-D-Announce [mailto:[email protected]] On Behalf Of >> [email protected] >> Sent: Tuesday, September 02, 2014 10:51 AM >> To: [email protected] >> Subject: I-D Action: draft-templin-aeroent-00.txt >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> >> >> Title : AERO Enterprise Network Profile >> Author : Fred L. Templin >> Filename : draft-templin-aeroent-00.txt >> Pages : 12 >> Date : 2014-09-02 >> >> Abstract: >> Enterprise networks provide a secured data communications >> infrastructure built for the purpose of information sharing and >> increased productivity for end users within the organization. >> Enterprise networks are often organized as private Internets unto >> themselves that connect to the global Internet either not at all or >> via firewalls, proxies, and/or other network securing devices. This >> document discusses an AERO enterprise network profile that outlines >> new and more flexible methods for connecting, tracking and managing >> mobile organizational assets. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-templin-aeroent/ >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-templin-aeroent-00 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> I-D-Announce mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/i-d-announce >> Internet-Draft directories: http://www.ietf.org/shadow.html >> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt >> >> _______________________________________________ >> dmm mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dmm > > _______________________________________________ > dmm mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmm _______________________________________________ dmm mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmm
