In this section we discuss HA deployment options in CDMA2000 core networking as well as its impact on MVPN offerings and architecture. We start with an analysis of HA allocation in the network relative to the PDSN, then continue with a description of dynamic HA allocation option. Finally, we discuss the importance of a fault-tolerant HA in the CDMA2000 core network.
The problem of HA allocation in the operator's network is somewhat related to dynamic HA allocation addressed later in the chapter. You'll recall from Chapter 4 that by definition a PDSN must cover a certain geographical region, while an HA, representing MS home network, serves as an anchor point for the data session. PDSNs serve both homing and roaming users who are currently in a particular network or region, while the HA always serves the same set of provisioned users regardless of whether those users are attached to their home network or roaming far away from it. In this respect, there are two main HA allocation scenarios to be considered: collocated HA and centrally located HA.
In the collocated HA allocation scenario, there are more than one HA locations in the network. Since all Mobile IP user traffic (at least on the uplink) must pass through PDSN/HA pairs, the quantities of PDSN and HA ports provisioned in the systems should be very close—especially if the private HA VPN access method is implemented. Often these functionalities will be supported in the same or similar platforms, so it makes for good economies of scale to collocate, or cluster, them in some selected geographical locations, like regional data centers.
The main advantage of this approach lies in the ability to dynamically reprovision local PDSN/HA clusters if the customer mix—that is, the roaming versus homing mobile ratio—changes. For example, during a trade show or any other professional event gathering large groups of users with mobiles assigned to HAs serving other geographical locations, more mobile users than usual will have to be served by local PDSNs, which would have to tunnel traffic to HAs around the world. To address this situation, carriers deploying collocated HAs will be able to easily reprovision local PDSN/ HA clusters for more PDSN capacity. When the event is over, the cluster can be changed back to the usual ratios.
Another advantage of this approach is for the carriers expecting to serve large numbers of stationary users in different locales of the country, such as wireless carriers competing with local telcos for the wireline local and long-distance phone markets. Since there is not much mobility in such networks, the users usually stay within the regions served by local HAs, allowing operators to minimize the use of their backhaul network. Similar levels of backhaul optimization will be achieved for the networks with the majority of highly mobile roaming users when dynamic HA allocation is available, thereby sidestepping the problem of triangular routing.
Finally, when collocated HAs are used, each PDSN/HA cluster can more efficiently utilize its address management capabilities by being able to allocate IP addresses to the MSs from the pools of IP addresses provisioned locally. While some inefficiency may result because of the disjoint IP address pools, the size and scale of the PDSN/HAs should be sufficient to guarantee good average-case utilization. Private addresses and NAT may also help alleviate concerns about address space.
In the centrally located HA scenario, the HAs serving all Mobile IP users in the network are located in a single data center. This solution bears some advantages (in the absence of dynamic HA allocation, see the section "Dynamic HA Allocation" coming up in the chapter), especially for the operators serving the users, a majority of whom are highly mobile and often change their PDSNs, and must therefore be terminated back at their original HA. Single HA data centers provide greater ease of management, including provisioning, maintenance, and upgrade, for operators. In addition, since spare resources and backups are shared better at a centralized location than at distributed sites, disaster recovery is potentially easier than with a collocated HA solution. Another advantage is the greater possibility to provide HA load balancing that includes all of the HA's capacity in the network, as opposed to small-scale load balancing within only the local HA cluster in the collocated HA model.
The centrally located HA option might appeal to those operators wanting a centralized location to hold and manage a pool of IP addresses for networkwide assignment to mobile users to utilize them more efficiently.
HA reliability becomes especially important in the centrally located HA model, and therefore its implications must be considered in a separate subsection. An MS can be served by any available local PDSN. In case of PDSN failure, the MS behaves similarly to the event of PDSN relocation by sending messages soliciting advertisements until a standby PDSN comes into service. Both voluntary and compulsory tunnels are not be affected by this event—provided that the inactivity timer and other parameters of the MS are properly configured. Therefore, the PDSN failure may not be a catastrophic event and may be gracefully resolved, thanks to the properties of Mobile IP.
The effects of HA failure on the MS—in both public and private HA VPN scenarios—are more profound and can have devastating consequences for MS data connectivity. In CDMA2000, each Mobile IP MS is programmed to access only one specific HA. This means that if the HA provisioned with the IP addresses of a certain MS group failed, all of the MSs associated with this HA will not be able to receive packet data service. To remedy this situation, the HA platform must therefore include both extensive internal and inter-chassis failover options, which would, for example, automatically associate the IP addresses provisioned in the failed HA to another hardware element within the local HA cluster.
This high-level overview of HA allocation options and reliability shows that there is no compelling reason for a carrier to adopt one model over the other, since both models have their fair share of advantages and constraints. We believe that real-world private HA deployment models should include both, which would provide CDMA2000 operators with a variety of options and allow them to flexibly and dynamically allocate their core networking resources as business conditions change.
Our previous discussion was based on the assumption that the Home Agent in the CDMA2000 core network can only be provisioned statically. This was done mainly because of the current status of dynamic HA allocation standardization, which as of today is not completed. Standard groups such as IETF, 3GPP2, and TIA are currently working on extending the CDMA2000 core network standards framework beyond those in the current IETF RFCs by adding support for dynamic configuration of a mobile node's home address (see Appendix A) or the HA itself.
In the current architecture the MS is hard-coded with the address of a particular HA, which is included it in its registration request during the PDSN signup procedure. A static HA is simpler to support, because the HA IP address is configured into the mobile node and a static shared secret can be used for the MN-HA authentication extension. However, a dynamically assigned HA, collocated or located near a PDSN, can provide for significant optimization of operation because of greater service availability and more optimal routes in the case where a MS is roaming far enough from its home network to make backhaul expenses substantial (for example, data from a PDSN in Alaska would not have to be shipped to and from an HA in Texas every time the user wants to read a few emails from a mail server located in Seattle, if the HA was possibly dynamically assigned to a home agent nearby). In addition, dynamically assigned HAs address the problem of triangular routing, mentioned earlier.
While certainly desirable, this feature requires a complex security arrangement, which is why the standardization of this option is taking such a long time. Let's look at what is involved in supporting secure dynamic HA allocation in a CDMA2000 core network. Figure 7.8, based on current standards drafts, details the steps necessary to dynamically allocate an HA.
Dynamic HA establishment requires a development of a shared secret between the MS and HA so that subsequent mobility registrations can be authenticated as the MS changes PDSNs. In the case of dynamic HA allocation, the address of the HA is determined by an AAA server and not by the MIP RRQ (Mobile IP Registration Request), as is the case with static HA assignment. A home AAA server dynamically allocates an HA in a service provider's or remote private network and returns its address to a visited AAA server and PDSN, along with dynamically distributed MN-HA shared secrets to both the MS and HA for later authentication. These secrets are cryptographically protected by the AAA network in transit. The PDSN then returns these values to the MS, which begins to use its new home address.
To support dynamic allocation of a home address, the MS must supply an NAI in its Mobile IP Registration Request. This is a unique name of the form user@domain that identifies the user who is requesting service from the network. It acts as an identifier and is not associated with the IP address of the underlying device. The NAI enables the serving network to find the home network (possibly located in a private network) via an AAA infrastructure. Using the Mobile IP Challenge/Response extensions, the user's credentials may be authenticated by the home domain. Once the user is authenticated and is authorized to receive service on the visited network, the MS can register with the HA. Because an NAI and not a home IP address appears in the registration request, the home agent may then allocate a home address for the mobile node and return it in the registration response.
The next release of [IS835] will include a dynamic HA assignment feature with dynamic distribution of keys from the home AAA server to the HA. This assumes that HAs are always allocated in the home network and have security associations with the home AAA server. [IS835] C3 will also define a new RADIUS-based mechanism for the HA to query the home RADIUS AAA server for the key, after it has been allocated and after it receives the registration request from the mobile node. Normal operation would be for the mobile to deregister with the HA when it is about to disappear from the CDMA2000 packet data network. If the mobile disappears temporarily and reappears at another PDSN, the MS will be forced to renegotiate PPP and reregister with the same HA. If this reregistration does not happen, the Mobile IP binding will exist on the HA until the Mobile IP lifetime expires and the HA resources are freed.
Triangular routing happens when packets have to (potentially) traverse the wide-area Internet twice, once on their way from correspondent node to HA and again from the HA to the PDSN.