Evolving from Internet to IDN

The advanced research projects agency network (ARPAnet) developed by the US Department of Defense was the world’s first Internet. Today, it uses TCP/IP to connect a large number of computers and networks. The main design concept of ARPAnet and TCP/IP is to establish a network without a core so that when one part of the network fails, the remaining part can automatically choose an alternative route to ensure smooth connection. TCP/IP also supports interconnection of heterogeneous networks. The Internet now not only encompasses conventional wired computer networks, it also extends to mobile telecom networks. 

The booming number of applications is a great challenge to the Internet in terms of

● mobility. Internet and TCP/IP architecture was originally designed at a time when there were no mobile networks. Mobility of IP terminals is now a great challenge for upper-layer services. The root of mobility issues is the dual role of an IP address; it is both the identifier and locator of an IP terminal. A telephone number in a PSTN is only the subscriber’s identifier.

● security. In the early years of Internet growth, there were few malevolent users who attacked network devices. Therefore, there was not much importance attached to network security. Unlike the Internet, PSTN available to public access is well protected against malicious attacks.

● proliferation of routing capacity. ARPAnet designers never envisioned the Internet would grow into what it is today, nor did they expect that the bulky routing table would become a huge burden to router CPUs.

Only when these challenges have been resolved can Internet be a greater success. An identifier network (IDN) is one of the best systems to meet these challenges.

Mobility

PSTN uses a telephone number as a subscriber identifier. Various telecom services and billing systems differentiate subscribers according to their telephone numbers. A telephone number is only a logical identifier of a subscriber, and a physical port number on the subscriber line board is actually the physical location of the subscriber. An OAM staff member associates the physical port number with the telephone number and stores it in the database. During service deployment, the infrastructure network completes service addressing. The infrastructure network can find a subscriber’s physical location by using his telephone number or search a subscriber’s telephone number using his physical location. Therefore, in principle, a subscriber’s telephone number is portable when he moves to another place or changes to another operator.

However, an IP address in the Internet and TCP/IP architecture serves dual roles. It can be used as an identifier to address a specific host or as a locator to specify a user location. When moving to another place or another network segment, a user must change the IP address to a new one. It is therefore necessary to re-establish the TCP and UDP paths based on the source and destination IP addresses as well as the source and destination port numbers. All services carried over TCP and UDP are interrupted during the change of IP addresses. Services that identify subscribers with IP addresses are interrupted and need to be redelivered.

Currently, there are some technologies, including mobile IP, that can remedy defects in Internet mobility; however, these technologies cannot be widely deployed because they have minor improvements and bring about a new problem called triangle routing.

IDN, however, is considered a breakthrough in Internet mobility. The basic concept of IDN is to separate the user identifier from the locator. A user or host is assigned two roles: identifier and locator. The identifier does not change as the host moves to a different location. The locator changes as the host moves, but it is only used for network addressing instead of identifying the host or user. Services on the TCP path, UDP path, and network all use the identifier and are not affected by the host changing location. When a host with an identifier accesses the network, related access devices assign a correct locator to the host and associate the locator with the identifier.

Network elements (NEs) are logically divided into hosts, mapping server, and border gateways (BGs). Hosts can be identified by identifiers or locators. Identifiers are used to identify communication peers for end-to-end communication, and locators are used to identify current host locations for packet-forward routing. To maintain compatibility with the Internet, both host and mapping identifiers use IPv4 or IPv6. The mapping server stores mapping relationships between host identifiers and locators.

The identifiers remain unchanged as host subscription information. BGs assign locators to hosts based on their locations. Working in collaboration with the mapping server, BGs update in real-time the mapping relationships between host identifiers and locators stored in the mapping server.

When host 1 sends a communication request to host 2, BG 1 looks up the locator of host 2 in the mapping server based on the identifier of host 2 and stores the lookup result into its mapping-route table. BG 1 updates the identifier/locator mapping information of host 2 in real-time and uses the mapping-route table for packet encapsulation, routing, and forwarding. After receiving encapsulated packets from BG 1, BG 3 decapsulates them and sends the decapsulated locators to a communication peer.

When a host changes its location, a BG registers its new location on the mapping server and notifies the communication peer so that they can communicate using the new locator.

Security

Security threats also pose a great challenge to Internet growth. Network security involves device security and information traceability.

The current Internet does not technically separate the service layer from the bearer layer. The bearer layer is available to public access and therefore is vulnerable to malicious attacks such as network password theft and network saturation attack against protocol ports. PSTN, however, separates users from the bearer layer and makes bearer entities, such as trunk lines and signaling networks, inaccessible to telephone users. Similar to PSTN, IDN roots out the possibility for common users to attack network devices by separating users from the bearer layer. Common users cannot have peer-to-peer IP communications with core network devices nor obtain their IP addresses by tracing routes.

Because of the lack of a unified Internet identifier management system and the constant changes of managed-object identifiers, security management measures are passive and lagging behind the Internet’s growth. Adopting dynamic address allocation or a private network with NAT because of IP address shortage in the IPv4 environment makes it difficult to trace security events. However, IPv6 can assign a fixed identifier to each host. This helps improve network information credibility. Leveraging openness, simplicity, and information sharing, IPv6 is expected to establish a sound security guarantee system that can authenticate and trace network information, improve accuracy and real-time network management, and implement reliable, integrated management of networks, services, and users.

Growth of the Internet calls for a unified identifier management system to separate identifiers from locators so that Internet infrastructure can better support service correlation, enhance network security, and isolate networks from applications.

Proliferation of Routing Capacity

With the increasing number of network users and autonomous systems, the number of IPv4 routes has reached 300,000. Although IPv6 can expand IP address space, the cause for routing table expansion has not yet changed fundamentally, and routing tables will continue to grow. According to real-time network statistics, the convergence time of border gateway protocol lasts for 15 minutes during the route update because of routing table expansion. A lot of packet loss and routing oscillations occur before the convergence. An oversized routing table results in a heavy load on routers, decreases convergence speed of the backbone router, and increases convergence frequency. Because of these, the network is unstable.

In IDN, a host identifier is not used for addressing in the core network and is unavailable to other devices except border gateways. The subnet route where the identifier is located is not listed in the routing table. Location information is used for addressing. The location information is only correlated with a limited number of border gateways, so the number of routing tables in IDN is at least three orders of magnitude less than that in the Internet.

With the development of 3G and 4G, a network can deliver data rates up to a few or even tens of megabits per second to a single wireless user. Mobile services are becoming the biggest driver of Internet growth, and mobile networks are evolving from mobile access networks to mobile Internet. IDN that accommodates mobile Internet demands will further fuel the evolution. Feature-rich services and hundreds of millions of existing terminals are valuable for booming Internet growth and also a major focus of innovative technical solutions. IDN can be widely applied in different scenarios because it accommodates the constraints of the Internet at different evolutionary stages, supports interoperation and coexistence with existing mainstream technologies, and allows smooth evolution. IPv6 and LTE will dramatically change Internet user groups and applications and will enhance mobile Internet. This is also an unprecedented opportunity for IDN.