Overview
advertisement
Mobile IP • Why mobile IP? • How mobile IP works – Introduction – Agent discovery/Advertisement – Registration – Routing considerations – Security • Mobility management – Handoff management – Location management • DHCP and mobile IP Original by: Anthony Scalera, H. Nzumafo, D. Wickramasinghe, EL604, Fall 2001; Modified by Prof. M. Veeraraghavan 1 Why Mobile IP? • Increasing variety of mobile devices offer IP connectivity, such as PDAs, handhelds, laptops, and digital cellular phones. • Overcomes technical obstacles of the IP protocol, which was designed for fixed end points. 2 How mobile IP works: Introduction • IPv4 assumes that a node’s address uniquely identifies point of attachment to the Internet • To overcome this limitation and allow for mobility there are two possibilities: – The node could change its IP address whenever it changes its point of attachment along with DNS updates (needed to allow other hosts to reach it) – Host-specific routes could be propagated throughout the Internet routing fabric • Both solutions are often unacceptable so a new scalable mechanism was developed for accommodating node mobility within the Internet 3 Introduction contd. • Applicability – enables nodes to move from one IP subnet to another • Architectural entities – Mobile node – Home agent – Foreign agent 4 Protocol overview • • • • • Agent discovery Registration Tunneling (encapsulation) Routing consideration Security considerations 5 Terminology • • • • • • Care-of address Agent advertisement Correspondent node Foreign network Home address Home network 6 Illustration of terms • Agent advertisement – An advertisement message constructed by typing a special extension to a router advertisement message • Care-of address – The termination point of tunnel toward a mobile node, for datagrams forwarded to the mobile node while it is away from home • Correspondent node – A peer with which a mobile is communicating • Foreign network – Any network other than the mobile node’s Home network • Home address – An IP address that is assigned for an extended period of time to a mobile node. It remains unchanged regardless of where the node is attached to the Internet • Home network – A network having an address prefix matching that of a mobile node’s home address 7 Mechanisms of Mobile IP • Discovering the care-of address • Registering the care-of address • Tunneling to the care-of address 8 Discovering the care-of address • Agent advertisement – Needed for mobile node to discover mobility agent. It is an advertisement message constructed by attaching a special extension to an ICMP router advertisement. • If advertisement not received or needed sooner by mobile a solicitation may be generated. 9 Agent advertisement • Allows for the detection of mobility agents • Lists one or more available care-of addresses • Informs mobile node about special feature provided by foreign agents, for example, alternative encapsulation techniques • Allows mobile nodes to determine the network number and status of their link to the Internet • Allows mobile node to determine whether the agent has the functionality to serve as a HA, a FA or both 10 Agent solicitation • A mobile node may optionally solicit an agent advertisement message from any locally attached mobility agent with an agent solicitation message. • Identical to an ICMP router solicitation with the further restriction that the IP TTL field be set to 1. 11 Mobile IP care-of addresses • A foreign agent care-of address is acquired by a mobile from the broadcast agent advertisement received from an FA. In this mode, the FA is the end of the tunnel and does decapsulation; many mobiles share one care-of address; hence this is the preferred mode • Collocated care-of address is a local IP address acquired directly by the mobile through some means, such as DHCP or owned by mobile as a long-term address for its use only when visiting some foreign network. In this mode, mobile sends registration directly to HA and it is the end of the tunnel, perfoming decapsulation 12 Registering the care-of address - Mobile node sends a registration request with Care-of address information (uses UDP) - HA receives request and adds the necessary info to its routing table - HA approves the request - HA sends reply to mobile node 13 Two types of registration • Via foreign agent – registration sent from mobile to foreign agent. If accepted agent forwards request to HA. List maintained of visited nodes • Directly from mobile to home with a colocated address. Address obtained via DHCP 14 Registration - details • When HA accepts the request it associates the home address of the mobile node with the care-of address • Association maintained until registration lifetime expires • Triplet that contains the home address, care-of address and registration lifetimes is called a binding • A registration request can be considered a binding update sent by the mobile node 15 Tunneling to the care-of-address • IP datagram encapsulated to route packets from home agent to care-of address • Types of encapsulation: – IP in IP – Minimal encapsulation – Generic routing encapsulation (GRE) 16 Tunneling types • IP in IP – An outer IP header is inserted before the datagram’s existing IP header – Protocol number is set to 4 (protocol number for IP) – Source address is the IP address of the encapsulator; tunnel entry point – Destination address is the IP address of the decapsulator (FA or mobile). This is the tunnel exit point. • Minimal encapsulation – Protocol field is 55. – Some of the information of the tunnel header is combined with the information in the inner minimal encapsulation header to reconstitute the original IP header. 17 Example IP packet destined to 123.238.45.134 Corresponent node 1. 2. 3. Router III Agent ad Registration Tunneling Reg. Router I (FA) 128.238.58 Router II (HA) Reg. Encapsulated DG Agent Ad 128.238.45 Mobile Permanent address: 128.238.45.134 Temporary address: 128.238.58.15 Mobile permanent address: 128.238.45.134 18 Mobile IP Agent Advertisement ICMP router advertisement (see icmp.ppt) Agent advertisement extension Type Length Lifetime Sequence number R BH F M G V Rsvd Zero or more care-of addresses Optional prefix length extensions • Type: indicates agent advertisement • Length = 6+4N, where N: number of addresses 19 Fields • Sequence number: count of AA messages sent since agent was initialized • Lifetime: in seconds that this agent is willing to accept a registration request • R: Must register with this foreign agent • B: Busy; this FA will not accept any more registrations • H: this agent offers home agent services • F: this agent offers foreign agent services 20 Fields contd. • M: this agent can receive tunneled IP datagrams that use minimal encapsulation • G: this agent can receive tunneled IP datagrams that use GRE encapsulation • V: this agent support Van Jacobson header compression (RFC 1144) for compressing TCP and IP headers • Care-of-addresses: at least one should be present if F bit is set • Prefix-length extension: shows the number of leading bits that define the network number of the corresponding router address in the ICMP router advertisement part of the message 21 Registration and reply • See textbook or RFC for exact format of messages and fields 22 Routing considerations • Mobile node considerations in routing – Packets destined to mobile node routed to care-of address. Return packets routed directly from mobile node to correspondent node – On foreign network, mobile node chooses default router from among the router addresses in the ICMP advertisement portion of the agent advertisement message. – If using co-located care-of address, choose router address that matches its address network prefix (for the care-of address it obtained) from the set of addresses received in ICMP router advertisements 23 Triangular routing • Triangular routing occurs in Mobile IP between the HA, FA, mobile and correspondent nodes. 24 Figure of triangular routing Packet from Internet Host routed indirectly through HA Inter net Host HA Packets to Internet Host routed OK Encapsulation FA Mobile client 25 FA considerations in routing • FA examines inner destination address of encapsulated datagram and compares it with its visitor list. – If no match exists packet is dropped so as to prevent routing loops. – If match exists datagram is routed to mobile node. 26 HA considerations in routing • HA intercepts all datagrams on the home network destined to the mobile node while mobile is away from home. • HA examines destination address and compares this with any entries in its mobility bindings. • HA tunnels the datagram to mobile node’s current care-of address. In the case of multiple mobility bindings it tunnels to each one. • In the case of no mobility bindings the HA must not intercept the datagrams. The mobile may be assumed to be in the home network. 27 Security considerations • A binding update is sent remotely to the home agent to affect the home agent’s routing table, hence the need for authentication. • Each mobile node must share a security association and be able to use Message Digest 5 (MD5 - RFC 1321) with 128-bit keys to create unforgeable digitally signatures for registration request. • Each registration request must contain unique data so that two different registrations will in practical terms never have the same MD5 hash. • Each registration message contains a special identification field which changes with every new registration. There are two ways to make the identification field unique: – Timestamp – Pseudorandom number 28 Handoff • Move detection – Lifetime expires and no new agent advertisement is received – New agent advertisement does not have a router address whose network prefix matches node’s current care-of-address prefix • Simultanenous bindings – If S bit is set in registration, then priori binding still maintained in home agent and mutiple copies are sent for received IP datagrams – New FA informs the “system” of the move. HA may send deregistration to the old FA. • Comparison to generic approach – No buffering; no connection setup • COS scheme used: Home switch is the COS. 29 Location management • Operations – Move operation performed by mobile sending registrations – Find handled by tunneling from HA to LA • Primary mobility messages – Registrations – Advertisements • Registration messages transported on UDP using port 434. 30 Use of DHCP + mobile IP • If a mobile moves from an AP on one subnet to an AP on another subnet, it can use DHCP to acquire a second IP address, and then register this as a “collocated care-of address” with the router that it was using after it acquired its first IP address (which now becomes its “home”) – The router (home agent) creates a mobility binding between the mobile’s newly acquired address and old address – Since the communication session (say TCP) was started with the old address, packets will continue to arrive with the old address as the destination. The HA will perform encapsulation and tunnel packets to new address. The mobile will perform decapsulation and receive the packets. 31 Separate functions • DHCP server: allocates IP address dynamically • Router specified in DHCP exchange option field: becomes home router for mobile • Foreign agent: sends agent advertisements, receives registrations, etc. • Router specified in agent advertisements: chosen as default router by mobile 32 References • Chapter 12 of class textbook – See appendix 12A for ICMP • Mobile IP design principles and practices – By Charles E. Perkins • Mobile networking through Mobile IP – (http://www,computer.org/internet/v2n1/perkins.htm) • Mobile IP (RFC 2002) 33
