370 likes | 384 Views
Mobile IP. Outline. What is the problem at the routing layer when Internet hosts move?! Can the problem be solved? What is the standard solution? – mobile IP What are the problems with the solution? Other approaches?. Internet hosts & Mobility.
E N D
Outline • What is the problem at the routing layer when Internet hosts move?! • Can the problem be solved? • What is the standard solution? – mobile IP • What are the problems with the solution? • Other approaches?
Internet hosts & Mobility • Wireless networking – allows Internet users to become mobile • As users move, they have to be handed over from one coverage area to another (since the coverage areas of access points are finite) … • Ongoing connections need to be maintained as the user moves …
Problems? • What are the problems? • The IP address associated with a mobile host is network dependent! • When user connects to another network, IP address needs to change • Packets belonging to ongoing connections somehow need to be delivered to the mobile host
Problems (Contd.)? • What are the options? • Make IP address host specific instead of network specific – obvious pitfalls? • Change IP address of host and start using the new IP address in the subsequent packets belonging to the connections
Intuitive Solution • Take up the analogy of you moving from one apartment to another • What do you do? • Leave a forwarding address with your old post-office! • The old post-office forwards mails to your new post-office, which then forwards them to you
Mobile IP Basics • Same as the post-office analogy • Two other entities – home agent (old post-office), foreign agent (new post-office) • Mobile host registers with home agent the new location • Home agent captures packets meant for mobile host, and forwards it to the foreign agent, which then delivers it to the mobile host
HA MH MH SH FA Reverse path? • Same as in the post-office analogy • Packets originating from the mobile host go directly to the static corresponding host … • Hence the name • triangular routing
Mobile IP Entities • Mobile host • Corresponding host • Home address • Care-of address • Home agent • Foreign agent
Mobile IP in detail … • Combination of 3 separable mechanisms: • Discovering the care-of address • Registering the care-of address • Tunneling to the care-of address
Discovering the care-of address • Discovery process built on top of an existing standard protocol: router advertisement (RFC 1256) • Router advertisements extended to carry available care-of addresses called: agent advertisements • Foreign agents (and home agents) send agent advertisements periodically • A mobile host can choose not to wait for an advertisement, and issue a solicitation message
Agent advertisements • Foreign agents send advertisements to advertise available care-of addresses • Home agents send advertisements to make themselves known • Mobile hosts can issue agent solicitations to actively seek information • If mobile host has not heard from a foreign agent its current care-of address belongs to, it seeks for another care-of address
Registering the Care-of Address • Once mobile host receives care-of address, it registers it with the home agent • A registration request is first sent to the home agent (through the foreign agent) • Home agent then approves the request and sends a registration reply back to the mobile host • Security?
Registration Authentication • Mobile IP requires the home agent and mobile host to share a security association • MD5 with 128-bit keys to create digital signatures for registration requests to be used (registration message & header used for creating signature) • Any problems? – replay attacks • Solved by using an unique message identifier (timestamp or pseudorandom number)
Foreign Agent Security? • No foreign agent authentication required • Foreign agent can potentially discard data once registration happens • However, the problem is same as in unauthenticated route advertisements (RFC 1256) in the wireline context
Home agent discovery • If the mobile host is unable to communicate with the home agent, a home agent discovery message is used • The message is sent as a broadcast to the home agents in the home network
Tunneling to the Care-of address • When home agent receives packets addressed to mobile host, it forwards packets to the care-of address • How does it forward it? - encapsulation • The default encapsulation mechanism that must be supported by all mobility agents using mobile IP is IP-within-IP (RFC 2003) • Using IP-within-IP, home agent inserts a new IP header in front of the IP header of any datagram
Tunneling (contd.) • Destination address set to the care-of address • Source address set to the home agent’s address • Tunnel header uses 4 for higher protocol id – this ensures that IP after stripping out the first header, processes the packet again • Tunnel header of 55 used if IP minimal encapsulation used (RFC 2004)
Recap • Host mobility and Internet addresses • Post-office analogy • Home agent, foreign agent, care-of address, home address • Registration and Tunneling • IPv6 and Mobility support …
Recap • Host mobility and Internet addresses • Post-office analogy • Home agent, foreign agent, care-of address, home address • Registration and Tunneling • IPv6 and Mobility support …
Mobile IP Basic Operation • Entities • Mobile host, home agent, foreign agent, corresponding host • Discovering Care-of Addresses • Agent advertisements • Registering Care-of Address • Security • Tunneling to Care-of Address • IP-within-IP encapsulation
Mobile IP Problems? • Triangular routing overhead • What is the worst case scenario? • Registration latency and associated problems • Ingress filtering and consequences • Infrastructure required for mobile IP support? • Firewalls
Mobile IP Optimizations • Route optimization • Smooth hand-offs
Route Optimizations • Enable direct notification of the corresponding host • Direct tunneling from the corresponding host to the mobile host • Binding cache maintained at corresponding host • Management of cache not stipulated (e.g. least used entry replacement)
Route optimizations (contd.) • 4 types of messages • Binding update • Binding request • Binding warning • Binding acknowledge
Binding Update • When a home agent receives a packet to be tunneled to a mobile host, it sends a binding update message to the corresponding host • When a home agent receives a binding request message, it replies with a binding update message • Also used in the the smooth-handoffs optimization
Binding Update (Contd.) • Corresponding host caches binding and uses it for tunneling subsequent packets • Lifetime of binding? • Corresponding host that perceives a near-expiry can choose to ask for a binding confirmation using the binding request message • Home agent can choose to ask for an acknowledgement to which a corresponding host has to reply with a binding ack message
Binding update (problem?) • What happens when a mobile host moves?
Binding warning • When a foreign agent receives a tunneled message, but sees no visitor entry for the mobile host, it generates a binding warning message to the appropriate home agent • When a home agent receives a warning, it issues an update message to the corresponding host • What if the foreign agent does not have the home agent address (why?) ?
BU BW BR BA BW Illustration Home Agent Foreign Agent Corresponding Host Mobile Host
Smooth Hand-offs • When a mobile host moves from one foreign agent to another … • Packets in flight to the old FA are lost and are expected to be recovered through higher layer protocols (e.g. TCP) • How can these packets be saved?
Smooth Hand-offs • Make previous FA forward packets to the new FA • Send binding updates to the old FA through the new FA • Such forwarding will be done for a pre-specified amount of time (registration lifetime) • Update can also help old FA free any reserved resources immediately • Why better?
Mobile IP in IPv6 • Route optimization and smooth hand-offs used in IPv6 mobility • Binding updates easier since IPv6 supports destination caches at sources • IPv6 security inherently stronger than in IPv4. Hence, no explicit security mechanisms needed for mobile IP • Source routing to be used instead of encapsulation (why?)
Recap • Mobile IP problems • Mobile IP Optimizations • Mobility support in IPv6
Puzzle • Power drill • Power drill that drills square holes?! • What would the cross-section of the power drill look like?