1 / 12

HA initiated bootstrap for MIP6

HA initiated bootstrap for MIP6. Qin Li liqin@cse.buaa.edu.cn Hui Deng hdeng@hitachi.cn. Motivation. Problem found: HA Reliability Notification sent from a new HA other than current HA Solution and conclusion: we need HA initiated Bootstrap. Related Solution. 1) [ID.jfaizan-mipv6-vhar]

lolita
Download Presentation

HA initiated bootstrap for MIP6

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. HA initiated bootstrap for MIP6 Qin Li liqin@cse.buaa.edu.cn Hui Deng hdeng@hitachi.cn

  2. Motivation • Problem found: HA Reliability • Notification sent from a new HA other than current HA • Solution and conclusion: we need HA initiated Bootstrap

  3. Related Solution • 1) [ID.jfaizan-mipv6-vhar] • SAD synchronization between multiple HAs Problem • Some fields in SA will change per packet • Hard to maintain consistency • 2) [ID.devarapalli-mip6-nemo-local-haha] • Using IKE to negotiate IPsec Problem • Src and dest addr of new SA will be MN’s CoA & new HA’s address (not HoA) • Another IKE is needed to complete the bootstrapping

  4. Protocol Operation +----+ +----+ +-----+ | MN | | HA | | DNS | +----+ +----+ +-----+ IKEv2 exchange (HoA configuration) <====================== ======================> HAS message <----------------------- BU (DNS update option) -----------------------> DNS update <-------------------> BA (DNS update option) <-----------------------

  5. Scenario of our solution could be used1) Reliability • When a MN lost its current HA due to failure or other reasons • It could be slow for the MN to detect the failure • Backup HA could detect the failure in time • The Backup HA need to initiated the bootstrap for MN • Without HA initiated bootstrap • MN may not restore mobility in a short time

  6. Scenario of our solution could be used2) Home Agent assignment • HA assignment based on • User profile • Dynamic load state of HAs • A1, B1 is MN initiated bootstrap • A4, B3 is HA initiated bootstrap a1 a2 b1 HA1 HA1 b2 MN AAA MN HA2 HA2 a3 a4 b3

  7. Next Step • WG item?

  8. Appendix

  9. IKEv2 Exchange – Auth Home Agent Mobile Node ---------- ----------- HDR, SAi1, KEi, Ni --> <-- HDR, SAr1, KEr, Nr, [CERTREQ] HDR, SK {IDi, [CERT,] [CERTREQ,] [IDr,] AUTH, SAi2, TSi, TSr} --> <-- HDR, SK {IDr, [CERT,] AUTH, SAr2, TSi, TSr} • Home Agent MUST includes its identity in the IDi payload • Mobile Node MUST includes its identity in the IDr payload • When IKE_AUTH exchange completes, the Home Agent MUST initiate CREATE_CHILD_SA messages

  10. IKEv2 Exchange – Child SA Home Agent Mobile Node ---------- ----------- HDR, SK {[N], SA, Ni, [KEi], [TSi, TSr]} --> <-- HDR, SK {SA, Nr, [KEr], [TSi, TSr]} • Home agent MUST set the TSr payload to the mobile node's home address

  11. HoA Configuration Home Agent Mobile Node ---------- ----------- HDR, SK {IDi, [CERT,] [CERTREQ,] [IDr,] AUTH, CP(CFG_REPLY), SAi2, TSi, TSr} --> <-- HDR, SK {IDr, [CERT,] AUTH, SAr2, TSi, TSr} • an unsolicited CFG_REPLY payload with INTERNAL_IP6_ADDRESS is included in the IKE_AUTH

  12. Modified Home Agent Switch Message 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |# of Addresses |B| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + . . . Home Agent Addresses . . . + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + . . . Mobility options . . . + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

More Related