IP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP



Similar documents
Mobile Routing. When a host moves, its point of attachment in the network changes. This is called a handoff.

Wireless Networks: Network Protocols/Mobile IP

Tomás P. de Miguel DIT-UPM. dit UPM

Mobile Communications Chapter 8: Network Protocols/Mobile IP

6 Mobility Management

Mobile IP Part I: IPv4

Mobility Management 嚴 力 行 高 雄 大 學 資 工 系

Mobile IP. Bheemarjuna Reddy Tamma IIT Hyderabad. Source: Slides of Charlie Perkins and Geert Heijenk on Mobile IP

Mobility on IPv6 Networks

Dedication Preface 1. The Age of IPv6 1.1 INTRODUCTION 1.2 PROTOCOL STACK 1.3 CONCLUSIONS 2. Protocol Architecture 2.1 INTRODUCTION 2.

This chapter covers the following topics: Characteristics of roaming Layer 2 roaming Layer 3 roaming and an introduction to Mobile IP

Chapter 9. IP Secure

Computer Networks. Wireless and Mobile Networks. László Böszörményi Computer Networks Mobile - 1

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Implementing DHCPv6 on an IPv6 network

TCP and Wireless Networks Classical Approaches Optimizations TCP for 2.5G/3G Systems. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

Introduction to IP v6

SURVEY ON MOBILITY MANAGEMENT PROTOCOLS FOR IPv6

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

Network Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF

An Active Network Based Hierarchical Mobile Internet Protocol Version 6 Framework

Mobility Management in DECT/IPv6 Networks

Telecommunication Services Engineering (TSE) Lab. Chapter III 4G Long Term Evolution (LTE) and Evolved Packet Core (EPC)

Internetworking. Problem: There is more than one network (heterogeneity & scale)

IPv6 mobility and ad hoc network mobility overview report

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

EE6390. Fall Research Report. Mobile IP in General Packet Radio System

IP address format: Dotted decimal notation:

IPv6 Advantages. Yanick Pouffary.

Introducing Reliability and Load Balancing in Mobile IPv6 based Networks

A Study on Mobile IPv6 Based Mobility Management Architecture

SERVICE DISCOVERY AND MOBILITY MANAGEMENT

Ethernet. Ethernet. Network Devices

Introduction to Mobile IPv6

Definition. A Historical Example

Static and Dynamic Network Configuration

REDUCING PACKET OVERHEAD IN MOBILE IPV6

Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol

G.Vijaya kumar et al, Int. J. Comp. Tech. Appl., Vol 2 (5),

MPLS VPN in Cellular Mobile IPv6 Architectures(04##017)

8.2 The Internet Protocol

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Security issues with Mobile IP

Getting started with IPv6 on Linux

Network layer: Overview. Network layer functions IP Routing and forwarding

IP - The Internet Protocol

Internet Protocol Version 6 (IPv6)

Multicasting with Mobile IP & The Session Initiation Protocol

Address Resolution Protocol (ARP), Reverse ARP, Internet Protocol (IP)

CS268 Exam Solutions. 1) End-to-End (20 pts)

IP-based Mobility Management for a Distributed Radio Access Network Architecture. helmut.becker@siemens.com

Transport and Network Layer

Chapter 12 Supporting Network Address Translation (NAT)

21.4 Network Address Translation (NAT) NAT concept

What communication protocols are used to discover Tesira servers on a network?

Administrivia. CSMA/CA: Recap. Mobility Management. Mobility Management. Channel Partitioning, Random Access and Scheduling

ProCurve Networking IPv6 The Next Generation of Networking

MOBILE VIDEO WITH MOBILE IPv6

Designing a Wireless Broadband IP System with QoS Guarantees

Dissertation Title: SOCKS5-based Firewall Support For UDP-based Application. Author: Fung, King Pong

Firewalls und IPv6 worauf Sie achten müssen!

IPv6 Fundamentals Ch t ap 1 er I : ntroducti ti t on I o P IPv6 Copyright Cisco Academy Yannis Xydas

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

IP Address Classes (Some are Obsolete) Computer Networking. Important Concepts. Subnetting Lecture 8 IP Addressing & Packets

ETSI TS V8.9.0 ( )

Firewall Implementation

CS 5480/6480: Computer Networks Spring 2012 Homework 4 Solutions Due by 1:25 PM on April 11 th 2012

Technology Brief IPv6 White Paper.

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Network Security TCP/IP Refresher

2. IP Networks, IP Hosts and IP Ports

Infrastructure-less networks

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Lecture Computer Networks

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

Internet, Part 2. 1) Session Initiating Protocol (SIP) 2) Quality of Service (QoS) support. 3) Mobility aspects (terminal vs. personal mobility)

IP addressing and forwarding Network layer

Performance Evaluation for Mobility Management Protocols in Cellular IP and Hawaii Mobile Networks

VoIP with SIP. Session Initiation Protocol RFC-3261/RFC

Internet Peering, IPv6, and NATs. Mike Freedman V Networks

Review: Lecture 1 - Internet History

Approaches to Multicast over Firewalls: an Analysis

Transcription:

IP and Mobility Chapter 2 Technical Basics: Layer Methods for Medium Access: Layer 2 Chapter Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Telecommunication Networks: GSM, GPRS, UMTS Chapter 4 Mobility on the network layer Mobility on the transport layer Mobility support on the application layer Network Layer Mobile IP Routing in Ad-Hoc Networks Routing in IP Bases on IP destination address, network prefix (e.g. 29..42) determines physical subnet When changing a subnet, the IP address has to be changed, or a specific routing entry has to be done Specific routes to an end device? Adaptation of all routing tables for allowing for a re-route of packets Does not scale with the number of mobile devices and with frequently changing locations Change of IP address? Choice of IP address basing on the current location (e.g. per DHCP) How to find a device at its new location - DNS does not support often changes, it needs some time to adapt! TCP connections break down if the IP address is changed when having active connections 2 Requirements to a Mobile IP Terminology in Mobile IP Transparency Mobile devices keep their IP address Continuation of a communication after a parting Access point to a network can be changed Compatibility Support of the same layer 2 protocols as IP No changes in existing computers and routers Mobile devices have to be able to communicate with fixed ones Security All registration messages have to be authenticated Efficiency and scalability As little additional data to a device as possible A large number of mobile devices should be supported -wide Mobile IP Mobile Node () Node which can change the access point to a network without changing its IP address Home Agent () Entity in the home network of the, typically a router Manages current location of the, tunnels IP packets to that location (COA) Foreign Agent () Entity in the current foreign network of the, typically a router Forwarding of tunneled packets to the, usually also default router for the, provides COA Care-of Address (COA) Valid address of the at the current tunnel end-point (either address at the, or directly assigned with the (co-located COA) From view of IP it is the current location of the Assigned e.g. via DHCP Correspondent Node (): communication partner 4

Example Network Transfer to the Mobile Node 7.226.2/24 2 4.7.6/24 home network router mobiles device 7.226.2.98 home network receiver (physical home network for ) fixed device router router COA 4.7.6.24 (current physical subnet for ) sender. Sender transmits to IP address of, intercepts packets 2. tunnels packet to COA (here ) by encapsulation. forwards the packet to 5 6 Transfer from the Mobile Node Overview Home Network Tunnel COA Foreign Network home network sender Home Network 2.. 4. receiver. Sender transmits to IP address of the receiver as usual, serves as standard router. Foreign Network 7 8

Network Integration Agent Advertisement and periodically send special messages about themselves in their physical subnets A receives those messages and recognizes if it is in the home or a also can read a COA from the messages of the Registration (only for limited time!) notifies the COA to its (via ), the acknowledges via to Those actions are protected by authentication Advertisement advertises the IP address of the (as for fixed systems), i.e. standard routing information s adjust their entries, these are stable for a longer time ( responsible for a over a longer period of time) Packets to the are sent to the, independent of changes in COA and 9 Agent Advertisement ICMP-Header type = 9, code = 0/6 lifetime: validity time of advertisement address/preference: addresses of responsible routers for the subnet Mobility-specific part type = 6 = 6 + 4 * #COAs type = 6 R: registration required B: busy, no more registrations H: home agent F: foreign agent M: minimal encapsulation G: GRE encapsulation r: =0, ignored (former Van Jacobson compression) T: supports reverse tunneling reserved: =0, ignored 0 7 8 5 6 2 24 type #addresses code address size checksum lifetime router address preference level router address 2 preference level 2 registration lifetime... sequence number R B H F M G r T reserved COA COA 2... 0 : Registration Request : Registration Reply The registers via by sending a UDP datagram with Source address = address of Destination address/port = address / 44 and the content: 0 7 8 5 6 2 24 type = S B DMG r T x lifetime home address home agent COA S: simultaneous bindings B: broadcast datagram D: decapsulation by identification extensions... M minimal encapsulation G: GRE encapsulation r: =0, ignored T: reverse tunneling requested x: =0, ignored lifetime is validity duration of the registration; deregistration, if 0 0 7 8 5 6 type = code lifetime home address home agent identification Example codes: registration successful extensions... 0 registration accepted registration accepted, but simultaneous mobility bindings unsupported registration denied by 65 administratively prohibited 66 insufficient resources 67 mobile node failed authentication 68 home agent failed authentication 69 requested Lifetime too long registration denied by 29 administratively prohibited mobile node failed authentication registration Identification mismatch 5 too many simultaneous mobility bindings 2

Encapsulation Encapsulation Encapsulation of one packet into another as payload E.g. IPv6 in IPv4 (6Bone), Multicast in Unicast (Mbone) Here: e.g. IP-in-IP-encapsulation, minimal encapsulation or GRE (Generic Record Encapsulation) IP-in-IP-encapsulation (mandatory, RFC 200) Tunnel between and COA Minimal encapsulation (optional) Avoids repetition of identical fields E.g. TTL, IHL, version, DS (RFC 2474, old: TOS) Only applicable for unfragmented packets, no space left for fragment identification TTL IP-in-IP IP checksum IP address of Care-of address COA TTL layer 4 prot. IP checksum IP address of IP address of TCP/UDP/... payload TTL min. encap. IP checksum IP address of care-of address COA layer 4 prot. S reserved IP checksum IP address of original sender IP address (if S=) TCP/UDP/... payload 4 Generic Routing Encapsulation Optimization of Path If other formats than only IP should be tunneled: RFC 70 TTL GRE IP checksum IP address of Care-of address COA CR K S s rec. rsv. ver. protocol checksum (optional) offset (optional) key (optional) sequence number (optional) routing (optional) TTL layer 4 prot. IP checksum IP address of IP address of TCP/UDP/... payload C outer header new header GRE header original header original header new data Checksum: header and payload Routing: source routing parameters Offset because of variable of routing parameters Key: authentication s: strict source routing Rec.: Recursion Control (maximum number of recursed encapsulations) Simplified version (RFC 2784) reserved0 ver. checksum (optional) original data original data protocol reserved (=0) Problem: Triangular Routing Sender sends all packets via to Higher latency and network load 2 Especially for two communicating mobile devices: Solutions Sender learns the current location of Direct tunneling to this location informs a sender about the location of Big security problems! Change of Packets on-the-fly during the change can be lost New informs old to avoid packet loss, old now forwards remaining packets to new This information also enables the old to release resources for the Some problems remain too small TTL, multicast groups, firewalls 5 6

Change of Foreign Agent Reverse Tunneling old new Update ACK 2 Warning Update ACK Registration changes location home network sender Request Update ACK t receiver. sends to (maybe encapsulated) 2. tunnels packet to by encapsulation. forwards the packet to the receiver as usual 7 8 Characteristics of Mobile IP with Reverse Tunneling Some Problems with Mobile IP accept often only topological correct addresses (firewall!) A packet from the encapsulated by the is now topological correct Furthermore multicast and TTL problems solved (TTL in the home network correct, but is to far away from the receiver) Reverse tunneling does not solve Problems with firewalls, the reverse tunnel can be abused to circumvent security mechanisms (tunnel hijacking) Optimization of data paths, i.e. packets will be forwarded through the tunnel via the to a sender (double triangular routing) The standard is backwards compatible The extensions can be implemented easily and cooperate with current implementations without these extensions Agent Advertisements can carry requests for reverse Security Authentication with problematic, for the typically belongs to another organization No protocol for key management and key distribution has been standardized in the Firewalls Typically mobile IP cannot be used together with firewalls, special set-ups are needed (such as reverse tunneling) QoS Many new reservations in case of RSVP Tunneling makes it hard to give a flow of packets a special treatment needed for the QoS Security, firewalls, QoS etc. are topics of current research and discussions! 9 20

Mobile IP and IPv6 IP Micro-Mobility Support Mobile IP was developed for IPv4, but IPv6 simplifies the protocols Security is integrated and not an add-on, authentication of registration is included COA can be assigned via auto-configuration (DHCPv6 is one candidate), every node has address autoconfiguration No need for a separate, all routers perform router advertisement which can be used instead of the special agent advertisement; addresses are always co-located can signal a sender directly the COA, sending via not needed in this case (automatic path optimization) Soft hand-over, i.e. without packet loss, between two subnets is supported sends the new COA to its old router The old router encapsulates all incoming packets for the and forwards them to the new COA Authentication is always granted Micro-mobility support Mobile IP: large overhead for only small changes in location Efficient local handover inside a certain geographical foreign domain without involving a home agent would increase performance and decrease delay dramatically Alternatives to Mobile IP in small areas also can reduce control traffic on the backbone Example approaches: Hierarchical Mobile IP (HMIP) Cellular IP (CIP) WAII Important criteria: Security, Efficiency, Scalability, Transparency, Manageability 2 22 Hierarchical Mobile IPv6 (HMIPv6) Hierarchical Mobile IP Developed by Ericsson & Nokia Use a hierarchy of s Network contains a Mobility Anchor Point (MAP) Mapping of regional COA (RCOA) to link COA (LCOA) At a handover, informs MAP only Gets new LCOA, keeps RCOA is only contacted if MAP changes Also possible with several hierarchically ordered MAPs Security: No HMIP-specific security mechanisms necessary Binding updates have to be authenticated binding update RCOA MAP AP AP LCOA LCOA new old Advantages: Handover requires minimum number of overall changes to routing tables Integration with firewalls / private address support possible Local COAs can be hidden, which provides some location privacy Direct routing between s sharing the same link is possible (but might be dangerous) Possible problems: Not transparent to s: software has to be changed to allow for location management (performance!) Handover efficiency in wireless mobile scenarios: Complex operations All routing reconfiguration messages sent over wireless link s can (must!) directly influence routing entries via binding updates (authentication necessary) Added later on: paging support, to allow a mobile device to move without own announcements the APs send out paging signals to find a. 2 24

Cellular IP (CIP) Developed by Columbia University & Ericsson: A hierarchy of CIP Nodes maintains routing entries for s Multiple entries possible (soft handover) Routing entries updated based on addresses included in packets sent by If no data is transferred, location information is given by the in frequent control messages CIP Gateway: Mobile IP tunnel endpoint () Security: gets session key on first registration Authentication within handover is done with the session key resulting in fast handover procedure data / control packets from CIP-Gateway CIP nodes 2 Mobile IP Packets from 2 to Cellular IP Advantages Initial registration comprises authentication of s and is done centrally by the CIP gateway All control messages of are authenticated, simple and elegant architecture Mostly self-configuring (small management overhead) Integration in firewalls / private addresses can be supported Possible problems Not transparent for s (additional control messages) Public-key encryption of keys maybe problematic for s with restricted resources Multiple-path propagation of data can lead to inefficient network capacity usage All nodes below the CIP gateway have to implement the CIP protocol. 25 26 WAII WAII Handoff-Aware Wireless Access Infrastructure Developed by Lucent Technologies: obtains co-located COA and registers with 2 Handover: keeps COA, new base station () answers registration request and updates routers 4 sees as foreign agent As with CIP, the hierarchy of routers manages the current path to a Security: Authentication of with 4 (backbone router) mandatory Mobile IP Crossover Backbone 2 Mobile IP DHCP Server DHCP Advantages: Mostly transparent to s ( sends/receives standard Mobile IP messages) Explicit support for dynamically assigned home addresses Mutual authentication and challenge/response extensions mandatory Only infrastructure components can influence routing entries Possible problems: Mixture of co-located COA and concepts may not be supported by some implementations Co-located COA raises DHCP security issues (DHCP has no strong authentication) Decentralized security-critical functionality (Mobile IP registration processing during handover) in base stations 27 28

Mobile IP Conclusion Mobile IP is designed to deal with user mobility Beside its home network address, a device simply is assigned a second address which is valid in the new network The access routers of old and new network ( and ) are establishing a tunnel The intercepts all communication for the device and sends it through the tunnel But: security, performance, Micro-mobility Several protocols for improvement of Mobile IP in a small geographical range: CIP, H-MIP, WAII None of the additions is perfect What is the future? IPv6 is designed to deal also with mobile users All mechanisms integrated in one protocol But: when will it come and how good will it be? 29