Your SlideShare is downloading. ×
Cours mobilitep
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Cours mobilitep


Published on

Published in: Technology, Education

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Mobilité IP Introduction Plan Différents types de mobilité • Introduction – Qu’est-ce que la mobilité IP ? Home Network Mobile Cellular • Architecture Mobile IP Network • Mécanismes de mobilité IP – Découverte d’agent POP – Enregistrement POP Mobile host – Tunnelage Internet POP Visited LAN • Fonctionnalités avancées POP • Micro-mobilité Mobile host • Support de mobilité fourni par IPv6 PSTN Mobile host • Mobile IP & 3G Mobile host • Conclusionmobilité IP 3 mobilité IP 4 Différents types de mobilité Mobilité IP ≠ LANs sans fil (WLAN) • LANs sans fil aujourd’hui : – IEEE 802.11, Bluetooth … – AP IEEE 802.11 AP = pont entre le réseau fixe et le réseau sans • Nomadisme (DHCP) fil • Ordinateurs mobiles (Mobile IP, IEEE 802.11) • handoffs de niveau 2 supportés mais PAS la • Réseaux mobiles (réseaux Ad-hoc) mobilité IP (les handoffs sont supportés au sein d’un même sous-réseau IP) • Besoin de protocoles fournissant un service de localisation • Mobilité IP ≠ Interface sans filmobilité IP 5 mobilité IP 6
  • 2. Différents types de mobilité Différents types de mobilitémobilité IP 7 mobilité IP 8 Mobilité Introduction Mobile IP (1) Address: Home Address Mobile node • Sillage des réseaux GSM – Mobilité = nécessité pour les utilisateurs d’un système de Home Network communication Data – Tous les réseaux existants se donnent pour mission de Correspondent Internet Base station proposer ce service • Standard TCP/IP : réseau le + étendu au monde – Principe Anywhere, Any Time, Network Access – Réseau IP : l’une des principales sources d’informationmobilité IP 9 mobilité IP 10 Introduction Mobile IP (2) Cahier des charges pour l’architecture de mobilité IP • Échelle planétaire : • Two major requirements arise when considering IP mobility: – Quasi-totalité des réseaux fournissent une entrée au réseau – Application transparency : Dealing with a mobile Internet configuration should not necessitate a mobile-aware – Avec mobilité : garantie d’un accès universel, simple application. This is needed in order to avoid application d’emploi et pratique replacement on all Internet hosts! • Groupe de travail de l’IETF : proposition IP Mobile – Seamless roaming : When a user goes out of his corporate – Proposer une localisation planétaire par l’adresse IP network and roams around in the Internet, the requirement is (à l’instar du roaming du GSM) to assure a seamless Internet communication between this user and his correspondents whatever the access network used by the mobile roaming user • IP préexiste au concept nomade – GSM doté dès l’origine de telles fonctions • Dealing with mobility at the IP layer provides a way to – IP : « bricolage » de solutions pour ajouter la mobilité answer the above requirementsmobilité IP 11 mobilité IP 12
  • 3. Problématique de la mobilité dans IP Why isn’t IP mobility simple? (1) • Difficultés pour intégrer à IP de nouvelles fonctions • The complexity comes from the current use of IP addresses. devant offrir la mobilité • An IP address is used to – identify a particular end-system. In this respect, IP addresses are equivalent to FQDNs (Fully Qualified Domain Names) and the equivalence is maintained in a DNS, Domain Name Server – identify a particular TCP session in an IP host since a TCP socket consists of a (destination IP address, destination port number) couple – determine a route to a destination IP host. • The first two uses come into contradiction with the third use when mobility is consideredmobilité IP 13 mobilité IP 14 IP mobility: routing mobility: Why isn’t IP mobility simple? (2) • The first use supposes that a host’s IP address should never change since the DNS should always point to the same IP address Data for the mobile is routed to its • The second use supposes that a host’s IP address should home network never change during a TCP session otherwise the session would be lost Internet Roaming • The third use supposes that when the host is roaming outside its home network (the network which has the prefix of the host’s IP address), it should change its address (and take an address with a prefix given by the visited network) in order to receive the datagrams Correspondent destined to itmobilité IP 15 mobilité IP 16 Why isn’t IP mobility simple? (3) Mobile IP standardization process • A possible answer to the third constraint would be to use a DHCP (Dynamic Host Configuration Protocol) server in order • The standardization of Mobile IP is being mainly carried out at the to obtain an address on the visited network IETF (Internet Engineering Task Force) • The IP Routing for Wireless/Mobile Hosts (MobileIP) Working • This however poses a problem with the first two constraints Group is in charge of defining and specifying the Mobile IP architecture and protocols – First, the IP address of a host having changed, the DNS in • The major architecture components are already in the standards the home network should be updated by the mobile host track (Request For Comments, RFCs 2002-2006) on the visited network. This may be very dangerous on a security standpoint! • Some very interesting enhanced functionalities are still considered as work in progress and specified in Internet Drafts – Second, this solution can not provide a seamless continuous • These documents and other related information may be found at the mobility capability since when the mobile host’s IP address is mobileip WG home page on the Web : changed, all TCP sessions involving this host should be dropped and reinitialized with the new IP addressmobilité IP 17 mobilité IP 18
  • 4. Plan • Introduction – Qu’est-ce que la mobilité IP ? • Architecture Mobile IP • Mécanismes de mobilité IP – Découverte d’agent Overview of the IP mobility architecture – Enregistrement – Tunnelage • Fonctionnalités avancées • Micro-mobilité • Support de mobilité fourni par IPv6 • Mobile IP & 3G • Conclusionmobilité IP 19 Functional entities The Mobile IP basic concept • The Mobile IP architecture resolves the above contradiction • Mobile node : A host or a router that roams from one by using 2 IP addresses for a mobile host : network or subnetwork to another outside its home network without changing its long term IP address (the home address) – The Home address is a permanent address used to identify uniquely the IP host on the Internet (answers the • Home agent : This is typically a router on a mobile node’s two first IP addresses constraints) home network which delivers datagrams to departed mobile nodes, and maintains current location information for each – The Care-of address is a temporary address used to route the datagrams destined to the mobile host to the • Foreign agent : This is typically a router on a mobile node’s current attachment point of this host (answers the last IP visited network that collaborates with the Home agent to addresses constraint) complete the delivery of datagrams to the mobile node while it is away from homemobilité IP 21 mobilité IP 22 Plan Main functions • Introduction – Qu’est-ce que la mobilité IP ? • Agent Discovery : • Architecture Mobile IP – Home Agents & Foreign Agents send advertisements on the link. A mobile can ask for advertisements to be sent. • Mécanismes de mobilité IP – Découverte d’agent • Registration : – Enregistrement – Tunnelage – When a mobile is away, it registers its temporary address with its home agent • Fonctionnalités avancées • Tunneling : • Micro-mobilité – The packets for the mobile are intercepted by the HA and tunnelled to the mobile • Support de mobilité fourni par IPv6 • Mobile IP & 3G • Conclusionmobilité IP 23 mobilité IP 24
  • 5. Mobile IP Protocol overview 1. Home Agent & Foreign Agent broadcast or multicast Home Network Home Address ® Care-of Address agent advertisements on their respective links. Home Agent Home Address ® IP T Care-of Address 2. Mobile nodes listen to Agent Advertisements. TheyIPsrc = Home Agent unn el examine the contents of these advertisements toIPDst = Foreign Agent Foreign Network determine whether they are on the home or on a Tunnel Header Data Internet Agent a dvertise visited network Header ment Re gisIPsrc = Host tra t Foreign Agent 3. A mobile node on a visited network acquires aIPDst = Mobile ion temporary address (care of address) Header Data Mobile Node The mobile is on Correspondent its Home Networkmobilité IP 25 mobilité IP 26 Protocol overview 4. The mobile registers its COA with its home agent 5. The Home Agent sends ARP on the Home Network IP mobility mechanisms (IP@ <-> MAC@). The packets for the mobile are intercepted and sent to the current position of the Agent discovery mobile Registration 6. The packets arrive to the COA and are decapsulated in order to extract the original packet Tunneling 7. The packets from the mobile are sent directly to the correspondentsmobilité IP 27 Agent Discovery Agent Discovery • Process by which the mobile detects where it is attached (home or visited network) • Allows the mobile to determine a COA when the mobile is on a visited network • Based on 2 types of messages: – Agent Advertisement : broadcast or multicast by the agents – Agent Solicitation : sent by a mobile which does not want to wait for an AA • Message authenticationmobilité IP 29 mobilité IP 30
  • 6. Agent Solicitation Message Mobile Agent Discovery • An extension, called the Mobility Agent extension, is appended to ICMP Router Advertisement to constitute the Agent Advertisement message Vers = 4 IHL Type of Service Total Length Identification Flags Fragment Offset TTL = 1 Protocol = ICMP Header Checksum IP header (RFC 791) • A Foreign Agent uses the Agent Advertisement message in order Source Address = Mobile node ’s Home Address to indicate the Care-of Address to a Mobile Node Destination Address = or ICMP Router Type =10 Code = 0 Checksum Solicitation Reserved (RFC 1256) • A Home Agent uses the Agent Advertisement message so that a Mobile Node knows when it has returned to its Home Network • A Mobile Node is allowed to send ICMP Router Solicitation messages in order to elicit a Mobility Agent Advertisementmobilité IP 31 mobilité IP 32 Mobile Agent Discovery Agent Advertisement Message Getting a COA Vers = 4 IHL Type of Service Total Length • A Care-of Address may be obtained from the Foreign Agent by Identification Flags Fragment Offset an Agent Advertisement. TTL = 1 Protocol = ICMP Header Checksum IP header (RFC 791) – It may also be obtained from a RAS (Remote Access Server) Source Address = Home/Foreign Agent ’s Address on this link implementing PPP or from a DHCP server on a foreign LAN. Destination Address = or Type =9 Code Checksum – In this case the Care-of Address is said to be collocated Num Addrs Add Entry Size Lifetime (of this Advertissement) since it is directly assigned to the Mobile Node interface and Router Address [1] ICMP Router Advertisement not to a Mobile Node through a Foreign Agent. Preference Leve [1] (RFC 1256) Router Address [2] Preference Leve [2] • For a collocated Care-of Address, the tunnel terminates at the ... Mobile Node interface Type = 16 Length Sequence Number (Maximum) Registration Lifetime R B H F M G V Reserved Mobility Agent Advertisement Care-of Address [1] Extension Care-of Address [2] (RFC 2002) ... Type = 19 Length Prefix Length [1] Prefix Length [2] Prefix Length Extension Optional ... (RFC 2002)mobilité IP 33 mobilité IP 34 Mobile Agent Discovery Mobile Agent Discovery Mobility Agent Advertisement Extension • Flags: • It is based upon an extension of the ICMP (Internet – R=Registration required at the Foreign Agent Control Message Protocol) Router Discovery protocol – B=Busy – H=Home Agent – F=Foreign Agent • A router periodically broadcasts ICMP Router – M,G,V indicate the encapsulation type Advertisement messages on the different directly • Type identifies the Mobility Agent Advertisement extension attached subnetworks • Length is the total length of this extension which depends on the number of Care-of Addresses • This allows the hosts on these subnets to discover the • Lifetime specifies the duration of the Care-of Address support on the router Foreign Agent • For a Home Agent, Zero Care-of Address is advertised • For a Foreign Agent, typically one Care-of Address is advertised • Sequence Number is incremented at each Advertisementmobilité IP 35 mobilité IP 36
  • 7. Registration • Functionnalities – Ask for routing functionnalities of the FA – Tell the HA the new location of the mobile – Update a binding which is about to expire – De-register the mobile when it is back on its home network Registration • Triggered as soon as the mobile detects it changed its point of attachement • Use of the information obtained by agent discovery to determine the type of registration to be done • Two registration procedures – With the « Foreign Agent » – With the temporary address of the mobile mobilité IP 38 Registration Registration • Once the Mobile Node receives a Care-of Address, it should register its (Home Address, Care-of Address) binding at his Home Agent Mobile 2. Registration Request. 1. • This is done using 2 messages : – Registration Request Internet – Registration Reply Foreign Agent Home Agent • They both use a UDP/IP service 4. 3. Registration Reply.mobilité IP 39 mobilité IP 40 Registration Registration Request Registration 1 byte 1 byte 1 byte 1 byte Vers = 4 IHL Type of Service Total Length Type SBDMGVrsvd Lifetime Identification Flags Fragment Offset IP header TTL Protocol = UDP Header Checksum (RFC 791) Source Address Home Address Destination Address Source Port Destination Port = 434 Home Agent Length Checksum UDP header (RFC 768) Type =1 S B D M G V Rsv Lifetime Care-of Addresses... Mobile Node’s Home Address Registration Home Agent Address Request Care-of Address (RFC 2002) Identification Identification Extensionsmobilité IP 41 mobilité IP 42
  • 8. Registration Registration Request Registration Request • Flags : • Registering with the FA – S=Simultaneous Registrations (multiple Care-of Adresses) – The FA receives the message and may reject it: – B=Broadcast • Invalid authentication – D=Care-of Address collocated with the Mobile Node • The lifetime value exceeds what may be accepted by the FA – M,G,V indicate the encapsulation type • The mobile wishes to use a tunneling type not supported by the FA • Type identifies the Registration message • The FA has not enough resources • Lifetime specifies the duration of the mobility addresses binding – Otherwise, it forwards the request to the HA • Home Address is bound to the Care-of Address • Home Agent identifies the Home Agent that should register the • Registering with the HA binding – The HA also checks the registration should be accepted (same • Identification is used to protect against replay attacks and allows to conditions) correlate a Registration Request with a Registration Reply message – If it is accepted, the HA • Updates its binding table • The Mobile-Home authentication extension is used to authenticate • Sends a proxy ARP message on the local link the Mobile Node at the Home Agent • Sends a registration replymobilité IP 43 mobilité IP 44 Registration Registration Reply Registration Reply 1 byte 1 byte 1 byte 1 byte Vers = 4 IHL Type of Service Total Length Type Code Lifetime Identification Flags Fragment Offset IP header TTL Protocol = UDP Header Checksum (RFC 791) Source Address Home Address Destination Address Source Port Destination Port = 434 UDP header (RFC 768) Home Agent Length Checksum Type =3 Code Lifetime Mobile Node’s Home Address Registration Home Agent Address Identification Reply (RFC 2002) Identification Extensionsmobilité IP 45 mobilité IP 46 Registration Registration Reply Registration Reply • Type identifies the Registration message • The FA receives a registration reply • Lifetime specifies the duration of the mobility addresses binding – If the RR is invalid, the agent sends a Registration Reply describing the reason why the registration was rejected • Home Address identifies the Mobile Node to which this message is – Otherwise, the agent related • Updates its binding table • Home Agent identifies the Home Agent having registered the • Forwards the message to the mobile binding • Starts to handle the messages for the mobile • Identification is used to protect against replay attacks and allows to • Reception of the RR by the mobile correlate a Registration Request with a Registration Reply message – If the registration was rejected, the mobile tries to change its registration • The Mobile-Home authentication extension is used to authenticate procedure the Home Agent at the Mobile Node – Otherwise the mobile updates its routing table • Code gives the result of the registration – 0 : registration accepted – 66, 69, 70... : registration denied by the Foreign Agent – 130, 131, 133... : registration denied by the Home Agentmobilité IP 47 mobilité IP 48
  • 9. Registration Exemple • Via le Foreign Agent : • Adresse home du mobile node = FA • HA du mobile node = • FA address = FA • FA care of address = • Home node source port = 434 temps FA HA • Mobile node source port = 1094 • FA source port = 1105 FA HA • Care-of-address registration lifetime = 60000 s • HA granted lifetime = 35000 s FAmobilité IP 49 mobilité IP 50 Exemple Exemple Agent advertisement IP header fields ICMP header Router Adv. header Mobile service extensions Home -> Foreign S= Type=9 Lifetime=60000 IP header fields UDP header Mobile-IP message fields Authentication Ext. D= code=16 COA= F=1 S= Type = 3 S=434 SPI=303 Mobile -> Foreign D= D=1105 lifetime=35000 TTL=64 COA= IP header fields UDP header Mobile-IP message fields Authentication Ext. HA= MA= S= S=1094 Type = 1 SPI=302 D= D=434 lifetime=60000 Foreign -> Mobile TTL=1 COA= HA= IP header fields UDP header Mobile-IP message fields Authentication Ext. Foreign ->home MA= S= S=434 Type = 3 SPI=303 IP header fields UDP header Mobile-IP message fields Authentication Ext. D= D=1094 lifetime=35000 TTL=1 HA= S= S=1094 Type = 1 SPI=302 MA= D= D=434 lifetime=60000 TTL=64 COA= HA=é IP MA= 51 mobilité IP 52 Exemple Exemple Annuler l’enregistrement (au retour au réseau home) : Mobile ->home IP header fields UDP header Mobile-IP message fields Authentication Ext. S= S=1094 Type = 1 SPI=302 D= D=434 lifetime=0 Agent advertisement TTL=1 COA= HA= IP header fields ICMP header Router Adv. header Mobile service extensions MA= S= Type=9 Lifetime=35000 Home -> Mobile D= code=16 no COA H=1 IP header fields UDP header Mobile-IP message fields Authentication Ext. S= S=434 Type = 3 SPI=303 D= D=1094 lifetime=0 TTL=1 COA= HA= MA=é IP 53 mobilité IP 54
  • 10. De-registration De- Discovering the HAs address De-registration Request. Mobile Node • Manual configuration on the mobile • Automatically Internet – By broadcasting a registration request Home Agent De-registration Replymobilité IP 55 mobilité IP 56 Learning the HA address Learning the HA address Mobile Node Mobile Home Agent Home Agent Home Agent Home Agent Internet Internet Foreign Agent Foreign Agent Home Agent Home Agentmobilité IP 57 mobilité IP 58 Learning the HA address Movement detection Mobile Home Agent • Using the lifetime field – If the lifetime expires, the mobile supposes it has attached Home Agent to a new link or the agent has failed. It waits for an Agent Advertisement or sends an Agent Sollicitation Internet Foreign Agent Home Agent • Detection using the network prefixmobilité IP 59 mobilité IP 60
  • 11. Routing Interception by the HA • To the home network • 2 possibilities – The packets for a mobile are always sent to its home – Accessibility advertisement : network – No specific routing –conventional routing only on HA routers with several interfaces – If the mobile sends data, it behaves as any other node on the Internet – Using the proxy ARP Mobiles IP@ <-> HAs MAC@ • To a visited network Updated by the HA and by the mobile node when it returns on its – A router on the local link broadcasts an ARP request to home network inform the packets for the mobile should be sent to it. – The packets are intercepted by the HA and tunnelled to the mobiles COA(s) – At the end of the tunnel, they are decapsulated and delivered to the mobilemobilité IP 61 mobilité IP 62 Packet interception by the HA Home Network configurations Cible/Taille du prefixe Prochaine saut Interface direct 1 Couche supérieures (TCP/UDP défaut/24 2 v1 IP Gateway Physical Home Network A Home Interface v1 Internet Agent Interface 1 Interface 2 (tunnel enc.) Routage sur l’agent mère Cible/Taille du prefixe Prochaine saut Interface B Physical Home Network direct 1 Couche supérieures (TCP/UDP Internet 2 Gateway/ direct 1 IP Home Agent Interface v1 Interface 1 Interface 2 (tunnel déc.) Virtual Home Network Routage sur le foreign agent C Internet Gateway/ Home Agentmobilité IP 63 mobilité IP 64 Proxy and Gratuitous ARP Security • In the cases A and B above, the Home Agent should intercept the datagrams intended to Mobile Nodes using a Proxy ARP mechanism • In the case C, all datagrams intended to Mobile nodes will be naturally intercepted by the Home Agent. Here, all the hosts are outside their Home Network which become a Virtual Network • Gratuitous ARP should be used by the Home Agent in order to change the ARP cache entry for a roaming Mobile node’s Home Address on the Home Network • When the Mobile Node gets back to its Home Network, Gratuitous ARP should again be used by the Mobile Node itself to restore the ARP cache entrymobilité IP 65 mobilité IP 66
  • 12. Security aspects (1) Security aspects (2) 1 byte 1 byte 1 byte 1 byte • The security issue is fundamental for registration messages otherwise impersonation and session hijacking attacks would be trivial Type Length SPI • Authentication should be applied to these messages • The Mobile IP architecture specifies its own security mechanisms for use SPI continued Authenticator with IPv4 since IPsec, the new standardized security architecture, is not mandatory with IPv4 Authenticator continued... • An authentication extension is thus appended to each of the above messages • Type identifies the authentication extension (Mobile-Home, Home Agent- • The default authentication algorithm is a keyed-MD5 in prefix + suffix Foreign Agent,...) mode • SPI specifies the authentication context (algorithm, mode, key...) • The result of the authentication is thus a 128 bit message digest • The Authenticator is calculated over the entire message + this authentication transmitted in the authentication extension extensionmobilité IP 67 mobilité IP 68 Firewalls and packet filtering problems (1) Firewalls and packet filtering problems (2) • Ingress filtering is often applied in the border gateway of a corporate network playing the role of a firewall This datagram Correspondent Home cannot be Agent accepted on • This prevents Mobile Node generated datagrams to reach the this interface! Internet coming from the Visited Network This datagram HA cannot be CN A accepted on • Solutions Gateway/Firewall this interface! – Send datagrams with Source Address=Care-of Address Þ this Visited Network is a loosing proposition because it runs counter to the Home Network Internet HA C architecture NA – Send datagrams encapsulated in an outer IP header with Source Address=Care-of Address Þ this is a better Foreign Agent/ proposition but the Correspondent Nodes are not required to Gateway/Firewall be able to do the decapsulation Þ Encapsulated datagrams may be sent to the Home Agent which sends them back to the Correspondent Node Þ this is a suboptimal solution on the routing standpointmobilité IP Mobile host 69 mobilité IP 70 Firewalls and packet filtering problems (3) • Correlated problem : the firewall on the Home Network side should also filter all datagrams coming from the Internet with a Source Address corresponding to an inner address (with the same prefix as the Home Network) Tunneling • Solutions : – If the Home Agent is collocated with the Gateway/Firewall, the firewall will know when such datagrams should be accepted – Otherwise, a protocol between the Home Agent and the Firewall may be necessary – Finally, a solution may consist in tunneling all such datagrams to the Home Agent which should play the role of a bastion host and be attached to a DMZ for safetymobilité IP 71
  • 13. Datagram Tunneling Reminder : IPv4 header format • A Correspondent Node sends datagrams to a Mobile Node with the Destination Address field containing the Mobile Node’s Home Address 1 byte 1 byte 1 byte 1 byte • Based on the destination address, these datagrams reach the Home Network Vers. IHL TOS Total Length • There, the Home Agent intercepts the datagrams and encapsulates them into an outer IP header that tunnels the Identification Flags FO initial datagrams to the Foreign Agent or directly to the Mobile Node (in the case of a collocated Care-of Address) TTL Protocol Header Checksum • Multiple encapsulation schemes may be used including : Source IPv4 address (4 bytes) – IP-within-IP encapsulation – Minimal encapsulation Destination IPv4 address (4 bytes) • The datagrams sent by the Mobile Node reach directly the Correspondent Node Options Paddingmobilité IP 73 mobilité IP 74 IP-within-IP encapsulation IP- within- Minimal encapsulation Minimal encapsulation header New IP hdr Orig IP hdr TCP/UDP Data New IP hdr TCP/UDP Data • The original IP header remains unchanged when transmitted in 1 byte 1 byte 1 byte 1 byte the tunnel (the TTL field is decremented) – Source Address : Correspondent Node Address Protocol S Reserved Header Checksum – Destination Address : Mobile Node’s Home Address Original Destination Address : • The new IP header has : Mobile Node’s Home Address Original Source Address (if present) : – Source Address : Home Agent Address Correspondent Node’s Address – Destination Address : Care-of Address • S indicates the presence of the Original Source Address field • When fragmentation is needed, it should be done at the inner IP • Minimal encapsulation limits the number of supplementary datagram level otherwise the fragments won’t transport the Mobile bytes necessary for tunneling Node’s Home Address used at the Foreign Agent to send the decapsulated datagram on the right data link • It prevents however from performing fragmentationmobilité IP 75 mobilité IP 76 Soft Tunnel State Plan • It is interesting to maintain at the Home Agent level (the entry point • Introduction of the tunnel) a number of parameters on the state of each – Qu’est-ce que la mobilité IP ? established tunnel. • Architecture Mobile IP • These parameters constitute the Soft Tunnel State and include : • Mécanismes de mobilité IP – The Path MTU on this tunnel for fragmentation purposes – Découverte d’agent – Enregistrement – The state of the tunnel (broken or not) – Tunnelage – The Correspondent Node using the tunnel • Fonctionnalités avancées • The Home Agent may then relay ICMP error messages to the • Micro-mobilité Correspondent Node source of the tunneled datagrams • Support de mobilité fourni par IPv6 • Typically, ICMP host unreachable messages are sent back to the Correspondent Node when the datagrams are not delivered through • Mobile IP & 3G the tunnel • Conclusionmobilité IP 77 mobilité IP 78
  • 14. Enhanced functionnalities Routing optimisation • Optimisation du routage • Goal : Avoid triangle routing • Smooth handoff • Idea: – Tell the correspondents the current position of the mobile node • Problem: – Change the correspondents IP stackmobilité IP 79 mobilité IP 80 Triangle Routing Route optimization (1) • The basic Mobile IP mechanisms create a Triangle Routing between the Correspondent Node, the Home Agent and the Home Network Mobile Node. • This Triangle Routing is far from being optimal especially in the case of a Correspondent Node very close to the Mobile Home Agent Node Tun • Route optimization consists of eliminating this problem ne l Visited Network • This is done by updating the Correspondent Node giving it the Internet mobility binding (Home Address, Care-of Address) of the Mobile Node Foreign Agent • For security purposes, it is the responsibility of the Home Mobile Node Agent to send the mobility binding to the Correspondent Nodes that need them Correspondent Nodemobilité IP 81 mobilité IP 82 Route optimization (2) Route optimization (3) • Binding updates are authenticated by a route optimization authentication extension (same as for the Mobile-Home Home Network authentication extension) • Route optimization offers an efficient routing technique but Home Agent supposes that the Correspondent Nodes are able to Bin Bin implement the route optimization protocol d in din Internet Visited Network gu g re Foreign Agent pda que HA CN A • This may be the main reason why this mechanism has not yet te(H st ( oA CN A been definitively adopted as an RFC HA A, AC CN C ) HA oA Mobile Node ,L ifet CN A ime HA ) Correspondent Nodemobilité IP 83 mobilité IP 84
  • 15. Foreign Agent - Smooth Handoff Smooth handoffs (1) • When a mobile moves, it registers with a new FA Home Network Registration Visited Network 2 • Goal: Tell the old FA the current position so that the Advert iseme packets in transit are redirected to the mobile (avoid nt losses and retransmissions) Foreign Agent 2 Home Agent Mobile Node • Protocol: Visited Network 1 Bindin – The mobile registers with the new FA and tells the address of its Internet old FA gu – The new FA sends a BU to the old FA so that it forwards the pdate packets to the new location of the mobile Foreign Agent 1 Mobile Node Correspondent Node What about the transition?mobilité IP 85 mobilité IP 86 Smooth handoffs (2) Smooth handoffs (3) • During the handoff, it is important that the datagrams intended to the Mobile Node and received by the previous Foreign Agent not be lost Home Network Registration Visited Network 2 Advert • A smooth handoff may be obtained if the previous Foreign Agent iseme nt receives a binding update with the new Care-of Address of the Mobile Foreign Agent 2 Node allowing it to relay the datagrams to the new Foreign Agent Binding update Binding Ack Home Agent Mobile Node • This is best achieved if it remains a local mechanism between the Bindin Mobile Node and both the current and previous Foreign Agents (the Internet Home Agent is too far to perform this binding update) gu pdate Foreign Agent 1 • This poses however a security problem since it is highly improbable, in the current state of Internet security, that an authentication security Mobile Node association be established between the Mobile Node and the Foreign Agents Visited Network 1 Correspondent Nodemobilité IP 87 mobilité IP 88 Smooth handoffs (4) Plan • Introduction • If the previous Foreign Agent does not hold the new mobility binding – Qu’est-ce que la mobilité IP ? for the Mobile Node, it may send back the decapsulated datagram to the Home Agent. • Architecture Mobile IP • This may create routing loops if the Foreign Agent has lost the trace • Mécanismes de mobilité IP – Découverte d’agent of the Mobile Node and the Mobile Node is not connected elsewhere – Enregistrement – Tunnelage • The Foreign Agent should re-encapsulate the decapsulated datagram into a Special Tunnel getting it back to the Home Agent • Fonctionnalités avancées with the Care-of Address as the source address of the outer header • Micro-mobilité • This allows the Home Agent to compare the current registration with • Support de mobilité fourni par IPv6 the returned Care-of Address and decide whether it should tunnel the datagram or not thus avoiding routing loops • Mobile IP & 3G • Conclusionmobilité IP 89 mobilité IP 90
  • 16. Différents types de mobilité Micro mobility mobilité IP 92 Micro mobility Micro mobilité IP • Fonctionnement en mode paquet • A mobile has to register with its HA every – Différence par rapport aux autres réseaux cellulaires publics time it moves – GSM, UMTS, CDMA 2000 : interfaces radio majoritairement en – Macro mobility (Mobile IP) mode circuit • Universalité du protocole IP – Micro Mobility (Hawaii, Cellular IP …) – Infrastructures répandues dans le monde entier • Micromobilité : va devenir une donnée primordiale des réseaux • Smaller cells + more mobiles => need to ditinguish • Protocole de micro mobilité = complémentaire dIP mobile micro/macro mobility – Macromobilité : possibilité pour un utilisateur de quitter son réseau dabonnement pour se rendre dans un autre domaine du réseau IP • Adresse temporaire dans le nouveau domaine • The mobile registers with the HA when it • Enregistrement auprès de lagent local de sa zone dabonnement moves to a new mciro mobility domain • Génération dun temps de latence – Échange de nombreux messages de signalisation – Micro mobilité : mobilité locale • Transparente pour le réseau dabonnement de lutilisateur mobilemobilité IP 93 mobilité IP 94 Micro Mobility Macro / micromobilité home agent Internet w/ Mobile IP Mobile IP Macro Mobility Internet redirection gateway mobile Cellular IP Hawaii … Micro mobility Wireless Access Wireless Access access Network Network network base station Global Mobility mobilemobilité IP 95 mobilité IP 96
  • 17. Solutions de micro mobilité Regionalized registration (1) • Enregistrements régionaux Home Network HMIP Home Agent Tun • Cellular IP ne Internet l Visited Network • Hawaii FA1 FA2 FA3 FA4 FA5 FA6 FA7 FA8 FA9 FA10 Mobile Node Mobile Nodemobilité IP 97 mobilité IP 98 Regionalized registration (2) Solutions de micro mobilité • Regionalized registration is a solution to the reduction of the registration traffic between a Home and a Visited Network over the • Enregistrements régionaux Internet in order to update the mobility binding of the Mobile Nodes • The idea is to construct a hierarchy of Foreign Agents, each FA • HMIP registering a Care-of Address for the Mobile Node at its father FA level • Multiple successive tunnels are thus constructed to reach the Mobile • Cellular IP Node from the Home Agent • Hawaii • When a Mobile Node moves from the region of FA7 to FA8, a registration should only be sent to FA4 and the tunnel FA4®FA7 would be replaced by a tunnel FA4®FA8 • When a Mobile Node moves from the region of FA7 to FA9, a registration should be sent to FA1 (and not to the Home Agent) and the tunnels would be replaced accordinglymobilité IP 99 mobilité IP 100 HMIP HMIP: Hierarchical Mobile IP • Problem: a mobile registers with its HA every time it moves • Goal: reduce registration time by using regional registrations GFA FA1 FA2mobilité IP 101 mobilité IP 102
  • 18. HMIP : Registration (1) HMIP : Registration (2) RReq Internet Internet HA HA GFA GFA RRep RReq RRep RRep RReq FA1 FA2 FA1 FA2 RRep RRep RReq RReqmobilité IP 103 mobilité IP 104 HMIP : Routing HMIP : Ericsson (1) HA MN->@GFA • Several levels in the Internet Internet HA hierarchy GFA • FA sends advertisements MN->@FA1 @FA7,@FA3,@FA1@GFA (pour FA7) GFA Data @FA6,@FA4,@FA2,@GFA (pour FA6) MN->@FA3 FA1 FA2 • The MN registers the GFA@ FA1 FA2 with its HA FA4 MN->@FA7 FA3 FA5 • IP tunnels are set up FA6 between the FAs FA7 FA8 Mobilemobilité IP 105 mobilité IP 106 HMIP : Ericsson (2) Solutions de micro mobilité HA MN->@GFA • When it moves, the mobile • Enregistrements régionaux checks the routes to determine if it is in the HMIP same hierarchy Internet @FA7,@FA3,@FA1@GFA (for FA7) @FA6,@FA4,@FA2,@GFA (for FA6) • Cellular IP • Fast handoffs : a mobile GFA MN->@FA2 MN->@FA1 MN->@FA2, may register with several FAs MN->@FA3 FA1 FA2 MN->@FA4 • Hawaii MN->@FA6 • The packets are bicasted by FA4 the GFA MN->@FA7 FA3 FA5 FA6 FA7 FA8mobilité IP 107 mobilité IP 108
  • 19. Couplage IP Mobile / IP cellulaire • IP cellulaire nintervient que sur le réseau daccès – Aucun routeur du réseau de cœur na conscience de lexistence dIP cellulaire – Système peu coûteux à linstallation car pas de modification pour les routeurs IP cellulaire • Fonctionnement simple – Définition dune passerelle ou GW (Gateway) • Accès au réseau Internet • Située à la racine du domaine : joue le rôle dagent étranger • Possède une adresse IP qui sert de COA (Care-Of Address) à tous les visiteurs du domaine • À la réception de paquets encapsulées, la GW ôte len-tête additionnel • IP cellulaire met en œuvre des techniques qui lui sont propres pour transférer le paquet vers le mobile adéquat – Grâce aux adresses IP permanentes mobilité IP 110 Cellular IP : principes Cellular IP • Caches distribués • Base Stations – Wireless Access Points – Position des mobiles – IP routing replaced by Cellular IP routing – Information de routage • Gateways – Mobile IP support – Mobile Nodes use the GW@ as COA • Mobile Node – Inside the Cellular IP network, mobile nodes are identified with their home addressmobilité IP 111 mobilité IP 112 Architecture IP cellulaire Architecture dIP cellulaire Base stations • Réseau daccès contient des stations de base Gateway – Couverture de microcellules (id GSM) router – Couverture de picocellules, desservies par de petites antennes dans des espaces privatifs 3. • Souplesse de fonctionnement grâce à IP – Méthode de transmission sur linterface radio indépendante des opérations liées au routage et à la gestion de la mobilité Foreign Agent • Détection du passage dune cellule à une autre HA – Diffusion périodique dune signature de chaque station de base : voie balise – Signal pilote servant à mesurer la puissance du signal radio 1. 2. émis par chaque station de base • Stations de base câblées de manière hiérarchique Internet Mobile Access Network – Sommet = racine du domaine = passerelle Mobile IP Cellular IPmobilité IP 113 mobilité IP 114
  • 20. Architecture IP cellulaire Opérations dans le réseau Base stations • 3 opérations principales Gateway router – Paging • Localisation dun utilisateur lors de larrivée de paquets à destination 3. – Routage • Acheminement des paquets vers lutilisateurs à travers les Foreign Agent principaux éléments du réseau daccès HA – Handoff • Gestion des déplacements de lutilisateur via le réseau daccès 1. • IP cellulaire se comporte comme un système sans fil 2. – Les terminaux choisissent toujours la station de base qui diffuse le signal pilote le plus puissant Internet Mobile Access Network – Handoff : changement de station de base – Mise à jour de tous les RC lorsque la route est nouvelle Mobile IP Cellular IPmobilité IP 115 mobilité IP 116 Objectifs de Cellular IP Cellular IP • Migration facile • Réseau distribué • Bonne connectivité • Les noeuds ne connaissent pas la topologie • Support du soft handoff • Pas de base de données centralisée • Passage à l’échelle avec une complexité minimale • Bon passage à l’échellemobilité IP 117 mobilité IP 118 Cellular IP Mappings • Cellular IP nodes do not know the exact location of a • Paging cache/Routing Cache mobile • Hop by hop routing X : from G X : from C • IP addresses are mapped to ports on Cellular IP Gateway router nodes E GW C G A • Soft state mappings D X F Bmobilité IP 119 mobilité IP 120
  • 21. État de lutilisateur Localisation dun utilisateur • État actif • 2 exigences pour la réussite dune localisation – Utilisateur en train denvoyer ou de recevoir des paquets – Laisser toute la liberté à un terminal oisif – Initialisé à la suite dun paging ou dune demande démission – Position du terminal déterminée à la cellule près • Ne pas le contraindre à se signaler – Mettre en œuvre un mécanisme optimal pour atteindre le • État oisif (ou idle) terminal oisif à un coût moindre lorsquil devient actif – Permet de réduire la signalisation sur le lien radio – Lutilisateur peut rester attaché au réseau daccès tout en étant inactif • 2 procédures employées pour répondre à ces besoins – Localisé dans un groupement de cellules – Enregistrement de la localisation de temps à autre en cas • Permet daccueillir un grand nombre de visiteurs dans un dactivité même domaine • Cache de routage ou RC (Routing Cache) • Pas denregistrement à chaque passage dans chaque cellule – Emploi de paging en cas doisiveté – Si un utilisateur oisif reçoit des paquets, on sappuie sur un paging • À linitiative du nœud cherchant à localiser lutilisateur • Cache de paging ou PC (Paging Cache)mobilité IP 121 mobilité IP 122 Caches de paging Identification dun terminal oisif • Liberté de mouvement pour les utilisateurs – Ne facilite pas leur localisation home agent E – Il faut retrouver un mobile oisif pour lui transmettre un paquet C • Surplus de signalisation R G • Caches installés dans certains nœuds ou stations de Internet w/ Mobile IP R R D base foreign agent A B F – Connaissance partielle de la localisation des mobiles host – Complétée par le paging • Mise à jour des Paging Caches – Par lenvoi vers la racine dun paquet vide : paging-update – Paging-update transmis de manière périodiquemobilité IP 123 mobilité IP 124 Caches de paging Cache de routage • Permet dacheminer le flux de paquets vers lutilisateur – Routage saut par saut (hop by hop) – Enregistrement du chemin à linitiative de lutilisateur • Lorsquil envoie un paquet vers la racine, tous les nœuds intermédiaires retiennent le chemin pour lutiliser en sens inverse • Si lutilisateur cesse son activité réseau – Possibilité de se maintenir dans les RC • Transmission de paquets vides : route-update, vers la racine • Sinon, effacement sur temporisationmobilité IP 125 mobilité IP 126
  • 22. Routage Route discovery X : from F X : from C Gateway router E GW C G A D F B X – When the mobile receives PP, it sends a Route-Update Packet to the base station F which forwards it towards GW – All the RCs on the route are updatedmobilité IP 127 mobilité IP 128 Downlink routing • If there is no PC on the GW: – GW buffers the packet X : from F – GW sends a Paging Packet with the mobiles id – If the nodes have paging caches, hop by hop routing, X : from F, G otherwise, the packet is broadcast X : from G X : from C Gateway router E GW C G A D F B Xmobilité IP 129 mobilité IP 130 Handoff Summary • Use of the home address • Initiated by the mobile • No temporary address • When a mobile gets close to a new BS, it redirects its • No encapsulation packets to the new BS • The mobile sends the gateway address to the HA • The first packet redirected configures a new route • GW@ is learnt by the BS • The packets are send to the old and new BS during a certain timemobilité IP 131 mobilité IP 132
  • 23. Solutions de micro mobilité Hawaii • Enregistrements régionaux HMIP • Cellular IP • Hawaiimobilité IP 133 mobilité IP 134 HAWAII (Lucent) (Lucent) Hawaii Domain Domain Root Internet Root Router 2 Router 1 1 1 3 R1 R0 2 3 2> port 2 1 1 1 R2 3 2 3 2 3 2>port 2>wireless, BS3 BS4 BS1 BS2 RReq RRep MY IP: BS IP:é IP 135 mobilité IP 136 Routing Update (1) Routing Update (2)mobilité IP 137 mobilité IP 138
  • 24. Hawaii Plan • Introduction Home – Qu’est-ce que la mobilité IP ? Source Réseau Agent • Architecture Mobile IP (1) -> B • Mécanismes de mobilité IP Domain Routeur – Découverte d’agent Base Station A Root B A – Enregistrement n°1 Router B – Tunnelage (0) -> A (1) -> B • Fonctionnalités avancées Base Mobile Mobile Station Host déplacement Host n°2 • Micro-mobilité IP: IP: • Support de mobilité fourni par IPv6 Domaine HAWAII ( Message HAWAII Paquets IP • Mobile IP & 3G Message Mobile IP Tunnel • Conclusionmobilité IP 139 mobilité IP 140 IPv6 mobility IPv4 vs IPv6 Vers = 4 IHL Type of service Total length IPv4 Identification Flags Fragment Offset TTL Protocol Header Checksum Source Address Destination Address Options... Vers = 6 Traffic Class Flow Label Payload Length Next Header Hop Limit IPv6 Source Address Destination Addressmobilité IP 141 mobilité IP 142 Mobile IPv6 Main functionnalities in IPv6 • IPv6 mobility relies on: • The correspondents must – New functionnalities in IPv6 – Have a binding in their binding cache – A native support of mobility – Learn the location of the mobile by handling Binding Updates – Route the packets directly to the mobile (Routing Header) • A global and unique IPv6 address is assigned to each mobile node: the Home Address • The HA must – This address identifies the mobile – Be a router on the mobiles home network – Intercept the packets on the home network – Tunnel (IPv6 encapsulation) these packets directly to the mobile • A mobile is able to communicate directly with mobile nodes (no triangle routing)mobilité IP 143 mobilité IP 144
  • 25. Reaching the mobile IPv6 Destination options • A mobile can always be reached via its HA • Binding Update : – To inform the HA or the correspondents of the new COA • A mobile on a visited network always has a COA (self- • Binding request configuration) – Ask for a BU. Used when a correspondent thinks its binding will soon expire • The Router Advertisement indicates the subnetwork’s • Binding Acknowledgement prefix – Sent by the HA. Acknowledges a BU containing the COA • Combination of this prefix with the MAC address • Home Address – Included in every IPv6 packet from the mobile to its correspondent • Movement detection is also accomplished with Neighbor J The packet is supposed to be originated from the home network and not the visited network Discovery procedures L Uses 144 bits in the header of every packet • Multi-homingmobilité IP 145 mobilité IP 146 Cache association management The IETF model Home network • Every time a mobile moves it sends a Binding Update (BU): HA • The BU includes a lifetime Correspondent Internet • The mobile keeps a list of the correspondents to BA BU which it sent a BU BU IP_temp, IPHA HA BU ….. IPv6 header Op. Op. Data • The temporary address sent to the HA is called the Dest. Dest. principal COA Mobile BU : Binding Update BA : Binding Ack.mobilité IP 147 mobilité IP 148 BU format Binding Acknowledge message • ACK message based on a destination header extension Option Type Option Type Option Length Option Length Status Sequence Number A H C Reserved Prefix Length Sequence Number Lifetime Lifetime Refresh Care-of Address Home Agents List (present only if C bit set) A packet with the BU option • Sent if the A bit is set in the BU sent by the mobile must also contain an authentication header • Also includes an authentication headermobilité IP 149 mobilité IP 150
  • 26. Binding Request & Home Address IPv6 Nodes • Allows the correspondents to update their bindings Handling IPv6 mobility forces the nodes to implement some functionnalities: • Be able to receive and handle BUs Option Type Option Length • Send BAs • Use Routing Header • Store the principal address of the mobile • Maintain a Binding Cache An IPv6 node must be able to Option Type Option Length • Do IPv6 decapsulation • Send BUs and receive BAs Home Address • Maintain a list of BUs sentmobilité IP 151 mobilité IP 152 IPv6 routers HA discovery • Modification of the Routing Advertisement (RA) message of Neighbor Discovery At least one router on the mobiles home network may act as a HA • Add an option to the RA message A HA must: – Maintain a Binding table • Modify the minimal time (3 seconds) between two RAs (1 – Intercept packets in the mobiles home network message/sec) – Encapsulate these packets and send them to the mobiles COA • Send a BU (with the H bit set) to the anycast address of the HAsmobilité IP 153 mobilité IP 154 IPv6 and mobility (1) IPv6 and mobility (2) • IPv6 represents an almost perfect protocol basis for mobile networking – First, the attendant address configuration protocols allow each Home Network Registration Visited Network 2 Mobile Node to obtain a Care-of Address without the need for Foreign Agents which disappear from the architecture – Second, IPsec implementation is mandatory to IPv6 compliant Home Agent systems. This resolves security pitfalls by providing a Mobile Node widely available and standardized security architecture • Particularly, mobility bindings are now done by the Mobile Internet ate pd gu Nodes themselves d in b in – Third, the destination options IPv6 header extension provides et+ ck means to sending mobility bindings updates from the pa st Mobile Nodes directly to Correspondent Nodes very efficiently Fir Mobile Node • This simplifies the smooth handoff procedure Visited Network 1 Correspondent Nodemobilité IP 155 mobilité IP 156
  • 27. Data mobility perspectives • The Mobile IP architecture is being finalized at the IETF with its basic mechanisms already terminated and some enhanced functionalities being added progressively • The market opportunities for this architecture are huge Conclusion and perspectives and should follow the explosive growth of both computer/Internet industries on the one hand and mobile telephony on the other hand • Some work still has to be done however to integrate both approaches by having a single network infrastructure for both Mobile IP and other mobility approaches such as the third generation of Mobile Cellular Networks (UMTS) • This conforms to the global “service integration over a consolidated network infrastructure” trend for public networks mobilité IP 158 HMIPv6 HMIPv6 HA CN • MAP (Mobility Anchor Point) • The access routers send the – Minimizes interruptions due to handoffs MAPs IPv6@ in RAs Internet • The mobile may roam and • The mobiles use the MAPs IP@ as COA keep the same MAP MAP • MAP receives the packets and delivers them • If the mobile changes its to the mobile MAP, it sends a new BU to Access Router Routeur d1 Access Router its HA and correspondentsmobilité IP 159 mobilité IP 160 HMIPv6 Plan HA CN • Introduction – Qu’est-ce que la mobilité IP ? BU • Architecture Mobile IP Internet • Mécanismes de mobilité IP – Découverte d’agent Data – Enregistrement BU – Tunnelage MAP IPv6MobHA -> IPv6MobCOA IPv6Map • Fonctionnalités avancées • Micro-mobilité • Support de mobilité fourni par IPv6 Access Access Router BU Router • Mobile IP & 3G RA • Conclusion IPv6MobHA IPv6MobCOAmobilité IP 161 mobilité IP 162
  • 28. Mobile IP and 3G MIP-UMTS standardized architecture MIP-mobilité IP 163 mobilité IP 164 MIP-UMTS other solutions (1/2) MIP- MIP-UMTS (2/2) MIP-mobilité IP 165 mobilité IP 166 3GPP Network Reference Architecture – R5 Mobile IP in UMTS Applications & Multimedia Services IP Multimedia Mm IP Networks CSCF Subsystem Mw PSTN SCP Mg CSCF MGCF Legacy mobile MSC signalling Mi Mj T-SGW RNC Cx Mc Network CAP Mr Ms BGCF PSTN/ Gi Legacy/External SS7 MRF MGW UMS R-SGW HLR/AuC HSS Mb Gi Gi CS Domain Gr 3G-HLR SGSN 3G-HLR Gc G-MSC Server Router 3G-SGSN3G-HLR Gn 3G-GGSN Application Emergency PS Domain Lg Gi MSC Server Service Services Network Control GMLC Transport UTRAN BSS/ GGSN RAN Firewall GERAN Router Signaling only Multimedia SGSN : Serving GPRS MT TE User Data and Signaling IP Networks Support Node Fundamental requirement to support evolution from current GGSN : Gateway GPRS GSM Circuit switched and GPRS Packet switched network in support Support Nodemobilité IP IP Multimedia Domain for IP based services support for UMTS. Of an 167 mobilité IP 168
  • 29. Data mobility perspectives • The Mobile IP architecture is being finalized at the IETF with its basic mechanisms already terminated and some enhanced functionalities being added progressively • The market opportunities for this architecture are hugeConclusion and perspectives and should follow the explosive growth of both computer/Internet industries on the one hand and mobile telephony on the other hand • Some work still has to be done however to integrate both approaches by having a single network infrastructure for both Mobile IP and other mobility approaches such as the third generation of Mobile Cellular Networks (UMTS) • This conforms to the global “service integration over a consolidated network infrastructure” trend for public networks mobilité IP 170