SlideShare a Scribd company logo

Cours mobilitep

Rokitta Apollonia
Rokitta Apollonia
TechnologyEducation
1 of 29
Download to read offline
Mobilité IP Introduction Plan Différents types de mobilité • Introduction – Qu’est-ce que la mobilité IP ? Home Network Mobile Cellular • Architecture Mobile IP Network • Mécanismes de mobilité IP – Découverte d’agent POP – Enregistrement POP Mobile host – Tunnelage Internet POP Visited LAN • Fonctionnalités avancées POP • Micro-mobilité Mobile host • Support de mobilité fourni par IPv6 PSTN Mobile host • Mobile IP & 3G Mobile host • Conclusion mobilité IP 3 mobilité IP 4 Différents types de mobilité Mobilité IP ≠ LANs sans fil (WLAN) • LANs sans fil aujourd’hui : – IEEE 802.11, Bluetooth … – AP IEEE 802.11 AP = pont entre le réseau fixe et le réseau sans • Nomadisme (DHCP) fil • Ordinateurs mobiles (Mobile IP, IEEE 802.11) • handoffs de niveau 2 supportés mais PAS la • Réseaux mobiles (réseaux Ad-hoc) mobilité IP (les handoffs sont supportés au sein d’un même sous-réseau IP) • Besoin de protocoles fournissant un service de localisation • Mobilité IP ≠ Interface sans fil mobilité IP 5 mobilité IP 6
Différents types de mobilité Différents types de mobilité mobilité IP 7 mobilité IP 8 Mobilité Introduction Mobile IP (1) Address: Home Address Mobile node • Sillage des réseaux GSM – Mobilité = nécessité pour les utilisateurs d’un système de Home Network communication Data – Tous les réseaux existants se donnent pour mission de Correspondent Internet Base station proposer ce service • Standard TCP/IP : réseau le + étendu au monde – Principe Anywhere, Any Time, Network Access – Réseau IP : l’une des principales sources d’information mobilité IP 9 mobilité IP 10 Introduction Mobile IP (2) Cahier des charges pour l’architecture de mobilité IP • Échelle planétaire : • Two major requirements arise when considering IP mobility: – Quasi-totalité des réseaux fournissent une entrée au réseau – Application transparency : Dealing with a mobile Internet configuration should not necessitate a mobile-aware – Avec mobilité : garantie d’un accès universel, simple application. This is needed in order to avoid application d’emploi et pratique replacement on all Internet hosts! • Groupe de travail de l’IETF : proposition IP Mobile – Seamless roaming : When a user goes out of his corporate – Proposer une localisation planétaire par l’adresse IP network and roams around in the Internet, the requirement is (à l’instar du roaming du GSM) to assure a seamless Internet communication between this user and his correspondents whatever the access network used by the mobile roaming user • IP préexiste au concept nomade – GSM doté dès l’origine de telles fonctions • Dealing with mobility at the IP layer provides a way to – IP : « bricolage » de solutions pour ajouter la mobilité answer the above requirements mobilité IP 11 mobilité IP 12
Problématique de la mobilité dans IP Why isn’t IP mobility simple? (1) • Difficultés pour intégrer à IP de nouvelles fonctions • The complexity comes from the current use of IP addresses. devant offrir la mobilité • An IP address is used to – identify a particular end-system. In this respect, IP addresses are equivalent to FQDNs (Fully Qualified Domain Names) and the equivalence is maintained in a DNS, Domain Name Server – identify a particular TCP session in an IP host since a TCP socket consists of a (destination IP address, destination port number) couple – determine a route to a destination IP host. • The first two uses come into contradiction with the third use when mobility is considered mobilité IP 13 mobilité IP 14 IP mobility: routing mobility: Why isn’t IP mobility simple? (2) • The first use supposes that a host’s IP address should never change since the DNS should always point to the 132.227.61.0 same IP address Data for the mobile is routed to its • The second use supposes that a host’s IP address should home network 132.227.61.30 132.227.61.31 132.227.61.32 never change during a TCP session otherwise the session would be lost Internet Roaming • The third use supposes that when the host is roaming outside its home network (the network which has the 135.139.18.0 prefix of the host’s IP address), it should change its address (and take an address with a prefix given by the visited network) in order to receive the datagrams Correspondent 135.139.18.12 135.139.18.13 destined to it mobilité IP 15 mobilité IP 16 Why isn’t IP mobility simple? (3) Mobile IP standardization process • A possible answer to the third constraint would be to use a DHCP (Dynamic Host Configuration Protocol) server in order • The standardization of Mobile IP is being mainly carried out at the to obtain an address on the visited network IETF (Internet Engineering Task Force) • The IP Routing for Wireless/Mobile Hosts (MobileIP) Working • This however poses a problem with the first two constraints Group is in charge of defining and specifying the Mobile IP architecture and protocols – First, the IP address of a host having changed, the DNS in • The major architecture components are already in the standards the home network should be updated by the mobile host track (Request For Comments, RFCs 2002-2006) on the visited network. This may be very dangerous on a security standpoint! • Some very interesting enhanced functionalities are still considered as work in progress and specified in Internet Drafts – Second, this solution can not provide a seamless continuous • These documents and other related information may be found at the mobility capability since when the mobile host’s IP address is mobileip WG home page on the Web : changed, all TCP sessions involving this host should be http://www.ietf.org/html.charters/mobileip-charter.html dropped and reinitialized with the new IP address mobilité IP 17 mobilité IP 18
Plan • Introduction – Qu’est-ce que la mobilité IP ? • Architecture Mobile IP • Mécanismes de mobilité IP – Découverte d’agent Overview of the IP mobility architecture – Enregistrement – Tunnelage • Fonctionnalités avancées • Micro-mobilité • Support de mobilité fourni par IPv6 • Mobile IP & 3G • Conclusion mobilité IP 19 Functional entities The Mobile IP basic concept • The Mobile IP architecture resolves the above contradiction • Mobile node : A host or a router that roams from one by using 2 IP addresses for a mobile host : network or subnetwork to another outside its home network without changing its long term IP address (the home address) – The Home address is a permanent address used to identify uniquely the IP host on the Internet (answers the • Home agent : This is typically a router on a mobile node’s two first IP addresses constraints) home network which delivers datagrams to departed mobile nodes, and maintains current location information for each – The Care-of address is a temporary address used to route the datagrams destined to the mobile host to the • Foreign agent : This is typically a router on a mobile node’s current attachment point of this host (answers the last IP visited network that collaborates with the Home agent to addresses constraint) complete the delivery of datagrams to the mobile node while it is away from home mobilité IP 21 mobilité IP 22 Plan Main functions • Introduction – Qu’est-ce que la mobilité IP ? • Agent Discovery : • Architecture Mobile IP – Home Agents & Foreign Agents send advertisements on the link. A mobile can ask for advertisements to be sent. • Mécanismes de mobilité IP – Découverte d’agent • Registration : – Enregistrement – Tunnelage – When a mobile is away, it registers its temporary address with its home agent • Fonctionnalités avancées • Tunneling : • Micro-mobilité – The packets for the mobile are intercepted by the HA and tunnelled to the mobile • Support de mobilité fourni par IPv6 • Mobile IP & 3G • Conclusion mobilité IP 23 mobilité IP 24
Mobile IP Protocol overview 1. Home Agent & Foreign Agent broadcast or multicast Home Network Home Address ® Care-of Address agent advertisements on their respective links. Home Agent Home Address ® IP T Care-of Address 2. Mobile nodes listen to Agent Advertisements. They IPsrc = Home Agent unn el examine the contents of these advertisements to IPDst = Foreign Agent Foreign Network determine whether they are on the home or on a Tunnel Header Data Internet Agent a dvertise visited network Header ment Re gis IPsrc = Host tra t Foreign Agent 3. A mobile node on a visited network acquires a IPDst = Mobile ion temporary address (care of address) Header Data Mobile Node The mobile is on Correspondent its Home Network mobilité IP 25 mobilité IP 26 Protocol overview 4. The mobile registers its COA with its home agent 5. The Home Agent sends ARP on the Home Network IP mobility mechanisms (IP@ <-> MAC@). The packets for the mobile are intercepted and sent to the current position of the Agent discovery mobile Registration 6. The packets arrive to the COA and are decapsulated in order to extract the original packet Tunneling 7. The packets from the mobile are sent directly to the correspondents mobilité IP 27 Agent Discovery Agent Discovery • Process by which the mobile detects where it is attached (home or visited network) • Allows the mobile to determine a COA when the mobile is on a visited network • Based on 2 types of messages: – Agent Advertisement : broadcast or multicast by the agents – Agent Solicitation : sent by a mobile which does not want to wait for an AA • Message authentication mobilité IP 29 mobilité IP 30
Agent Solicitation Message Mobile Agent Discovery • An extension, called the Mobility Agent extension, is appended to ICMP Router Advertisement to constitute the Agent Advertisement message Vers = 4 IHL Type of Service Total Length Identification Flags Fragment Offset TTL = 1 Protocol = ICMP Header Checksum IP header (RFC 791) • A Foreign Agent uses the Agent Advertisement message in order Source Address = Mobile node ’s Home Address to indicate the Care-of Address to a Mobile Node Destination Address = 255.255.255.255 or 224.0.0.2 ICMP Router Type =10 Code = 0 Checksum Solicitation Reserved (RFC 1256) • A Home Agent uses the Agent Advertisement message so that a Mobile Node knows when it has returned to its Home Network • A Mobile Node is allowed to send ICMP Router Solicitation messages in order to elicit a Mobility Agent Advertisement mobilité IP 31 mobilité IP 32 Mobile Agent Discovery Agent Advertisement Message Getting a COA Vers = 4 IHL Type of Service Total Length • A Care-of Address may be obtained from the Foreign Agent by Identification Flags Fragment Offset an Agent Advertisement. TTL = 1 Protocol = ICMP Header Checksum IP header (RFC 791) – It may also be obtained from a RAS (Remote Access Server) Source Address = Home/Foreign Agent ’s Address on this link implementing PPP or from a DHCP server on a foreign LAN. Destination Address = 255.255.255.255 or 224.0.0.1 Type =9 Code Checksum – In this case the Care-of Address is said to be collocated Num Addrs Add Entry Size Lifetime (of this Advertissement) since it is directly assigned to the Mobile Node interface and Router Address [1] ICMP Router Advertisement not to a Mobile Node through a Foreign Agent. Preference Leve [1] (RFC 1256) Router Address [2] Preference Leve [2] • For a collocated Care-of Address, the tunnel terminates at the ... Mobile Node interface Type = 16 Length Sequence Number (Maximum) Registration Lifetime R B H F M G V Reserved Mobility Agent Advertisement Care-of Address [1] Extension Care-of Address [2] (RFC 2002) ... Type = 19 Length Prefix Length [1] Prefix Length [2] Prefix Length Extension Optional ... (RFC 2002) mobilité IP 33 mobilité IP 34 Mobile Agent Discovery Mobile Agent Discovery Mobility Agent Advertisement Extension • Flags: • It is based upon an extension of the ICMP (Internet – R=Registration required at the Foreign Agent Control Message Protocol) Router Discovery protocol – B=Busy – H=Home Agent – F=Foreign Agent • A router periodically broadcasts ICMP Router – M,G,V indicate the encapsulation type Advertisement messages on the different directly • Type identifies the Mobility Agent Advertisement extension attached subnetworks • Length is the total length of this extension which depends on the number of Care-of Addresses • This allows the hosts on these subnets to discover the • Lifetime specifies the duration of the Care-of Address support on the router Foreign Agent • For a Home Agent, Zero Care-of Address is advertised • For a Foreign Agent, typically one Care-of Address is advertised • Sequence Number is incremented at each Advertisement mobilité IP 35 mobilité IP 36
Registration • Functionnalities – Ask for routing functionnalities of the FA – Tell the HA the new location of the mobile – Update a binding which is about to expire – De-register the mobile when it is back on its home network Registration • Triggered as soon as the mobile detects it changed its point of attachement • Use of the information obtained by agent discovery to determine the type of registration to be done • Two registration procedures – With the « Foreign Agent » – With the temporary address of the mobile mobilité IP 38 Registration Registration • Once the Mobile Node receives a Care-of Address, it should register its (Home Address, Care-of Address) binding at his Home Agent Mobile 2. Registration Request. 1. • This is done using 2 messages : – Registration Request Internet – Registration Reply Foreign Agent Home Agent • They both use a UDP/IP service 4. 3. Registration Reply. mobilité IP 39 mobilité IP 40 Registration Registration Request Registration 1 byte 1 byte 1 byte 1 byte Vers = 4 IHL Type of Service Total Length Type SBDMGVrsvd Lifetime Identification Flags Fragment Offset IP header TTL Protocol = UDP Header Checksum (RFC 791) Source Address Home Address Destination Address Source Port Destination Port = 434 Home Agent Length Checksum UDP header (RFC 768) Type =1 S B D M G V Rsv Lifetime Care-of Addresses... Mobile Node’s Home Address Registration Home Agent Address Request Care-of Address (RFC 2002) Identification Identification Extensions mobilité IP 41 mobilité IP 42
Registration Registration Request Registration Request • Flags : • Registering with the FA – S=Simultaneous Registrations (multiple Care-of Adresses) – The FA receives the message and may reject it: – B=Broadcast • Invalid authentication – D=Care-of Address collocated with the Mobile Node • The lifetime value exceeds what may be accepted by the FA – M,G,V indicate the encapsulation type • The mobile wishes to use a tunneling type not supported by the FA • Type identifies the Registration message • The FA has not enough resources • Lifetime specifies the duration of the mobility addresses binding – Otherwise, it forwards the request to the HA • Home Address is bound to the Care-of Address • Home Agent identifies the Home Agent that should register the • Registering with the HA binding – The HA also checks the registration should be accepted (same • Identification is used to protect against replay attacks and allows to conditions) correlate a Registration Request with a Registration Reply message – If it is accepted, the HA • Updates its binding table • The Mobile-Home authentication extension is used to authenticate • Sends a proxy ARP message on the local link the Mobile Node at the Home Agent • Sends a registration reply mobilité IP 43 mobilité IP 44 Registration Registration Reply Registration Reply 1 byte 1 byte 1 byte 1 byte Vers = 4 IHL Type of Service Total Length Type Code Lifetime Identification Flags Fragment Offset IP header TTL Protocol = UDP Header Checksum (RFC 791) Source Address Home Address Destination Address Source Port Destination Port = 434 UDP header (RFC 768) Home Agent Length Checksum Type =3 Code Lifetime Mobile Node’s Home Address Registration Home Agent Address Identification Reply (RFC 2002) Identification Extensions mobilité IP 45 mobilité IP 46 Registration Registration Reply Registration Reply • Type identifies the Registration message • The FA receives a registration reply • Lifetime specifies the duration of the mobility addresses binding – If the RR is invalid, the agent sends a Registration Reply describing the reason why the registration was rejected • Home Address identifies the Mobile Node to which this message is – Otherwise, the agent related • Updates its binding table • Home Agent identifies the Home Agent having registered the • Forwards the message to the mobile binding • Starts to handle the messages for the mobile • Identification is used to protect against replay attacks and allows to • Reception of the RR by the mobile correlate a Registration Request with a Registration Reply message – If the registration was rejected, the mobile tries to change its registration • The Mobile-Home authentication extension is used to authenticate procedure the Home Agent at the Mobile Node – Otherwise the mobile updates its routing table • Code gives the result of the registration – 0 : registration accepted – 66, 69, 70... : registration denied by the Foreign Agent – 130, 131, 133... : registration denied by the Home Agent mobilité IP 47 mobilité IP 48
Registration Exemple • Via le Foreign Agent : • Adresse home du mobile node =129.34.78.5 FA • HA du mobile node = 129.34.78.254 • FA address = 137.0.0.11 FA • FA care of address = 9.2.20.11 • Home node source port = 434 temps FA HA • Mobile node source port = 1094 • FA source port = 1105 FA HA • Care-of-address registration lifetime = 60000 s • HA granted lifetime = 35000 s FA mobilité IP 49 mobilité IP 50 Exemple Exemple Agent advertisement IP header fields ICMP header Router Adv. header Mobile service extensions Home -> Foreign S=137.0.0.11 Type=9 Lifetime=60000 IP header fields UDP header Mobile-IP message fields Authentication Ext. D=255.255.255.255 code=16 COA=9.2.20.11 F=1 S= 129.34.78.254 Type = 3 S=434 SPI=303 Mobile -> Foreign D= 9.2.20.11 D=1105 lifetime=35000 TTL=64 COA=9.2.20.11 IP header fields UDP header Mobile-IP message fields Authentication Ext. HA=129.34.78.254 MA=129.34.78.5 S=129.34.78.5 S=1094 Type = 1 SPI=302 D= 137.0.0.11 D=434 lifetime=60000 Foreign -> Mobile TTL=1 COA=9.2.20.11 HA=129.34.78.254 IP header fields UDP header Mobile-IP message fields Authentication Ext. Foreign ->home MA=129.34.78.5 S= 137.0.0.11 S=434 Type = 3 SPI=303 IP header fields UDP header Mobile-IP message fields Authentication Ext. D= 129.34.78.5 D=1094 lifetime=35000 TTL=1 HA=129.34.78.254 S=9.2.20.11 S=1094 Type = 1 SPI=302 MA=129.34.78.5 D= 129.34.78.254 D=434 lifetime=60000 TTL=64 COA=9.2.20.11 HA=129.34.78.254 mobilité IP MA=129.34.78.5 51 mobilité IP 52 Exemple Exemple Annuler l’enregistrement (au retour au réseau home) : Mobile ->home IP header fields UDP header Mobile-IP message fields Authentication Ext. S=129.34.78.5 S=1094 Type = 1 SPI=302 D= 129.34.78.254 D=434 lifetime=0 Agent advertisement TTL=1 COA=129.34.78.5 HA=129.34.78.254 IP header fields ICMP header Router Adv. header Mobile service extensions MA=129.34.78.5 S=129.34.78.254 Type=9 Lifetime=35000 Home -> Mobile D=255.255.255.255 code=16 no COA H=1 IP header fields UDP header Mobile-IP message fields Authentication Ext. S= 129.34.78.254 S=434 Type = 3 SPI=303 D= 129.34.78.5 D=1094 lifetime=0 TTL=1 COA=129.34.78.5 HA=129.34.78.254 MA=129.34.78.5 mobilité IP 53 mobilité IP 54
De-registration De- Discovering the HA's address De-registration Request. Mobile Node • Manual configuration on the mobile • Automatically Internet – By broadcasting a registration request Home Agent De-registration Reply mobilité IP 55 mobilité IP 56 Learning the HA address Learning the HA address Mobile Node Mobile Home Agent Home Agent Home Agent Home Agent Internet Internet Foreign Agent Foreign Agent Home Agent Home Agent mobilité IP 57 mobilité IP 58 Learning the HA address Movement detection Mobile Home Agent • Using the lifetime field – If the lifetime expires, the mobile supposes it has attached Home Agent to a new link or the agent has failed. It waits for an Agent Advertisement or sends an Agent Sollicitation Internet Foreign Agent Home Agent • Detection using the network prefix mobilité IP 59 mobilité IP 60
Routing Interception by the HA • To the home network • 2 possibilities – The packets for a mobile are always sent to its home – Accessibility advertisement : network – No specific routing –conventional routing only on HA routers with several interfaces – If the mobile sends data, it behaves as any other node on the Internet – Using the proxy ARP Mobile's IP@ <-> HA's MAC@ • To a visited network Updated by the HA and by the mobile node when it returns on its – A router on the local link broadcasts an ARP request to home network inform the packets for the mobile should be sent to it. – The packets are intercepted by the HA and tunnelled to the mobile's COA(s) – At the end of the tunnel, they are decapsulated and delivered to the mobile mobilité IP 61 mobilité IP 62 Packet interception by the HA Home Network configurations Cible/Taille du prefixe Prochaine saut Interface 195.2.20.0/24 direct 1 Couche supérieures (TCP/UDP défaut/24 202.1.4.254 2 191.2.2.2/32 192.2.2.253 v1 IP Gateway Physical Home Network A Home Interface v1 Internet Agent Interface 1 Interface 2 (tunnel enc.) Routage sur l’agent mère 195.2.20.253 202.1.4.253 Cible/Taille du prefixe Prochaine saut Interface B Physical Home Network 130.79.80.0 direct 1 Couche supérieures (TCP/UDP Internet 192.2.2.0/24 192.2.2.254 2 Gateway/ 191.2.2.2/32 direct 1 IP Home Agent Interface v1 Interface 1 Interface 2 (tunnel déc.) Virtual Home Network Routage sur le foreign agent 130.79.80.254 192.2.2.253 C Internet Gateway/ Home Agent mobilité IP 63 mobilité IP 64 Proxy and Gratuitous ARP Security • In the cases A and B above, the Home Agent should intercept the datagrams intended to Mobile Nodes using a Proxy ARP mechanism • In the case C, all datagrams intended to Mobile nodes will be naturally intercepted by the Home Agent. Here, all the hosts are outside their Home Network which become a Virtual Network • Gratuitous ARP should be used by the Home Agent in order to change the ARP cache entry for a roaming Mobile node’s Home Address on the Home Network • When the Mobile Node gets back to its Home Network, Gratuitous ARP should again be used by the Mobile Node itself to restore the ARP cache entry mobilité IP 65 mobilité IP 66
Security aspects (1) Security aspects (2) 1 byte 1 byte 1 byte 1 byte • The security issue is fundamental for registration messages otherwise impersonation and session hijacking attacks would be trivial Type Length SPI • Authentication should be applied to these messages • The Mobile IP architecture specifies its own security mechanisms for use SPI continued Authenticator with IPv4 since IPsec, the new standardized security architecture, is not mandatory with IPv4 Authenticator continued... • An authentication extension is thus appended to each of the above messages • Type identifies the authentication extension (Mobile-Home, Home Agent- • The default authentication algorithm is a keyed-MD5 in prefix + suffix Foreign Agent,...) mode • SPI specifies the authentication context (algorithm, mode, key...) • The result of the authentication is thus a 128 bit message digest • The Authenticator is calculated over the entire message + this authentication transmitted in the authentication extension extension mobilité IP 67 mobilité IP 68 Firewalls and packet filtering problems (1) Firewalls and packet filtering problems (2) • Ingress filtering is often applied in the border gateway of a corporate network playing the role of a firewall This datagram Correspondent Home cannot be Agent accepted on • This prevents Mobile Node generated datagrams to reach the this interface! Internet coming from the Visited Network This datagram HA cannot be CN A accepted on • Solutions Gateway/Firewall this interface! – Send datagrams with Source Address=Care-of Address Þ this Visited Network is a loosing proposition because it runs counter to the Home Network Internet HA C architecture NA – Send datagrams encapsulated in an outer IP header with Source Address=Care-of Address Þ this is a better Foreign Agent/ proposition but the Correspondent Nodes are not required to Gateway/Firewall be able to do the decapsulation Þ Encapsulated datagrams may be sent to the Home Agent which sends them back to the Correspondent Node Þ this is a suboptimal solution on the routing standpoint mobilité IP Mobile host 69 mobilité IP 70 Firewalls and packet filtering problems (3) • Correlated problem : the firewall on the Home Network side should also filter all datagrams coming from the Internet with a Source Address corresponding to an inner address (with the same prefix as the Home Network) Tunneling • Solutions : – If the Home Agent is collocated with the Gateway/Firewall, the firewall will know when such datagrams should be accepted – Otherwise, a protocol between the Home Agent and the Firewall may be necessary – Finally, a solution may consist in tunneling all such datagrams to the Home Agent which should play the role of a bastion host and be attached to a DMZ for safety mobilité IP 71
Datagram Tunneling Reminder : IPv4 header format • A Correspondent Node sends datagrams to a Mobile Node with the Destination Address field containing the Mobile Node’s Home Address 1 byte 1 byte 1 byte 1 byte • Based on the destination address, these datagrams reach the Home Network Vers. IHL TOS Total Length • There, the Home Agent intercepts the datagrams and encapsulates them into an outer IP header that tunnels the Identification Flags FO initial datagrams to the Foreign Agent or directly to the Mobile Node (in the case of a collocated Care-of Address) TTL Protocol Header Checksum • Multiple encapsulation schemes may be used including : Source IPv4 address (4 bytes) – IP-within-IP encapsulation – Minimal encapsulation Destination IPv4 address (4 bytes) • The datagrams sent by the Mobile Node reach directly the Correspondent Node Options Padding mobilité IP 73 mobilité IP 74 IP-within-IP encapsulation IP- within- Minimal encapsulation Minimal encapsulation header New IP hdr Orig IP hdr TCP/UDP Data New IP hdr TCP/UDP Data • The original IP header remains unchanged when transmitted in 1 byte 1 byte 1 byte 1 byte the tunnel (the TTL field is decremented) – Source Address : Correspondent Node Address Protocol S Reserved Header Checksum – Destination Address : Mobile Node’s Home Address Original Destination Address : • The new IP header has : Mobile Node’s Home Address Original Source Address (if present) : – Source Address : Home Agent Address Correspondent Node’s Address – Destination Address : Care-of Address • S indicates the presence of the Original Source Address field • When fragmentation is needed, it should be done at the inner IP • Minimal encapsulation limits the number of supplementary datagram level otherwise the fragments won’t transport the Mobile bytes necessary for tunneling Node’s Home Address used at the Foreign Agent to send the decapsulated datagram on the right data link • It prevents however from performing fragmentation mobilité IP 75 mobilité IP 76 Soft Tunnel State Plan • It is interesting to maintain at the Home Agent level (the entry point • Introduction of the tunnel) a number of parameters on the state of each – Qu’est-ce que la mobilité IP ? established tunnel. • Architecture Mobile IP • These parameters constitute the Soft Tunnel State and include : • Mécanismes de mobilité IP – The Path MTU on this tunnel for fragmentation purposes – Découverte d’agent – Enregistrement – The state of the tunnel (broken or not) – Tunnelage – The Correspondent Node using the tunnel • Fonctionnalités avancées • The Home Agent may then relay ICMP error messages to the • Micro-mobilité Correspondent Node source of the tunneled datagrams • Support de mobilité fourni par IPv6 • Typically, ICMP host unreachable messages are sent back to the Correspondent Node when the datagrams are not delivered through • Mobile IP & 3G the tunnel • Conclusion mobilité IP 77 mobilité IP 78
Enhanced functionnalities Routing optimisation • Optimisation du routage • Goal : Avoid triangle routing • Smooth handoff • Idea: – Tell the correspondents the current position of the mobile node • Problem: – Change the correspondent's IP stack mobilité IP 79 mobilité IP 80 Triangle Routing Route optimization (1) • The basic Mobile IP mechanisms create a Triangle Routing between the Correspondent Node, the Home Agent and the Home Network Mobile Node. • This Triangle Routing is far from being optimal especially in the case of a Correspondent Node very close to the Mobile Home Agent Node Tun • Route optimization consists of eliminating this problem ne l Visited Network • This is done by updating the Correspondent Node giving it the Internet mobility binding (Home Address, Care-of Address) of the Mobile Node Foreign Agent • For security purposes, it is the responsibility of the Home Mobile Node Agent to send the mobility binding to the Correspondent Nodes that need them Correspondent Node mobilité IP 81 mobilité IP 82 Route optimization (2) Route optimization (3) • Binding updates are authenticated by a route optimization authentication extension (same as for the Mobile-Home Home Network authentication extension) • Route optimization offers an efficient routing technique but Home Agent supposes that the Correspondent Nodes are able to Bin Bin implement the route optimization protocol d in din Internet Visited Network gu g re Foreign Agent pda que HA CN A • This may be the main reason why this mechanism has not yet te(H st ( oA CN A been definitively adopted as an RFC HA A, AC CN C ) HA oA Mobile Node ,L ifet CN A ime HA ) Correspondent Node mobilité IP 83 mobilité IP 84
Foreign Agent - Smooth Handoff Smooth handoffs (1) • When a mobile moves, it registers with a new FA Home Network Registration Visited Network 2 • Goal: Tell the old FA the current position so that the Advert iseme packets in transit are redirected to the mobile (avoid nt losses and retransmissions) Foreign Agent 2 Home Agent Mobile Node • Protocol: Visited Network 1 Bindin – The mobile registers with the new FA and tells the address of its Internet old FA gu – The new FA sends a BU to the old FA so that it forwards the pdate packets to the new location of the mobile Foreign Agent 1 Mobile Node Correspondent Node What about the transition? mobilité IP 85 mobilité IP 86 Smooth handoffs (2) Smooth handoffs (3) • During the handoff, it is important that the datagrams intended to the Mobile Node and received by the previous Foreign Agent not be lost Home Network Registration Visited Network 2 Advert • A smooth handoff may be obtained if the previous Foreign Agent iseme nt receives a binding update with the new Care-of Address of the Mobile Foreign Agent 2 Node allowing it to relay the datagrams to the new Foreign Agent Binding update Binding Ack Home Agent Mobile Node • This is best achieved if it remains a local mechanism between the Bindin Mobile Node and both the current and previous Foreign Agents (the Internet Home Agent is too far to perform this binding update) gu pdate Foreign Agent 1 • This poses however a security problem since it is highly improbable, in the current state of Internet security, that an authentication security Mobile Node association be established between the Mobile Node and the Foreign Agents Visited Network 1 Correspondent Node mobilité IP 87 mobilité IP 88 Smooth handoffs (4) Plan • Introduction • If the previous Foreign Agent does not hold the new mobility binding – Qu’est-ce que la mobilité IP ? for the Mobile Node, it may send back the decapsulated datagram to the Home Agent. • Architecture Mobile IP • This may create routing loops if the Foreign Agent has lost the trace • Mécanismes de mobilité IP – Découverte d’agent of the Mobile Node and the Mobile Node is not connected elsewhere – Enregistrement – Tunnelage • The Foreign Agent should re-encapsulate the decapsulated datagram into a Special Tunnel getting it back to the Home Agent • Fonctionnalités avancées with the Care-of Address as the source address of the outer header • Micro-mobilité • This allows the Home Agent to compare the current registration with • Support de mobilité fourni par IPv6 the returned Care-of Address and decide whether it should tunnel the datagram or not thus avoiding routing loops • Mobile IP & 3G • Conclusion mobilité IP 89 mobilité IP 90
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep
Cours mobilitep

Recommended

121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...spirecorporate
 
Traffic Management, DPI, Internet Offload Gateway
Traffic Management, DPI, Internet Offload GatewayTraffic Management, DPI, Internet Offload Gateway
Traffic Management, DPI, Internet Offload GatewayContinuous Computing
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessimec.archive
 
Mobile
MobileMobile
Mobilenoreldein abderazig
 
Universal Edge Service: Innovation for the Next Decade
Universal Edge Service: Innovation for the Next DecadeUniversal Edge Service: Innovation for the Next Decade
Universal Edge Service: Innovation for the Next DecadeJuniper Networks
 
The future telecom
The future telecomThe future telecom
The future telecomSamuel Dratwa
 
End-to-End and IPv6
End-to-End and IPv6End-to-End and IPv6
End-to-End and IPv6John Loughney
 
What's New in Location
What's New in LocationWhat's New in Location
What's New in LocationLocaid Technologies
 

Recommended

121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...
121010_Mobile Banking & Payments for Emerging Asia Summit 2012_NFC – The Star...spirecorporate
 
Traffic Management, DPI, Internet Offload Gateway
Traffic Management, DPI, Internet Offload GatewayTraffic Management, DPI, Internet Offload Gateway
Traffic Management, DPI, Internet Offload GatewayContinuous Computing
 
Brokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessBrokerage 2007 presentation wireless
Brokerage 2007 presentation wirelessimec.archive
 
Mobile
MobileMobile
Mobilenoreldein abderazig
 
Universal Edge Service: Innovation for the Next Decade
Universal Edge Service: Innovation for the Next DecadeUniversal Edge Service: Innovation for the Next Decade
Universal Edge Service: Innovation for the Next DecadeJuniper Networks
 
The future telecom
The future telecomThe future telecom
The future telecomSamuel Dratwa
 
End-to-End and IPv6
End-to-End and IPv6End-to-End and IPv6
End-to-End and IPv6John Loughney
 
What's New in Location
What's New in LocationWhat's New in Location
What's New in LocationLocaid Technologies
 
Mobile Terminals as a Driver for IPv6 Deployment
Mobile Terminals as a Driver for IPv6 DeploymentMobile Terminals as a Driver for IPv6 Deployment
Mobile Terminals as a Driver for IPv6 DeploymentJohn Loughney
 
Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Pieter Geldenhuys
 
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarloDeprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarloMundo Contact
 
10 fn s19
10 fn s1910 fn s19
10 fn s19Scott Foster
 
Communications Interoperability
Communications InteroperabilityCommunications Interoperability
Communications InteroperabilityMike Beaton
 
Cdn world summit oct 2011
Cdn world summit oct 2011Cdn world summit oct 2011
Cdn world summit oct 2011Martin Ortiz
 
Scenarios for-context-aware-sip-07-a t kishore.pdf
Scenarios for-context-aware-sip-07-a t kishore.pdfScenarios for-context-aware-sip-07-a t kishore.pdf
Scenarios for-context-aware-sip-07-a t kishore.pdfAT Kishore
 
07 a t kishore.pdf
07 a t kishore.pdf07 a t kishore.pdf
07 a t kishore.pdfAT Kishore
 
The Ever Changing Cloud, CloudExpo 2012
The Ever Changing Cloud, CloudExpo 2012The Ever Changing Cloud, CloudExpo 2012
The Ever Changing Cloud, CloudExpo 2012Lew Tucker
 
Cool spots mobisys06-external
Cool spots mobisys06-externalCool spots mobisys06-external
Cool spots mobisys06-externalkareemhashem
 
3. FOMS_ IMS services_Shane_Dempsey
3. FOMS_ IMS services_Shane_Dempsey3. FOMS_ IMS services_Shane_Dempsey
3. FOMS_ IMS services_Shane_DempseyFOMS011
 
Commtex solutions
Commtex solutionsCommtex solutions
Commtex solutionsSameer Wagh
 
Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Ari Zoldan
 
Mns Product Portfolio 050610b (2)
Mns Product Portfolio 050610b (2)Mns Product Portfolio 050610b (2)
Mns Product Portfolio 050610b (2)AngieTocco
 
3G & LTE Wireless Solutions
3G & LTE Wireless Solutions3G & LTE Wireless Solutions
3G & LTE Wireless SolutionsContinuous Computing
 
Dham bangalore q407
Dham bangalore q407Dham bangalore q407
Dham bangalore q407Obsidian Software
 
Home network & ott 2.1
Home network & ott 2.1Home network & ott 2.1
Home network & ott 2.1Benjamin SCHWARZ
 
An operator CDN deployment in Latin America: facts & lessons learnt
An operator CDN deployment in Latin America: facts & lessons learntAn operator CDN deployment in Latin America: facts & lessons learnt
An operator CDN deployment in Latin America: facts & lessons learntnivedita_nouvel
 
10 fn s29
10 fn s2910 fn s29
10 fn s29Scott Foster
 
Mobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMUCUGL
 
53302372 config-gns3
53302372 config-gns353302372 config-gns3
53302372 config-gns3Rokitta Apollonia
 
Dejan lucic vladari iz senke ii
Dejan lucic vladari iz senke iiDejan lucic vladari iz senke ii
Dejan lucic vladari iz senke iiNikola Veljovic
 

More Related Content

What's hot

Mobile Terminals as a Driver for IPv6 Deployment
Mobile Terminals as a Driver for IPv6 DeploymentMobile Terminals as a Driver for IPv6 Deployment
Mobile Terminals as a Driver for IPv6 DeploymentJohn Loughney
 
Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Pieter Geldenhuys
 
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarloDeprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarloMundo Contact
 
Communications Interoperability
Communications InteroperabilityCommunications Interoperability
Communications InteroperabilityMike Beaton
 
Cdn world summit oct 2011
Cdn world summit oct 2011Cdn world summit oct 2011
Cdn world summit oct 2011Martin Ortiz
 
Scenarios for-context-aware-sip-07-a t kishore.pdf
Scenarios for-context-aware-sip-07-a t kishore.pdfScenarios for-context-aware-sip-07-a t kishore.pdf
Scenarios for-context-aware-sip-07-a t kishore.pdfAT Kishore
 
07 a t kishore.pdf
07 a t kishore.pdf07 a t kishore.pdf
07 a t kishore.pdfAT Kishore
 
The Ever Changing Cloud, CloudExpo 2012
The Ever Changing Cloud, CloudExpo 2012The Ever Changing Cloud, CloudExpo 2012
The Ever Changing Cloud, CloudExpo 2012Lew Tucker
 
Cool spots mobisys06-external
Cool spots mobisys06-externalCool spots mobisys06-external
Cool spots mobisys06-externalkareemhashem
 
3. FOMS_ IMS services_Shane_Dempsey
3. FOMS_ IMS services_Shane_Dempsey3. FOMS_ IMS services_Shane_Dempsey
3. FOMS_ IMS services_Shane_DempseyFOMS011
 
Commtex solutions
Commtex solutionsCommtex solutions
Commtex solutionsSameer Wagh
 
Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Ari Zoldan
 
Mns Product Portfolio 050610b (2)
Mns Product Portfolio 050610b (2)Mns Product Portfolio 050610b (2)
Mns Product Portfolio 050610b (2)AngieTocco
 
An operator CDN deployment in Latin America: facts & lessons learnt
An operator CDN deployment in Latin America: facts & lessons learntAn operator CDN deployment in Latin America: facts & lessons learnt
An operator CDN deployment in Latin America: facts & lessons learntnivedita_nouvel
 
Mobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMUCUGL
 

What's hot (20)

Mobile Terminals as a Driver for IPv6 Deployment
Mobile Terminals as a Driver for IPv6 DeploymentMobile Terminals as a Driver for IPv6 Deployment
Mobile Terminals as a Driver for IPv6 Deployment
 
Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...Head to Head - The Battle between the Bellheads and the Netheads for control ...
Head to Head - The Battle between the Bellheads and the Netheads for control ...
 
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarloDeprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
Deprimido por tu cuenta de roaming? Ven y conoce cómo superarlo
 
10 fn s19
10 fn s1910 fn s19
10 fn s19
 
Communications Interoperability
Communications InteroperabilityCommunications Interoperability
Communications Interoperability
 
Cdn world summit oct 2011
Cdn world summit oct 2011Cdn world summit oct 2011
Cdn world summit oct 2011
 
Scenarios for-context-aware-sip-07-a t kishore.pdf
Scenarios for-context-aware-sip-07-a t kishore.pdfScenarios for-context-aware-sip-07-a t kishore.pdf
Scenarios for-context-aware-sip-07-a t kishore.pdf
 
07 a t kishore.pdf
07 a t kishore.pdf07 a t kishore.pdf
07 a t kishore.pdf
 
The Ever Changing Cloud, CloudExpo 2012
The Ever Changing Cloud, CloudExpo 2012The Ever Changing Cloud, CloudExpo 2012
The Ever Changing Cloud, CloudExpo 2012
 
Cool spots mobisys06-external
Cool spots mobisys06-externalCool spots mobisys06-external
Cool spots mobisys06-external
 
3. FOMS_ IMS services_Shane_Dempsey
3. FOMS_ IMS services_Shane_Dempsey3. FOMS_ IMS services_Shane_Dempsey
3. FOMS_ IMS services_Shane_Dempsey
 
Commtex solutions
Commtex solutionsCommtex solutions
Commtex solutions
 
Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)Symmetry SSI5200 (quantumwimax.com)
Symmetry SSI5200 (quantumwimax.com)
 
Mns Product Portfolio 050610b (2)
Mns Product Portfolio 050610b (2)Mns Product Portfolio 050610b (2)
Mns Product Portfolio 050610b (2)
 
3G & LTE Wireless Solutions
3G & LTE Wireless Solutions3G & LTE Wireless Solutions
3G & LTE Wireless Solutions
 
Dham bangalore q407
Dham bangalore q407Dham bangalore q407
Dham bangalore q407
 
Home network & ott 2.1
Home network & ott 2.1Home network & ott 2.1
Home network & ott 2.1
 
An operator CDN deployment in Latin America: facts & lessons learnt
An operator CDN deployment in Latin America: facts & lessons learntAn operator CDN deployment in Latin America: facts & lessons learnt
An operator CDN deployment in Latin America: facts & lessons learnt
 
10 fn s29
10 fn s2910 fn s29
10 fn s29
 
Mobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for LyncMobility and SmartTAP Recording for Lync
Mobility and SmartTAP Recording for Lync
 

Viewers also liked

Dejan lucic vladari iz senke ii
Dejan lucic vladari iz senke iiDejan lucic vladari iz senke ii
Dejan lucic vladari iz senke iiNikola Veljovic
 
Working Together to Save Arctic Species: Recognizing the Importance of Partne...
Working Together to Save Arctic Species: Recognizing the Importance of Partne...Working Together to Save Arctic Species: Recognizing the Importance of Partne...
Working Together to Save Arctic Species: Recognizing the Importance of Partne...garryenns
 
Pengucapan Awam Induksi.Tppi
Pengucapan Awam Induksi.TppiPengucapan Awam Induksi.Tppi
Pengucapan Awam Induksi.Tppiaimm reka
 

Viewers also liked (7)

53302372 config-gns3
53302372 config-gns353302372 config-gns3
53302372 config-gns3
 
Dejan lucic vladari iz senke ii
Dejan lucic vladari iz senke iiDejan lucic vladari iz senke ii
Dejan lucic vladari iz senke ii
 
The printing press
The printing pressThe printing press
The printing press
 
Working Together to Save Arctic Species: Recognizing the Importance of Partne...
Working Together to Save Arctic Species: Recognizing the Importance of Partne...Working Together to Save Arctic Species: Recognizing the Importance of Partne...
Working Together to Save Arctic Species: Recognizing the Importance of Partne...
 
1 introduction secu
1 introduction secu1 introduction secu
1 introduction secu
 
Pengucapan Awam Induksi.Tppi
Pengucapan Awam Induksi.TppiPengucapan Awam Induksi.Tppi
Pengucapan Awam Induksi.Tppi
 
Cours uml
Cours umlCours uml
Cours uml
 

Similar to Cours mobilitep

77232345 cours-ip-mobile
77232345 cours-ip-mobile77232345 cours-ip-mobile
77232345 cours-ip-mobilezan
 
Net blazr brough turner
Net blazr brough turnerNet blazr brough turner
Net blazr brough turnerCarl Ford
 
ipgoals,assumption requirements
ipgoals,assumption requirementsipgoals,assumption requirements
ipgoals,assumption requirementsrajisri2
 
Access network discovery
Access network discoveryAccess network discovery
Access network discoveryabenitop
 
Seminar technical
Seminar technicalSeminar technical
Seminar technicalt4cashish
 
Mobile Networking through Mobile IP
Mobile Networking through Mobile IPMobile Networking through Mobile IP
Mobile Networking through Mobile IPAshish Chandurkar
 
Widyatama.lecture.applied networking.iv-week-13.future internet networking
Widyatama.lecture.applied networking.iv-week-13.future internet networkingWidyatama.lecture.applied networking.iv-week-13.future internet networking
Widyatama.lecture.applied networking.iv-week-13.future internet networkingDjadja Sardjana
 
"End-to-end Interoperability and Mobile Services"
"End-to-end Interoperability and Mobile Services" "End-to-end Interoperability and Mobile Services"
"End-to-end Interoperability and Mobile Services" John Loughney
 
Mobile ip overview
Mobile ip overviewMobile ip overview
Mobile ip overviewpriya Nithya
 
Is Network-based Mobility Management the Future?
Is Network-based Mobility Management the Future?Is Network-based Mobility Management the Future?
Is Network-based Mobility Management the Future?Cisco Service Provider
 
Ec8004 wireless networks unit 2 mobile ip
Ec8004 wireless networks unit 2 mobile ipEc8004 wireless networks unit 2 mobile ip
Ec8004 wireless networks unit 2 mobile ipHemalathaR31
 
Aspects of technology impacting consumers and businesses - Convergence of ent...
Aspects of technology impacting consumers and businesses - Convergence of ent...Aspects of technology impacting consumers and businesses - Convergence of ent...
Aspects of technology impacting consumers and businesses - Convergence of ent...Dejo George
 
Firetide Q4 Update
Firetide Q4 UpdateFiretide Q4 Update
Firetide Q4 UpdateFiretide
 

Similar to Cours mobilitep (20)

77232345 cours-ip-mobile
77232345 cours-ip-mobile77232345 cours-ip-mobile
77232345 cours-ip-mobile
 
D0362035
D0362035D0362035
D0362035
 
Net blazr brough turner
Net blazr brough turnerNet blazr brough turner
Net blazr brough turner
 
Unit 3
Unit 3Unit 3
Unit 3
 
Unit 3
Unit 3Unit 3
Unit 3
 
Mobile ipv6
Mobile ipv6Mobile ipv6
Mobile ipv6
 
ipgoals,assumption requirements
ipgoals,assumption requirementsipgoals,assumption requirements
ipgoals,assumption requirements
 
Access network discovery
Access network discoveryAccess network discovery
Access network discovery
 
Seminar technical
Seminar technicalSeminar technical
Seminar technical
 
Mobile Networking through Mobile IP
Mobile Networking through Mobile IPMobile Networking through Mobile IP
Mobile Networking through Mobile IP
 
Widyatama.lecture.applied networking.iv-week-13.future internet networking
Widyatama.lecture.applied networking.iv-week-13.future internet networkingWidyatama.lecture.applied networking.iv-week-13.future internet networking
Widyatama.lecture.applied networking.iv-week-13.future internet networking
 
"End-to-end Interoperability and Mobile Services"
"End-to-end Interoperability and Mobile Services" "End-to-end Interoperability and Mobile Services"
"End-to-end Interoperability and Mobile Services"
 
Radisys offloading 10412_final
Radisys offloading 10412_finalRadisys offloading 10412_final
Radisys offloading 10412_final
 
Mobile ip overview
Mobile ip overviewMobile ip overview
Mobile ip overview
 
Mobility Management
Mobility ManagementMobility Management
Mobility Management
 
Is Network-based Mobility Management the Future?
Is Network-based Mobility Management the Future?Is Network-based Mobility Management the Future?
Is Network-based Mobility Management the Future?
 
Ec8004 wireless networks unit 2 mobile ip
Ec8004 wireless networks unit 2 mobile ipEc8004 wireless networks unit 2 mobile ip
Ec8004 wireless networks unit 2 mobile ip
 
Aspects of technology impacting consumers and businesses - Convergence of ent...
Aspects of technology impacting consumers and businesses - Convergence of ent...Aspects of technology impacting consumers and businesses - Convergence of ent...
Aspects of technology impacting consumers and businesses - Convergence of ent...
 
Firetide Q4 Update
Firetide Q4 UpdateFiretide Q4 Update
Firetide Q4 Update
 
Mobile IP 1
Mobile IP 1Mobile IP 1
Mobile IP 1
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Cours mobilitep

  • 1. Mobilité IP Introduction Plan Différents types de mobilité • Introduction – Qu’est-ce que la mobilité IP ? Home Network Mobile Cellular • Architecture Mobile IP Network • Mécanismes de mobilité IP – Découverte d’agent POP – Enregistrement POP Mobile host – Tunnelage Internet POP Visited LAN • Fonctionnalités avancées POP • Micro-mobilité Mobile host • Support de mobilité fourni par IPv6 PSTN Mobile host • Mobile IP & 3G Mobile host • Conclusion mobilité IP 3 mobilité IP 4 Différents types de mobilité Mobilité IP ≠ LANs sans fil (WLAN) • LANs sans fil aujourd’hui : – IEEE 802.11, Bluetooth … – AP IEEE 802.11 AP = pont entre le réseau fixe et le réseau sans • Nomadisme (DHCP) fil • Ordinateurs mobiles (Mobile IP, IEEE 802.11) • handoffs de niveau 2 supportés mais PAS la • Réseaux mobiles (réseaux Ad-hoc) mobilité IP (les handoffs sont supportés au sein d’un même sous-réseau IP) • Besoin de protocoles fournissant un service de localisation • Mobilité IP ≠ Interface sans fil mobilité IP 5 mobilité IP 6
  • 2. Différents types de mobilité Différents types de mobilité mobilité IP 7 mobilité IP 8 Mobilité Introduction Mobile IP (1) Address: Home Address Mobile node • Sillage des réseaux GSM – Mobilité = nécessité pour les utilisateurs d’un système de Home Network communication Data – Tous les réseaux existants se donnent pour mission de Correspondent Internet Base station proposer ce service • Standard TCP/IP : réseau le + étendu au monde – Principe Anywhere, Any Time, Network Access – Réseau IP : l’une des principales sources d’information mobilité IP 9 mobilité IP 10 Introduction Mobile IP (2) Cahier des charges pour l’architecture de mobilité IP • Échelle planétaire : • Two major requirements arise when considering IP mobility: – Quasi-totalité des réseaux fournissent une entrée au réseau – Application transparency : Dealing with a mobile Internet configuration should not necessitate a mobile-aware – Avec mobilité : garantie d’un accès universel, simple application. This is needed in order to avoid application d’emploi et pratique replacement on all Internet hosts! • Groupe de travail de l’IETF : proposition IP Mobile – Seamless roaming : When a user goes out of his corporate – Proposer une localisation planétaire par l’adresse IP network and roams around in the Internet, the requirement is (à l’instar du roaming du GSM) to assure a seamless Internet communication between this user and his correspondents whatever the access network used by the mobile roaming user • IP préexiste au concept nomade – GSM doté dès l’origine de telles fonctions • Dealing with mobility at the IP layer provides a way to – IP : « bricolage » de solutions pour ajouter la mobilité answer the above requirements mobilité IP 11 mobilité IP 12
  • 3. Problématique de la mobilité dans IP Why isn’t IP mobility simple? (1) • Difficultés pour intégrer à IP de nouvelles fonctions • The complexity comes from the current use of IP addresses. devant offrir la mobilité • An IP address is used to – identify a particular end-system. In this respect, IP addresses are equivalent to FQDNs (Fully Qualified Domain Names) and the equivalence is maintained in a DNS, Domain Name Server – identify a particular TCP session in an IP host since a TCP socket consists of a (destination IP address, destination port number) couple – determine a route to a destination IP host. • The first two uses come into contradiction with the third use when mobility is considered mobilité IP 13 mobilité IP 14 IP mobility: routing mobility: Why isn’t IP mobility simple? (2) • The first use supposes that a host’s IP address should never change since the DNS should always point to the 132.227.61.0 same IP address Data for the mobile is routed to its • The second use supposes that a host’s IP address should home network 132.227.61.30 132.227.61.31 132.227.61.32 never change during a TCP session otherwise the session would be lost Internet Roaming • The third use supposes that when the host is roaming outside its home network (the network which has the 135.139.18.0 prefix of the host’s IP address), it should change its address (and take an address with a prefix given by the visited network) in order to receive the datagrams Correspondent 135.139.18.12 135.139.18.13 destined to it mobilité IP 15 mobilité IP 16 Why isn’t IP mobility simple? (3) Mobile IP standardization process • A possible answer to the third constraint would be to use a DHCP (Dynamic Host Configuration Protocol) server in order • The standardization of Mobile IP is being mainly carried out at the to obtain an address on the visited network IETF (Internet Engineering Task Force) • The IP Routing for Wireless/Mobile Hosts (MobileIP) Working • This however poses a problem with the first two constraints Group is in charge of defining and specifying the Mobile IP architecture and protocols – First, the IP address of a host having changed, the DNS in • The major architecture components are already in the standards the home network should be updated by the mobile host track (Request For Comments, RFCs 2002-2006) on the visited network. This may be very dangerous on a security standpoint! • Some very interesting enhanced functionalities are still considered as work in progress and specified in Internet Drafts – Second, this solution can not provide a seamless continuous • These documents and other related information may be found at the mobility capability since when the mobile host’s IP address is mobileip WG home page on the Web : changed, all TCP sessions involving this host should be http://www.ietf.org/html.charters/mobileip-charter.html dropped and reinitialized with the new IP address mobilité IP 17 mobilité IP 18
  • 4. Plan • Introduction – Qu’est-ce que la mobilité IP ? • Architecture Mobile IP • Mécanismes de mobilité IP – Découverte d’agent Overview of the IP mobility architecture – Enregistrement – Tunnelage • Fonctionnalités avancées • Micro-mobilité • Support de mobilité fourni par IPv6 • Mobile IP & 3G • Conclusion mobilité IP 19 Functional entities The Mobile IP basic concept • The Mobile IP architecture resolves the above contradiction • Mobile node : A host or a router that roams from one by using 2 IP addresses for a mobile host : network or subnetwork to another outside its home network without changing its long term IP address (the home address) – The Home address is a permanent address used to identify uniquely the IP host on the Internet (answers the • Home agent : This is typically a router on a mobile node’s two first IP addresses constraints) home network which delivers datagrams to departed mobile nodes, and maintains current location information for each – The Care-of address is a temporary address used to route the datagrams destined to the mobile host to the • Foreign agent : This is typically a router on a mobile node’s current attachment point of this host (answers the last IP visited network that collaborates with the Home agent to addresses constraint) complete the delivery of datagrams to the mobile node while it is away from home mobilité IP 21 mobilité IP 22 Plan Main functions • Introduction – Qu’est-ce que la mobilité IP ? • Agent Discovery : • Architecture Mobile IP – Home Agents & Foreign Agents send advertisements on the link. A mobile can ask for advertisements to be sent. • Mécanismes de mobilité IP – Découverte d’agent • Registration : – Enregistrement – Tunnelage – When a mobile is away, it registers its temporary address with its home agent • Fonctionnalités avancées • Tunneling : • Micro-mobilité – The packets for the mobile are intercepted by the HA and tunnelled to the mobile • Support de mobilité fourni par IPv6 • Mobile IP & 3G • Conclusion mobilité IP 23 mobilité IP 24
  • 5. Mobile IP Protocol overview 1. Home Agent & Foreign Agent broadcast or multicast Home Network Home Address ® Care-of Address agent advertisements on their respective links. Home Agent Home Address ® IP T Care-of Address 2. Mobile nodes listen to Agent Advertisements. They IPsrc = Home Agent unn el examine the contents of these advertisements to IPDst = Foreign Agent Foreign Network determine whether they are on the home or on a Tunnel Header Data Internet Agent a dvertise visited network Header ment Re gis IPsrc = Host tra t Foreign Agent 3. A mobile node on a visited network acquires a IPDst = Mobile ion temporary address (care of address) Header Data Mobile Node The mobile is on Correspondent its Home Network mobilité IP 25 mobilité IP 26 Protocol overview 4. The mobile registers its COA with its home agent 5. The Home Agent sends ARP on the Home Network IP mobility mechanisms (IP@ <-> MAC@). The packets for the mobile are intercepted and sent to the current position of the Agent discovery mobile Registration 6. The packets arrive to the COA and are decapsulated in order to extract the original packet Tunneling 7. The packets from the mobile are sent directly to the correspondents mobilité IP 27 Agent Discovery Agent Discovery • Process by which the mobile detects where it is attached (home or visited network) • Allows the mobile to determine a COA when the mobile is on a visited network • Based on 2 types of messages: – Agent Advertisement : broadcast or multicast by the agents – Agent Solicitation : sent by a mobile which does not want to wait for an AA • Message authentication mobilité IP 29 mobilité IP 30
  • 6. Agent Solicitation Message Mobile Agent Discovery • An extension, called the Mobility Agent extension, is appended to ICMP Router Advertisement to constitute the Agent Advertisement message Vers = 4 IHL Type of Service Total Length Identification Flags Fragment Offset TTL = 1 Protocol = ICMP Header Checksum IP header (RFC 791) • A Foreign Agent uses the Agent Advertisement message in order Source Address = Mobile node ’s Home Address to indicate the Care-of Address to a Mobile Node Destination Address = 255.255.255.255 or 224.0.0.2 ICMP Router Type =10 Code = 0 Checksum Solicitation Reserved (RFC 1256) • A Home Agent uses the Agent Advertisement message so that a Mobile Node knows when it has returned to its Home Network • A Mobile Node is allowed to send ICMP Router Solicitation messages in order to elicit a Mobility Agent Advertisement mobilité IP 31 mobilité IP 32 Mobile Agent Discovery Agent Advertisement Message Getting a COA Vers = 4 IHL Type of Service Total Length • A Care-of Address may be obtained from the Foreign Agent by Identification Flags Fragment Offset an Agent Advertisement. TTL = 1 Protocol = ICMP Header Checksum IP header (RFC 791) – It may also be obtained from a RAS (Remote Access Server) Source Address = Home/Foreign Agent ’s Address on this link implementing PPP or from a DHCP server on a foreign LAN. Destination Address = 255.255.255.255 or 224.0.0.1 Type =9 Code Checksum – In this case the Care-of Address is said to be collocated Num Addrs Add Entry Size Lifetime (of this Advertissement) since it is directly assigned to the Mobile Node interface and Router Address [1] ICMP Router Advertisement not to a Mobile Node through a Foreign Agent. Preference Leve [1] (RFC 1256) Router Address [2] Preference Leve [2] • For a collocated Care-of Address, the tunnel terminates at the ... Mobile Node interface Type = 16 Length Sequence Number (Maximum) Registration Lifetime R B H F M G V Reserved Mobility Agent Advertisement Care-of Address [1] Extension Care-of Address [2] (RFC 2002) ... Type = 19 Length Prefix Length [1] Prefix Length [2] Prefix Length Extension Optional ... (RFC 2002) mobilité IP 33 mobilité IP 34 Mobile Agent Discovery Mobile Agent Discovery Mobility Agent Advertisement Extension • Flags: • It is based upon an extension of the ICMP (Internet – R=Registration required at the Foreign Agent Control Message Protocol) Router Discovery protocol – B=Busy – H=Home Agent – F=Foreign Agent • A router periodically broadcasts ICMP Router – M,G,V indicate the encapsulation type Advertisement messages on the different directly • Type identifies the Mobility Agent Advertisement extension attached subnetworks • Length is the total length of this extension which depends on the number of Care-of Addresses • This allows the hosts on these subnets to discover the • Lifetime specifies the duration of the Care-of Address support on the router Foreign Agent • For a Home Agent, Zero Care-of Address is advertised • For a Foreign Agent, typically one Care-of Address is advertised • Sequence Number is incremented at each Advertisement mobilité IP 35 mobilité IP 36
  • 7. Registration • Functionnalities – Ask for routing functionnalities of the FA – Tell the HA the new location of the mobile – Update a binding which is about to expire – De-register the mobile when it is back on its home network Registration • Triggered as soon as the mobile detects it changed its point of attachement • Use of the information obtained by agent discovery to determine the type of registration to be done • Two registration procedures – With the « Foreign Agent » – With the temporary address of the mobile mobilité IP 38 Registration Registration • Once the Mobile Node receives a Care-of Address, it should register its (Home Address, Care-of Address) binding at his Home Agent Mobile 2. Registration Request. 1. • This is done using 2 messages : – Registration Request Internet – Registration Reply Foreign Agent Home Agent • They both use a UDP/IP service 4. 3. Registration Reply. mobilité IP 39 mobilité IP 40 Registration Registration Request Registration 1 byte 1 byte 1 byte 1 byte Vers = 4 IHL Type of Service Total Length Type SBDMGVrsvd Lifetime Identification Flags Fragment Offset IP header TTL Protocol = UDP Header Checksum (RFC 791) Source Address Home Address Destination Address Source Port Destination Port = 434 Home Agent Length Checksum UDP header (RFC 768) Type =1 S B D M G V Rsv Lifetime Care-of Addresses... Mobile Node’s Home Address Registration Home Agent Address Request Care-of Address (RFC 2002) Identification Identification Extensions mobilité IP 41 mobilité IP 42
  • 8. Registration Registration Request Registration Request • Flags : • Registering with the FA – S=Simultaneous Registrations (multiple Care-of Adresses) – The FA receives the message and may reject it: – B=Broadcast • Invalid authentication – D=Care-of Address collocated with the Mobile Node • The lifetime value exceeds what may be accepted by the FA – M,G,V indicate the encapsulation type • The mobile wishes to use a tunneling type not supported by the FA • Type identifies the Registration message • The FA has not enough resources • Lifetime specifies the duration of the mobility addresses binding – Otherwise, it forwards the request to the HA • Home Address is bound to the Care-of Address • Home Agent identifies the Home Agent that should register the • Registering with the HA binding – The HA also checks the registration should be accepted (same • Identification is used to protect against replay attacks and allows to conditions) correlate a Registration Request with a Registration Reply message – If it is accepted, the HA • Updates its binding table • The Mobile-Home authentication extension is used to authenticate • Sends a proxy ARP message on the local link the Mobile Node at the Home Agent • Sends a registration reply mobilité IP 43 mobilité IP 44 Registration Registration Reply Registration Reply 1 byte 1 byte 1 byte 1 byte Vers = 4 IHL Type of Service Total Length Type Code Lifetime Identification Flags Fragment Offset IP header TTL Protocol = UDP Header Checksum (RFC 791) Source Address Home Address Destination Address Source Port Destination Port = 434 UDP header (RFC 768) Home Agent Length Checksum Type =3 Code Lifetime Mobile Node’s Home Address Registration Home Agent Address Identification Reply (RFC 2002) Identification Extensions mobilité IP 45 mobilité IP 46 Registration Registration Reply Registration Reply • Type identifies the Registration message • The FA receives a registration reply • Lifetime specifies the duration of the mobility addresses binding – If the RR is invalid, the agent sends a Registration Reply describing the reason why the registration was rejected • Home Address identifies the Mobile Node to which this message is – Otherwise, the agent related • Updates its binding table • Home Agent identifies the Home Agent having registered the • Forwards the message to the mobile binding • Starts to handle the messages for the mobile • Identification is used to protect against replay attacks and allows to • Reception of the RR by the mobile correlate a Registration Request with a Registration Reply message – If the registration was rejected, the mobile tries to change its registration • The Mobile-Home authentication extension is used to authenticate procedure the Home Agent at the Mobile Node – Otherwise the mobile updates its routing table • Code gives the result of the registration – 0 : registration accepted – 66, 69, 70... : registration denied by the Foreign Agent – 130, 131, 133... : registration denied by the Home Agent mobilité IP 47 mobilité IP 48
  • 9. Registration Exemple • Via le Foreign Agent : • Adresse home du mobile node =129.34.78.5 FA • HA du mobile node = 129.34.78.254 • FA address = 137.0.0.11 FA • FA care of address = 9.2.20.11 • Home node source port = 434 temps FA HA • Mobile node source port = 1094 • FA source port = 1105 FA HA • Care-of-address registration lifetime = 60000 s • HA granted lifetime = 35000 s FA mobilité IP 49 mobilité IP 50 Exemple Exemple Agent advertisement IP header fields ICMP header Router Adv. header Mobile service extensions Home -> Foreign S=137.0.0.11 Type=9 Lifetime=60000 IP header fields UDP header Mobile-IP message fields Authentication Ext. D=255.255.255.255 code=16 COA=9.2.20.11 F=1 S= 129.34.78.254 Type = 3 S=434 SPI=303 Mobile -> Foreign D= 9.2.20.11 D=1105 lifetime=35000 TTL=64 COA=9.2.20.11 IP header fields UDP header Mobile-IP message fields Authentication Ext. HA=129.34.78.254 MA=129.34.78.5 S=129.34.78.5 S=1094 Type = 1 SPI=302 D= 137.0.0.11 D=434 lifetime=60000 Foreign -> Mobile TTL=1 COA=9.2.20.11 HA=129.34.78.254 IP header fields UDP header Mobile-IP message fields Authentication Ext. Foreign ->home MA=129.34.78.5 S= 137.0.0.11 S=434 Type = 3 SPI=303 IP header fields UDP header Mobile-IP message fields Authentication Ext. D= 129.34.78.5 D=1094 lifetime=35000 TTL=1 HA=129.34.78.254 S=9.2.20.11 S=1094 Type = 1 SPI=302 MA=129.34.78.5 D= 129.34.78.254 D=434 lifetime=60000 TTL=64 COA=9.2.20.11 HA=129.34.78.254 mobilité IP MA=129.34.78.5 51 mobilité IP 52 Exemple Exemple Annuler l’enregistrement (au retour au réseau home) : Mobile ->home IP header fields UDP header Mobile-IP message fields Authentication Ext. S=129.34.78.5 S=1094 Type = 1 SPI=302 D= 129.34.78.254 D=434 lifetime=0 Agent advertisement TTL=1 COA=129.34.78.5 HA=129.34.78.254 IP header fields ICMP header Router Adv. header Mobile service extensions MA=129.34.78.5 S=129.34.78.254 Type=9 Lifetime=35000 Home -> Mobile D=255.255.255.255 code=16 no COA H=1 IP header fields UDP header Mobile-IP message fields Authentication Ext. S= 129.34.78.254 S=434 Type = 3 SPI=303 D= 129.34.78.5 D=1094 lifetime=0 TTL=1 COA=129.34.78.5 HA=129.34.78.254 MA=129.34.78.5 mobilité IP 53 mobilité IP 54
  • 10. De-registration De- Discovering the HA's address De-registration Request. Mobile Node • Manual configuration on the mobile • Automatically Internet – By broadcasting a registration request Home Agent De-registration Reply mobilité IP 55 mobilité IP 56 Learning the HA address Learning the HA address Mobile Node Mobile Home Agent Home Agent Home Agent Home Agent Internet Internet Foreign Agent Foreign Agent Home Agent Home Agent mobilité IP 57 mobilité IP 58 Learning the HA address Movement detection Mobile Home Agent • Using the lifetime field – If the lifetime expires, the mobile supposes it has attached Home Agent to a new link or the agent has failed. It waits for an Agent Advertisement or sends an Agent Sollicitation Internet Foreign Agent Home Agent • Detection using the network prefix mobilité IP 59 mobilité IP 60
  • 11. Routing Interception by the HA • To the home network • 2 possibilities – The packets for a mobile are always sent to its home – Accessibility advertisement : network – No specific routing –conventional routing only on HA routers with several interfaces – If the mobile sends data, it behaves as any other node on the Internet – Using the proxy ARP Mobile's IP@ <-> HA's MAC@ • To a visited network Updated by the HA and by the mobile node when it returns on its – A router on the local link broadcasts an ARP request to home network inform the packets for the mobile should be sent to it. – The packets are intercepted by the HA and tunnelled to the mobile's COA(s) – At the end of the tunnel, they are decapsulated and delivered to the mobile mobilité IP 61 mobilité IP 62 Packet interception by the HA Home Network configurations Cible/Taille du prefixe Prochaine saut Interface 195.2.20.0/24 direct 1 Couche supérieures (TCP/UDP défaut/24 202.1.4.254 2 191.2.2.2/32 192.2.2.253 v1 IP Gateway Physical Home Network A Home Interface v1 Internet Agent Interface 1 Interface 2 (tunnel enc.) Routage sur l’agent mère 195.2.20.253 202.1.4.253 Cible/Taille du prefixe Prochaine saut Interface B Physical Home Network 130.79.80.0 direct 1 Couche supérieures (TCP/UDP Internet 192.2.2.0/24 192.2.2.254 2 Gateway/ 191.2.2.2/32 direct 1 IP Home Agent Interface v1 Interface 1 Interface 2 (tunnel déc.) Virtual Home Network Routage sur le foreign agent 130.79.80.254 192.2.2.253 C Internet Gateway/ Home Agent mobilité IP 63 mobilité IP 64 Proxy and Gratuitous ARP Security • In the cases A and B above, the Home Agent should intercept the datagrams intended to Mobile Nodes using a Proxy ARP mechanism • In the case C, all datagrams intended to Mobile nodes will be naturally intercepted by the Home Agent. Here, all the hosts are outside their Home Network which become a Virtual Network • Gratuitous ARP should be used by the Home Agent in order to change the ARP cache entry for a roaming Mobile node’s Home Address on the Home Network • When the Mobile Node gets back to its Home Network, Gratuitous ARP should again be used by the Mobile Node itself to restore the ARP cache entry mobilité IP 65 mobilité IP 66
  • 12. Security aspects (1) Security aspects (2) 1 byte 1 byte 1 byte 1 byte • The security issue is fundamental for registration messages otherwise impersonation and session hijacking attacks would be trivial Type Length SPI • Authentication should be applied to these messages • The Mobile IP architecture specifies its own security mechanisms for use SPI continued Authenticator with IPv4 since IPsec, the new standardized security architecture, is not mandatory with IPv4 Authenticator continued... • An authentication extension is thus appended to each of the above messages • Type identifies the authentication extension (Mobile-Home, Home Agent- • The default authentication algorithm is a keyed-MD5 in prefix + suffix Foreign Agent,...) mode • SPI specifies the authentication context (algorithm, mode, key...) • The result of the authentication is thus a 128 bit message digest • The Authenticator is calculated over the entire message + this authentication transmitted in the authentication extension extension mobilité IP 67 mobilité IP 68 Firewalls and packet filtering problems (1) Firewalls and packet filtering problems (2) • Ingress filtering is often applied in the border gateway of a corporate network playing the role of a firewall This datagram Correspondent Home cannot be Agent accepted on • This prevents Mobile Node generated datagrams to reach the this interface! Internet coming from the Visited Network This datagram HA cannot be CN A accepted on • Solutions Gateway/Firewall this interface! – Send datagrams with Source Address=Care-of Address Þ this Visited Network is a loosing proposition because it runs counter to the Home Network Internet HA C architecture NA – Send datagrams encapsulated in an outer IP header with Source Address=Care-of Address Þ this is a better Foreign Agent/ proposition but the Correspondent Nodes are not required to Gateway/Firewall be able to do the decapsulation Þ Encapsulated datagrams may be sent to the Home Agent which sends them back to the Correspondent Node Þ this is a suboptimal solution on the routing standpoint mobilité IP Mobile host 69 mobilité IP 70 Firewalls and packet filtering problems (3) • Correlated problem : the firewall on the Home Network side should also filter all datagrams coming from the Internet with a Source Address corresponding to an inner address (with the same prefix as the Home Network) Tunneling • Solutions : – If the Home Agent is collocated with the Gateway/Firewall, the firewall will know when such datagrams should be accepted – Otherwise, a protocol between the Home Agent and the Firewall may be necessary – Finally, a solution may consist in tunneling all such datagrams to the Home Agent which should play the role of a bastion host and be attached to a DMZ for safety mobilité IP 71
  • 13. Datagram Tunneling Reminder : IPv4 header format • A Correspondent Node sends datagrams to a Mobile Node with the Destination Address field containing the Mobile Node’s Home Address 1 byte 1 byte 1 byte 1 byte • Based on the destination address, these datagrams reach the Home Network Vers. IHL TOS Total Length • There, the Home Agent intercepts the datagrams and encapsulates them into an outer IP header that tunnels the Identification Flags FO initial datagrams to the Foreign Agent or directly to the Mobile Node (in the case of a collocated Care-of Address) TTL Protocol Header Checksum • Multiple encapsulation schemes may be used including : Source IPv4 address (4 bytes) – IP-within-IP encapsulation – Minimal encapsulation Destination IPv4 address (4 bytes) • The datagrams sent by the Mobile Node reach directly the Correspondent Node Options Padding mobilité IP 73 mobilité IP 74 IP-within-IP encapsulation IP- within- Minimal encapsulation Minimal encapsulation header New IP hdr Orig IP hdr TCP/UDP Data New IP hdr TCP/UDP Data • The original IP header remains unchanged when transmitted in 1 byte 1 byte 1 byte 1 byte the tunnel (the TTL field is decremented) – Source Address : Correspondent Node Address Protocol S Reserved Header Checksum – Destination Address : Mobile Node’s Home Address Original Destination Address : • The new IP header has : Mobile Node’s Home Address Original Source Address (if present) : – Source Address : Home Agent Address Correspondent Node’s Address – Destination Address : Care-of Address • S indicates the presence of the Original Source Address field • When fragmentation is needed, it should be done at the inner IP • Minimal encapsulation limits the number of supplementary datagram level otherwise the fragments won’t transport the Mobile bytes necessary for tunneling Node’s Home Address used at the Foreign Agent to send the decapsulated datagram on the right data link • It prevents however from performing fragmentation mobilité IP 75 mobilité IP 76 Soft Tunnel State Plan • It is interesting to maintain at the Home Agent level (the entry point • Introduction of the tunnel) a number of parameters on the state of each – Qu’est-ce que la mobilité IP ? established tunnel. • Architecture Mobile IP • These parameters constitute the Soft Tunnel State and include : • Mécanismes de mobilité IP – The Path MTU on this tunnel for fragmentation purposes – Découverte d’agent – Enregistrement – The state of the tunnel (broken or not) – Tunnelage – The Correspondent Node using the tunnel • Fonctionnalités avancées • The Home Agent may then relay ICMP error messages to the • Micro-mobilité Correspondent Node source of the tunneled datagrams • Support de mobilité fourni par IPv6 • Typically, ICMP host unreachable messages are sent back to the Correspondent Node when the datagrams are not delivered through • Mobile IP & 3G the tunnel • Conclusion mobilité IP 77 mobilité IP 78
  • 14. Enhanced functionnalities Routing optimisation • Optimisation du routage • Goal : Avoid triangle routing • Smooth handoff • Idea: – Tell the correspondents the current position of the mobile node • Problem: – Change the correspondent's IP stack mobilité IP 79 mobilité IP 80 Triangle Routing Route optimization (1) • The basic Mobile IP mechanisms create a Triangle Routing between the Correspondent Node, the Home Agent and the Home Network Mobile Node. • This Triangle Routing is far from being optimal especially in the case of a Correspondent Node very close to the Mobile Home Agent Node Tun • Route optimization consists of eliminating this problem ne l Visited Network • This is done by updating the Correspondent Node giving it the Internet mobility binding (Home Address, Care-of Address) of the Mobile Node Foreign Agent • For security purposes, it is the responsibility of the Home Mobile Node Agent to send the mobility binding to the Correspondent Nodes that need them Correspondent Node mobilité IP 81 mobilité IP 82 Route optimization (2) Route optimization (3) • Binding updates are authenticated by a route optimization authentication extension (same as for the Mobile-Home Home Network authentication extension) • Route optimization offers an efficient routing technique but Home Agent supposes that the Correspondent Nodes are able to Bin Bin implement the route optimization protocol d in din Internet Visited Network gu g re Foreign Agent pda que HA CN A • This may be the main reason why this mechanism has not yet te(H st ( oA CN A been definitively adopted as an RFC HA A, AC CN C ) HA oA Mobile Node ,L ifet CN A ime HA ) Correspondent Node mobilité IP 83 mobilité IP 84
  • 15. Foreign Agent - Smooth Handoff Smooth handoffs (1) • When a mobile moves, it registers with a new FA Home Network Registration Visited Network 2 • Goal: Tell the old FA the current position so that the Advert iseme packets in transit are redirected to the mobile (avoid nt losses and retransmissions) Foreign Agent 2 Home Agent Mobile Node • Protocol: Visited Network 1 Bindin – The mobile registers with the new FA and tells the address of its Internet old FA gu – The new FA sends a BU to the old FA so that it forwards the pdate packets to the new location of the mobile Foreign Agent 1 Mobile Node Correspondent Node What about the transition? mobilité IP 85 mobilité IP 86 Smooth handoffs (2) Smooth handoffs (3) • During the handoff, it is important that the datagrams intended to the Mobile Node and received by the previous Foreign Agent not be lost Home Network Registration Visited Network 2 Advert • A smooth handoff may be obtained if the previous Foreign Agent iseme nt receives a binding update with the new Care-of Address of the Mobile Foreign Agent 2 Node allowing it to relay the datagrams to the new Foreign Agent Binding update Binding Ack Home Agent Mobile Node • This is best achieved if it remains a local mechanism between the Bindin Mobile Node and both the current and previous Foreign Agents (the Internet Home Agent is too far to perform this binding update) gu pdate Foreign Agent 1 • This poses however a security problem since it is highly improbable, in the current state of Internet security, that an authentication security Mobile Node association be established between the Mobile Node and the Foreign Agents Visited Network 1 Correspondent Node mobilité IP 87 mobilité IP 88 Smooth handoffs (4) Plan • Introduction • If the previous Foreign Agent does not hold the new mobility binding – Qu’est-ce que la mobilité IP ? for the Mobile Node, it may send back the decapsulated datagram to the Home Agent. • Architecture Mobile IP • This may create routing loops if the Foreign Agent has lost the trace • Mécanismes de mobilité IP – Découverte d’agent of the Mobile Node and the Mobile Node is not connected elsewhere – Enregistrement – Tunnelage • The Foreign Agent should re-encapsulate the decapsulated datagram into a Special Tunnel getting it back to the Home Agent • Fonctionnalités avancées with the Care-of Address as the source address of the outer header • Micro-mobilité • This allows the Home Agent to compare the current registration with • Support de mobilité fourni par IPv6 the returned Care-of Address and decide whether it should tunnel the datagram or not thus avoiding routing loops • Mobile IP & 3G • Conclusion mobilité IP 89 mobilité IP 90