Mobile Networking Mobile-IP Mobile Networking Ad Hoc Network (APC) WP-N1-IP-701 Latest available information as of 03/26/2...
Outline <ul><li>Mobile Networking Solutions </li></ul><ul><li>Mobile-IPv4 Operation (mip4) </li></ul><ul><li>Mobile-IPv6 O...
What is Mobility? <ul><li>Transportable </li></ul><ul><ul><li>Telecommuter </li></ul></ul><ul><ul><li>Traveler </li></ul><...
Mobile Networking Solutions <ul><li>Routing Protocols </li></ul><ul><ul><li>   Route Optimization </li></ul></ul><ul><ul>...
Mobility at What Layer? <ul><li>Layer-2 (Radio Link) </li></ul><ul><ul><li>Fast and Efficient </li></ul></ul><ul><ul><li>P...
Location Identifier Internet © 2004 Syzygy Engineering  – Will Ivancic Alice (Mobile Node) Headquarters (Location Manager)...
Moblile-IP Operation IPv4 © 2004 Syzygy Engineering  – Will Ivancic
Mobile IPv4  Header Considerations <ul><li>Source is always home network address! </li></ul><ul><ul><li>Easy to secure due...
Mobile Node Foreign Agent  Foreign Agent  Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 N...
Mobile Node Foreign Agent  Foreign Agent  Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 N...
Mobile Node Foreign Agent  Foreign Agent  Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 N...
Mobile Node Access Router  Access Router  Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 N...
Mobile Node Access Router  Access Router  Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 N...
Mobile Node Access Router  Access Router  Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 N...
Bi-directional Tunnel if Reverse Tunneling  Is specified. Mobile Router (Mobile Node) Foreign Agent  Home Agent Correspond...
Mobile Router (Mobile Node) Foreign Agent  Home Agent Corresponding Node 139.88.112.1 Internet WAN Tunnel-0 128.183.13.1 I...
Mobile Router (Mobile Node) Home Agent Corresponding Node 139.88.112.1 Internet WAN Tunnel-0 128.183.13.1 Internet WAN 10....
Mobile Router (Mobile Node) Home Agent Corresponding Node 139.88.112.1 Internet WAN Tunnel-0 128.183.13.1 Internet WAN 10....
Mobile Networking  Additional Features <ul><li>Geographically Distributed  Home Agents </li></ul><ul><li>Asymmetrical Path...
Secondary Home Agent (reparenting the HA) Primary Home Agent Reparenting Home Agent Helps resolve triangular routing Probl...
Emergency Backup (Hub / Spoke Network) Source  – Will Ivancic If primary control site becomes physically inaccessible but ...
Secondary Home Agent (Fully Meshed Network) 1 Source  – Will Ivancic If primary control site is physically incapacitated, ...
Asymmetrical Pathing Mobile Router MilStar, Globalstar, Others DVB Satellite Source  – Will Ivancic Internet Home Agent Fo...
Securing Mobile and Wireless Networks Some ways may be “better” than others! Source  – Will Ivancic
Constraints / Tools  <ul><li>Policy </li></ul><ul><li>Architecture  </li></ul><ul><li>Protocols </li></ul>Source  – Will I...
IPv4 Utopian Operation Public Internet FA MR US Coast Guard Mobile Network HA US Coast Guard Operational Network (Private ...
IPv4 Mobile-IP Addressing <ul><li>Source Address is obtained from </li></ul><ul><ul><li>Foreign Agent </li></ul></ul><ul><...
IPv4 “Real World” Operation Public Internet FA MR US Coast Guard Mobile Network HA US Coast Guard Operational Network (Pri...
Current Solution –  Reverse Tunneling Public Internet FA MR US Coast Guard Mobile Network HA US Coast Guard Operational Ne...
Shared Network Infrastructure Source  – Will Ivancic Public Internet FA FA MR MR MR US Coast Guard Canadian Coast Guard AC...
IPv6 Mobile-IP © 2004 Syzygy Engineering  – Will Ivancic
Mobile-IPv6 <ul><li>No &quot;foreign agent“ routers </li></ul><ul><li>Route optimization is a fundamental part of the prot...
Mobile-IPv6 <ul><li>Modes for communications between the mobile node and a correspondent node </li></ul><ul><ul><li>Bidire...
IPv6 Extension Headers © 2004 Syzygy Engineering  – Will Ivancic
Source-Routed Packet Source Address = mobile node’s care-of-address Destination  Address = correspondent node’s address To...
Routing in Mobile IPv6 Mobile Node “visiting” a foreign link Home Agent Correspondent which does not know the care-of addr...
Mobile Node Access Router  Access Router  Home Agent Corresponding Node Mobile-IPv6  using Reverse Tunneling Source  – Wil...
Mobile Node Access Router  Access Router  Home Agent Corresponding Node Mobile-IPv6  using Route Optimization Source  – Wi...
Mobile Node Access Router  Access Router  Home Agent Corresponding Node Mobile-IPv6  Binding Updates x The number of  Bind...
Mobile IPv6 Security  <ul><li>Binding Updates use IPsec extension headers, or by the use of the Binding Authorization Data...
NEMO NEtworks in Motion http://www.ietf.org/html.charters/nemo-charter.html http://www.nal.motlabs.com/nemo/ Source  – Wil...
Networks In Motion (NEMO) <ul><li>Working Group established in IETF in December 2002 </li></ul><ul><li>Concerned with mana...
Goals <ul><li>Standardizing some basic support mechanisms based on the bidirectional tunneling approach </li></ul><ul><ul>...
Network Mobility (NEMO) Basic Support Protocol    (RFC 3963) <ul><li>The basic solution MUST use bi-directional tunnels  <...
Work In Progress <ul><li>Route Optimization </li></ul><ul><li>Load Sharing (monami) </li></ul><ul><li>Policy Based Routing...
Mobile Network Access Router  Access Router  Home Agent Corresponding Node Basic Mobile Network Support for IPv6 x Mobile ...
Mobile Nodes and Multiple Interfaces in IPv6 (monami6)
monami6 <ul><li>Produce standard track specifications to the straight-forward problems associated with the simultaneous us...
Policy-Base Routing Airline Example High speed link int2 int3 Routing  Policy Routing  Policy int1 Low latency link Reliab...
Policy-Base Routing  Airline Example High speed link int2 int3 Routing  Policy Routing  Policy int1 Low latency link Relia...
Policy-Base Routing  Airline Example High speed link int2 int3 Routing  Policy Routing  Policy HomeAgent int1 Low latency ...
Mobile Ad Hoc Networks (MANET) © 2004 Syzygy Engineering  – Will Ivancic
MANET Characteristics <ul><li>What is Mobile Ad-Hoc Networking (MANET) </li></ul><ul><ul><li>Self-configuring and self-org...
MANET Characteristics <ul><li>Bandwidth constrained,variable capacity wireless links </li></ul><ul><li>Effective throughpu...
Applications <ul><li>Sensor Webs </li></ul><ul><ul><li>Forest Fires Monitoring </li></ul></ul><ul><ul><li>Pollution Monito...
Status of MANET <ul><li>Defense Programs are extremely interested in MANETs </li></ul><ul><ul><li>Self-Organizing, robust,...
Deployments (Sampling – Many others are available) <ul><li>Dynamic MANET On-demand (DYMO) routing protocol  </li></ul><ul>...
Routing Standards and Research <ul><li>One Size Does Not Fit All!  No single routing protocol works well in all environmen...
Benefits of IPv6 in MANETs <ul><li>IPv6 couple together with MANET offers ease and speed of deployment, and decreased depe...
Challenges <ul><li>Denial of Service </li></ul><ul><ul><li>DAD DoS, Uncooperative Router, etc… </li></ul></ul><ul><ul><li>...
Challenges <ul><li>Duplicate Address Discovery </li></ul><ul><ul><li>Not suitable for multi-hop ad hoc networks that have ...
Integrating MANET  into the Internet <ul><li>Unicast Address Autoconfiguration </li></ul><ul><li>Multicast Address Autocon...
Upcoming SlideShare
Loading in...5
×

IP1

541

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
541
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • IHL is header length, Fixed length header, 40 bytes IPV4 What size is the IP header? Usually 20 bytes without options, maximum is 60 bytes. V4 Header 20 bytes, V6 header is 40 bytes but the V6 header compresses down much better than the V4 due to fixed header length etc. What is the max size of an IP v4 datagram? 65535 Addition of ‘Flow Label” Field in IP Header can be used by routers to identify flows for optimal routing. (20 bits) This part of IPv6 is not standardized yet, and may well change semantics in the future The Flow Label field indicates that this packet belongs to a specific sequence of packets between a source and destination, requiring special handling by intermediate IPv6 routers. The size of this field is 20 bits. The flow label is used for non-default quality-of-service (QoS) connections, such as those needed by real-time data (voice and video). For default router handling, the Flow Label field is set to 0. There can be multiple flows between a source and destination, as distinguished by separate non-zero flow labels. Like the Traffic Class field, exact details of the Flow Label field&apos;s use are not yet defined.
  • In wireless environments, OSPF’s “proactive” approach to routing causes wasted overhead that often saturates the wireless medium with control traffic for routes that are never used. Existing IP routing protocols can be classified either as “proactive” or “reactive”. Proactive protocols attempt to continuously evaluate all of the routes within a network – so that when a packet needs to be forwarded, a route is already known and can be used immediately. OSPF is an example of a Proactive Routing Protocol (PRP) for wired IP backbone networks. MANET-specific examples include Optimized Link State Routing (OLSR) [1], Topology Broadcast based on Reverse Path Forwarding (TBRPF) [2] and Hazy Sighted Link State Routing [3]. In contrast, Reactive Routing Protocols (RRPs) invoke a route determination procedure “on-demand” only. Thus, if route is needed then some sort of global-search procedure is employed. The classical flood-search algorithms are simple reactive-protocols. MANET-optimized examples include Ad hoc On-Demand Distance Vector (AODV) [4] and Dynamic Source Routing (DSR) [5]. It is well-known that proactive-protocols are not optimal for either MANETs that have rapidly changing topologies or sensor networks that require emission control (EMCON) modes-of-operation. However, purely reactive protocols are often inappropriate for several common MANET topologies such as cluster-based networks and relatively static networks. In addition, reactive protocols introduce additional latency (and possibly overhead) for real-time traffic. As such, “hybrid” or “zone” routing protocols that use a mix of both proactive and reactive routing techniques at each network node have been proposed.
  • IP1

    1. 1. Mobile Networking Mobile-IP Mobile Networking Ad Hoc Network (APC) WP-N1-IP-701 Latest available information as of 03/26/2006 Will Ivancic © 2004 Syzygy Engineering – Will Ivancic
    2. 2. Outline <ul><li>Mobile Networking Solutions </li></ul><ul><li>Mobile-IPv4 Operation (mip4) </li></ul><ul><li>Mobile-IPv6 Operation (mip6) </li></ul><ul><li>Networks In Motion (nemo) </li></ul><ul><li>Mobile Nodes and Multiple Interfaces in IPv6 (monami6) </li></ul><ul><li>Ad Hoc Networks </li></ul>© 2004 Syzygy Engineering – Will Ivancic
    3. 3. What is Mobility? <ul><li>Transportable </li></ul><ul><ul><li>Telecommuter </li></ul></ul><ul><ul><li>Traveler </li></ul></ul><ul><ul><li>Relatively static once connected </li></ul></ul><ul><ul><li>Single point of connection </li></ul></ul><ul><ul><li>Connectivity </li></ul></ul><ul><ul><ul><li>IPv6 Autoconfiguration </li></ul></ul></ul><ul><ul><ul><li>VPN </li></ul></ul></ul><ul><li>Mobile </li></ul><ul><ul><li>Mobile Devices </li></ul></ul><ul><ul><ul><li>PDAs </li></ul></ul></ul><ul><ul><ul><li>Cell Phones </li></ul></ul></ul><ul><ul><li>Mobile Networks </li></ul></ul><ul><ul><ul><li>Trains </li></ul></ul></ul><ul><ul><ul><li>Planes </li></ul></ul></ul><ul><ul><ul><li>Automobiles </li></ul></ul></ul><ul><ul><li>Connectivity </li></ul></ul><ul><ul><ul><li>Mobile-IP </li></ul></ul></ul><ul><ul><ul><li>Networks in Motion (NEMO) </li></ul></ul></ul><ul><ul><ul><li>Ad Hoc Networks </li></ul></ul></ul>© 2004 Syzygy Engineering – Will Ivancic
    4. 4. Mobile Networking Solutions <ul><li>Routing Protocols </li></ul><ul><ul><li> Route Optimization </li></ul></ul><ul><ul><li> Convergence Time </li></ul></ul><ul><ul><li> Sharing Infrastructure – who owns the network? </li></ul></ul><ul><li>Mobile-IP </li></ul><ul><ul><li> Route Optimization </li></ul></ul><ul><ul><ul><li>Optimization for MIPv6 </li></ul></ul></ul><ul><ul><ul><li>No Optimization for NEMOv6 (Basic) </li></ul></ul></ul><ul><ul><ul><li>Optimization can be problematic for security (if reverse tunneling is required) </li></ul></ul></ul><ul><ul><li> Convergence Time </li></ul></ul><ul><ul><li> Sharing Infrastructure </li></ul></ul><ul><ul><li> Security – Relatively Easy to Secure </li></ul></ul><ul><li>Domain Name Servers </li></ul><ul><ul><li> Route Optimization </li></ul></ul><ul><ul><li> Convergence Time </li></ul></ul><ul><ul><li> Reliability </li></ul></ul>Source – Will Ivancic
    5. 5. Mobility at What Layer? <ul><li>Layer-2 (Radio Link) </li></ul><ul><ul><li>Fast and Efficient </li></ul></ul><ul><ul><li>Proven Technology within the same infrastructure </li></ul></ul><ul><ul><ul><li>Cellular Technology Handoffs </li></ul></ul></ul><ul><ul><ul><li>WiFi handoffs </li></ul></ul></ul><ul><li>Layer-3 (Network Layer) </li></ul><ul><ul><li>Slower Handover between varying networks </li></ul></ul><ul><ul><li>Layer-3 IP address provides identity </li></ul></ul><ul><ul><li>Security Issues </li></ul></ul><ul><ul><ul><li>Need to maintain address </li></ul></ul></ul><ul><li>Layer-4 (Transport Layer) </li></ul><ul><ul><li>Research Area </li></ul></ul><ul><ul><li>Identity not tied to layer-3 IP address </li></ul></ul><ul><ul><li>Proposed Solutions </li></ul></ul><ul><ul><ul><li>HIP – Host Identity Protocol </li></ul></ul></ul><ul><ul><ul><li>SCTP – Stream Control Transport Protocol </li></ul></ul></ul>© 2004 Syzygy Engineering – Will Ivancic
    6. 6. Location Identifier Internet © 2004 Syzygy Engineering – Will Ivancic Alice (Mobile Node) Headquarters (Location Manager) HQ Keeps Track of Alice. Bob (Corresponding Node) Where is Alice’s Location Manager? I am in Cleveland, Ohio Hello Alice Hello Bob, I am in Cleveland, Ohio What is the Weather like in Cleveland?
    7. 7. Moblile-IP Operation IPv4 © 2004 Syzygy Engineering – Will Ivancic
    8. 8. Mobile IPv4 Header Considerations <ul><li>Source is always home network address! </li></ul><ul><ul><li>Easy to secure due to consistent end-point! </li></ul></ul><ul><ul><li>But, results in topologically incorrect address when away from home. </li></ul></ul><ul><ul><ul><li>Security Issue, Ingress and Egress Filtering </li></ul></ul></ul><ul><li>Reverse Tunneling </li></ul><ul><ul><li>Fixes topologically incorrect addressing problem </li></ul></ul><ul><ul><li>Eases secure deployment. </li></ul></ul>IPv4 Header 20 bytes © 2004 Syzygy Engineering – Will Ivancic Fragment Offset Flags Total Length Type of Service IHL Padding Options Destination Address Source Address Header Checksum Protocol Time to Live Identification Version
    9. 9. Mobile Node Foreign Agent Foreign Agent Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 NASA Glenn 143.232.48.1 Home IP 128.183.13.103 Care-Off-Address 139.88.111.50 128.183.13.1 NASA Goddard Mobile-IP (IPv4) using Foreign Agents Bi-directional Tunnel if Reverse Tunneling Is specified. Source – Will Ivancic “ ” Internet or Intranet
    10. 10. Mobile Node Foreign Agent Foreign Agent Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 NASA Glenn 143.232.48.1 Home IP 128.183.13.103 Care-Off-Address 139.88.111.50 128.183.13.1 NASA Goddard Mobile-IP (IPv4) using Foreign Agents Source – Will Ivancic “ ” Internet or Intranet
    11. 11. Mobile Node Foreign Agent Foreign Agent Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 NASA Glenn 143.232.48.1 Home IP 128.183.13.103 Care-Off-Address 139.88.111.50 128.183.13.1 NASA Goddard Mobile-IP (IPv4) using Foreign Agents (Reverse Tunneling) Source – Will Ivancic “ ” Internet or Intranet
    12. 12. Mobile Node Access Router Access Router Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 NASA Glenn 143.232.48.1 Home IP 128.183.13.103 Care-Off-Address 139.88.111.50 128.183.13.1 NASA Goddard Mobile-IP (IPv4) using Collocated Care-Of-Address Bi-directional Tunnel if Reverse Tunneling Is specified. Source – Will Ivancic “ ” Internet or Intranet DHCP or Connection Established
    13. 13. Mobile Node Access Router Access Router Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 NASA Glenn 143.232.48.1 Home IP 128.183.13.103 Care-Off-Address 139.88.111.50 128.183.13.1 NASA Goddard Mobile-IP (IPv4) using Collocated Care-Of-Address Source – Will Ivancic “ ” Internet or Intranet
    14. 14. Mobile Node Access Router Access Router Home Agent 139.88.111.1 143.232.48.1 NASA Ames Corresponding Node 139.88.112.1 NASA Glenn 143.232.48.1 Home IP 128.183.13.103 Care-Off-Address 139.88.111.50 128.183.13.1 NASA Goddard Mobile-IP (IPv4) using Collocated Care-Of-Address (Reverse Tunneling) Source – Will Ivancic “ ” Internet or Intranet
    15. 15. Bi-directional Tunnel if Reverse Tunneling Is specified. Mobile Router (Mobile Node) Foreign Agent Home Agent Corresponding Node 139.88.112.1 Internet WAN 128.184.24.2 128.183.13.1 Internet WAN 10.2.2.1 Roaming Interface 128.184.24.1 Virtual LAN Interface 128.184.25.1 HA Loopback Virtual Interface 139.88.100.1 FA WAN 128.184.26.1 MR Loopback Virtual Interface COA 139.88.100.1 Mobile-Router (IPv4) Mobile Router Source – Will Ivancic Tunnel-0 Tunnel-1 Internet
    16. 16. Mobile Router (Mobile Node) Foreign Agent Home Agent Corresponding Node 139.88.112.1 Internet WAN Tunnel-0 128.183.13.1 Internet WAN 10.2.2.1 Roaming Interface Tunnel-1 128.184.25.1 HA Loopback Virtual Interface 139.88.100.1 FA WAN Mobile-Router (IPv4) Mobile Router (Reverse Tunneling) 128.184.24.2 128.184.24.1 Virtual LAN Interface 128.184.26.1 MR Loopback Virtual Interface COA 139.88.100.1 Source – Will Ivancic Internet
    17. 17. Mobile Router (Mobile Node) Home Agent Corresponding Node 139.88.112.1 Internet WAN Tunnel-0 128.183.13.1 Internet WAN 10.2.2.1 Roaming Interface 128.184.25.1 HA Loopback Virtual Interface 139.88.100.1 FA WAN Mobile-Router (IPv4) Collocated Care-Of-Address 128.184.24.2 128.184.24.1 Virtual LAN Interface 128.184.26.1 MR Loopback Virtual Interface COA 139.88.100.1 Source – Will Ivancic Foreign Agent Tunnel-1 Internet No Foreign Agent No Second Tunnel
    18. 18. Mobile Router (Mobile Node) Home Agent Corresponding Node 139.88.112.1 Internet WAN Tunnel-0 128.183.13.1 Internet WAN 10.2.2.1 Roaming Interface 128.184.25.1 HA Loopback Virtual Interface 139.88.100.1 Mobile-Router (IPv4) Collocated Care-Of-Address Access Router 128.184.24.2 128.184.24.1 Virtual LAN Interface 128.184.26.1 MR Loopback Virtual Interface COA 139.88.100.1 Source – Will Ivancic Internet
    19. 19. Mobile Networking Additional Features <ul><li>Geographically Distributed Home Agents </li></ul><ul><li>Asymmetrical Pathing </li></ul>Source – Will Ivancic
    20. 20. Secondary Home Agent (reparenting the HA) Primary Home Agent Reparenting Home Agent Helps resolve triangular routing Problem over long distances Source – Will Ivancic Secondary Home Agent X
    21. 21. Emergency Backup (Hub / Spoke Network) Source – Will Ivancic If primary control site becomes physically inaccessible but can be electronically connected, a secondary site can be established. If primary control site is physically incapacitated, there is no backup capability.
    22. 22. Secondary Home Agent (Fully Meshed Network) 1 Source – Will Ivancic If primary control site is physically incapacitated, a second or third or forth site take over automatically. 2 3 4 5
    23. 23. Asymmetrical Pathing Mobile Router MilStar, Globalstar, Others DVB Satellite Source – Will Ivancic Internet Home Agent Foreign Agent Foreign Agent
    24. 24. Securing Mobile and Wireless Networks Some ways may be “better” than others! Source – Will Ivancic
    25. 25. Constraints / Tools <ul><li>Policy </li></ul><ul><li>Architecture </li></ul><ul><li>Protocols </li></ul>Source – Will Ivancic
    26. 26. IPv4 Utopian Operation Public Internet FA MR US Coast Guard Mobile Network HA US Coast Guard Operational Network (Private Address Space) CN Triangular Routing Source – Will Ivancic
    27. 27. IPv4 Mobile-IP Addressing <ul><li>Source Address is obtained from </li></ul><ul><ul><li>Foreign Agent </li></ul></ul><ul><ul><li>Static Collocated Care-of-Address (CCoA) </li></ul></ul><ul><ul><li>DHCP via Access Router (Dynamic CCoA) </li></ul></ul><ul><li>Private Address space is not routable via the Open Internet </li></ul><ul><li>Topologically Incorrect Addresses should be blocked via Ingress or Egress filtering </li></ul>Source – Will Ivancic
    28. 28. IPv4 “Real World” Operation Public Internet FA MR US Coast Guard Mobile Network HA US Coast Guard Operational Network (Private Address Space) CN P R O X y Source – Will Ivancic Proxy had not originated the request; therefore, the response is squelched. Peer-to-peer networking becomes problematic at best. Glenn Research Center Policy: No UDP, No IPSec, etc… Mobile-IP stopped in its tracks. What’s your policy? Ingress or Egress Filtering stops Transmission due to topologically Incorrect source address. IPv6 Corrects this problem. USCG Requires 3DES encryption. WEP is not acceptable due to known deficiencies.
    29. 29. Current Solution – Reverse Tunneling Public Internet FA MR US Coast Guard Mobile Network HA US Coast Guard Operational Network (Private Address Space) CN P R O X y Anticipate similar problems for IPv6. Adds Overhead and kills route optimization. Source – Will Ivancic
    30. 30. Shared Network Infrastructure Source – Will Ivancic Public Internet FA FA MR MR MR US Coast Guard Canadian Coast Guard ACME Shipping HA HA HA HA ACME SHIPPING MR US Navy Encrypting wireless links makes it very difficult to share infrastructure. This is a policy issue.
    31. 31. IPv6 Mobile-IP © 2004 Syzygy Engineering – Will Ivancic
    32. 32. Mobile-IPv6 <ul><li>No &quot;foreign agent“ routers </li></ul><ul><li>Route optimization is a fundamental part of the protocol </li></ul><ul><li>Mobile IPv6 route optimization can operate securely even without pre-arranged security associations </li></ul><ul><li>Route optimization coexists efficiently with routers that perform &quot;ingress filtering&quot; </li></ul><ul><li>The movement detection mechanism in Mobile IPv6 provides bidirectional confirmation of a mobile node's ability to communicate with its default router in its current location </li></ul><ul><li>Most packets sent to a mobile node while away from home in Mobile IPv6 are sent using an IPv6 routing header rather than IP encapsulation </li></ul>© 2004 Syzygy Engineering – Will Ivancic
    33. 33. Mobile-IPv6 <ul><li>Modes for communications between the mobile node and a correspondent node </li></ul><ul><ul><li>Bidirectional tunneling </li></ul></ul><ul><ul><ul><li>Does not require Mobile IPv6 support from the correspondent node </li></ul></ul></ul><ul><ul><li>“ Route Optimization“ </li></ul></ul><ul><ul><ul><li>Requires the mobile node to register its current binding at the correspondent node. </li></ul></ul></ul><ul><ul><ul><li>Packets from the correspondent node can be routed directly to the care-of address of the mobile node </li></ul></ul></ul>Source – Will Ivancic
    34. 34. IPv6 Extension Headers © 2004 Syzygy Engineering – Will Ivancic
    35. 35. Source-Routed Packet Source Address = mobile node’s care-of-address Destination Address = correspondent node’s address Topologically Correct Address If we loose contact, Home knows where I am. © 2004 Syzygy Engineering – Will Ivancic
    36. 36. Routing in Mobile IPv6 Mobile Node “visiting” a foreign link Home Agent Correspondent which does not know the care-of address Correspondent which knows the care-of address Source Routing Tunneling
    37. 37. Mobile Node Access Router Access Router Home Agent Corresponding Node Mobile-IPv6 using Reverse Tunneling Source – Will Ivancic “ ” Internet or Intranet
    38. 38. Mobile Node Access Router Access Router Home Agent Corresponding Node Mobile-IPv6 using Route Optimization Source – Will Ivancic “ ” Internet or Intranet
    39. 39. Mobile Node Access Router Access Router Home Agent Corresponding Node Mobile-IPv6 Binding Updates x The number of Binding Updates is A Scalability Problem for Mobile Networks Source – Will Ivancic “ ” Internet or Intranet Binding Updates Link UP
    40. 40. Mobile IPv6 Security <ul><li>Binding Updates use IPsec extension headers, or by the use of the Binding Authorization Data option </li></ul><ul><li>Prefix discovery is protected through the use of IPsec extension headers </li></ul><ul><li>Mechanisms related to transporting payload packets - such as the Home Address destination option and type 2 routing header have been specified in a manner which restricts their use in attacks </li></ul>Source – Will Ivancic
    41. 41. NEMO NEtworks in Motion http://www.ietf.org/html.charters/nemo-charter.html http://www.nal.motlabs.com/nemo/ Source – Will Ivancic
    42. 42. Networks In Motion (NEMO) <ul><li>Working Group established in IETF in December 2002 </li></ul><ul><li>Concerned with managing the mobility of an entire network, which changes, as a unit, its point of attachment to the Internet and thus its reachability in the topology. </li></ul>Source – Will Ivancic
    43. 43. Goals <ul><li>Standardizing some basic support mechanisms based on the bidirectional tunneling approach </li></ul><ul><ul><li>Competed January 2005 </li></ul></ul><ul><li>Study the possible approaches and issues with providing more optimal routing </li></ul><ul><ul><li>Ongoing as of January 2006 </li></ul></ul>Source – Will Ivancic
    44. 44. Network Mobility (NEMO) Basic Support Protocol (RFC 3963) <ul><li>The basic solution MUST use bi-directional tunnels </li></ul><ul><li>MNNs MUST be reachable at a permanent IP address and name. </li></ul><ul><li>MUST maintain continuous sessions (both unicast and multicast) between MNNs and arbitrary CNs after IP handover of (one of) the MRs. </li></ul><ul><li>The solution MUST not require modifications to any node other than MRs and HAs. </li></ul><ul><li>The solution MUST support fixed nodes, mobile hosts and mobile routers in the mobile network. </li></ul><ul><li>The solution MUST not prevent the proper operation of Mobile IPv6 (i.e. the solution MUST support MIPv6-enabled MNNs and MUST also allow MNNs to receive and process Binding Updates from arbitrary Mobile Nodes.) </li></ul><ul><li>The solution MUST treat all the potential configurations the same way (whatever the number of subnets, MNNs, nested levels of MRs, egress interfaces, ...) </li></ul><ul><li>The solution MUST support mobile networks attaching to other mobile networks (nested mobile networks). </li></ul>Source – Will Ivancic
    45. 45. Work In Progress <ul><li>Route Optimization </li></ul><ul><li>Load Sharing (monami) </li></ul><ul><li>Policy Based Routing (monami) </li></ul><ul><li>Multiple Home Agents from different Service Providers </li></ul><ul><ul><li>Security Issues </li></ul></ul><ul><ul><li>Desirable for some applications (i.e. air traffic control, airline maintenance, entertainment) </li></ul></ul>Source – Will Ivancic
    46. 46. Mobile Network Access Router Access Router Home Agent Corresponding Node Basic Mobile Network Support for IPv6 x Mobile Network Nodes Source – Will Ivancic Internet or Intranet Link UP Binding Update
    47. 47. Mobile Nodes and Multiple Interfaces in IPv6 (monami6)
    48. 48. monami6 <ul><li>Produce standard track specifications to the straight-forward problems associated with the simultaneous use of multiple addresses for either mobile hosts using Mobile IPv6 or mobile routers using NEMO Basic Support and their variants (FMIPv6, HMIPv6, etc) </li></ul><ul><li>Provide standardized support for simultaneous differentiated use of multiple access technologies </li></ul><ul><ul><li>802.11*, 802.16, 802.20, UMTS, Bluetooth and others </li></ul></ul><ul><li>WG Deliverables: </li></ul><ul><ul><li>Documentation of motivations for a node using multiple interfaces and the scenarios where it may end up with multiple global addresses on its interfaces [Informational] </li></ul></ul><ul><ul><li>Analysis document explaining what are the limitations for mobile hosts using multiple simultaneous Care-of Addresses and Home Agent addresses using Mobile IPv6, whether issues are specific to Mobile IPv6 or not [Informational]. </li></ul></ul><ul><ul><li>A protocol extension to Mobile IPv6 (RFC 3775) and NEMO Basic Support (RFC 3963) to support the registration of multiple Care-of Addresses at a given Home Agent address [Standard Track]. </li></ul></ul><ul><ul><li>A &quot;Flow/binding policies exchange&quot; solution for an exchange of policies from the mobile host/router to the Home Agent and from the Home Agent to the mobile host/router influencing the choice of the Care-of Address and Home Agent address [Standard Track]. </li></ul></ul>
    49. 49. Policy-Base Routing Airline Example High speed link int2 int3 Routing Policy Routing Policy int1 Low latency link Reliable link ATC ATC ATC ATC AOC AOC AOC AOC P-DATA P-DATA P-DATA P-DATA P-DATA P-DATA HomeAgent P-DATA: Passenger Data (Non-Critical Information) AOC: Airline Operations Control (2 nd Highest Priority) ATC: Air Traffic Management (Highest Priority - Safety of Flight)
    50. 50. Policy-Base Routing Airline Example High speed link int2 int3 Routing Policy Routing Policy int1 Low latency link Reliable link ATC ATC ATC ATC AOC AOC P-DATA P-DATA P-DATA HomeAgent P-DATA: Passenger Data (Non-Critical Information) AOC: Airline Operations Control (2 nd Highest Priority) ATC: Air Traffic Management (Highest Priority - Safety of Flight)
    51. 51. Policy-Base Routing Airline Example High speed link int2 int3 Routing Policy Routing Policy HomeAgent int1 Low latency link Reliable link ATC ATC ATC AOC AOC AOC P-DATA P-DATA P-DATA P-DATA P-DATA P-DATA P-DATA: Passenger Data (Non-Critical Information) AOC: Airline Operations Control (2 nd Highest Priority) ATC: Air Traffic Management (Highest Priority - Safety of Flight)
    52. 52. Mobile Ad Hoc Networks (MANET) © 2004 Syzygy Engineering – Will Ivancic
    53. 53. MANET Characteristics <ul><li>What is Mobile Ad-Hoc Networking (MANET) </li></ul><ul><ul><li>Self-configuring and self-organizing network of mobile nodes usually connected via wireless links </li></ul></ul><ul><ul><li>Consists of mobile platforms / nodes (e.g., a router with multiple hosts) which are free to move about arbitrarily. </li></ul></ul><ul><ul><li>Initial research and development based on mutual trust and cooperation </li></ul></ul><ul><ul><li>MANET routing is a layer-3, network layer technology. </li></ul></ul><ul><li>Dynamic, changing,random, multi-hop topologies may require traversing multiple links to reach a destination </li></ul><ul><li>May have frequent network partitions and merging </li></ul><ul><li>Routing may change because of mobility (or wireless link dynamics – fading) </li></ul><ul><li>Routing functionality need to support robust and efficient operation </li></ul><ul><li>May require energy-constrained operation </li></ul>Source: Albert Young - Boeing
    54. 54. MANET Characteristics <ul><li>Bandwidth constrained,variable capacity wireless links </li></ul><ul><li>Effective throughput is much less than a radio maximum transmission rate after accounting for the effects of multiple access, fading, noise, propagation path loss and interference </li></ul><ul><li>Limited physical security </li></ul><ul><ul><li>Increased possibility of eavesdropping, spoofing, and denial-of-service attacks </li></ul></ul><ul><li>Ad-hoc network clusters can operate autonomously or be attached at some point(s) to the fixed Internet –Stub network </li></ul><ul><li>The decentralized nature of network control in MANETs provides additional robustness against the single points of failure of more centralized approaches. </li></ul><ul><li>Equipped with wireless transceivers using antennas which may be omni-directional (broadcast),directional (point-to-point), possibly electronically steerable or a combination. </li></ul>Source: Albert Young - Boeing
    55. 55. Applications <ul><li>Sensor Webs </li></ul><ul><ul><li>Forest Fires Monitoring </li></ul></ul><ul><ul><li>Pollution Monitoring </li></ul></ul><ul><ul><li>Environmental Monitoring </li></ul></ul><ul><li>Inexpensive alternatives or enhancements to cell-based mobile network infrastructures. </li></ul><ul><li>Military networking for robust, IP-compliant data services within mobile wireless communication networks consist of highly-dynamic autonomous topology segments. </li></ul><ul><li>Homeland Security </li></ul><ul><ul><li>Scenarios requiring rapidly-deployable communications with survivable, efficient dynamic networking </li></ul></ul>© 2004 Syzygy Engineering – Will Ivancic
    56. 56. Status of MANET <ul><li>Defense Programs are extremely interested in MANETs </li></ul><ul><ul><li>Self-Organizing, robust, self-healing </li></ul></ul><ul><ul><li>Major research funding source. </li></ul></ul><ul><li>IETF MANET working </li></ul><ul><ul><li>Promoting a few “experimental” deployments (a reactive and a proactive routing technique) </li></ul></ul><ul><ul><li>Using mature components from previous work on experimental reactive and proactive protocols, the WG will develop two Standards track routing protocol specifications: </li></ul></ul><ul><ul><ul><li>Reactive MANET Protocol (RMP) </li></ul></ul></ul><ul><ul><ul><li>Proactive MANET Protocol (PMP) </li></ul></ul></ul><ul><ul><li>Develop a scoped forwarding protocol that can efficiently flood data packets to all participating MANET nodes. The primary purpose of this mechanism is a simplified best effort multicast forwarding function. </li></ul></ul>© 2004 Syzygy Engineering – Will Ivancic
    57. 57. Deployments (Sampling – Many others are available) <ul><li>Dynamic MANET On-demand (DYMO) routing protocol </li></ul><ul><ul><li>http://moment.cs.ucsb.edu/dymo/index.php </li></ul></ul><ul><li>Ad hoc On Demand Distance Vector (AODV) </li></ul><ul><ul><li>http://www.nmsl.cs.ucsb.edu/~krishna/aodv-linksys/ </li></ul></ul><ul><ul><li>http://w3.antd.nist.gov/wctg/aodv_kernel/ </li></ul></ul><ul><ul><li>http://crl.se/?go=aodv6 </li></ul></ul><ul><li>Optimized Link State Routing Protocol (OLSR) </li></ul><ul><ul><li>Navy Research Lab, INRIA (fr), NIIGATA (jp), GRC, LRI (fr), Communication Research Centre in Canada, UniK University </li></ul></ul><ul><ul><ul><li>URL for all sources: http://hipercom.inria.fr/olsr/#code </li></ul></ul></ul><ul><ul><ul><li>http://www.olsr.org/ </li></ul></ul></ul><ul><li>Dynamic Source Routing (DSR) </li></ul><ul><ul><li>http://www.monarch.cs.rice.edu/dsr-impl.html </li></ul></ul><ul><ul><li>http://pdos.csail.mit.edu/grid/software.html#install </li></ul></ul><ul><ul><li>http://core.it.uu.se/AdHoc/DsrUUImpltp://core.it.uu.se/AdHoc/DsrUUImpl </li></ul></ul>
    58. 58. Routing Standards and Research <ul><li>One Size Does Not Fit All! No single routing protocol works well in all environments </li></ul><ul><ul><li>Which approach to choose depends on the traffic and mobility patterns, and QoS requirements </li></ul></ul><ul><ul><li>Proactive routing protocols Optimized Link State Routing (OLSR), Open Shortest Path First (OSPF) extension </li></ul></ul><ul><ul><ul><li>Applicable for relatively stable networks </li></ul></ul></ul><ul><ul><ul><li>Suitable for large and dense networks </li></ul></ul></ul><ul><ul><li>Reactive routing protocol Ad Hoc On-Demand Distance Vector (AODV), Dynamic Source Routing protocol (DSR), Dynamic MANET On-demand (DYMO) </li></ul></ul><ul><ul><ul><li>Enables reactive, multihop routing between participating nodes that wish to communicate. </li></ul></ul></ul><ul><ul><ul><li>Applicable to highly dynamic networks </li></ul></ul></ul><ul><ul><li>Motivation is for interoperability with the wired </li></ul></ul><ul><ul><li>Modification (e.g. neighbor establishment) and scalability enhancements to OSPFv3 that is designed for IPv6 </li></ul></ul><ul><ul><li>Specifically in reducing the size of Hello packets, and optimizing flooding of routing updates. </li></ul></ul>© 2004 Syzygy Engineering – Will Ivancic
    59. 59. Benefits of IPv6 in MANETs <ul><li>IPv6 couple together with MANET offers ease and speed of deployment, and decreased dependence on infrastructure </li></ul><ul><li>Provide End-to-End Global Addressing </li></ul><ul><li>Autoconfiguration of link-local addresses </li></ul><ul><li>Possible End-to-End Security with integrated IPSec </li></ul><ul><li>Support for source routing </li></ul><ul><li>Full support of mobility </li></ul><ul><li>No broadcast traffic to hamper wireless network efficiency </li></ul><ul><li>Potential support of real-time delivery of data with QoS </li></ul><ul><li>Potential to utilize Anycast addressing </li></ul>© 2004 Syzygy Engineering – Will Ivancic
    60. 60. Challenges <ul><li>Denial of Service </li></ul><ul><ul><li>DAD DoS, Uncooperative Router, etc… </li></ul></ul><ul><ul><li>Neighbor Discovery trust and threats </li></ul></ul><ul><li>Network Discovery </li></ul><ul><ul><li>Reachback, DNS, Key Manager </li></ul></ul><ul><li>Security </li></ul><ul><ul><li>IPSec / HAIPES tunnel end-points </li></ul></ul><ul><ul><li>Security Policies in a dynamic environment </li></ul></ul><ul><ul><li>Is layer-2 encryption sufficient security? </li></ul></ul><ul><ul><li>Insecure routing </li></ul></ul><ul><ul><ul><li>Attackers may inject erroneous routing information to divert network traffic, or make routing inefficient </li></ul></ul></ul><ul><li>Key Management </li></ul><ul><ul><li>Lack of key distribution mechanism </li></ul></ul><ul><ul><li>Hard to guarantee access to any particular node (e.g. obtain a secret key) </li></ul></ul>© 2004 Syzygy Engineering – Will Ivancic
    61. 61. Challenges <ul><li>Duplicate Address Discovery </li></ul><ul><ul><li>Not suitable for multi-hop ad hoc networks that have dynamic network topology </li></ul></ul><ul><ul><li>Need to address situation where two MANET partitions merge </li></ul></ul><ul><li>Radio Technology </li></ul><ul><ul><li>Layer-2 media access often incompatible with layer-3 MANET routing protocol </li></ul></ul><ul><li>Battery exhaustion threat </li></ul><ul><ul><li>A malicious node may interact with a mobile node very often trying to drain the mobile node’s battery </li></ul></ul><ul><li>Testing of Applications </li></ul><ul><li>Integrating MANET into the Internet </li></ul>© 2004 Syzygy Engineering – Will Ivancic
    62. 62. Integrating MANET into the Internet <ul><li>Unicast Address Autoconfiguration </li></ul><ul><li>Multicast Address Autoconfiguration </li></ul><ul><li>Multicast Name Resolution </li></ul><ul><li>Service Discovery </li></ul><ul><li>Global Connectivity between MANET and Internet </li></ul>Source: http://www.adhoc.6ants.net/
    1. ¿Le ha llamado la atención una diapositiva en particular?

      Recortar diapositivas es una manera útil de recopilar información importante para consultarla más tarde.

    ×