Mobile IPv6 Overview - PDF Free Download

Lecture Outline Network Layer Mobile IPv6 Proxy Mobile IPv6 Networking Laboratory 2/87

Contents Network Layer Introduction Network Layer Services Network Layer Protocol IPv4 IPv6 Networking Laboratory 4/87

Network Layer Introduction (1/2) VIDEO Video Content The video lets you have a view with a route of data packet on the Internet One of trillions involved in the trillions of Internet interactions that happen every second Look deep beneath the surface of the most basic Internet transaction, and follow the packet as it flows from your fingertips, through circuits, wires, and cables, to a host server, and then back again, all in less than a second Link: https://www.youtube.com/watch?v=ewrbalt_ebm Networking Laboratory 5/87

Network Layer Introduction (2/2) [Fig 4.1 Communication at the network layer ] Networking Laboratory 6/87

Network Layer Introduction Network-layer Services: Packetizing Encapsulating the payload (data received from upper layer) in a network-layer packet at the source If the content of the payload is too large, it needs to be fragmented Decapsulating the payload from the network layer packet at the destination If the packet is fragmented at the source or at routers along the path, the network layer is responsible for waiting until all fragments arrive, reassembling them, and delivering to the upper-layer Networking Laboratory 7/87

Network Layer Introduction Network-Layer Services: Routing and Forwarding Routing Since a physical network is a combination of networks (LANs and WANs), therefore, there is more than one route from the source to the destination We have to find the best one among these possible routes Forwarding Move packets from router s input to appropriate router output Forwarding value Send the packet out of interface 2 B Data B Data [ Fig 4.2 Forwarding process ] Networking Laboratory 8/87

Network Layer Protocol IPv4 An IP address is a 32-bit address The IP addresses are unique The address space of IPv4 is 2 32 or 4, 294, 967, 296 Notation Binary Notation : In binary notation, the IP address is displayed as 32 bits Dotted-Decimal Notation : Internet addresses are usually written in decimal form with a decimal point separating the bytes [ Fig 4.29 Three different notations in IPv4 addressing ] Networking Laboratory 9/87

Network-Layer Protocol IP Datagram Format (1/11) Packets used by the IP are called IP datagrams [ Fig 4.24 IP datagram ] Networking Laboratory 10/87

Network-Layer Protocol IP Datagram Format (2/11) Version (VER) 4-bit field which defines the version of the IP protocol Currently the version is 4 Version 6 may totally replace version 4 in the future If the machine is using some other version of IP, the datagram is discarded Header length (HLEN) 4-bit field which defines the total length of the datagram header in 4-byte words This field is needed because the head length is variable Service type 8-bit field which was referred to as type of service (TOS) Networking Laboratory 11/87

Network-Layer Protocol IP Datagram Format (3/11) Total length 16-bit field which defines the total length of the IP datagram in bytes Length of data = total length header length This field is necessary in case that the padding is added in the frame Length: Minimum 46 bytes L2 header Data < 46 bytes Padding L2 Trailer [ Encapsulation of a small datagram in an Ethernet frame ] Identification: 16-bit field which is used in fragmentation Networking Laboratory 12/87

Network-Layer Protocol IP Datagram Format (4/11) Flags 3-bit field which is used in fragmentation Time to live A datagram has a limited lifetime in its travel through an internet This field is originally designed to hold a timestamp, which was decremented by each visited router This field is mostly used to control the maximum number of hops visited by the datagram. This value is approximately two times the maximum number of routers between any two hosts If the value is zero, the router discards the datagram Networking Laboratory 13/87

Network-Layer Protocol IP Datagram Format (5/11) Protocol: 8-bit field which defines the higher level protocol that uses the services of the IP layer [ Figure 4.25: Multiplexing and demultiplexing using the value of the protocol field ] Networking Laboratory 14/87

Network-Layer Protocol IP Datagram Format (6/11) Checksum 16-bit field used for error check using checksum Source address 32-bit field which defines the IP address of the source Destination address 32-bit field which defines the IP address of the destination Networking Laboratory 15/87

Network-Layer Protocol IP Datagram Format (7/11) Maximum Transfer Unit: when a datagram is encapsulated in a frame, the total size of the datagram must be less than MTU [ Figure 4.26: Maximum transfer unit (MTU) ] Networking Laboratory 16/87

Network-Layer Protocol IP Datagram Format (8/11) Fields Related to Fragmentation: Fragmentation is to divide the datagram to make it possible to pass through a network The source usually does not fragment the IP packet When a datagram is fragmented, each fragment has its own header with most of the fields repeated, but some changed The reassembly of the datagram is done only by the destination host Networking Laboratory 17/87

Network-Layer Protocol IP Datagram Format (9/11) Fields Related to Fragmentation Identification (16-bit) This field identifies a datagram originating from the source host The combination of the identification and source IP address must uniquely define a datagram as it leaves the source host The identification number helps the destination in reassembling the datagram Flags (3-bit) The first bit is reserved The second bit is called the do not fragment bit The third bit is called the more fragment bit D: Do not fragment M: more fragment D M Networking Laboratory 18/87

Network-Layer Protocol IP Datagram Format (10/11) Fields Related to Fragmentation Fragmentation offset (13-bit) This is offset of the data in the original datagram measured in units of 8 bytes [ Fig 4.27 Fragmentation examples ] Networking Laboratory 19/87

Network-Layer Protocol IP Datagram Format (11/11) An example of fragmentation [ Fig 4.28 Detailed fragmentation example ] Networking Laboratory 20/87

Network Layer Protocol IPv6 (1/2) An IPv6 address is 128 bits long. Compared with the 32-bit address of IPv4, this is a huge (2 96 times) increase in the address space The main changes in the IPv6 protocol: Larger address space. Better header format: IPv6 uses a new header format in which options are separated from the base header and inserted. This simplifies and speeds up the routing process because most of the options do not need to be checked by routers New options: IPv6 has new options to allow for additional functionalities Allowance for extension: to allow the extension of the protocol if required by new technologies or applications Support for resource allocation: two new fields, traffic class and flow label, have been added to enable the source to request special handling of the packet. E.g. support traffic such as real-time audio and video Support for more security: providing the encryption and authentication options Networking Laboratory 21/87

Network Layer Protocol IPv6 (2/2) VIDEO Video Content When the Internet was launched in 1983, no one ever dreamed that there might be billions of devices and users trying to get online But like a telephone network that is running out of phone numbers, the current Internet is running out of IP addresses And if we don't roll out Internet Protocol v6 (IPv6), we won't have the room we need to grow and the Internet would become tangled, unsafe and unsustainable Link: https://www.youtube.com/watch?v=-uwjt32nvva Networking Laboratory 22/87

Contents MIPv6 Introduction MIPv6 Scenario MIPv6 Messages MIPv6 Mobility Support Route Optimization Route Optimized Packets Proxy MIPv6 Networking Laboratory 24/87

MIPv6 Introduction Mobile IPv6 is for supporting mobility in IPv6 While devices move to another place, something happens To maintain ongoing connections while moving, Mobile IPv6 uses the redirection function provided by some mechanism How Mobile IPv6 provides reachability and maintenance of ongoing connections without any collisions and errors Overview of Mobile IPv6 Networking Laboratory 25/87

MIPv6 Introduction Terminology (MN, CN, HoA) Mobile Node (MN) A node that changes its location within the Internet topology Correspondent Node (CN) Any node that communicates with the MN Home Address (HoA) A stable address that belongs to the MN Used by CNs to reach MN Networking Laboratory 26/87

MIPv6 Introduction Terminology (Links, HA) Home Link A link to which the home address prefix is assigned Home Agent (HA) A router located on the home link Redirects packets addressed to the MN Foreign Link Any links (other than the home link) visited by the MN Networking Laboratory 27/87

MIPv6 Introduction Terminology (CoA, Binding) Care-of address (CoA) An address assigned to the MN when located in Foreign Link Based on the prefix of the Foreign Link combined with the MN s interface identifier Identifies the current location of the MN Binding The association of the MN s HoA with a CoA (between the stable home address and the MN s current location) Binding is refreshed or updated when the MN has a new CoA (because it has moved to a new link) Networking Laboratory 28/87

MIPv6 Introduction Terminology (Binding Cache, BUL) Binding Cache A cache stored in volatile memory containing a number of bindings Maintained by both the CN and HA Contains the MN s HoA, CoA and lifetime Binding Update List (BUL) A list maintained by the MN in volatile memory Maintained for the MN to know when a binding needs to be refreshed Networking Laboratory 29/87

MIPv6 Introduction Introduction Video VIDEO Content Introduction of terminologies in MIPv6 Brief introduction of MIPv6 operation Duration 7 minutes and 33 seconds Networking Laboratory 30/87

MIPv6 Introduction Overview of Mobile IPv6 (1/2) MIPv6 was designed to allow an MN to be reachable and to maintain ongoing connections while changing the MN s location MIPv6 uses a stable IP address assigned to MN i.e. HoA (Home Address) The reasons for uses of the HoA To be reachable by having a stable entry in the DNS To hide the IP layer mobility from upper layers Networking Laboratory 31/87

MIPv6 Introduction Overview of Mobile IPv6 (2/2) In order for nodes to be reachable The address should not be changed every time they move the need for the HoA provided by MIPv6 Why keeping a stable address independently of the MN s location? All CNs try to reach the MN, without knowing the actual location of the MN Networking Laboratory 32/87

MIPv6 Scenario Operation of Mobile Node (1/2) MN s Home Address (HoA) is formed by appending an interface identifier to the prefix advertised on the Home Link MN operates like any other IPv6 nodes while at home receives packets addressed to any of its HoAs delivered via normal routing Networking Laboratory 33/87

MIPv6 Scenario Operation of Mobile Node (2/2) When the MN moves from Home Link to the Foreign Link MN forms the CoA based on the prefix of the Foreign Link MN informs the Home Agent By sending a Binding Update (BU) message BU contains the MN s Home Address and its CoA Home Agent needs to store Binding Update to forward packets to the MN Binding cache contains all bindings for the Mobile Nodes Each entry in the binding cache stores a binding for one home address Networking Laboratory 34/87

MIPv6 Scenario Operation of Home Agent (1/3) When the Home Agent receives the binding update HA searches its binding cache to see if an entry already exists If the entry already exists updates that entry with the new information received Otherwise, a new one is created Home Agent acts as a proxy for the Mobile Node on the Foreign Link Networking Laboratory 35/87

MIPv6 Scenario Operation of Home Agent (2/3) To ensure this representation is understood by all nodes on the home link HA sends a proxy neighbor advertisement to the all-node multicast address The advertisement includes (in the target address field) the MN s home address the HA s link-layer address Then, packets to the MN is forwarded to the Home Agent s Link- Layer address Networking Laboratory 36/87

MIPv6 Scenario Operation of Home Agent (3/3) Networking Laboratory 37/87

MIPv6 Scenario Tunneling (CN->MN) Upon receiving a packet addressed to the Mobile Node HA checks its binding cache When entry is found, the packet is tunneled to the MN s CoA Src: CN address Dst: MN home address Src: HA address Dst: MN care-of address Original packet Outer header Original packet Src: CN address Dst: MN home address Packet from CN to MN s home address HA Tunnelled packet Networking Laboratory 38/87

MIPv6 Scenario Tunneling (MN->CN) The tunnel is bidirectional and when the MN sends any packets MN tunnels them first to the HA HA decapsulates the packet and forwards the original one to its destination Src: MN home address Dst: CN address Src: MN care-of address Dst: HA address Original packet Outer header Original packet Src: MN home address Dst: CN address Packet sent from MN to CN HA Tunnelled packet from MN Networking Laboratory 39/87

MIPv6 Scenario Tunneling (Figure) Home Link Home Agent IPv6 packets Mobile IPv6 messages Foreign Link Correspondent Node Mobile Node Foreign Link Networking Laboratory 40/87

MIPv6 Scenario Tunneling (Transparency) Tunneling is required to ensure the transparency of the service provided by the Home Agent To preserve the end-to-end nature of packets exchanged between the MN and CNs Routers must not modify the content of source and destination addresses in the IP header Thereby, preserves the integrity of the packet and allows end-to-end integrity checks Tunneling is essential to maintain transparency for upper layers If the HA rewrites the destination address in the packet Packet s integrity is compromised Causing the Authentication Header to fail Networking Laboratory 41/87

Practice Problem What is the difference between Home Address (HoA) and Care of Address (CoA)? HoA is assigned by Home Agent in the home network, and is fixed for the mobile node. Whereas, CoA is assigned by the Foreign Agent in the foreign network and is temporary Networking Laboratory 42/87

MIPv6 Messages IPv6 Header Version: 4-bit IP version Class: Traffic Class (Congestion control and non-congestion control traffic) Flow Label: QoS Management Next Header: Specifies the next encapsulated protocol. Hop Limit: Replaces the time to live field of IPv4 Networking Laboratory 43/87

MIPv6 Messages Next Header Fields Value Header 0 Hop-by-Hop Options Header 6 TCP 17 UDP 41 Encapsulated IPv6 Header 43 Routing Header 44 Fragment Header 50 Encapsulating Security Payload 51 Authentication Header 58 ICMPv6 (Internet Control Message Protocol Version 6) 59 No Next Header 60 Destination Options Header 135 Mobility Header Networking Laboratory 44/87

MIPv6 Messages Chain of the Next Header Fields IPv6 Header Next Header = 6 (TCP) TCP Segment IPv6 Header Next Header = 43 (Routing) Routing Header Next Header = 17 (UDP) UDP Segment IPv6 Header Next Header = 43 (Routing) Routing Header Next Header = 51 (AH) Authentication Header Next Header = 6 (TCP) TCP Segment Networking Laboratory 45/87

MIPv6 Messages Extension Header Order All the IPv6 nodes on the path need to process the options in this header For intermediate destination For final destination Networking Laboratory 46/87

MIPv6 Messages Binding Updates and Binding Acks MN ensures that it has a binding with Home Agent If the binding is lost or the Binding Update message was not received MN will be unreachable while away from home Hence, a reliable protocol is required to install a binding in the Home Agent s binding cache Home Agent is required to acknowledge the Binding Update message sent by the Mobile Node BU and BA included in Mobility Header Networking Laboratory 47/87

MIPv6 Messages BU, BA and Mobility Header Mobility Header is used to carry all MIPv6 messages Format 8bit 8bit 8bit 8bit Payload protocol Header length MH Type reserved Checksum Message Data Message Data Payload protocol field: Indicates the type of the following header Header length field: Indicates the length of this extension header Mobility header (MH) type field: Used as a switch to indicate which message is included in the mobility header Binding Update has the MH Type value 5 Binding Acknowledgement has the MH Type value 6 Networking Laboratory 48/87

MIPv6 Messages BU Message 8bit 8bit 16bit Sequence number A H L K Reserved Lifetime A (Acknowledge) flag: Acknowledgment is required H (Home Registration) flag: Binding Update is sent to a home agent L (Link-Local Address Compatibility) flag: The home address reported by the mobile node has the same interface identifier as the mobile node's link-local address K (Key Management Mobility Capability) flag: Indicates whether the protocol used to establish a security association between the MN and HA must be rerun every time the MN moves, e.g. IPsec Lifetime field: 16-bit unsigned integer The number of time units remaining before the binding MUST be considered expired A value of zero indicates that the Binding Cache entry for the mobile node MUST be deleted One time unit is 4 seconds Networking Laboratory 49/87

MIPv6 Messages BA Message 8bit 8bit 16bit Status K Reserved Sequence number Lifetime Status field: Success or failure of the binding Value below 128 indicate success Rest of the value indicate the reasons for failure If MN does not receive BA, MN continues to retransmit the BU Until an ACK is received or Until a maximum timeout value (256 sec) is reached After receiving the BA from the HA, the MN needs to ensure that information is stored to be able to refresh the binding For this purpose, MN maintains a data structure called the binding update list Networking Laboratory 50/87

MIPv6 Messages Binding Cache Structure Maintained by HA and CNs Home Address Care of Address Remaining Lifetime Flag Max. value of SN Recent usage inform. Home Address : HoA for the MN, searching key Care of Address : CoA for the MN Remaining Lifetime Flag : indicate whether or not "home registration" entry Maximum value of the SN : value of Sequence Number field received in previous BU (8 bits long) Recent usage inform : related to implement cache replacement policy Networking Laboratory 51/87

MIPv6 Messages Binding Update List Structure Maintained by MN IP Addr. Home Addr. CoA Interface ID Initial value of Lifetime Remaining Lifetime Max. value of SN Flag IP Address : IP address of the node to which a BU was sent Home Address : MN s home address CoA : MN s CoA Initial value of Lifetime Remaining Lifetime Maximum value of the SN last BU Time Retransmission State : the time remaining until the next retransmission attempt for the Binding Update Flag : indicates that future BUs should not be sent to this destination Networking Laboratory 52/87

MIPv6 Mobility Support Movement Detection (Packet Loss) The MN should always inform its HA of its current location (CoA) This is done by using the BU and BA messages However, its HA continues to forward packets to its previous CoA until the MN updates its movement This results in packet losses Networking Laboratory 53/87

MIPv6 Mobility Support Movement Detection (Procedure) To minimize packet losses, Mobile Node Movement occurs Home Agent 1. Detect movement 2. Form a new care-of address 3. Inform the HA by sending a binding update Movement detected MN forms new care-of address Packet losses Steps 1 and 2 need to be executed ASAP Binding update Binding acknowledge Two events for Movement Detection A new prefix has appeared on link The current default router has disappeared MIPv6 makes the minimum interval between router advertisements to 0.05 second (standard interval is 3 seconds) Networking Laboratory 54/87

MIPv6 Mobility Support Movement Detection (More Routers?) If a Mobile Node is located on a link that has more than one default router router_1 and router_2 are connected on the same link If the MN initially configures its CoA based on router_1 s advertised prefix, then receives an advertisement from router_2 MN might think that it has moved In fact it does not! How do we solve this situation? Networking Laboratory 55/87

MIPv6 Mobility Support Movement Detection (Approach) To avoid the situation in this scenario, Configure all routers on the link to advertise the same prefixed Design a new option that should be added to the router advertisement This option could include a globally unique address that identifies the link All routers on the link would have to include this option regardless of the prefixes they advertise Prefix: 3ffe:200:8:1/64 Prefix: 3ffe:200:8:2/64 router_1 router_2 Ethernet Mobile Node Networking Laboratory 56/87

MIPv6 Mobility Support Returning Home (1/2) When the MN returns to its Home Link Inform the HA that should stop receiving MN s packet The MN must send a BU to the HA with a lifetime of zero and a CoA equal to the MN s HoA MN needs to configure its Home Address to be able to send the BU But, HA still assumes that it should defend the MN s HoA, which would cause DAD to fail and prevent the MN from configuring its HoA (DAD, Duplicate Address Detection) To avoid DAD, The MN needs to learn from HA s MAC address Networking Laboratory 57/87

MIPv6 Mobility Support Returning Home (2/2) neighbor solicitation Src add = the unspecified add(::) Dst add = the HA s solicited node multicast address Target add = the HA s global IP address neighbor advertisement To the all-node multicast address binding update with HA s MAC address Src add = its home address Dst add = the HA s address Networking Laboratory 58/87

MIPv6 Mobility Support Dynamic Home Agent Address Discovery Mobile Node needs to locate a suitable Home Agent HA s address can be configured in the MN (with a nonvolatile memory) This approach has some drawbacks If too many mobile nodes register with the home agent, Addresses successfully change if HA address change occurs, otherwise the HA may fail or simply get overloaded Can be done by Dynamic Home Agent Address Discovery (DHAAD) message MIPv6 provides a Dynamic Home Agent Address Discovery Allow MNs to discover HAs addresses Allow HAs to share the load between them in cases where multiple HAs are located on the same link by utilizing a preference parameter Networking Laboratory 59/87

MIPv6 Mobility Support Home Agent Information Option 8bit 8bit 16bit Type Length Reserved Home Agent Preference Home Agent Lifetime preference is included in the new option Home Agent Information Option Included in router advertisement Every HA on a link keeps a list (the home agent list) containing an IP address of each HA on the link and its preference To communicate the information in the HA list to MNs preference using DHAAD messages, Carried in two ICMP messages DHAAD request and DHAAD reply messages Default value is zero Larger values indicate higher availability of the Home Agent Home Agent lifetime: How long a router can serve as a Home Agent Networking Laboratory 60/87

MIPv6 Mobility Support Virtual Home Links A DoS attack can be launched by Bad Guy sharing a link with Home Agent If the home prefix is not associated to any physical link and if the home link is a virtual link, these problems can be avoided The home prefix can be configured on the Home Agent and Mobile Nodes only The Home Agent would not send any router advertisements for this prefix Consequently, MN would never return home HA makes sure that the home address is not allocated to another node Since no one else is located on the home link except Mobile Nodes and the Home Agent, no proxy neighbor advertisement would be sent on the wire Bad Guy cannot launch DoS attacks on the Mobile Node s home address Networking Laboratory 61/87

MIPv6 Mobility Support Additional Delays Routing packets through the HA always adds additional delays Home Link Home Agent IPv6 packets Mobile IPv6 messages Foreign Link Correspondent Node Mobile Node Foreign Link Networking Laboratory 62/87

Practice Problem What is the purpose of Binding Update and Acknowledgement messages? Mobile node uses the Binding Update message to inform the Home Agent about its current location (CoA), so that Home Agent can re-direct the mobile node bound traffic to it. Binding Acknowledgement message is sent by Home Agent to Mobile node in the response of Binding Update message. Networking Laboratory 63/87

Route Optimization The worst-case scenario MN and CN share the same link The best-case scenario CNs were on the MN s home link A problem with forcing traffic through HA While it may be possible to eventually detect the failure of HA, Its failure would cause the MN to lose all ongoing connections Route optimization is about to Route packets between a MN and a CN Using the shortest possible path MN is aware of When packets are routed through the HA When it receives tunneled packets addressed to its HoA How does a MN know if the communication with a CN lasts for a short or a long time? NO concrete answer A smart MN s implementation Duration of a connection, RTT, and amount of data Correspondent Node Home Link Home Agent IPv6 packets Mobile Node Foreign Link Correspondent Node Networking Laboratory 64/87

Route Optimization Signaling (1/2) When MN receives a packet tunneled from HA MN must decide whether route optimization is needed MN informs the CN of its current location Using the binding update message The CN maintains a binding cache Similar to the one maintained by the HA BU sent to CN must not set the H-, K-, L-bits 8bit 8bit 8bit 8bit Payload protocol Header length MH Type Reserved Checksum Sequence number A H L K Reserved Lifetime <The binding update message format> A (Acknowledge) flag, H (Home Registration) flag, L (Link-Local Address Compatibility) flag, K (Key Management Mobility Capability) flag: Networking Laboratory 65/87

Route Optimization Signaling (2/2) When a CN receives a BU from a MN It creates a new entry in the binding cache Updates the existing one with the new location of the MN Home Link Home Agent Binding update and binding ack Mobile IPv6 messages IPv6 packets Foreign Link Correspondent Node Mobile Node Foreign Link <Route Optimization Signaling> Networking Laboratory 66/87

Route Optimization Two Aims of the BU Allow packets directly between MNs and CNs without going through the HA Maintain ongoing connections MIPv6 defines two messages New routing header type 2 New destination option called the home address option Sending Route Optimized packets to CN Networking Laboratory 67/87

Route Optimization Summary When the MN sends a BU to a CN Indicate the home address At the home address option in the destination option s extension header After the BU, MN s home address is stored in CN s binding cache If the A flag is set, binding acknowledgment to MN MN updates binding update list CN s IPv6 address, MN s HoA and CoA, sequence number, lifetime MN uses the home address option src : home address, dst : CN address The home address option is essentially a disguised form of tunneling Networking Laboratory 68/87

Route Optimized Packets Sending Route Optimized Packets to CN Mobility is kept transparent to upper layers When a CN receives a packet containing a home address option Replaces the source address in the packet s header with the address included in the home address option before passing the packet to upper layers It is important to note that MN includes the home address option only in packets sent directly to CN i.e., BU was sent and accepted Adding the home address option before sending a packet IPv6 header Src:home address Dst:CN address Application data IPv6 header Src:home address Dst:CN address Dst opt header Care-of address Application data IPv6 header Src:care-of address Dst:CN address Dst opt header Home address Application data (a) original packet (b) home address option added (c) final packet to be sent Networking Laboratory 69/87

Route Optimized Packets Receiving Route Optimized Packets from CNs New routing header: Type field set to 2 When receiving the packet MN processes the routing header Replacing the destination address (CoA) with the address in the routing header (home address) A BU Sent to CN The process of route optimization involves 3 distinct steps Detecting that packets are tunneled by the HA Sending a binding update to the CN Sending packets directly to the CN and including the home address option in those packets Networking Laboratory 70/87

Route Optimized Packets BU Sent to CN, and then When CN has not accepted the BU, CN discards packets To ensure the acceptance of the BU MN can request an acknowledgment, A-flag in the BU What if CN failed? Binding error message No binding cache entry exists for home address Type field value of 7 Status field set to 1, 2 8bit 8bit 8bit 8bit Next Header Header length MH Type Checksum Status Reserved Home address (128 bits) <Binding error message> Networking Laboratory 71/87

Route Optimized Packets Why Not IP in IP Tunneling for Route Optimization? The basic idea behind route optimization is 1) to hide the MN s home address inside the packets; 2) to avoid breaking ingress filtering; and 3) to route packets to the right location in the topology The same effect could have been achieved by using IP in IP tunneling between MN and CN Following the BU processing, a tunnel can be established between the MN and the CN Using tunneling between the MN and the CN (a) Tunneled packets originating from the MN (b) Tunneled packets originating from the CN Care-of address Correspondent address Addresses in outer header Correspondent address Care-of address Home address Correspondent address Addresses in inner header Correspondent address Home address Advantage: Using the existing mechanism known to Tunneling Disadvantage: More network bandwidth Networking Laboratory 72/87

Route Optimized Packets What If MN Failed? MN maintains state about the nodes Binding update list The loss of such information in MN results in Different sets of information in the MN, its HA, and CNs If the MN loses the information It immediately attempts to update its HA To update the current binding Use a sequence number larger than the one used in its last BU message If MN is not aware of the last value used, it picks a random value Networking Laboratory 73/87

Route Optimized Packets Site-Local Address and MIPv6 One of the problems with site-local addresses MN has no way of knowing whether it is in its home site or another one When the MN moves away from its home link, it does not know If the MN is in fact in the same site the BU is received by the HA, and MIPv6 will work If the MN is in a different site, two possible outcomes Another node in the same site is configured with the same site-local address as the HA; this node will receive the BU from the MN However, since BUs/BAs are protected by IPsec there is no chance of confusion in this case; it will silently discard the packet No node in this site is configured with the HA s site-local address; Therefore, the MN will receive an ICMP error Destination unreachable Networking Laboratory 74/87

Route Optimized Packets MN Sending Packets Networking Laboratory 75/87

Route Optimized Packets CN Received Packets Networking Laboratory 76/87

Proxy Mobile IPv6 (PMIPv6) PMIPv6 is a network-based local mobility management protocol developed by the IETF (Internet Engineering Task Force). PMIPv6 is new Idea? Absolutely No!, but new trend!. It s a turn for the better. In the handover latency aspect, PMIPv6 is a very good protocol. More Study and Standardization Needed Route Optimization in PMIPv6 Fast Handover in PMIPv6 Cross-layering Issues PMIPv6 over IEEE 802.16(e)/WiBro Fast Handover with leverage of IEEE 802.21 Networking Laboratory 78/87

Goal of PMIPv6 To provide mobility without requiring the host to participate in any mobility related signaling. registration PMIPv6 Scenario (being extended) Networking Laboratory 79/87

PMIPv6 Overview (1/2) New entities LMA (Local Mobility Anchor) Home Agent for the MN in the PMIPv6 domain Assigns MN's home prefix and manages the MN's reachability state MAG (Mobile Access Gateway) Manages the mobility related signaling for a MN Tracking the MN's attachment to the link and for signaling the MN's LMA Assumptions (or Restrictions) Link between MN and MAG is a point-to-point link (not shared link) Logically exclusive layer 3 link between MN and MAG Per-MN Prefix model unique home network prefix is assigned to MN Support both Stateless and Stateful address configuration modes Networking Laboratory 80/87

PMIPv6 Overview (2/2) IP Tunnel IP-in-IP tunnel between LMA and MAG LMA: Local Mobility Anchor MAG: Mobile Access Gateway MAG LMA Home Network MN s Home Network (Topological Anchor Point) movement MAG LMA Address (LMAA) LMM That will be the tunnel entry-point (Localized Mobility Management) Domain MN s Home Network Prefix (MN-HNP) CAFE:2:/64 MN Home Address (MN-HoA) MN continues to use it as long as it roams within a same domain Proxy Care of Address (Proxy-CoA) The address of MAG That will be the tunnel end-point Proxy Binding Update (PBU) Control message sent by MAG to LMA to establish a binding between MN-HoA and Proxy-CoA Networking Laboratory 81/87

PBU and PBA Message Format (1/2) Proxy Binding Update (PBU) Message A, H, L, K: RFC 3775, MIPv6 BU Reuse M : indicates MAP (Mobility Anchor Point) registration (HMIPv6) R : It is set to inform the HA, if the BU message comes from MS P (Proxy Registration Flag) Indicates that the registration is a Proxy registration. Networking Laboratory 82/87

PBU and PBA Message Format (2/2) Proxy Binding Update Acknowledgement (PBA) Message K: RFC 3775, MIPv6 BA Reuse R: indicates that the HA that processed the BU supports the MS P (Proxy Registration Flag) indicates that the HA that processed the Proxy Binding Update supports Proxy Registration. Networking Laboratory 83/87

PMIPv6 Features (1/3) Home in Any Place Network Entry (or Handover) Procedures After MN attachment, MAG gets MN s profile Obtain MN s home network prefix information Static Scheme Get it from Profile Dynamic Scheme Get it from LMA via PBU/PBA Now MAG has enough information to emulate MN s home link Send the RA (Router Advertisement) messages advertising MN s home network prefix and other parameters MAG runs on the access router will emulate the home link on its access link. MN always obtain its home network prefix, any where in the network. It will ensure that MN believes it is at its home. Networking Laboratory 84/87

PMIPv6 Features (2/3) M:1 Tunnel LMA-MAG tunnel is a shared tunnel among many MNs. 1:1 relation m:1 relation One tunnel is associated to multiple MNs Binding Caches. Life-time of a tunnel should not be dependent on the life time of any single BCE (Binding Cache Entry). RA (Router Advertisement) should be UNICASTed to an MN It will contain MN s Home Network Prefix Networking Laboratory 85/87

PMIPv6 Features (3/3) LMA s Prefix-based Routing LMA will add prefix routes to MN s home network prefix over the tunnel. Routing State for a MN stored in LMA MAG establishes IP in IP tunnel with LMA Routing State for a MN stored in MAG Networking Laboratory 86/87

PMIPv6 Operation Flow PBU: Proxy Binding Update PBA: Proxy Binding Ack. MN MAG AAA&Policy Store LMA CN MN Attachment RA* AAA Query with MN-ID AAA Reply with Profile PBU with MN-ID, Home Network Prefix option, Timestamp option RA** PBA with MN-ID, Home Network Prefix option Optional Tunnel Setup DHCP Request DHCP Response [MN-HoA:CN](data) DHCP Server DHCP Request DHCP Response [Proxy-CoA:LMAA][MN-HoA:CN](data) [MN-HoA:CN](data) Networking Laboratory 87/87