T-0.50 Computer Networks II Mobility Issues 6.0.008 Overview Mobile IP NEMO Transport layer solutions i SIP mobility Contents Prof. Sasu Tarkoma Mobility What happens when network endpoints start to move? What happens when networks move? Problem for on-going conversations X no longer associated with address Solution: X informs new address Problem for future conversations Where is X? what is the address? Solution: X makes contact address available In practice not so easy. Security is needed! Intra-subnet Classifying Mobility Protocols Mobility Micro Macro Global Cellular IP (998) TMIP (00) Hierarchical MIP (996) Hawaii (999) Dynamic Mobility Agent (000) HMIPv6 (00) MIP (996) MIPv6 (00) Time (evolutionary path) Intra-domain Inter-domain Routing vs. mobility Topology data aggregation is necessary Cannot track all hosts in the world IP addresses determined by topology Network gives the routing prefix Mobile hosts must change their IP addresses Causes sockets / connections to break How to communicate address changes? Two approaches: Let routing handle it not scalable Done by ad hoc routing protocols Let end-systems handle it protocol is needed Goal of a mobility protocol Transport and applications do not see address changes Mobility transparency GPRS/UMTS Access network BS BS Ad hoc NAT R AP Networks: Mobility Public Switched Data Network Backbone LAN R R R R MAN NAT
Rendezvous Security issues How to find the moving end-point? Tackling double jump What if both hosts move at the same time? Requires a rendezvous point Mobility management is needed! Initial rendezvous Can be based on directories Requires fast updates to directories Does not work well for DNS Address stealing Alice and Bob communicate Mallory tells Alice Bob is now at C Address flooding Mallory downloads from Alice, Bob, etc. Mallory tells everybody I have moved to C Mobile IP Two versions IPv (optional) integrated into IPv6 (with IPSec security) Home Agent (HA) Home address Initial reachability Triangular routing / reverse tunneling Route optimization Tunnels to bypass HA HA as a rendezvous point Home agent Home link Mobility Example:Mobile IP Triangular Routing DELAY! Correspondent host Mobile host Ingress filtering causes problems for IPv (home address as source), IPv6 uses CoA so not a problem. Solutions: (reverse tunnelling) or route optimization Foreign agent Foreign agent left out of MIPv6. No special support needed with IPv6 autoconfiguration Foreign link Care-of-Address (CoA) Reverse Tunnelling Mobility Example:Mobile IPv6 Route Optimization Correspondent host Firewalls Firewallsand and ingress ingress filtering filteringno no longer longera a problem problem Double Doubletriangular triangularrouting routing leads leadsto to overhead overheadand and increases increasescongestion congestion Correspondent host CH sends packets using routing header First, a Return Routability test to CH. CH sends home test and CoA test packets. When receives both, It sends the BU with the Kbm key. DELAY! Home agent Home agent Secure tunnel (ESP) sends a binding update to CH when it receives a tunnelled packet. Home link Mobile host Foreign link Home link Mobile host Foreign link Care-of-Address (CoA)
MIPv6 MIP6 utilizes IPv6 header options for signalling between the HA and CN. The important changes are a new extension header (mobility header) for the creation and management of binding, a new routing header type to allow packets to be routed directly from CN to a MN CoA (home address in ext), and a new destination type (MN to CN, home address again) MIP6 uses the new IPv6 autoconfiguration mechanism to determine the CoA, and thus does not need a FA. Using autoconfiguration, the MN receives Advertisements that contain the routing prefixes of the visited network. This prefix information is then combined with the interface ID (MAC address) of the MN to obtain the CoA. MIP6 also supports the dynamic discovery of the HA or HAs. Extension Headers CN to MN Type in Mobility Header: Binding Update, Binding Ack, Binding Err, Binding refresh MN to CN Upper Layer headers Mobility Header Data MN, HA, and CN for Binding Source: Chittaranjan Hota, Computer Networks II lecture.0.007 MIPv6 Operation: Mobile on a Foreign network MIPv6: Dynamic Home Agent Discovery Home Agents List Preference Value Home Agent 6 Home Agent Foreign Network Duplicate address detection, Proxy neighbor discovery, and Binding cache update Bidirectional tunnel (Acquiring COA) 5 Update Binding Update List Source: Chittaranjan Hota, Computer Networks II lecture.0.007 Stateless address Auto configuration Home Agents List Preference Value Mobile Node Home Agent 6 Home Agent Dynamic Home Agent Address Discovery request to anycast address DHAAD reply with addresses of home agents with their preferences Source: Chittaranjan Hota, Computer Networks II lecture.0.007 Security in Mobile IP Source: Microsoft, Understanding Mobile IPv6 MIPv6 RFC 775/776 Protection of Binding Updates HA, CNs IPsec extension headers or the binding authorization data option Binding management key, Kbm, which is established through return routability procedure Protection of mobile prefix discovery Protection of the mechanisms that MIPv6 uses for transporting data Protecting binding updates Must be secured through IPsec ESP is used for updates and acks Shoulds: init messages, prefix discovery
Return Routability Mobile Node Correspondent Node Home Agent HOTI (HOme address Test Init) COTI (Care-Of address Test Init ) Sends COTI and HOTI to CN, construct Kbm claim ownership of CoA send binding updates, break comms. with CN. Offpath attack CN Can see HOT but not COT Claim to own home address Use current address as CoA. Offpath attack using refresh COT (Care-Of Test ) HOT BU ACK BU HOTI HOT (HOme Test) MiTM attacks. Cannot construct Kbm. MN HA Both HOTI and HOT are encrypted. Malicious node may be able to forward traffic to neighbor if has a valid HA Offpath attacks MIP specific attacks DoS attacks: memory/processing capability exhaustion. Connection termination. Reflection attacks. Victim s IP address is spoofed, receiver will respond, causing messages sent to the victim Ingress filtering can help MiTM attacks. Attacker compromises routers on-path. Route injection. Prevent connections between CN and MN by picking a home address and RR Attacker can move to another location and refresh binding, continue deny service to MN while offpath Solutions When location changes, MN runs RR (malicious node fails this if offpath) Public keys and certificates, IKE Cryptographically generated address (CGA) CGA and MIP Hierarchical Mobile IP Each node has a key-pair Produce h(pk, data) 6bitsthatcanbeusedas the interface identifier Put this into IPv6 address host part cryptographically generated address MN can prove it owns such an address by providing a signature inside a message CGA can be used to prove that a noede owns a particular addres, but not that a node is currently located at this address RR is needed HMIPv6 is specified in RFC 0 Introduces local Mobility Anchor Points (MAP) that are essentially Home Agents MAPs can be located at any level in a hierarchical network of routers, including the access routers. The aim of the HMIPv6 is to minimize the signaling latency and reduce the number of required signaling messages. As long as the MN stays inside one MAP domain it only needs to update its location with the MAP. The localized mobility management can also be completely handled on the network side without MN's involvement at the IP mobility protocol level.
NEMO It is also possible for a whole subnetwork to roam from one part of the Internet to another. Network Mobility (NEMO) is specified in RFC 96 The technical solution of NEMO is based on MIP6. NEMO allows subnetworks to change their location in a network. This is realized using a mobile router that manages the mobile network. The mobile router updates its HA regarding the CoA of the mobile router. A NEMO compliant HA can act also as a MIP6 HA. The basic solution creates a bi-directional tunnel between the mobile router and the HA, which effectively keeps the mobile network reachable. Hosts behind the mobile router do not need to be aware of mobility in any way. Hierarchical Mobile IP (HMIP) @FA HA @VL Internet FA @FA Localizing Registrations @FA FA @FA @FA 6 Lineage <FA, FA, FA > FA @FA 5 FA FA FA 6 5 @VL <FA 6, FA, FA > <FA 5 FA, FA > Common ancestor = FA (nearest) Source: Chittaranjan Hota, Computer Networks II lecture.0.007 Common ancestor = FA (nearest) Multi-layer layer Operation Mobility and multi-homing can be realized on different layers Network Mobile IP, HMIP, NEMO Between network and transport Host Identity Protocol (HIP) Transport (SCTP) TCP extensions, SCTP (TrASH) Application SIP, Wireless CORBA, overlays Re-establish TCP-sessions after movement TCP Solutions to Mobility When MN initiates a connection, it tells the CN it s new IP address through SYN CN uses DNS lookup to locate a MN TCP Migrate option is used to migrate to a new connection CN MN CN (s_ip, s_port, d_ip, d_port) to (s_ip, s_port, d_ip,d_port ) MN after movement (Migrate SYN, Migrate SYN/ACK, ACK) Segmented TCP, Indirect TCP (I-TCP) SCTP multihoming can be used as well Source: Chittaranjan Hota, Computer Networks II lecture.0.007 SIP Mobility Session mobility allows a user to maintain and manage a media session across devices Terminal mobility allows a device to move between IP subnets while continuing to be reachable for incoming requests and maintaining sessions across subnet changes Personal mobility allows the addressing of a single user Located at different terminals by using the same logical address Service mobility allows users to maintain access to services while moving or changing devices and network service providers SIP implements these using URLs, proxies, and redirect servers. The home domain keeps track of users and devices. Message forking Host Identity Protocol New cryptographic namespace Connection endpoints mapped to 8 bit host identity tags (hashes of public keys) Mapping at HIP layer -phase Base Exchange with cryptographic puzzle for DoS prevention IPSec for network-level security 5
Identity/Locator split Process Transport ID Layer IP Layer Link Layer identifier locator Application-layer layer mobility Many application-layer protocols are, in principle, similar to Mobile IP Moving entity may differ Instead of host we have object, session, entity, or interests For example: Object mobility Wireless CORBA Session mobility SIP Interest mobility Content-based routing Generic mobility i overlay, service composition Internet Indirection Infrastructure (i) i: How it Works? An Overlay infrastructure. Every packet is associated with an identifier. Receiver receives using identifier A Trigger Movement with a different address CHORD ensures O (log N ) no. of intermediate hops to reach at the destination (A Receiver R inserts a trigger into i) (Natural Support for Mobility) [Source: http://i.cs.berkeley.edu/] (A Sender S sends a packet with same identifier 7, that is delivered to R) [http://i.cs.berkeley.edu/] Mobile Web Server Indirection Points Webserver.5/G Operator Firewall Gateway Browser DNS Internet Mobility may be characterized by indirection points Mobile IP Single fixed indirection point Location / Identity split Single indirection point SIP Single fixed indirection point (home domain) (other are possible) Content-based routing Many indirection points By courtesy of Johan Wikman Presented in EuroOSCON 006 6
Lessons to learn Summary Hierarchical routing likely to stay Addresses carry topological information Efficient and well established Applications face changing connectivity QoS varies periods of non-connectivity Identifiers and locators likely to split Mobility management is needed Probably changes in directory services Overlays have been proposed Topology based routing is necessary Mobility causes address changes Address changes must be signalled end-to-end Alternative: use triangular routing as in Mobile IP Mobility management needed Initial rendezvous: maybe a directory service Double jump problem: rendezvous needed Many engineering trade-offs 7