Mobile networks support in ipv6 draft update draft ernst mobileip v6 01 txt
This presentation is the property of its rightful owner.
Sponsored Links
1 / 9

Mobile Networks Support in IPv6 - Draft Update draft-ernst-mobileip-v6-01.txt - PowerPoint PPT Presentation


  • 63 Views
  • Uploaded on
  • Presentation posted in: General

Mobile Networks Support in IPv6 - Draft Update draft-ernst-mobileip-v6-01.txt -. Thierry Ernst - MOTOROLA Labs Ludovic Bellier - INRIA (Planete project) Claude Castelluccia - INRIA (Planete project) Hong-Yon Lach - MOTOROLA Labs. Definition and Terminology.

Download Presentation

Mobile Networks Support in IPv6 - Draft Update draft-ernst-mobileip-v6-01.txt -

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Mobile networks support in ipv6 draft update draft ernst mobileip v6 01 txt

Mobile Networks Support in IPv6- Draft Update draft-ernst-mobileip-v6-01.txt -

Thierry Ernst - MOTOROLA Labs

Ludovic Bellier - INRIA (Planete project)

Claude Castelluccia - INRIA (Planete project)

Hong-Yon Lach - MOTOROLA Labs


Definition and terminology

Definition and Terminology

  • Mobile Node = a node that changes its point of attachment

    • by means of Mobile IPv6

  • Mobile Network = an entire network that changes its point of attachment

    • A IP subnet or a collection of IP subnets

    • Mobile Router (MR) + its attached Nodes and Routers.

    • SNs = all stationary nodes located in mobile network ( SNs are not Mobile Nodes !)

    • Future needs require to consider (potentially large) mobile networks

  • CNs = all nodes communicating with SNs

  • Aim of this work is to:

    • Provide continuous Internet connectivity to SNs

    • Offer optimal routing between CNs and SNs

  • Mobile IPv6 specification:

    • Mobile IPv6 nodes may either be Mobile Hosts or Mobile Routers.

    • But no explicit mention of mobile networks.


Experimentation test bed

Experimentation: Test Bed

  • Francis Dupont INRIA IPv6 Implementation under FreeBSD 3.3

  • MR has two interfaces

    • One on the home / foreign link in the home / foreign network

    • One on the internal link in the mobile network

  • Mobile Network attaches to foreign link :

    • MR obtains a care-of address on the foreign link

    • MR registers care-of address with HA.

    • HA opens an IPv6-in-IPv6 tunnel to MR’s careof address

    • HA adds a host-specific route for MR’s home address to MR’s careof address


Experimentation ping between cn and mr

Experimentation: Ping between CN and MR

I ’m MR

MR ?

  • Packet is routed to BR

  • BR sends NDP messages to discover MR’s MAC address

  • BR HA replies with HA’s address on behalf of MR

  • HA intercepts packets addressed to MR

  • HA routes the packet to the IPv6-in-IPv6 tunnel

  • HA tunnels the packet to MR’s care-of address

=> Redirection works fine whether Mobile Node is a Host or a Router

No problem, MR

receives the packet


Experimentation ping between cn and sn

Experimentation: Ping between CN and SN

I ’m MR

Routing Loop

MR ?

  • Packet is routed to BR

  • In BR’s routing table, MR' home address is the next hop towards SN

  • BR sends NDP messages to discover MR’s MAC address

  • HA replies with HA’s address on behalf of MR

  • HA intercepts but does not have an entry for SN’s address

  • HA sends the packet to its default route, i.e. the BR

  • The packet enters in a routing loop

=> Redirection to SNs impossible

Problem, SN never

receives the packet


Our solution network scope binding updates

Our Solution: Network Scope Binding Updates

  • Assumption: all nodes in the mobile network share a common IP prefix = Mobile Network Prefix

    • if only one subnet -> internal link ’s prefix

    • If several subnets -> a common prefix identifying (sub-SLA) all subnets in the mobile network

  • Our solution: all packets with a destination address corresponding to the Mobile Network Prefix are routed to the MR ’s careof address.

  • Means:

    • A Binding between the Mobile Network Prefix and the MR’s careof address.

    • a new Sub-Option to carry the Mobile Network Prefix + a ‘P’ flag

    • Prefix and flag are recorded in the binding cache

    • Binding Cache is searched for a Prefix for those records showing the ‘P’ flag.

    • BUs containing the Mobile Network Prefix are sent:

      • To the HA to allow redirection

      • To all CNs to allow optimal routing

    • BUs are sent by the MR, not by individual SNs:

      • mobility of network is transparent to SNs

      • mobility management is aggregated (a given CN only gets 1 BU whatever # SNs)


Our solution security issues

Our Solution: Security Issues

  • Existing Mobile IPv6 for Mobile Nodes:

    • Authentication of BU’s sender:

      • MN authenticated thanks to IPSec

    • Authorization of MN = allowing MN to send BUs

      • no explicit authorization

      • If sender is authenticated, the Mobile IPv6 policy is to accept, record, and use whatever received careof address

  • Mobile IPv6 extensions to support Mobile Networks:

    • Authentication of BU’s sender:

      • MR is authenticated thanks to IPSec - (same as for a single MN)

    • Authorization of MR = allowing the MR to manage mobility of an entire network

      • If the Mobile IPv6 policy says that a careof-address can be registered for a prefix, then MR has the right to register a binding between the Mobile Network Prefix and its address.

      • Authorization may be provided by a certificate:

        • exchanged during SA negociation

        • to guarantee that MR actually serves the mobile network with the specified Prefix.

  • Our solution is a matter of Authorization, not a matter of Authentication


Mobile ip working group item

Mobile IP Working Group Item ?

  • Does the Mobile IP WG agree that:

    • HA is unable to redirect packets sent to nodes in the mobile network ?

      (if the final destination is not the Mobile Router itself)

    • CN is unable to directly route packets to nodes in the mobile network)

      (if the final destination is not the Mobile Router itself)

      => no redirection + no optimal routing = SNs are unreachable

  • This should be addressed by the Mobile IP WG

    => Add « Support of Mobile Networks » as a work item of the Mobile IP WG and include it in the charter.


For more information

For More Information

draft-ernst-mobileip-v6-network-01.txt

Thierry Ernst

[email protected]

http:// www.inrialpes.fr/planete

This is a joint work between

and


  • Login