Documente Academic
Documente Profesional
Documente Cultură
We will discuss : The basic framework in mobile IP The concepts of foreign network, home network and correspondent nodes Mobility binding and security issues Changes in IPv6 and future of mobile IP
At present, any access to the internet has an inherent restriction of point of attachment. We go to office, university or workplace and access the internet from a fixed IP address. This IP address may be for a desktop or laptop computer. If we take our computer to a different place, outside our usual network, we have to reconfigure it with a new IP address.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
It will be very nice if mobility does not affect internet sessions. For example, we should be able to take a laptop computer from our workplace to home without noticing any change in the internet connectivity. In general, users should be able to move around seamlessly. Mobility of the computer should be completely transparent to the applications running on the computer.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
For example, the user should continue to receive emails and keep connected to the internet. Mobile IP makes mobility completely transparent to applications running on a mobile computer. The applications feel that the mobile computer is connected to its usual IP address even if it is far away from its home network.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
A good comparison can be made with mobile telephone networks. A user can move around and continue using a mobile phone without noticing any change in connectivity. A fixed IP address is similar to a fixed home telephone connection. You can only communicate if you are at home.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
On the other hand mobile phones have given users complete freedom of communication. Users can communicate anytime and anywhere. Users need not worry about their location and movement and connections are made in a completely transparent fashion. However access to internet is not as transparent when users are mobile.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
However, there is a clear difference between internet access and mobile telephones. Users typically run applications that require resources from their home network. An example is emails. Users receive emails at their email address even though they are moving. Hence there is a need to maintain connections with the users home network.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
IP routes packets to their destinations according to IP addresses. An IP address is associated with a fixed network location. When a user moves, each new point of attachment has a new IP address. Hence it is very difficult to keep mobility transparent.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
How IP works
Routing tables are used for routing packets. The routing tables maintain the next hop information for each destination IP address. A packet is forwarded from the incoming network interface to the outgoing interface according to the next hop information. Hence, an IP address contains the information about the point of attachment of a computer.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Most internet connections use TCP. A good example is email clients. A TCP connection is uniquely identified by four components : <IP_source, port_source,IP_dest, port_dest>
If we change any one of these four components, the connection will be broken.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
If a packet has to be delivered to a mobile nodes current point of attachment, we need to change the destination IP address and port number. It is impossible to do so once a connection has been established. Mobile IP allows a mobile node to use two different IP addresses.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The home address is static and effectively identifies the user to the internet. TCP connections are established using the home address. The mobile node gets a new care-of address every time it connects to a new point of attachment. The home address is associated with the home network and the care-of address is associated with a foreign network.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
When a mobile node moves, it first connects to a foreign agent in a foreign network. Next, the mobile node is assigned a care-of address (an IP address) by the foreign network. The node now registers its care-of address with the home agent.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The home network contains a network node called Home Agent. The home address of the mobile node is the IP address of the home agent. The home agent is responsible for receiving all the packets sent to the mobile node when the mobile node is away. It is the responsibility of the home agent to deliver the packets to the mobile node at its current point of attachment.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Correspondent Node
A correspondent node is a computer that sends packets to the mobile node. A correspondent node is typically connected to its own home network. A correspondent node is aware of only the IP address of the mobile node in the home network of the mobile node. Any packet from the correspondent node is delivered to the home agent.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
1.
2.
3.
The correct functioning of mobile IP depends upon the coordination of three different activities Discovering the care-of address of a mobile node. Registering the care-of address with the home agent. Tunneling of packets from the home agent to the care-of address.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
1.
2.
In mobile IP, both a foreign agent and a home agent periodically broadcast agent advertisement messages. The role of foreign and home agents have been kept similar for two reasons : A home agent for one mobile node may act as a foreign agent for another mobile node. A mobile node can decide whether it is in the home network or in a foreign network.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Agent Advertisements
Hence, an agent advertisement has the functions : It allows mobile nodes to discover foreign agents and get care-of addresses. It allows the mobile node to know the services provided by the foreign agent. It allows the mobile node to determine whether an agent is its home agent or a foreign agent.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
A mobile node can generate agent solicitation messages when it is looking for a foreign agent. It may happen that a foreign agent has offered service, but the mobile node can no longer receive advertisements from the foreign agent. The mobile node assumes that the foreign agent is out of range. It may contact other foreign agents whose advertisements it has received, or it may send solicitation messages.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
When a mobile node receives a care-of address from a foreign agent, its home agent needs to be informed.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The mobile node sends a registration request to its home agent through the foreign agent who has provided the new care-of address. When the home agent receives the request, it updates its routing table and sends a registration reply back to the foreign agent. The mobile node starts receiving packets from its home agent once the home agent has accepted its registration request.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The home agent associates the care-of address of the mobile node with its home address. Any packet coming to the home agent will be tunneled to the mobile node in future. The home agent also associates a registration lifetime for the mobile agent. The three entities : home address, care-of address and registration lifetime is called a binding for the mobile node.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
It is extremely important to authenticate a registration request. Otherwise, a malicious node may send fake registration requests. Each mobile node and home agent must create digital signatures that cannot be forged. This is done by using a one-way hash algorithm over all the data in the registration request. However, there is still a possibility of a replay attack.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
A malicious node may replay a valid registration request later. It may be possible that the mobile node has now a new foreign agent and the home agent has no way to distinguish between a valid registration request and the replay of an old registration request.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Each new registration request must contain unique data so that two separate registrations will not have the same hash. Each registration message has a special identification field that changes with each new registration message. One possibility is to use a time stamp for identification as the time from the mobile node changes with each registration message.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
However, there is a problem with using time stamps. The mobile node and the home agent may differ in their clocks more and more. A better strategy is to use a random number for identification every time a new registration request is sent. The chance that two 32-bit random numbers will be the same is very low.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
When the home agent receives a packet for the mobile node, it delivers the packet to the care-of address of the mobile node. The home agent applies a transformation on the packet so that the care-of address becomes the destination address. A reverse transformation is applied when the packet arrives at the care-of address. It appears as if the mobile nodes home address is the destination address.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The transfer of the packet from the home agent to the care-of address is called tunneling. The home agent is the source of the tunnel. The home agent inserts a new tunnel header in front of the IP header of a packet addressed to the mobile agent and received by the home agent. The tunnel header is the care-of IP address of the mobile node. The old header is preserved as it was in the original packet.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The foreign agent is the receiver of the tunnel. When the foreign agent receives the tunneled packet, it has to delete the tunnel header to recover the original packet. The foreign agent delivers the packet to the mobile node after removing the tunnel header. Hence, for the mobile node, the packet looks like a normal packet exactly similar to a packet that it receives when it is connected to the home network.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The communication between the mobile node and a correspondent node is asymmetrical. Once the mobile node knows the IP address of the correspondent node, it can send packets directly to the correspondent node. However, the correspondent node cannot send packets directly to the care-of address of the mobile node. The correspondent node has to send packets to the home agent.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
IPv6 has many features for mobility that are not present in IPv4. Most importantly, there is no need of a foreign agent for supporting mobility in IPv6. A mobile node will be able to configure its own care-of address through stateless address autoconfiguration and neighbour discovery. This will reduce latency and increase security in Mobile IPv6.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
The tunneling mechanism for delivering packets from the home agent to the mobile node will remain similar. In particular, the details of IPv6within-IPv6 has been already worked out. However, one of the main changes in IPv6 will be route optimization. When a correspondent node knows the current care-of address of a mobile node, it can send packets to the mobile node directly.
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
Thank You
Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)