Mobile Communications Chapter 8:

Network Protocols/Mobile IP
 Motivation  Problems
 Data transfer  Micro mobility support
 Encapsulation  DHCP
 Security  Ad-hoc networks
 IPv6  Routing protocols

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.1

 Motivation for Mobile IP

Routing
 based on IP destination address, network prefix (e.g. 129.13.42)
determines physical subnet
 change of physical subnet implies change of IP address to have a
topological correct address (standard IP) or needs special entries in
the routing tables
Specific routes to end-systems?
 change of all routing table entries to forward packets to the right
destination
 does not scale with the number of mobile hosts and frequent
changes in the location, security problems
Changing the IP-address?
 adjust the host IP address depending on the current location
 almost impossible to find a mobile system, DNS updates take to
long time
 TCP connections break, security problems

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.2

 Requirements to Mobile IP (RFC 3344, was: 3220, was: 2002)

Transparency
 mobile end-systems keep their IP address
 continuation of communication after interruption of link possible
 point of connection to the fixed network can be changed
Compatibility
 support of the same layer 2 protocols as IP
 no changes to current end-systems and routers required
 mobile end-systems can communicate with fixed systems
Security
 authentication of all registration messages
Efficiency and scalability
 only little additional messages to the mobile system required
(connection typically via a low bandwidth radio link)
 world-wide support of a large number of mobile systems in the
whole Internet

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.3

 Terminology

Foreign Agent (FA)

 The FA can provide several services to the MN during
its visit to the foreign network.
 The FA can have the COA ,acting as tunnel endpoint
and forwarding packets to the MN.
 The FA can be the default router for the MN.
 FAs can also provide security services because they
belong to the foreign network as opposed to the MN
which is only visiting.
 Typically, an FA is implemented on a router for the
subnet the MN attaches to
 Terminology
 Care-of Address (COA)
 The COA defines the current location of the MN from an IP point of
view.
 All IP packets sent to the MN are delivered to the COA, not directly
to the IP address of the MN.
 Packet delivery toward the MN is done using a tunnel.
 To be more precise, the COA marks the tunnel endpoint, i.e., the
address where packets exit the tunnel.

There are two different possibilities for the location of the

COA:
1. Foreign Agent COA
2. Co-located COA
 Terminology
● Foreign agent COA:
 The COA could be located at the FA, i.e., the COA is an IP
address of the FA.
 The FA is the tunnel end-point and forwards packets to the
MN.
 Many MN using the FA can share this COA as common COA.

● Co-located COA:
 The COA is co-located if the MN temporarily acquired an
additional IP address which acts as COA.
 This address is now topologically correct, and the tunnel
endpoint is at the MN.
 Co-located addresses can be acquired using services such as
DHCP
 One problem associated with this approach is the need for
additional addresses if MNs request a COA. This is not
always a good idea considering the scarcity of IPv4
 Terminology

Home agent (HA):

The HA provides several services for the MN and is located in
the home network.
The tunnel for packets toward the MN starts at the HA.
The HA maintains a location registry, i.e., it is informed of the
MN’s location by the current COA.

Three alternatives for the implementation of an HA exist.

1. The HA can be implemented on a router that is responsible

for the home network. This is obviously the best position,
because without optimizations to mobile IP, all packets for
the MN have to go through the router anyway.
 Terminology

2. If changing the router’s software is not possible, the HA

could also be implemented on an arbitrary node in the
subnet.
 One disadvantage of this solution is the double crossing of
the router by the packet if the MN is in a foreign network.
 A packet for the MN comes in via the router; the HA sends
it through the tunnel which again crosses the router.

3. A home network is not necessary at all.

The HA could be again on the ‘router’ but this time only acting
as a manager for MNs belonging to a virtual home network.
All MNs are always in a foreign network with this solution.
 Example network

HA
MN

router

home network mobile end-system

Internet
(physical home network
for the MN)
FA foreign
network
router
(current physical network
for the MN)
CN

end-system router

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.9

 Data transfer to the mobile system

HA
2
MN

home network 3 receiver

Internet

FA foreign
network

1. Sender sends to the IP address of MN,

HA intercepts packet (proxy ARP)
1 2. HA tunnels packet to COA, here FA,
CN
by encapsulation
3. FA forwards the packet
sender to the MN

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.10

 Data transfer from the mobile system

HA
1 MN

home network sender

Internet

FA foreign
network

1. Sender sends to the IP address

of the receiver as usual,
CN
FA works as default router

receiver

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.11

 Overview
COA

router
home router MN
FA
network HA

foreign
Internet network

CN router

3.
router
home router MN
2. FA
network HA
4.
foreign
Internet network

1.
CN router

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.12

 Network integration

Agent Advertisement
 HA and FA periodically send advertisement messages into their
physical subnets
 MN listens to these messages and detects, if it is in the home or a
foreign network (standard case for home network)
 MN reads a COA from the FA advertisement messages
Registration (always limited lifetime!)
 MN signals COA to the HA via the FA, HA acknowledges via FA to MN
 these actions have to be secured by authentication
Advertisement
 HA advertises the IP address of the MN (as for fixed systems), i.e.
standard routing information
 routers adjust their entries, these are stable for a longer time (HA
responsible for a MN over a longer period of time)
 packets to the MN are sent to the HA,
 independent of changes in COA/FA

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.13

 Agent advertisement

0 7 8 15 16 23 24 31
type code checksum
#addresses addr. size lifetime
router address 1
preference level 1
router address 2
preference level 2
...
type = 16
length = 6 + 4 * #COAs type = 16 length sequence number
R: registration required registration lifetime R B H F M G r T reserved
B: busy, no more registrations COA 1
H: home agent COA 2
F: foreign agent ...
M: minimal encapsulation
G: GRE encapsulation
r: =0, ignored (former Van Jacobson compression)
T: FA supports reverse tunneling
reserved: =0, ignored

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.14

 Registration

MN FA HA MN HA

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.15

 Mobile IP registration request

0 7 8 15 16 23 24 31
type = 1 S B DMG r T x lifetime
home address
home agent
COA
identification

extensions . . .

S: simultaneous bindings
B: broadcast datagrams
D: decapsulation by MN
M mininal encapsulation
G: GRE encapsulation
r: =0, ignored
T: reverse tunneling requested
x: =0, ignored

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.16

 Mobile IP registration reply
0 7 8 15 16 31
type = 3 code lifetime
home address
home agent
identification
Example codes: extensions . . .
registration successful
0 registration accepted
1 registration accepted, but simultaneous mobility bindings unsupported
registration denied by FA
65 administratively prohibited
66 insufficient resources
67 mobile node failed authentication
68 home agent failed authentication
69 requested Lifetime too long
registration denied by HA
129 administratively prohibited
131 mobile node failed authentication
133 registration Identification mismatch
135 too many simultaneous mobility bindings

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.17

 Encapsulation

original IP header original data

new IP header new data

outer header inner header original data

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.18

 Encapsulation I

Encapsulation of one packet into another as payload

 e.g. IPv6 in IPv4 (6Bone), Multicast in Unicast (Mbone)
 here: e.g. IP-in-IP-encapsulation, minimal encapsulation or GRE
(Generic Record Encapsulation)
IP-in-IP-encapsulation (mandatory, RFC 2003)
 tunnel between HA and COA
ver. IHL DS (TOS) length
IP identification flags fragment offset
TTL IP-in-IP IP checksum
IP address of HA
Care-of address COA
ver. IHL DS (TOS) length
IP identification flags fragment offset
TTL lay. 4 prot. IP checksum
IP address of CN
IP address of MN
TCP/UDP/ ... payload

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.19

 Encapsulation II

Minimal encapsulation (optional)

 avoids repetition of identical fields
 e.g. TTL, IHL, version, DS (RFC 2474, old: TOS)
 only applicable for unfragmented packets, no space left for
fragment identification

ver. IHL DS (TOS) length

IP identification flags fragment offset
TTL min. encap. IP checksum
IP address of HA
care-of address COA
lay. 4 protoc. S reserved IP checksum
IP address of MN
original sender IP address (if S=1)
TCP/UDP/ ... payload

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.20

 Generic Routing Encapsulation

original
original data
header

GRE original
outer header original data
header header

RFC 1701 new header new data

ver. IHL DS (TOS) length

IP identification flags fragment offset
TTL GRE IP checksum
IP address of HA RFC 2784
Care-of address COA
C R K S s rec. rsv. ver. protocol C reserved0 ver. protocol
checksum (optional) offset (optional) checksum (optional) reserved1 (=0)
key (optional)
sequence number (optional)
routing (optional)
ver. IHL DS (TOS) length
IP identification flags fragment offset
TTL lay. 4 prot. IP checksum
IP address of CN
IP address of MN

TCP/UDP/ ... payload

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.21

 Optimization of packet forwarding

Triangular Routing
 sender sends all packets via HA to MN
 higher latency and network load
“Solutions”
 sender learns the current location of MN
 direct tunneling to this location
 HA informs a sender about the location of MN
 big security problems!
Change of FA
 packets on-the-fly during the change can be lost
 new FA informs old FA to avoid packet loss, old FA now forwards
remaining packets to new FA
 this information also enables the old FA to release resources for the
MN

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.22

 Change of foreign agent
CN HA FAold FAnew MN

Data Data Data

Update
ACK

Data Data
MN changes
location
Update Registration
ACK
Data
Data Data
Warning
Request
Update
ACK
Data
Data
t

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.23

 DHCP: Dynamic Host Configuration Protocol

Application
 simplification of installation and maintenance of networked
computers
 supplies systems with all necessary information, such as IP
address, DNS server address, domain name, subnet mask, default
router etc.
 enables automatic integration of systems into an Intranet or the
Internet, can be used to acquire a COA for Mobile IP
Client/Server-Model
 the client sends via a MAC broadcast a request to the DHCP server
(might be via a DHCP relay) DHCPDISCOVER

DHCPDISCOVER
server client

client relay

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.24

 DHCP - protocol mechanisms
server client server
(not selected) initialization (selected)
DHCPDISCOVER DHCPDISCOVER
determine the determine the
configuration configuration
DHCPOFFER DHCPOFFER
collection of replies

selection of configuration
DHCPREQUEST DHCPREQUEST
(reject) (options) confirmation of
configuration
DHCPACK
initialization completed

release
DHCPRELEASE delete context

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.25

 DHCP characteristics

Server
 several servers can be configured for DHCP, coordination not yet
standardized (i.e., manual configuration)
Renewal of configurations
 IP addresses have to be requested periodically, simplified protocol
Options
 available for routers, subnet mask, NTP (network time protocol)
timeserver, SLP (service location protocol) directory,
DNS (domain name system)

Big security problems!

 no authentication of DHCP information specified

Prof. Dr.-Ing. Jochen Schiller, http://www.jochenschiller.de/ MC SS02 8.26