1. INTRODUCTION
The exponential growth of the Internet and the inexorable increase in native computing power of laptop computers and other digital wireless data communication devices has brought the need for mobile networking into sharp focus. As network services proliferate and become available ubiquitously, every network device will take advantage of mobile networking technology to offer maximum flexibility to the customers needing those devices.
To understand the contrast between the current realities of IP connectivity and future possibilities, consider the transition toward mobility that has occurred in telephony over the past 20 years. An analogous transition in the domain of networking, from dependence on fixed points of attachment to the flexibility afforded by mobility, has just begun.
As PDAs and the next generation of data-ready cellular phones become more widely deployed, a greater degree of connectivity is almost becoming a necessity for the business user on the go. Data connectivity solutions for this group of users are a very different requirement than it is for the fixed dialup user or the stationary wired LAN user. Solutions here need to deal with the challenge of movement during a data session or conversation. Cellular service providers and network administrators wanting to deploy wireless LAN technologies need to have a solution which will grant this greater freedom
Cisco IOS has integrated new technology into our routing platforms to meet these new networking challenges. Mobile IP is a tunneling-based solution which takes advantage of the Cisco-created GRE tunneling technology, as well as simpler IP-in-IP tunneling protocol. This tunneling enables a router on a user’s home subnet to intercept and transparently forward IP packets to users while they roam beyond traditional network boundaries. This solution is a key enabler of wireless mobility, both in the wireless LAN arena, such as the 802.11 standard, and in the cellular environment for packet-based data offerings which offer connectivity to a user’s home network and the Internet.
Mobile IP provides users the freedom to roam beyond their home subnet while consistently maintaining their home IP address. This enables transparent routing of IP data grams to mobile users during their movement, so that data sessions can be initiated to them while they roam; it also enables sessions to be maintained in spite of physical movement between points of attachment to the Internet or other networks. Cisco’s implementation of Mobile IP is fully compliant with the Internet Engineering Task Force’s (IETF’s) proposed standard defined in Request for Comments.
Truly mobile computing offers many advantages. Confident access to the Internet anytime, anywhere will help free us from the ties that bind us to our desktops. Consider how cellular phones have given people new freedom in carrying out their work. Taking along an entire computing environment has the potential not just to extend that flexibility but to fundamentally change the existing work ethic.
The evolution of mobile networking will differ from that of telephony in some important respects. The endpoints of a telephone connection are typically human; computer applications are likely to involve interactions between machines without human intervention. Obvious examples of this are mobile computing devices on airplanes, ships, and automobiles. Mobile networking may well also come to depend on position-finding devices, such as a satellite global positioning system, to work in tandem with wireless access to the Internet.
However, there are still some technical obstacles that must be overcome before mobile networking can become widespread. The most fundamental is the way the Internet Protocol, the protocol that connects the networks of today's Internet, routes packets to their destinations according to IP addresses. These addresses are associated with a fixed network location much as a non-mobile phone number is associated with a physical jack in a wall. When the packet's destination is a mobile node, this means that each new point of attachment made by the node is associated with a new network number and, hence, a new IP address, making transparent mobility impossible.
Network mobility is enabled by Mobile IP, which provides a scalable, transparent, and secure solution. It is scalable because only the participating components need to be Mobile IP aware—the Mobile Node and the endpoints of the tunnel. No other routers in the network or any hosts with which the Mobile Node is communicating need to be changed or even aware of the movement of the Mobile Node. It is transparent to any applications while providing mobility. Also, the network layer provides link-layer independence; interlink layer roaming, and link-layer transparency. Finally, it is secure because the set up of packet redirection is authenticated.
2. Mobile IP Overview
In IP networks, routing is based on stationary IP addresses, similar to how a postal letter is delivered to the fixed address on the envelope. A device on a network is reachable through normal IP routing by the IP address it is assigned on the network.
The problem occurs when a device roams away from its home network and is no longer reachable using normal IP routing. This results in the active sessions of the device being terminated. Mobile IP was created to enable users to keep the same IP address while traveling to a different network (which may even be on a different wireless operator), thus ensuring that a roaming individual could continue communication without sessions or connections being dropped. Because the mobility functions of Mobile IP are performed at the network layer rather than the physical layer, the mobile device can span different types of wireless and wire line networks while maintaining connections and ongoing applications. Remote login, remote printing, and file transfers are some examples of applications where it is undesirable to interrupt communications while an individual roams across network boundaries. Also, certain network services, such as software licenses and access privileges, are based on IP addresses. Changing these IP addresses could compromise the network services.
This section discusses the main concepts and operations of the IETF Mobile IP protocol. The basic protocol procedures fall into the following areas:
Advertisement.
Registration
Tunneling
Mobile IP is a modification to IP that allows nodes to continue to receive datagrams no matter where they happen to be attached to the Internet. It involves some additional control messages that allow the IP nodes involved to manage their IP routing tables reliably. Scalability has been a dominant design factor during the development of Mobile IP, because in the future a high percentage of the nodes attached to the Internet will be capable of mobility.
As explained in the previous section, IP assumes that a node’s network address uniquely identifies the node’s point of attachment to the Internet. Therefore, a node must be located on the network indicated by its IP address to receive datagrams destined to it; otherwise, datagrams destined to the node would be undeliverable. Without Mobile IP, one of the two following mechanisms must be typically employed for a node to change its point of attachment without losing the ability to communicate:
The node must change its IP address whenever it changes its point of attachment.
Host-specific routes must be propagated throughout the relevant portion of the Internet
routing infrastructure.
Both these alternatives are plainly unacceptable in the general case. The first makes it impossible for a node to maintain transport and higher layer connections when the node changes location. The second has obvious and severe scaling problems that are especially relevant considering the explosive growth in sales of notebook (mobile) computers.
Mobile IP was devised to meet the following goals for mobile nodes that move (that is, change their point of attachment to the Internet) more frequently than once per second. The following five characteristics should be considered baseline requirements to be satisfied be any candidate for a mobile IP protocol:
A mobile node must be able to communicate with other nodes after changing its link-layer point of attachment to the Internet, yet without changing its IP address.
A mobile node must be able to communicate with other nodes that do not implement
Mobile IP.
All messages used to transmit information to another node about the location of a mobile node must be authenticated to protect against remote redirection attacks.
The link by which a mobile node is directly attached to the Internet may often be a
wireless link. This link may thus have a substantially lower bandwidth and higher error rate than the traditional wired networks. Moreover, mobile nodes are likely to be battery powered, and minimizing power consumption is important. Therefore, the number of administrative messages sent over the link by which a mobile node is directly connected to the Internet should be minimized, and the size of these messages should be kept as small as possible.
Mobile IP must place no additional constraints on the assignment of IP addresses.
3. Terminology
Mobile IP introduces the following new functional entities:
Mobile node – A mobile node is a host or a router that changes its point of attachment from one network or sub network to another. A mobile node may change its location without changing its IP address. It may continue to communicate with other Internet nodes at any location using its (constant) IP address, assuming link-layer connectivity to a point of attachment is available.
Home agent – A home agent is a router on a mobile node’s home network that tunnels datagrams for delivery to the mobile node when it is away from home and maintains current location information for the mobile node.
Foreign agent – A foreign agent is a router on a mobile node’s visited network that provides routing services to the mobile node while registered. The foreign agent detunnels and delivers datagrams to the mobile node that were tunneled by the mobile node’s home agent. The foreign agent may always be selected as a default router by registered mobile nodes.
A mobile node is given a long term IP address on a home network. When away from its home network, a care-of address is associated with the mobile node and reflects the mobile node’s current point of attachment. The mobile node uses its home address as the source address of all IP datagrams that it sends, except during registration if it happens to acquire another IP address.
4. Protocol Overview
Mobile IP is, in essence, a way of doing three relatively separate functions:
1. Agent Discovery – Home agents and foreign agents may advertise their availability on each link for which they provide service. A newly arrived mobile node can send a solicitation on the link to learn if any prospective agents are present.
2. Registration – When the mobile node is away from home, it registers its care of address with its home agent. Depending upon its method of attachment, the mobile node will register either directly with its home agent or through a foreign agent, which forwards the registration to the home agent.
3. Tunneling – In order for datagrams to be delivered to the mobile node when it is away from home, the home agent has to tunnel the datagrams to the care-of-address. When away from home, Mobile IP uses protocol tunneling to hide a mobile node’s home address from intervening routers between its home network and current location. The tunnel terminates at the node’s care-of-address. The care-of-address must be an address to which datagrams can be delivered via conventional IP routing. At the care-of address, the original datagram is removed from the tunnel and delivered to the mobile node.
Mobile IP provides two ways to acquire a care-of address:
1. A foreign agent care-of address is a care-of address provided by a foreign agent through its agent advertisement messages. In this case, the care-of address is an IP address of the foreign agent. In this mode, the foreign agent is the endpoint of the tunnel and, on receiving tunneled datagrams, decapsulates them and delivers the inner datagram to the mobile node. This mode of acquisition is advantageous because it allows many nodes to share the same care-of address and therefore does not place unnecessary demands on the already limited Internet Protocol version 4 (Ipv4) address space.
2. A collocated care-of address is a care-of address acquired by the mobile node as a local IP address through some external means, which the mobile node then associates with one of its own network interfaces. The address may be dynamically acquired as a temporary address by the mobile node, such as through DHCP, or it may be owned by the mobile node as a long-term address for its use only while visiting some foreign network. When using a collocated care-of address, the mobile node serves as the end point of the tunnel and performs decapsulation of the datagrams tunneled to it. An additional advantage of a
collocated address for mobile nodes that are equipped to use the address in this fashion is
that they can be used for connections that are not long lived and thus will never need the
services of any home agent.
With these operations in mind, a rough outline of the operation of the Mobile IP protocol follows:
1. Mobility agents (that is, foreign agents and home agents) advertise their presence via agent advertisement messages. A mobile node may optionally solicit an agent advertisement message from any local mobility agents by using an agent solicitation message.
2. A mobile node receives an agent advertisement and determines whether it is on its home network or a foreign network.
3. When the mobile node detects that it is located on its home network, it operates without mobility services. If returning to its home network from being registered elsewhere, the mobile node deregisters with its home agent through a variation of the normal registration process.
4. When the mobile node detects that it has moved to a foreign network, it obtains a care of address on the foreign network. The care-of address can either be a foreign agent care-of address or a collocated care-of address.
5. The mobile node, operating away from home, then registers its new care-of address with its home agent through the exchange of a registration request and registration reply
message, possibly by way of a foreign agent.
6. Datagrams sent to the mobile node’s home address are intercepted by its home agent, tunneled by the home agent to the mobile node’s care-of address, received at the tunnel
endpoint (either at a foreign agent or at the mobile node itself), and finally delivered to
the mobile node.
7. In the reverse direction, datagrams sent by the mobile node may be delivered to their
destination using standard IP routing mechanisms, without necessarily passing through the home agent.
Figure 2 illustrates the routing of datagrams to and from a mobile node away from home, once the mobile node has registered with its home agent. In this figure, the mobile node is using a foreign agent care-of address as follows:
1. A datagram to the mobile node arrives on the home network via standard IP routing.
2. The datagram is intercepted by the home agent and is tunneled to the care-of address.
3. The datagram is detunneled and delivered to the mobile node.
4. For datagrams sent by the mobile node, standard IP routing delivers each datagram to
its destination. In Figure 2, the foreign agent is the mobile node’s default router.
· MESSASGE FORMAT AND PROTCOL EXTENSIBILITY:
To handle registration. Mobile IP defines a set of new control messages sent with UDP using well-known port number 434. Currently, the following two message types are defined:
1 Registration request
2 Registration reply
Up-to-date values for the message types for mobile IP control messages are specified in the most recent Assigned Numbers.
For agent discovery, Mobile IP modifies the existing router advertisement and router solicitation messages defined for ICMP router discovery.
Mobile IP defines a general extension mechanism to allow optional information to be carried by Mobile IP control messages or by ICMP router discovery messages. Each of these extensions (with one exception, the pad extension) is encoded in what is conventionally called the type-length-value (TLV) format shown in figure, where the value is the data following the length.
| type | length | Data(value) |
(TLV extension format)
The type indicates the particular type of extension. The length of the extension, counted in bytes – or, more technically in octets, which are groups of 8 bits – does not include the type and length bytes, and may be zero or greater. The type and length fields determine the format of the data field. Extensions allow variable amounts of information to be carried within each message. The total length of IP datagram determines the end of the list of extensions.
Two separately maintained sets of numbering spaces, from which extension type values are allocated, are used in Mobile IP. The first set consists of those extensions that may appear in Mobile IP control messages (those sent to and from UDP port number 434). Currently, the following types are defined for extensions appearing in Mobile IP registration messages:
32
33
34 Foreign – home authentication
The second set consists of those extensions that may appear in ICMP router discovery messages. Currently, Mobile IP defines the following types for such extensions:
0 One byte padding (encoded with no length or data field)
16 Mobility agent advertisements
19 Prefix lengths
Up-to-date values for these extension type numbers are specified in the most recent list of Assigned Numbers form the Internet Assigned Numbers Authority (IANA).
Since these sets of extensions are independent, it is conceivable that two unrelated extensions that are defined at a later date could have identical type values. One of the extensions could have identical type values. One of the extensions could be used only in Mobile IP control messages and the other only in ICMP router discovery messages.
The value of the extension number is important when trying to determine the correct disposition of unrecognized extensions. When an extension numbered in either of these sets within the range 0 through 127 is encountered but not recognized, the message containing that extension is required to be silently discarded. When an extension numbered in the range 128 through 255 is encountered but unrecognized, that particular extension is ignored, but the rest of the extensions and message data are still required to be processed. The length field of the extension is used to skip the data field in searching for the next extension.
5. RELATIONSHIP OF THE COMPONENTS OF
The Mobile Node is a device such as a cell phone, personal digital assistant, or laptop whose software enables network roaming capabilities.
The Home Agent is a router on the home network serving as the anchor point for communication with the Mobile Node; it tunnels packets from a device on the Internet, called a Correspondent Node, to the roaming Mobile Node. (A tunnel is established between the Home Agent and a reachable point for the Mobile Node in the foreign network.)
The Foreign Agent is a router that may function as the point of attachment for the Mobile Node when it roams to a foreign network, delivering packets from the Home Agent to the Mobile Node.
The care-of address is the termination point of the tunnel toward the Mobile Node when it is on a foreign network. The Home Agent maintains an association between the home IP address of the Mobile Node and its care-of address, which is the current location of the Mobile Node on the foreign or visited network
6. How Mobile IP Works
6.1 Agent Discovery
During the agent discovery phase, the Home Agent and Foreign Agent advertise their services on the network by using the ICMP Router Discovery Protocol (IRDP). The Mobile Node listens to these advertisements to determine if it is connected to its home network or foreign network.
The IRDP advertisements carry Mobile IP extensions that specify whether an agent is a Home Agent, Foreign Agent, or both; its care-of address; the types of services it will provide such as reverse tunneling and generic routing encapsulation (GRE); and the allowed registration lifetime or roaming period for visiting Mobile Nodes. Rather than waiting for agent advertisements, a Mobile Node can send out an agent solicitation. This solicitation forces any agents on the link to immediately send an agent advertisement. If a Mobile Node determines that it is connected to a foreign network, it acquires a care-of address.
Two Types of care-of addresses exist:
• Care-of address acquired from a Foreign Agent
• Collocated care-of address
A Foreign Agent care-of address is an IP address of a Foreign Agent that has an interface on the foreign network being visited by a Mobile Node. A Mobile Node that acquires this type of care-of address can share the address with other Mobile Nodes. A colocated care-of address is an IP address temporarily assigned to the interface of the Mobile Node itself. A collocated care-of address represents the current position of the Mobile Node on the foreign network and can be used by only one Mobile Node at a time.
When the Mobile Node hears a Foreign Agent advertisement and detects that it has moved outside of its home network, it begins registration.
6.2 Registration
The Mobile Node is configured with the IP address and mobility security association (which includes the shared key) of its Home Agent. In addition, the Mobile Node is configured with either its home IP address, or another user identifier, such as a Network Access Identifier.
The Mobile Node uses this information along with the information that it learns from the Foreign Agent advertisements to form a Mobile IP registration request. It adds the registration request to its pending list and sends the registration request to its Home Agent either through the Foreign Agent or directly if it is using a colocated care-of address and is not required to register through the Foreign Agent. If the registration request is sent through the Foreign Agent, the Foreign Agent checks the validity of the registration request, which includes checking that the requested lifetime does not exceed its limitations, the requested tunnel encapsulation is available, and that reverse tunnel is supported. If the registration request is valid, the Foreign Agent adds the visiting Mobile Node to its pending list before relaying the request to the Home Agent. If the registration request is not valid, the Foreign Agent sends a registration reply with appropriate error code to the Mobile Node.
The Home Agent checks the validity of the registration request, which includes authentication of the Mobile Node. If the registration request is valid, the Home Agent creates a mobility binding (an association of the Mobile Node with its care-of address), a tunnel to the care-of address, and a routing entry for forwarding packets to the home address through the tunnel.
The Home Agent then sends a registration reply to the Mobile Node through the Foreign Agent (if the registration request was received via the Foreign Agent) or directly to the Mobile Node. If the registration request is not valid, the Home Agent rejects the request by sending a registration reply with an appropriate error code.
The Foreign Agent checks the validity of the registration reply, including ensuring that an associated registration request exists in its pending list. If the registration reply is valid, the Foreign Agent adds the Mobile Node to its visitor list, establishes a tunnel to the Home Agent, and creates a routing entry for forwarding packets to the home address. It then relays the registration reply to the Mobile Node.
Finally, the Mobile Node checks the validity of the registration reply, which includes ensuring an associated request is in its pending list as well as proper authentication of the Home Agent. If the registration reply is not valid, the Mobile Node discards the reply. If a valid registration reply specifies that the registration is accepted, the Mobile Node is confirmed that the mobility agents are aware of its roaming. In the colocated care-of address case, it adds a tunnel to the Home Agent. Subsequently, it sends all packets to the Foreign Agent.
The Mobile Node reregisters before its registration lifetime expires. The Home Agent and Foreign Agent update their mobility binding and visitor entry, respectively, during registration. In the case where the registration is denied, the Mobile Node makes the necessary adjustments and attempts to register again.
For example, if the registration is denied because of time mismatch and the Home Agent sends back its time stamp for synchronization, the Mobile Node adjusts the time stamp in future registration requests.
Thus, a successful Mobile IP registration sets up the routing mechanism for transporting packets to and from the Mobile Node as it roams.
6.3 Tunneling
Mobile IP requires the use of encapsulation to deliver datagrams from the home network to the current location of the mobile node (its care-of address). In the most general encapsulation (tunneling) case, illustrated in Figure 4. The source, encapsulator, decapsulator, and destination are separate nodes. The encapsulator node is considered the entry point of the tunnel, and the decapsulator node is considered the exit point of the tunnel. Multiple source-destination pairs can use the same tunnel between the encapsulator and the decapsulator.
Mobile IP requires each agent and foreign agent to support tunneling datagrams using IP-in-IP encapsulation. Any mobile node that uses a collocated care-of address is required to support receiving datagrams tunneled using IP-in-IP encapsulation.
The Mobile Node sends packets using its home IP address, effectively maintaining the appearance that it is always on its home network. Even while the Mobile Node is roaming on foreign networks, its movements are transparent to correspondent nodes. Data packets addressed to the Mobile Node are routed to its home network, where the Home Agent now intercepts and tunnels them to the care-of address toward the Mobile Node. Tunneling has two primary functions: encapsulation of the data packet to reach the tunnel endpoint, and encapsulation when the packet is delivered at that endpoint. The default tunnel mode is IP Encapsulation within IPEncapsulation. Optionally, GRE and minimal encapsulation within IP may be used. Typically, the Mobile Node sends packets to the Foreign Agent, which routes them to their final destination, the Correspondent Node, as shown in Figure 5.
However, this data path is topologically incorrect because it does not reflect the true IP network source for the data—rather; it reflects the home network of the Mobile Node. Because the packets show the home network as their source inside a foreign network, an access control list on routers in the network called ingress filtering drops the packets instead of forwarding them. A feature called reverse tunneling solves this problem by having the Foreign Agent tunnel packets back to the Home Agent when it receives them from the mobile node see figure 6.
Tunnel MTU (Maximum Transmission Unit) discovery is a mechanism for a tunnel encapsulator such as the Home Agent to participate in path MTU discovery to avoid any packet fragmentation in the routing path between a Correspondent Node and Mobile Node. For packets destined to the Mobile Node, the Home Agent maintains the MTU of the tunnel to the care-of address and informs the Correspondent Node of the reduced packet size. This improves routing efficiency by avoiding fragmentation and reassembly at the tunnel endpoints to ensure that packets reach the Mobile Node.
7. Security
Mobile IP uses a strong authentication scheme for security purposes. All registration messages between a Mobile Node and Home Agent are required to contain the Mobile-Home Authentication Extension (MHAE).
The integrity of the registration messages is protected by a preshared 128-bit key between a Mobile Node and Home Agent. The keyed message digest algorithm 5 (MD5) in “prefix + suffix” mode is used to compute the authenticator value in the appended MHAE, which is mandatory. Mobile IP also supports the hash-based message authentication code (HMAC-MD5). The receiver compares the authenticator value it computes over the message with the value in the extension to verify the authenticity.
Optionally, the Mobile-Foreign Authentication Extension and Foreign-Home Authentication Extension are appended to protect message exchanges between a Mobile Node and Foreign Agent and between a Foreign Agent and Home Agent, respectively.
Replay protection uses the identification field in the registration messages as a timestamp and sequence number. The Home Agent returns its time stamp to synchronize the Mobile Node for registration.
Cisco IOS software allows the mobility keys to be stored on an authentication, authorization, and accounting (AAA) server that can be accessed using TACACS+ or RADIUS protocols. Mobile IP in Cisco IOS software also contains registration filters, enabling companies to restrict who is allowed to register.
Mobility security association- A collection of security contexts between a pair of nodes, which may be applied to Mobile IP protocol messages exchanged between them. Each context indicates an authentication algorithm and mode, a secret (a shared key or appropriate public/private key pair), and a style of replay protection in use.
8. ONGOING WORK AND OPEN QUESTIONS
The most pressing outstanding problem facing Mobile IP is that of security, but other technical as well as practical obstacles to deployment exist. Work is also continuing to refine and extend the protocol within the academic and commercial communities and within the IETF. This section surveys the state of implementation of Mobile IP and speculates on a possible timetable for deployment.
· Routing inefficiencies.
The base Mobile IP specification has the effect of introducing a tunnel into the routing path followed by packets sent by the correspondent node to the mobile node. Packets from the mobile node, on the other hand, can go directly to the correspondent node with no tunneling required. This asymmetry is captured by the term triangle routing, where a single leg of the triangle goes from the mobile node to the correspondent node, and the home agent forms the third vertex controlling the path taken by data from the correspondent node to the mobile node. Triangle routing is alleviated by use of techniques in the route optimization draft, but doing so requires changes in the correspondent nodes that will take a long time to deploy for IPv4. It is hoped that triangle routing will not be a factor for IPv6 mobility.
· Security issues.
A great deal of attention is being focused on making Mobile IP coexist with the security features coming into use within the Internet. Firewalls in particular, cause difficulty for Mobile IP because they block all classes of incoming packets that do not meet specified criteria. Enterprise firewalls are typically configured to block packets from entering via the Internet that appear to emanate from internal computers. Although this permits management of internal Internet nodes without great attention to security, it presents difficulties for mobile nodes wishing to communicate with other nodes within their home enterprise networks. Such communications, originating from the mobile node, carry the mobile node's home address, and would thus be blocked by the firewall.
Mobile IP can be viewed as a protocol for establishing secure tunnels. Gupta and Glass have proposed a firewall traversal solution. Efforts along these lines are also being made at BBN as part of the MOIPS (Managed Objects for IP Mobility Support) project to extend Mobile IP operation across firewalls, even when multiple security domains are involved.
· Ingress filtering.
Ingress Filtering involves routers dropping packets that do not have a source IP address consistent with the network address of the network it is being sent from. This presents a major problem to the operation of Mobile IP. As was described in above topic, a mobile node attached to a foreign network sends packets using its home address as the packet source. Hence the packet source will have a different network prefix to the foreign network address. Routers in the foreign network that employ ingress filtering will drop this packet.
Complications are also presented by ingress filtering operations. Many border routers discard packets coming from within the enterprise if the packets do not contain a source IP address configured for one of the enterprise's internal networks. Because mobile nodes would otherwise use their home address as the source IP address of the packets they transmit, this presents difficulty. Solutions to this problem in Mobile IPv4 typically involve tunneling outgoing packets from the care-of address, but then the difficulty is how to find a suitable target for the tunneled packet from the mobile node. The only universally agreed on possibility is the home agent, but that target introduces yet another serious routing anomaly for communications between the mobile node and the rest of the Internet. Montenegro has proposed the use of reverse tunnels to the home agent to counter the restriction imposed by ingress filtering. Mobile IPv6 also offers a solution in the home address destination option.
· User perceptions of reliability.
The design of Mobile IP is founded on the premise that connections based on TCP should survive cell changes. However, opinion is not unanimous on the need for this feature. Many people believe that computer communications to laptop computers are sufficiently bursty that there is no need to increase the reliability of the connections supporting the communications. The analogy is made to fetching Web pages by selecting the appropriate URLs. If a transfer fails, people are used to trying again. This is tantamount to making the user responsible for the retransmission protocol and depends for its acceptability on a widespread perception that computers and the Internet cannot be trusted to do things right the first time. Naturally, such assumptions are strongly distasteful to many Internet protocol engineers, myself included. Nevertheless, the fact that products exhibiting this model are currently economically viable cannot be denied. Hopefully in the near future better engineering will counter this perception and increase the demand for Internet reliability.
· Issues in IP addressing.
Mobile IP creates the perception that the mobile node is always attached to its home network. This forms the basis for the reachability of the mobile node at an IP address that can be conventionally associated with its fully qualified domain name (FQDN). If the FQDN is associated with one or more other IP addresses, perhaps dynamically, then those alternative IP addresses may deserve equal standing with the mobile node's home address. Moreover, it is possible that such an alternative IP address would offer a shorter routing path if, for instance, the address were apparently located on a physical link nearer to the mobile node's care-of address, or if the alternative address were the care-of address itself. Finally, many communications are short-lived and depend on neither the actual identity of the mobile node nor its FQDN, and thus do not take advantage of the simplicity afforded by use of the mobile node's home address. These issues surrounding the mobile node's selection of an appropriate long-term (or not-so-long-term) address for use in establishing connections are complex and are far from being resolved.
· Slow growth in the wireless LAN market.
Mobile IP has been engineered as a solution for wireless LAN location management and communications, but the wireless LAN market has been slow to develop. It is difficult to make general statements about the reasons for this slow development, but with the recent ratification of the IEEE 802.11 MAC protocol, wireless LANs may become more popular. Moreover, the bandwidth for wireless devices has been constantly improving, so that radio and infrared devices on the market today offer multimegabyte-per-second data rates. Faster wireless access over standardized MAC layers could be a major catalyst for growth of this market.
· Competition from other protocols.
Mobile IP may well face competition from alternative tunneling protocols such as PPTP and L2TP. These other protocols, based on PPP, offer at least portability to mobile computers. Although I believe portable operation will ultimately not be a long-term solution, it may look quite attractive in the short term in the absence of full Mobile IP deployment. If these alternative methods are made widely available, it is unclear if the use of Mobile IP will be displaced or instead made more immediately desirable as people experience the convenience of mobile computing. In the future, it is also possible that Mobile IP could specify use of such alternative tunneling protocols to capitalize on their deployment on platforms that do not support IP-within-IP encapsulation.
· Triangular Routing
Triangular routing is the situation where all traffic from the correspondent node to the mobile node is routed via the home agent. This method of routing increases the traffic on the network as the packets are first routed to the home agent and from here they are tunneled to the mobile node. In particular this increases the load on the home agent.
· Congestion
The Protocol Ipv4 is not the one which can accommodate and grow with the increasing number of users in the Mobile World. With its 32-bit addressing scheme there can be only 4 billion Mobile Devices which can be attached at a time. The Mobile devices grow with an average of 1000 per day only in India which of course is a large figure to suffice in the lesser device support by the Protocol. Thus the problem of congestion always happens during transmission. The core problem here is with clear hearing. You might have easily found transmission delays while you are talking which is in short the ratio of large devices using the same frequency with the fewer devices supported. As data is highly feed in the narrow channel bandwidth the delays and no signal issues arise within the network.
· Current Development Efforts
Mobile IP has been studied in a number of wireless communication research projects. At the University of California at Berkeley, Mobile IP is being used to construct vertical handoffs between dissimilar media (for example, infrared, radio LANs, wide-area cellular, and satellite), depending upon error rates and bandwidth availability. Other factors such as cost and predictive service might also be taken into account. CMU's Monarch project has been the focus of investigation into campus wireless networks, Mobile IP, Mobile IPv6, and ad-hoc networking. Other academic efforts have been proceeding at the University of Portland, University of Alabama, University of Texas, UCLA, Macquarie University, SUNY Binghamton, University of Singapore, Swedish Royal Institute of Technology, and many others. Two books about Mobile IP have recently been published.
9. CHANGES WITH IP VERSION 6
How will Mobile IP change when IP version 6 is adopted? IPv6 includes many features for streamlining mobility support that are missing in IP version 4 (current version), including Stateless Address Auto configuration and Neighbor Discovery. IPv6 also attempts to drastically simplify the process of renumbering, which could be critical to the future rout ability of the Internet. Because the number of mobile computers accessing the Internet will likely increase, efficient support for mobility will make a decisive difference in the Internet's future performance. This, along with the growing importance of the Internet and the Web, indicates the need to pay attention to supporting mobility.
Mobility Support in IPv6, as proposed by the Mobile IP working group, follows the design for Mobile IPv4. It retains the ideas of a home network, home agent, and the use of encapsulation to deliver packets from the home network to the mobile node's current point of attachment. While discovery of a care-of address is still required, a mobile node can configure it’s a care-of address by using Stateless Address Auto configuration and Neighbor Discovery. Thus, foreign agents are not required to support mobility in IPv6. IPv6-within-IPv6 tunneling is also already specified.
9.1 Route Optimization
Route optimization provides a means for any node to maintain a binding cache containing the care-of address of one or more mobile nodes. When sending an IP datagram to a mobile node, if the sender has a binding cache entry for the destination mobile node, it may tunnel the datagram directly to the care-of address indicated in the cached mobility binding.
In the absence of any binding cache entry, datagrams destined for a mobile node will be routed to a mobile node’s home network in the same way as any other IP datagram, and then tunneled to the mobile node’s current care-of address by the mobile node’s home agent. This is the only routing mechanism supported by the base Mobile IP protocol. As a side effect of this indirect routing of a datagram to a mobile node, it would be nice if the original sender of the datagram were informed of the mobile node’s current mobility binding, giving the sender an opportunity to cache the binding. In Figure 7., the Internet host is going to have to route each datagram for the mobile node indirectly, through its home agent. If the internet host had a binding cache entry for the mobile node, it would be able to send packets directly back to the mobile node without the services of the home agent.
9.2 Security
One of the biggest differences between IPv6 and IPv4 is that all IPv6 nodes are expected to implement strong authentication and encryption features to improve Internet security. This affords a major simplification for IPv6 mobility support, since all authentication procedures can be assumed to exist when needed and do not have to be specified in the Mobile IPv6 protocol. Even with the security features in IPv6, however, the current working group draft for IPv6 mobility support specifies the use of authentication procedures as infrequently as possible. The reasons for this are twofold. First, good authentication comes at the cost of performance and so should be required only occasionally. Second, questions about the availability of Internet-wide key management are far from resolved at this time.
9.3 Source Routing
In contrast to the way in which route optimization is specified in IPv4; in IPv6 correspondent nodes do not tunnel packets to mobile nodes. Instead, they use IPv6 routing headers, which implement a variation of IPv4's source routing option. A number of early proposals for supporting mobility in IPv4 specified a similar use of source routing options, but two main problems precluded their use:
· IPv4 source routing options require the receiver of source-routed packets to follow the reversed path to the sender back along the indicated intermediate nodes. This means that malicious nodes using source routes from remote locations within the Internet could impersonate other nodes, a problem exacerbated by the lack of authentication protocols.
· Existing routers exhibit terrible performance when handling source routes. Consequently, the results of deploying other protocols that use source routes have not been favorable.
However, the objections to the use of source routes do not apply to IPv6, because IPv6's more careful specification eliminates the need for source-route reversal and lets routers ignore options that do not need their attention. Consequently, correspondent nodes can use routing headers without penalty. This allows the mobile node to easily determine when a correspondent node does not have the right care-of address. Packets delivered by encapsulation instead of by source routes in a routing header must have been sent by correspondent nodes that need to receive binding updates from the mobile node. It is a further point of contrast to route optimization in IPv4 that, in IPv6 mobility support, the mobile node delivers binding updates to correspondent nodes instead of to the home agent. In IPv6, key management between the mobile node and correspondent node is more likely to be available.
Other features supported by IPv6 mobility include
· coexistence with Internet ingress filtering;
· smooth handoffs, which in Mobile IPv4 is specified for foreign agents as part of route optimization;
· renumbering of home networks; and Automatic home agent discovery.
10. Improving the performance of handoff in mobile IP
* Synopsis: Present implementations of mobile IP often fail to meet expectations of mobile applications when it comes to issues of packet loss and performance. We discuss various ways of moving closer to expectations.
The Internet suite of protocols (TCP/IP) assumes that the end-systems of an active networking session are stationary. If any of the end-points moves, the session breaks. This is a problem with mobile devices. Since redesigning the protocol suite is infeasible, the IETF mobile IP standard has taken the approach of providing additional support at the networking levels. Communication with a mobile device presents two conflicting demands:
a. To preserve active sessions, the device must retain its IP address.
b. To route packets to a mobile device, its IP address should be dependent on its location.
The IETF standard resolves this conflict by introducing multiple IP addresses for a mobile device. A mobile device retains its home address (see Note 1) irrespective of its location.
Note 1. A mobile device (also called a mobile host) is identified by an IP address chosen from the address range of its starting network location, also called its home network. This address is called the home address of the mobile device.
When the device is at the home network, packets can be delivered as usual. When the device moves to a foreign network (see Note 2) it acquires a care-of address (COA).
Note 2. A network outside the home network of the mobile device is called a foreign network. Routing decisions are often made at the network level; thus, when a mobile host reaches a foreign network, there should a mechanism in place to forward packets meant for the mobile device from its home network to the foreign network. Packet redirection is
accomplished using artifacts called home agents (HAs) and foreign agents (FAs; see Note 3).
Note 3. A home agent (HA) is a software module running on a host in the home network. The HA provides address translation so that a packet meant for a mobile device reaches its present point of attachment. The foreign agent (FA) is a software module running on a host in each foreign network that the mobile device needs to visit. There can be any number of foreign and home agents in a network. If there is any FA with which the mobile host has currently registered, the HA forwards the packet to this FA. Else it forwards the packet directly to the mobile device.
The COA is either the address of a FA that can redirect packets to the device or the DHCP address of the device itself. The device registers with the HA and FA (if any) to ensure that packets are delivered to it at its new location. Unfortunately, these implementations suffer from poor performance during handoff. Suppose a mobile device moves from network A to network B. Packets sent to network A during this movement cannot be acknowledged by the device. This will be interpreted as packet loss due to congestion, and results in several problems including large retransmission intervals and reduced window size. Solutions involving hierarchical registration or multicasting have
often been used. Another solution is through active routers that intercept registration messages to update routing tables. Unfortunately, most real world networks lack support for these techniques. In yet another scheme packet are acknowledged and buffered at FAs. This eliminates the adverse effects that result from interpretation of unacknowledged packets as packet loss due to congestion. The obvious problem with this
scheme is that it requires support for FAs. The performance problem is worse with implementations such as Mosquito Net, which do away with FAs altogether to make mobile IP usable on a wider set of networks. There is just one HA, in addition to mobile host (MH) software on the mobile device.
For such implementations, packet loss is significant as there is no entity to store the packets at network A as the device moves to B. The use of multicasting or active routers is also ruled out as these require special network support. How can we get reasonable performance with implementations such as Mosquito Net? One possible approach that we propose is to use smart buffering at the HA. In this scheme, the mobile device, in the process of moving from network A to B, initiates the process at the HA by sending it an ICMP request rather that a full-fledged registration message. The HA buffers unacknowledged packets sent to network A, as well as newly arriving packets. However, it forwards the packet only after the registration is complete. The HA adopts a small and accurate retransmission interval and normal window-size to avoid the problems discussed above arising due to misinterpreted congestion. This scheme requires changes only to the HA and MH, and hence can work with any foreign network. Smart buffering is best implemented in conjunction with a framework that dynamically discovers and leverages support for FAs, active routers, multicasting etc. in a given network, so that their performance advantages are realized. Designing such as architecture is of course an engineering challenge.
11. CONCLUSION
As this brief introduction to mobile networking has shown, Mobile IP has great potential. Security needs are getting active attention and will benefit from the deployment efforts underway. Within the IETF, Mobile IP is likely to move from a proposed standard to a draft standard in the near future.
The IETF standardization process requires the working group to rigorously demonstrate interoperability among various independent implementations before the protocol can advance. FTP Software has hosted two interoperability testing sessions, and many vendors have taken advantage of the opportunity. Test results have given added confidence that the Mobile IP specification is sound, implementable, and of diverse interest throughout the Internet community. Only a few minor revisions have been needed to ensure the specification can be interpreted in only one way by the network protocol engineers and programmers who must implement it.
It is possible that the deployment pace of Mobile IP will track that of IPv6 or that the requirements for supporting mobility in IPv6 nodes will give additional impetus to the deployment of both IPv6 and mobile networking. The increased user convenience and the reduced need for application awareness of mobility can be a major driving force for adoption. Since both IPv6 and Mobile IP have little direct effect on the operating systems of mobile computers outside of the network layer of the protocol stack, application designers should find this to be an acceptable programming environment. Of course, everything depends heavily on the willingness of platform and router vendors to implement Mobile IP and/or IPv6, but indications are strong that most major vendors already have implementations either finished or underway.
The desire to improve the performance of mobile IP conflicts with the desire to use mobile IP on a wide set of networks. We have motivated one possible solution based on smart buffering and dynamic network service discovery.
