charliep nokia research center [seamoby] · rr protocol overview • test return routability for...
Post on 17-Aug-2020
2 Views
Preview:
TRANSCRIPT
1 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of [mobile-ip] amp [seamoby]
Nokia Research CenterMountain View CA USA
Charles E Perkinshttppeoplenokianetcharliep
charliepiprgnokiacom
2 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Outline of Presentationbull Mobile IP in Generalbull Whatrsquos great for mobility about IPv6bull How Mobile IPv6 worksbull Recent results from Mobile IPv6bull Context Transfer and Seamless Handoverbull Challenges for the future
3 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Earth with 2 Billion Mobile devicesbull One billion is a large number wersquore there as of June
2002bull Itrsquos never been done beforebull In the beginning most of them will not be Internet
enabled but they will come online rapidlybull If IPv4 can do it at all it will be at a tremendous
(unimaginable even) cost in complexitybull Only IPv6 offers enough addresses the Internet is still
youngbull IPv6 also offers the features needed for mobile
networkingbull Only Mobile IPv6 takes advantage of the IPv6 features to
offer seamless roamingbull Network-layer roaming also enables significant cost
reductions and improved deployability
4 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Protocol Stacks vs Mobilitybull Mobility affects every layer of the protocol stack
bull Physical layer variable SN ratio directionality etcbull Link-layer error correction hidden terminal effects hellipbull Network layer what this talk is aboutbull Transport layer congestion vs errors QoSbull Application configurability service discovery
bull Eventually the Internet will be dominated by mobile nodesbull but as of now the IETF effort doesnrsquot reflect this
bull Low level protocols attempt to provide transparencybull But application protocols sometimes need triggers
bull need for new APIs to support mobilitybull Levels 8 9 and 10 are also affected by mobilitybull Profile management and adaptive network environment
5 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Why Mobile IPbull Both ends of a TCP session (connection) need to keep the same
IP address for the life of the sessionbull This is the home address used for end-to-end
communicationbull IP needs to change the IP address when a network node moves
to a new place in the networkbull This is the care-of address used for routing
Mobile IP considers the mobility problem as a routing problem bull managing a binding ndash that is a dynamic tunnel between a
care-of address and a home addressbull Of course there is a lot more to it than that
6 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP
bull Functional entitiesbull Mobile Node (MN) (shown on Home Network)bull Home Agent (HA)
bull Other entitiesbull Access Router (AR)bull Correspondent Node (CN)
InternetInternet
CN
MN
ARHA
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
2 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Outline of Presentationbull Mobile IP in Generalbull Whatrsquos great for mobility about IPv6bull How Mobile IPv6 worksbull Recent results from Mobile IPv6bull Context Transfer and Seamless Handoverbull Challenges for the future
3 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Earth with 2 Billion Mobile devicesbull One billion is a large number wersquore there as of June
2002bull Itrsquos never been done beforebull In the beginning most of them will not be Internet
enabled but they will come online rapidlybull If IPv4 can do it at all it will be at a tremendous
(unimaginable even) cost in complexitybull Only IPv6 offers enough addresses the Internet is still
youngbull IPv6 also offers the features needed for mobile
networkingbull Only Mobile IPv6 takes advantage of the IPv6 features to
offer seamless roamingbull Network-layer roaming also enables significant cost
reductions and improved deployability
4 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Protocol Stacks vs Mobilitybull Mobility affects every layer of the protocol stack
bull Physical layer variable SN ratio directionality etcbull Link-layer error correction hidden terminal effects hellipbull Network layer what this talk is aboutbull Transport layer congestion vs errors QoSbull Application configurability service discovery
bull Eventually the Internet will be dominated by mobile nodesbull but as of now the IETF effort doesnrsquot reflect this
bull Low level protocols attempt to provide transparencybull But application protocols sometimes need triggers
bull need for new APIs to support mobilitybull Levels 8 9 and 10 are also affected by mobilitybull Profile management and adaptive network environment
5 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Why Mobile IPbull Both ends of a TCP session (connection) need to keep the same
IP address for the life of the sessionbull This is the home address used for end-to-end
communicationbull IP needs to change the IP address when a network node moves
to a new place in the networkbull This is the care-of address used for routing
Mobile IP considers the mobility problem as a routing problem bull managing a binding ndash that is a dynamic tunnel between a
care-of address and a home addressbull Of course there is a lot more to it than that
6 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP
bull Functional entitiesbull Mobile Node (MN) (shown on Home Network)bull Home Agent (HA)
bull Other entitiesbull Access Router (AR)bull Correspondent Node (CN)
InternetInternet
CN
MN
ARHA
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
3 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Earth with 2 Billion Mobile devicesbull One billion is a large number wersquore there as of June
2002bull Itrsquos never been done beforebull In the beginning most of them will not be Internet
enabled but they will come online rapidlybull If IPv4 can do it at all it will be at a tremendous
(unimaginable even) cost in complexitybull Only IPv6 offers enough addresses the Internet is still
youngbull IPv6 also offers the features needed for mobile
networkingbull Only Mobile IPv6 takes advantage of the IPv6 features to
offer seamless roamingbull Network-layer roaming also enables significant cost
reductions and improved deployability
4 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Protocol Stacks vs Mobilitybull Mobility affects every layer of the protocol stack
bull Physical layer variable SN ratio directionality etcbull Link-layer error correction hidden terminal effects hellipbull Network layer what this talk is aboutbull Transport layer congestion vs errors QoSbull Application configurability service discovery
bull Eventually the Internet will be dominated by mobile nodesbull but as of now the IETF effort doesnrsquot reflect this
bull Low level protocols attempt to provide transparencybull But application protocols sometimes need triggers
bull need for new APIs to support mobilitybull Levels 8 9 and 10 are also affected by mobilitybull Profile management and adaptive network environment
5 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Why Mobile IPbull Both ends of a TCP session (connection) need to keep the same
IP address for the life of the sessionbull This is the home address used for end-to-end
communicationbull IP needs to change the IP address when a network node moves
to a new place in the networkbull This is the care-of address used for routing
Mobile IP considers the mobility problem as a routing problem bull managing a binding ndash that is a dynamic tunnel between a
care-of address and a home addressbull Of course there is a lot more to it than that
6 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP
bull Functional entitiesbull Mobile Node (MN) (shown on Home Network)bull Home Agent (HA)
bull Other entitiesbull Access Router (AR)bull Correspondent Node (CN)
InternetInternet
CN
MN
ARHA
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
4 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Protocol Stacks vs Mobilitybull Mobility affects every layer of the protocol stack
bull Physical layer variable SN ratio directionality etcbull Link-layer error correction hidden terminal effects hellipbull Network layer what this talk is aboutbull Transport layer congestion vs errors QoSbull Application configurability service discovery
bull Eventually the Internet will be dominated by mobile nodesbull but as of now the IETF effort doesnrsquot reflect this
bull Low level protocols attempt to provide transparencybull But application protocols sometimes need triggers
bull need for new APIs to support mobilitybull Levels 8 9 and 10 are also affected by mobilitybull Profile management and adaptive network environment
5 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Why Mobile IPbull Both ends of a TCP session (connection) need to keep the same
IP address for the life of the sessionbull This is the home address used for end-to-end
communicationbull IP needs to change the IP address when a network node moves
to a new place in the networkbull This is the care-of address used for routing
Mobile IP considers the mobility problem as a routing problem bull managing a binding ndash that is a dynamic tunnel between a
care-of address and a home addressbull Of course there is a lot more to it than that
6 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP
bull Functional entitiesbull Mobile Node (MN) (shown on Home Network)bull Home Agent (HA)
bull Other entitiesbull Access Router (AR)bull Correspondent Node (CN)
InternetInternet
CN
MN
ARHA
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
5 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Why Mobile IPbull Both ends of a TCP session (connection) need to keep the same
IP address for the life of the sessionbull This is the home address used for end-to-end
communicationbull IP needs to change the IP address when a network node moves
to a new place in the networkbull This is the care-of address used for routing
Mobile IP considers the mobility problem as a routing problem bull managing a binding ndash that is a dynamic tunnel between a
care-of address and a home addressbull Of course there is a lot more to it than that
6 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP
bull Functional entitiesbull Mobile Node (MN) (shown on Home Network)bull Home Agent (HA)
bull Other entitiesbull Access Router (AR)bull Correspondent Node (CN)
InternetInternet
CN
MN
ARHA
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
6 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP
bull Functional entitiesbull Mobile Node (MN) (shown on Home Network)bull Home Agent (HA)
bull Other entitiesbull Access Router (AR)bull Correspondent Node (CN)
InternetInternet
CN
MN
ARHA
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
7 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Addresses used with Mobile IPAddresses used with Mobile IP
bull Home addressbull Embodies the identity of the mobile nodebull Exists on the Home Network
bull Care-of addressbull Embodies the location of the mobile nodebull Exists on the network served by the Access Router
MN
Internet
InternInternetet
AR HA
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
8 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Router Advertisement
bull AR discovery Care-of Address Acquisitionbull Router Advertisement (contains routing prefix)
InternetInternet
MN
HAAR
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
9 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
MN
Sending Care-of Address to the Home Agent
bull Mobile node formulates care-of address from AR advertisement
bull Mobile node Unicasts Binding Update to Home Agent
InternetInternetHA
AR
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
10 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Home Agent Accepts Binding
bull Home Agent Accepts Binding Informationbull Mobile obtains care-of address from AR advertisementbull Mobile Unicasts Binding Update to HAbull HA returns Binding Acknowledgement
InternetInternet
MN
HAAR
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
11 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home network
InternetInternet
MN CN
HAAR
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
12 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Overview of Mobile IP Routing to Mobile
bull Correspondent node sends packets to mobilersquos home networkbull Home Agent intercepts packets and tunnels them to care-of address
InternetInternet
MN
CN
HAAR
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
13 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Routing without Binding Update at Correspondent Node
bull Mobile reverse tunnels packets to home networkbull Source (CN) nodes send packets to mobilersquos home
networkbull HA intercepts packets and tunnels them to care-of
address
InternetInternet
MN
HAAR
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
14 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Correspondent node needs to have a security
association with mobile node
InternetInternet
MN
HAAR
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
15 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
CN
Overview of Mobile IP
bull Mobile sends a Binding Update to the Correspondent Nodebull Mobile node routes packets directly to sourcebull Correspondent node send packets directly to mobile
nodersquos care-of addressbull uses routing header
InternetInternet
MN
HAAR
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
16 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IP protocol overview
bull Routing Prefix from local Router Advertisement bull Seamless Roaming Mobile Node appears ldquoalways onrdquo
home networkbull Address autoconfiguration care-of addressbull Binding Updates home agent amp correspondent nodes
bull (home address care-of address binding lifetime)
Local Router
charliepnokiacom
Home Agent
correspondent nodewith binding
correspondent node
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
17 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features added to IPv6bull Binding Cache management in new Mobility Header
bull (a lot like the existing Destination Options header)bull Route optimization using new Route Header
bull (Almost exactly like the existing Route Header was used)
bull New ICMP messagesbull For Home Agent discovery
bull New Router Advertisement extensionbull For renumberingbull Binding Request message type
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
18 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Route Optimization
bull Most Internet devices will be mobile so we should design for that case for the health of the future Internet
bull Binding Update SHOULD be part of every IPv6 node implementation according to IETF specification
bull Reduces network load by ~50bull (depending on your favorite traffic model)
bull Route Optimization could double Internet performancebull reduced latencybull better bandwidth utilizationbull reduced vulnerability to network partitionbull eliminate any potential Home Agent bottleneck
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
19 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Security issues (IPsec NOT sufficient)
bull Authentication Header mandatory to implementbull Encapsulating Security Payload mandatory to implementbull Needed for Binding Update
bull Remote Redirect problembull Key distribution still poorly understood
bull PKIbull AAAv6 w symmetric key
bull Can your m-commerce server manage 10 million security associations
bull Can your light bulb manage 10 security associationsbull ldquoFirst do no harmrdquo
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
20 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Message Typesbull Binding Cache Maintenance
bull Binding Updatebull Binding Acknowledgementbull Binding Request
bull Home Address Optionbull Return Routability Tests
bull Home Address Test Initiatebull Care-of Address Test Initiatebull Home Address Testbull Care-of Address Test
bull Renumbering Messagesbull Mobile Prefix Solicitationbull Mobile Prefix Advertisement
bull Home Agent Discovery
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
21 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Header Typesbull Mobility Header
bull All Binding Cache messagesbull Return Routability messages (HoTI CoTI HoT CoT)
bull New Routing Header for comfortable firewall administration
bull Used by correspondent nodesbull Has intermediate node == mobile nodersquos care-of
address (cannot be forwarded)bull Presumably makes firewall administrators happier
bull Destination Option Header contains Home Address Option
bull IPv6 in IPv6 encapsulationbull Non-Final Mobility Header
bull Same messages but can carry payload alsobull Should be a working-group document by the this time
bull ICMP for Home Agent Discovery
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
22 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Establishing a Binding Security Association
bull BSA is needed specifically for authenticating Binding Updates
bull Return Routability (RR) tests rely on routing infrastructurebull Mobile IPv6 RR enables mobile authentication not
identificationbull Latter could require validation via certificate authoritybull The correspondent node only has assurance that the
Binding Update comes from the same node as beforebull Mobile IPv6 solution resists Denial of Service (DoS)
attacksbull ldquoFirst do no harmrdquo
bull That is we must be as safe as communications between statically located IPv4 network nodes
bull Only nodes between correspondent node and home network can disrupt traffic
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
23 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
RR Protocol Overview
bull Test return routability for home address (HoTI HoT)bull Test return routability for care-of address (CoTI CoT)bull HoT and CoT carry nonces to be combined to make Kbu
bull Very few nodes see nonces in both HoT and CoTbull BSA in current specification is short-livedbull Correspondent node keeps no per-mobile state during
HoTCoTbull Diffie-Hellman could be another option
bull but itrsquos either expensive or patented
mobile node
correspondent node
CoTI
HoT
CoTBinding Update
HoTI
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
24 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile IPv6 statusbull Mobile IPv6 testing event Sept 15-17 1999
bull Bull Ericsson NEC INRIAbull ETSI bake-offs 2000 amp 2001 ndash successbull Connectathon March 2000 2001 2002 ndash successbull Return Routability for Key Establishment bull Distinguishing between renumbering and movement
bull tunneled router solicitations and advertisementsbull Authentication data in option as well as in AH or ESP()bull Fast handover design team has issued Internet Draftbull Chairs and ADs are pushing for re-completion
bull Draft hellip-19txt has gone to the IESG
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
25 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
SmoothFastSeamless Handoverbull Smooth handover == low lossbull Fast handover == low delay
bull 30 msbull Can router pre-empt Duplicate Address Detection
bull Seamless handover == smooth and fast
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
26 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Features for Transferbull Feature state established to minimize connection
overheadbull Mainly to conserve bandwidth
bull Header Compressionbull Buffered Databull Quality of Service requirements and perhaps accounting
databull Security Association with access router authorization
tokensbull Application context transfer also needed but not
appropriate for resolution within mobile-ip aaa rohc or seamoby working groups
bull Care-of Address MAC address etc handled via fast handover
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
27 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Context Transfer Frameworkbull Control messages
bull HI and Hack (ICMP messages) from Mobile IPv6 fast handover design team are good candidates
bull What about scenarios besides smooth handoversbull Context features requestedprovided as optionsbull Could be another ICMP message or SCTP or Dest
Opt or bull Generic Profile types
bull Could be used with any control messagesbull Most kinds of context features will have a number of
variants each with different profile types (eg QoS or [rohc])
bull Profile types would be registered with IANA and each specification would lay out fields of suboptions
bull Presence vectorsdefault values for each field
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
28 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Mobile-controlled handover
One scenario mobile sends special Router Solicitation (RS)bull Previous Access Router Proxy Router Advert (RA)bull Previous Access Router sends Handover Initiate (HI)bull New Access Router Handover Acknowledge (HACK)
RSHI
HAckRA
NARPAR
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
29 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Network Controlled Handover
bull Previous access router (PAR) sends Proxy Router Advertisement on behalf of the new access router (NAR)
bull contains prefix and lifetime information etcbull PAR sends Handover Initiate message to NARbull Mobile node SHOULD finalize context transfer at NAR
HI
proxy rtr adv
HAck
PARNAR
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
30 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Features Needed from Layer 2bull For Mobile IPv6
bull Indication that handover has occurredbull For smooth handover
bull Indication that handover is occurringbull Indication that handover is about to occurbull Indication about next access pointaccess router
bull Next week in Atlanta Trigtranbull To discuss what ldquolayer-2rdquo triggers are needed
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
31 copy NOKIA Nokia IPv6 WorkshopSeptember 2002Mobile IPv6 Update
Summary and Conclusionsbull Mobile IPv6 offers scalable secure and high-
performance mobility managementbull Mobile IPv6 is working and new issues are resolved
bull Therersquos lots of interoperability experience but new draft is different
bull Implementation is natural under IPv6 and IPsecbull Binding Update now has a lightweight key establishment
protocolbull ldquoFirst do no harmrdquo
bull Fast Handover has been developed for improved handover performance (goal smooth voice handovers ndashand video)
bull Context Transfer to preserve link contexts to avoid re-establishment (gaining further performance improvements)
top related