« Previous 1 2 3 Next »
Accessibility wherever you are with Mobile IPv6
Freedom to Travel
The Protocol
IPv6 is particularly flexible thanks to extension headers. A separate extension header, the Mobility Header (MH) was developed for MIPv6. It is used by all the parties (i.e., the mobile node, correspondent node, and home agent) in messages that have to do with the management and updating of bindings. Figure 3 shows the configuration of the mobility header. The mobility header is indicated by the Next Header value of 135 in the previous header. Its own Next Header field (which goes by the name of the "Payload Proto") currently has a value of 59, to indicate that no more data follows. This field is reserved for future developments, if more information is appended some time later.
The header length field contains the length of the mobility header in 8-byte units – the first 8 bytes are not counted. Thus, the MH must always be a multiple of 8 bytes. The MH type field contains the type of mobility message. Currently, 16 mobility message types are defined, including binding update and binding ack. A checksum field computes a checksum based on a pseudo-header and follows the rules established in RFC 2460 (IPv6).
Mobility messages can include options that are specified in TLV (Type-Length-Value) format. In particular, the home address option is relevant because the mobile node uses it here to send the correspondent node a message containing the mobile node's home address. Thus, the correspondent node can reach the mobile node at any time. However, this is also a special case, because this option is sent in a destination header rather than in the mobility header. A destination header is an extension header that is only evaluated by the target.
A new routing header was also defined for MIPv6, which allows the mobile node and correspondent node to exchange data directly without going through the home agent. This extension header bears the name of type 2 and designates special rules that can be configured on firewalls for MIPv6 packets. Because MIPv6 communication basically first uses the home agent and the home address, the home address is inserted in the type 2 routing header, whereas the destination address in the IPv6 header is the care-of address for the mobile node. The receiving mobile node removes the routing header and replaces the care-of address with the home address to trick the upper layer protocols in the OSI layers into believing that communication has come through the home address.
Check Your Bindings
Bindings and binding management are key parts of MIPv6. Normally, binding takes place between the mobile node and the home agent. However, it is also possible to set up bindings between the mobile node and the correspondent node to enable routing-optimized communication. When a mobile node leaves its home link and receives a care-of address from a foreign link, it sends a binding update message to its home agent. The message contains the IPv6 header and a destination option header, in which the home address option is set (Figure 4). The message is used to tell the home agent which home address to use, because it could theoretically use several.
The message is transmitted using IPsec in an encapsulating security payload (ESP) header and also contains another mobility header with a type 5 message (binding update) and a home registration flag set that asks the recipient to assume the home agent role. Additionally, the acknowledge flag is set to request the home agent to respond. The mobility header also states a lifetime in four-second units, to determine the validity of the binding. Binding update messages are sent to refresh the existing bindings or to provide information on a new care-of address (Figure 5).
The response from the home agent, in the form of a binding ack, contains a type 2 routing header with the home address of the mobile node instead of the destination header. The binding ack is a type 6 message confirming the details of the mobile node and containing some other administrative information, such as whether IPsec supports a network change, which should be the exception.
The status field of the binding ack indicates the state of the binding: 1 to 127 stand for a successful update, whereas status values of 128 and above indicate some defined problems. Binding acks are sent only to confirm binding updates. The home agent can send a binding refresh request message to request an update of the information in the form of a binding update from the mobile node.
A binding update can also be sent directly to the correspondent node, if it supports MIPv6. However, special security precautions are needed here to prevent redirection attacks. This safeguarding process is called the return routability procedure and lets the correspondent node test whether the mobile node really is reachable via both its care-of and its home address. Only then are binding updates accepted by the CN. Because the bindings are cryptographically secured by IPsec, authorization information is exchanged in the form of cryptographic tokens in this context. The binding management key ultimately secures the information.
New ICMPv6 Functions
Mobile IPv6 includes some enhancements to ICMPv6 to provide for additional features. Home agent address discovery gives the mobile node the ability to determine its home agent's address. For this, a home agent address discovery request is sent to the home agent anycast address on the home link. This is a special anycast address to which all home agents respond. A home agent responds to the request with a home agent address discovery reply. The replay contains a list of home agent addresses, sorted by their preferences.
In the case of temporary IPv6 addresses, changes to the prefix of a mobile node's home network can occur. The mobile node can determine this change by means of a mobile prefix solicitation message. This message is sent to the home agent, which responds with a mobile prefix advertisement. These advertisements can also be sent to the current care-of address of the MN without a prior request, if needed.
Each mobile node must be able to create a list of home agents on its home link. To do this, the node not only needs the link-local addresses of its home agent routers in the router advertisements, but also the global unicast addresses. The router advertisement was modified to support this setup. It contains an R flag (router address); the prefix option does not contain a prefix but instead contains a complete global unicast address of the router.
Further changes in neighbor discovery relate to indicating the preferred home agent addresses and a reduced minimum interval for router advertisements so that mobile nodes on foreign links can be informed as soon as possible about their new care-of addresses. This interval has been reduced from the original three seconds to 0.03 seconds. This value can be meaningful on wireless routers that are configured solely to support mobile devices.
« Previous 1 2 3 Next »