« Previous 1 2 3
Accessibility wherever you are with Mobile IPv6
Freedom to Travel
Where Am I?
The mobile node must detect as quickly as possible that it is no longer on its own network in order to initiate a new link. A process called neighbor unreachability detection supports this operation, known as movement detection. This process also exists in the normal IPv6 standard in the scope of neighbor discovery. It involves having the mobile node check the accessibility of its default gateway. If the default is no longer accessible, the mobile node tries to discover a new default router, which is communicated to it by router advertisement. In this context, the prefix, and thus the current care-of address, are set.
When the mobile node reaches its home link again, home registration takes place. Among other things, this involves setting the H bit (home registration) and setting the lifetime to 0. The home agent then knows that it no longer needs to send the packets through the tunnel.
What About Security?
Communication between the mobile node and the correspondent node is vulnerable to various attacks, such as man-in-the-middle, session hijacking, denial of service, and so on. An essential safety measure is to protect the connection between the MN and the HA through an IPsec tunnel with ESP. This ensures that all messages between the mobile node and home agent are protected, including binding updates and acks, home test messages, and ICMPv6 messages. The binding updates between the mobile node and correspondent node are not protected by IPsec, but by the return routability process. However, certain extensions exist here, such as the binding authorization data option, to protect communication.
Because slightly different rules apply to Mobile IPv6, different RFCs describe modifications to IPsec for use with MIPv6. They include RFCs 4555 and 4621, which deal with the use of IKEv2 in these scenarios, and RFC 3776, "Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents." Safeguards also exist for special networks in the form of RFCs. However, a complete discussion of all these security areas is beyond the scope of this article.
Conclusions
Mobile IPv6 is a forward-looking technology that could become part of everyday life in the IT networking world. Providers will offer various service packages to customers to ensure smooth connections across various networks – roaming without even temporary drops on the network connection. Because of a general trend toward mobile devices – amplified by the tablet boom – the use of such technologies is a logical development.
Support for MIPv6 has been limited thus far. Microsoft's operating systems, including Windows 8 and Windows Server 2012, do not provide full support. Linux can be extended to accommodate MIPv6 with the UMIP daemon [3], and Android systems currently rely on hacks to support MIPv6. Additionally, Apple's iOS does not support MIPv6.
At the end of the day, IPv6 will need to be widely available to enable use of Mobile IPv6 without migration technologies such as 6to4 tunnels. The Mobile IPv6 standard will continue to develop and will probably include even more interesting extensions in the future. In fact, many additions and enhancements to Mobile IPv6 already exist, including NEMO [4] and Hierarchical Mobile IPv6 [5].
Infos
- RFC 6275: http://tools.ietf.org/html/rfc6275
- RFC 3344: http://tools.ietf.org/html/rfc3344
- UMIP daemon project: http://www.umip.org
- RFC 3963: http://tools.ietf.org/html/rfc3963
- RFC 4140: http://xml2rfc.tools.ietf.org/rfc/rfc4140.txt
« Previous 1 2 3