Host Mobility for IP Networks - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Host Mobility for IP Networks

Description:

When host is mobile, home agent takes responsibility of intercepting for the ... Default use of home agents. Mobile nodes can notify and interact directly with ... – PowerPoint PPT presentation

Number of Views:92
Avg rating:3.0/5.0
Slides: 29
Provided by: enggU
Category:

less

Transcript and Presenter's Notes

Title: Host Mobility for IP Networks


1
Host Mobility for IP Networks
  • Mobility stresses the Internet architecture
  • Mobility requires additional mechanisms to be
    implemented at both end host and network
  • Mobility Management mechanisms
  • IETF's Mobile IP has progressed slowly
  • DHCP and VPN tunnelling
  • Firewall deployment and NATs has blocked MIP

2
Requirements for Mobility Management
  • Location-independent identifier
  • Static id across locations
  • Compatibility w/ IP routing
  • Location management (peers, clients)
  • Transparency
  • Security

3
Alternative Mobility Management Solutions
  • Transport-layer approaches
  • Application-level approaches
  • Session mobility (context transfer)
  • Personal mobility
  • Service mobility
  • Alternative architectures

4
Mobile IP
  • Originally developed as an extension to Ipv4
    protocols (MIPv4)
  • Mobile IPv6 (MIPv6) has been developed as an
    integral part of Ipv6
  • Both offers a mode operation using home agents
  • MIPv6 has a second mode of operation called MIP
    with route optimisation

5
Mobile IP through a home agent
  • Assigned a unique home address (endpoint
    identifier)
  • Corresponding packets are routed to through the
    home network
  • When host is mobile, home agent takes
    responsibility of intercepting for the host and
    tunnelling them to mobile host current location
  • In MIPv4, mobile host uses a foreign agent
  • In MIPv6, mobile host acquires an address
    (care-of address)

6
Mobile host sending packets
  • When in home network, it uses it EID
  • When in visited network
  • Use EID
  • Reverse tunnel back to home agent
  • Internet RFC 3344
  • secure the various protocol transactions
  • dynamically discover agents
  • intercept packets in the home network
  • Strength no need to implement protocol extensions

7
Mobile IP with route optimisations
  • Standardised only for MIPv6
  • Default use of home agents
  • Mobile nodes can notify and interact directly
    with corresponding node
  • Improves scalability, reliability and reduces
    network load

8
Mobile IP with route optimisations basics
  • Corresonding node maintains a binding cache that
    stores the current care-of address of the mobile
    node
  • The mobile node uses a binding update message to
    notify the corresponding node of an address
    change
  • When sending a packet to a mobile node, the
    corresponding node includes a special IPv6
    routing header to carry the home address (but
    uses the current care-of address)

9
Mobile IP with route optimisations basics cont
...
  • Need for optimisation is to establish security
    parameters (signalling messages)
  • Crucial for preventing denial of service attacks
    (connection hijacking)
  • Current MIPv6 draft describes return routability
    procedures that allow for a security association
    between two nodes that is at least as trustworthy
    as the packet routing infrastructure
  • A key is generated to authenticate the subsequent
    binding update

10
Mobile IP Extensions
  • Micromobility
  • Highly mobile nodes
  • Frequent updates
  • Packet loss
  • Goal is to localise effects of mobility
  • Access Control
  • Mobile nodes must be able to obtain access from
    networks with different admin domains
  • Avoidance of a Home Network
  • Robustness and performance issues

11
(No Transcript)
12
Micromobilty Proposals
  • Host-based routing
  • distributed location database (visited network)
  • Manages care-of address
  • Hierarchical tunnelling-based
  • Provides local anchor points (binding updates
    terminated here)
  • Received packets are tunnelled to current
    address
  • Smooth handover
  • Used of signalling (access routers)

13
Access Control
  • Goal is to integrate Mobile IP binding updates
    into a single procedure
  • RFC 2977 provides requirements for AAA servers

14
Avoidance of a home network
  • Reliance on home network
  • single point of failure
  • latency and overhead issues
  • proposals
  • geographically distributed home registrars
    (HLRs)
  • requires additional infra and looses transparency
  • Homeless extension to MIPv6
  • Operates without a unique home address (always
    away)
  • Host maintains a host/foreign cache of
    source/destination addresses valid for a
    connection

15
Migrate (Snoeren and Balakrsihnan 2000)
  • Invokes the classic end2end argument
  • Host mobility may be best provided for some
    applications on an e2e basis w/o reliance to new
    network mechanisms
  • Key is the use of fully qualified domain names
    (FQDN)
  • Portability can achieved using DHCP (similar to
    MIP)
  • But location determantion is done on the basis of
    DNS lookups on a per-session basis

16
Migrate cont ...(Snoeren and Balakrsihnan 2000)
  • DNS is always consulted
  • On mobility, host updates mappings between
    hostname and IP addresses in the DNS server
    within the host's home domain
  • Stale DNS bindings are avoided by making the
    binding unreachable via zero ttl values in the
    records

17
Migrate cont ...(Snoeren and Balakrsihnan 2000)
  • Session maintenance is the hardest challenge
  • Requires e2e participation of the host and
    modification of TCP
  • Authors propose a Migrate option to TCP that
    allows an existing TCP connection to be migrated
    by either host from an old IP address to a new IP
    address
  • Accomplished using to TCP segments (SYN with
    Migrate option and ACK of that segment)

18
Migrate cont ...(Snoeren and Balakrsihnan 2000)
  • To prevent connection hijacking, the exchange can
    be secured using IPsec (or optional
    Diffie-Hellman key exchange at connection onset)

19
Host Identity Protocol(Moscowitz 2001)
  • Context
  • several advocates for the separation of IP
    addresses and EIDs in the Internet architecture
  • IRTF Name Space Research Group is investigating
    whether a new name space between the network and
    application would help solve architecural strain
  • (overlading of IP addresses -gt locations,
    interfaces, hostnames and TCP connection
    identifiers)

20
Host Identity Protocol(Moscowitz 2001)
  • Suggest a new cyrptography-based name space that
    may solve a number of problems
  • Routing table growth (multihoming)
  • Lightweight Ipsec key establishment
  • Mobility management
  • Assigns globally unique name for any host with an
    IP stack (public key)
  • Host identity can be used to autheticate
    transactions

21
Host Identity Protocol cont ...(Moscowitz 2001)
  • A HIP protocol layer is placed between IP and
    transport layers
  • Allows decoupling of transport connections from
    IP addresses
  • Packets always carry a representation of host
    identity
  • Host identity can be stored in DNS or a PKI or
    anonymous

22
Host Identity Protocol cont ...(Moscowitz 2001)
  • Requires an initial four-packet stateless
    handshake to set up keying material for
    connection (similar to a simpler IKE if datagrams
    are encrypted and piggy-backed
  • Compressed representation of the host identity is
    used in the socket identifiers
  • On mobility, host sned a HIP Readdress packet to
    any HIP-enabled correspondent peer

23
Performance Issues
24
Scalabilty Issues
25
Robustness Issues
26
Strengths and WeaknessesMobile IP
  • No deployment of host modifications
  • Can support mobile networks that do/can not need
    address change
  • Support for simultaneous mobility
  • History of RD
  • Per-packet overheads
  • Networks w/ multiple addressing schemes
  • Tunneling can conflict with firewall and Ipsec
  • Complicaitons of third party agents in network

27
Strengths and WeaknessesMigrate
  • Better path selection
  • Easier integration with NATs and firewalls
  • No per-packet overhead
  • No changes in infra
  • Requires changes to TCP implementations
  • Concerns over DNS scalability due to loss of
    caching and DNS database distribution frequency
  • TCP-centric

28
Strengths and WeaknessesHIP
  • Better path selection
  • No per-packet overhead beyond IPsec
  • Natural for networks with multiple addressing
    schemes
  • Integrated with IP security protocols
  • Natural for multihoming
  • Little implementations
  • Deployment barriers (Ipsec deployment)
  • Lacks micromobility, mobile router, simultaneous
    node movement capabilities
  • High overhead for short transactions
Write a Comment
User Comments (0)
About PowerShow.com