logging in or signing up MobileIP aleenakazmi Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 285 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: February 09, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: cdactinku (8 month(s) ago) thanks 4 uploading the slides Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript Mobile IP : 1 Updated_01-02-01 © 2001, Cisco Systems, Inc. Mobile IP Mobile IP : Mobile IP CONTENTS Introduction (Mobile IP) Why Mobile IP? Mobile IP Networks Elements Mobile IP Key Concepts Mobile Router Features Difference between IPv4 & IPv6 Security in Mobile IP Mobile IP : Mobile IP Definition: A standard that allows users with mobile devices whose IP addresses are associated with one network to stay connected when moving between networks with same IP address. Mobile IP is most often found in wireless WAN environments where users need to carry their mobile devices across multiple LANs with different IP addresses. Why Mobile IP? : Why Mobile IP? 4 Updated_01-02-01 © 2001, Cisco Systems, Inc. Why Mobile IP? : Why Mobile IP? Mobile IP was developed as a means for transparently dealing with problems of mobile users Enables hosts to stay connected to the Internet regardless of their location Enables hosts to be tracked without needing to change their IP address Requires no changes to software of non-mobile hosts/routers Requires addition of some infrastructure Has no geographical limitations Requires no modifications to IP addresses or IP address format Supports security Could be even more important than physically connected routing The benefit of Mobile IP : The benefit of Mobile IP “Mobile IP provides an IP node the ability to retain the same IP address and maintain uninterrupted network and application connectivity while traveling across networks ” Slide 7: The objective Maintaining continuous IP connectivity while crossing network boundaries, e.g. subnets or between networks Internet Host B Gateway A 171.68.0.0 Gateway C 140.31.0.0 Mobile Router 171.68.69.0 171.68.70.0 Slide 8: Applications Slide 9: The Possibilities Many Networks Roaming Mobile Routers Slide 10: IETF Proposed Standard Approved by the Internet Engineering Steering Group (IESG) in June 1996; published proposed standard in Nov. 1996 Mobile IP is an IETF proposed standard solution for mobility at Layer 3 IP RFC2002/3220 - Mobile IP RFC2003 and RFC2004 - Tunnel encapsulation RFC2005 - Mobile IP applicability RFC2006 - Mobile IP MIB Associated RFCs RFC1701 GRE – Generic Routing Encapsulation RFC3024 - Reverse Tunneling for Mobile IP IETF standardization process is still underway Internet Engineering Task Force Slide 11: Mobile IP Terminology Mobile Router (MR) Home Agent (HA) Foreign Agent (FA) [1 Hop Away from MR] Care of Address (CoA) [Tunnel Endpoint] Correspondent Node (CN) Security Association (SA) [SPI/Key] ICMP Router Discovery Protocol (IRDP) [Advertisement] Registration Request (RRQ) MR HA FA CN Internet Slide 12: Mobile IP Network Elements Mobile Node (MN) The entity that may change its point of attachment from network to network in the Internet Detects it has moved and registers with “best” FA Assigned a permanent IP called its home address to which other hosts send packets regardless of MN’s location. Home Agent (HA) This is router with additional functionality Located on home network of MN Does mobility binding of MN’s IP with its COA Forwards packets to appropriate network when MN is away. Slide 13: Foreign Agent (FA) Another router with enhanced functionality If MN is away from HA the it uses an FA to send/receive data to/from HA Advertises itself periodically Forward’s MN’s registration request Care-of-address (COA) Address which identifies MN’s current location Sent by FA to HA when MN attaches Usually the IP address of the FA Correspondent Node (CN) End host to which MN is corresponding (eg. a web server) Mobile IP Network Elements Slide 14: The Problem with Mobility Internet Host B Gateway A 171.68.0.0 Gateway C 140.31.0.0 Mobile Router 171.68.69.0 171.68.70.0 “Connect to 171.68.69.24” ? Gateway A replies to Host B with an ICMP unreachable Gateway C blocks router from joining network SEND X Routing Protocol rejects duplicate network advertisements Where is 171.68.69.0??? Slide 15: Mobile IP Solution Internet Host B Home Agent 171.68.60.1 Mobile Router 171.68.69.0 171.68.70.0 Foreign Agent COA 140.31.2.1 Home Agent forwards packets to Mobile Router via Care of Address [CoA] Mobile Router sends Registration Request [RRQ] to Home Agent (HA) Mobile IPMechanism : Mobile IPMechanism 16 Updated_01-02-01 © 2001, Cisco Systems, Inc. Don’t Worry : Don’t Worry A Mobile IP network is just as easy to build as any IP network. There are just a few new rules. Mobile IP Working Mechanism : 18 Updated_01-02-01 © 2001, Cisco Systems, Inc. Mobile IP Working Mechanism Advertisement Tunneling Slide 19: Mobile IP Working Mechanism How does the Mobile Node find out where it is? Mobility Agent Advertisements—facilitates discovery of Mobility Agents (MN may solicits on demand) How does the Mobile Node inform the Home Agent of its current location? Via Registration—updates mobility binding after successful authentication using security association between MN and HA How does the Mobile Node receive packets from the Home Agent? Tunneling—Home agent adds IP header to direct packets to CoA, where decapsulation occurs Slide 20: Mobility Binding Table: MN CoA 171.68.69.24 140.31.2.1 Mobile IP Activities Example MN learns about FA and registers CoA HA maintains MN location database and tunnels traffic to FA Internet Host B Home Agent 171.68.69.1 Host A 171.68.69.24 Foreign Agent 140.31.2.1 Slide 21: Phase 1: Agent Discovery MR sends out advertisement request (Solicitation) to “all router” multicast address 224.0.0.2 FA responds with unicast advertisement to MR Response includes Care-of Address FA HA Slide 22: Phase 1: Agent Discovery R | B | H | F | M | G | r | T | Mobile IP Agent Advertisement Message 0 8 16 31 Slide 23: Options in FA advertisements R Registration required. Registration with this foreign agent (or another foreign agent on this link) is required even when using a co-located care-of address. B Busy. The foreign agent will not accept registrations from additional mobile nodes. H Home agent. This agent offers service as a home agent on the link on which this Agent Advertisement message is sent. F Foreign agent. This agent offers service as a foreign agent on the link on which this Agent Advertisement message is sent. M Minimal encapsulation. This agent implements receiving tunneled datagrams that use minimal encapsulation [34]. G GRE encapsulation. This agent implements receiving tunneled datagrams that use GRE encapsulation [16]. r Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses. T Foreign agent supports reverse tunneling. Slide 24: Phase 2: Registration Request MR retrieves CoA from Advertisement and sends in RRQ FA checks requested services and either rejects and replies or forwards the RRQ to HA 1.1.1.7 MR FA 1.1.1.7 HA Slide 25: Phase 2: Registration Request Registration request format S| B| D|M |G |r |T |x| Flag 0 8 16 31 Slide 26: Options in RRQ S Simultaneous bindings. If the 'S' bit is set, the mobile node is requesting that the home agent retain its prior mobility bindings. B Broadcast datagrams. If the 'B' bit is set, the mobile node requests that the home agent tunnel to it any broadcast datagrams that it receives on the home network, D Decapsulation by mobile node. If the 'D' bit is set, the mobile node will itself decapsulate datagrams which are sent to the care-of address. That is, the mobile node is using a co-located care-of address. M Minimal encapsulation. If the 'M' bit is set, the mobile node requests that its home agent use minimal encapsulation[34] for datagrams tunneled to the mobile node. G GRE encapsulation. If the 'G' bit is set, the mobile node requests that its home agent use GRE encapsulation [16] for datagrams tunneled to the mobile node. r Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses. T Reverse Tunneling requested. Slide 27: Phase 2: RRQ Reply Home Agent HA authenticates MR Sends RRP Proxy ARPs for MR Brings up tunnel and adds host route Foreign Agent FA sees MR is authenticated Forwards RRP to MR Brings up tunnel Slide 28: Phase 2: RRQ Reply 0 8 16 31 Registration Reply format Slide 29: Phase 3: Routing (Tunneling) Home Agent Foreign Agent Correspondent Host The home agent intercepts the traffic while the Mobile Router is registered as away Traffic is sent as usual to the home subnet Traffic is tunneled to the CoA of the MR and forwarded to MR Traffic from the Mobile Networks can go directly to the correspondent host = “Triangle Routing” MobileRouter Slide 30: Mobile Network Routing – Packet Flow Mobile Router Foreign Agent Home Agent Correspondent Node Mobile Networks appear to be here Node on MR Edited slide from original by Lawrence Searcy, Cisco Systems Slide 31: Mobile Network Routing – Packet Flow Mobile Router Foreign Agent Correspondent Node Node on MR Mobile Network Routing – Packet Flow : Mobile Router Foreign Agent Correspondent Node HA-FA Tunnel FA WAN Nodes on MR Mobile Network Routing – Packet Flow Slide 33: Mobile Network Routing – Packet Flow Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel HA-FA Tunnel FA WAN Node on MR Slide 34: Mobile Network Routing – Return Packet Flow Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel HA-FA Tunnel FA WAN Node on MR Tunneling : Tunneling HA double encapsulates the packets, creating two tunnels: HA to FA HA to MR FA strips outer header and forwards to MR MR strips inner header and forwards to node on mobile network Mobile IP Features : Mobile IP Features 36 Updated_01-02-01 © 2001, Cisco Systems, Inc. Mobile Router Features : Mobile Router Features Reverse tunneling Preferred interfaces MR Asymmetric Links 1.Reverse Tunneling : 1.Reverse Tunneling Normally, routers route packets by looking at the destination address only. A security measure against attacks (such as spoofing), ingress filtering on a router checks the source and destination addresses on a packet to make sure that they are topologically correct. This poses a problem for Mobile IP because the source address of a packet from a mobile node does not belong to the network from which it emanated. Mobile Network Routing – Packet Flow : Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel Mobile Network HA-FA Tunnel FA WAN Node on MR Mobile Network Routing – Packet Flow Reverse Tunneling : Reverse Tunneling Reverse tunneling satisfies ingress filtering Packets from the mobile network are sent back to the HA through the tunnel HA de-capsulates the packets and forwards them to their destination through normal routing Thus, the received packets’ path is topologically correct Mobile Network Routing – Reverse Tunneling : Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel Roaming Interface Mobile Network HA-FA Tunnel FA WAN Node on MR Mobile Network Routing – Reverse Tunneling Edited slide from original by Lawrence Searcy, Cisco Systems 2. Preferred Interfaces : 2. Preferred Interfaces By default, the Mobile Router sends data out the active interface with the highest bandwidth. If the bandwidth on multiple interfaces is equal, then the interface with the higher IP address is preferred. Priority can be configured on mobile router interfaces (default 100). MR prefers to register with higher priority interface. Uses – least-cost routing, preferential routing 3. Asymmetric Links : 3. Asymmetric Links Mobile Router can route traffic unidirectionally over half-duplex links Especially for a satellite environment MR configured to send traffic to a downlink router even though it hears advertisements on another interface FA configured to advertise foreign-agent service out only one interface, the uplink interface connected to MR Asymmetric Links : Asymmetric Links Home Agent Foreign Agent Uplink Downlink MR FA advertises service on its uplink to MR’s downlink MR sends RRQ to HA via FA using its uplink RRP is sent to FA, which forwards it to MR on its uplink. Uplink Downlink ADVT RRQ RRP Then tunnels are set up between HA-FA, HA-MR’s downlink interface Mobile IPv6 & IPv4&Security : Mobile IPv6 & IPv4&Security 45 Updated_01-02-01 © 2001, Cisco Systems, Inc. Differences between Mobile IPv4 and Mobile IPv6 : Differences between Mobile IPv4 and Mobile IPv6 Mobile IPv6 leverages enormous IPv6 address space Mobile IPv6 is integrated into base IPv6 protocol MNv6 automatically obtain CoA after Router Advertisement received No Foreign Agent in Mobile IPv6 Registrations are protected by IPSec in Mobile IPv6 Built in route optimization between MNv6 and CNv6 Security in Mobile IP : Security in Mobile IP Authentication can be performed by all parties Only authentication between MN and HA is required Replay protection Timestamps are mandatory Random numbers on request reply packets are optional HA and FA do not have to share any security information. Questions? : Questions? You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
MobileIP aleenakazmi Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 285 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: February 09, 2011 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: cdactinku (8 month(s) ago) thanks 4 uploading the slides Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript Mobile IP : 1 Updated_01-02-01 © 2001, Cisco Systems, Inc. Mobile IP Mobile IP : Mobile IP CONTENTS Introduction (Mobile IP) Why Mobile IP? Mobile IP Networks Elements Mobile IP Key Concepts Mobile Router Features Difference between IPv4 & IPv6 Security in Mobile IP Mobile IP : Mobile IP Definition: A standard that allows users with mobile devices whose IP addresses are associated with one network to stay connected when moving between networks with same IP address. Mobile IP is most often found in wireless WAN environments where users need to carry their mobile devices across multiple LANs with different IP addresses. Why Mobile IP? : Why Mobile IP? 4 Updated_01-02-01 © 2001, Cisco Systems, Inc. Why Mobile IP? : Why Mobile IP? Mobile IP was developed as a means for transparently dealing with problems of mobile users Enables hosts to stay connected to the Internet regardless of their location Enables hosts to be tracked without needing to change their IP address Requires no changes to software of non-mobile hosts/routers Requires addition of some infrastructure Has no geographical limitations Requires no modifications to IP addresses or IP address format Supports security Could be even more important than physically connected routing The benefit of Mobile IP : The benefit of Mobile IP “Mobile IP provides an IP node the ability to retain the same IP address and maintain uninterrupted network and application connectivity while traveling across networks ” Slide 7: The objective Maintaining continuous IP connectivity while crossing network boundaries, e.g. subnets or between networks Internet Host B Gateway A 171.68.0.0 Gateway C 140.31.0.0 Mobile Router 171.68.69.0 171.68.70.0 Slide 8: Applications Slide 9: The Possibilities Many Networks Roaming Mobile Routers Slide 10: IETF Proposed Standard Approved by the Internet Engineering Steering Group (IESG) in June 1996; published proposed standard in Nov. 1996 Mobile IP is an IETF proposed standard solution for mobility at Layer 3 IP RFC2002/3220 - Mobile IP RFC2003 and RFC2004 - Tunnel encapsulation RFC2005 - Mobile IP applicability RFC2006 - Mobile IP MIB Associated RFCs RFC1701 GRE – Generic Routing Encapsulation RFC3024 - Reverse Tunneling for Mobile IP IETF standardization process is still underway Internet Engineering Task Force Slide 11: Mobile IP Terminology Mobile Router (MR) Home Agent (HA) Foreign Agent (FA) [1 Hop Away from MR] Care of Address (CoA) [Tunnel Endpoint] Correspondent Node (CN) Security Association (SA) [SPI/Key] ICMP Router Discovery Protocol (IRDP) [Advertisement] Registration Request (RRQ) MR HA FA CN Internet Slide 12: Mobile IP Network Elements Mobile Node (MN) The entity that may change its point of attachment from network to network in the Internet Detects it has moved and registers with “best” FA Assigned a permanent IP called its home address to which other hosts send packets regardless of MN’s location. Home Agent (HA) This is router with additional functionality Located on home network of MN Does mobility binding of MN’s IP with its COA Forwards packets to appropriate network when MN is away. Slide 13: Foreign Agent (FA) Another router with enhanced functionality If MN is away from HA the it uses an FA to send/receive data to/from HA Advertises itself periodically Forward’s MN’s registration request Care-of-address (COA) Address which identifies MN’s current location Sent by FA to HA when MN attaches Usually the IP address of the FA Correspondent Node (CN) End host to which MN is corresponding (eg. a web server) Mobile IP Network Elements Slide 14: The Problem with Mobility Internet Host B Gateway A 171.68.0.0 Gateway C 140.31.0.0 Mobile Router 171.68.69.0 171.68.70.0 “Connect to 171.68.69.24” ? Gateway A replies to Host B with an ICMP unreachable Gateway C blocks router from joining network SEND X Routing Protocol rejects duplicate network advertisements Where is 171.68.69.0??? Slide 15: Mobile IP Solution Internet Host B Home Agent 171.68.60.1 Mobile Router 171.68.69.0 171.68.70.0 Foreign Agent COA 140.31.2.1 Home Agent forwards packets to Mobile Router via Care of Address [CoA] Mobile Router sends Registration Request [RRQ] to Home Agent (HA) Mobile IPMechanism : Mobile IPMechanism 16 Updated_01-02-01 © 2001, Cisco Systems, Inc. Don’t Worry : Don’t Worry A Mobile IP network is just as easy to build as any IP network. There are just a few new rules. Mobile IP Working Mechanism : 18 Updated_01-02-01 © 2001, Cisco Systems, Inc. Mobile IP Working Mechanism Advertisement Tunneling Slide 19: Mobile IP Working Mechanism How does the Mobile Node find out where it is? Mobility Agent Advertisements—facilitates discovery of Mobility Agents (MN may solicits on demand) How does the Mobile Node inform the Home Agent of its current location? Via Registration—updates mobility binding after successful authentication using security association between MN and HA How does the Mobile Node receive packets from the Home Agent? Tunneling—Home agent adds IP header to direct packets to CoA, where decapsulation occurs Slide 20: Mobility Binding Table: MN CoA 171.68.69.24 140.31.2.1 Mobile IP Activities Example MN learns about FA and registers CoA HA maintains MN location database and tunnels traffic to FA Internet Host B Home Agent 171.68.69.1 Host A 171.68.69.24 Foreign Agent 140.31.2.1 Slide 21: Phase 1: Agent Discovery MR sends out advertisement request (Solicitation) to “all router” multicast address 224.0.0.2 FA responds with unicast advertisement to MR Response includes Care-of Address FA HA Slide 22: Phase 1: Agent Discovery R | B | H | F | M | G | r | T | Mobile IP Agent Advertisement Message 0 8 16 31 Slide 23: Options in FA advertisements R Registration required. Registration with this foreign agent (or another foreign agent on this link) is required even when using a co-located care-of address. B Busy. The foreign agent will not accept registrations from additional mobile nodes. H Home agent. This agent offers service as a home agent on the link on which this Agent Advertisement message is sent. F Foreign agent. This agent offers service as a foreign agent on the link on which this Agent Advertisement message is sent. M Minimal encapsulation. This agent implements receiving tunneled datagrams that use minimal encapsulation [34]. G GRE encapsulation. This agent implements receiving tunneled datagrams that use GRE encapsulation [16]. r Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses. T Foreign agent supports reverse tunneling. Slide 24: Phase 2: Registration Request MR retrieves CoA from Advertisement and sends in RRQ FA checks requested services and either rejects and replies or forwards the RRQ to HA 1.1.1.7 MR FA 1.1.1.7 HA Slide 25: Phase 2: Registration Request Registration request format S| B| D|M |G |r |T |x| Flag 0 8 16 31 Slide 26: Options in RRQ S Simultaneous bindings. If the 'S' bit is set, the mobile node is requesting that the home agent retain its prior mobility bindings. B Broadcast datagrams. If the 'B' bit is set, the mobile node requests that the home agent tunnel to it any broadcast datagrams that it receives on the home network, D Decapsulation by mobile node. If the 'D' bit is set, the mobile node will itself decapsulate datagrams which are sent to the care-of address. That is, the mobile node is using a co-located care-of address. M Minimal encapsulation. If the 'M' bit is set, the mobile node requests that its home agent use minimal encapsulation[34] for datagrams tunneled to the mobile node. G GRE encapsulation. If the 'G' bit is set, the mobile node requests that its home agent use GRE encapsulation [16] for datagrams tunneled to the mobile node. r Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses. T Reverse Tunneling requested. Slide 27: Phase 2: RRQ Reply Home Agent HA authenticates MR Sends RRP Proxy ARPs for MR Brings up tunnel and adds host route Foreign Agent FA sees MR is authenticated Forwards RRP to MR Brings up tunnel Slide 28: Phase 2: RRQ Reply 0 8 16 31 Registration Reply format Slide 29: Phase 3: Routing (Tunneling) Home Agent Foreign Agent Correspondent Host The home agent intercepts the traffic while the Mobile Router is registered as away Traffic is sent as usual to the home subnet Traffic is tunneled to the CoA of the MR and forwarded to MR Traffic from the Mobile Networks can go directly to the correspondent host = “Triangle Routing” MobileRouter Slide 30: Mobile Network Routing – Packet Flow Mobile Router Foreign Agent Home Agent Correspondent Node Mobile Networks appear to be here Node on MR Edited slide from original by Lawrence Searcy, Cisco Systems Slide 31: Mobile Network Routing – Packet Flow Mobile Router Foreign Agent Correspondent Node Node on MR Mobile Network Routing – Packet Flow : Mobile Router Foreign Agent Correspondent Node HA-FA Tunnel FA WAN Nodes on MR Mobile Network Routing – Packet Flow Slide 33: Mobile Network Routing – Packet Flow Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel HA-FA Tunnel FA WAN Node on MR Slide 34: Mobile Network Routing – Return Packet Flow Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel HA-FA Tunnel FA WAN Node on MR Tunneling : Tunneling HA double encapsulates the packets, creating two tunnels: HA to FA HA to MR FA strips outer header and forwards to MR MR strips inner header and forwards to node on mobile network Mobile IP Features : Mobile IP Features 36 Updated_01-02-01 © 2001, Cisco Systems, Inc. Mobile Router Features : Mobile Router Features Reverse tunneling Preferred interfaces MR Asymmetric Links 1.Reverse Tunneling : 1.Reverse Tunneling Normally, routers route packets by looking at the destination address only. A security measure against attacks (such as spoofing), ingress filtering on a router checks the source and destination addresses on a packet to make sure that they are topologically correct. This poses a problem for Mobile IP because the source address of a packet from a mobile node does not belong to the network from which it emanated. Mobile Network Routing – Packet Flow : Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel Mobile Network HA-FA Tunnel FA WAN Node on MR Mobile Network Routing – Packet Flow Reverse Tunneling : Reverse Tunneling Reverse tunneling satisfies ingress filtering Packets from the mobile network are sent back to the HA through the tunnel HA de-capsulates the packets and forwards them to their destination through normal routing Thus, the received packets’ path is topologically correct Mobile Network Routing – Reverse Tunneling : Mobile Router Foreign Agent Correspondent Node HA-MR Tunnel Roaming Interface Mobile Network HA-FA Tunnel FA WAN Node on MR Mobile Network Routing – Reverse Tunneling Edited slide from original by Lawrence Searcy, Cisco Systems 2. Preferred Interfaces : 2. Preferred Interfaces By default, the Mobile Router sends data out the active interface with the highest bandwidth. If the bandwidth on multiple interfaces is equal, then the interface with the higher IP address is preferred. Priority can be configured on mobile router interfaces (default 100). MR prefers to register with higher priority interface. Uses – least-cost routing, preferential routing 3. Asymmetric Links : 3. Asymmetric Links Mobile Router can route traffic unidirectionally over half-duplex links Especially for a satellite environment MR configured to send traffic to a downlink router even though it hears advertisements on another interface FA configured to advertise foreign-agent service out only one interface, the uplink interface connected to MR Asymmetric Links : Asymmetric Links Home Agent Foreign Agent Uplink Downlink MR FA advertises service on its uplink to MR’s downlink MR sends RRQ to HA via FA using its uplink RRP is sent to FA, which forwards it to MR on its uplink. Uplink Downlink ADVT RRQ RRP Then tunnels are set up between HA-FA, HA-MR’s downlink interface Mobile IPv6 & IPv4&Security : Mobile IPv6 & IPv4&Security 45 Updated_01-02-01 © 2001, Cisco Systems, Inc. Differences between Mobile IPv4 and Mobile IPv6 : Differences between Mobile IPv4 and Mobile IPv6 Mobile IPv6 leverages enormous IPv6 address space Mobile IPv6 is integrated into base IPv6 protocol MNv6 automatically obtain CoA after Router Advertisement received No Foreign Agent in Mobile IPv6 Registrations are protected by IPSec in Mobile IPv6 Built in route optimization between MNv6 and CNv6 Security in Mobile IP : Security in Mobile IP Authentication can be performed by all parties Only authentication between MN and HA is required Replay protection Timestamps are mandatory Random numbers on request reply packets are optional HA and FA do not have to share any security information. Questions? : Questions?