Mobility Support in
Internet and Mobile IP
1
�Registration
After a mobile detects at the IP (ICMP) layer that it has
moved to a new location, it starts registration procedure
with the home agent.
The aim of the registration is to let the home agent know
mobile’s current care-of-address. Mobile obtains this care-of-
address ether from the foreign agent or from a server like DHCP
server.
Registration procedure consists of sending a Registration
Request Message from mobile to home agent and a
Registration Reply Message from home agent to mobile
Registration messages has to go through Foreign agent.
Foreign Agent just forwards these registration messages back and
forth
Foreign agent is a passive entity in registration. .
Registration messages sent over UDP to port number 434.
2
�Registration Request
0 8 16 31
REQ
Type Flags Lifetime HA FA
REQ
Home address
Type: Type of the Mobile IP Message:
Home agent 1 – Registration Request. M
Lifetime: Number of seconds registration is valid.
Care-of--address Home address: The home IP address of the mobile
Home agent: The IP address of the home agent.
Identification
Care-of-address: The current IP address of the mobile –
this is then end of the tunnel.
Extensions
Identification: Used for replay protection.
…..
Extensions: Security extensions can be added to protect
from malicious people.
Registration Request Format Flags:
S: Simultaneous binding.
B: Broadcast – Home agent will tunnel broadcast
datagrams to the mobile
D: Mobile node is using a collocated care-of-address – that
means there is no foreign agent and mobile node will
decapsulate the packets itself.
M: Mobile node requests the home agent to encapsulate
the packets using Minimal Encapsulation
G: Mobile node requests the home agent to encapsulate
the packets using GRE Encapsulation
IP Header UDP Header Mobile IP Message Extensions
3
�Registration Reply
RPL
HA FA
RPL
0 8 16 31
M
Type Code Lifetime
Home address
Home agent Type: 3 – Registration Reply
Code: Indicates the result of registration
Identification
Some code values:
Extensions 0 registration accepted
….. 66 insufficient resources at foreign agent
70 poorly formed request
130 insufficient resources at home agent
Registration Reply Format
131 mobile node failed authentication
Lifetime: The granted life time by home agent for
registration
4
�Care-of-Address Types
Normal Care-of-address
The care-of-address that mobile obtains at a new location is the
IP address of a foreign agent serving at that new location.
Registration and communication has to go through foreign agent
Collocated care-of-address
There is no separate foreign agent present at the new location
Mobile obtains an IP at the new location through some standard
mechanisms like DHCP.
This IP address is called collocated IP address.
The foreign agent functionality is executed at the mobile node
itself.
The mobile node decapsulates the tunneled packets coming from
home agent.
Registration and communication is done directly between
mobile and home agent.
5
�Securing the registration
procedure
Security problem
Fraudulent registrations should be detected.
A bad person can send registration packets to home
agent as if the packets are coming from a legitimate
mobile user.
In this way, the bad user can redirect the traffic destined
to mobile node to itself and obtain the packets.
Hence we need authentication
There are three authentication extensions
defined for Mobile IP
The mobile-home authentication extension
The mobile-foreign authentication extension
The foreign-home authentication extension.
6
�Securing the registration
procedure
0 8 16 31
Type: 32 – Mobile-Home authentication extension
Type Length SPI 33 – Mobile-Foreign authentication extension
34 – Foreign-Home authentication extension
SPI….continued Authenticator
SPI: Security Parameter Index. Defines the security
Authenticator….. context (algorithm, mode, key) to computer
the authenticator.
Mobile IP Authentication Extension Authenticator: variable length.
Added to the Registration Request
Message
Default Authentication Algorithm:
Keyed-MD5 in prefix-suffix mode
128 bit authenticator: message digest of the registration message.
Computer over:
shared secret key,
spi index,
protected fields of registration message,
shared secret again.
7
�Routing and Tunneling
When a correspondent host sends an IP packet to a mobile (to
its home address), packet is routed first to home agent of
mobile through normal routing.
Home agent intercepts the packet and encapsulates it and
tunnels it to the care-of-address (tunnel exit point) of the
mobile.
The encapsulated packet is delivered to the care-of-address using
normal routing.
There are various encapsulation methods:
IP-IP Encapsulation
Minimal Encapsulation
GRE (Generic Routing Encapsulation) Encapsulation.
C
Tunnel
HA FA
Encapsulated IP Packet
8
�IP-IP Encapsulation at Home
Agent
Ver HL TOS Total Length
Identification Flags Fragm. Offset
Home agent encapsulated the IP
Outer Packet inside an other IP header and
TTL Protocol=4 Header Checksum
Header Sends it to the care-of-address of
Src Address = Home agent addres
mobile
Dest Address = Care-of-Address of M
Ver HL TOS Total Length
Identification Flags Fragm. Offset
Inner
Header TTL Protocol Header Checksum
Src Address = Addr of C An IP packet is received at the
Dest Address = Addr of M Home agent from a correspondent
host for a mobile host.
IP PAYLOAD
0 8 16 31
9
�IP-IP Decapsulation at the Care-of-
Address
Ver HL TOS Total Length
Identification Flags Fragm. Offset
Outer
TTL Protocol=4 Header Checksum
Header
Src Address = Home agent addres
Dest Address = Care-of-Address of M
An encapsulated IP packet is received
at the foreign agent (or at the mobile
Ver HL TOS Total Length
Itself for a collocated care-of-address).
Identification Flags Fragm. Offset
Inner
Header TTL Protocol Header Checksum
Receiver understands that the packet
Src Address = Addr of C is IP-IP encapsulated by looking
Dest Address = Addr of M to the protocol field (which is 4).
IP PAYLOAD Receiver forwards (not routes)
the decapsulated IP packet to the
mobile node using
0 8 16 31
link-level mechanisms!
10
�Minimal Encapsulation at Home
Agent Tunneled to
care-of-address
Ver HL TOS Total Length
Identification Flags Fragm. Offset
Outer
TTL Proto=55 Header Checksum
Ver HL TOS Total Length header
Src Address = Addr of home agent
Identification Flags Fragm. Offset
TTL Protocol Header Checksum Dest Address = Care-of-addr of mobile
Protocol S Reserved Header Checksum
Src Address = Addr of C Minimal
Src Address = Addr of C Inner
Dest Address = Addr of M
header
Dest Address = Addr of M
IP PAYLOAD
IP PAYLOAD
Encapsulated using
Packet comes from Minimal Encapsulation
Correspondent host Method
11
�Home Network Configurations
Physical Home Network
1) Internetwork Router
Home Agent
Physical Home Network
Router and
2) Internetwork home agent
Virtual Home Network
3) Internetwork Router and
home agent
12
�Sending packets between mobile
and foreign agent
When a mobile moves to a new location, a foreign should be
broadcasting (IP and link layer broadcast) advertisements
on the link (sub-network).
Mobile will be able to receive this broadcast message and
will learn:
The IP address of the foreign agent (this will be the care-of-
address of the mobile most of the time).
The hardware (MAC or link-level address) of the foreign agent.
When mobile sends a registration packet through this
foreign agent, the foreign agent will learn:
The home address of the mobile
The hardware (MAC or link level) address of the mobile.
The registration packet will be sent directly to the foreign agent by
using the MAC address of the foreign agent (No need to do ARP
request).
13
� Foreign Mobile
Agent Node
- FA -M
Mobile Node receives
Broadcasted broadcast frame and
FA periodically broadcasts
Mobile Agent Advertisement learns the MAC and IP
advertisements.
MAC broadcast address is address of the FA. Its
used. No need for ARP. Stored this info.
FA learns the MAC address Mobile Node sends
of a mobile from the Registration Request a registration request
registration request message. message directly to FA.
Learns also the home It is not using ARP
protocol to obtain the
address of the mobile. This
MAC address of FA.
info is stored.
Registration Reply
Reply is sent directly
to the MAC address
of mobile. No need for
ARP.
DATA Mobile node sends data
Directly to the MAC address
of FA. No ARP needed.
FA sends data
directly to the MAC
address of FA. DATA
No ARP needed.
14
� Sending Data from Foreign Agent to
Mobile
Mobile
Foreign
Node
Agent
APPS
UDP Other TCP/UDP
Dst Src Fields
IP_F IP Payload IP_M IP_C …. IP_M
MAC_F IP Payload IP_M IP_C …. type MAC_F MAC_M MAC_M
Src Dst
(6 b ytes) (6 bytes)
IP Header Ethernet Header
(link level header)
15
�Sending Data from Mobile to Foreign
Agent
Mobile
Foreign
Node
Agent
APPS APPS
TCP/UDP Other IP Payload TCP/UDP
Fields Src Dst
IP_F …. IP_M IP_C IP Payload IP_M
MAC_F MAC_F MAC_M type …. IP_M IP_C IP Payload MAC_M
Dst Src
(6 bytes) (6 b ytes) IP Header
Ethernet Header
(link level header)
16
�Decapsulation again
Mobile
Foreign
Node
Agent
APPS APPS
Home
Agent TCP/UDP TCP/UDP
dst src dst src ds t src
IP_M IP_M IP_F IP_H IP_F IP_M IP_C IP_M
IP_H
TUNNEL MAC_F IP_M IP_C MAC_F MAC_M MAC_M
17
�How to attract packets at the Home network
Physical Home Network
Proxy ARPing enabled
MAC_R IP_M MAC_H
.......
Internetwork Router
Proxy ARP table
IP Payload IP_M IP_C …. Home Agent
MAC_H
An IP Packet
comed from a
correspondent host Broadcast ARP Request
destined to a Mobile Host Who has IP_M
Unicast ARP Reply
I have IP_M, My MAC addr=MAC_H
IP Packet put into a Ethernet Frame
IP Payload IP_M IP_C type MAC_R MAC_M
18
�Proxy ARPing
The packet comes to the last router that the home subnetwork is
connected to.
The router will try ro resolve the IP address of Mobile (IP_M) into the
corresponding MAC
layer address (Hardware address).
For this pupose, it will broadcasts an ARP request packet
Since the mobile is not at home subnet, it will not be able to answer
ARP request.
Home agent will answer instead of the Mobile node. İn order to do this,
home agent should
be configured to do proxy ARPing.
Home agent replies to the ARP request with an ARP reply, including
its MAC address (MAC_H) as the MAC level address corresponding to
the IP address of the Mobile.
The router, upon receiving the ARP reply, will send the IP packet to the
MAC address of the home agent.
In this way, the home agent attracts the IP packets that are destined to
the mobile node.
19
� Gratuitous ARP Functionality
Physical Home Network
Mobile Node is at home subnet
ARP Table
An Other Host IP_M MAC_M
MAC_R
ARP Table
An Other Host
Internetwork Router IP_M MAC_M
Home Agent
MAC_H
Mobile Node
MAC_M
Mobile Node moved away from ARP Table
homesubnet An Other Host IP_M MAC_H
MAC_R
ARP Table
An Other Host
Internetwork Router IP_M MAC_H
Home Agent
MAC_H
Physical Home Network
20
�Gratuitous ARP Operation
An Other Host
MAC_R
An Other Host
Internetwork Router
Home Agent
MAC_H
Physical Home Network
Home Agent Receives Registration
Request from New Location
Home agent broadcasts Gratuitous ARP
on the Link (indicating IP_M is now located at MAC addr MAC_H)
All other hosts on the LAN update their ARP
Caches with binding: IP_M MAC_H
21
�ARP Packet Format Ether Type: 0x8006 ARP protocol
Op Field: 1 – ARP Request
2 – ARP Reply
Ethernet Header ARP Packet
Ether Ether Ether Hw Prot Sender Sender Target Target
op
Dst Src Type type type Hw Addr IP Addr Hw Addr IP Addr
6 6 2 2 2 1 1 2 6 4 6 4
Hw Proto
size size
Sender Receiver
LAN
ARP Request (Broadcasted)
ARP Reply (Unicasted)
22
� Example: Proxy ARP
(IP_X, MAC_X) Src Dst Correspondent
(IP_H, MAC_H) Host
Host X
Home Agent ---- IP_C IP_M IP Payload (IP_C)
Normal
Internet
Home Subnet INTERNET Routing
Router
(IP_R, MAC_R)
ARP Request
Hw Prot
FFFFFF MAC_R 1 MAC_R IP_R ---- IP_M
type type (IP_M, MAC_M)
Sender Sender Target Target
MAC IP MAC IP
Proxy ARP Reply
Prot Hw
IP_M MAC_H IP_H MAC_H 2 MAC_H MAC_R
type type
Target Target
IP MAC
Data (IP Packet)
MAC_H MAC_R ---- IP_C IP_M IP Payload
23
� Example: Gratuitous ARP
Correspondent
(IP_X, MAC_X)
(IP_H, MAC_H) Host
Host X
Home Agent IP_M MAC_M (IP_C)
IP_M MAC_H
INTERNET
Home Subnet
Router
(IP_R, MAC_R) REGISTRATION
(IP_M, MAC_M) IP_M MAC_M
IP_M MAC_H
Broadcast Gratuitous ARP Request (IP_M, MAC_M)
Prot Hw
IP_M ..... IP_M MAC_H 1 MAC_H FFFFFF
type type
Target Target Sender
IP MAC MAC
Sender
IP Home Agent Broadcast an Gratuitous ARP Request on the LAN.
Any receiveing host will update its ARP cache.
24
