1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
-
Upload
tuan-dao-duy -
Category
Documents
-
view
213 -
download
0
Transcript of 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
1/26
HMI Pv6Hierarchical Mobile I Pv6 Mobili t y Management
Byung-Jin Han
I nt ernet Management Technology Lab.
Sc oo o I n or mat on & Com mun cat on Eng neer ng,
Sungkyunkwan Univ.
300 Cheoncheon-dong, Jangan-gu, Suw on-si, Gyeonggi -do, Korea.
Tel : + 82-31-290-7222, Fax : + 82-31-299-6673
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
2/26
Contents
Introduction Terminology
Mobile IPv6 Extension
Neighbor Discovery Extension
Protocol Operation
MAP Discovery
Updating Previous MAPs Detection and Recovery from MAP Failures
References
2
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
3/26
Introduction
Hierarchical Mobile IPv6 Utilizing a new node called the Mobili t y Anchor Point (MAP)
MIPv6 allows nodes to move within the Internet topology while
maintaining reachability and on-going connections between MN ands.
To do this a MN sends BUs to its HA and all CNs, every time it moves
MAP help to reduce additional delay Eliminating additional delay from the time critical handover period
Significantly improve the performance
In wireless links, reduces the number of message
3
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
4/26
Introduction
Location ofMAP MAP can be located at any level in a hierarchical network of routers
Solution with MAP
The MN sends BU to the local MAP rather than the HA and CNs
The MN sends only one BU to MAP rather than the number ofCNstimes
Aim of Hierarchical Mobilit Mana ement Model
AMAP is essentially a local HA Enhancing the performance of MIPv6
Support FMI Pv6 for achieving seamless mobility
Allows MNs to hide their location from CNs and HAs while using route
4
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
5/26
Terminology
Access Router The AR is the MNs default router
The AR a re ates the outbound traffic of MNs
Mobility Anchor Point (MAP)
A router located in a network visited by the mobile node
One or more MAPs can exist within a visited network
Regional Care-of Address (RCoA)
Auto-configured by the MN when receiving the MAP option
HMIPv6-aware Mobile Node
An MN that can receive and process the MAP option and send local bindingupdate (BU with the M flag)
On-link Care-of Address (LCoA) Simply referred as the CoA but used to distinguish it from RCoA
Local Binding Update
The MN sends a Local Binding Update to the MAP
Establish a binding between the RCoA and LCoA
5
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
6/26
Overview of HMI Pv6
HMIPv6 scheme introduces a new function The MAP and minor extensions to the MN operation
An MN entering a MAP domain will receive RA containing information on
one ore more local MAPs T e MN can in its LCoA wit RCoA
MAP acting as a local HA
If the MN changes its current address with in a local MAP domain (LCoA) t on y nee s to reg ster t e new a ress w t
Only RCoA need to be registered with CN and HA
MAP domains boundaries are defined by the ARs advertising the MAP
HMIPv6 is simply an extension of MIPv6
MAPv -aware
6
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
7/26
HMI Pv6 Operat ion
HMIPv6 Operation
CN CN
Internet Internet
MN HoA MN (HoA)
Handoff Handoff
MAP
AR1 AR2 AR1 AR2
Handoff Handoff
MN (CoA1)MN (CoA2)
MN (LCoA1,RCoA)MN (LCoA2,RCoA)
7
< MIPv6 >< HMIPv6 >
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
8/26
HMI Pv6 Operat ion
New RA option MN will discover the global address of the MAP
Also inform distance of the MAP from MN
MAP discovery Every time the MN detects movement
It will also detect whether it is still in the same MAP domain
RA used to detect movement via MAP option
When change MAP address
MN change MAP by sending BU to its HA and CNs
Local Binding Update
RCoA used as local HoA
Src = LCoA, Dst = MAP, Addr in HoA Dst Option = RCoA
Use for forward packet to MN from HA for CNs
MAP does not modify the contents of the original packet
ou e op m za on s a a a e
8
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
9/26
Mobile I Pv6 Ext ensions
Local Binding Update
Sequence #Added
A H L K M Reserved Lifetime
Mobility Options
M bit If set to 1 it indicates a MAP registration
When MN registers with the MAP M and A flags MUST be set to distinguish BU to HA or CNs
9
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
10/26
Neighbour Discovery Ext ension
MAP option message format (RA message)
Type Length Dist Pref R Reserved
Valid Lifetime
Global IP Address for MAP
Type IPv6 Neighbor Discovery option : 23
Dist 4-bit unsigned integer identifying the distance between MAP and the receiver
Default 1, it does not mean hops
R When set to 1, it indicates that the MN MUST from an RCoA based on the prefix in the
MAP option
Global Address One of the MAPs global addresses
The 64-bit prefix extracted from this address MUST be configured in the MAP to be used
10
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
11/26
Protocol Operat ion
Mobile Node Operation When a MN moves into a new MAP domain
An RCoA on the MAPs link and an on-link CoA (LCoA)
The RCoA is formed in a stateless manner
Local BU to the MAP with the A and M flags set
After forming RCoA, MN send local BU
Local BU include RCoA in Home Address Option
No alternate-CoA option is need
S = LCoA D = MAP HoA Opt AH Hdr Payload
RCoABinding Update Option
(Mobility Header)
This BU will bind RCoA and LCoA
MAP perform DAD and return a BAck to MN
BAck MUST with Type 2 Routing Header
Following successful registration with the MAP A bi-directional tunnel between the MN and the MAP is established
11
S = LCoA D = MAP ESP H r S = RCoA D = CN Pay oa ESP Tai Aut
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
12/26
Protocol Operat ion
Mobile Node Operation RCoA
MUST NOT use one RCoA (from MAP1) as a CoA in its BU to another MAP (MAP2)
This would force packets to be encapsulated several times
Bindin U date RCoA with HA and CNs After registering with MAP, the MN MUST register its new RCoA with its HA and CNs
S = LCoA D = MAP ESP Hdr S = RCoA D = HA Payload ESP Tail Auth
S = RCoA D = HA HoA Opt ESP Hdr Payload ESP Tail Auth
Handover between MAPs
HoAn ng p a e p on(Mobility Header)
,
In order to speed up and reduce packet loss
Handover within MAP domain
RCoA does not change
12
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
13/26
Protocol Operat ion
Mobile Node Operation Sending Packet to CNs
S = LCoA D = MAP ESP Hdr S = RCoA D = CN HoA Opt Payload ESP Tail Auth
HoA
13
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
14/26
Protocol Operat ion
MAP Operation The MAP act like a HA
tunnels them to LCoA, which is stored in Binding Cache
A MAP has no knowledge of the MNs HoA
The MN will send a local BU to the MAP with M and A flags set
This BU inform the MAP that MN has formed an RCoA
If Successful the MAP Must return a BAck to the MN
Identical to HA MAP MUST be able to accept packets tunneled from the MN
Using proxy Neighbour Advertisement
then encapsulated and routed to the MNs LCoA
The list of valid on-link prefixes that MN can use to derive LCoAs
This is useful for network operators to stop MN from continuing to use the MAPafter moving to a different administrative domain
Error code 129 (BAck)
14
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
15/26
Protocol Operat ion
Local Mobility Management Optimization with in a MAP Domain For short-term communication in MIPv6
MN MAY choose to directly use one of its CoA as the source of packet
Does not requiring HoA destination option
For short-term communication in HMIPv6 MN can use its RCoA as the source of packet
It provide local mobility movement, but global
Is would be useful for several application
(e.g. web browsing)
This mechanism can provide
A way of obtaining route optimization without BU to the CNs
ocat on r vacy
In HMIPv6
An MN hides its LCoA from its CNs and its HA by using RCoA Tracking of a MN is difficult
15
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
16/26
MAP Discovery
MAP Discovery Describes
How ARs in a domain discover MAPs
Dynamic MAP Discovery Based on ro a atin the MAP o tion in Ras from the MAP to MN via certain routers Requirement
Manual configuration of MAP
Allowing the routers receiving the MAP option to propagate the option
RAs are used for Dynamic MAP Discovery by introducing new option AR is required to send the MAP option in its Ras
MAP option includes distance vector, preference, MAPs global IP
16
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
17/26
MAP Discovery
Dynamic MAP Discovery The AR within a MAP domain
ARs may obtain this information by listening for RAs with MAP options
Each MAP in the network Preference value Default 10
Needs to be configured with
Distance is set to a default 1
Router receiving a RA with the MAP option Increment the Distance field by one and re-send it
If receiving router also MAP, send MAP options together
If a router receive more than one MAP option for the same MAP from two differentinterfaces, it MUST choose smallest one
MAP nodes are able toange e r pre erences ynam ca y Node overload or load sharing
17
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
18/26
MAP Discovery
Mobile Node Operation An HMIPv6 aware MN
An MN SHOULD register the highest preference value
MAY choose MAP depend on Distance field
Valid lifetime of zero mean MAP failure
An MN MUST store the received options In order to choose at least one MAP to register with
Storing the option will be compared to other option received later
For the purpose of the movement detection algorithm
If the R flag is set (in RA) The MN MUST use its RCoA as the HoA when performing the MAP registration (local BU)
An MN MAY Choose to register with more than one MAP simultaneously
Use both RCoA and LCoA as CoA simultaneously with different CNs
18
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
19/26
Updat ing Previous MAPs
BU to Previous MAPs When an MN moves into a new MAP domain
Request to forward packets addressed to the MNs new CoA
An Administrator MAY restrict the MAP from forwardin ackets to LCoAs outside the MAPs domain
RECOMMENDED However, it is RECOMMENDED that MAPs be allowed to forward packets
To LCoAs associated with some of the Ars in nei hbourin MAP domain in sameadministrative domain
19
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
20/26
Note on MAP Select ion by t he MN
MAP Selection by the MN SHOULD be Eager to perform new bindings
MAP Selection in a Distributed-MAP Environment
One or more MAPs Does not means hierarchical structure of MAPs
Does means provide redundancy
MAP selection algorithm1. Receive and parse all MAP options
2. Arrange MAPs in a descending order by furthest distance
3. Select first MAP in list
. ,
5. RepeatMAP1
MAP2 is better
MAP2
than MAP1
20MAPs
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
21/26
Det ect ion and Recovery f rom MAP Failure
MAP Failure MAP can be seen as a local HA
If a MAP fails Its binding cache content will be lost
Resultin in loss of connection between MN and CNs
May be avoid by Using more than one MAP on same link
Some form of context transfer rotocol between them
MN can detect MAP Failure When it receives a RA containing a MAP option with lifetime of zero
If presence of a protocol that transfer binding cache entries and provide same prefix
Would save MN from updating CNs and HA
By sending ICMP Echo request message to the MAP regulary If no response is received an AR may try to aggresively send echo request
no rep y s rece ve a op on may e sen w a va e me va ue o zero
21
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
22/26
Secur it y Considerat ion
The security relationship between the MN and MAP Must be strong
Mutual authentication
Integrity protection
Protection a ainst re la attack
Confidentiality
May be needed for payload traffic
Is not required for binding updates to the MAP
22
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
23/26
Secur it y Considerat ion
MN-MAP security Initial authorization MAY be needed
Specifically for the Service, not for the RCoA
Authorizing a MN to use the MAP service
Can be done based on the identity of the MN exchanged during SA negotiation
The authorization may be granted based on the MNs identity or identity of CA(Certificate Authority)
If MN has certificate signed by trusted entity, it would be sufficient for the
Initial authorization does not needed For using RCoA
Because the RCoA is tem orar and is not bound to a articular node
MN does not have to initially prove that is owns its RCoA when it establish SA withMAP
A MAP only need to ensure that or a part cu ar o was ssue y t e same t at esta s e t e or
that SA
23
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
24/26
Secur it y Considerat ion
MN-MAP security (contd) The MAP does not need to have prior knowledge
As a result the SA between the MN and the MAP can be established using any keyestablishment protocols such as IKE
The MAP needs to set the SA for the RCoA This can be IKE
Identical step for HoA in IKE
If a binding cache entry already exists for a particular RCoA No new SA should be established for such RCoA
This prevents the mobile node from being able to re-establish a SA for the sameRCoA
24
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
25/26
Secur it y Considerat ion
MN CN security HMIPv6 not impact to RR procedure
In HOTI and COTI message
Source address is HoA
S = D = ESP S = D = ESP S = D = Pa - ESP ESPLCoA MAP Hdr RCoA HA Hdr HoA CN load Tail Tail
HOTI
S =LCoA D =MAP ESPHdr S =RCoA D =CN Pay-load ESPTail Auth
COTI
25
-
7/31/2019 1. Hierarchical Mobile IPv6 Mobility Management Review Challenge and Perspective
26/26
References
H. Soliman et al., Hierarchical Mobile IPv6 Mobility Management(HMIPv6)", RFC 4140, August 2005.
26