Mobile Communications Mobility Support in Network Layer Mobile IP DHCP Mobile Communications Mobility Support in Network Layer 1 Motivation Mobility support needed to be able to use mobile devices in the Internet Mobile devices need IP address for their communication Applications would like to communicate while being “on the move” DHCP Original design motivation was not so much mobility support BUT: DHCP is very important today to use mobile device like laptop in a foreign environment Enables integration of device into network Mobile IP Enables reachability of a device, using a specific, known IP address Provides for transparency above IP, i.e. also to support ongoing TCP connections Mobile Communications Mobility Support in Network Layer 2 DHCP: Dynamic Host Configuration Protocol Application simplification of installation and maintenance of networked computers Dynamic assignment of IP address supplies systems with all necessary information, such as IP address, DNS server address, domain name, subnet mask, default router etc. enables automatic integration of systems into an Intranet or the Internet, can be used to acquire an address for Mobile IP Client/Server-Model the client sends via broadcast a request (DHCPDISCOVER) to find a DHCP server DHCPDISCOVER client server client Mobile Communications Mobility Support in Network Layer 3
DHCP - protocol mechanisms client server server initialization (not selected) (selected) DHCPDISCOVER DHCPDISCOVER determine the determine the configuration configuration DHCPOFFER DHCPOFFER collection of replies selection of configuration DHCPREQUEST DHCPREQUEST confirmation of (reject) (options) configuration DHCPACK initialization completed release DHCPRELEASE delete context Mobile Communications Mobility Support in Network Layer 4 DHCP: Discovery via Relay not in all subnets a separate DHCP server helps to reduce number servers then in a subnet a relay agent is needed, this knows DHCP server in a neighboring subnet relay forwards DHCPDISCOVER (as unicast) request to DHCP server DHCPDISCOVER (unicast) DHCPDISCOVER (broadcast) server client relay Mobile Communications Mobility Support in Network Layer 5 DHCP characteristics Server several servers can be configured for DHCP, coordination not yet standardized (i.e., manual configuration) Addresses: DHCP can assign always the same IP address to a client Or a clients gets a dynamically selected IP address from a certain range Options available for routers, subnet mask, NTP (network time protocol) timeserver, SLP (service location protocol) directory, DNS (domain name system) Big security problems! no authentication of DHCP information specified Mobile Communications Mobility Support in Network Layer 6
DHCP Lease IP addresses are assigned for a limited time (“lease”) Allows for reuse even if mobile device does not perform explicit disconnect Lease has to be renewed if IP address is needed for longer time Client is informed about lease value plus two times T1 and T2 T1=50% of lease time T2=87,5% of lease time After T1, client tries to renew lease Send new request (DHCPREQUEST) to DHCP server which gave it the lease At T2, if no positive response has been received by the client new broadcast to all DHCP servers (DHCPDISCOVER) as at the beginning Mobile Communications Mobility Support in Network Layer 7 DHCP Security Concerns Basic questions: Is client trustworthy? Is server / network trustworthy? Network wrt Client Devices in a subnetwork have often certain privileges Should not be given to unknown guest device Client may request many IP addresses Client wrt network / DHCP server Server may provide spurious configuration data Is server potentially doing a “man in the middle” attack? Authentication of DHCP information should be performed But often missing Mobile Communications Mobility Support in Network Layer 8 Motivation for Mobile IP Routing based on IP destination address, network prefix (e.g. 129.13.42) determines physical subnet change of physical subnet implies change of IP address to have a topological correct address (standard IP) or needs special entries in the routing tables Specific routes to end-systems? change of all routing table entries to forward packets to the right destination does not scale with the number of mobile hosts and frequent changes in the location, security problems Changing the IP-address? adjust the host IP address depending on the current location almost impossible to find a mobile system, DNS updates take to long time TCP connections break, security problems Mobile Communications Mobility Support in Network Layer 9
Requirements to Mobile IP (RFC 3344, was: 3220, was: 2002) Transparency mobile end-systems keep their IP address continuation of communication after interruption of link possible point of connection to the fixed network can be changed Compatibility support of the same layer 2 protocols as IP no changes to current end-systems and routers required mobile end-systems can communicate with fixed systems Security authentication of all registration messages Efficiency and scalability only little additional messages to the mobile system required (connection typically via a low bandwidth radio link) world-wide support of a large number of mobile systems in the whole Internet Mobile Communications Mobility Support in Network Layer 10 Terminology Mobile Node (MN) system (node) that can change the point of connection to the network without changing its IP address Home Agent (HA) system in the home network of the MN, typically a router registers the location of the MN, tunnels IP datagrams to the COA Foreign Agent (FA) system in the current foreign network of the MN, typically a router forwards the tunneled datagrams to the MN, typically also the default router for the MN Care-of Address (COA) address of the current tunnel end-point for the MN (at FA or MN) actual location of the MN from an IP point of view can be chosen, e.g., via DHCP Correspondent Node (CN) communication partner Mobile Communications Mobility Support in Network Layer 11 Example network HA MN router home network mobile end-system Internet (physical home network FA foreign for the MN) network router (current physical network for the MN) CN end-system router Mobile Communications Mobility Support in Network Layer 12
Data transfer to the mobile system HA 2 MN home network receiver 3 Internet foreign FA network 1. Sender sends to the IP address of MN, HA intercepts packet (proxy ARP) 1 2. HA tunnels packet to COA, here FA, CN by encapsulation 3. FA forwards the packet sender to the MN Mobile Communications Mobility Support in Network Layer 13 Data transfer from the mobile system HA 1 MN home network sender Internet FA foreign network 1. Sender sends to the IP address of the receiver as usual, CN FA works as default router receiver Mobile Communications Mobility Support in Network Layer 14 Overview COA router home router MN FA network HA foreign Internet network CN router 3. router home router MN 2. FA network HA 4. foreign Internet network 1. CN router Mobile Communications Mobility Support in Network Layer 15
Network integration Agent Advertisement HA and FA periodically send advertisement messages into their physical subnets MN listens to these messages and detects, if it is in the home or a foreign network (standard case for home network) MN reads a COA from the FA advertisement messages Registration (always limited lifetime!) MN signals COA to the HA via the FA, HA acknowledges via FA to MN these actions have to be secured by authentication Advertisement HA advertises the IP address of the MN (as for fixed systems), i.e. standard routing information routers adjust their entries, these are stable for a longer time (HA responsible for a MN over a longer period of time) packets to the MN are sent to the HA, independent of changes in COA/FA Mobile Communications Mobility Support in Network Layer 16 Agent advertisement 0 7 8 15 16 23 24 31 type code checksum #addresses addr. size lifetime router address 1 preference level 1 router address 2 preference level 2 . . . type = 16 length = 6 + 4 * #COAs type = 16 length sequence number R: registration required registration lifetime R B H F M G r T reserved COA 1 B: busy, no more registrations COA 2 H: home agent F: foreign agent . . . M: minimal encapsulation G: GRE encapsulation r: =0, ignored (former Van Jacobson compression) T: FA supports reverse tunneling reserved: =0, ignored Mobile Communications Mobility Support in Network Layer 17 Registration MN FA HA MN HA t t Mobile Communications Mobility Support in Network Layer 18
Recommend
More recommend