view Side-By-Side changes
IETF Mobile IP Working Group David B. Johnson
INTERNET-DRAFT Rice University
Charles Perkins
Nokia Research Center
22 March
Jari Arkko
Ericsson
1 May 2002
Mobility Support in IPv6
<draft-ietf-mobileip-ipv6-16.txt>
<draft-ietf-mobileip-ipv6-17.txt>
Status of This Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC 2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note
that other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents, valid for a maximum of six
months, and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This document specifies the operation of mobile computers using IPv6.
Each mobile node is always identified by its home address, regardless
of its current point of attachment to the Internet. While situated
away from its home, a mobile node is also associated with a care-of
address, which provides information about the mobile node's current
location. IPv6 packets addressed to a mobile node's home address are
transparently routed to its care-of address. The protocol enables
IPv6 nodes to cache the binding of a mobile node's home address
with its care-of address, and to then send any packets destined for
the mobile node directly to it at this care-of address. To support
this operation, Mobile IPv6 defines four a new IPv6 protocol and a new
destination options,
including one that MUST be supported in packets received by any node, option. All IPv6 nodes, whether mobile or stationary.
Johnson and Perkins stationary,
MUST support communications with mobile nodes.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page i]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Contents
Status of This Memo i
Abstract i
1. Introduction 1
2. Comparison with Mobile IP for IPv4 3 2
3. Terminology 6 4
3.1. General Terms . . . . . . . . . . . . . . . . . . . . . . 6 5
3.2. Mobile IPv6 Terms . . . . . . . . . . . . . . . . . . . . 7 6
4. Overview of Mobile IPv6 8 9
4.1. New IPv6 Protocols Basic Operation . . . . . . . . . . . . . . . . . . . 8
4.2. Basic Operation . . 9
4.2. New IPv6 Protocols . . . . . . . . . . . . . . . . . . . 10 12
4.3. New IPv6 Destination Options . . . . . . . . . . . . . . 13
4.4. Alignment Requirements for New Destination Options IPv6 ICMP Messages . . . 13
4.5. Security Design . . . . . . . . . . . . . . 14
4.5. Conceptual Data Structures . . . . . . . 14
4.5.1. Security Threats . . . . . . . . 15
4.6. Binding Management . . . . . . . . 14
4.5.2. Security Features . . . . . . . . . . . 16
5. Overview of Mobile IPv6 Security 17
5.1. Threats . . . . . 15
4.5.3. Securing Tunnels to and from the Home Agents . . 17
4.5.4. Securing Binding Updates to Home Agents . . . . . 17
4.5.5. Securing Binding Updates to Correspondent Nodes . 18
4.5.6. Preventing Denial-of-Service Attacks . . . . . . 22
4.5.7. Design Rationale . . . . . . 17
5.2. Features . . . . . . . . . . 23
4.6. New IPv6 ICMP Messages . . . . . . . . . . . . . . 18
5.3. Tunnels to and from the Home Agents . . . 24
4.7. Conceptual Data Structures . . . . . . . . 20
5.4. Binding Updates to Home Agents . . . . . . . . . 25
4.8. . . . . 20
5.5. Binding Management Updates to Correspondent Nodes . . . . . . . . . 21
5.5.1. Node Keys . . . . . . . . . . 30
5. New IPv6 Destination Options and Message Types 31
5.1. Mobility Header . . . . . . . . . . 22
5.5.2. Nonces . . . . . . . . . . . 31
5.1.1. Format . . . . . . . . . . 23
5.5.3. Cookies . . . . . . . . . . . 32
5.1.2. Binding Request (BR) Message . . . . . . . . . . 33
5.1.3. Home Test Init (HoTI) Message 23
5.5.4. Cryptographic Functions . . . . . . . . . . . 34
5.1.4. Care-of Test Init (CoTI) Message . . 24
5.5.5. Return Routability Procedure . . . . . . 35
5.1.5. Home Test (HoT) Message . . . . 24
5.5.6. Applying Return Routability for Correspondent
Bindings . . . . . . . . . 36
5.1.6. Care-of Test (CoT) Message . . . . . . . . 28
5.5.7. Updating Node Keys and Nonces . . . 38
5.1.7. Binding Update (BU) Message . . . . . . . 29
5.5.8. Preventing Replay Attacks . . . . 40
5.1.8. Binding Acknowledgement (BA) Message . . . . . . 44
5.1.9. Binding Missing (BM) Message . . 30
5.5.9. Preventing Denial-of-Service Attacks . . . . . . 30
5.5.10. Correspondent Binding Procedure Extensibility . . 49
5.2. 31
6. New IPv6 Protocols, Message Types, and Destination Option 31
6.1. Mobility Header Parameters . . . . . . . . . . . . . . . 51
5.2.1. . . . . . . 31
6.1.1. Format . . . . . . . . . . . . . . . . . . . . . 51
5.2.2. Pad1 32
6.1.2. Binding Refresh Request (BRR) Message . . . . . . 33
6.1.3. Home Test Init (HoTI) Message . . . . . . . . . . 34
6.1.4. Care-of Test Init (CoTI) Message . . . . . . . . 52
5.2.3. PadN 36
6.1.5. Home Test (HoT) Message . . . . . . . . . . . . . 37
6.1.6. Care-of Test (CoT) Message . . . . . . . . . . . 52
5.2.4. Unique Identifier 39
Johnson, Perkins, Arkko Expires 1 November 2002 [Page ii]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
6.1.7. Binding Update (BU) Message . . . . . . . . . . . 41
6.1.8. Binding Acknowledgement (BA) Message . . . . . 53
5.2.5. Alternate Care-of Address . 45
6.1.9. Binding Error (BE) Message . . . . . . . . . . . 53
Johnson and Perkins Expires 22 September 2002 [Page ii]
INTERNET-DRAFT 49
6.2. Mobility Support in IPv6 22 March 2002
5.2.6. Nonce Indices Options . . . . . . . . . . . . . . . . . . 54
5.2.7. Authentication Data . . 51
6.2.1. Format . . . . . . . . . . . . . 54
5.3. Home Address Option . . . . . . . . 51
6.2.2. Pad1 . . . . . . . . . . . 55
5.4. Routing Header type 2 . . . . . . . . . . . 52
6.2.3. PadN . . . . . . . 58
5.4.1. Routing Header Packet format . . . . . . . . . . 58
5.4.2. Sending RH type 2 . . . . . 52
6.2.4. Unique Identifier . . . . . . . . . . . 59
5.4.3. Verification by receiver . . . . . 53
6.2.5. Alternate Care-of Address . . . . . . . 60
5.4.4. Extension header ordering . . . . . 53
6.2.6. Nonce Indices . . . . . . . . . 60
5.4.5. Reversing type 2 routing headers . . . . . . . . 60
5.5. Mobile IPv6 Destination Option Sub-Options . 54
6.2.7. Binding Authorization Data . . . . . . . 61
5.5.1. Pad1 . . . . 54
6.3. Home Address Destination Option . . . . . . . . . . . . . 55
6.4. Routing Header type 2 . . . . . . 62
5.5.2. PadN . . . . . . . . . . . . 58
6.4.1. Routing Header Packet format . . . . . . . . . . 62
5.6. 58
6.5. ICMP Home Agent Address Discovery Request Message . . . . 63
5.7. 59
6.6. ICMP Home Agent Address Discovery Reply Message . . . . . 64
5.8. 61
6.7. ICMP Mobile Prefix Solicitation Message Format . . . . . 66
5.9. 63
6.8. ICMP Mobile Prefix Advertisement Message Format . . . . . 68
6. 65
7. Modifications to IPv6 Neighbor Discovery 70
6.1. 67
7.1. Modified Router Advertisement Message Format . . . . . . 70
6.2. 67
7.2. Modified Prefix Information Option Format . . . . . . . . 71
6.3. 68
7.3. New Advertisement Interval Option Format . . . . . . . . 73
6.4. 70
7.4. New Home Agent Information Option Format . . . . . . . . 74
6.5. 71
7.5. Changes to Sending Router Advertisements . . . . . . . . 76
6.6. 73
7.6. Changes to Sending Router Solicitations . . . . . . . . . 77
7. 74
8. Requirements for Types of IPv6 Nodes 79
7.1. 75
8.1. Requirements for All IPv6 Hosts and Routers . . . . . . . 75
8.2. Requirements for All IPv6 Routers . . . . . . . . . . . . 79
7.2. 75
8.3. Requirements for IPv6 Home Agents . . . . . . . . . . . . 79
7.3. 76
8.4. Requirements for IPv6 Mobile Nodes . . . . . . . . . . . 80
Johnson and Perkins Expires 22 September 2002 [Page iii]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
8. 77
9. Correspondent Node Operation 82
8.1. 78
9.1. Conceptual Data Structures . . . . . . . . . . . . . . . 78
9.2. Receiving Packets from a Mobile Node . . . . . . . . . . 82
8.2. 79
9.2.1. Processing Mobility Header (MH) Messages . . . . 79
9.2.2. Receiving Binding Updates Packets with Home Address Destination
Option . . . . . . . . . . . . . . . . 82
8.3. Requests to Cache a Binding . . 80
9.3. Return Routability Procedure . . . . . . . . . . . . . 83
8.4. Requests to Delete a Binding . 80
9.3.1. Receiving HoTI Messages . . . . . . . . . . . . . 84
8.5. 81
9.3.2. Receiving CoTI Messages . . . . . . . . . . . . . 81
9.3.3. Sending Binding Acknowledgements HoT Messages . . . . . . . . . . . . 84
8.6. . . 82
9.3.4. Sending Binding Requests CoT Messages . . . . . . . . . . . . . . 82
9.4. Processing Bindings . . . . 85
8.7. . . . . . . . . . . . . . . . 82
9.4.1. Receiving Binding Updates . . . . . . . . . . . . 82
9.4.2. Requests to Cache Replacement Policy a Binding . . . . . . . . . . . 84
9.4.3. Requests to Delete a Binding . . . . . . . . . . 84
9.4.4. Sending Binding Acknowledgements . . . . . . . . 85
8.8. Receiving ICMP
9.4.5. Sending Binding Refresh Requests . . . . . . . . 86
9.4.6. Sending Binding Error Messages . . . . . . . . . 87
Johnson, Perkins, Arkko Expires 1 November 2002 [Page iii]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
9.5. Cache Replacement Policy . . . . . . . . . . . . 86
8.9. . . . . 87
9.6. Sending Packets to a Mobile Node . . . . . . . . . . . . 87
9. 88
9.7. Receiving ICMP Error Messages . . . . . . . . . . . . . . 89
10. Home Agent Operation 89
9.1. 90
10.1. Conceptual Data Structures . . . . . . . . . . . . . . . 90
10.2. Primary Care-of Address Registration . . . . . . . . . . 89
9.2. 91
10.3. Primary Care-of Address De-Registration . . . . . . . . . 92
9.3. 94
10.4. Intercepting Packets for a Mobile Node . . . . . . . . . 92
9.4. 95
10.5. Tunneling Intercepted Packets to a Mobile Node . . . . . 94
9.5. 97
10.6. Handling Reverse Tunneled Packets from a Mobile Node . . 96
9.6. 98
10.7. Protecting Return Routability Packets . . . . . . . . . . 96
9.7. Home Prefix Propagation . . . . . . . . . . . . . . . . . 96
9.8. 99
10.8. Receiving Router Advertisement Messages . . . . . . . . . 97
9.9. 99
10.9. Dynamic Home Agent Address Discovery . . . . . . . . . . 98
9.9.1. 101
10.9.1. Aggregate List of Home Network Prefixes . . . . . 100
9.9.2. 102
10.9.2. Scheduling Prefix Deliveries to the Mobile Node . 101
9.9.3. 104
10.9.3. Sending Advertisements to the Mobile Node . . . . 103
9.9.4. 106
10.9.4. Lifetimes for Changed Prefixes . . . . . . . . . 105
10. 107
11. Mobile Node Operation 105
10.1. Sending Packets While Away from Home . . 107
11.1. Conceptual Data Structures . . . . . . . . 105
10.2. Interaction with Outbound IPsec Processing . . . . . . . 107
10.3. Receiving Packets While Away from Home
11.2. Packet Processing . . . . . . . . . . 108
10.4. Movement Detection . . . . . . . . . . 110
11.2.1. Sending Packets While Away from Home . . . . . . 110
11.2.2. Interaction with Outbound IPsec Processing . . . 109
10.5. 112
11.2.3. Receiving Local Router Advertisement Messages Packets While Away from Home . . . . . 114
11.2.4. Routing Multicast Packets . 112
10.6. Forming New Care-of Addresses . . . . . . . . . . . 116
11.3. Home Agent and Prefix Management . . . 114
10.7. Sending Binding Updates to the Home Agent . . . . . . . . 115
10.8. . 116
11.3.1. Receiving Local Router Advertisement Messages . . 116
11.3.2. Dynamic Home Agent Address Discovery . . . . . . 118
11.3.3. Sending Mobile Prefix Solicitations . . . . 117
10.9. Sending Binding Updates to Correspondent Nodes . . . 119
11.3.4. Receiving Mobile Prefix Advertisements . . 118
10.10. Receiving RR Messages . . . 120
11.4. Movement . . . . . . . . . . . . . . . 121
10.11. Establishing Forwarding from a Previous Care-of Address . 122
10.12. Retransmitting Binding Updates . . . . . . . . 121
11.4.1. Movement Detection . . . . . 123
10.13. Rate Limiting for Sending Binding Updates . . . . . . . . 124
10.14. Receiving Binding Acknowledgements . . 121
11.4.2. Forming New Care-of Addresses . . . . . . . . . . 124
10.15. Receiving Binding Requests
11.4.3. Using Multiple Care-of Addresses . . . . . . . . 125
11.5. Return Routability Procedure . . . . . . . . . 125
10.16. Receiving ICMP Error Messages . . . . . 126
11.5.1. Sending Home and Care-of Test Init Messages . . . 126
11.5.2. Receiving Return Routability Messages . . . . . . 126
10.17. Receiving ICMP Error Messages
11.5.3. Retransmitting in the Return Routability Procedure 128
11.5.4. Rate Limiting for Return Routability Procedure . 128
11.6. Processing Bindings . . . . . . . . . . . . . 126
10.18. Sending Mobile Prefix Solicitations . . . . . . . . . . 128
11.6.1. Sending Binding Updates to the Home Agent . 126
10.19. Receiving Mobile Prefix Advertisements . . . 128
11.6.2. Correspondent Binding Procedure . . . . . . 127
10.20. Using Multiple Care-of Addresses . . . 130
11.6.3. Receiving Binding Acknowledgements . . . . . . . 133
11.6.4. Receiving Binding Refresh Requests . . 128
10.21. Routing Multicast Packets . . . . . 134
11.6.5. Receiving Binding Error Messages . . . . . . . . 135
11.6.6. Forwarding from a Previous Care-of Address . . . 128
10.22. 136
11.6.7. Returning Home . . . . . . . . . . . . . . . . . . . . . 129
11. Protocol Constants 131
Johnson and Perkins Expires 22 September 2002 [Page iv]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
12. Future Extensions 132
12.1. Piggybacking . . . . . . . . . 137
11.6.8. Retransmitting Binding Updates . . . . . . . . . 139
11.6.9. Rate Limiting Binding Updates . . . . 132
12.2. Triangular Routing and Unverified HAOs . . . . . . 140
11.7. Receiving ICMP Error Messages . . . 132
12.3. New Authorization Methods beyond RR . . . . . . . . . . . 132 140
Johnson, Perkins, Arkko Expires 1 November 2002 [Page iv]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
12. Protocol Constants 141
13. IANA Considerations 133 142
14. Security Considerations 134 143
14.1. Security for the Tunneling to and from the Home Agent . . 134 143
14.2. Security for the Binding Updates to the Home Agent . . . 135 144
14.3. Security for the Binding Updates to the Correspondent
Nodes . . . . . . . . . . . . . . . . . . . . . . . . 135 144
14.4. Security for the Home Address Destination Option . . . . . . . . . . 135 145
14.5. Firewall considerations . . . . . . . . . . . . . . . . . 136 145
Acknowledgements 137 146
References 138 147
A. State Machine for the Correspondent Binding Procedure 150
B. Changes from Previous Version of the Draft 140
A.1. 159
B.1. Changes from Draft Version ...-15 16 . . . . . . . . . . . . 140
A.2. . . 159
B.2. Changes from Previous Draft Version 15 . . . . . . . . . . . . . . 161
B.3. Changes from Earlier Versions of the Draft . . . . . . . 142
B. 162
C. Remote Home Address Configuration 144 164
D. Future Extensions 165
D.1. Piggybacking . . . . . . . . . . . . . . . . . . . . . . 165
D.2. Triangular Routing and Unverified Home Addresses . . . . 166
D.3. New Authorization Methods beyond Return Routability . . . 166
Chairs' Addresses 145 167
Authors' Addresses 146
Johnson and Perkins 167
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page v]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
1. Introduction
This document specifies the operation of mobile computers using
Internet Protocol Version 6 (IPv6) [6]. Without specific support
for mobility in IPv6, packets destined to a mobile node (host or
router) would not be able to reach it while the mobile node is away
from its home link (the link on which its home IPv6 subnet prefix is
in use), since routing is based on the subnet prefix in a packet's
destination IP address. In order to continue communication in spite
of its movement, a mobile node could change its IP address each time
it moves to a new link, but the mobile node would then not be able
to maintain transport and higher-layer connections when it changes
location. Mobility support in IPv6 is particularly important, as
mobile computers are likely to account for a majority or at least a
substantial fraction of the population of the Internet during the
lifetime of IPv6.
The protocol operation defined here, in this document, known as Mobile IPv6, allows
a mobile node to move from one link to another without changing the
mobile node's IP address. A mobile node is always addressable by
its "home address", an IP address assigned to the mobile node within
its home subnet prefix on its home link. Packets may be routed to
the mobile node using this address regardless of the mobile node's
current point of attachment to the Internet, and the mobile node may
continue to communicate with other nodes (stationary or mobile) after
moving to a new link. The movement of a mobile node away from its
home link is thus transparent to transport and higher-layer protocols
and applications.
The Mobile IPv6 protocol is just as suitable for mobility across
homogeneous media as for mobility across heterogeneous media. For
example, Mobile IPv6 facilitates node movement from one Ethernet
segment to another as well as it facilitates node movement from an
Ethernet segment to a wireless LAN cell, with the mobile node's IP
address remaining unchanged in spite of such movement.
One can think of the Mobile IPv6 protocol as solving the
network-layer mobility management problem. Some mobility management
applications -- for example, handover among wireless transceivers,
each of which covers only a very small geographic area -- have been
solved using link-layer techniques. For example, in many current
wireless LAN products, link-layer mobility mechanisms allow a
"handover" of a mobile node from one cell to another, reestablishing
link-layer connectivity to the node in each new location. Within
the natural limitations imposed by link-management solutions, and as
long as such handover occurs only within cells of the mobile node's
home link, such link-layer mobility mechanisms MAY offer faster
convergence and lower overhead than Mobile IPv6. Extensions to the
Mobile IPv6 protocol have been proposed to support a more local,
hierarchical form of mobility management, but such extensions are
beyond the scope of this document.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 1]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
The protocol specified in this document solves the problem of
transparently routing packets to and from mobile nodes while away
from home. However, it does not attempt to solve all general
problems related to the use of mobile computers or wireless networks.
In particular, this protocol does not attempt to solve:
- Handling links with partial reachability, or unidirectional
connectivity, such as are often found in wireless networks. Some
aspects of this problem are addressed by the movement detection
procedure described in Section 10.4, but no attempt has been made
to fully solve this problem in its general form. Most aspects of
this problem can be solved by the workaround of restricting such networks to only one router per link, although there are still
possible hidden terminal problems when two nodes on the same
link (on opposite sides of the router) attempt to communicate
directly. (but
see Section 11.4.1).
- Access control on a link being visited by a mobile node. This
is a general problem any time an unauthenticated node is allowed
to connect to any link layer. It is independent of whether the
connecting node uses
- Assistance for adaptive applications
- Mobile IP, DHCP [2], or just "borrows" an IP
address on the link.
Johnson and Perkins Expires 22 September 2002 [Page 2]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 routers
- Service Discovery
- Distinguishing between packets lost due to bit errors vs.
network congestion
2. Comparison with Mobile IP for IPv4
The design of Mobile IP support in IPv6 (Mobile IPv6) represents a
natural combination of the experiences gained from the development
of Mobile IP support in IPv4 (Mobile IPv4) [25, 24, 26], together
with the opportunities provided by the design and deployment of a new
version of IP itself (IPv6) and the new protocol features offered
by IPv6. Mobile IPv6 thus shares many features with Mobile IPv4,
but the protocol is now fully integrated into IP and provides many
improvements over Mobile IPv4. This section summarizes the major
differences between Mobile IPv4 and Mobile IPv6:
- Support for what is known in Mobile IPv4 as "Route
Optimization" [27] is now built in as a fundamental part
of the protocol, rather than being added on as an optional
set of extensions that may not be supported by all nodes
as in Mobile IPv4. This integration of Route Optimization
functionality allows direct routing from any correspondent
node to any mobile node, without needing to pass through
the mobile node's home network and be forwarded by its home
agent, and thus eliminates the problem of "triangle routing"
present in the base Mobile IPv4 protocol [25]. The Mobile IPv4
"registration" functionality and the Mobile IPv4 Route
Optimization functionality are performed by a single protocol
rather than two separate (and different) protocols.
- Support is also integrated into Mobile IPv6 -- and into IPv6
itself -- for allowing mobile nodes and Mobile IP Route Optimization to coexist efficiently
with routers that perform "ingress filtering" [7]. A mobile
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 2]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
node now uses its care-of address as the Source Address in the
IP header of packets it sends, allowing the packets to pass
normally through ingress filtering routers. The home address
of the mobile node is carried in the packet in a Home Address
destination option, allowing the use of the care-of address in
the packet to be transparent above the IP layer. The ability to
correctly process a Home Address option in a received packet is
required in all IPv6 nodes, whether mobile nor or stationary, whether
host or router.
- The use of IPv6 destination options allows all Mobile IPv6
control traffic to be piggybacked on any existing IPv6 packets,
whereas in Mobile IPv4 and its Route Optimization extensions,
separate UDP packets were required for each control message.
- The use of the care-of address as the Source Address in each
packet's IP header also simplifies routing of multicast packets
sent by a mobile node. With Mobile IPv4, the mobile node
had to tunnel multicast packets to its home agent in order to
transparently use its home address as the source of the multicast
packets. With Mobile IPv6, the use of the Home Address option
allows the home address to be used but still be compatible with
Johnson and Perkins Expires 22 September 2002 [Page 3]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
multicast routing that is based in part on the packet's Source
Address.
- There is no longer any need to deploy special routers as
"foreign agents" as are used in Mobile IPv4. In Mobile IPv6,
mobile nodes make use of IPv6 features, such as Neighbor
Discovery [20] and Address Autoconfiguration [35], [33], to operate in
any location away from home without any special support required
from its the local router.
- The movement detection mechanism in Mobile IPv6 provides
bidirectional confirmation of a mobile node's ability to
communicate with its default router in its current location
(packets that the router sends are reaching the mobile node, and
packets that the mobile node sends are reaching the router).
This confirmation provides a detection of the "black hole"
situation that may exist in some wireless environments where the
link to the router does not work equally well in both directions,
such as when the mobile node has moved out of good wireless
transmission range from the router. The mobile node may then
attempt to find a new router and begin using a new care-of
address if its link to its current router is not working well.
In contrast, in Mobile IPv4, only the forward direction (packets
from the router are reaching the mobile node) is confirmed,
allowing the black hole condition to persist.
- Most packets sent to a mobile node while away from home in
Mobile IPv6 are sent using an IPv6 Routing header rather than IP
encapsulation, whereas Mobile IPv4 must use encapsulation for all
packets. The use of a Routing header requires less additional
header bytes to be added to the packet, reducing the overhead
of Mobile IP packet delivery. To avoid modifying the packet in
flight, however, packets intercepted and tunneled by a mobile
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 3]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
node's home agent in Mobile IPv6 must still use encapsulation for
delivery to the mobile node.
- While a mobile node is away from home, its home agent intercepts
any packets for the mobile node that arrive at the home network,
using IPv6 Neighbor Discovery [20] rather than ARP [29] as is
used in Mobile IPv4. The use of Neighbor Discovery improves
the robustness of the protocol (e.g., due to the Neighbor
Advertisement "override" bit) and simplifies implementation
of decouples Mobile IP due to the ability to not be concerned with from any
particular link layer as is required layer, unlike in ARP.
- The use of IPv6 encapsulation (and the Routing header) removes
the need in Mobile IPv6 to manage "tunnel soft state", which was
required in Mobile IPv4 due to limitations in ICMP for IPv4. Due
to the definition of ICMP for IPv6, the use of tunnel soft state
is no longer required in IPv6 for correctly relaying ICMP error
Johnson and Perkins Expires 22 September 2002 [Page 4]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
messages from within the tunnel back to the original sender of
the packet.
- The dynamic home agent address discovery mechanism in Mobile IPv6
uses IPv6 anycast [11] and returns a single reply to the mobile
node, rather than the corresponding Mobile IPv4 mechanism that
used
uses IPv4 directed broadcast and returned returns a separate reply from
each home agent on the mobile node's home link. The Mobile IPv6
mechanism is more efficient and more reliable, since only one
packet need has to be sent back to the mobile node. The mobile node is
less likely to lose one of the replies because no "implosion" of
replies is required by the protocol.
- Mobile IPv6 defines an Advertisement Interval option on for
Router Advertisements (equivalent to Agent Advertisements in
Mobile IPv4), allowing a mobile node to decide for itself how
many Router Advertisements (Agent Advertisements) it is willing
to miss before declaring its current router unreachable.
Johnson
- The return routability procedure (see section 5.5) provides a
way to verify the that a mobile node is reachable at its claimed
home address and Perkins Expires 22 September 2002 [Page 5]
INTERNET-DRAFT Mobility Support at its claimed care-of address. This allows
correspondent nodes to verify the authority of the Binding
Updates sent to it. Given that the return routability procedure
is light-weight and does not require participation in IPv6 22 March 2002 a security
infrastructure, it is expected that Route Optimization can
be deployed on a global scale between all mobile nodes and
correspondent nodes.
3. Terminology
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [3].
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 4]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
3.1. General Terms
IP
Internet Protocol Version 6 (IPv6).
node
A device that implements IP.
router
A node that forwards IP packets not explicitly addressed to
itself.
host
Any node that is not a router.
link
A communication facility or medium over which nodes can
communicate at the link layer, such as an Ethernet (simple or
bridged). A link is the layer immediately below IP.
interface
A node's attachment to a link.
subnet prefix
A bit string that consists of some number of initial bits of an
IP address.
interface identifier
A number used to identify a node's interface on a link. The
interface identifier is the remaining low-order bits in the
node's IP address after the subnet prefix.
link-layer address
A link-layer identifier for an interface, such as IEEE 802
addresses on Ethernet links.
packet
An IP header plus payload.
Security Association
a
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 5]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
security association
A security object shared between two nodes which includes the
data mutually agreed on for operation of some cryptographic
algorithm (typically including a key, as defined above).
Security Policy Database (SPD) key).
security policy database
A database of rules that describe what security associations selectable
should be applied for different kinds of packets.
destination option
Destination options are carried by
rulesets (policies) that determine the packets for
which each security association is to be applied.
Johnson and Perkins Expires 22 September 2002 [Page 6]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 Destination Options
extension header. Mobile IPv6 defines one new destination
option, the Home Address destination option.
3.2. Mobile IPv6 Terms
home address
An IP address assigned to a mobile node node, used as the permanent
address of the mobile node. This address is within the mobile
node's home link. Standard IP routing mechanisms will deliver
packets destined for a mobile node's home address to its home
link.
home subnet prefix
The IP subnet prefix corresponding to a mobile node's home
address.
home link
The link on which a mobile node's home subnet prefix is
defined. Standard IP routing mechanisms will
deliver packets destined for a mobile node's home
address to its home link.
mobile node
A node that can change its point of attachment from one link to
another, while still being reachable via its home address.
movement
A change in a mobile node's point of attachment to the Internet
such that it is no longer connected to the same link as it was
previously. If a mobile node is not currently attached to its
home link, the mobile node is said to be "away from home".
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 6]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
correspondent node
A peer node with which a mobile node is communicating. The
correspondent node may be either mobile or stationary.
foreign subnet prefix
Any IP subnet prefix other than the mobile node's home subnet
prefix.
foreign link
Any link other than the mobile node's home link.
home agent A router on a mobile node's home link with which
the mobile node has registered its current care-of
address. While the mobile node is away from home,
the home agent intercepts packets on the home
link destined to the mobile node's home address,
encapsulates them, and tunnels them to the mobile
node's registered care-of address.
care-of address
An IP address associated with a mobile node while visiting a
foreign link; the subnet prefix of this IP address is a foreign
subnet prefix. Among the multiple care-of addresses that a
mobile node may have at a any given time (e.g., with different
subnet prefixes), the one registered with the mobile node's
home agent is called its "primary" care-of address.
Johnson
home agent
A router on a mobile node's home link with which the mobile
node has registered its current care-of address. While the
mobile node is away from home, the home agent intercepts
packets on the home link destined to the mobile node's home
address, encapsulates them, and Perkins Expires 22 September 2002 [Page 7]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 tunnels them to the mobile
node's registered care-of address.
binding
The association of the home address of a mobile node with a
care-of address for that mobile node, along with the remaining
lifetime of that association.
Binding Key
a key used for authenticating Binding Update
messages.
Binding Security Association (BSA)
binding procedure
A binding procedure is initiated by the mobile node to inform
either a security association established specifically
for correspondent node or the purpose mobile node's home agent of producing and verifying
authentication data passed with a Binding Update
destination option.
4. Overview
the current binding of Mobile IPv6
4.1. New IPv6 Protocols
As mentioned in Section 4.2, Mobile IPv6 defines a new IPv6 protocol, the Mobility Header. This protocol is used mobile node.
binding authorization
Binding procedure needs to carry be authorized to allow the following
messages:
Home Test Init
The Home Test Init message is used recipient
to initiate believe that the Return
Routability sender has the right to specify a new
binding.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 7]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
return routability procedure from
The return routability procedure authorizes binding procedures
by the use of a cryptographic cookie exchange.
correspondent binding procedure
A return routability procedure followed by a binding procedure,
run between the mobile node to and a correspondent node. This
home binding procedure ensures that subsequence Binding Updates
are properly
A binding procedure between the mobile node and its home agent,
authorized to redirect by the traffic use of a particular
home address. The Home Test Init message is described in
detail in Section 5.1.3.
Care-of Test Init
The Care-of Test Init message is also IPsec.
nonce
Nonces are random numbers used internally by the correspondent
node in the creation of cookies related to initiate the
Return Routability procedure, for a particular care-of address. return
routability procedure. The Care-of Test Init message is described nonces are not specific to a mobile
node, and are kept secret within the correspondent node, only
used as one input in detail the creation of the cookies.
cookie
Cookies are numbers that are used by mobile nodes in
Section 5.1.4.
Home Test
The Home Test message carries a the return
routability procedure.
care-of cookie which
A cookie sent directly to the mobile node
needs before it can properly authorize itself for sending a
Binding Update. This message is an answer node's claimed care-of
address from the correspondent node.
home cookie
A cookie sent to the Home Test
Init message, mobile node's claimed home address from
the correspondent node.
mobile cookie
A cookie sent to the correspondent node from the mobile node,
and is described in detail later returned to the mobile node. Mobile cookies are
produced randomly.
nonce index
The mobile node uses a particular set of cookies in Section 5.1.5.
Care-of Test the return
routability procedure. The Care-of Test message carries cookies have been produced using a cookie
particular set of nonces. A nonce index is used to indicate
which nonces have been used, without revealing the mobile node
needs before it can properly authorize itself for sending a
Johnson and Perkins nonces
themselves.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 8]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Binding Update. This message is an answer to
binding key
a key used for authenticating binding cache management
messages.
binding security association
a security association established specifically for the Care-of Test
Init message, purpose
of producing and is described in detail in Section 5.1.6. verifying authentication data passed with a
Binding Update Authorization Data option.
4. Overview of Mobile IPv6
4.1. Basic Operation
A Binding Update message mobile node is used by always addressable at its home address, whether it
is currently attached to its home link or is away from home. While
a mobile node is at home, packets addressed to notify
a correspondent its home address are
routed to it using conventional Internet routing mechanisms in the
same way as if the node or were stationary. Since the subnet prefix of
a mobile node's home agent address is one of the subnet prefixes of its
current binding. The Binding Update sent to the
mobile node's home agent to register its primary care-of address is marked as
a "home registration". A home registration MUST be protected
with IPsec, while other Binding Updates MUST be protected with
an authenticator as described in Section 4.5. The Binding
Update message and its specific authentication requirements are
described in detail in Section 5.1.7.
Binding Acknowledgement
A Binding Acknowledgement message is used to acknowledge
receipt of a Binding Update, if an acknowledgement was
requested in the Binding Update. An acknowledgement of a home
registration MUST be protected with IPsec, while other Binding
Update acknowledgements MUST be protected with an authenticator
as described in Section 4.5. The Binding Acknowledgement
message and its specific authentication requirements are
described in detail in Section 5.1.8.
Binding Request
A Binding Request message is used to request a mobile node
to send to the requesting node a Binding Update containing
the mobile node's current binding. This message is typically
used by a correspondent node to refresh a cached binding for a
mobile node, when the cached binding is in active use but the
binding's lifetime is close to expiration. No authentication
is required for the Binding Request message. The Binding
Request message is described in detail in Section 5.1.2.
Binding Missing
The Binding Missing message is used by the correspondent node
to signal an inappropriate attempt to use the Home Address
Option without an existing binding. This message is described
in detail in Section 5.1.9.
Mobile IPv6 also defines a number of "parameters" for use within
these messages; if included, any parameters MUST appear after the
fixed portion of the option data specified in this document. The
presence of such parameters will be indicated by the Header Len
field within the message. When the Header Len is greater than the
length required for the message specified here, the remaining octets
Johnson and Perkins Expires 22 September 2002 [Page 9]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
are interpreted as parameters. The encoding and format of defined
parameters are described in Section 5.2.
Alignment requirements for the Mobility Header are same as for any
IPv6 protocol, i.e. they MUST be aligned on an 8-octet boundary.
We also require that the Mobility Header length is a multiple of 8
octets.
4.2. Basic Operation
A mobile node is always addressable by its home address, whether it
is currently attached to its home link or is away from home. While
a mobile node is at home, packets addressed to its home address are
routed to it using conventional Internet routing mechanisms in the
same way as if the node were never mobile. Since the subnet prefix
of a mobile node's home address is the subnet prefix (or one of the
subnet prefixes) on the mobile node's home link (it is the mobile
node's home subnet prefix), packets addressed to it will be routed link, packets addressed to the mobile node will be
routed to its home link.
While a mobile node is attached to some foreign link away from home,
it is also addressable by at one or more care-of addresses, in addition
to its home address. A care-of address is an IP address associated
with a mobile node while visiting a particular foreign link. The
subnet prefix of a mobile node's care-of address is the subnet prefix
(or one of the subnet prefixes)
prefixes on the foreign link being visited by the mobile node; if
the mobile node is connected to this foreign link while using that
care-of address, packets addressed to this care-of address will be
routed to the mobile node in its location away from home.
The association between a mobile node's home address and care-of
address is known as a "binding" for the mobile node. A mobile node
typically acquires its care-of address through stateless [35] [33] or
stateful (e.g., DHCPv6 [2]) Address Autoconfiguration, according
to the methods of IPv6 Neighbor Discovery [20]. Other methods
of acquiring a care-of address are also possible, such as static
pre-assignment by the owner or manager of a particular foreign
link, but details of such other methods are beyond the scope of
this document. The operation of the mobile node is specified in
Section 11.
While away from home, a mobile node registers one of its care-of
addresses with a router on its home link, requesting this router to
function as the "home agent" for the mobile node. This The mobile node
performs this binding registration is done by the mobile node sending to the home agent
a packet containing a "Binding Update" destination option;
message to the home agent; the home agent then replies to the mobile
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 9]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
node by returning a packet
containing a "Binding Acknowledgement" destination option. message. The care-of
address in associated with this binding registered with its home agent registration is known as the
mobile node's "primary care-of address". The mobile
Johnson and Perkins Expires 22 September 2002 [Page 10]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 node's home
agent thereafter uses proxy Neighbor Discovery to intercept any
IPv6 packets addressed to the mobile node's home address (or home
addresses) on the home link, and tunnels each intercepted packet
to the mobile node's primary care-of address. To tunnel each
intercepted packet, the home agent encapsulates the packet using IPv6
encapsulation [4], with the outer IPv6 header addressed to the mobile
node's primary care-of address.
When The operation of the home agent is
specified in Section 10.
The Binding Update and Binding Acknowledgement messages, together
with a mobile node moves from one care-of address "Binding Refresh Request" message, are also used to allow IPv6
nodes communicating with a new care-of
address on a new link, it is desirable for packets arriving at the
previous care-of address to be tunneled to mobile node are capable of dynamically
learning and caching the mobile node's care-of
address. Since binding. This happens
through the purpose of correspondent binding procedure which involves a Binding Update is return
routability test in order to establish
exactly this kind authorize the establishment of tunneling, it is the
binding, as specified in Sections 5.5.5 and 5.5.6. When sending a
packet to be used (at
least temporarily) any IPv6 destination, a node checks its cached bindings
for tunnels originating at the mobile node's
previous care-of address, in exactly the same way that it is used an entry for establishing tunnels from the mobile node's home address to the
mobile node's current care-of packet's destination address. Section 10.11 describes the
use of the Binding Update If a cached
binding for this purpose.
Section 10.20 discusses destination address is found, the reasons why it may be desirable for
a mobile node uses a new
type of IPv6 Routing header [6] (see section 6.4) to route the packet
to use more than one care-of address at the same
time. However, a mobile node's primary node by way of the care-of address is distinct
among these indicated in that this
binding. If, instead, the home agent maintains only a single care-of
address registered sending node has no cached binding for each mobile node,
this destination address, the node sends the packet normally (with
no Routing header), and always tunnels a mobile
node's packets the packet is subsequently intercepted from its home link to this and
tunneled by the mobile node's
registered primary care-of address. The home agent thus need not
implement any policy as described above. Any
node communicating with a mobile node is referred to determine in this document
as a "correspondent node" of the particular care-of address to
which it will tunnel each intercepted packet. The mobile node, and may itself be
either a stationary node alone
controls the policy by which it selects or a mobile node. The operation of the care-of addresses to
register with its home agent.
It
correspondent node is possible that while specified in Section 9.
Mobile IPv6 also defines one additional IPv6 destination option.
When a mobile node is sends a packet while away from home, some nodes
on its home link may be reconfigured, such that the router that was
operating as it could
generally use a tunnel via the mobile node's home agent is replaced by to send this packet.
However, if the correspondent node in question has a different
router serving binding for this role.
mobile node it can use deliver packets more directly. In this case, case
the mobile node may not
know can the IP address of its own home agent. Mobile Source Address in the packet's IPv6 provides a
mechanism, known as "dynamic home agent address discovery", that
allows a mobile node header to dynamically discover the IP address of a
home agent on its home link with which it may register its (primary)
care-of address while away from home. The mobile node sends an ICMP
"Home Agent Address Discovery Request" message to the "Mobile IPv6
Home-Agents" anycast address for its own home subnet prefix [11] and
thus reaches one of the (possibly many) routers on its home link
currently operating as a home agent. This home agent then returns an
ICMP "Home Agent Address Discovery Reply" message to the mobile node,
including a list of home agents on the home link. This list of home
agents is maintained by each home agent on the home link through use
of the Home Agent (H) bit in each home agent's periodic unsolicited
multicast Router Advertisements.
Johnson and Perkins Expires 22 September 2002 [Page 11]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
The Binding Update and Binding Acknowledgement destination options,
together with a "Binding Request" destination option, are also used
to allow IPv6 nodes communicating with a mobile node, to dynamically
learn and cache the mobile node's binding. When sending a packet
to any IPv6 destination, a node checks its cached bindings for an
entry for the packet's destination address. If a cached binding for
this destination address is found, the node uses an IPv6 Routing
header [6] (instead of IPv6 encapsulation) to route the packet to
the mobile node by way of the care-of address indicated in this
binding. If, instead, the sending node has no cached binding for
this destination address, the node sends the packet normally (with
no Routing header), and the packet is subsequently intercepted and
tunneled by the mobile node's home agent as described above. Any
node communicating with a mobile node is referred to in this document
as a "correspondent node" of the mobile node, and may itself be
either a stationary node or a mobile node.
Since a Binding Update, Binding Acknowledgement, and Binding Request
are each represented in a packet as an IPv6 destination option [6],
they may be included in any IPv6 packet. Any of these options can be
sent in either of two ways:
- the messages can be included within any IPv6 packet carrying any
payload such as TCP [31] or UDP [30].
- the messages can be sent as a separate IPv6 packet containing
no payload. In this case, the Next Header field in the last
extension header in the packet is set to the value 59, to
indicate "No Next Header" [6].
Mobile IPv6 also defines one additional IPv6 destination option.
When a mobile node sends a packet while away from home, it will
generally set the Source Address in the packet's IPv6 header to one
one of its current care-of addresses, and will also include a "Home Address"
destination option in the packet, giving the mobile node's home
address. Many routers implement security policies such as "ingress
filtering" [7] that do not allow forwarding of packets
that have having a
Source Address which that appears topologically incorrect. By using the
care-of address as the IPv6 header Source Address, the packet will
be able to pass normally through such routers,
yet and ingress filtering
rules will still be able to locate the true topological source of
the packet in the same way as packets from non-mobile nodes. By
also including the Home Address destination option in each packet,
the sending mobile node can communicate its home address to the
correspondent node receiving this packet, allowing the use of the
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 10]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
care-of address to be transparent above the Mobile IPv6 support level
(e.g., at the transport layer). The inclusion of a Home Address
destination option in a packet affects only the correspondent node's
receipt of this single packet; no state is created or modified in
the correspondent node as a result of receiving a Home Address
destination option in a packet.
Johnson and Perkins Expires 22 September 2002 [Page 12]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
4.3. New IPv6 Destination Options
As mentioned in Section 4.2, the following new IPv6 destination
option is defined for Mobile IPv6:
Home Address
A Home Address option
It is used in a packet sent by possible that while a mobile node to inform is away from home, some nodes
on its home link may be reconfigured, such that the recipient of router that packet of was
operating as the mobile node's home address. For packets sent agent is replaced by a different
router serving this role. In this case, the mobile node may not
know the IP address of its own home agent. Mobile IPv6 provides a
mechanism, known as "dynamic home agent address discovery", that
allows a mobile node to dynamically discover the IP address of a
home agent on its home link with which it may register its (primary)
care-of address while away from home, the home. The mobile node generally uses sends an ICMP
"Home Agent Address Discovery Request" message to the "Mobile IPv6
Home-Agents" anycast address for its own home subnet prefix [11] and
thus reaches one of the routers on its
care-of addresses home link currently operating
as the Source a home agent. This home agent then returns an ICMP "Home Agent
Address in Discovery Reply" message to the packet's IPv6
header. By mobile node, including a Home Address option in the packet, the
correspondent node receiving list
of home agents on the packet home link. This procedure is able to substitute
the specified in
Sections 10.9 and 11.3.2.
When a mobile node's home node moves from one care-of address for this to a new care-of
address when
processing the packet, thus making the use of on a new link, it is desirable for packets arriving at
the previous care-of address transparent to be tunneled to the correspondent node. If mobile node's
new care-of address. Since the IP
header purpose of a packet carrying a Home Address option Binding Update is covered
by authentication, then the Home Address option MUST also be
covered by
to establish exactly this authentication, but no other authentication
is required kind of tunneling, it can be used (at
least temporarily) for tunnels originating at the Home Address option. See sections 10.2
and 5.3 for additional details about requirements mobile node's
previous care-of address, in exactly the same way that it is used
for establishing tunnels from the
calculation and verification of mobile node's home address to the authentication data. The
Home Address option is described in detail in
mobile node's current care-of address. Section 5.3.
Mobile IPv6 also defines a number of "sub-options" for use within
destination options. If included, any sub-options MUST appear after 11.6.6 describes the fixed portion
use of the option data specified in Binding Update for this document. The
presence of such sub-options will be indicated by the Option Length
field within the option. When the Option Length is greater than purpose.
Section 11.4.3 discusses the
length required reasons why it may be desirable for a
mobile node to use more than one care-of address at the option specified here, the remaining octets
are interpreted as sub-options. The encoding and format of defined
sub-options are described in Section 5.5.
4.4. Alignment Requirements for New Destination Options
IPv6 requires that options appearing in same time.
However, a Hop-by-Hop Options
header or Destination Options header be aligned mobile node's primary care-of address is distinct among
these in a packet so that
multi-octet values within the Option Data field of each option fall
on natural boundaries (i.e., fields of width n octets are placed
at an integer multiple of n octets from the start of the header, home agent maintains only a single care-of address
registered for n = 1, 2, 4, or 8) [6]. Mobile IPv6 sub-options have similar
alignment requirements, so that multi-octet values within the
Sub-Option Data field of each sub-option fall on natural boundaries.
The alignment requirement of an option or sub-option is specified in home address belonging to a mobile node, and
always tunnels packets sent to a mobile node's home address and
intercepted from its home link to this document using the standard notation used elsewhere for IPv6
alignment requirements [6]. Specifically, the notation xn+y means
that mobile node's registered
primary care-of address. The home agent thus need not implement any
policy to determine the Option Type or Sub-Option Type field must fall at an integer
multiple of x octets from particular care-of address to which it will
tunnel each intercepted packet. The mobile node alone controls the start of
policy by which it selects the header, plus y octets.
For example:
Johnson and Perkins care-of addresses to register with its
home agent.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 13] 11]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
2n means any 2-octet offset from the start of the header.
8n+2 means any 8-octet offset from
4.2. New IPv6 Protocols
Mobile IPv6 defines a new IPv6 protocol, using the start of Mobility Header
(see Section 6.1). This Header is used to carry the header,
plus 2 octets.
4.5. Security Design
4.5.1. Security Threats following
messages:
Home Test Init
The MIPv6 protocol needs Home Test Init message is used to protect itself against initiate the following main
threats:
1. Threats against return
routability procedure from the mobile node to a correspondent
node. This procedure ensures that subsequent Binding Updates sent
are properly authorized to redirect the traffic of a particular
home agents: address. The Home Test Init message is described in
detail in Section 6.1.3.
Care-of Test Init
The Care-of Test Init message is used to initiate the
correspondent routability procedure, for a attacker
might claim that particular care-of
address. The Care-of Test Init message is described in detail
in Section 6.1.4.
Home Test
The Home Test message carries a certain cookie which the mobile node is currently at a
different location than
needs before it really is. If the home agent accepts
the information can properly authorize itself for sending a
Binding Update. This message is sent in reply to it as is, the Home Test
Init message, and is described in detail in Section 6.1.5.
Care-of Test
The Care-of Test message carries another cookie which the
mobile node might not get
traffic destined needs before it can properly authorize itself for
sending a Binding Update. This message is sent in reply to it,
the Care-of Test Init message, and other nodes might get traffic they
didn't want.
2. Threats against route optimization with correspondent nodes:
A malicious mobile node might lie about its home address. is described in detail in
Section 6.1.6.
Binding Update
A
malicious Binding Update message is used by a mobile node might send to notify
a correspondent node binding
updates in which or the mobile node's home address is set to the address agent of
another node, the victim. If the correspondent node accepted
this forged binding update, then communications between the
correspondent node and the victim would be disrupted, because
packets that the correspondent node intended to send to the
victim would be its
current binding. The Binding Update sent to the wrong mobile node's
home agent to register its primary care-of address. This address is a
threat to confidentiality marked
as well as availability, because an
attacker might redirect packets meant for another node to itself a "home registration". The Binding Update message and its
specific authentication requirements are described in order detail in
Section 6.1.7.
Binding Acknowledgement
A Binding Acknowledgement message is used to learn the content acknowledge
receipt of those packets.
A malicious mobile node might lie about a Binding Update, if an acknowledgement was
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 12]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
requested in the Binding Update. The Binding Acknowledgement
message and its care-of address. specific authentication requirements are
described in detail in Section 6.1.8.
Binding Refresh Request
A
malicious Binding Refresh Request message is used to request that
a mobile node might send a correspondent node binding
updates in which the care-of address is set to the address of
a victim requesting node or an address within a victim network. If Binding Update
containing the mobile node's current binding. This message
is typically used by a correspondent node accepted this forged to refresh a cached
binding update, then the
malicious for a mobile could trick node, when the correspondent into sending data cached binding is in active
use but the binding's lifetime is close to expiration. The
Binding Refresh Request message is described in detail in
Section 6.1.2.
No authentication is required for the victim Binding Refresh Request
message.
Binding Error
The Binding Error message is used by the correspondent node or to
signal an error related to mobility, such as an inappropriate
attempt to use the victim network; Home Address destination option without
an existing binding. This message is described in detail in
Section 6.1.9.
4.3. New IPv6 Destination Options
Mobile IPv6 defines a new IPv6 destination option, the correspondent's
replies to messages Home Address
destination option. This option is used in a packet sent by the malicious a mobile will be sent
node to inform the victim host or network. This could be used to cause a
distributed denial recipient of that packet of service attack; the malicious mobile could
trick node's home
address. For packets sent by a large number mobile node while away from home,
the mobile node generally uses one of servers so that they all send its care-of addresses as the
Source Address in the packet's IPv6 header. By including a large
amount of data to Home
Address option in the same victim packet, the correspondent node or network. Several
variations of receiving the
packet is able to substitute the mobile node's home address for this threat are described elsewhere [1][33].
A malicious node might also send a large number
care-of address when processing the packet, thus making the use of invalid
binding updates
the care-of address transparent to a victim the correspondent node. node above the
Mobile IPv6 support level. If each invalid
binding update took a significant amount the IP header of resources (such as
CPU) to process before it could be recognized as invalid, a packet carrying
a Home Address option is covered by authentication, then it
Johnson the Home
Address option MUST also be covered by this authentication, but no
other authentication is required for the Home Address option. See
Sections 6.3 and Perkins 11.2.2 for additional details about requirements
for the calculation and verification of the authentication data.
The Home Address destination option is described in detail in
Section 6.3.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 14] 13]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
might be possible to cause a denial of service attack by sending
4.4. New IPv6 ICMP Messages
Mobile IPv6 also introduces four new ICMP message types, two for use
in the correspondent so may invalid binding updates that it has no
resources left dynamic home agent address discovery mechanism, and two for other tasks.
An attacker might also replay an old binding update. An attacker
might attempt to disrupt a
renumbering and mobile node's communications configuration mechanisms. As discussed in
general in Section 4.1, the following two new ICMP message types are
used for home agent address discovery:
Home Agent Address Discovery Request
The ICMP Home Agent Address Discovery Request message is used
by
replaying a binding update that the mobile node had sent earlier. If to initiate the old binding update was accepted, packets destined for dynamic home agent address
discovery mechanism. When attempting a home registration, the
mobile node would be sent may use this mechanism to discover the address of
one or more routers currently operating as home agents on its old location and not its current
location.
3. Threats where MIPv6 correspondent node functionality
home link, with which it may register while away from home.
The Home Agent Address Discovery Request message is used
to launch reflection attacks against other parties [34] [23]. described
in detail in Section 6.5.
Home Agent Address Discovery Reply
The ICMP Home Agent Address Option can be Discovery Reply message is used by
a home agent to respond to direct response traffic
against a mobile node whose IP address appears in using the option, without dynamic home
agent address discovery mechanism. When a home agent receives
a Home Agent Address Discovery Request message, it replies with
a Home Agent Address Discovery Reply message, giving a possibility for ingress filtering to catch the forged
"return address".
4. Threats where list
of the tunnels between routers on the mobile node and the node's home
agent link serving as home
agents. The Home Agent Address Discovery Reply message is
described in detail in Section 6.6.
The next two message types are attacked to make it appear like used for network renumbering
and address configuration on the mobile node is
sending traffic while it is not.
5. Threats where IPv6 Routing Header -- which is employed node, as described in
MIPv6 --
Section 10.9.1:
Mobile Prefix Solicitation
The ICMP Mobile Prefix Solicitation message is used by a mobile
node to circumvent IP-address based rules request prefix information about the home subnet, in
firewalls
order to retrieve prefixes that are served by home agents and
can be used to configure one or more home addresses, or to reflect traffic from other nodes. The generality
of the Routing Header allows
refresh home addresses before the kind expiration of usage that opens
vulnerabilities, even if the usage that MIPv6 needs their validity.
This message is safe.
6. The security mechanisms of MIPv6 may also be attacked themselves,
e.g. specified in order Section 6.7.
Mobile Prefix Advertisement
The ICMP Mobile Prefix Advertisement is used by a home agent
to force the participants distribute information to execute expensive
cryptographic operations or allocate memory for the purpose of
keeping state.
Most of a mobile node about prefixes on
the above threats home link which are concerned with denial of service. Some
of the threats also open up possibilities available for man-in-the-middle,
hijacking, and impersonation attacks.
4.5.2. Security Features use by the mobile node
while away from home. This specification provides message may be sent as a number of security features. The main
features are:
- Protection of Binding Updates response
to home agents.
- Protection of Binding Updates a Mobile Prefix Solicitation, or due to correspondent nodes.
- Protection against reflection attacks through the Home Address
Option.
- Protection of tunnels between the mobile node and the home agent.
Johnson and Perkins network renumbering
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 15] 14]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
- Preventing Routing Header vulnerabilities.
- Preventing Denial-of-Service attacks to
or other prefix changes. This message is specified in Section
Section 10.9.3.
4.5. Conceptual Data Structures
This document describes the MIPv6 security
mechanisms themselves.
Protecting Mobile IPv6 protocol in terms of the
following three conceptual data structures:
Binding Updates to home agents and to correspondent
nodes require very different security solutions due to the different
situations. Mobile nodes and home agents know Cache
A cache, maintained by each other, and can
thus have a strong security association to reliably authenticate
the exchanged messages. In this environment, IPsec Encapsulating
Security Payload (ESP) can be used to implement the necessary
security features. See Section 4.5.5.
The protection IPv6 node, of bindings for other
nodes. A separate Binding Updates to correspondents Cache is a much harder
problem maintained by each IPv6
node for the traditional strong authentication approach. It is
expected that MIPv6 will be used on a global basis between nodes
belonging under different administrative domains, hence building
an authentication infrastructure to authenticate mobile nodes
and correspondent nodes would be each of its IPv6 addresses. When sending a very demanding task. Thus, an
infrastructureless approach packet,
the Binding Cache is necessary. Furthermore, making a
traditional authentication infrastructure keep track searched before the Neighbor Discovery
conceptual Destination Cache [20].
The Binding Cache for any one of correct
IP a node's IPv6 addresses may
contain at most one entry for each mobile node home address.
The contents of all hosts is of a node's Binding Cache entries are
cleared when it reboots.
Binding Cache entries are marked either impossible as "home registration"
entries or "correspondent registration" entries. Home
registration entries are deleted when its binding lifetime
expires, while other entries may be replaced at least very
hard. That is, it isn't sufficient to authenticate mobile nodes,
authorization to claim right to use an address is needed. any time
through a local cache replacement policy.
Binding Update List
A different approach is therefore necessary. The chosen method
verifies that the list, maintained by each mobile node is ``live'' (that is, it responds to
probes) at its home and care-of addresses node, recording information
for each Binding Update sent by performing a cookie
exchange with this mobile node, for which the addresses, and by requiring
Lifetime sent in that the eventual
binding update is cryptographically bound to the Binding Update has not yet expired. The
Binding Update List includes all bindings sent cookies.
Some additional protection is provided by requiring the cookies be
protected by ESP when forwarded by the Home Agent mobile
node: those to correspondent nodes, those to the mobile node.
This method limits the vulnerabilities to node's
home agent, and those attackers who are to a home agent on the path between link on which the
mobile node's previous care-of address is located.
Home Agent Agents List
A list, maintained by each home agent and the correspondent node. As
adversaries on this path would be able to cause also other types of
attacks, this is seen as sufficient base security between each mobile and
correspondent nodes.
Vulnerabilities relating to the use of correspondent nodes as
reflectors via node,
recording information about each home agent from which this
node has received recent a Router Advertisement in which the
Home Address Option can be solved as follows. We
ensure that the mobile node Agent (H) bit is authorized to use a given set. The home address
before HAO can be used. Such authorization agents list is already performed in
the context of Route Optimization, and therefore this specification
limits the use of the HAO thus
similar to the situation where the correspondent
node already has Default Router List conceptual data structure
maintained by each host for Neighbor Discovery [20].
Each home agent maintains a binding cache entry separate Home Agents List for the given each
link on which it is serving as a home address.
Tunnels between the mobile node and the agent; this list is used
by a home agent can be
protected by ensuring proper use of source addresses, and optional
cryptographic protection. These procedures are discussed in
Section 4.5.3.
Johnson and Perkins the dynamic home agent address discovery
mechanism. Each mobile node, while away from home, also
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 16] 15]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Vulnerabilities related
maintains a Home Agents List, to the Routing Header can be prevented by
using enable it to notify a MIPv6 specific type of home
agent on its previous link when it moves to a Routing Header. This type provides
the necessary functionality but does not open vulnerabilities.
Denial-of-Service threats against MIPv6 security mechanisms
themselves concern mainly the new link.
4.6. Binding Update procedures with
correspondent nodes. The protocol has been designed Management
When a mobile node configures a new care-of address and decides to limit the
effects of such attacks,
use this new address as will be described in Section 4.5.6.
4.5.3. Securing Tunnels to and from the Home Agents
Tunnels between its primary care-of address, the mobile
node and the registers this new binding with its home agent need protection
so that it isn't possible for anyone to send traffic through by sending
the home agent, pose as the agent a Binding Update. The mobile node, and escape detection through
traditional tracing mechanisms.
If node indicates
that an acknowledgement is needed for this Binding Updates sent to the home agents are secure, Update and the
continues to periodically retransmit it until acknowledged. The
home agent verifies acknowledges the outer IP address corresponds Binding Update by returning a Binding
Acknowledgement to the current
location of the mobile node, this prevents attacks against the tunnel node.
When a mobile node receives a packet tunneled to it from other IP addresses. This prevents attacks where its home
agent, the attacker
is controlled by ingress filtering, as well mobile node uses that as attacks where the
attacker does not know an indication that the current care-of address of original
sending correspondent node has no Binding Cache entry for the mobile
node. Attackers who know
node, since the care-of address are not controlled by
ingress filtering could still send traffic through correspondent node would otherwise have sent the home agent,
but they could also send spoofed packets without
packet directly to the mobile node using a tunnel.
Encapsulating Routing header. The
mobile node SHOULD then start a correspondent binding procedure in
order to establish a binding. This would allow the tunneled traffic inside IPsec ESP offers an
optional mechanism correspondent
node to protect cache the confidentiality and integrity of mobile node's binding for routing future packets to
it.
A correspondent node with a Binding Cache entry for a mobile node may
refresh this binding, for example if the traffic against on-path attackers.
4.5.4. Securing binding's lifetime is near
expiration, by sending a Binding Updates Refresh Request to Home Agents
Signaling between the mobile node.
Normally, a correspondent node and will only refresh a Binding Cache
entry in this way if it is actively communicating with the home agent requires message
integrity, correct ordering mobile
node and replay protection.
In order has indications, such as an open TCP connection to have the
mobile node, that it will continue this protection, communication in the future.
When a mobile node and receives a Binding Refresh Request, it MAY reply
by initiating a correspondent binding procedure.
A mobile node may use more than one care-of address at the home agent
must have same
time. Use of more than one care-of address by a security association. IPsec Encapsulating Security
Payload (ESP) can mobile node may be used to
useful, for integrity protection when a non-null
authentication algorithm is applied.
However, IPsec can provide replay protection only example, to improve smooth handover when dynamic
security association establishment the mobile node
moves from one wireless link to another. If each of these wireless
links is used. This connected to the Internet through a separate base station,
such that the wireless transmission range from the two base stations
overlap, the mobile node may not always be
possible, and manual keying would be preferred able to remain connected to both
links while in some cases. IPsec
also does not guarantee correct ordering of packets, only that they
have not been replayed. Because the area of this, Mobile IPv6 does not rely overlap. In this case, the mobile node
could acquire a new care-of address on IPsec replay protection and provides its own mechanism inside the
Binding Update and Acknowledgement messages. A sequence number field
is used to ensure correct ordering new link before moving
out of transmission range and to prevent replay protection.
Both disconnecting from the old link. The
mobile node and the may thus still accept packets at its old care-of address
while it works to update its home agent MUST use non-volatile memory
Johnson and Perkins correspondent nodes,
notifying them of its new care-of address on the new link.
Since correspondent nodes cache bindings, it is expected that
correspondent nodes usually will route packets directly to the mobile
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 17] 16]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
to store the sequence number
node's care-of address, so that a reboot does not prevent the
acceptance of new Binding Updates.
A sliding window scheme home agent is used for the sequence numbers. Therefore rarely involved
with packet transmission to the protection against replays mobile node. This is important for
scalability and reordering attacks works when reliability, and for minimizing overall network load.
By caching the attacker remembers up to a maximum care-of address of 2^31 Binding Updates.
The a mobile node, direct delivery of
packets can be achieved from the correspondent node and to the home agent MAY agree on a new key for the
security association before this many Binding Updates have been sent
if this is an issue.
Note that while mobile
node. Routing packets directly to the required non-volatile memory is an additional
burden in particular for mobile node's care-of address
also eliminates congestion at the mobile node, node's home agent and home
link. In addition, the use impact of sequence numbers
reduces the number any possible failure of roundtrips necessary for the update procedure
compared home
agent, the home link, or intervening networks leading to other schemes that would not have required non-volatile
memory. Note also that implementations do or from the
home link is reduced, since these nodes and links are not necessarily have to
write involved in
the non-volatile memory every time they send a Binding Update,
if they always write a somewhat larger sequence number delivery of most packets to the memory
and only update mobile node.
5. Overview of Mobile IPv6 Security
5.1. Threats
Any mobility solution must protect itself against misuses of the memory again once
mobility features. In Mobile IPv6, most of the used sequence numbers go
beyond potential threats
are concerned with denial of service. Some of the threats also
include potential for man-in-the-middle, hijacking, and impersonation
attacks. The main threats this larger number. protocol protects against are as
follows:
1. Threats against Binding Updates sent to home agents and
correspondent nodes. For instance, if the sequence number
starts at 0, the value 100 can be written to the memory so an attacker might claim that
a certain mobile node is currently at a different location than
it really is. If the next write can be done when home agent accepts the sequence numbers from 0 information sent to 99
have been used. This reduces
it as is, the need for frequent updates mobile node might not get traffic destined to the
non-volatile memory, which improves performance it,
and may be necessary
in some cases to lengthen other nodes might get traffic they did not want.
Similarly, a malicious mobile node might use the lifetime home address of the used memory components.
In order
a victim node in a forged Binding Update to protect messages exchanged a correspondent node.
If such Binding Updates were accepted, the communications between
the mobile correspondent node and the home agent with IPsec, appropriate Security Policy Database (SPD)
entries must victim would be created. We need to avoid the possibility then be disrupted,
because packets that a
mobile the correspondent node could use its security association intended to send to
the victim would be sent to the wrong care-of address. This is
a Binding
Update on behalf of threat to confidentiality as well as availability, because an
attacker might redirect packets meant for another mobile node using the same home agent.
In to itself
in order to do this, learn the SPD entries MUST unequivocally identify a
single SA for any given home content of those packets.
A malicious mobile node might also send Binding Updates in
which the care-of address and home agent. In order for is set to the home address of a victim
node or an address within a victim network. If such Binding
Updates were accepted, the malicious mobile node could force the
correspondent node into sending data to be visible when the policy
check is made, victim node or the
victim network; the correspondent node's replies to messages sent
by the malicious mobile node MUST use the Home Address Option in
Binding Updates will be sent to the home agent. The home address in the Home
Address Option and the Binding Update message MUST be equal and MUST victim host
or network. This could be checked by the home agent.
4.5.5. Securing Binding Updates to Correspondent Nodes
Binding Updates used to correspondent nodes cause a distributed denial
of service attack. Variations of this threat are protected using the Return
Routability (RR) method. This method uses the following principles:
- A cookie exchange verifies that the mobile node is ``live'' at
its addresses, or is at least able to receive traffic on them.
- Protecting the eventual binding update cryptographically using
the cookies.
Johnson and Perkins described
elsewhere [1][31].
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 18] 17]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
- Requiring that the cookies be protected by ESP when forwarded by
the Home Agent
A malicious node might also send a large number of invalid
Binding Updates to the mobile a victim node.
- The use If each Binding Update takes a
significant amount of symmetric exchanges were responses are sent to the
same address resources (such as the request was sent from, CPU) to avoid the use of
this protocol in reflection attacks.
- Stateless operation at correspondent nodes until they receive the
a binding update that process before
it can be authorized.
The RR protocol recognized either as valid or as invalid, then a denial
of service attack can be broken caused by an attacker on the route between the
home agent and sending the correspondent node, but not node
so many invalid Binding Updates that it has no resources left for
other tasks.
An attacker might also attempt to disrupt a mobile node's
communications by attackers on replaying a Binding Update that the
network node had
sent earlier. If the old Binding Update was accepted, packets
destined for the mobile node is currently at would be sent to its old location
and not from elsewhere on its current location.
2. Reflection attack threats against third partied with the
Internet.
Each help
of Mobile IPv6 correspondent node has a secret key, Kcn. This key does nodes that do not
need to use appropriate
security precautions. The Home Address destination option can be shared with any other entity, so no key distribution
mechanism is needed for it. Each correspondent node also generates
used to direct response traffic toward a nonce, Nj, at regular intervals, for example every few minutes. A
correspondent node uses whose IP address
appears in the same Kcn option, without allowing ingress filtering to
catch the forged "return address" [32] [23].
3. Threats where an attacker forges tunneled packets between the
mobile node and Nj with all the mobiles home agent, making it
is in communication with, so appear that it does not need to generate and
store a new Nj when a new the traffic
is coming from the mobile contacts it. Each value of Nj node when it is
identified not.
4. Threats against IPv6 functionality used by Mobile IPv6, such as
the subscript j. This subscript is communicated Routing header. The generality of the regular Routing Header
would allow circumvention of IP-address based rules in firewalls
or reflection of traffic to other nodes, even if the
protocol, so usage that if Nj
Mobile IPv6 requires is replaced by N(j+1) part way through a run safe.
5. The security mechanisms of a protocol, the correspondent can distinguish messages that should Mobile IPv6 may also be checked against attacked
themselves, e.g. in order to force the old nonce from messages that should be checked
against the new nonce. Correspondent nodes keep both participants to execute
expensive cryptographic operations or allocate memory for the current
value
purpose of Nj and keeping state.
5.2. Features
This specification provides a small set number of previous values N(j-1), N(j-2), ...
Older values can be discarded, and messages using them will can be
rejected as replays.
Kcn can be either a fixed value or regularly updated. An update security features. The main
features are:
- Protection of Kcn can be done at the same time as an update Binding Updates to home agents.
- Protection of Nj, so that j
identifies both Binding Updates to correspondent nodes.
- Protection against reflection attacks through the nonce and Home Address
destination option.
- Protection of tunnels between the key. A correspondent mobile node can
generate a fresh Kcn each time that it boots to avoid the need for
secure persistent storage for Kcn.
The RR signaling happens as follows:
1. MN(HoA) -> CN: HoTI(HoA)
2. MN(CoA) -> CN: CoTI(CoA)
3. CN -> MN(HoA): HoT(K0, j)
4. CN -> MN(CoA): CoT(K1, l)
5. MN(CoA) -> CN: BU(HoA, CoA, MAC, j, l)
6. CN -> MN(CoA): BA(MAC)
7. CN -> MN(HoA): BR(MAC)
Messages 1 and 2 are sent simultaneously, as are messages 3 and
4. Message 5 actually creates a binding, and messages 6 and 7 are
optional. The messages are described in more detail below:
Johnson and Perkins the home agent.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 19] 18]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
1. HoTI (Home Test Init) Message:
When a mobile nodes wants to perform route optimization it sends
a HoTI message
- Preventing Routing Header vulnerabilities.
- Preventing Denial-of-Service attacks to the Mobile IPv6 security
mechanisms themselves.
Protecting the Binding Updates to home agents and to arbitrary
correspondent node in order nodes require very different security solutions due
to initiate the
return routability verification for different situations. Mobile nodes and home agents are
expected to be naturally subject to the Home Address.
MN(HoA) -> CN: HoA
This message tells network administration of
the mobile node's home address domain, and thus to have a strong security association to
reliably authenticate the
correspondent node. The address is exchanged messages. With such a security
arrangement, IPsec Encapsulating Security Payload (ESP) can be used later
to create a
cookie. This message is reverse tunneled through implement the Home Agent.
2. CoTI (Care-of Test Init) Message:
When necessary security features. See Section 5.4.
It is expected that Mobile IPv6 will be used on a mobile global basis
between nodes wants belonging to perform route optimization it sends
a CoTI message different administrative domains.
Building an authentication infrastructure to the authenticate mobile
nodes and correspondent node nodes would be a very demanding task in order to initiate the
return routability verification this
scale. Furthermore, traditional authentication infrastructure keep
track of correct IP addresses for the care-of Address.
MN(CoA) -> CN: CoA
The second message all hosts is sent in parallel with the first one. It
tells the correspondent node the either impossible or
at least very hard. That is, it isn't sufficient to authenticate
mobile node's care-of address,
which is later used nodes, authorization to create a cookie. This message is sent
directly claim right to the correspondent node.
3. HoT (Home Test) Message:
This message use an address is sent in response to a HoTI message.
CN -> MN(HoA): K0, j
When
needed. Thus, an "infrastructureless" approach is necessary.
The chosen infrastructureless method verifies that the correspondent mobile
node receives the HoTI message, is "live" (that is, it
generates responds to probes) at its home and
care-of addresses by performing a cookie K0 as follows:
K0 = MAC_Kcn(HoA | Nj | 0)
The cookie and exchange with the value j are sent to nodes
in question, and by requiring that the mobile node via eventual Binding Update is
cryptographically bound to the
Home Agent; it exchanged cookies. Some additional
protection is an assumption of provided by requiring the protocol that cookies be protected by
ESP when exchanged between the home
agent - mobile node route is secure. K0 also acts as a challenge
to test that and the mobile can receive messages sent to its home
address.
The index j is carried along in correspondent
node via the protocol to allow home agent. This method limits the CN vulnerabilities to later efficiently find the nonce value Nj that it used in
creating this cookie.
The notation used here is as follows. MAC_K(m) denotes a
message authentication code computed
those attackers who are on message m with key K.
H(m) denotes a hash of message m. HMAC SHA1 function [15][21]
is used to compute the message authentication code, and SHA1
function [21] is used to compute path between the hash. The final ``0''
Johnson home agent and Perkins Expires 22 September 2002 [Page 20]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
inside the MAC function is a 32-bit integer used
correspondent node. As adversaries on this path would be able to distinguish
home and care-of cookies from each other.
4. CoT (Care-of Test) Message:
This message
cause also other types of attacks, this is sent in response to a CoTI message.
CN -> MN(CoA): K1, i
The seen as sufficient base
security between mobile and correspondent also sends a challenge nodes.
Vulnerabilities relating to the mobile's care-of
address. When the use of correspondent node receives nodes as
reflectors via the CoTI message,
it generates a cookie K1 Home Address destination option can be solved as
follows:
K1 = MAC_Kcn(CoA | Ni | 1)
The cookie and the value i are sent directly We ensure that the mobile node.
The final 1 inside the MAC function node is authorized to use a 32-bit integer, again
used for distinguishing given
home and care-of cookies from each other.
Again, an index is sent along the cookie in order to identify
the used nonce Ni. Note that i and j are likely to address before this option can be the same used. Such authorization is
already performed in HoT and CoT messages, except when nonce values happen to have
changed between the reception context of HoT and the CoT messages.
5. BU (Binding Update) Message:
When the MN has received both the HoT and CoT is has the cookies
necessary to send the Binding Update.
MN(CoA) -> CN: BU, HoA, CoA,
MAC_Kbu(CoA | HoA | BU | 0),
j, i
The mobile node hashes together the challenges and to form a
session key (Kbu), Route Optimization, and then uses therefore
this session key to authenticate
a binding update:
Kbu = H(K0 | K1)
The message contains j and i, so that specification limits the correspondent knows
which value of Nj and Ni to use to recompute the session key.
"BU" is the content of the BU message. Once Home Address option to the
situation where the correspondent node already has verified the MAC, it can create a binding cache
entry for the mobile.
6. BA (Binding Acknowledgement) Message:
The Binding Update is optionally acknowledged by given home address.
Tunnels between the
correspondent node.
CN -> MN(CoA): BA,
Johnson mobile node and Perkins the home agent can be
protected by ensuring proper use of source addresses, and optional
cryptographic protection. These procedures are discussed in
Section 5.3.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 21] 19]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
MAC_Kbu(CoA | HoA | BA | 0),
The correspondent node uses
Potential abuses of the same key (Kbu) to authenticate a
binding acknowledgement. "BA" is the content of the BA message.
7. BR (Binding Request) Message:
The correspondent node can optionally request a binding to be
refreshed using the Binding Request message. This message Routing Header can be
authenticated prevented by using the same Kbu that was created earlier.
CN -> MN(HoA): BR,
MAC_Kbu(HoA | BR | 0),
"BR" is the content a
Mobile IPv6 specific type of the BR message. a Routing Header. This protocol also protects type provides
the participants necessary functionality but does not open vulnerabilities.
Denial-of-Service threats against replayed binding
updates. The attacker can't replay Mobile IPv6 security mechanisms
themselves concern mainly the same message due Binding Update procedures with
correspondent nodes. The protocol has been designed to limit the
sequence number which is a part
effects of the MIPv6 binding update itself, such attacks, as will be described in Section 5.5.9.
5.3. Tunnels to and from the attacker can't modify Home Agents
Mobile IPv6 tunneling -- as tunneling in general -- needs protection
so that it isn't possible, e.g., for anyone to pose as the binding update since home agent
and send traffic to the MAC would
not verify after that. Care must be taken when removing bindings
at mobile node. To protect the correspondent node, however. If a binding is removed either
due tunnels to garbage collection, request, or expiration and the nonce
used in its creation is still valid, an attacker can replay the old
binding update. This can be prevented by having
mobile node, the correspondent mobile node change verifies that the nonce often enough outer IP address
corresponds to ensure that its home agent, to prevent attacks against the nonces used
when removed entries were created are no longer valid. If many such
deletions occur tunnel
from other IP addresses.
Tunnels from the correspondent can batch them together to avoid
having mobile node to increment the nonce index too often.
4.5.6. Preventing Denial-of-Service Attacks
The RR protocol has been designed with home agent need protection against resource
exhaustion Denial-of-Service attacks. In these attacks
so that it isn't possible for anyone to send traffic through the victim
has only a limited amount of some resource (such
home agent, pose as network bandwidth
or CPU cycles), and the attack consumes some of this resource. This
leaves the victim without enough resources mobile node, and escape detection through
traditional tracing mechanisms.
Binding Updates sent to carry out other work. the home agents are secure. The correspondent nodes do not have home
agent verifies that the outer IP address corresponds to retain any state about
individual mobile nodes until an authentic binding update arrives.
This is achieved through the use current
location of the nonces and Kcn that are
not specific mobile node, to individual prevent attacks against the tunnel
from other IP addresses.
For tunneled traffic to and from the mobile nodes. Yet node, encapsulating the cookies are
specific, but they can be reconstructed based on
traffic inside IPsec ESP offers an optional mechanism to protect
the CoA confidentiality and HoA
information that arrives with the binding update. This means that integrity of the correspondent nodes are safe traffic against memory exhaustion attacks
except where on-path attackers are concerned. Due
attackers.
5.4. Binding Updates to Home Agents
Signaling between the use of
symmetric cryptography, mobile node and the correspondent nodes are relatively safe
against CPU resource exhaustion attacks as well.
Johnson home agent requires message
integrity, correct ordering and Perkins replay protection.
In order to have this protection, the mobile node and the home agent
must have a security association. IPsec Encapsulating Security
Payload (ESP) can be used for integrity protection when a non-null
authentication algorithm is applied.
However, IPsec can easily provide replay protection only if dynamic
security association establishment is used. This may not always be
possible, and manual keying would be preferred in some cases. IPsec
also does not guarantee correct ordering of packets, only that they
have not been replayed. Because of this, Mobile IPv6 provides its
own mechanism inside the Binding Update and Acknowledgement messages.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 22] 20]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Nevertheless, as [1] describes, there are situations it is impossible
for the mobile and correspondent nodes to determine if they actually
need a binding or whether they just have been fooled into believing
so by an attacker. Therefore, it
A sequence number field is necessary to treat situations
where such attacks are being made.
The binding updates that are used in mobile IPv6 are only an
optimization. A to ensure correct ordering. If the
mobile node can communicate with a correspondent
node even if the correspondent refuses to accept any of reboots and forgets its binding
updates. However, performance will suffer because packets from current sequence number, the
correspondent home
agent uses the status value 141 (Sequence number out of window, see
Section 6.1.8) to inform the mobile will be routed via the mobile's home
agent rather than a more direct route. A correspondent can protect
itself against some node of the resource exhaustion attacks by stopping
processing binding updates when it is flooded with a large number use of
binding updates an improper
sequence number.
Note that fail the cryptographic integrity checks. If a
correspondent finds that it is spending more resources on checking
bogus binding updates than it is likely to save by accepting genuine
binding updates, then it can decide to reject all binding updates
without performing any cryptographic operations.
Additional information needed to make this decisions about responding
to requests will usually originate in layers above IP. For example,
TCP knows if the node has sequence number mechanism provides also a queue weak form
of data that it is trying to send
to replay protection. However, if a peer. It home agent reboots and loses its
state regarding the sequence numbers, replay attacks become possible.
If the home agent is possible vulnerable to produce a conforming implementation of this, the protocols in this memo without making use of information from
higher protocol layers, but implementations MAY a key management
mechanism together with IPsec can be able used to manage
resources more effectively by making use of such information.
4.5.7. Design Rationale
The motivation prevent replay attacks.
A sliding window scheme is used for designing the RR protocol was to have sufficient
support for mobile IP, without creating major new security problems.
A protocol was needed sequence numbers. The
protection against replays and reordering attacks without a key
management mechanism works when the new vulnerabilities introduced by
IP mobility. It was not our goal attacker remembers up to a
maximum of 2**15 Binding Updates.
In order to protect against attacks that
were already possible before messages exchanged between the introduction of IP mobility. This
protocol does not defend against an attacker who can monitor mobile node and
the home agent to correspondent with IPsec, appropriate security policy database
entries must be created. We need to avoid the possibility that a
mobile node could use its security association to send a Binding
Update on behalf of another mobile node using the same home agent.
In order to do this, the security policy database entries MUST
unequivocally identify a single SA for any given home address and
home agent. In order for the home address of the mobile node to be
visible when the policy check is made, the mobile node MUST use the
Home Address destination option in Binding Updates sent to the home
agent. The home address in the Home Address destination option and
the Binding Update message MUST be equal and MUST be checked by the
home agent.
5.5. Binding Updates to Correspondent Nodes
Binding Updates to correspondent nodes are protected using the return
routability procedure. The motivation for designing the return
routability procedure was to have sufficient support for Mobile IP,
without creating major new security problems. It was not our goal
to protect against attacks that were already possible before the
introduction of Mobile IP. This protocol does not defend against
an attacker who can monitor the home agent to correspondent node
path, as such attackers would in any case be able to mount an active
attack against the mobile node when it is at its home location. The
possibility of such attacks is not an impediment to the deployment of mobile
Mobile IP, because these attacks are possible irrespective regardless of whether mobile
Mobile IP is in use or not. use.
This protocol also protects against denial of service attacks in
which the attacker pretends to be a mobile, but uses the victim's
address as the care of address, and so causes the correspondent node
to send the victim traffic that it does not want. expect. For example,
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 21]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
suppose that the correspondent node is a news site that will send a
high-bandwidth stream of video to anyone who asks for it. Note that
the use of flow-control protocols such as TCP does not necessarily
defend against this type of attack, because the attacker can fake the
Johnson and Perkins Expires 22 September 2002 [Page 23]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
acknowledgements. Even keeping TCP initial sequence numbers secret
doesn't help, because the attacker can receive the first few segments
(including the ISN) at its own address, and then redirect the stream
to the victim's address. This protocol defends against these attacks
by only completing if packets sent by the correspondent node to the
care of address are received and processed by an entity that is
willing to participate in the protocol. Normally, this will be the
mobile node.
For further information about the design rationale of RR and other protocols, the return
routability procedure, see [1] [33] [31] [22] [23].
4.6. New IPv6 ICMP Messages
Mobile IPv6 also introduces four new ICMP message types, two for use
in the dynamic home agent address discovery mechanism, and two for
renumbering and mobile configuration mechanisms. As discussed in
general in Section 4.2,
The return routability procedure method uses the following two new ICMP message types are
used for home agent address discovery:
Home Agent Address Discovery Request
The ICMP Home Agent Address Discovery Request message is used
by a
principles:
- A cookie exchange verifies that the mobile node is reachable at
its addresses i.e. is at least able to initiate transmit and receive
traffic at its addresses.
- The eventual Binding Update is protected cryptographically using
the cookies.
- Requiring that the cookies be protected by ESP when forwarded by
the dynamic home agent address
discovery mechanism. When attempting a home registration, to the mobile node may node.
- The use this mechanism of symmetric exchanges where responses are sent to discover the
same address of
one or more routers currently operating as home agents on its
home link, with which it may register while away from home.
The Home Agent Address Discovery Request message is described the request was sent from, to avoid the use of
this protocol in detail reflection attacks.
- Correspondent nodes operate in Section 5.6.
Home Agent Address Discovery Reply
The ICMP Home Agent Address Discovery Reply message is used by a home agent to respond to stateless manner until they
receive a mobile node using Binding Update that can be authorized.
The return routability procedure can be broken by an attacker on the
route between the dynamic home agent address discovery mechanism. When a home agent receives
a Home Agent Address Discovery Request message, it replies with
a Home Agent Address Discovery Reply message, giving a list
of and the routers correspondent node, but not by
attackers on the network the mobile node's home link serving as home
agents. The Home Agent Address Discovery Reply message node is
described in detail in Section 5.7.
The next two message types are used for network renumbering currently at and address configuration not from
elsewhere on the mobile node, as described in
Section 9.7:
Mobile Prefix Solicitation
The ICMP Mobile Prefix Solicitation message Internet.
5.5.1. Node Keys
Each correspondent node has a secret key, Kcn. This key is used by a mobile
the correspondent node to request prefix information about accept only the home subnet, in
order use of cookies which it has
created itself. This key does not need to retrieve prefixes be shared with any other
entity, so no key distribution mechanism is needed for it.
A correspondent node can generate a fresh Kcn each time that are served by home agents and
Johnson and Perkins it boots
to avoid the need for secure persistent storage for Kcn. Kcn can be
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 24] 22]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
can be used to configure one or more home addresses,
either a fixed value or to
refresh home addresses before the expiration regularly updated. Procedures for updating
Kcn are discussed later in Section 5.5.7.
Kcn consists of their validity.
This message 20 octets.
5.5.2. Nonces
Each correspondent node also generates a nonce at regular intervals,
for example every few minutes. A correspondent node uses the same
Kcn and nonce with all the mobiles it is specified in Section 5.8.
Mobile Prefix Advertisement
The ICMP Mobile Prefix Advertisement communication with, so
that it does not need to generate and store a new nonce when a new
mobile contacts it. Each nonce is used identified by a home agent to
distribute information to nonce index.
Nonce indices are 16-bit values that are e.g. incremented each time
a mobile node about prefixes on new nonce is created. The index value is communicated in the
home link which are available for use
protocol, so that if a nonce is replaced by new nonce during the mobile run
of a protocol, the correspondent node while
away can distinguish messages that
should be checked against the old nonce from home. This message may messages that should be sent as a response to
checked against the new nonce. Correspondent nodes keep both the
current nonce and a
Mobile Prefix Solicitation, or due to network renumbering or
other prefix changes small set of old nonces. Older values can be
discarded, and messages using them will be rejected as specified in Section 9.9.3
4.7. Conceptual Data Structures
This document describes replays.
The specific nonce index values can not be used by mobile nodes to
determine the Mobile IPv6 protocol in terms validity of the
following three conceptual data structures:
Binding Cache
A cache, maintained by each IPv6 node, of bindings nonce. Expected validity times for other
nodes. A separate Binding Cache SHOULD be maintained by each
IPv6 node
the nonces values and the procedures for each updating them are discussed
later in Section 5.5.7.
Nonce is an octet string of its IPv6 addresses. any length. The Binding Cache
MAY be implemented recommended length is 16
octets.
5.5.3. Cookies
Three different types of cookies are used in any manner consistent with the external
behavior described in this document, for example by being
combined with the node's Destination Cache as maintained by
Neighbor Discovery [20]. When sending a packet, the Binding
Cache protocol:
- Mobile cookie is searched before the Neighbor Discovery conceptual
Destination Cache [20] (i.e., any Binding Cache entry for this
destination SHOULD take precedence over any Destination Cache
entry for the same destination). Each Binding Cache entry
conceptually contains sent to the following fields:
- The home address of correspondent node from the mobile node for which this is
node, and later returned to the
Binding Cache entry. This field is mobile node. Mobile cookies are
produced randomly, and used as the key for
searching the Binding Cache for the destination address of
a packet being sent. If the destination address of to verify that the
packet response matches
the home address in the Binding Cache entry,
this entry SHOULD be used in routing request, and to ensure that packet. parties who have not seen the
request can not spoof responses.
- The care-of address for A home cookie sent to the mobile node indicated by
the home address field in this Binding Cache entry. If from the destination address of a packet being routed by a correspondent node matches
via the home address in this entry, the packet
SHOULD be routed to this agent. Home cookies are produced cryptographically
from nonces.
- A care-of address, as described in
Section 8.9, for packets originated by this node, or in
Section 9.4, if this node is cookie sent directly to the mobile node's home agent
and the packet was intercepted by it on node from the home link.
Johnson and Perkins
correspondent node. Home cookies are produced cryptographically
from nonces.
Mobile cookies are typically newly generated random values for each
new request that needs them. They could also be changed periodically
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 25] 23]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
- A lifetime value, indicating the remaining lifetime
for this Binding Cache entry.
only. The lifetime value is
initialized from the Lifetime field in the Binding Update
that created or last modified this Binding Cache entry.
Once the lifetime on this entry expires, the entry MUST be
deleted from the Binding Cache.
- A flag indicating whether policy to use new or not this Binding Cache entry old mobile cookies is purely a "home registration" entry.
- A flag indicating whether or not this Binding Cache entry
represents a local
matter for the mobile node that should be advertised as a
router in proxy Neighbor Advertisements sent node.
Home and care-of cookies are produced by this node the correspondent node, and
they are based on its behalf. This flag is only valid if the Binding
Cache entry indicates that this is a "home registration"
entry.
- The length currently active secret keys and nonces of the routing prefix for
correspondent node as well as the home or care-of address.
This field Such a
cookie is only valid if as long as both the "home registration" flag is
set secret key and the nonce used to
create it are valid.
5.5.4. Cryptographic Functions
MAC_K(m) denotes a Message Authentication Code computed on message
m with key K. In this Binding Cache entry.
- The maximum value specification, HMAC SHA1 function [15][21] is
used to compute these codes.
H(m) denotes a hash of message m. In this specification, SHA1
function [21] is used to compute the Sequence Number field received
in previous Binding Updates for this mobile hash.
5.5.5. Return Routability Procedure
The return routability signaling happens as follows:
Mobile node Home agent Correspondent node
| |
| Home Test Init(HoTI) |
| Src = home
address. The Sequence Number field is 8 bits long,
and all comparisons between Sequence Number values
MUST be performed modulo 2**8. For example, using an
implementation in the C programming language, a Sequence
Number value A is greater than another Sequence Number
value B if ((char)((a) address, |
| Dst = correspondent | |
| Parameters: | |
| - (b)) > 0), if the "int" data type
is a 8-bit signed integer. mobile cookie 1 | |
|------------------------->|------------------------->|
| | |
| |
| Care-of Test Init(CoTI) |
| Src = care-of address |
| Dst = correspondent |
| Parameters: |
| - Recent usage information for this Binding Cache entry, as
needed to implement the cache replacement policy in use in
the Binding Cache and to assist in determining whether a
Binding Request should be sent when the lifetime on this
entry nears expiration. mobile cookie 2 |
|---------------------------------------------------->|
| |
| Home Test (HoT) |
| Src = correspondent, |
| Dst = home address |
| Parameters: |
| - The Binding Security Association (BSA) to be be used when
authenticating Binding Updates that are received for this
Binding Cache entry. mobile cookie 1 |
| | - The Binding Security Association (BSA) to be be used when
calculating authentication data for inclusion in Binding
Acknowledgements in response to Binding Updates that are
received for this Binding Cache entry.
An entry in a node's Binding Cache for which the node is
serving as a home agent is marked as a "home registration"
entry and SHOULD NOT be deleted by the cookie |
| | - home agent until the
expiration of its binding lifetime. Other Binding Cache
entries MAY be replaced at any time by any reasonable local
Johnson and Perkins nonce index |
|<-------------------------|<-------------------------|
| | |
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 26] 24]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
cache replacement policy but SHOULD NOT be unnecessarily
deleted.
| |
| Care-of Test(CoT) |
| Src = correspondent, |
| Dst = care-of address |
| Parameters: |
| - mobile cookie 2 |
| - care-of cookie |
| - care-of nonce index |
|<----------------------------------------------------|
| |
The Binding Cache for any one of a node's IPv6
addresses may contain HoTI and CoTI messages are sent at most one entry for each mobile the same time. The
correspondent node
home address. returns the HoT and CoT messages as quickly as
possible, and perhaps nearly simultaneously, requiring very little
processing. The contents of four messages form the return routability procedure.
(After the return routability procedure, a node's Binding Cache MUST NOT binding will be changed created
with a single request with an optional response.) Due to the
simultaneous sending of messages, the return routability procedure
completes in response 1 roundtrip (and the whole process completes in 1.5
roundtrips excluding the acknowledgement message).
The four messages (HoTI, CoTI, HoT, and CoT) belonging to a Home Address option the return
routability procedure are described in a received
packet. more detail below. The contents of all use of a node's Binding Cache entries,
for each
the results of its IPv6 addresses, must be cleared when the node
reboots.
Binding Update List
A list, maintained by each mobile node, recording information
for each Binding Update sent by this mobile node, return routability procedure for which the
Lifetime sent authenticating a
correspondent binding procedure is described in that Binding Update has not yet expired. The
Binding Update List includes all bindings sent by the Section 5.5.6.
HoTI
Home Test Init Message:
When a mobile
node: those nodes wants to correspondent nodes, those perform route optimization it
sends a HoTI message to the mobile node's
home agent, and those correspondent node in order to a home agent on
initiate the link on which return routability verification for the Home
Address.
Src = home address
Dst = correspondent
Parameters:
- mobile cookie 1
This message conveys the mobile node's previous care-of home address is located. However,
for multiple Binding Updates sent to the same destination
address, the Binding Update List contains only
correspondent node. The mobile node also sends along mobile
cookie C0 that the most recent
Binding Update (i.e., correspondent node must return later,
along with the greatest Sequence Number value)
sent to its own cookie that destination. The Binding Update List MAY be
implemented in any manner consistent with the external behavior
described in this document. Each Binding Update List entry
conceptually contains it generates based on the following fields:
- home
address. The IP address of HoTI message is reverse tunneled through the node to which home
agent.
CoTI
Care-of Test Init Message:
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 25]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
When a Binding Update was
sent. That node might still have mobile nodes wants to perform route optimization it
sends a Binding Cache entry
created or updated from this Binding Update, if the Binding
Update was successfully received by that node (e.g., not
lost by CoTI message to the network) and if that correspondent node has not deleted the
entry before its expiration (e.g., to reclaim space in its
Binding Cache order to
initiate the return routability verification for other entries). the care-of
Address.
Src = care-of address
Dst = correspondent
Parameters:
- mobile cookie 2
The home address for which that Binding Update was sent.
This will be one of the following:
* second message is sent in parallel with the mobile node's home addresses for typical Binding
Updates (Sections 10.7 and 10.9), or
* first one. It
conveys the mobile node's previous care-of address for Binding
Updates sent to establish forwarding from the correspondent
node. The mobile
node's previous node also sends along mobile cookie C1 that
the correspondent node must return later, along with its own
cookie that it generates based on the care-of address by address. The
CoTI message is sent directly to the correspondent node.
HoT
Home Test Message:
This message is sent in response to a HoTI message.
Src = correspondent
Dst = home agent from
this previous care-of address (Section 10.11).
Parameters:
- The care-of mobile cookie 1
- home cookie
- home nonce index
When the correspondent node receives the HoTI message, it
generates a 16 octet home cookie as follows:
home cookie = MAC_Kcn(home address | nonce)
The cookie is sent in that Binding Update. This
value the message to the mobile node via the
Home Agent; it is necessary for an assumption of the protocol that the home
agent - mobile node route is secure. Home cookie also acts as
a challenge to determine if it
has test that the mobile can receive messages sent a Binding Update giving its new care-of address
to
this destination after changing its care-of home address.
Johnson and Perkins Kcn is used in the production of home
cookie in order to allow the correspondent node to verify that
the cookies used later really came from itself, without forcing
the correspondent node to remember a list of all cookies it has
handed out.
Mobile cookie 1 from the mobile node is returned as well in the
HoT message, to ensure that the message comes from someone on
the path to the correspondent node.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 27] 26]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
-
The initial value of the Lifetime field sent home nonce index is carried along in the protocol to allow
the correspondent node to later efficiently find the nonce
value Ni that
Binding Update.
- The remaining lifetime of that binding. it used in creating this cookie.
CoT
Care-of Test Message:
This lifetime message is
initialized from the Lifetime value sent in response to a CoTI message.
Src = correspondent
Dst = care-of address
Parameters:
- mobile cookie 2
- care-of cookie
- care-of nonce index
The correspondent node also sends a challenge to the Binding
Update and is decremented until mobile's
care-of address. When the correspondent node receives the CoTI
message, it reaches zero, generates a 16 octet care-of cookie as follows:
care-of cookie = MAC_Kcn(care-of address | nonce)
The cookie is sent directly to the mobile node at which
time this entry MUST be deleted its care-of
address. Mobile cookie 2 from the Binding Update
List.
- The maximum value of mobile node is returned as
well, to ensure that the Sequence Number field message comes from someone on the path
to the correspondent node.
Again, an index is sent along the cookie in
previous Binding Updates order to this destination. The Sequence
Number field is 8 bits long, identify
the used nonce. Note that home and all comparisons between
Sequence Number values MUST care-of nonce indices are
likely to be performed modulo 2**8. For
example, using an implementation the same in HoT and CoT messages, except when
the C programming
language, a Sequence Number value A is greater than another
Sequence Number correspondent node changed its nonce value B if ((char)((a) - (b)) > 0), if the
"char" data type is a 8-bit signed integer.
- The time at which a Binding Update was last sent to this
destination, as needed to implement between the rate limiting
restriction for sending Binding Updates.
- The state
reception of any retransmissions needed for this Binding
Update, if the Acknowledge (A) bit was set in this Binding
Update. This state includes HoTI and the time remaining until CoTI messages.
When the
next retransmission attempt for mobile node has received both the Binding Update, HoT and CoT messages, the
current state of
return routability procedure is complete. As a result, the exponential back-off mechanism for
retransmissions.
- A flag that, when set, indicates that future Binding
Updates should not be sent to this destination. The mobile
node sets this flag in has the Binding Update List
entry when it receives an ICMP Parameter Problem, Code 2,
error message in response means to prove its authority to send a Binding Update sent
to that
destination, as described in Section 10.17.
Home Agents List
A list, maintained by each home agent and each the correspondent node. The mobile node,
recording information about each home agent from which this node has received a Router Advertisement in which hashes together the Home
Agent (H) bit is set, for which
challenges to form a 20 octet session key (Kbu):
Kbu = H(home cookie | care-of cookie)
Note that the remaining lifetime for
this list entry (defined below) correspondent node has not yet expired. The
home agents list is thus similar to the Default Router
List conceptual data structure maintained by each host for
Neighbor Discovery [20], although the Home Agents List MAY be
implemented in created any manner consistent with the external behavior
described in state at this document.
Each home agent maintains a separate Home Agents List for
each link on which
point. It is unaware of the session key Kbu, though it can recreate
Kbu if it is serving as a home agent; this list
Johnson presented the right addresses and Perkins nonce indices.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 28] 27]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
is used by a home agent in
5.5.6. Applying Return Routability for Correspondent Bindings
After the return routability procedure, the dynamic home agent address
discovery mechanism. Each mobile node, while away from home,
also maintains a Home Agents List, to enable it node can proceed
to notify perform a binding procedure with the correspondent node. An
overview of the binding procedure is shown below.
Mobile Node Correspondent node
| |
| 1. Binding Update |
| Src = care-of address, Dst = correspondent |
| Parameters: |
| - home agent on its previous link when it moves to address |
| - a new link; MAC |
| - home nonce index |
| - care-of nonce index |
| - sequence number |
| - ... |
|---------------------------------------------------->|
| |
| 2. Binding Acknowledgement |
| (if requested) |
| Src = correspondent, |
| Dst = care-of address |
| Parameters: |
| - sequence number |
| - ... |
|<----------------------------------------------------|
| |
Message 1 actually creates a binding, and message 2 is optional. The
correspondent binding procedure consists of the return routability
procedure followed by the messages 1 and 2.
1.
Binding Update (BU) Message:
The mobile node MAY maintain a separate Home Agents List for each
link uses the created session key Kbu to which it is (or has recently) connected, or it MAY
maintain a single list for all links. Each Home Agents List
entry conceptually contains authorize
the following fields: Binding Update.
Src = care-of address
Dst = correspondent
Parameters:
- The link-local IP home address of a router on the link, that
this
- MAC_Kbu(care-of address | correspondent node currently believes is operating as a address | BU)
- home agent
for that link. A new entry is created or an existing
entry is updated nonce index
- care-of nonce index
- sequence number
- ...
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 28]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The message contains home and care-of nonce indices, so that
the Home Agents List in response to
receipt of a valid Router Advertisement in correspondent node knows which nonces to use to recompute
the Home
Agent (H) bit session key. "BU" is set. The link-local address the content of the home
agent is learned through Binding Update
message, excluding (1) the Source Address of IP header, (2) any extension
headers between the Router
Advertisements received from it [20].
- One or more global IP addresses for this home agent,
learned through Prefix Information options with header the Router Address (R) bit set, received in Router
Advertisements from this link-local address. Global
addresses for the router in a Home Agents List entry MUST
be deleted once Mobility Header, and (3) the prefix associated with that address is
no longer valid [20].
Are there interactions with
Authenticator field inside the new Router
Advertisement stuff?
- Binding Update. The remaining lifetime result of this Home Agents List entry. If
a Home Agent Information Option
the MAC_Kbu function is present used as the Authenticator field in a Router
Advertisement received
the Binding Update. A sequence number will be used to match
an eventual acknowledgement with this message. The sequence
numbers start from a home agent, the lifetime random value, which offers a weak form
of authentication also to the Home Agents List entry representing that home agent
is initialized from acknowledgement messages. The
three dots represent all the Home Agent Lifetime field remaining (not security related)
information in the
option; otherwise, message.
Once the lifetime is initialized from correspondent node has verified the
Router Lifetime field in MAC, it can create
a binding cache entry for the received Router Advertisement. mobile.
2.
Binding Acknowledgement (BA) Message:
The Home Agents List entry lifetime Binding Update is decremented until it
reaches zero, at which time this entry MUST be deleted from optionally acknowledged by the Home Agents List.
correspondent node.
Src = correspondent
Dst = care-of address
Parameters:
- sequence number
- ...
The preference for this home agent; higher values
indicate a more preferable home agent. The preference
value Binding Acknowledgement is taken from not authenticated in other ways
than including the Home Agent Preference field (a
signed, twos-complement integer) right sequence number in the received Router
Advertisement, if reply. The
three dots represent all the Router Advertisement contains remaining (not security related)
information in the message.
5.5.7. Updating Node Keys and Nonces
An update of Kcn can be done at the same time as an update of Ni, so
that i identifies both the nonce and the key. Old Kcn values have to
be therefore remembered as long as old nonce values.
Before sending a Binding Update in Step 3, the mobile node has
to wait for both the Home
Agent Information Option, and is otherwise set Care-of Cookies to the
default value arrive. Due
to resource limitations, rapid deletion of 0. A home agent bindings, or reboots
it can not be guaranteed that the cookies are still fresh and
acceptable when the correspondent node uses this preference them in
ordering the Home Agents List returned in processing
of the Binding Update. If the cookies have become too old, the
correspondent node replies with an ICMP Home
Agent Address Discovery message an error code in response to a mobile
node's initiation of dynamic home agent address discovery.
A the Binding
Acknowledgement. The mobile node uses this preference in determining which
Johnson and Perkins can then retry the return
routability procedure. However, it is recommended that correspondent
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 29]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
of the home agents on its previous link
nodes try to notify when it
moves keep these cookies acceptable as long as possible and
SHOULD NOT accept them beyond MAX_COOKIE_LIFE seconds.
Given that the cookies are normally expected to a new link.
Can we delete be usable for
some time, the preference stuff? Is anyone using
it?
4.8. Binding Management
When a mobile node configures a new care-of address and decides to MAY use this new address as its primary care-of address, them beyond a single run of the
return routability procedure. A fast moving mobile node registers this new binding with its home agent by sending
the home agent may reuse
a Binding Update. The mobile recent Home Cookie from a correspondent node indicates
that an acknowledgement is needed for this Binding Update and
continues when moving to periodically retransmit it until acknowledged. The
home agent acknowledges the Binding Update by returning a Binding
Acknowledgement new
location, and just acquire a new Care-of Cookie to show routability
in the mobile node.
When a mobile node receives a packet tunneled new location. While this does not save roundtrips due to it from its the
parallel nature of the home
agent, and care-of return routability tests, the
roundtrip through the home agent may be longer, and consequently this
optimization is often useful. A mobile node uses that as an indication that the original
sending correspondent node has no Binding Cache entry for multiple home
addresses, may also use the mobile
node, since same Care-of Cookie for Binding Updates
concerning all of these addresses.
5.5.8. Preventing Replay Attacks
The return routability procedure also protects the correspondent node would otherwise have sent participants
against replayed Binding Updates. The attacker can't replay the
packet directly
same message due to the mobile node using sequence number which is a Routing header. If part of the
mobile node has a
Binding Security Association (BSA) with that
correspondent node, Update, and the attacker can't modify the mobile node thus returns a Binding Update
to
since the MAC would not verify after that. Care must be taken when
removing bindings at the correspondent node, allowing it to cache the mobile node's however. If a binding for routing future packets
is removed either due to it. Although garbage collection, request, or expiration
and the mobile node
may request nonce used in its creation is still valid, an acknowledgement for this Binding Update, it need not,
since subsequent packets from attacker can
replay the correspondent node will continue
to old Binding Update. This can be intercepted and tunneled prevented by the mobile node's home agent,
effectively causing any needed Binding Update retransmission.
If the mobile node receives such a tunneled packet but does not have
a BSA with having the
correspondent node, the mobile node SHOULD initiate change the process of establishing nonce often enough to ensure that the necessary security association by
following
nonces used when removed entries were created are no longer valid.
If many such deletions occur the procedures outlined in Section 4.5
A correspondent node with a Binding Cache entry for a mobile node
may refresh this binding, for example if the binding's lifetime
is near expiration, by sending a Binding Request can batch them
together to avoid having to increment the mobile
node. Normally, a correspondent node will only refresh a Binding
Cache entry in this way if it is actively communicating nonce index too often.
5.5.9. Preventing Denial-of-Service Attacks
The return routability procedure has been designed with protection
against resource exhaustion Denial-of-Service attacks. In these
attacks the
mobile node and victim has indications, such only a limited amount of some resource (such
as an open TCP connection to network bandwidth or CPU cycles), and the mobile node, that it will continue attack consumes some of
this communication in resource. This leaves the
future. When a victim without enough resources to
carry out other work.
The correspondent nodes do not have to retain any state about
individual mobile node receives a Binding Request, it replies by
returning a nodes until an authentic Binding Update to arrives.
This is achieved through the node sending the Binding Request.
A mobile node may use more than one care-of address at of the same time,
although only one care-of address may nonces and Kcn that are not
specific to individual mobile nodes. The cookies are specific, but
they can be registered for it at its reconstructed based on the home agent as its primary and care-of address. The mobile node's home
agent will tunnel all intercepted packets for address
information that arrives with the mobile node Binding Update. This means that
the correspondent nodes are safe against memory exhaustion attacks
except where on-path attackers are concerned. Due to its
Johnson and Perkins the use of
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 30]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
(single) registered primary care-of address, but
symmetric cryptography, the mobile node
will accept packets that correspondent nodes are relatively safe
against CPU resource exhaustion attacks as well.
Nevertheless, as [1] describes, there are situations in which it receives at any of its current care-of
addresses. Use of more than one care-of address by a mobile node
may be useful, is
impossible for example, to improve smooth handover when the mobile node moves from one wireless link and correspondent nodes to another. If each of
these wireless links determine if
they actually need a binding or whether they just have been fooled
into believing so by an attacker. Therefore, it is connected necessary to the Internet through a separate
base station,
consider situations where such attacks are being made.
The binding updates that the wireless transmission range from the
two base stations overlap, the mobile node may be able to remain
connected to both links while are used in the area of overlap. In this case,
the Mobile IPv6 are only an
optimization, albeit a very important optimization. A mobile node could acquire
can communicate with a new care-of address on the new link
before moving out of transmission range and disconnecting from the
old link. The mobile correspondent node may thus still accept packets at its
old care-of address while it works to update its home agent and even if the correspondent nodes, notifying them
refuses to accept any of its new care-of address on the
new link.
Since correspondent nodes cache bindings, it is expected that
correspondent nodes usually binding updates. However, performance
will route suffer because packets directly from the correspondent node to the mobile
node's care-of address, so that
node will be routed via the mobile's home agent is rarely involved
with packet transmission to rather than a more
direct route. A correspondent node can protect itself against some
of the mobile node. This resource exhaustion attacks by not processing binding updates
when it is essential for
scalability and reliability, and for minimizing overall network load.
By caching the care-of address of flooded with a mobile node, optimal routing large number of
packets can be achieved from binding updates that fail
the cryptographic integrity checks. If a correspondent node finds
that it is spending more resources on checking bogus binding updates
than it is likely to the mobile
node. Routing packets directly save by accepting genuine binding updates, then
it MAY reject some or all Binding Updates without performing any
cryptographic operations.
Additional information needed to make this decision about responding
to requests will usually originate in layers above IP. For example,
TCP knows if the mobile node's care-of address
also eliminates congestion at the mobile node's home agent and home
link. In addition, the impact node has a queue of any possible failure data that it is trying to send
to a peer. A conformant implementation of the home
agent, the home link, or intervening networks leading protocols in this
specification is not required to or make use of information from higher
protocol layers, but implementations are likely to be able to manage
resources more effectively by making use of such information.
5.5.10. Correspondent Binding Procedure Extensibility
As discussed in Appendix D.3, in the
home link is reduced, since these future there may be other
mechanisms beyond the return routability procedure for authorizing
mobile nodes and links are not involved to correspondent nodes. The nodes can use other methods
based on future definition of flag values in the delivery Reserved fields of most packets to
HoTI, HoT, CoTI, CoT, and BU messages. Nodes need assurance against
bidding down attacks in this selection by following the mobile node.
5. procedure
described in Section 14.3.
6. New IPv6 Destination Options and Protocols, Message Types
5.1. Types, and Destination Option
6.1. Mobility Header
The Mobility Header is used by mobile nodes, correspondent nodes, and
home agents in all messaging related to the creation and management
of bindings. The Mobility Header is an IPv6 protocol. Rules
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 31]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
regarding how it is sent and what addresses are used in the IPv6
header are given separately in Sections 5.1.2 to 5.1.9. Mobile nodes
MUST use reverse tunneling to send Mobility Header messages when the
source address is set to the home address of 6.1.2 through 6.1.9, which
describe the mobile node.
Johnson and Perkins Expires 22 September 2002 [Page 31]
INTERNET-DRAFT Mobility Support message types used in IPv6 22 March 2002
5.1.1. this protocol.
6.1.1. Format
The Mobility Header is identified by a Next Header value of 62 (XXX)
in the immediately preceding header, and has the following format:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Payload Proto | Header Len | MH Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| |
. .
. Message Data .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Payload Proto
8-bit selector. Identifies the type of header immediately
following the Mobility Header. Uses the same values as the
IPv4 Protocol field [10].
This field is intended to be used by a future specification
of piggybacking binding messages on payload packets (see
Section 12.1).
Thus implementations D.1).
Implementations conforming to this specification MUST SHOULD set the
payload protocol type to NO_NXTHDR (59 decimal).
Header Len
8-bit unsigned integer. Length of the Mobility Header in units
of 8 octets, including the the Payload Proto, MH Type, Header
Len, Checksum, and Message Data fields.
MH Type
16-bit selector. Identifies the particular mobility message
in question. Legal Current values are defined specified in Sections 5.1.2 6.1.2
to 5.1.8. 6.1.9. An unrecognized MH Type field SHOULD cause causes an error to be
sent to the source.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 32]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Checksum
16-bit unsigned integer. This field contains the checksum
of the Mobility Header. The checksum is the 16-bit one's
complement of the one's complement sum of an octet string
consisting of a "pseudo-header" followed by the entire
Mobility Header starting with the Payload Proto field, prepended with a
"pseudo-header" of field. The
pseudo-header contains IPv6 header fields, as specified
in [IPv6,
section 8.1]. Section 8.1 of [6]. The Next Header value used in the
pseudo-header
Johnson and Perkins Expires 22 September 2002 [Page 32]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 is 62 (XXX). For computing the checksum, the
checksum field is set to zero.
Message Data
A variable length field containing the data specific to the
indicated Mobility Header type.
5.1.2.
Mobile IPv6 also defines a number of "mobility options" for use
within these messages; if included, any options MUST appear after the
fixed portion of the message data specified in this document. The
presence of such options will be indicated by the Header Len field
within the message. When the Header Len is greater than the length
required for the message specified here, the remaining octets are
interpreted as mobility options options. The encoding and format of
defined options are described in Section 6.2.
Alignment requirements for the Mobility Header are same as for any
IPv6 protocol Header. That is, they MUST be aligned on an 8-octet
boundary. We also require that the Mobility Header length is a
multiple of 8 octets.
6.1.2. Binding Refresh Request (BR) (BRR) Message
The Binding Refresh Request (BR) (BRR) message is used to request a
mobile node's binding from the mobile node. A packet containing
a Binding Refresh Request message is sent in the same way as any
packet to a mobile node (Section 8.9). 9.6). When a mobile node receives
a packet containing a Binding Refresh Request message and there
already exists a Binding Update List entry for the source of the
Binding Refresh Request, it MAY start a Return Routability Procedure return routability procedure
(see Section 4.5) 5.5) if it believes the amount of traffic with the
correspondent justifies the use of Route Optimization. Note that
the mobile node SHOULD NOT respond to Binding Refresh Requests from
previously unknown correspondent nodes due to Denial-of-Service
concerns.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 33]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The Binding Refresh Request message uses the MH Type value 0. When
this value is indicated in the MH Type field, the format of the
Message Data field in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved
16-bit field reserved for future flags. These flag bits are
reserved for future use, and use. The value MUST be
initialized to zero by the sender, and MUST be ignored by the
receiver.
Parameters
Mobility options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The encoding and format
of defined options are described in Section 6.2. The receiver
MUST ignore and skip any parameters options which it does not understand. A
There MAY be additional information, associated with this
Binding Refresh Request MUST include the following parameter:
Johnson and Perkins Expires 22 September 2002 [Page 33]
INTERNET-DRAFT Mobility Support message, that need not be present in IPv6 22 March 2002
- Authentication Data parameter. This parameter contains a
cryptographic hash value which is used to ensure that it
has been sent by the correspondent node. The authenticator
covering a Binding Acknowledgement MUST be computed over
a bitstring containing the following fields of the IPv6
header and the Mobility Header, in order:
* The Home Address of the mobile node, from the
Destination Address field of the IPv6 header.
* The address of the correspondent node, from the Source
Address field of the IPv6 header.
* The contents of the Mobility Header, excluding the
Authenticator field (inside the Authentication Data
parameter) which is included as zeroes for the purposes
of calculating the Authenticator.
* Four bytes of zero. This is included for a potential
future extension.
The actual authenticator calculation over sequence of bits
is described in Section 4.5.
There MAY be additional information, associated with this
Binding Request message, that need not be present in all
Binding Requests sent.
all Binding Requests sent. This use of MH parameters mobility options also
allows for future extensions to the format of the Binding
Refresh Request message to be defined. The encoding and format of defined
parameters are described in Section 5.2. The following
parameters options
are valid in a Binding Refresh Request message:
- Unique Identifier Parameter Option
- Binding Authorization option
The Header Length field in the Mobility Header for this message
MUST be set to 1 (since unit is 8 octets) plus the total length of
all mobility options present (also in 8 octet units). If no actual parameters
options are present in this message, no padding is necessary.
5.1.3.
6.1.3. Home Test Init (HoTI) Message
The Home Test Init (HoTI) message is used to initiate the Return
Routability return
routability procedure from the mobile node to a correspondent node
(see Section 10.9). 11.6.2). The purpose of this message is to test the
reachability of the home address. This message is always sent with
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 34]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
the Source Address set to the home address of the mobile node,
Destination Address set to the correspondent node's address, and is
tunneled through the home agent when the mobile node is away from
home.
Johnson and Perkins Expires 22 September 2002 [Page 34]
INTERNET-DRAFT Mobility Support Such tunneling SHOULD employ IPsec ESP in IPv6 22 March 2002 tunnel mode between
the home agent and the mobile node. This protection is guided by the
IPsec Policy Data Base. (Note the protection of HoTI messages is
different from the requirement to protect regular payload traffic,
which MAY use such tunnels as well.)
The HoTI message uses the MH Type value 1. When this value is
indicated in the MH Type field, the format of the Message Data field
in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flags Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Mobile cookie |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility Options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Flags
Reserved
16-bit field reserved for future flags. These flag bits are
reserved for future use, and use. This value MUST be
initialized to zero by the sender, and MUST be ignored by the
receiver.
Parameters
Mobile cookie
32-bit field which contains a random value, mobile cookie 1,
selected by the mobile node.
Mobility options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The receiver MUST ignore
and skip any parameters options which it does not understand.
There MAY be additional information, associated with this
message that need not be present in all HoTI messages. This
use of MH parameters mobility options also allows for future extensions to
the format of the HoTI message to be defined. The encoding and
format of defined parameters options are described in Section 5.2. 6.2. The
following parameters options are valid in a HoTI message:
- Unique Identifier Parameter Option
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 35]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The Header Length field in the Mobility Header for this message
MUST be set to 2 (since unit is 8 octets) plus the total length of
all mobility options present (also in 8 octet units). If no actual parameters
options are present in this message, 4 bytes of Pad1
or PadN parameters are needed to make the length of the message a
multiple of 8.
The HoTI message SHOULD be protected by an IPsec policy that employs
ESP between the home agent and the mobile node. padding is necessary.
A packet that includes a HoTI message MUST NOT include a Home Address
destination option.
5.1.4.
6.1.4. Care-of Test Init (CoTI) Message
The Care-of Test Init (CoTI) message is used to initiate the Return
Routability return
routability procedure from the mobile node to a correspondent node
Johnson and Perkins Expires 22 September 2002 [Page 35]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
(see Section 10.9). 11.6.2). The purpose of this message is to test the
reachability of the care-of address. This message is always sent
with the Source Address set to the care-of address of the mobile
node, and is sent directly to the correspondent node.
The CoTI message uses the MH Type value 2. When this value is
indicated in the MH Type field, the format of the Message Data field
in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Mobile cookie |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility Options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved
16-bit field reserved for future flags. These flag bits are
reserved for future use, and use. The value MUST be
initialized to zero by the sender, and MUST be ignored by the
receiver.
Parameters
Variable-length field, of length such that
Mobile cookie
32-bit field which contains a random value, mobile cookie 2,
selected by the mobile node.
Mobility options
Variable-length field of such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The receiver MUST ignore
and skip any parameters options which it does not understand.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 36]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
There MAY be additional information, associated with this
message that need not be present in all CoTI messages. This
use of MH parameters mobility options also allows for future extensions to
the format of the CoTI message to be defined. The encoding and
format of defined parameters options are described in Section 5.2. 6.2. The
following parameters options are valid in a CoTI message:
- Unique Identifier Parameter Option
The Header Length field in the Mobility Header for this message
MUST be set to 2 (since unit is 8 octets) plus the total length of
all mobility options present (also in 8 octet units). If no actual parameters
options are present in this message, no 4 bytes of padding is necessary.
A packet that includes a CoTI message MUST NOT include a Home Address
destination option.
5.1.5.
6.1.5. Home Test (HoT) Message
The Home Test (HoT) message is an answer a response to the HoTI message, and
is sent from the correspondent node to the mobile node (see Section
Johnson and Perkins Expires 22 September 2002 [Page 36]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
8.2). This message is always sent with the Destination Address set
to the home address of the mobile node, Source Address set to the
address of the correspondent node, and is tunneled through the home
agent when the mobile node is away from home. Such tunneling SHOULD
employ IPsec ESP in tunnel mode between the home agent and the mobile
node. This protection is guided by the IPsec Policy Data Base.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 37]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The HoT message uses the MH Type value 3. When this value is
indicated in the MH Type field, the format of the Message Data field
in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Nonce Index | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Mobile cookie |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| Home Cookie (128 bits) |
+ +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved
32-bit field reserved for future flags. These flag bits
The two 16-bit fields are reserved for future use, and use. These
values MUST be set initialized to zero, otherwise an
error zero by the sender, and MUST be returned to
ignored by the sender. receiver.
Home Nonce Index
This field will be echoed back by the mobile node to the
correspondent node in a subsequent binding update. It
will allow Strictly
speaking, this value is not necessary in the authentication,
but allows the correspondent node to select efficiently find the appropriate
challenge values nonce
value Ni that it used in creating the Home Cookie. Without
this field, the correspondent node would have to authenticate search through
all currently acceptable nonce values when testing for the binding update.
correctness of the authenticator sent in a Binding Update.
Mobile cookie
32-bit field which contains mobile cookie 1, returned by the
correspondent node.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 38]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Home Cookie
This field contains the home cookie K0 in the Return Routability
Procedure; return routability
procedure; it is the first of two cookies which are to be
processed to form a key which is then used to authenticate a
binding update.
Johnson and Perkins Expires 22 September 2002 [Page 37]
INTERNET-DRAFT
Mobility Support in IPv6 22 March 2002
Parameters options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The receiver MUST ignore
and skip any parameters options which it does not understand.
There MAY be additional information, associated with this
message that need not be present in all HoT messages. MH
parameters Mobility
options are used to carry that information. The encoding and
format of defined parameters options are described in Section 5.2. 6.2. This
use of MH parameters mobility options also allows for future extensions
to the format of the HoT message to be defined. This
specification does not define any optional parameters options valid for the HoT
message.
The Header Length field in the Mobility Header for this message
MUST be set to 4 (since unit is 8 octets) plus the total length of
all mobility options present (also in 8 octet units). If no actual parameters
options are present in this message, 4 bytes of Pad1
or PadN parameters are needed to make the length of the message a
multiple of 8.
The HoT message SHOULD be protected by an IPsec policy that employs
ESP between the home agent and the mobile node, in order to prevent
attackets e.g. on the same link as the MN to receive the Home
Cookie.
5.1.6. no padding is necessary.
6.1.6. Care-of Test (CoT) Message
The Care-of Test (CoT) message is an answer a response to the CoTI message, and
is sent from the correspondent node to the mobile node (see Section
8.2). This message is always sent with the Source Address set to the
address of the correspondent node, the Destination Address set to
the care-of address of the mobile node, and is sent directly to the
mobile node.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 38] 39]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
The CoT message uses the MH Type value 4. When this value is
indicated in the MH Type field, the format of the Message Data field
in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Care-of Nonce Index | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Mobile cookie |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| Care-of Cookie (128 bits) |
+ +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility Options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved
The two 16-bit fields and the one 32-bit field reserved for future flags. These flag bits are reserved for
future use, and use. These values MUST be set initialized to zero, otherwise an
error zero by the
sender, and MUST be returned to ignored by the sender. receiver.
Care-of Nonce Index
This field will be echoed back by the mobile node to the
correspondent node in a subsequent binding update. It
will allow the correspondent node to select the appropriate
challenge values to authenticate the binding update.
Mobile cookie
32-bit field which contains the mobile cookie 2, returned by
the correspondent node.
Care-of Cookie
This field contains the care-of cookie K1 in the Return Routability
Procedure; return
routability procedure; it is the second of two cookies which
are to be processed to form a key which is then used to
authenticate a binding update.
Parameters
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 40]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Mobility options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The receiver MUST ignore
and skip any parameters options which it does not understand.
Johnson and Perkins Expires 22 September 2002 [Page 39]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
There MAY be additional information, associated with this
message that need not be present in all CoT messages. MH
parameters Mobility
options are used to carry that information. The encoding and
format of defined parameters options are described in Section 5.2. 6.2. This
use of MH parameters mobility options also allows for future extensions
to the format of the CoT message to be defined. This
specification does not define any optional parameters options valid for the CoT
message.
The Header Length field in the Mobility Header for this message
MUST be set to 4 (since unit is 8 octets) plus the total length of
all mobility options present (also in 8 octet units). If no actual parameters
options are present in this message, 4 bytes of Pad1
or PadN parameters are needed to make the length of the message a
multiple of 8.
5.1.7. no padding is necessary.
6.1.7. Binding Update (BU) Message
The Binding Update (BU) message is used by a mobile node to notify
other nodes of a new care-of address for itself. A packet containing
a Binding Update message is sent with the Source Address set to the
care-of address of the mobile node and the Destination Address set to
the correspondent node's address.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 41]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The Binding Update message uses the MH Type value 5. When this value
is indicated in the MH Type field, the format of the Message Data
field in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|A|H|S|D| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence # | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Home Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Johnson and Perkins Expires 22 September 2002 [Page 40]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
Acknowledge (A)
The Acknowledge (A) bit is set by the sending mobile node to
request a Binding Acknowledgement (Section 5.1.8) 6.1.8) be returned
upon receipt of the Binding Update.
Home Registration (H)
The Home Registration (H) bit is set by the sending mobile
node to request that the receiving node to should act as this
node's home agent. The destination of the packet carrying this
message MUST be that of a router sharing the same subnet prefix
as the home address of the mobile node in the binding (given by the Home
Address field in the Home Address option in the packet). binding.
Single Address Only (S)
If the `S' bit is set, the mobile node requests that the home
agent make no changes to any other Binding Cache entry except
for the particular one containing the home address specified
in the Home Address destination option. This disables home
agent processing for other related addresses, as is described
in Section 9.1. 10.2.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 42]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Duplicate Address Detection (D)
The Duplicate Address Detection (D) bit is set by the sending
mobile node to request that the receiving node (the mobile
node's home agent) to perform Duplicate Address Detection [35] [33]
on the mobile node's home link for the home address in this
binding. This bit is only valid when the Home Registration (H)
and Acknowledge (A) bits are also set, and MUST NOT be set
otherwise. If the Duplicate Address Detection performed by
the home agent fails, the Status field in the returned Binding
Acknowledgement will be set to 138 (Duplicate Address Detection
failed).
Reserved
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
Sequence #
A 16-bit number used by the receiving node to sequence Binding
Updates and by the sending node to match a returned Binding
Acknowledgement with this Binding Update. Each Binding Update
sent by a mobile node MUST use a Sequence Number greater than
the Sequence Number value sent in the previous Binding Update
(if any) to the same destination address (modulo 2**16, as
defined in Section 4.7). 4.5). There is no requirement, however,
that the Sequence Number value strictly increase by 1 with each
Johnson and Perkins Expires 22 September 2002 [Page 41]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
new Binding Update sent or received. received, as long as the value stays
within the window. A Binding Acknowledgement with Status field
set to 141 (Sequence number out of window) will be returned
if the value is outside the window. Both home agents and
correspondent nodes use the sequence number also to prevent
replay attacks.
Lifetime
32-bit unsigned integer. The number of seconds remaining
before the binding MUST be considered expired. A value of all
one bits (0xffffffff) indicates infinity. A value of zero
indicates that the Binding Cache entry for the mobile node MUST
be deleted.
Home Address
This field tells the
Bindings established with correspondent node nodes using the return
routability procedure MUST NOT exceed MAX_RR_BINDING_LIFE
seconds.
Home Address
The home address of the mobile node.
Parameters node associated with this
Binding Update.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 43]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Mobility options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The encoding and format
of defined options are described in Section 6.2. The receiver
MUST ignore and skip any parameters options which it does not understand.
A Binding Update sent to a correspondent node MUST include the
following parameters: options when the return routability procedure is used
as the authorization method:
- Nonce Indices parameter. option. This parameter option contains information the
correspondent node needs in order to find the challenge
values Nj Ni and Ni. Nj.
- Authentication Binding Authorization Data parameter. option. This parameter option contains
a cryptographic hash value which is used to ensure that
it has been sent by the same party who received the HoT
and CoT messages. The authenticator covering a Binding
Update MUST be 96 bits and computed over a bitstring string of octets
containing the following fields of the IPv6 header and the
Mobility Header, in order:
* Care-of Address, in the Source Address field of the
IPv6 header
* The address of the correspondent node, in the
Destination Address field of the IPv6 header.
* The contents of the Mobility Header, excluding the
Authenticator field (within the Authentication Binding Authorization
Data
parameter) mobility option) which is not included as zeroes for the
purposes of calculating the Authenticator. Parameters Options of
the Mobility Header are included in the calculation.
* Four bytes of zero.
Johnson and Perkins Expires 22 September 2002 [Page 42]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
The actual authenticator calculation over a sequence of
bits is described in Section 4.5. 5.5.
There MAY be additional information, associated with this
Binding Update message, that need not be present in all Binding
Updates sent. This use of MH parameters mobility options also allows for
future extensions to the format of the Binding Update message
to be defined. The encoding and format of defined parameters are
described in Section 5.2. The following parameters options are valid in a Binding
Update message:
- Unique Identifier Parameter option
- Binding Authorization Data option
- Alternate Care-of Address Parameter
If no actual parameters are present option
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 44]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The Header Length field in the Mobility Header for this message, 4 bytes of Pad1
or PadN parameters are needed message
MUST be set to make 4 (since unit is 8 octets) plus the total length of the message a
multiple of 8.
A Binding Update message to the correspondent node MUST NOT include
the Home Address option
all mobility options present (also in order to avoid reflection attacks
described 8 octet units). If no actual
options are present in Section 4.5. this message, no padding is necessary.
A Binding Update to the home agent MUST include the Home Address
destination option in order to allow for the use of manually keyed
IPsec in the protection of these messages. Note also that as
described in Section 6.3, the Home Address destination option is not
accepted by correspondent nodes that do not have an existing binding
with the sender.
When a packet contains both a Home Address Option destination option and a
Binding Update message, the sender MUST use the same address in both.
The receiver MUST check for the equal values and MUST silently discard a
packet that does not pass this test.
The home address of the mobile node in the binding given in the
Binding Update message is that which was received as the value of the
Home Address field in the Home Address option in the packet.
The care-of address for the binding given in the Binding Update
message is normally that which was received as the value in the
Source Address field in the IPv6 header of the packet carrying the
Binding Update message. However, a care-of address different from
the Source Address MAY be specified by including an Alternate Care-of
Address parameter mobility option in the Binding Update message. In any case, When such
message is sent to the
care-of address MUST NOT correspondent node and the return routability
procedure is used as the authorization method, the Care-of Test Init
and Care-of Test messages MUST have been performed for the address in
the Alternate Care-of Address option (not the Source Address). The
contents of the Nonce Indices and the Authenticator mobility options
MUST be based on information gained in this test.
In any case, the care-of address MUST NOT be any IPv6 address
which is prohibited for use within a Routing Header; thus multicast
addresses, the unspecified address, loop-back address, and link-local
addresses are excluded. Binding Updates indicating any such excluded
care-of address MUST be silently discarded.
If
The deletion of a binding can be indicated by setting the Lifetime
field to 0 or by setting the care-of address for as equal to the binding (specified home
address (the care-of address can be specified either in an Alternate
Care-of Address parameter mobility option in the Binding Update message, if
present, or in the Source Address field in the packet's IPv6 header)
is equal to the home address of the mobile node, the Binding Update
message indicates that any existing binding for the mobile node MUST
Johnson and Perkins Expires 22 September 2002 [Page 43]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
be deleted. Likewise, if the Lifetime field in the Binding parameter
is equal to 0, the Binding Update message indicates that any existing
binding for the mobile node MUST be deleted. In each of these cases,
a Binding Cache entry for the mobile node MUST NOT be created in
response to receiving the Binding Update.
When the care-of address is NOT equal to the home address,
what if we just delete that particular care-of address?
The last Sequence Number value sent to a destination in a Binding
parameter is stored by the mobile node in its Binding Update List
entry for that destination; the last Sequence Number value received
from a mobile node in a Binding Update is stored by a correspondent
node in its Binding Cache entry for that mobile node. Thus, the
mobile node's and the correspondent node's knowledge of the last
sequence number expire at the same time. If the sending mobile node
has no Binding Update List entry, the Sequence Number may start at
any value; if the receiving correspondent node has no Binding Cache
entry for the sending mobile node, it MUST accept any Sequence Number
value in a received Binding Update from this mobile node. The mobile
node MUST NOT use the same Sequence Number in two different Binding
Updates to the same correspondent node, even if the Binding Updates
provide different care-of addresses.
5.1.8. header).
6.1.8. Binding Acknowledgement (BA) Message
The Binding Acknowledgement message is used to acknowledge receipt
of a Binding Update message (Section 5.1.7). 6.1.7). When a node receives
a packet containing a Binding Update message, with this node being
the destination of the packet, this node MUST return a Binding
Acknowledgement to the mobile node, if the Acknowledge (A) bit
is set in the Binding Parameter carried in the Binding Update. The Binding Acknowledgement
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 45]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
message is sent to the Source Address of the Binding Update message it
which is an answer to, with the source being acknowledged. The Source Address of the Binding
Acknowledgement is the Destination Address from the Binding Update.
Johnson and Perkins Expires 22 September 2002 [Page 44]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
The Binding Acknowledgement message has the MH Type value 6. When
this value is indicated in the MH Type field, the format of the
Message Data field in the Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence # | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Refresh |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved
These fields are unused. They MUST be initialized to zero by
the sender and MUST be ignored by the receiver.
Status
8-bit unsigned integer indicating the disposition of the
Binding Update. Values of the Status field less than 128
indicate that the Binding Update was accepted by the receiving
node. The following such Status values are currently defined:
0
Binding Update accepted
Values of the Status field greater than or equal to 128
indicate that the Binding Update was rejected by the receiving
node. The following such Status values are currently defined:
128
Reason unspecified
130
Administratively prohibited
131
Insufficient resources
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 45] 46]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
131
Insufficient resources
132
Home registration not supported
133
Not home subnet
137
Not home agent for this mobile node
138
Duplicate Address Detection failed
141
Sequence number out of window
142
Route optimization unnecessary due to low traffic
143
Invalid authenticator
144
Too old
Expired Home Nonce Index
145
Too old
Expired Care-of Nonce Index
Up-to-date values of the Status field are to be specified in
the most recent "Assigned Numbers" [32]. [30].
Sequence #
The Sequence Number in the Binding Acknowledgement is copied
from the Sequence Number field in the Binding Update being
acknowledged, for use by the mobile node in matching this
Acknowledgement with an outstanding Binding Update.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 47]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Lifetime
The granted lifetime, in seconds, for which this node will SHOULD
retain the entry for this mobile node in its Binding Cache.
Correspondent nodes should make an effort to honor
Johnson and Perkins Expires 22 September 2002 [Page 46]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 the
lifetimes, since an entry that was garbage collected too early
might cause subsequent packets from the mobile node to be
dropped, if they contained the Home Address Option. destination option.
While this situation is recoverable since an error message is
sent to the mobile node, it causes an unnecessary break in the
communications.
Correspondent
Mobile nodes SHOULD also retain send a BCE entry for new Binding Update well before the
purposes
expiration of accepting Home Address Options somewhat longer than
they keep on using the entry for Route Optimization of outgoing
packets. this period in order to extend the lifetime and
not cause a disruption in communications. This helps is particularly
necessary in order to avoid prevent packets from being dropped packets, particularly
when due
to the use of the Home Address destination option without an
existing Binding Cache Entry, and the possibility of clock drift can be a problem.
drift.
If the node sending the Binding Acknowledgement is serving
as the mobile node's home agent, the Lifetime period also
indicates the period for which this node will continue this
service; if the mobile node requires home agent service from
this node beyond this period, the mobile node MUST send a new
Binding Update to it before the expiration of this period (even
if it is not changing its primary care-of address), in order
to extend the lifetime. The value of this field is undefined
if the Status field indicates that the Binding Update was
rejected.
Refresh
The recommended interval, in seconds, at which the mobile
node SHOULD send a new Binding Update to this node in order
to "refresh" the mobile node's binding in this node's Binding
Cache. This refreshing of the binding is useful in case the
node fails and loses its cache state. The Refresh period is
determined by the node sending the Binding Acknowledgement (the
node caching the binding). If this node is serving as the
mobile node's home agent, the Refresh value may be set, for
example, based on whether the node stores its Binding Cache in
volatile storage or in nonvolatile storage. Note that as
discussed in Section 4.5.4, home agents need to keep at least
some information about sequence numbers in non-volatile memory.
If the node sending the Binding Acknowledgement is not
serving as the mobile node's home agent, the Refresh period
SHOULD be set equal to the Lifetime period in the Binding
Acknowledgement; even if this node loses this cache entry due
to a failure of the node, packets from it can still reach the
mobile node through the mobile node's home agent, causing a new
Binding Update to this node to allow it to recreate this cache
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 48]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
entry. The value of this field is undefined if the Status
field indicates that the Binding Update was rejected.
Johnson and Perkins Expires 22 September 2002 [Page 47]
INTERNET-DRAFT
Mobility Support in IPv6 22 March 2002
Parameters options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
or more TLV-encoded parameters. mobility options. The encoding and format
of defined options are described in Section 6.2. The receiver
MUST ignore and skip any parameters options which it does not understand.
A Binding Acknowledgement sent by a correspondent node MUST
include the following parameter:
- Authentication Data parameter. This parameter contains a
cryptographic hash value which is used to ensure that it
has been sent by the correspondent node. The authenticator
covering a Binding Acknowledgement MUST be computed over
a bitstring containing the following fields of the IPv6
header and the Mobility Header, in order:
* Care-of Address, in the Destination Address field of
the IPv6 header
* The address of the correspondent node, in the Source
Address field of the IPv6 header.
* The contents of the Mobility Header, excluding the
Authenticator field (inside the Authentication Data
parameter) which is included as zeroes for the purposes
of calculating the Authenticator.
* Four bytes of zero.
The actual authenticator calculation over sequence of bits
is described in Section 4.5.
There MAY be additional information, associated with this
Binding Acknowledgement message, that need not be present
in all Binding Acknowledgements sent. This use of MH parameters mobility
options also allows for future extensions to the format of the
Binding Acknowledgement message to be defined. The encoding and format
of defined parameters following
options are described in Section 5.2. This
specification does not define any parameters valid for the Binding Acknowledgement message. message:
- Binding Authorization Data option
The Header Length field in the Mobility Header for this message
MUST be set to 3 (since unit is 8 octets) plus the total length of
all mobility options present (also in 8 octet units). If no actual parameters
options are present in this message, no padding is
needed. 4 bytes of Pad1 or PadN mobility
options are needed to make the length of the message a multiple of 8.
The Header Length field does include this padding.
The Binding Acknowledgement is sent to the source address of the
Binding Update message, regardless of whether the Binding Update
succeeded or failed. No Routing Headers are inserted added to the message.
If the mobile node sends a sequence number which is not within the
window of acceptable sequence numbers, then the home agent MUST send
back a Binding Acknowledgement with status code 141, and the last
Johnson and Perkins Expires 22 September 2002 [Page 48]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
accepted sequence number in the Sequence Number field of the Binding
Ack Parameter.
5.1.9.
Acknowledgement message.
6.1.9. Binding Missing (BM) Error (BE) Message
The Binding Missing (BM) Error (BE) message is used by the correspondent node to
signal an error related to mobility, such as an inappropriate attempt
to use the Home Address Option destination option without an existing
binding. A packet containing a Binding Missing Error message is sent to the
source address of the offending packet. For instance, in the case
of the Home Address destination option error, the packet is the one
that contained the Home Address Option i.e. destination option and therefore
the Binding Error message is sent to the care-of address of the
mobile node. The source address of the Binding Missing Error message is the
correspondent node's address.
When a mobile node receives a packet containing a
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 49]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
The Binding Missing
message, it should perform one of Error message uses the following three actions:
- If MH Type value 7. When this value
is indicated in the mobile node does not have a Binding Update List entry for MH Type field, the source format of the Binding Missing message, it MUST ignore Message Data
field in the
message. This is necessary to prevent loss of resources spent on
the Route Optimization signaling due to spoofed Binding Missing
messages.
- If the mobile node does have a Binding Update List entry but
has recent upper layer progress information that indicates
communications with the correspondent node are progressing, it
MAY ignore the message. This can be done in order to limit the
damage that spoofed Binding Missing messages can cause to ongoing
communications.
- If the mobile node does have a Binding Update List entry but
no upper layer progress information, it MUST remove the entry
and route further communications through the home agent. It
may also optionally start a Return Routability Procedure (see
Section 4.5).
Johnson and Perkins Expires 22 September 2002 [Page 49]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
The Binding Missing message uses the MH Type value 7. When this
value is indicated in the MH Type field, the format of the Message
Data field in the Mobility Header Mobility Header is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Home Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. .
. Parameters Mobility Options .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved
16-bit field reserved
Status
8-bit unsigned integer indicating the reason for future flags. These flag bits this message.
The following such Status values are currently defined:
1
Home Address destination option used without a binding
2
Received message had an unknown value for the MH Type field
Reserved
A 8-bit field reserved for future use, and use. The value MUST be
initialized to zero by the sender, and MUST be ignored by the
receiver.
Home Address
The home address that was contained in the Home Address Option.
destination option. The mobile node uses this information to
determine which binding does not exist, if there in cases where the
mobile node has several home addresses.
Parameters
Mobility options
Variable-length field, field of length such length that the complete Mobility
Header is an integer multiple of 8 octets long. Contains one
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 50]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
or more TLV-encoded parameters. mobility options. The receiver MUST ignore
and skip any parameters options which it does not understand.
There MAY be additional information, associated with this
Binding Missing Error message, that need not be present in all Binding Missings
Error messages sent. This use of MH parameters mobility options also allows
for future extensions to the format of the Binding Missing Error
message to be defined. The encoding and format of defined
parameters
options are described in Section 5.2. 6.2. This specification does
not define any parameters options valid for the Binding Missing Error message.
Johnson and Perkins Expires 22 September 2002 [Page 50]
INTERNET-DRAFT
The Header Length field in the Mobility Support Header for this message
MUST be set to 3 (since unit is 8 octets) plus the total length of
all mobility options present (also in IPv6 22 March 2002 8 octet units). If no actual parameters
options are present in this message, no padding is
needed.
5.2. necessary.
6.2. Mobility Header Parameters
5.2.1. Options
6.2.1. Format
In order to allow optional fields that may not be needed in every use
of any given Mobility Header, and to allow future extensions to the
format of these messages to be defined, any of the Mobility Header
messages defined in this document MAY include one or more parameters. mobility
options.
Such parameters options are included in the data portion of the message itself,
after the fixed portion of the message data specified in section 5.1. 6.1.
The presence of such parameters options will be indicated by the Header Len of
the Mobility Header.
These parameters options are encoded within the remaining space of the message
data for that message, using a type-length-value (TLV) format as
follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Parameter
|Option Type | Parameter Option Len | Parameter Option Data... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Parameter
Option Type
8-bit identifier of the type of parameter. mobility option. When
processing a Mobility Header containing a parameter an option for which
the Parameter Option Type value is not recognized by the receiver,
the receiver MUST quietly ignore and skip over the parameter, option,
correctly handling any remaining sub-options options in the option.
Parameter message.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 51]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Option Length
8-bit unsigned integer. Length of the Parameter Data field
of this parameter, mobility option, in
octets. The Parameter Option Len includes does not include the length of the Parameter
Option Type and Parameter Option Len fields.
Parameter
Option Data
Variable-length field. Parameter -Type-specific data.
Parameters MUST be aligned on an 8-byte boundary, and have a
A variable length
which is a multiple of 8.
Johnson and Perkins Expires 22 September 2002 [Page 51]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002 field that contains data specific to the
option.
The following subsections specify the Parameter Option types which are
currently defined for use in the Mobility Header.
Implementations MUST silently ignore any parameters mobility options that they
do not understand.
5.2.2.
6.2.2. Pad1
The Pad1 Parameter (alignment requirement: none) option does not have any alignment requirements. Its format
is as follows:
0
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
| 0 |
+-+-+-+-+-+-+-+-+
NOTE! the format of the Pad1 parameter option is a special case -- it has
neither Parameter Option Len nor Parameter Option Data fields.
The Pad1 parameter option is used to insert one octet of padding into in the
Parameters
Mobility Options area of a Mobility Header. If more than one octet
of padding is required, the PadN parameter, option, described next, should be
used,
used rather than multiple Pad1 parameters.
5.2.3. options.
6.2.3. PadN
The PadN Parameter (alignment requirement: none) option does not have any alignment requirements. Its format
is as follows:
0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
| 1 | Parameter Option Len | Parameter Option Data
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
The PadN parameter option is used to insert two or more octets of padding
into in
the Parameters Mobility Options area of some a Mobility Header message. For N octets
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 52]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
of padding, the Parameter Option Len field contains the value N, and the Parameter Option
Data consists of N-2 zero-valued octets. Parameter Option data MUST be ignored
by the receiver.
Johnson and Perkins Expires 22 September 2002 [Page 52]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
5.2.4.
6.2.4. Unique Identifier
The Unique Identifier parameter (alignment requirement: 2n) option has the alignment requirement of 2n.
Its format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 2 | 4 | Unique Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Unique Identifier parameter option is valid only in Binding Request Refresh
Request, HoTI, CoTI, and Binding Update messages. The Unique
Identifier field contains a 16-bit value that serves to uniquely
identify a Binding Request among those sent by this Source Address,
and to allow the HoTI, CoTI, and Binding Update to identify the
specific Binding Refresh Request to which it responds. This matching
of Binding Updates to Binding Refresh Requests is required in the
procedure for renumbering the home subnet while a mobile node is away
from home (Section 9.7).
5.2.5. 10.9.1).
6.2.5. Alternate Care-of Address
The Alternate Care-of Address parameter (alignment requirement: 8n+6)
0 option has an alignment requirement of
8n+6. Its format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 3 | 18 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Alternate Care-of Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Alternate Care-of Address parameter option is valid only in Binding Update
message. The Alternate Care-of Address field contains an address to
use as the care-of address for the binding, rather than using the
Source Address of the packet as the care-of address.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 53]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
5.2.6.
6.2.6. Nonce Indices
The Nonce Indices parameter (alignment requirement: 8n+6) option has an alignment requirement of 2n. Its
format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 4 | 6 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Nonce Index | Care-of Nonce Index |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Nonce Indices parameter option is valid only in the Binding Update message,
and only when present together with an Authentication Binding Authorization Data
parameter.
option.
The Home Nonce Index field tells the correspondent node that receives
the message which of the challenge values (Nj) (Ni) are to be used to
authenticate the Binding Update.
The Care-of Nonce Index field tells the correspondent node that
receives the message which of the challenge values (Ni) (Nj) are to be
used to authenticate the Binding Update.
5.2.7. Authentication
6.2.7. Binding Authorization Data
Authentication
The Binding Authorization Data parameter (alignment requirement: 8n+6) option has an alignment requirement of
4n+2. Its format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 5 | 18 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SPI 2 + Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| Authenticator |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Authentication Binding Authorization Data parameter option is valid only in the Binding
Refresh Request, Binding Update, and Binding Acknowledgment messages.
The Security Parameters Index (SPI) Option Len field contains an arbitrary
32-bit value that uniquely identifies the used security association.
This document specifies only one legal value for the SPI field. This
value, 0, signifies that no security association 2 + Len, where Len is present and the
length of the authenticator in octets.
The Authenticator field contains a cryptographic context MUST value which can be established temporarily only for
used to determine that the
Johnson and Perkins message in question comes from the right
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 54]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
duration of processing this message. Messages that contain other
values of the SPI field SHOULD be silently discarded.
The Authenticator field contains a 96-bit cryptographic hash
value.
authority. Rules for calculating this value are different depend on the used
authorization procedure. This specification gives the rules only for different
messages,
the return routability procedure. For this procedure, this option
can only appear in a Binding Update message and rules for calculating
the Authenticator value are described in Sections 5.1.2, 5.1.7 and 5.1.8.
5.3. Section 6.1.7.
6.3. Home Address Destination Option
The Home Address destination option is used in a packet sent by a
mobile node while away from home, to inform the recipient of that
packet of the mobile node's home address. For packets sent by a
mobile node while away from home, the mobile node generally uses one
of its care-of addresses as the Source Address in the packet's IPv6
header. By including a Home Address option in the IPv6 Destination
Options header of the packet, the correspondent node receiving the
packet is able to substitute the mobile node's home address for
this care-of address when processing the packet. This makes the
use of the care-of address transparent to the correspondent node. node
above the Mobile IPv6 support level. Note that multicast addresses,
link-local addresses, loopback addresses, IPv4 mapped addresses,
and the unspecified address, MUST NOT be used within a Home Address
option. The Home Address Option MUST not appear more than once in
any given packet, except inside the payload part of the packet if
tunneling is involved.
The Home Address option is encoded in type-length-value (TLV) format
as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Option Type | Option Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Home Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sub-Options...
+-+-+-+-+-+-+-+-+-+-+-+-
Option Type
201 = 0xC9
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 55]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Option Length
8-bit unsigned integer. Length of the option, in octets,
excluding the Option Type and Option Length fields. This field
Johnson and Perkins Expires 22 September 2002 [Page 55]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
MUST be set to 16 plus the total length of all sub-options
present, including their Sub-Option Type and Sub-Option Len
fields. 16.
Home Address
The home address of the mobile node sending the packet.
Sub-Options
Additional information, associated with this Home Address
option,
IPv6 requires that need not options appearing in a Hop-by-Hop Options
header or Destination Options header be present aligned in all Home Address options
sent. This use of sub-options also allows for future
extensions to a packet so that
multi-octet values within the format Option Data field of the Home Address each option to be
defined. Currently, no valid sub-options fall
on natural boundaries (i.e., fields of width n octets are defined placed at
an integer multiple of n octets from the start of the header, for use
in a Home Address option.
n = 1, 2, 4, or 8) [6]. The alignment requirement [6] for the Home
Address option is 8n+6.
The inclusion three highest-order bits of a Home Address option in a packet affects the
receiving node's Option Type are encoded to
indicate specific processing of only this single packet; no state is
created or modified in the receiving node as a result of receiving a
Home Address option in a packet. In particular, [6]. For the presence of a Home Address
option, these three bits are set to 110, indicating that any IPv6
node processing this option in a received that does not recognize the Option Type
must discard the packet MUST NOT alter and, only if the contents
of packet's Destination Address
was not a multicast address, return an ICMP Parameter Problem,
Code 2, message to the receiver's Binding Cache packet's Source Address; and MUST NOT cause any changes in that the
routing of subsequent packets sent by this receiving node. data
within the option cannot change en-route to the packet's final
destination.
A packet MUST NOT contain more than one Home Address option, except
that an encapsulated packet [4] MAY contain a separate Home Address
option associated with each encapsulating IP header.
The Home Address option MUST be placed as follows:
- After the Routing Header, if that header is present
- Before the Fragment Header, if that header is present
- Before the AH Header or ESP Header, if either one of those
headers is present
Due to the threat of reflection attacks through the use of this
option, this specification requires that packets containing Home
Address Option option MUST be dropped if there is no corresponding Binding
Cache Entry for that home address with the currently registered
care-of address matching the source address of the packet. If the
packet is dropped, the correspondent nodes SHOULD send the Binding
Missing
Error message to the source address of the packet that contained the
Home Address Option option (see Section 5.1.9). 6.1.9). The Status field in this
message should be set to 1. These messages SHOULD be rate-limited.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 56]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
No additional authentication of the Home Address option is
required, except that if the IPv6 header of a packet is covered
by authentication, then that authentication MUST also cover the
Home Address option; this coverage is achieved automatically by the
definition of the Option Type code for the Home Address option, since
Johnson and Perkins Expires 22 September 2002 [Page 56]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
it indicates that the data within the option cannot change en-route
to the packet's final destination, and thus the option is included in
the authentication computation. By requiring that any authentication
of the IPv6 header also cover the Home Address option, the security
of the Source Address field in the IPv6 header is not compromised by
the presence of a Home Address option. Security issues related to
the Home Address option are discussed further in Section 4.5. 5. When
attempting to verify authentication data in a packet that contains
a Home Address option, the receiving node MUST make the calculation
as if the care-of address were present in the Home Address option,
and the home address were present in the source IPv6 address field
of the IPv6 header. This conforms with the calculation specified in
section 10.2.
A packet MUST NOT contain more than one Home Address option, except
that an encapsulated packet [4] MAY contain 11.2.2.
The inclusion of a separate Home Address destination option associated with each encapsulating IP header.
The three highest-order bits of in a packet
affects the Option Type are encoded to
indicate specific receiving node's processing of only this single packet;
no state is created or modified in the receiving node as a result
of receiving a Home Address option [6]. For in a packet. In particular, the
presence of a Home Address
option, these three bits are set to 110, indicating that any IPv6
node processing this option that does not recognize the Option Type
must discard the in a received packet and, only if MUST NOT alter
the packet's Destination Address
was not a multicast address, return an ICMP Parameter Problem,
Code 2, message to contents of the packet's Source Address; receiver's Binding Cache and that the data
within the option cannot change en-route to MUST NOT cause any
changes in the packet's final
destination.
Johnson and Perkins routing of subsequent packets sent by this receiving
node.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 57]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
5.4.
6.4. Routing Header type 2
Mobile IPv6 uses a routing Routing header to carry the Home Address for
packets sent from a correspondent node to a mobile node, which the node. The Care of
Address of the MN mobile node is carried in the IPv6 destination field.
This uses a different routing Routing header type than what is defined for ``regular'' "regular"
IPv6 source routing to make it possible for e.g., routing, enabling firewalls to have apply different rules for
to source routing versus routed packets than to MIPv6. This routing Routing header type (type
(Type 2) is restricted to only carry only one IPv6 address and all address. All IPv6
nodes which process it this Routing header MUST verify that the address
contained in the routing header within is the node's own home address of the
node in order to prevent
packets with this routing header type to be from being forwarded after decrementing outside the segments left field.
5.4.1. node.
6.4.1. Routing Header Packet format
The Type 2 Routing header has the following format:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next Header | Hdr Ext Len=2 | Routing Type=2|Segments Left=1|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Home Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Next Header
8-bit selector. Identifies the type of header immediately
following the Routing header. Uses the same values as the IPv4
Protocol field [10].
Hdr Ext Len
8-bit unsigned integer. Length of the Routing header in
8-octet units, not including the first 8 octets. For the Type
2 Routing header, Hdr Ext Len is always 2.
Routing Type
8-bit unsigned integer that contains the value 2.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 58]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Segments Left
8-bit unsigned integer. Number of route segments remaining, remaining;
i.e., number of explicitly listed intermediate nodes still to
be visited before reaching the final destination. For the type
2 routing header, Packets
transmitted through an interface have Segments left is always 1. 1
in this type of Routing header.
Reserved
32-bit reserved field. Initialized to zero for transmission; transmission,
and ignored on reception.
Home Address
The Home Address of the destination Mobile Node.
5.4.2. Sending RH type 2
A correspondent node sends packets with a routing header based on the
content
The ordering rules for extension headers in an IPv6 packet are
described in Section 4.1 of [6]. The new Routing header (Type 2)
defined for Mobile IPv6 follows the binding cache. Conceptually this is done by the IP
layer inspecting the binding cache same ordering as other routing
headers. If more than one Routing header (e.g., both a Type 0 and if there is an entry for a
Type 2 Routing header are present), the
destination address (the Home Address) then Type 2 Routing header should
follow all other Routing headers. Otherwise the IP layer inserts a order of routing header
headers is independent of their type 2 based on the ordering rules below and moves
the Home Address to the Home Address field in the RH and places the
Care of Address in the IPv6 destination field.
Note that following the above conceptually model in an implementation
creates some additional requirements for path MTU discovery since the
packetization layer (e.g., TCP and applications using UDP) need to be
aware of the size of the headers added by the IP layer on the sending
node.
The IP layer will insert the routing header before performing IPsec
processing. The IPsec Security Policy Database will be consulted
based on the IP source address and the final IP destination (which
will be in the routing header). The definition of AH ensures that
the AH calculation is done on the packet in the form it will have on
the receiver after advancing the routing header.
Johnson and Perkins Expires 22 September 2002 [Page 59]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
5.4.3. Verification by receiver
A node receiving a packet addressed to itself (i.e., one of the
node's addresses is in the IPv6 destination field) follows the next
header chain of headers and processes them. When it encounters a
routing header of type 2 during this processing it performs the
following checks. If any of these checks fail the node MUST silently
discard the packet.
- The node is a mobile node.
- The length field in the RH is exactly 2
- The segments left field in the RH is exactly 1
- The Home Address field in the RH is (one of) the node's Home
Address(es)
Once the above checks have been performed the routing header
processing. Conceptually this follows the same model as in RFC 2460
i.e. swap the IPv6 destination field with the Home Address field
in the RH, decrement segments left, and resubmit the packet to IP
for processing the next header. However, in the case of RH type 2
this can be simplified since it is known that the packet will not be
forwarded to a different node.
Since IPsec headers follow the Routing Header any IPsec processing
will operate on the packet with the HoA in the IP destination field
and segments left being zero. Thus AH will see the packet in the
same "shape" as the AH calculation on the sender.
5.4.4. Extension header ordering
Section 4.1 in RFC 2460 lists the extension header ordering. The
introduction of Routing Header type 2 potentially allows there to be
multiple routing headers in a single packet. If this is the case
the Routing Header type 2 should follow any Routing header of other
type but otherwise the order constraints for routing headers is
independent of their type and follows RFC 2460.
5.4.5. Reversing type 2 routing headers
In addition, follows [6].
In addition, the general procedures defined by IPv6 for Routing
headers suggest that a received Routing header MAY be automatically
"reversed" to construct a Routing header for use in any response
packets sent by upper-layer protocols, if the received packet is
authenticated [6]. This MUST NOT be done to type automatically for Type 2 routing
Routing headers.
Johnson and Perkins Expires 22 September 2002 [Page 60]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
5.5. Mobile IPv6 Destination Option Sub-Options
In order to allow future extensions
6.5. ICMP Home Agent Address Discovery Request Message
The ICMP Home Agent Address Discovery Request message is used by a
mobile node to initiate the format of MIPv6
destination options, any of the Mobile IPv6 destination options
defined dynamic home agent address discovery
mechanism, as described in this document MAY include one or more sub-options.
Such sub-options are included in the data portion of the destination
option itself, after the fixed portion of the option data specified
for that particular destination option (Section 5.3). Sections 10.9 and 11.3.2. The presence
of such sub-options will be indicated by the Option Length field.
When the Option Length is greater than mobile
node sends a Home Agent Address Discovery Request message to the standard length defined
"Mobile IPv6 Home-Agents" anycast address for that destination option, its own home subnet
prefix [11], and one of the remaining octets are interpreted as
sub-options.
These sub-options are encoded within home agents responds to the remaining space mobile node
with a Home Agent Address Discovery Reply message, providing a list
of the
option data for that option, using a type-length-value (TLV) format routers on the mobile node's home link serving as follows: home agents.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Sub-Option Type| Sub-Option Len| Sub-Option Data...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Sub-Option
| Type
8-bit identifier of the type of sub-option. When processing
a Mobile | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identifier | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 59]
INTERNET-DRAFT Mobility Support in IPv6 destination option containing a sub-option for
which the Sub-Option 1 May 2002
Type value
150 <To Be Assigned by IANA>
Code
0
Checksum
The ICMP checksum [5].
Identifier
An identifier to aid in matching Home Agent Address Discovery
Reply messages to this Home Agent Address Discovery Request
message.
Reserved
This field is not recognized unused. It MUST be initialized to zero by the
receiver, the receiver SHOULD quietly ignore
sender and skip over the
sub-option, correctly handling any remaining sub-options in MUST be ignored by the
option.
Sub-Option Length
8-bit unsigned integer. Length receiver.
The Source Address of the Sub-Option Data field Home Agent Address Discovery Request
message packet MUST be one of this sub-option, in octets. the mobile node's current care-of
addresses. The Sub-Option Len does not
include home agent MUST then return the length Home Agent Address
Discovery Reply message directly to the Source Address chosen by the
mobile node. Note that, at the time of performing this dynamic home
agent address discovery, it is likely that the Sub-Option Type and Sub-Option Len
fields.
Sub-Option Data
Variable-length field. Sub-Option-Type-specific data.
As mobile node is not
registered with IPv6 options appearing in a Hop-by-Hop Options header
or Destination Options header [6], individual sub-options within
a Mobile IPv6 destination option may have specific alignment
requirements, to ensure that multi-octet values any home agent within Sub-Option
Data fields fall on natural boundaries. The alignment requirement
of each sub-option is specified as part of the definition of each
sub-option below.
Johnson and Perkins specified anycast group.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 61] 60]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Each section above defining the Mobile IPv6 destination options
specifies which of the defined sub-options
6.6. ICMP Home Agent Address Discovery Reply Message
The ICMP Home Agent Address Discovery Reply message is valid for that
destination option. In addition, there are two padding sub-options,
Pad1 and PadN (defined below), which are used when necessary by
a home agent to align
subsequent sub-options. The Pad1 and PadN sub-options are valid for
all Mobile IPv6 destination options. Unlike the padding options
used in Hop-by-Hop Options header or Destination Options header [6],
there is no requirement for padding the total size of any Mobile IPv6
destination option respond to a multiple of 8 octets in length, and the
Pad1 and PadN sub-options SHOULD NOT be used for this purpose. All
Mobile IPv6 sub-options defined in this document MUST be recognized
by all Mobile IPv6 implementations.
5.5.1. Pad1
Pad1 Sub-Option (alignment requirement: none)
0
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
| 0 |
+-+-+-+-+-+-+-+-+
NOTE! the format of the Pad1 sub-option is a special
case -- it has neither Sub-Option Len nor Sub-Option Data
fields.
The Pad1 sub-option is used to insert one octet of padding
into the Sub-Options area of a Mobile IPv6 option. If more
than one octet of padding is required, the PadN sub-option,
described next, should be used, rather than multiple Pad1
sub-options.
5.5.2. PadN
PadN Sub-Option (alignment requirement: none)
0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
| 1 | Sub-Option Len| Sub-Option Data
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - -
The PadN sub-option is used to insert two or more octets of
padding into the Sub-Options area of a Mobile IPv6 option.
For N octets of padding, the Sub-Option Len field contains
the value N-2, and the Sub-Option Data consists of N-2
zero-valued octets.
Johnson and Perkins Expires 22 September 2002 [Page 62]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
5.6. ICMP Home Agent Address Discovery Request Message
The ICMP Home Agent Address Discovery Request message is used by a
mobile node to initiate mobile node using the dynamic home
agent address discovery mechanism, as described in Sections 9.9 10.9
and 10.8. 11.3.2. The mobile node sends a Home Agent Address Discovery
Request message to the "Mobile IPv6 Home-Agents" anycast address
for its own home subnet prefix [11], and one of the home agents there
responds to the mobile node with a Home Agent Address Discovery Reply message giving
message, providing a list of the routers on the mobile node's home
link serving as home agents.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identifier | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ Reserved +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
. .
. Home Agent Addresses .
. .
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
150
151 <To Be Assigned by IANA>
Code
0
Checksum
The ICMP checksum [5].
Identifier
An
The identifier to aid in matching Home Agent Address Discovery
Reply messages to this from the invoking Home Agent Address Discovery
Request message.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 61]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
Reserved
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
The Source Address of the
Home Agent Address Discovery Request
message packet MUST be one Addresses
A list of addresses of home agents on the mobile node's current care-of
addresses. The home agent then MUST return link for the Home Agent Address
Discovery Reply message directly to
mobile node. The number of addresses present in the Source Address chosen list is
indicated by the mobile node Note that, at the time remaining length of performing this dynamic
home agent address discovery, it is likely that the mobile node not
registered with any home agent within IPv6 packet carrying
the specified anycast group.
Johnson and Perkins Home Agent Address Discovery Reply message.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 63] 62]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
5.7.
6.7. ICMP Home Agent Address Discovery Reply Mobile Prefix Solicitation Message Format
The ICMP Home Agent Address Discovery Reply message Mobile Prefix Solicitation Message is used sent by a mobile node
to its home agent while it is away from home. The purpose of the
message is to respond to solicit a mobile node using Mobile Prefix Advertisement from the dynamic home agent
address discovery mechanism, as described in Sections 9.9 and 10.8.
The
agent, which will allow the mobile node sends a Home Agent Address Discovery Request message to the "Mobile IPv6 Home-Agents" anycast address for gather prefix information
about its own home
subnet network. This information can be used to configure
home address(es) by stateless address autoconfiguration [33],
or update address(es) according to changes in prefix [11], and one of the home agents there responds to the
mobile node with a Home Agent Address Discovery Reply message giving
a list of the routers on the mobile node's home link serving as home
agents.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identifier | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
| |
+ Reserved +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
. .
. Home Agent Addresses .
. .
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
151 <To Be Assigned by IANA>
Code
0
Checksum
The ICMP checksum [5].
Identifier
The identifier from the invoking Home Agent Address Discovery
Request message.
Johnson and Perkins Expires 22 September 2002 [Page 64]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
Reserved
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
Home Agent Addresses
A list of addresses of home agents on the home link for the
mobile node. The number of addresses present in the list is
indicated by the remaining length of the IPv6 packet carrying
the Home Agent Address Discovery Reply message.
Johnson and Perkins Expires 22 September 2002 [Page 65]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
5.8. ICMP Mobile Prefix Solicitation Message Format
The ICMP Mobile Prefix Solicitation Message is sent by a mobile node
to its home agent while it is away from home. The purpose of the
message is to solicit a Mobile Prefix Advertisement from the home
agent, which will allow the mobile node to gather prefix information
about its home network. This information can be used to configure
home address(es) by stateless address autoconfiguration [35],
or update address(es) according to changes in prefix information
supplied by information
supplied by the home agent.
The Mobile Prefix Solicitation is similar to the Router Solicitation
used in Neighbor Discovery [20], except it is routed from the mobile
node on the visited network to the home agent on the home network by
usual unicast routing rules.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IP Fields:
Source Address
The mobile node's care-of address.
Destination Address
The address of the mobile node's home agent. This home agent
must be on the link which the mobile node wishes to learn
prefix information about.
Hop Limit
Set to an initial hop limit value, and this message is routed
according to the rules of a typical unicast packet. A hop
limit of 64 is currently suggested [32]. [30].
Authentication Header
If a Security Association for the IP Authentication Header
exists between the sender and the destination address, then the
sender SHOULD include this header. [subject to change]
ICMP Fields:
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 66] 63]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Type
152 <To Be Assigned by IANA>
Code
0
Checksum
The ICMP checksum [5].
Reserved
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 67] 64]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
5.9.
6.8. ICMP Mobile Prefix Advertisement Message Format
A home agent will send a Mobile Prefix Advertisement message to a
mobile node to distribute prefix information about the home link
while the mobile node is traveling away from the home network. This
will occur in response to a Mobile Prefix Solicitation with an
Advertisement, or by an unsolicited Advertisement sent according to
the rules in Section 5.9. 10.9.1.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
IP Fields:
Source Address
The home agent's address as the mobile node would expect to see
it (i.e. (i.e., same network prefix)
Destination Address
If this message is a response to a Mobile Prefix Solicitation,
the Source Address field from that packet. For unsolicited
messages, the mobile node's care-of address SHOULD be used, if
it is currently registered with the home agent. Otherwise, the
mobile node's home address SHOULD be used.
Authentication Header
This
An AH header MUST be sent, included unless the mobile node has not yet configured, and is using its care-of
address. [subject to change]
configure a home address.
ICMP Fields:
Type
153 <To Be Assigned by IANA>
Code
0
Checksum
The ICMP checksum [5].
Options:
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 68] 65]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Checksum
The ICMP checksum [5].
Options:
Prefix Information
Each message contains one or more Prefix Information options,
which contain options.
Each option carries the prefix(es) that the mobile node
should use to configure its home address(es) with. address(es). Section 9.7 10.9.1
describes which prefixes should be advertised to the mobile
node.
The Prefix Information option is defined in Section 4.6.2
of [20], with modifications defined in Section 6.2 7.2 of this
specification. The home agent MUST use this modified Prefix
Information option to send the aggregate list of home network
prefixes as defined in Section 9.9.1. 10.9.1.
The Mobile Prefix Advertisement sent by the home agent MAY include
the Source Link-layer Address option defined in RFC 2461 [20], or the
Advertisement Interval option specified in Section 6.3. 7.3.
Future versions of this protocol may define new option types. Home
Agents Mobile
nodes MUST silently ignore any options they do not recognize and
continue processing the message.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 69] 66]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
6.
7. Modifications to IPv6 Neighbor Discovery
6.1.
7.1. Modified Router Advertisement Message Format
Mobile IPv6 modifies the format of the Router Advertisement
message [20] by the addition of a single flag bit to indicate that
the router sending the Advertisement message is serving as a home
agent on this link. The format of the Router Advertisement message
is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cur Hop Limit |M|O|H| Reserved| Router Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reachable Time |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retrans Timer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
This format represents the following changes over that originally
specified for Neighbor Discovery [20]:
Home Agent (H)
The Home Agent (H) bit is set in a Router Advertisement to
indicate that the router sending this Router Advertisement is
also functioning as a Mobile IP home agent on this link.
Reserved
Reduced from a 6-bit field to a 5-bit field to account for the
addition of the Home Agent (H) bit.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 70] 67]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
6.2.
7.2. Modified Prefix Information Option Format
Mobile IPv6 requires knowledge of a router's global address for two
reasons:
- To allow a home agent (a router) to learn the address of all
other home agents on the link for which it is providing home
agent service, for use in building its Home Agents List as
part of the dynamic home agent address discovery mechanism
(Sections 9.9 10.9 and 10.8). 11.3.2).
- To allow a mobile node to send a Binding Update to a router on
the link on which its previous care-of address is located, for
purposes of establishing forwarding from this previous care-of
address to its new care-of address (Section 10.11). 11.6.6).
However, Neighbor Discovery [20] only advertises a router's
link-local address, by requiring this address to be used as the IP
Source Address of each Router Advertisement.
Mobile IPv6 extends Neighbor Discovery to allow a router to easily
and efficiently advertise its global address, by the addition of a
single flag bit in the format of a Prefix Information option for
use in Router Advertisement messages. The format of the Prefix
Information option is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Prefix Length |L|A|R|Reserved1|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Valid Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Preferred Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Prefix +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This format represents the following changes over that originally
specified for Neighbor Discovery [20]:
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 71] 68]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
Router Address (R)
1-bit router address flag. When set, indicates that the
Prefix field, in addition to advertising the indicated prefix,
contains a complete IP address assigned to the sending router.
This router IP address has the same scope and conforms to the
same lifetime values as the advertised prefix. This use of
the Prefix field is compatible with its use in advertising
the prefix itself, since prefix advertisement uses only the
leading number Prefix bits specified by the Prefix Length
field. Interpretation of this flag bit is thus independent
of the processing required for the On-Link (L) and Autonomous
Address-Configuration (A) flag bits.
Reserved1
Reduced from a 6-bit field to a 5-bit field to account for the
addition of the Router Address (R) bit.
In a solicited Router Advertisement, a home agent MUST, and all other
routers SHOULD, include at least one Prefix Information option with
the Router Address (R) bit set. Neighbor Discovery specifies that,
if including all options in a Router Advertisement causes the size of
the Advertisement to exceed the link MTU, multiple Advertisements can
be sent, each containing a subset of the options [20]. In this case,
at least one of these multiple Advertisements being sent instead
of a single larger solicited Advertisement, MUST include a Prefix
Information option with the Router Address (R) bit set.
All routers SHOULD include at least one Prefix Information option
with the Router Address (R) bit set, in each unsolicited multicast
Router Advertisement that they send. If multiple Advertisements
are being sent instead of a single larger unsolicited multicast
Advertisement, at least one of these multiple Advertisements SHOULD
include a Prefix Information option with the Router Address (R) bit
set.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 72] 69]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
6.3.
7.3. New Advertisement Interval Option Format
Mobile IPv6 defines a new Advertisement Interval option, used in
Router Advertisement messages to advertise the interval at which the
sending router sends unsolicited multicast Router Advertisements.
The format of the Advertisement Interval option is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Advertisement Interval |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
7
Length
8-bit unsigned integer. The length of the option (including
the type and length fields) in units of 8 octets. The value of
this field MUST be 1.
Reserved
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
Advertisement Interval
32-bit unsigned integer. The maximum time, in milliseconds,
between successive unsolicited router Router Advertisement
messages sent by this router on this network interface. Using
the conceptual router configuration variables defined by
Neighbor Discovery [20], this field MUST be equal to the value
MaxRtrAdvInterval, expressed in milliseconds.
Routers MAY include this option in their Router Advertisements. A
mobile node receiving a Router Advertisement containing this option
SHOULD utilize the specified Advertisement Interval for that router
in its movement detection algorithm, as described in Section 10.4. 11.4.1.
This option MUST be silently ignored for other Neighbor Discovery
messages.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 73] 70]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
6.4.
7.4. New Home Agent Information Option Format
Mobile IPv6 defines a new Home Agent Information option, used in
Router Advertisement messages sent by a home agent to advertise
information specific to this router's functionality as a home agent.
The format of the Home Agent Information option is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Agent Preference | Home Agent Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
8
Length
8-bit unsigned integer. The length of the option (including
the type and length fields) in units of 8 octets. The value of
this field MUST be 1.
Reserved
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
Home Agent Preference
16-bit signed, twos-complement integer. The preference for
the home agent sending this Router Advertisement, for use in
ordering the addresses returned to a mobile node in the Home
Agent Addresses field of a Home Agent Address Discovery Reply
message. Higher values mean more preferable. If this option
is not included in a Router Advertisement in which the Home
Agent (H) bit is set, the preference value for this home agent
SHOULD be considered to be 0. Values greater than 0 indicate a
home agent more preferable than this default value, and values
less than 0 indicate a less preferable home agent.
The manual configuration of the Home Agent Preference value
is described in Section 7.2. 8.3. In addition, the sending home
agent MAY dynamically set the Home Agent Preference value, for
example basing it on the number of mobile nodes it is currently
serving or on its remaining resources for serving additional
mobile nodes; such dynamic settings are beyond the scope of
this document. Any such dynamic setting of the Home Agent
Preference, however, MUST set the preference appropriately,
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 74] 71]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
relative to the default Home Agent Preference value of 0 that
may be in use by some home agents on this link (i.e., a home
agent not including a Home Agent Information option in its
Router Advertisements will be considered to have a Home Agent
Preference value of 0).
Home Agent Lifetime
16-bit unsigned integer. The lifetime associated with the
home agent in units of seconds. The default value is the same
as the Router Lifetime, as specified in the main body of the
Router Advertisement message. The maximum value corresponds
to 18.2 hours. A value of 0 MUST NOT be used. The Home Agent
Lifetime applies only to this router's usefulness as a home
agent; it does not apply to information contained in other
message fields or options.
Home agents MAY include this option in their Router Advertisements.
This option MUST NOT be included in a Router Advertisement in which
the Home Agent (H) bit (see Section 6.1) 7.1) is not set. If this option
is not included in a Router Advertisement in which the Home Agent (H)
bit is set, the lifetime for this home agent MUST be considered to
be the same as the Router Lifetime in the Router Advertisement.
This option MUST be silently ignored for other Neighbor Discovery
messages.
If both the Home Agent Preference and Home Agent Lifetime multiple Advertisements are set
to their being sent instead of a single
larger unsolicited multicast Advertisement, all of the multiple
Advertisements with the Router Address (R) bit set MUST include this
option with the same contents, otherwise this option MUST be omitted
from all Advertisements.
This option MUST be silently ignored for other Neighbor Discovery
messages.
If both the Home Agent Preference and Home Agent Lifetime are set
to their default values specified above, this option SHOULD NOT be
included in the Router Advertisement messages sent by this home
agent.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 75] 72]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
6.5.
7.5. Changes to Sending Router Advertisements
The Neighbor Discovery protocol specification [20] limits routers to
a minimum interval of 3 seconds between sending unsolicited multicast
Router Advertisement messages from any given network interface
(limited by MinRtrAdvInterval and MaxRtrAdvInterval), stating that:
"Routers generate Router Advertisements frequently enough
that hosts will learn of their presence within a few
minutes, but not frequently enough to rely on an absence
of advertisements to detect router failure; a separate
Neighbor Unreachability Detection algorithm provides failure
detection."
This limitation, however, is not suitable to providing timely
movement detection for mobile nodes. Mobile nodes detect their
own movement by learning the presence of new routers as the mobile
node moves into wireless transmission range of them (or physically
connects to a new wired network), and by learning that previous
routers are no longer reachable. Mobile nodes MUST be able to
quickly detect when they move to a link served by a new router, so
that they can acquire a new care-of address and send Binding Updates
to register this care-of address with their home agent and to notify
correspondent nodes as needed.
Thus, to provide good support for mobile nodes, Mobile IPv6 relaxes
this limit such that routers MAY send unsolicited multicast Router
Advertisements more frequently. In particular, on network interfaces
where the router is expecting to provide service to visiting mobile
nodes (e.g., wireless network interfaces), or on which it is serving
as a home agent to one or more mobile nodes (who may return home and
need to hear its Advertisements), the router SHOULD be configured
with a smaller MinRtrAdvInterval value and MaxRtrAdvInterval value,
to allow sending of unsolicited multicast Router Advertisements more
often. Recommended values for these limits are:
- MinRtrAdvInterval 0.05 seconds
- MaxRtrAdvInterval 1.5 seconds
Use of these modified limits MUST be configurable, and specific
knowledge of the type of network interface in use SHOULD be taken
into account in configuring these limits for each network interface.
When sending unsolicited multicast Router Advertisements more
frequently than the standard limit on unsolicited multicast
Advertisement frequency, the sending router need not include all
options in each of these Advertisements, but it SHOULD include at
least one Prefix Information option with the Router Address (R) bit
set (Section 6.2) 7.2) in each.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 76] 73]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
6.6.
7.6. Changes to Sending Router Solicitations
In addition to the limit on routers sending unsolicited multicast
Router Advertisement messages (Section 6.5), 7.5), Neighbor Discovery
defines limits on nodes sending Router Solicitation messages, such
that a node SHOULD send no more than 3 Router Solicitations, and that
these 3 transmissions SHOULD be spaced at least 4 seconds apart.
However, these limits prevent a mobile node from finding a new
default router (and thus a new care-of address) quickly as it moves
about.
Mobile IPv6 relaxes this limit such that, while a mobile node is away
from home, it MAY send Router Solicitations more frequently. The
following limits for sending Router Solicitations are recommended for
mobile nodes while away from home:
- A mobile node that is not configured with any current care-of
address (e.g., the mobile node has moved since its previous
care-of address was configured), MAY send more than the defined
Neighbor Discovery limit of MAX_RTR_SOLICITATIONS Router
Solicitations.
- The rate at which a mobile node sends Router Solicitations MUST
be limited, although a mobile node MAY send Router Solicitations
more frequently than the defined Neighbor Discovery limit of
RTR_SOLICITATION_INTERVAL seconds. The minimum interval MUST
be configurable, and specific knowledge of the type of network
interface in use SHOULD be taken into account in configuring this
limit for each network interface. A recommended minimum interval
is 1 second.
- After sending at most MAX_RTR_SOLICITATIONS Router Solicitations,
a mobile node MUST reduce the rate at which it sends subsequent
Router Solicitations. Subsequent Router Solicitations SHOULD
be sent using a binary exponential backoff mechanism, doubling
the interval between consecutive Router Solicitations, up to a
maximum interval. The maximum interval MUST be configurable and
SHOULD be chosen appropriately based on the characteristics of
the type of network interface in use.
- While still searching for a new default router and care-of
address, a mobile node MUST NOT increase the rate at which it
sends Router Solicitations unless it has received a positive
indication (such as from lower network layers) that it has moved
to a new link. After successfully acquiring a new care-of
address, the mobile node SHOULD also increase the rate at which
it will send Router Solicitations when it next begins searching
for a new default router and care-of address.
- A mobile node that is currently configured with a care-of address
SHOULD NOT send Router Solicitations to the default router
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 77] 74]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
on it current link, until its movement detection algorithm
(Section 10.4) 11.4.1) determines that it has moved and that its
current care-of address might no longer be valid.
Johnson and Perkins Expires 22 September 2002 [Page 78]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
7.
8. Requirements for Types of IPv6 Nodes
Mobile IPv6 places some special requirements on the functions
provided by different types of IPv6 nodes. This section summarizes
those requirements, identifying the functionality each requirement
is intended to support. Further details on this functionality is
provided in the following sections.
7.1.
8.1. Requirements for All IPv6 Hosts and Routers
Since any IPv6 node may at any time be a correspondent node of a
mobile node, either sending a packet to a mobile node or receiving a
packet from a mobile node, the following requirements apply to ALL
IPv6 nodes (whether host or router, whether mobile or stationary):
- Every IPv6 node MUST be able to process a Home Address option
received in any IPv6 packet.
- Every IPv6 node SHOULD be able to participate in a return
routability procedure, process Binding Update messages, and to
return a Binding Acknowledgement option if the Acknowledge (A)
bit is set in the received Binding Update.
- Every IPv6 node SHOULD be able to maintain a Binding Cache of the
bindings received in accepted Binding Updates.
8.2. Requirements for All IPv6 Routers
The following requirements apply to all IPv6 routers, even those not
serving as a home agent for Mobile IPv6:
- Every IPv6 router SHOULD be able to send an Advertisement
Interval option in each of its Router Advertisements, to aid
movement detection by mobile nodes. The use of this option in
Router Advertisements MUST be configurable.
- Every IPv6 router SHOULD be able to support sending unsolicited
multicast Router Advertisements at the faster rate described in
Section 6.5. 7.5. The use of this faster rate MUST be configurable.
- Each router SHOULD include at least one prefix with the 'R' bit
set and with its full IP address in its router advertisements.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 75]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
- Filtering routers SHOULD be able to have support different rules for
routing header type Type 0 and
Type 2 than for other routing Routing headers so that
type 2 can be allowed in order to allow Mobile IPv6 traffic
while still having the option to filter out other use filtering of routing source routed packets
(Type 0) will not necessarily limit MIPv6 traffic via Type 2
Routing headers.
7.2.
8.3. Requirements for IPv6 Home Agents
In order for a mobile node to operate correctly while away from home,
at least one IPv6 router on the mobile node's home link must function
as a home agent for the mobile node. The following additional
requirements apply to all IPv6 routers capable of serving as a home
agent:
- Every home agent MUST be able to maintain an entry in its Binding
Cache for each mobile node for which it is serving as the home
agent. Each such Binding Cache entry records the mobile node's
binding with its primary care-of address and is marked as a "home
registration".
- Every home agent MUST be able to intercept packets (using proxy
Neighbor Discovery) addressed to a mobile node for which it is
currently serving as the home agent, on that mobile node's home
link, while the mobile node is away from home.
Johnson and Perkins Expires 22 September 2002 [Page 79]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
- Every home agent MUST be able to encapsulate such intercepted
packets in order to tunnel them to the primary care-of address
for the mobile node indicated in its binding in the home agent's
Binding Cache.
- Every home agent MUST support decapsulating reverse tunneled
packets sent to it from a mobile node's home address. Every home
agent MUST also check that the source address in the tunneled
packets corresponds to the currently registered location of the
mobile node.
- Every home agent MUST be able to return a Binding Acknowledgement
option
message in response to a Binding Update option received with the
Acknowledge (A) bit set.
- Every home agent MUST maintain a separate Home Agents List for
each link on which it is serving as a home agent, as described in
Section 4.7. 4.5.
- Every home agent MUST be able to accept packets addressed to
the "Mobile IPv6 Home-Agents" anycast address for the subnet
on which it is serving as a home agent [11], and MUST be
able to participate in dynamic home agent address discovery
(Section 9.9). 10.9).
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 76]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
- Every home agent SHOULD support a configuration mechanism to
allow a system administrator to manually set the value to be sent
by this home agent in the Home Agent Preference field of the Home
Agent Information Option in Router Advertisements that it sends.
- Every home agent SHOULD support sending ICMP Mobile
Prefix Advertisements, and SHOULD respond to Mobile Prefix
Solicitations.
7.3.
8.4. Requirements for IPv6 Mobile Nodes
Finally, the following requirements apply to all IPv6 nodes capable
of functioning as mobile nodes:
- Every IPv6 mobile node MUST be able to perform IPv6 encapsulation
and decapsulation [4].
- Every IPv6 mobile node MUST support the return routability
procedure and sending Binding Update
options, messages, as specified in
Sections 10.7, 10.9, 11.6.1, 11.6.2, and 10.11; 11.6.6; and MUST be able to receive
and process Binding Acknowledgement options, messages, as specified in
Section 10.14. 11.6.3.
- Every IPv6 mobile node MUST support use of the dynamic home agent
address discovery mechanism, as described in Section 10.8. 11.3.2.
- Every IPv6 mobile node MUST maintain a Binding Update List in
which it records the IP address of each other node to which it
has sent a Binding Update, for which the Lifetime sent in that
binding has not yet expired.
Johnson and Perkins Expires 22 September 2002 [Page 80]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
- Every IPv6 mobile node MUST support receiving a Binding Request
option, Refresh
Request, by responding with a Binding Update option. message.
- Every IPv6 mobile node MUST support sending packets containing a
Home Address option; this option. This option MUST be included in all packets
sent while to a correspondent node when the following three conditions
apply: The correspondent node has a binding with this mobile
node. The mobile node is away from home, if the home. The packet would
otherwise have been sent with the mobile node's home address as
the IP Source Address.
- Every IPv6 mobile node MUST maintain a Home Agents List, as
described in Section 4.7. 4.5.
- Every mobile node MUST support receiving Mobile Prefix
Advertisements and reconfiguring its home address based on the
prefix information contained therein.
Johnson and Perkins
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 81] 77]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
8.
9. Correspondent Node Operation
A correspondent node is any node communicating with a mobile node.
The correspondent node, itself, may be stationary or mobile, and may
possibly also be functioning as a home agent for Mobile IPv6. The
procedures in this
This section thus apply explains the special processing required for the return
routability and binding procedures, as well as to manage the binding
cache, handle ICMP messages and send packets to all IPv6 nodes.
8.1. Receiving Packets from a Mobile Node
Packets sent by a mobile node.
9.1. Conceptual Data Structures
Each IPv6 node while away from home generally include maintains a Home Address option. When any Binding Cache of bindings for other nodes.
A separate Binding Cache SHOULD be maintained by each IPv6 node receives a packet containing
a Home Address option, it MUST process the option for
each of its IPv6 addresses. The Binding Cache MAY be implemented in a
any manner consistent with exchanging the Home Address field from external behavior described in this
document, for example by being combined with the Home
Address option into node's Destination
Cache as maintained by Neighbor Discovery [20]. When sending a
packet, the IPv6 header, replacing Binding Cache is searched before the original value Neighbor Discovery
conceptual Destination Cache [20] (i.e., any Binding Cache entry for
this destination SHOULD take precedence over any Destination Cache
entry for the same destination).
Each Binding Cache entry conceptually contains the following fields:
- The home address of the Source Address field there. However, any actual modifications to mobile node for which this is the Source Address Binding
Cache entry. This field in is used as the packet's IPv6 header MUST be carried
out in such a fashion that further processing key for searching the
Binding Cache for the destination address of such a packet after
all IPv6 options processing (e.g., at being sent.
If the transport layer) does not
need to know that destination address of the original Source Address was a care-of address,
or that packet matches the Home Address option was used home address
in the Binding Cache entry, this entry SHOULD be used in routing
that packet.
Since
- The care-of address for the sending mobile node uses its indicated by the home
address at field in this Binding Cache entry. If the transport
layer when sending such destination
address of a packet, packet being routed by a node matches the use of home
address in this entry, the packet SHOULD be routed to this
care-of address
and Home Address option address, as described in Section 9.6, for packets
originated by this node, or in Section 10.5, if this node is transparent to both the
mobile node and
the correspondent node above the level of the Home Address option
generation node's home agent and processing.
8.2. Receiving Binding Updates
Before accepting a Binding Update option received in any packet, the
receiving node MUST validate the Binding Update according to packet was intercepted by it on
the
following tests: home link.
- The packet meets A lifetime value, indicating the specific authentication requirements remaining lifetime for this
Binding Updates, defined in Section 4.5.
- The packet MUST contain a Home Address option.
- Cache entry. The Option Length field in the Binding Update option lifetime value is greater
than or equal to initialized from
the length specified in Section 5.1.7.
- The Sequence Number Lifetime field in the Binding Update option is greater
than that created or last
modified this Binding Cache entry. Once the Sequence Number received in lifetime of this
entry expires, the entry MUST be deleted from the previous Binding Update
for this home address, if any. As noted in Section 4.7, Cache.
- A flag indicating whether or not this
Sequence Number comparison MUST be performed modulo 2**8.
If the mobile node sends a sequence number which Binding Cache entry is a
"home registration" entry.
- A flag indicating whether or not greater than
the sequence number from the last successful this Binding Update, then the
receiving Cache entry
represents a mobile node MUST send back that should be advertised as a Binding Acknowledgement with status
Johnson and Perkins router in
proxy Neighbor Advertisements sent by this node on its behalf.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 82] 78]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
code 141, and the last accepted sequence number in the Sequence
Number field of the Binding Acknowledgement.
Any Binding Update which fails to satisfy all of these tests for any
other reason (than insufficiency of the Sequence Number) MUST be
silently ignored, and the packet carrying the Binding Update MUST be
discarded.
In this section, the care-of address refers to the IPv6 address,
which was originally located in the IPv6 header when the packet was
transmitted by the mobile node.
If the Binding Update
This flag is only valid according to the tests above, then if the Binding Update Cache entry indicates that
this is processed further as follows: a "home registration" entry.
- If the Lifetime specified in the Binding Update is nonzero and
the specified Care-of Address is not equal to The length of the home address routing prefix for the binding, then this home address. This
field is a request to cache a binding for
the mobile node. If only valid if the Home Registration (H) bit "home registration" flag is set in the
Binding Update, the on
this Binding Update is processed according to the
procedure specified in Section 9.1; otherwise, it is processed
according to the procedure specified in Section 8.3. Cache entry.
- If The maximum value of the Lifetime specified Sequence Number field received in the
previous Binding Update is zero or the
specified Care-of Address matches the home address Updates for the
binding, then this is a request to delete the mobile node's
cached binding. If the Home Registration (H) bit node home address.
The Sequence Number field is set 16 bits long, and all comparisons
between Sequence Number values MUST be performed modulo 2**16.
For example, using an implementation in the
Binding Update, the Binding Update C programming
language, a Sequence Number value A is processed according to greater than another
Sequence Number value B if ((short)((a) - (b)) > 0), if the
procedure specified in Section 9.2; otherwise, it
"short" data type is processed
according to the procedure specified in Section 8.4.
8.3. Requests to Cache a 16-bit signed integer.
- Recent usage information for this Binding
When a node receives a Binding Update, it MUST validate it and
determine the type of Binding Update according Cache entry, as needed
to implement the steps described cache replacement policy in use in Section 8.2. This section describes the processing of a valid Binding Update that requests a node
Cache and to cache a mobile node's binding,
for which the Home Registration (H) bit is not set assist in the determining whether a Binding
Update.
In this case, Refresh
Request should be sent when the receiving node SHOULD create a new lifetime of this entry in its nears
expiration.
Binding Cache for this mobile node (or update its existing entries not marked as "home registrations" MAY be
replaced at any time by any reasonable local cache replacement policy
but SHOULD NOT be unnecessarily deleted. The Binding Cache for any
one of a node's IPv6 addresses may contain at most one entry for this
each mobile node, if such an entry already exists).
The new Binding Cache entry records the association between this node home address and the care-of address for the binding. address. The lifetime
for the contents of a node's Binding
Cache entry is initialized from the Lifetime field
specified MUST NOT be changed in the response to a Home Address option in
a received packet. The contents of all of a node's Binding Update, although this lifetime MAY Cache
entries, for each of its IPv6 addresses, MUST be
reduced by cleared when the
node caching reboots.
9.2. Receiving Packets from a Mobile Node
Packets sent by a mobile node with either a Home Address destination
option or a Mobility Header (or both) require special processing at
the binding; correspondent node as explained below.
9.2.1. Processing Mobility Header (MH) Messages
All IPv6 correspondent nodes MUST observe the lifetime for following rules when
processing Mobility Header messages:
1. If an MH message of unknown type is received (Section 6.1, the
correspondent node SHOULD issue a Binding
Cache entry Error message to the
packet's Source Address with Status field set to 2. Finally, the
correspondent node MUST NOT be greater than discard the Lifetime value specified in
Johnson and Perkins packet.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 83] 79]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
2. If the Binding Update. Any Binding Cache entry "Next Header" field is not NO_NXTHDR (59 decimal), the
packet MUST be deleted after silently discarded.
3. The checksum must be verified as per Section 6.1.
Subsequent checks depend on the expiration particular Mobility Header message.
There are two types of Mobility Header messages. The return
routability procedure (Section 9.3) is used to verify liveness of this lifetime in the Binding Cache entry.
8.4. Requests
mobile node at both its home address as well as its care-of address.
These liveness probes are used to Delete secure binding updates.
The other type of Mobility Header messages are directly concerned
with managing bindings (Section 9.4).
9.2.2. Receiving Packets with Home Address Destination Option
Packets sent by a Binding
When mobile node while away from home MAY include a Home
Address destination option, if the correspondent node receives has a Binding Update, it
Cache Entry for that home address. It MUST validate it and
determine process the type option in a
manner consistent with exchanging the Home Address field from the
Home Address option into the IPv6 header, replacing the original
value of Binding Update according the Source Address field there. However, any actual
modifications to the steps described Source Address field in Section 8.2. This section describes the packet's IPv6 header
MUST be carried out in such a fashion that further processing of such
a valid
Binding Update packet after all IPv6 options processing (e.g., at the transport
layer) does not depend on that requests a node information to delete know that the original
Source Address was a mobile node's binding
from its Binding Cache, for which care-of address, or that the Home Registration (H) bit is
not set Address option
was used in the Binding Update. In this case, packet.
Since the receiving sending mobile node MUST
delete any existing entry in uses its Binding Cache for this mobile node.
8.5. Sending Binding Acknowledgements
When any node receives a packet containing a Binding Update option
in which home address at the Acknowledge (A) bit is set, it MUST return transport
layer when sending such a Binding
Acknowledgement option acknowledging receipt packet, the use of the Binding Update.
If care-of address
and Home Address option is transparent to both the mobile node and
the correspondent node accepts above the Binding Update level of the Home Address option
generation and creates or updates
an entry in its processing.
Packets containing Home Address Option MUST be dropped if there is
no corresponding Binding Cache Entry for that home address. In this binding, and
case, the `A' bit
was set in correspondent nodes SHOULD send the Binding Update, Error message
to the Status field source address of the packet that contained the Home Address
Option (see Section 6.1.9).
9.3. Return Routability Procedure
A correspondent node engages in the Binding
Acknowledgement MUST be set return routability procedure in
order to secure a value less than 128; if, on the
other hand the subsequent Binding Update Update. This is accepted and a requirement
in order to authorize the `A' bit is not set, creation of new bindings as well as to
refresh existing ones. In particular, these messages are used to
establish the node SHOULD NOT send a Binding Acknowledgement. If mobile node's liveness (responsiveness to packets) at
both its care-of address as well as its home address.
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 80]
INTERNET-DRAFT Mobility Support in IPv6 1 May 2002
9.3.1. Receiving HoTI Messages
The HoTI message initiates the return routability procedure from the
mobile node's home address to the correspondent node.
The correspondent node
rejects verifies the Binding Update and does not create or update an entry following:
- MH Type field for this binding, a Binding Acknowledgement MUST be sent even if the `A'
bit was not sent, and the Status message is 1.
- The Header Extension Length field in the Binding Acknowledgement MUST be set to a value greater than or equal
to 128. Specific values
for the Status field are described length specified in Section 5.1.8 and in the most
recent "Assigned Numbers" [10]. 6.1.3.
- The packet in which the Binding Acknowledgement is returned MUST meet the specific authentication requirements NOT include a Home Address destination option.
In preparation for Binding
Acknowledgements, defined in Section 4.5. Furthermore, if sending the packet
is to be sent to corresponding HoT Message, the mobile
correspondent node at any address other than the mobile
node's home address, checks that it has the necessary material
to engage in a return routability procedure, as specified in
Section 5.5. For that procedure, the correspondent node MUST be sent using have a Routing header (even if
secret Kcn and a nonce Nj. If it does not have this material yet,
it MUST produce it before continuing with the binding was rejected). return routability
procedure.
Section 9.3.3 specifies further processing.
9.3.2. Receiving CoTI Messages
The intermediate IP address, CoTI message initiates the return routability procedure from the
mobile node's care-of address location to which the packet will be delivered immediately before correspondent node.
The correspondent node verifies the home address, is
determined as follows: following:
- Whenever the Binding Update MH Type field for this message is accepted with a nonzero lifetime,
the routing header will 2.
- The Header Extension Length field MUST be constructed using greater than or equal
to the care-of address
as described length specified in Section 8.9. 6.1.4.
- Otherwise, if the Source IP Address of the The packet containing
the Binding Update, is legal for inclusion in MUST NOT include a Routing Header, Home Address destination option.
In preparation for sending the routing header will be constructed using corresponding CoT Message, the
correspondent node checks that IP address.
Note it has the necessary material
to engage in a return routability procedure, as specified in
Section 5.5. For that multicast addresses, link-local addresses, loopback
addresses, IPv4 mapped addresses, and procedure, the unspecified address,
Johnson correspondent node MUST have a
secret Kcn and Perkins a nonce Nl. If it does not have this material yet,
it MUST produce it before continuing with the return routability
procedure.
Section 9.3.4 specifies further processing.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 84] 81]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
MUST NOT be used within a Routing Header for the Binding
Acknowledgement.
- Otherwise, if
9.3.3. Sending HoT Messages
Unless already created, the Binding Update has correspondent node creates a zero lifetime but the
Source IP address is not allowable for use within the Routing
Header, the Binding Acknowledgment MUST be sent "Home
Cookie" and an associated "Home Nonce Index". It then creates a
HoT message (Section 6.1.5) and sends it to the mobile
node's node at the
latter's home address.
In response to a Binding Update, a
9.3.4. Sending CoT Messages
Unless already created, the correspondent node MAY send creates a Binding
Acknowledgement even when "Care-of
Cookie" and an associated "Care-of Nonce Index". It then creates a
CoT message (Section 6.1.6) and sends it to the 'A' bit is not set in mobile node at the Binding
Update.
latter's care-of address.
9.4. Processing Bindings
This would happen, for instance, if a mobile section explains how the correspondent node attempted
to send a processes the
binding cache messages. These messages are:
- Binding Update with the 'H' bit set to a correspondent
node.
8.6. Sending
- Binding Requests
Entries in a node's Refresh Request
- Binding Cache MUST be deleted when their lifetime
expires. If such an entry is still in active use in sending packets
to Acknowledgement
- Binding Error
9.4.1. Receiving Binding Updates
Before accepting a mobile node, the next packet sent to Binding Update message, the mobile receiving node will be
routed normally to MUST
validate the mobile node's home link, where it will be
intercepted and tunneled Binding Update according to the mobile node. following tests:
- The mobile node will
then return packet MUST NOT contain a Home Address option.
- The Header Len field in the Binding Update option is greater than
or equal to the sender, allowing it to create
a new Binding Cache entry for sending future packets to length specified in Section 6.1.7.
- The Sequence Number field in the mobile
node. Communication with Binding Update message is
greater than the mobile node continues uninterrupted,
but Sequence Number received in the forwarding of previous Binding
Update for this packet through the mobile node's home
agent creates additional overhead and latency address, if any. As noted in delivering packets
to Section 5.5,
this Sequence Number comparison MUST be performed modulo 2**16.
- The packet meets the mobile node. Such routing paths could, specific authentication requirements for instance,
temporarily or permanently disrupt any negotiated Quality of Service
reservations which had been made by the mobile node on its home
network.
If the sender knows that the
Binding Cache entry is still Updates, defined in active
use, it MAY send a Binding Request option to Section 5.5.
When the mobile node in return routability procedure is used as an attempt to avoid this overhead and latency due to deleting and
recreating authorization
method, the Binding Cache entry. Since a Binding Request is a
destination option, it may, for example, be included following are also required:
Johnson, Perkins, Arkko Expires 1 November 2002 [Page 82]
INTERNET-DRAFT Mobility Support in any packet
already being sent to the mobile node, such as a packet that is part
of ongoing TCP communication with IPv6 1 May 2002
- The correspondent node MUST re-generate the mobile node. When Home Cookie and the mobile
node receives a packet
Care-of Cookie from some sender containing a Binding Request
option, it returns a Binding Update option to that sender, giving its
current binding and a new lifetime.
8.7. Cache Replacement Policy
Conceptually, a node maintains a separate timer for each entry in its
Binding Cache. When creating or updating a Binding Cache entry the information contained in
response to a received and accepted Binding Update, the node sets packet.
It then generates the
timer for this entry session key Kbu and uses it to verify
the authenticator field in the Binding Update as specified Lifetime period. Any entry in
Section 6.1.7. Note that a node's Binding Cache MUST be deleted after the expiration of care-of address different from the
Johnson and Perkins Expires 22 September 2002 [Page 85]
INTERNET-DRAFT Mobility Support in IPv6 22 March 2002
Lifetime
Source Address MAY have been specified by including an Alternate
Care-of Address mobility option in the Binding Update from which message.
When such message is received and the entry was
created or last updated.
Each node's Binding Cache will, by necessity, have a finite size.
A return routability
procedure is used as an authorization method, the correspondent
node MAY use any reasonable local policy for managing MUST verify the space authenticator by using the address within its Binding Cache, except that any entry marked as a "home
registration" (Section 9.1) MUST NOT be deleted from
the cache
until Alternate Care-of Address in the expiration of its lifetime period. When such a "home
registration" entry is deleted, calculations.
- The Home and Care-of Nonce Index values in addition the home agent MUST also
cease intercepting packets on Nonce Indices
mobility option are recognized by the mobile node's home link addressed
to correspondent node. As
described in Section 5.5, the mobile correspondent node (Section 9.3), just as if discards Nonce
values that are too old.
If the mobile node had
deregistered its primary care-of address (see Section 9.2).
When attempting to add a new "home registration" entry in response
to sends a Binding Update with sequence number which is not greater than
the Home Registration (H) bit set, if
insufficient space exists (and sufficient space cannot be reclaimed)
in sequence number from the node's last successful Binding Cache, Update, then the
receiving node MUST reject the Binding
Update and SHOULD return send back a Binding Acknowledgement to with status
code 141, and the sending
mobile node, last accepted sequence number in which the Status Sequence
Number field is set to 131 (insufficient
resources). When otherwise attempting to add a new entry to its of the Binding Cache, Acknowledgement.
If the mobile node sends a Home or Care-of Nonce Index value which is
no longer recognized by the correspondent node, then the receiving
node MAY, if needed, choose MUST send back a Binding Acknowledgement with status code 144 or
145, respectively.
Any Binding Update which fails to drop satisfy all of these tests for
any entry
already in its Binding Cache, reason other than a "home registration"
entry, in order to make space for the new entry. For example, a
"least-recently used" (LRU) strategy for cache entry replacement
among entries not marked as a "home registration" is likely to
work well unless the size insufficiency of the Binding Cache is substantially
insufficient.
Any binding dropped from a node's Binding Cache due to lack of cache
space will Sequence Number or Nonce
Indices MUST be rediscovered silently ignored, and a new cache entry created, if the
binding is still in active use by the node for sending packets. If the node sends a packet to a destination for which it has dropped carrying the
entry from its Binding Cache, the packet will
Update MUST be routed normally,
leading discarded.
In this section, the care-of address refers to the mobile node's home link. There, IPv6 address,
which was originally located in the IPv6 header when the packet will be
intercepted was
transmitted by the mobile node's home agent and tunneled to node.
If the
mobile node's current primary care-of address. As when a Binding
Cache entry Update is initially created, this indirect routing valid according to the mobile
node through its home agent will result tests above, then the
Binding Update is processed further as follows:
- If the Lifetime specified in the mobile node sending
a Binding Update to this sending node when it receives is nonzero and
the tunneled
packet, allowing it specified Care-of Address is not equal to add an entry again the home address
for the binding, then this destination mobile
node to its Binding Cache.
8.8. Receiving ICMP Error Messages
When a correspondent node sends is a packet request to cache a mobile node, if the
correspondent node has a Binding Cache entry binding for
the destination
address of mobile node. If the packet, then Home Registration (H) bit is set in the correspondent node uses a Routing
header to deliver
Binding Update, the packet Binding Update is processed according to the mobile node through
procedure specified in Section 10.2; otherwise, it is processed
according to the care-of
address procedure specified in Section 9.4.2.
- If the binding recorded Lifetime specified in the Binding Cache entry. Any ICMP
Johnson and Perkins Update is zero or the
specified Care-of Address matches the home address for the
binding, then this is a request to delete the mobile node's
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 86] 83]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
error message caused by the packet on its way to the mobile node will
be returned normally to the correspondent node.
On
cached binding. If the other hand, if Home Registration (H) bit is set in the correspondent node has no
Binding Cache
entry for the mobile node, Update, the packet will be routed Binding Update is processed according to the mobile
node's home link. There,
procedure specified in Section 10.3; otherwise, it will be intercepted by the mobile node's
home agent, encapsulated, and tunneled is processed
according to the mobile node's primary
care-of address. Any ICMP error message caused by procedure specified in Section 9.4.3.
9.4.2. Requests to Cache a Binding
When a node receives a Binding Update, it MUST validate it and
determine the packet on
its way type of Binding Update according to the mobile node while steps described
in Section 9.4.1. This section describes the tunnel, will be transmitted processing of a valid
Binding Update that requests a node to the cache a mobile node's home agent (the source of binding,
for which the tunnel). By
the definition of IPv6 encapsulation [4], the home agent (as the
encapsulating node) MUST relay certain ICMP error messages back
to the original sender of the packet, which Home Registration (H) bit is not set in the Binding
Update.
In this case is case, the
correspondent node.
Likewise, if a packet for a mobile receiving node arrives at the mobile node's
previous link and is intercepted there by SHOULD create a home agent new entry in its
Binding Cache for the this mobile
node's previous care-of address as described in Section 10.11 (e.g.,
the node, or update its existing Binding
Cache entry for this mobile node moved after node, if such an entry already exists.
The Binding Cache entry records the packet was sent), that association between this home agent
will encapsulate
address and tunnel the packet to the mobile node's new care-of address. As above, any ICMP error message caused by address for the
packet while binding. The lifetime for
the Binding Cache entry is initialized from the Lifetime field
specified in the Binding Update, although this tunnel will lifetime MAY be returned to that home agent (the
source of the tunnel), which MUST relay certain ICMP error messages
back to
reduced by the correspondent node [4]. The relayed packet MUST NOT
contain a routing header entry with caching the care-of address of binding; the mobile
node.
Thus, in all cases, any meaningful ICMP error messages caused
by packets from a correspondent node to a mobile node will lifetime for the Binding
Cache entry MUST NOT be
returned to greater than the correspondent node. If Lifetime value specified in
the correspondent node
receives persistent ICMP Destination Unreachable messages Binding Update. Any Binding Cache entry MUST be deleted after
sending packets to
the expiration its lifetime.
The Sequence Number value received from a mobile node based on an entry in its a Binding
Cache, the
Update is stored by a correspondent node MUST delete this in its Binding Cache
entry. entry
for that mobile node. If the receiving correspondent node subsequently transmits another
packet to has no
Binding Cache entry for the sending mobile node, the packet will be routed to the mobile
node's home link, intercepted by the it MUST accept any
Sequence Number value in a received Binding Update from this mobile node's home agent, and
tunneled
node.
9.4.3. Requests to the mobile node's primary care-of address using IPv6
encapsulation. The mobile Delete a Binding
When a node will then return receives a Binding Update, it MUST validate it and
determine the type of Binding Update according to the correspondent node, allowing it to recreate steps described
in Section 9.4.1. This section describes the processing of a (correct) valid
Binding
Cache entry for the mobile node.
8.9. Sending Packets to Update that requests a Mobile Node
Before sending any packet, the sending node SHOULD examine to delete a mobile node's binding
from its Binding Cache for an entry Cache, for the destination address to which the
packet Home Registration (H) bit is being sent. If
not set in the sending Binding Update.
Any existing binding for the mobile node has a MUST be deleted. A Binding
Cache entry for this address, the sending mobile node SHOULD use a Routing header MUST NOT be created in response to
route
receiving the packet Binding Update.
In order to this mobile prevent replayed binding updates after a binding cache
entry has been deleted the correspondent node (the destination node) by way
of needs to make sure that
the care-of address in nonce indices used to create the binding recorded in that Binding Cache
entry. For example, assuming use of a Type 0 Routing header [6], if
Johnson and Perkins are no longer valid.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 87] 84]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
no other use of
This applies whether the binding is deleted due to it timing out
(lifetime expiry) or being deleted explicitly by the mobile node.
If a Routing header binding cache entry is involved in logically deleted and either the routing of this
packet, home
nonce index or the mobile node sets care-of nonce index used to create (or last
update) the fields in binding are still valid, the packet's IPv6 header
and Routing header correspondent node must
behave as follows:
- The Destination Address in if it retains the packet's IPv6 header is set to state about the mobile node's care-of address copied from binding (including the Binding Cache
entry.
- The Routing header is initialized to contain a single route
segment, with an Address
sequence number) until at least one of the mobile node's home address (the
original destination address cookies has become too
old.
A possible way to which the packet was being sent).
Following the definition of a Type 0 Routing header [6], implement this packet
will be routed is to mark the mobile node's care-of address, where binding cache entry
so that it will
be delivered does not effect sending and receiving of packets, but
so that it is found when a binding update is received. Another
way is to mark the mobile node (the mobile node has associated the
care-of address used nonces immediately too old. However, this
method may cause some unnecessary failures and retries with its network interface). Normal processing of
the Routing header by the ongoing
return routability procedures with other mobile node will then proceed as follows:
- The nodes. Furthermore,
unless the mobile node swaps the Destination Address has requested a Binding Acknowledgement,
it is possible that this method may even cause an error in the packet's
IPv6 header
return routability procedure procedure to go unnoticed, and data
packets to be dropped through the Address specified in the Routing header.
This results in use of the packet's IP Destination Home Address being set to
the mobile node's home address.
- destination
option without an existing binding. The mobile node then resubmits the packet effect is similar to its IPv6 module for
further processing, "looping back" the packet inside
loss during the mobile
node. Since return routability procedure, but may in certain
circumstances significantly increase the mobile problems.
9.4.4. Sending Binding Acknowledgements
When any node recognizes its own home address as
one of its current IP addresses, the receives a packet is processed further
within the mobile node, containing a Binding Update message
in which the same way then as if Acknowledge (A) bit is set, it MUST return a Binding
Acknowledgement message acknowledging receipt of the mobile
node was at home.
If, instead, Binding Update.
If the sending node has no accepts the Binding Cache Update and creates or updates an
entry in its Binding Cache for this binding, the
destination address to which Status field in the packet is being sent,
Binding Acknowledgement MUST be set to a value less than 128; if, on
the sending
node simply sends other hand the packet normally, with no Routing header. If Binding Update is accepted and the destination node `A' bit is not a mobile
set, the node (or is SHOULD NOT send a mobile node that
is currently at home), Binding Acknowledgement. If the packet will be delivered directly to this node and processed normally by it. If, however,
rejects the destination node
is Binding Update and does not create or update an entry for
this binding, a mobile node that is currently away from home, the packet will Binding Acknowledgement MUST be intercepted by sent even if the mobile node's home agent `A'
bit was not set, and tunneled (using
IPv6 encapsulation [4]) to the mobile node's current primary care-of
address, as described Status field in Section 9.4. The mobile node will then send
a the Binding Update Acknowledgement
MUST be set to a value greater than or equal to 128. Specific values
for the sending node, as Status field are described in Section 10.9,
allowing 6.1.8 and in the most
recent "Assigned Numbers" [10].
The packet in which the sending node to create a Binding Cache entry Acknowledgement is returned
MUST meet the specific authentication requirements for its use Binding
Acknowledgements, defined in sending subsequent packets to this mobile node.
It is possible that a correspondent node, having no knowledge
of Section 5.5. Furthermore, if the mobile node's care-of address, would still (for reasons
unspecified here but not necessarily related to mobility) attempt packet
is to deliver a packet, either be sent to or by way of the mobile node at any address other than the mobile
node's home address, by it MUST be sent using a routing header. If Routing header (even if
the correspondent node
subsequently accepts a Binding Update and creates a Binding Cache
entry for binding was rejected). The intermediate IP address, to which
the mobile node, then afterwards, packet will be delivered immediately before the routing header used
Johnson and Perkins home address, is
determined as follows:
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 88] 85]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
by the corresponding node which includes
- Whenever the mobile node's home
address SHOULD also include Binding Update is accepted with a nonzero lifetime,
the mobile node's care-of address. The
correspondent node SHOULD put routing header will be constructed using the mobile node's care-of address
as described in Section 9.6.
- Otherwise, if the intermediate node address immediately preceding Source IP Address of the mobile node's
home address. When packet containing
the care-of address Binding Update, is legal for inclusion in a Routing Header,
the first intermediate
node address, this implies routing header will be constructed using that IP address.
Note that multicast addresses, link-local addresses, loopback
addresses, IPv4 mapped addresses, and the care-of address is to unspecified address,
MUST NOT be placed
in used within a Routing Header for the Destination Address of Binding
Acknowledgement.
Otherwise, if the IPv6 header, and Binding Update has a zero lifetime but the mobile
node's home Source
IP address is not allowable for use within the first entry in the type 0 routing header.
Otherwise, Routing Header,
the correspondent node Binding Acknowledgment MUST insert be sent to the mobile node's
care-of address immediately before the home address entry
address.
9.4.5. Sending Binding Refresh Requests
Entries in the
routing header.
9. Home Agent Operation
9.1. Primary Care-of Address Registration
When a node receives a node's Binding Update, it Cache MUST validate it and
determine the type of Binding Update according be deleted when their lifetime
expires. If such an entry is still in active use in sending packets
to a mobile node, the steps described
in Section 8.2. This section describes next packet sent to the processing of a valid
Binding Update that requests the receiving mobile node will be
routed normally to serve as its home
agent, registering its primary care-of address.
To begin processing the Binding Update, the mobile node's home agent MUST perform
the following sequence of tests:
- If link, where it will be
intercepted and tunneled to the mobile node. The mobile node is not a router that implements home agent
functionality, will
then the node MUST reject the Binding Update and
SHOULD return a Binding Acknowledgement to the mobile node, in
which the Status field is set Update to 132 (home registration not
supported).
- Else, if the home address for the binding (the Home Address field
in the packet's Home Address option) is not an on-link IPv6
address with respect sender, allowing it to the home agent's current Prefix List,
then the home agent MUST reject the Binding Update and SHOULD
return create
a new Binding Acknowledgement Cache entry for sending future packets to the mobile node, in which
node. Communication with the
Status field is set to 133 (not home subnet).
- Else, if mobile node continues uninterrupted,
but the forwarding of this packet through the mobile node's home
agent chooses creates additional overhead and latency in delivering packets
to reject the Binding Update mobile node. Such routing paths could, for instance,
temporarily or permanently disrupt any other reason (e.g., insufficient resources to serve another negotiated Quality of Service
reservations which had been made by the mobile node as a on its home agent), then
network.
If the home agent SHOULD return sender knows that the Binding Cache entry is still in active
use, it MAY send a Binding Acknowledgement Refresh Request message to the mobile node, node
in which the Status
field is set to an appropriate value attempt to indicate avoid this overhead and latency due to deleting and
recreating the reason for Binding Cache entry. When the rejection.
- Finally, mobile node receives a
packet from some sender containing a Binding Refresh Request option,
it MAY start a return routability procedure, if the Duplicate Address Detection (D) bit is set necessary, before
sending its current binding and a new lifetime in
the a new Binding Update, this home agent MUST ensure
Update.
The correspondent node MAY retransmit Binding Refresh Request
messages provided that Duplicate
Address Detection [35] has been performed on rate limitation is applied. The correspondent
node SHOULD stop retransmitting when it receive a Home Test Init
message, as the mobile node's
home link node is responsible for retransmissions during
the link-local address associated with the home
address in this binding, and thus to ensure that no other node
Johnson and Perkins return routability procedure.
Johnson, Perkins, Arkko Expires 22 September 1 November 2002 [Page 89] 86]
INTERNET-DRAFT Mobility Support in IPv6 22 March 1 May 2002
on
9.4.6. Sending Binding Error Messages
If the home link can possibly use correspondent node receives a packet with a Home Address
destination option it MUST verify that it has a binding for that
mobile node. Specifically, it MUST have a binding entry for the
mobile node's home address
(before returning (as obtained from the Binding Acknowledgement). The address
used for Duplicate Home Address Detection SHOULD be option)
at the mobile node's
link-local address. Normal processing for Duplicate Address
Detection specifies that, in certain cases, care-of address (from the IP source address of
the packet). If the correspondent node SHOULD
delay sending does not find such a binding
entry, it MUST discard the initial Neighbor Solicitation packet and return a Binding Error message of
Duplicate Address Detection by a random delay between 0 and
MAX_RTR_SOLICITATION_DELAY [20, 35]; however, in this case, the
home agent SHOULD NOT perform such
(Section 6.1.9).
9.5. Cache Replacement Policy
Conceptually, a delay. If this Duplicate
Address Detection fails, then the home agent MUST reject the
Binding Update and SHOULD return node maintains a Binding Acknowledgement
to the mobile node, separate timer f