Mobility for IPv6 (mip6) Internet Drafts
| Using IPsec between Mobile and Correspondent IPv6 Nodes | |||||||||||||||||
|
Mobile IPv6 uses IPsec to protect signaling between the Mobile Node and the Home Agent. This document defines how IPsec can be used between the Mobile Node and Correspondent Nodes for Home Address Option validation and protection of mobility signaling for Route Optimization. The configuration details for IPsec and IKE are also provided. | ||||||||||||||||
| Why Authentication Data suboption is needed for MIP6 | |||||||||||||||||
|
Mobile IPv6 defines a set of signaling messages that enable the mobile node (MN) to authenticate and perform registration with its home agent (HA). These authentication signaling messages between the mobile node and home agent are secured by an IPsec SA that is established between the MN and HA. The MIP6 working group has specified a mechanism to secure the binding update and binding acknowledgement messages using an authentication option, similar to the authentication option in Mobile IPv4, carried within the messages that are exchanged between the MN and HA to establish a binding. This document provides the justifications as to why the authentication option mechanism was needed for Mobile IPv6 deployment in certain environments. | ||||||||||||||||
| MIP6-bootstrapping for the Integrated Scenario | |||||||||||||||||
|
Mobile IPv6 bootstrapping can be categorized into two primary scenarios, the split scenario and the integrated scenario. In the split scenario, the mobile node's mobility service is authorized by a different service authorizer than the network access authorizer. In the integrated scenario, the mobile node's mobility service is authorized by the same service authorizer as the network access service authorizer. This document defines a method for home agent information discovery for the integrated scenario. | ||||||||||||||||
| DHCP Options for Home Information Discovery in MIPv6 | |||||||||||||||||
|
This draft defines a DHCP-based scheme to enable dynamic discovery of Mobile IPv6 home network information. New DHCP options are defined which allow a mobile node to request the home agent IP address, FQDN, or home network prefix and obtain it via the DHCP response. | ||||||||||||||||
 |
 |
 |
 |
|
 |
|
 |
|
 |
|
 |
Mobility for IPv6 (mip6)
Last Modified: 2007-06-15
Additional information is available at tools.ietf.org/wg/mip6
Chair(s):
Internet Area Director(s):
Internet Area Advisor:
Mailing Lists:
General Discussion: mip6@ietf.orgTo Subscribe: https://www.ietf.org/mailman/listinfo/mip6
Archive: http://www.ietf.org/mail-archive/web/mip6/index.html
Description of Working Group:
Mobile IPv6 (MIP6) specifies routing support which permits an IPv6host to continue using its home address as it moves around the
Internet, enabling continuity of sessions. Mobile IPv6 supports
transparency above the IP layer, including maintenance of active
transport level sessions. The base specifications for Mobile IPv6
consist of:
o RFC 3775
o RFC 3776
The primary goal of the MIP6 working group will be to enhance base
IPv6 mobility by continuing work on developments that are required for
wide-scale deployments. Additionally the working group will ensure
that any issues identified by implementation and interoperability
experience are addressed, and that the base specifications are
maintained. The group will also produce informational documentation,
such as design rationale documents or description of specific issues
within the protocol.
Deployment considerations call for work to reduce per-mobile node
configuration and enrollment effort, solutions to enable dual-stack
operation, mechanisms to support high-availabity home agents, and ways
to employ Mobile IPv6 in the presence of firewalls.
Work items related to base specification maintenance include:
- Create and maintain an issue list that is generated on the basis of
implementation and interoperability experience. Address specific
issues with specific updates or revisions of the base
specification. One specific area of concern that should
be analyzed and addressed relates to multilink subnets.
This work item relates only to corrections and
clarifications. The working group shall not revisit design
decisions or change the protocol.
- Update RFC 3776 to specify the usage of IKEv2 for the establishment
of the IPsec SA between the MN and HA. This work also provides a
way for a mobile node to change its home address or employ multiple
home addresses as needed.
- Update the IANA considerations of RFC 3775 to allow extensions for
experimental purposes as well passing of optional vendor-specific
information.
Work items related to large scale deployment include:
- Bootstrapping Mobile IPv6: A bootstrapping mechanism is intended to
be used when the device is turned on the very first time and
activates Mobile IPv6, or periodically such as when powering
on. The WG should investigate and define the scope before solving
the problem.
Work on the problem statement and the solutions needed for various
deployment scenarios. Work with other WGs such as DHC for defining
the options needed for bootstrapping.
- Capture the AAA requirements needed for bootstrapping and
deployment, and work with the Radext and DiME WGs on the solutions.
- A Solution for MIP6 session continuity for dual stack hosts which
attach to IPv4 access networks. Additionally provide a mechanism
for carrying IPv4 packets via the Home agent for MIP6 capable
dual-stack hosts. This work will be done in collaboration with the
NEMO WG.
- A protocol based solution for enhancing the reliability of home
agents and a method to force a host to switch home agents.
- A mechanism to force an MN to switch the HA that is currently
serving it. This is required in deployments where the HA may need
to be taken offline for maintenance.
- Work on solutions to deal with firewalls and the problems that
firewalls cause as identified in RFC 4487.
Work items related to informational documentation include:
- Produce a problem statement relating to location privacy and the
use of Mobile IPv6. Work with the IRTF MOBOPTS RG on developing the
solution.
- Produce a design rationale that documents the historical
thinking behind the introduction of an alternative security
mechanism, the Authentication Protocol (RFC 4285).
It should be noted that some of the features that are directly related
to Mobile IPv6 are being worked on in the MONAMI6, MIPSHOP, and NEMO
working groups. The specific extensions from these groups are out of
scope for the MIP6 working group. In particular, all optimizations are
out of scope. However, MIP6 may assist these groups when they use
features listed above and have requirements on them.
Goals and Milestones:
| Done | Submit I-D 'Issues with firewall Problem statement' to IESG | |
| Done | Submit I-D 'MIPv6 MIB' to IESG | |
| Done | Submit I-D 'Extensions to Socket Advanced API for MIPv6' to IESG | |
| Done | Submit I-D 'Alternate Route Optimization (Pre-config Key) scheme' to IESG | |
| Done | Submit Bootstrapping problem statement to IESG | |
| Done | Submit I-D 'Authentication Option for MIPv6' to IESG | |
| Done | Submit I-D 'Identification Option for MIPv6' to IESG | |
| Done | Submit I-D 'MIPv6 operation with IKEV2 and the revised IPsec Architecture to IESG | |
| Done | Submit Problem statement and Solution to Mobile IPv6 transition between v4/v6 networks to IESG | |
| Done | Submit I-D 'Mobility management for Dual stack mobile nodes: A Problem Statement' to IESG for publication as Informational. | |
| Done | Submit I-D 'Address Location Privacy and Mobile IPv6 Problem Statement' to IESG for publication as Informational. | |
| Done | Submit I-D 'Bootstrapping solution for split Scenario' to IESG for publication as a Proposed Standard. | |
| Apr 2007 | Submit I-D 'Motivation for Authentication I-D' to IESG for publication as Informational. | |
| Done | Submit I-D 'Bootstrapping solution for Integrated Scenario' to IESG for publication as a Proposed Standard. | |
| Jul 2007 | Submit I-D 'DHCP Options for Home Information Discovery in MIPv6' for publication as a proposed standard. | |
| Jul 2007 | Submit I-D 'Mobility Header Home Agent Switch Message' to IESG for publication as a Proposed Standard. | |
| Aug 2007 | Submit I-D 'Goals for AAA HA Interface' to IESG for publication as Informational. | |
| Sep 2007 | Submit I-D 'Home agent reliability' to IESG for publication as a Proposed Standard. | |
| Sep 2007 | Submit I-D 'Mobile IPv6 Dual-Stack Operation' to IESG for publication as a Proposed Standard. | |
| Oct 2007 | Submit I-D 'Mobile IPv6 Vendor Specific Option' to IESG for publication as a Proposed Standard | |
| Dec 2007 | Submit I-D 'Mobile IPv6 Experimental Allocations' to IESG for publication as a Proposed Standard. | |
| Dec 2007 | Submit the I-D 'RADIUS Mobile IPv6 Support' to IESG for publication as a proposed standard. | |
| Feb 2008 | Submit I-D 'Mobile IPv6 Operation with Firewalls' to IESG for publication as Informational. | |
| Feb 2008 | Submit I-D(s) related to specific updates and corrections of RFC 3775 to IESG for publication as Proposed Standard. |
Internet-Drafts:
Using IPsec between Mobile and Correspondent IPv6 Nodes (23052 bytes)Why Authentication Data suboption is needed for MIP6 (37606 bytes)
Mobile IPv6 support for dual stack Hosts and Routers (DSMIPv6) (74650 bytes)
MIP6-bootstrapping for the Integrated Scenario (30502 bytes)
Mobility Header Home Agent Switch Message (26207 bytes)
Home Agent Reliability Protocol (106425 bytes)
DHCP Option for Home Information Discovery in MIPv6 (35630 bytes)
RADIUS Mobile IPv6 Support (64640 bytes)
Mobile IPv6 Experimental Messages (14874 bytes)
Mobile IPv6 Vendor Specific Option (12302 bytes)
Authentication Protocol for Mobile IPv6 (42419 bytes)
Generic Notification Message for Mobile IPv6 (20594 bytes)
Request For Comments:
Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents (RFC 3776) (87076 bytes) updated by RFC 4877Mobility Support in IPv6 (RFC 3775) (393514 bytes)
Mobile Node Identifier Option for Mobile IPv6 (MIPv6) (RFC 4283) (14653 bytes)
Mobile IP version 6 Route Optimization Security Design Background (RFC 4225) (98584 bytes)
Authentication Protocol for Mobile IPv6 (RFC 4285) (40874 bytes)
Mobile IPv6 Management Information Base (RFC 4295) (209038 bytes)
Mobile IPv6 and Firewalls: Problem Statement (RFC 4487) (32022 bytes)
Securing Mobile IPv6 Route Optimization Using a Static Shared Key (RFC 4449) (15080 bytes)
Extension to Sockets API for Mobile IPv6 (RFC 4584) (53995 bytes)
Problem Statement for bootstrapping Mobile IPv6 (RFC 4640) (49926 bytes)
Mobile IPv6 Operation with IKEv2 and the revised IPsec Architecture (RFC 4877) (57941 bytes) updates RFC 3776
IP Address Location Privacy and Mobile IPv6: Problem Statement (RFC 4882) (24987 bytes)
Problem Statement: Dual Stack Mobility (RFC 4977) (16758 bytes)
Mobile IPv6 bootstrapping in split scenario (RFC 5026) (63138 bytes)
IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.
Return to working group directory. 
