OS Overview

04/24/23 . 1

OS Overview

04/24/23 . 2

Block Diagram of the System KernelUser Program

User Level User Libraries

System Call Interface

File SystemMobility Interface

Security Interface

Process Control system

MIPv4

MIPv6

Buffer Cache

Inter process Communication

Intra process Communication

Scheduler

Memory Management

Schedulerblockcharacter

Device Driver

Confidentiality

Authentication

Integrity

Nonrepudiation

Access Control

Availability Hardware Control

Kernel Level

Traps/ Interrupts

Hardware

VoIP & PTT Support

04/24/23 . 3

Algorithm Analysis Notations

04/24/23 . 4

Big O Notation

Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = O(g(n)) means it is less than some constant multiple of g(n).

Formal Definition: f(n) = O(g(n)) means there are positive constants c and k, such that 0 ≤ f(n) ≤ cg(n) for all n ≥ k. The values of c and k must be fixed for the function f and must not depend on n.

cg(n)

f(n)

k

04/24/23 . 5

Big ω Notation

Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = ω (g(n)) means g(n) becomes insignificant relative to f(n) as n goes to infinity.

Formal Definition: f(n) = ω (g(n)) means that for any positive constant c, there exists a constant k, such that 0 ≤ cg(n) < f(n) for all n ≥ k. The value of k must not depend on n, but may depend on c.

cg(n)

f(n)

k

04/24/23 . 6

Big Θ Notation

Definition: A theoretical measure of the execution of an algorithm, usually the time or memory needed, given the problem size n, which is usually the number of items. Informally, saying some equation f(n) = Θ (g(n)) means it is within a constant multiple of g(n). The equation is read, "f of n is theta g of n".

Formal Definition: f(n) = Θ (g(n)) means there are positive constants c1, c2, and k, such that 0 ≤ c1g(n) ≤ f(n) ≤ c2g(n) for all n ≥ k. The values of c1, c2, and k must be fixed for the function f and must not depend on n.

f(n)

c1g(n)

k

c2g(n)

04/24/23 . 7

Process Management

04/24/23 . 8

• A process is an entity which is created by the operating system and consists of a sequence of bytes which is interpreted by the CPU as

1.Machine instruction.

2.Data

3.Stack.

Many processes appear to execute simultaneously as the kernel schedules them for execution and several processes may be an instance of one program. In UNIX fork is used to create a process.

Process Definition

04/24/23 . 9

Process State & Transition

User Running

Sleep

Kernel

sleep

Ready to run

Wakeup

Schedule Process

Trap/interrupt return

Interrupt/Interrupt Return

04/24/23 . 10

Process Structure

text

Data

Stack

Process consists of 3 regions. Region is a contiguous area of the virtual address space

04/24/23 . 11

Data structure for a process

U Area

Process table

Per process region table allows independent processes to share regions.

text

data

stack

Per process region table

Region table

memory

04/24/23 . 12

File System

04/24/23 . 13

File System Definition

1. The collection of files and file management structures on a physical or logical mass storage device, such as a diskette or disk

2. the way the files are organized on the disk and the methods and data structures that an operating system uses to keep track of files on a disk or partition.

3. A data structure that translates the logical (files, directories) structure into physical (sector); it helps both computers and users to locate files.

04/24/23 . 14

File System Architecture for UNIX

/

bin unix devetc user

jimmike

x yz

tty00 tty01

04/24/23 . 15

File System Layout

Super block Inode list Data BlocksBoot block

Boot Block : first sector, contains bootstrap code to initialize the operating systemSuper Block : how many file it can store, where to find free spaceInode List : The list of inode in the file system. Each Inode may represent a file or a directory.

Data Blocks : The list of data blocks to carry the files information.

04/24/23 . 16

File System Data Structure

User File Descriptor File Table Inode Table

User File Descriptor: For each process. identify all open files for specific process

File table: Shared between all processes in the system . Contains how many bytes read or written, access rights allowed for the file

Inode Table: access rights and file blocks location

04/24/23 . 17

Intra process communication

04/24/23 . 18

signals

1. Signals are limited form of IPC that are used to notify a process that a given event has taken place.

2. Each signal has a unique positive integer representing it as well as a symbolic name (that is usually defined in the file /usr/include/signal.h.

3. Amount of information that can be conveyed via a signal is very limited (basically only the signal number).

P1 P2

Kill (pid, SIGSTOP)

04/24/23 . 19

signals (continue)

When a signal interrupts a process, the signal is handled as follows:1. Ignore the signal.2. Catch the signal. 3. default action apply.

04/24/23 . 20

Sending Signals 1. Using the keyboard: the Ctrl-C key causes the operating system to send a

SIGINT signal to the running process

2. From the command line: kill -INT 3333

3. Using system calls: #include <unistd.h> /* standard unix functions, like getpid() */#include <sys/ types.h> /* various type definitions, like pid_t */#include <signal.h> /* signal name macros, and the kill() prototype *//* first, find my own process ID */pid_t my_pid = getpid(); /* now that i got my PID, send myself the SIGSTOP signal. */int rc = kill(my_pid, SIGSTOP);if (rc != 0) /* unsuccessful */ { printf ("The \"kill\" system call failed with rc: %d\n", rc); }

04/24/23 . 21

Catching Signals #include <stdio.h> /* standard I/O functions */ #include <unistd.h> /* standard unix functions, like getpid() */ #include <sys/types.h> /* various type definitions, like pid_t */ #include <signal.h> /* signal name macros, and the signal() prototype */ /* The signal handler definition. */ void sigintHandler(int sig_num) { /* Register signal handler for SIGINT next time */ signal(SIGINT, sigintHandler); /* Print the message */ printf ("Don't you dare interrupt me\n"); } /* The main function. */ int main (int argc, char* argv[]) { /* Register signal handler for SIGINT */ signal(SIGINT, sigintHandler); /* Go into an infinite loop */ for ( ;; ) pause(); }

04/24/23 . 22

pipes

P1 P2

Fd[1] Fd[0]

write read

Pipes allows transfer of stream of data between processes in a first-in-first-out manner (FIFO), and also allow

synchronization of process execution.

04/24/23 . 23

Pipes (continue)

#include <stdio.h>#include <stdlib.h>#include <errno.h> #include <unistd.h> int main() { int pfds[2]; char buf[30]; if (pipe(pfds) == -1) { perror("pipe"); exit(1); } printf ("writing to file descriptor #%d\n", pfds[1]); write(pfds[1], "test", 5); printf ("reading from file descriptor #%d\n", pfds[0]); read(pfds[0], buf, 5); printf ("read \"%s\“ \n", buf); }

04/24/23 . 24

message queues

P1 P2

msgsnd

Message queues allows transfer of user defined messages between processes in a first-in-first-out manner (FIFO), and

they also allow synchronization of process execution.

msgrcv

04/24/23 . 25

msgsnd & msgrcv example#include <sys/types.h>#include <sys/ipc.h>#include <sys/msg.h>#define MSGKEY 75struct msgform{

long msgtype;char mtext [256];

}main (){

struct msgform msg;int msgid, pid;pid = getpid ();msg.mtext [0] = pid;msg.mtype = 1;msgid = msgget (MSGKEY,0777);msgsend (msgid, &msg,sizeof (int),0);msgrcv (msgid, &msg,256,pid,0);

}

04/24/23 . 26

Shared memory example (continue)

P1 P2

strncpy

a segment of memory that is shared between processes no synchronization of processes is provided.

strncpy

Shared memory

04/24/23 . 27

Shared memory example

#include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/types.h> #include <sys/ipc.h> #include <sys/shm.h> #define SHM_SIZE 1024 /* make it a 1K shared memory segment */ int main (int argc, char *argv[]) { key_t key; int shmid; char *data; int mode; /* make the key: */ if ((key = ftok ("shmdemo.c", 'R')) == -1) { perror("ftok"); exit(1); }

04/24/23 . 28

Shared memory (continue)

/* connect to (and possibly create) the segment: */ if ((shmid = shmget(key, SHM_SIZE, 0644 | IPC_CREAT)) == -1) { perror ("shmget"); exit(1); } /* attach to the segment to get a pointer to it: */ data = shmat (shmid, (void *)0, 0); if (data == (char *)(-1)) { perror ("shmat"); exit(1); } /* read or modify the segment, based on the command line: */ strncpy (data, argv[1], SHM_SIZE); printf ("segment contains: \"%s\"\n", data); /* detach from the segment: */ if (shmdt(data) == -1) { perror ("shmdt"); exit(1); } return 0; }

04/24/23 . 29

sockets

P1 P2

Fd[1] Fd[0]

write read

Sockets are used for inter and intra process communication. It is based on TCP or UDP, and also allow synchronization of process

execution.

04/24/23 . 30

UDP Socket system calls for client/server

Client Side

socket

connect

write

read

close

Server Side

socket

bind

read

write

close

04/24/23 . 31

Conceptual OS Data Structure for UDP socket

File Descriptor TableOne per process

Family : PF_INETService: SOCK_DGRAMLocal IP: 47.12.121.13Local port: 5000stdin

stdoutstderr

04/24/23 . 32

TCP Socket system calls for client/server Client Side

socket

connect

write

read

close

Server Side

socket

bind

listen

accept

read

write

close

04/24/23 . 33

Conceptual OS Data Structure for TCP socket

File Descriptor TableOne per process

Family : PF_INETService: SOCK_STREAMLocal IP: 47.12.121.13Remote IP: 47.12.121.100Local Port: 5000

Remote Port: 5100

stdinstdoutstderr

04/24/23 . 34

UDP/TCP Server #include <sys/types.h> #include <sys/socket.h > #include <netinet/in.h> #include <arpa/inet.h > #include <netdb.h > #include <stdio.h> #include <unistd.h> /* close() */ #include <string.h> /* memset() */ #define LOCAL_SERVER_PORT 1500 #define MAX_MSG 100 int server (char *protocol,int argc, char *argv[]) { int sd, rc, n, cliLen; struct sockaddr_in servAddr; char msg[MAX_MSG]; /* socket creation */ if (strcmp (protocol, ”udp”) == 0) sd =socket (AF_INET, SOCK_DGRAM, 0); else

sd =socket (AF_INET, SOCK_STREAM, 0); /* bind local server port */ servAddr.sin_family = AF_INET; servAddr.sin_addr.s_addr = htonl(INADDR_ANY); servAddr.sin_port = htons(LOCAL_SERVER_PORT); rc = bind (sd, (struct sockaddr *) &servAddr,sizeof(servAddr)); if (strcmp (protocol, ”udp”) != 0)

listen (sd,5); return sd;}

04/24/23 . 35

UDP/TCP Client #include <sys/types.h> #include <sys/socket.h > #include <netinet/in.h> #include <arpa/inet.h > #include <netdb.h > #include <stdio.h> #include <unistd.h> /* close() */ #include <string.h> /* memset() */ #define REMOTE_SERVER_PORT 1500 int client (int protocol,int argc, char *argv[]) { int sd, rc, i; struct sockaddr_in sin; struct hostent *h; /* get server IP address*/ h = gethostbyname(argv[1]); sin.sin_family = h->h_addrtype; // AF_INET memcpy ((char *) &sin.sin_addr.s_addr, h->h_addr_list[0], h->h_length); sin.sin_port = htons(REMOTE_SERVER_PORT); /* socket creation */ if (strcmp (“udp”, protocol) == 0) sd = socket(AF_INET,SOCK_DGRAM,0); else sd = socket(AF_INET,SOCK_STREAM,0); if ((rc = connect (sd, (struct sockaddr *) &sin, sizeof(sin))<0) return -1; return sd;}

04/24/23 . 36

UDP Server

/* server infinite loop */int main (int argc, char *argv[]) ( int sd =0, cliLen; struct sockaddr_in cliAddr;

sd = server (“udp”, argc, argv); while(1) { /* init buffer */ memset(msg,0x0,MAX_MSG); /* receive message */ cliLen = sizeof(cliAddr); n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) &cliAddr, &cliLen); if (n<0) { printf("%s: cannot receive data \n",argv[0]); exit (-1); } /* print rcv message */ print ("%s: from %s:UDP%u : %s \n", argv[0],inet_ntoa(cliAddr.sin_addr), ntohs(cliAddr.sin_port),msg); }/* end of server infinite loop */ return 0;

}

04/24/23 . 37

Inter process communication

04/24/23 . 38

Inter process communication protocols

•TCP – Transport Communication Protocol.•UDP - User Defined Protocol.•IP4 - Internet Protocol version 4.•IP6 - Internet Protocol version 6.

04/24/23 . 39

Protocol Stack

Physical Layer

Data Link Layer

Internet Protocol (MIP6,MIPv4,IP4,IP6)

Transport (UDP,TCP)

Application (MIPv4)

Kernel

04/24/23 . 40

TCP Protocol Procedure

04/24/23 . 41

TCP- Transport Communication Protocol

•Byte stream service with no structure.

•Full Duplex.

•Connection Oriented.

•Reliable Service.

04/24/23 . 42

TCP Connection Opened

User A

TCP:SYNC – (port 5060)

TCP:SYNC+ACK – (port 5060)

TCP:ACK – (port 5060)

User B

04/24/23 . 43

TCP Connection Closed

User A

TCP:FIN – (port 5060)

TCP:ACK – (port 5060)

Connection Closed

User B

TCP:FIN – (port 5060)

TCP:ACK – (port 5060)

04/24/23 . 44

TCP Sliding Window

1 2 3 4 5 6 7 8 9 10

1 2 3 4 5 6 7 8 9 10

Initial window

Window slides

A sliding window protocol with 8 packets in the window. The window slides so that packet 9 can be sent when an

acknowledgment has been received for packet 1. Only non acknowledged packets are retransmitted.

04/24/23 . 45

TCP Positive Acknowledgement

User A User B

Send Packet 1

Send Packet 2

Send Packet 3

Recv Ack 1

Recv Ack 3

Recv Ack 2

Recv Packet 1Send ACK1Recv Packet 2Send ACK 2Recv Packet 3Send ACK 3

04/24/23 . 46

UDP Protocol

04/24/23 . 47

User Datagram Protocol (UDP)

The UDP protocol provides an unreliable connectionless delivery service using IP to transport messages between machines. It uses IP to carry messages, but adds the ability to distinguish among multiple destinations within the given host computer

Host:: x1.y1.z1.w1

p1

p2

p3

Multiple applications distinguished by port

numbers

Host:: x2.y2.z2.w2

p1

p2

p3

Multiple applications distinguished by port

numbers

04/24/23 . 48

UDP Header

Source Port Destination Port

UDP Message Length UDP Checksum

Data

04/24/23 . 49

UDP Checksum

Verify the integrity of the packet

Calculate Checksum

Received PacketChecksum

= If changed or not

04/24/23 . 50

IP4 Protocol

04/24/23 . 51

Type of Addresses for IPv4

Unicast Address

An address for a single interface. Packet sent to this address is delivered to the interface identified by this address.

04/24/23 . 52

Type of Addresses for IPv4 (continue)

Broadcast Address

An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to all nodes in the network

04/24/23 . 53

Type of Addresses for IPv4 (continue)

Multicast Address

An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to interfaces

identified by this address

04/24/23 . 54

IPv4 Header

Source IP Address

Destination IP Address

Time to live Protocol checksum

flags Fragment OffsetIdentification

Total lengthType of serviceversion IHL

IF OPTIONS (IF ANY) PADDING

Data

04/24/23 . 55

TOS field description

Differential Service Code Point DSCP Unused

Different queue for services•Delay Sensitive•Rate Sensitive

04/24/23 . 56

IPv4 Header Checksum

Source IP Address

Destination IP Address

Time to live Protocol 0

flags Fragment OffsetIdentification

Total lengthType of serviceversion IHL

IF OPTIONS (IF ANY) PADDING

Data

IP checksum is formed by treating the header as a sequence of 16-bit integers (in network byte order), adding them together

using one’s complement arithmetic, and then taking the one’s complement of the result.

04/24/23 . 57

IP6 Protocol

04/24/23 . 58

Type of Addresses for IPv6

Unicast Address

An address for a single interface. Packet sent to this address is delivered to the interface identified by this address.

04/24/23 . 59

Type of Addresses for IPv6 (continue)

Anycast Address

An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to only one node in this set.

04/24/23 . 60

Type of Addresses for IPv6 (continue)

Multicast Address

An address for a set of interfaces, which belongs to different nodes. A Packet sent to this address is delivered to interfaces

identified by this address

04/24/23 . 61

IPv6 Header Format

Version Traffic Class Flow Label

0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7

Payload Length Next

Header Hop Limit

Source IP (128 bits)

Destination IP (128 bits)

04/24/23 . 62

Order of Extension Header

IPv6 Header

Hop-By-Hop

Destination Header

Routing Header

AH

ESP

Destination Header

Upper Layer Header

Fragmentation Header

Processed by all the intermediate Nodes

To be processed by the first destination that appears in the IPv6 Destination Address field plus subsequent destinations listed in the Routing header.

for options to be processed only by the final destination of the packet.

e.g. UDP TCP ICMP

04/24/23 . 63

Routing Header

Next Header Hdr Ext Len

0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7

Type-specific data

The Routing Header is used by an IPv6 source to list one or more intermediate nodes to be “visited” on the way to the

packet’s destination. The Routing header is identified by the value 43 in the Next Header field of the IPv6 Header

Routing Type Segment Left

04/24/23 . 64

Routing Header (continue)

Next Header Hdr Ext Len

0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7

Type-specific data

Routing Type Segment Left

Routing Type – 8 bits identifier of a particular routing header variant.

Segments Left– 8 bits unsigned integer. Number of explicitly listed intermediate nodes still to be visited before reaching the final destination.

Type-specified data– Variable-length field, of format determined by the routing type, and of length such that the complete routing header is an integer multiple of 8 octets long.

04/24/23 . 65

Routing Header Routing Type = 0 (continue)

Next Header Hdr Ext Len

0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7

Address [1] (128 bits)

Routing Header= 0 Segment Left

Address [2] (128 bits)

Address [n] (128 bits)

04/24/23 . 66

1. IPv4 address is 32 bits, IPv6 address is 128 bits.

2. IPv4 header is variable size, at least 20 bytes. IPv6 header size is fixed 40 bytes. This feature will make router header processing more efficient.

3. Addressing modes for IPv4 are: Broadcast, Multicast, Unicast. IPv6 addressing modes are Multicast, Anycast, Unicast. IPv6 eliminate the Broadcast mode for security reasons. IPv6 added Anycast which was not in IPv4.

4. Security is built in feature in the IPv6 protocol. In IPv4 it is not.

5. IPv6 has more support for QoS. It has two Fields Traffic Class & Flow Label fields. IPv4 has only a TOS field.

6. Fragmentation is done by any node in IPv4. In IPv6 the fragmentation is done by the source.

7. Improvement support for extensions & options. New extension encoding allow flexibility in introducing new options & easy processing for those options.

8. Stateless & stateful address configuration for IPv6, Stateful address configuration for IPv4

IPv4 vs IPv6

04/24/23 . 67

Acronym

HA Home Agent

FA Foreign Agent

HoA Home IP Address.

CCoA collocated Care-of Address

FCoA Foreign Agent Care-of Address.

MIPv4 Mobile IP version 4.

MIPv6 Mobile IP version 6.

MN Mobile Node.

CN Correspondent Node.

04/24/23 . 68

Mobility Problem

電腦

路由器 Internet

路由器

路由器

工作站

Home AgentCorrespondent Node

Mobile Node

Router

Router

Router

Home Link Link A Link B

Link C

move

04/24/23 . 69

Visiting Network

Internet

MIP Conceptual Model

Home Network

HA

HoA CoA

MN

CN

04/24/23 . 70

MIPv4

04/24/23 . 71

MIP4: Protocol Stack

Physical Layer

Data Link Layer

Internet Protocol (MIP4,IP4)

Transport (UDP,TCP)

Application (MIPv4)

Kernel

04/24/23 . 72

MIP4:Registration With Home Agent- CCoA –Ref [1]

IP4HA

Home NetworkForeign Network

MN

CN

RRQ

RRPCCoA

FA

04/24/23 . 73

MIP4:Forward Traffic-FCoA

IP4

CoA

HAHome Network

Foreign Network

MN

CNOuter IP Header:•Src = HAIP•Dst = FCoA

Inner IP header•Src = CNIP•Dst = HoA

IP header•Src = CNIP•Dst = HoA

1

2

FA

04/24/23 . 74

MIP4:Forward Traffic-Tunneling-CCoA

IP4

CCoA

HAHome Network

Foreign Network

MN

CNOuter IP Header:•Src = HAIP•Dst = CCoA

Inner IP header•Src = CNIP•Dst = HoA

IP header•Src = CNIP•Dst = HoA

1

2

04/24/23 . 75

MIP4:Reverse Traffic-FCoA

IP4

FCoA

HAHome Network

Foreign Network

MN

CN

IP header•Src = HoA•Dst = CNIP

1

FA

04/24/23 . 76

MIP4:Reverse Traffic-CCoA

IP4

CCoA

HAHome Network

Foreign Network

MN

CNIP header•Src = CCoA•Dst = CNIP

1

FA

04/24/23 . 77

MIP4:Reverse Traffic-Tunneling-FCoA

IP4

FCoA

HAHome Network

Foreign Network

MN

CNOuter IP Header:•Src = FCoA•Dst = HAIP

Inner IP header•Src = HoA•Dst = CNIP

IP header•Src = HoA•Dst = CNIP

1

2

FA

04/24/23 . 78

MIP4:Reverse Traffic-CCoA

IP4

CCoA

HAHome Network

Foreign Network

MN

CNOuter IP Header:•Src = CCoA•Dst = HAIP

Inner IP header•Src = HoA•Dst = CNIP

IP header•Src = HoA•Dst = CNIP

1

2

04/24/23 . 79

MIP4:Going Back Home

HAHome Network

Foreign Network

CN

RRQ [lifetime=0]

RRP[lifetime = 0]

MN

IP6

gratuitous ARP

Gratuitous ARP

Agent Advertisement

04/24/23 . 80

MIP4:Security

IP4

FCoA

HAHome Network

Foreign Network

MN

FA

FA-HA AE

MN-HA AE

MN-FA AE

04/24/23 . 81

MIP4:Authentication Calculation

HMAC_MD5

UDP payload

SPI

Auth Type

Shared Security Key

Message Digest

04/24/23 . 82

MIP4: Registration With Home Agent-FCoA –Ref [1]

IP4HA

Home NetworkForeign Network

MN

CN

RRQ(HoA,FCoA,HA)FCoA

FA RRP(HoA,FCoA,HA)

Gratuitous ARP

04/24/23 . 83

MIP4:Registration With Dynamic HoA Allocation –Ref [3]

IP4HA

Home NetworkForeign Network

MN

CN

RRQ(NAI,HoA=?,FCoA,HA)

FCoA

FA RRP(NAI,HoA,FCoA,HA)

04/24/23 . 84

MIP4: Registration With Dynamic HA Allocation –Ref [2]

IP4HA

Home NetworkForeign Network

MN

CN

RRQ(NAI,HoA,FCoA,HA=?)

FCoA

FA RRP(NAI,HoA,FCoA,HA)

04/24/23 . 85

MIP4:Registration With Dynamic HA Allocation-Ref [2] (Cont)

IP4HA2

Home NetworkForeign Network

MN

CN

RRQ(NAI,HoA,FCoA,HA=?)FCoA

FA

RRP(NAI,HoA,FCoA,HA=HA2) HA1

RRQ(NAI,HoA,FCoA,HA=HA2)

RRP(NAI,HoA,FCoA,HA=HA2)

04/24/23 . 86

MIP4:Registration With Dynamic HA & HoA Allocation –Ref [2],[3]

IP4HA

Home NetworkForeign Network

MN

CN

RRQ(NAI,HoA=?,FCoA,HA=?)

FCoA

FA RRP(NAI,HoA,FCoA,HA)

04/24/23 . 87

MIPv6

04/24/23 . 88

Registration With Home Agent

Internet HA

Home NetworkForeign Network

HoAMN

CN

BU

BACoA

04/24/23 . 89

Bidirectional Tunneling -Forward Traffic

Internet

CoA

HAHome Network

Foreign Network

HoAMN

CNOuter IP Header:•Src = HAIP•Dst = CoA

Inner IP header•Src = CNIP•Dst = HoA

IP header•Src = CNIP•Dst = HoA

1

2

04/24/23 . 90

Bidirectional Tunneling –Reverse Traffic

Internet

CoA

HAHome Network

Foreign Network

HoAMN

CNOuter IP Header:

•Src = CoA•Dst = HAIP

Inner IP header•Src = HoA•Dst = CNIP

IP header•Src = HoA•Dst = CNIP

1

2

04/24/23 . 91

Route Optimization-Forward Traffic

Internet

CoA

HAHome Network

Foreign Network

HoAMN

CNIP Header:

•Src = CNIP•Dst = CoA

Type 2 Routing Header• HoA

IP Header:•Src = CNIP•Dst = HoA

12

04/24/23 . 92

Route Optimization-Reverse Traffic

Internet

CoA

HAHome Network

Foreign Network

HoAMN

CNIP Header:•Src = CoA•Dst = CNIP

Destination Option Header•Home Address Option with HoA

IP Header:•Src = HoA•Dst = CNIP

12

04/24/23 . 93

Basic Address Stealing

Original Data Flow

BU <HoA = IPMN, CoA = IPvictim >

New Data Flow

attacker

MN CN Victim

04/24/23 . 94

Round Routability

Internet

CoA

HAHome Network

Foreign Network

HoAMN

CN

HoT

HoTI

HoT

HoTI

1

1

CoTICoT

1

2

2

BUBA

34

2