Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing

Institute for Computer Science, University of Freiburg

Western Australian Interactive Virtual Environments Centre (IVEC)

Lecture 11: Introduction to Mobile IP

We will discuss : The basic framework in mobile IP The concepts of foreign network, home network

and correspondent nodes Mobility binding and security issues Changes in IPv6 and future of mobile IP

This lecture is based on a tutorial on Mobile IP by, Charles E. Perkins




Why do we need Mobile IP?

At present, any access to the internet has an inherent restriction of point of attachment.

We go to office, university or workplace and access the internet from a fixed IP address. This IP address may be for a desktop or laptop computer.

If we take our computer to a different place, outside our usual network, we have to reconfigure it with a new IP address.




Why do we need Mobile IP?

It will be very nice if mobility does not affect internet sessions.

For example, we should be able to take a laptop computer from our workplace to home without noticing any change in the internet connectivity.

In general, users should be able to move around seamlessly. Mobility of the computer should be completely transparent to the applications running on the computer.




Why do we need mobile IP?

For example, the user should continue to receive emails and keep connected to the internet.

Mobile IP makes mobility completely transparent to applications running on a mobile computer.

The applications feel that the mobile computer is connected to its usual IP address even if it is far away from its home network.




Comparison with telephones

A good comparison can be made with mobile telephone networks.

A user can move around and continue using a mobile phone without noticing any change in connectivity.

A fixed IP address is similar to a fixed home telephone connection. You can only communicate if you are at home.




Comparison with telephones

On the other hand mobile phones have given users complete freedom of communication. Users can communicate anytime and anywhere.

Users need not worry about their location and movement and connections are made in a completely transparent fashion.

However access to internet is not as transparent when users are mobile.




Difference between internet access and telephone

However, there is a clear difference between internet access and mobile telephones.

Users typically run applications that require resources from their home network. An example is emails. Users receive emails at their email address even though they are moving.

Hence there is a need to maintain connections with the user’s home network.




The problem with Internet Protocol (IP)

IP routes packets to their destinations according to IP addresses.

An IP address is associated with a fixed network location.

When a user moves, each new point of attachment has a new IP address. Hence it is very difficult to keep mobility transparent.




How IP works

Routing tables are used for routing packets.

The routing tables maintain the next hop information for each destination IP address.

A packet is forwarded from the incoming network interface to the outgoing interface according to the next hop information.

Hence, an IP address contains the information about the point of attachment of a computer.




How TCP works

Most internet connections use TCP. A good example is email clients.

A TCP connection is uniquely identified by four components :

<IP_source, port_source,IP_dest, port_dest>

If we change any one of these four components, the connection will be broken.




How TCP works

If a packet has to be delivered to a mobile node’s current point of attachment, we need to change the destination IP address and port number.

It is impossible to do so once a connection has been established.

Mobile IP allows a mobile node to use two different IP addresses.




Home address and Care-of address

The home address is static and effectively identifies the user to the internet. TCP connections are established using the home address.

The mobile node gets a new care-of address every time it connects to a new point of attachment.

The home address is associated with the home network and the care-of address is associated with a foreign network.




Foreign Network and Foreign Agent

When a mobile node moves, it first connects to a foreign agent in a foreign network.

Next, the mobile node is assigned a care-of address (an IP address) by the foreign network.

The node now registers its care-of address with the home agent.




Home Network and Home Agent

The home network contains a network node called Home Agent. The home address of the mobile node is the IP address of the home agent.

The home agent is responsible for receiving all the packets sent to the mobile node when the mobile node is away.

It is the responsibility of the home agent to deliver the packets to the mobile node at its current point of attachment.




Correspondent Node

A correspondent node is a computer that sends packets to the mobile node. A correspondent node is typically connected to its own home network.

A correspondent node is aware of only the IP address of the mobile node in the home network of the mobile node.

Any packet from the correspondent node is delivered to the home agent.




A Schematic Diagram of Mobile IP

Mobile node

Home agent

Correspondent Node

Foreign agent




The Basic Mechanisms in Mobile IP

The correct functioning of mobile IP depends upon the coordination of three different activities

1. Discovering the care-of address of a mobile node.

2. Registering the care-of address with the home agent.

3. Tunneling of packets from the home agent to the care-of address.




Discovering the care-of Address

In mobile IP, both a foreign agent and a home agent periodically broadcast agent advertisement messages.

The role of foreign and home agents have been kept similar for two reasons :

1. A home agent for one mobile node may act as a foreign agent for another mobile node.

2. A mobile node can decide whether it is in the home network or in a foreign network.




Agent Advertisements

Hence, an agent advertisement has the functions : It allows mobile nodes to discover foreign agents

and get care-of addresses. It allows the mobile node to know the services

provided by the foreign agent. It allows the mobile node to determine whether

an agent is its home agent or a foreign agent.




Solicitation from a Mobile Node

A mobile node can generate agent solicitation messages when it is looking for a foreign agent.

It may happen that a foreign agent has offered service, but the mobile node can no longer receive advertisements from the foreign agent.

The mobile node assumes that the foreign agent is out of range. It may contact other foreign agents whose advertisements it has received, or it may send solicitation messages.




Registering the Care-of Address

When a mobile node receives a care-of address from a foreign agent, its home agent needs to be informed.

Image from the tutorial by Charles Perkins




Registering the Care-of Address

The mobile node sends a registration request to its home agent through the foreign agent who has provided the new care-of address.

When the home agent receives the request, it updates its routing table and sends a registration reply back to the foreign agent.

The mobile node starts receiving packets from its home agent once the home agent has accepted its registration request.




Binding for a Mobile Node

The home agent associates the care-of address of the mobile node with its home address.

Any packet coming to the home agent will be tunneled to the mobile node in future.

The home agent also associates a registration lifetime for the mobile agent.

The three entities : home address, care-of address and registration lifetime is called a binding for the mobile node.




Authentication of a Registration Request

It is extremely important to authenticate a registration request. Otherwise, a malicious node may send fake registration requests.

Each mobile node and home agent must create digital signatures that cannot be forged.

This is done by using a one-way hash algorithm over all the data in the registration request.

However, there is still a possibility of a replay attack.




Prevention of Replay Attack

A malicious node may replay a valid registration request later.

It may be possible that the mobile node has now a new foreign agent and the home agent has no way to distinguish between a valid registration request and the replay of an old registration request.





Each new registration request must contain unique data so that two separate registrations will not have the same hash.

Each registration message has a special identification field that changes with each new registration message.

One possibility is to use a time stamp for identification as the time from the mobile node changes with each registration message.





However, there is a problem with using time stamps. The mobile node and the home agent may differ in their clocks more and more.

A better strategy is to use a random number for identification every time a new registration request is sent.

The chance that two 32-bit random numbers will be the same is very low.




Delivery of Packets to the Mobile Node

When the home agent receives a packet for the mobile node, it delivers the packet to the care-of address of the mobile node.

The home agent applies a transformation on the packet so that the care-of address becomes the destination address.

A reverse transformation is applied when the packet arrives at the care-of address. It appears as if the mobile node’s home address is the destination address.




Tunneling and IP-within-IP

Image from the tutorial by Charles Perkins




Tunneling and IP within IP

The transfer of the packet from the home agent to the care-of address is called tunneling.

The home agent is the source of the tunnel. The home agent inserts a new tunnel header in front of the IP header of a packet addressed to the mobile agent and received by the home agent.

The tunnel header is the care-of IP address of the mobile node. The old header is preserved as it was in the original packet.




Tunneling and IP within IP

The foreign agent is the receiver of the tunnel. When the foreign agent receives the tunneled

packet, it has to delete the tunnel header to recover the original packet.

The foreign agent delivers the packet to the mobile node after removing the tunnel header.

Hence, for the mobile node, the packet looks like a normal packet exactly similar to a packet that it receives when it is connected to the home network.




Communication with Correspondent Nodes

Mobile node

Home agent

Correspondent Node

Foreign agent




Communication with Correspondent Nodes

The communication between the mobile node and a correspondent node is asymmetrical.

Once the mobile node knows the IP address of the correspondent node, it can send packets directly to the correspondent node.

However, the correspondent node cannot send packets directly to the care-of address of the mobile node.

The correspondent node has to send packets to the home agent.




Changes in Mobile IPv6

IPv6 has many features for mobility that are not present in IPv4.

Most importantly, there is no need of a foreign agent for supporting mobility in IPv6.

A mobile node will be able to configure its own care-of address through stateless address autoconfiguration and neighbour discovery.

This will reduce latency and increase security in Mobile IPv6.




Changes in Mobile IPv6

The tunneling mechanism for delivering packets from the home agent to the mobile node will remain similar. In particular, the details of IPv6-within-IPv6 has been already worked out.

However, one of the main changes in IPv6 will be route optimization.

When a correspondent node knows the current care-of address of a mobile node, it can send packets to the mobile node directly.




Communication with Correspondent Nodes in IPv6

Mobile node

Home agent

Correspondent Node




End of the course

I hope you enjoyed the course.

Thank You

Documents

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)