tunnels

Download Report

Transcript tunnels 

Sideseadmed (IRT0040)
loeng 5/2010
Avo
[email protected]
1
Client, Public IPv6 address 1
IMS with IPv6
Multi-country/Multi-operator
SIP-connectivity
network
SIP
Prox
y
SIP Signaling:
A’s address =
Public IPv6 Addr 1
SIP
Prox
y
Public
IP-routing domain
(inter-operator
connections)
Media from B to A:
Sent to Public IPv6 Addr 1
Client, Public IPv6 address 2
2
Terminology (1)
Home Agent (HA)
HN
Foreign Agent (FA)
FN
Mobile Host (MH)
3
Terminology (2)
• Similar to cellular.
• Mobile Node (MN or MH): node changing
its PoA.
• Correspondent Host (CH).
• Home Network (HN) and Foreign Network
(FN).
4
Terminology (3)
• Mobility Agents:
– Home Agent (HA): router on MN’s HN that
tunnels datagrams to MH when away and keeps
MH’s current location info.
– Foreign Agent (FA): router on foreign network;
delivers datagrmas to MH while on FN.
• Home Address (HoA) and Care-of Address
(CoA):
– HoA: MH’s permanent address on HN.
– CoA: MH’s temporary address on FN.
5
Mobile-IP: Basic Operation
• MH normally uses its home address HoA.
• When MH visits a foreign network,
– Registration with FA.
• Discover mobile agent and CoA.
– Registration with HA.
• Binding update (HoA -> CoA).
• Communicating with MN: use HoA.
• HA forwards packet from HoA to CoA.
6
Discovering Agents
Agents periodically beacon
advertisements
7
Agent Discovery
• Agent advertisement (beaconing):
– Mobile agent broadcast agent advertisement at
regular intervals (“I am here”).
• Agent solicitation:
– MH can poll (“anyone here?”).
– Mobile agent responds to poll.
8
Discovering Agents
MH polls; agent responds.
9
Agent Advertisement
• Allow for the detection of mobility agents.
• Follows ICMP router advertisement message.
• Let the MH know whether the agent is a HA, or a
FA.
• List one or more available care-of addresses.
• Inform the MN about special features provided by
FA.
– Example: Alternative encapsulation techniques, header
compression.
10
Registration
11
Registering
• When away, MH registers its CoA with HA
(binding update).
• Binding: (HoA->CoA)
– Binding has a lifetime.
• Registration process
–
–
–
–
–
MH sends a registration request with CoA.
HA authenticates request.
HA approves or disapproves the request.
HA adds necessary information to its routing table.
HA sends registration reply back to MH.
12
Tunneling
• HA tunnels datagrams destined to MH when
MH is away.
– Datagrams sent to MH, intercepted by HA and
tunneled to its CoA.
• Tunnel terminates at MH CoA (either the
MH or the FA).
13
Tunneling
SRC
Tunneled Data Packet
HA keeps binding
between MH and FA
14
Encapsulation
• Tunneling requires encapsulation.
– Sending the original packet (CH->MH) in
another packet (HA->CoA).
• Default encapsulation mechanism:
– IP-within-IP (tunnel).
– Tunnel header: new IP header inserted by the
tunnel source (home agent).
– Destination IP: CoA
15
Mobile IP Basic Operation
• Entities
– Mobile host, home agent, foreign agent,
corresponding host
• Discovering Care-of Addresses
– Agent advertisements
• Registering Care-of Address
– Security
• Tunneling to Care-of Address
– IP-within-IP encapsulation
16
Tunneling in Mobile IP
17
Mobile IPv6
• Mobility support in IPv6 (RFC 3775)
• Mobile node (MN) is a mobile device with an
IPv6 home address
• Correspondent node (CN) is a computer with
which mobile node communicates using its home
address.
• Home Agent (HA) helps MN to manage its
mobility:
– Mobile node can always be reached at its home address,
regardless of its point of attachment (care-of address) to
the Internet.
– Connections made with home address survive
movement between different IP networks.
18
Mobile IPv6 addressing
• IP addresses act as both an identifier for a node
and as a locator.
• Mobile IPv6 separates the identity, home address
of mobile node from its locator, known as care-of
address (CoA).
• Without Mobile IPv6 MN can not use its home
address for sending and receiving packets when it
is outside its home network.
• Mobile IPv6 uses IP-IP tunneling to create a
virtual network between its CoA and HA, so that
MN always appears to be in its home network.
19
Reverse Tunneling
• IPv6 in IPv6 tunnel is used for delivering
traffic to and from home address of MN via
HA.
Tunnel IPv6 hdr (CoA –HA) IPv6 hdr (HoA-CN)
Data
• HA uses proxy neighbor discovery to redirect
packets on home link destined to home address
of MN to its own link layer address.
• HA keeps track of the care-of address of MN to
deliver packets to MN.
20
Mobile IPv6 operation
Tunnel
Binding Ack.
Proxy ND for HoA
Binding Update
Router Advertisement
Router solicitation
MN forms
Care-of address
21
Route in Mobile IPv6
• Tunneling of traffic between MN and CN via
home agent is not efficient.
– HA is a potential bottleneck
– Extra routing hop increases network latency
• Route optimization (RO) allows MN and CN to
communicate directly
• MN sends a BU to CN.
• MN and CN use home address option and routing
header, type 2 to send packets to each other.
• Route optimization is secured using return
routability protocol.
22
Mobile IPv6 Implementations
• Windows
– MS Research implementation MN, CN, HA
– MS CN implementation for Win XP
– Elmic software: embedded MN
• Linux
– MIPL (Helsinki University of Technology):
MN/CN/HA
– Elmic software: embedded MN
• Symbian: MN
• Cisco: HA
• Nokia: HA
23
Mobile IPv6 extensions
• Localized mobility management
– Hierarchical Mobile IPv6
– Fast Mobile IPv6
• Context transfer to new router: Context
transfer protocol
• Early discovery of new router: Candidate
access router discovery protocol
24
Network Mobility
25
NEMO (RFC 3963) Operation
Network a::
Network b::
IP IP tunnel
Network
a:1::
26
IPv4 Mobility vs IPv6 Mobility
function
IPv4 (RFC3344)
IPv6 (RFC 3775)
addressing
32 bit addresses
128 bit addresses
Home address
One home address
A globally routable
Home Address
(HoA)and a link
local HoA
Care-of-Address
Via agent discovery, Stateless Address
DHCP or manual
Autoconfig, DHCP
config
manual config or
27
IPv4 Mobility vs IPv6 Mobility
function
IPv4 (RFC 3344) IPv6 (RFC 3775)
Movement detection Agent Discovery
through Foreign
Agent
IPv6 Router
Discovery
CoA (Care of
Address)
Foreign Agent CoA CoA’s are ALL coand co-located CoA located. No Foreign
Agents needed
Dynamic Home
Agent Address
Discovery
(DHAAD)
Directed broadcast. Anycast addressing.
Returns separate
Returns a single
replies from all HA’s reply to the MN
to the MN (Mobile
Node)
28
IPv4 Mobility vs IPv6 Mobility
function
IPv4 (RFC 3344) IPv6 (RFC 3775)
Data packet delivery Tunnel routing
to MN
Tunnel routing and
source routing with
IPv6 routing headers
Decapsulation of
data packets sent to
MN’s CoA
Foreign Agent
decapsulates
MN itself
decapsulates
Link layer
neighbour address
discovery
ARP
IPv6 neighbour
discovery;
decoupled from any
given link layer.
29
Lingid
http://en.wikipedia.org/wiki/Mobile_IP
http://tools.ietf.org/html/rfc3344
http://en.wikipedia.org/wiki/Mobile_IP
http://en.wikipedia.org/wiki/Mobility_manage
ment
http://www.iec.org/online/tutorials/tmn/
30
Mobile IP
http://www.ietf.org/rfc/rfc3344.txt?number=3
344
http://www.ietf.org/rfc/rfc3775.txt?number=3
775
http://www.hznet.de/ipv6/mipv6-intro.pdf
http://www.ipv6.org.uk/workshop/slides/ipv6_
workshop2_module3_final_animated.ppt
31
Mobile IPv6
• Mobile IPv6: RFC 3775
• Securing Mobile IPv6 MN-HA signaling:
RFC 3776
• Hierarchical MIPv6: RFC 4140
• Fast Mobile IPv6: RFC 4068
• Context transfer protocol: RFC 4067
• Candidate access router discovery protocol:
RFC 4068
• Network Mobility (NEMO) Basic Support
Protocol: RFC 3963
32