Solution Approach

Download Report

Transcript Solution Approach 

An End-to-End Approach
to Host Mobility
MobiCom ’00
Alex C. Snoeren and Hari Balakrishnan
MIT Lab. For Computer Science
Presenter: SangJeong Lee (3/18)
Problem

Supporting Host Mobility

Mobile? (mid ‘90s ~)




Addressing
Locating a mobile host
Seamless connection
Existing Solution

Network level approach


Application level approach


Mobile IP: pure routing solution, transparent to upper layers, triangle
routing, weak to ingress filtering, permanent home address
Proxy approach, client part
Transport level approach


MSOCKS: redirection using split-connection proxy at transport layer
The paper’s work
Solution Approach

Solution Approach

Addressing



Locating a mobile host




Manual, DHCP, or auto-configuration protocol
Don’t care
No third-party agents
DNS lookup
Secure DNS update
Seamless connection

End-to-end approach


No third-party agents
TCP connection migration

Add TCP migration option
Solution Approach (Cont.)

Security Issues

Denial of service


Connection hijacking



Replayed Migrate SYNs  Ignore duplicate Migrate SYNs
Bogus Migrate SYNs  New Migrate-Permitted option after
handovers
Key security


Migrate request (SYN): validation check with pre-computable token
(1/264)
ECDH
IPSec


Security associations (SAs) and security policy database (SPD) are
on IP-address basis
Beyond the scope of the paper
Strong Points

End-to-End Approach

No third-party participants

Routing optimization




Performance
Avoid ingress filtering due to DOS attack
Not consider IP address as an identity of a host, just an attachment
point
Transport Approach



More deployable than Mobile IP
Deployed as TCP option  Backward compatible
Application is aware of handovers  optimization
Weak Points

Deployment Issues




Changes to transport protocol
Address caching generally
Proxies and NATS  Secure?
Simultaneous Moves

Primarily targeting infrastructure-based


Not ad-hoc network topology
No Performance Comparison

Not experiment, but prototyping

Just proving that it behaves well
New Ideas

Simultaneous Moves

Fast Handover



Issuing three DUP-ACKs immediately after migration
Different bandwidths of before- and after-migration
Deployment

Effective way


Mobile IP, Multicast, Active Network, …
Backward compatibility
Mobile IP Overview
Sender
Home Agent
Foreign Agent
Tunnel
Home Address
Handoff
Mobile Host
Care-of Address
TCP Connection Migration
TCP Migrate-Permitted Option
TCP Migrate Option
MIGRATE_WAIT State