cisco mobility application
TRANSCRIPT
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 1/81
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 2/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 2
Agenda
Introduction to IP Mobility
Mobile IP Technology
Cisco Mobile IP Applications
Summary and References
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 3/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 3
“Mobility” in the Context
The First Impression?
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 4/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 4
“Mobility” in the Context
Nomadic
Portability
Roaming
Common RelatedBuzz WordsIn the Context…
Where? Location
What? Type
How? Movement
The First Impression?
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 5/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 5
Mobility in the IP Networking World
Applications
Services
Internet
EnablesContinuous
Application and
Service Accessover IP Networks
Regardless ofLocation, Type of
Devices, andMovement
IP Networks
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 6/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 6
Layer 2 Mobility
Movement within aLayer 3 boundary
IP address doesnot change
Application continuityis maintained
An example is Inter-Access Point Protocol(IAPP) defined in IEEE
Radio
DeviceLayer 3
DeviceLayer 2
Device
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 7/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 7
Radio
Device
Layer 2
Device
Layer 3 Mobility
Movement acrossLayer 3 boundaries
“IP address”is changed
Application continuityis maintained even
if it is across a Layer3 boundary
Examples are
LWAPP in WLAN
GTP in GPRS
Mobile IP in 1xRTT
LWAPP: Lightweight Access Point Protocol
GTP: GPRS Tunneling Protocol
1xRTT: One Time Radio Transmission Technology
Layer 3
Device
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 8/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 8
Multi-Access Mobility
Movement acrossdifferent types of
access networks
“IP address” is changed
Application continuityis maintained even a
Layer 3 boundary andan access networkare across
Examples are
Mobile IP defined inIETF standard
Vendor proprietaryprotocols
Layer 3
Device
Ethernet
Cellular Wireless
Data Access
(i.e. UMTS, EVDO)
802.11
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 9/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 9
IP Mobility in Our Context
L3 Mobility + Multi-Access Mobility
Design to Fit?
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 10/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 10
Mobile Wireless Service FrameworkMobile Wireless Service
Functional Layers
Mobile Device
Wireless
IP Networks
Application,Service, Content
CDMA, GSM,
W-CDMA, OFDM
802.11a/b/g
4.9GSatellite
Bluetooth
ZigBee
(IP Mobility)
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 11/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 11
Why Has IP Mobility Been Used
in the Framework?
Extend coverage
Enhance usability andeffectiveness
Enable new servicesand applications
Wider is perceived better, but…
Cost for perfection
Bandwidth vs. coverage
Use IP Mobility to leveragemulti-access and multi-IPnetworks to create one virtual
large network
Muni-WiFiHotspot 3G
Extending Coverage
Can Be Simple
IP Mobility
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 12/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 12
Why Has IP Mobility Been Used
in the Framework?
Extend coverage
Enhance usability andeffectiveness
Enable new servicesand applications
Always-on and uninterruptednetwork and application
operations
Hidden network complexityfrom users
Better user and customer
satisfaction
vlanN vlanN+1
Ethernet WLAN
FileTransfer
Cellular Wireless Data
Networks
Home
WLAN
Public
Hotspot
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 13/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 13
Oil Company
Why Has IP Mobility Been Used
in the Framework?
Extend coverage
Enhance usability andeffectiveness
Enable new servicesand applications
Seamless Internet roaming
Secure mobile VPN access
Remote mobile office
Push software updates
Dispatch call and data
Fleet management
Video surveillance
Internet access for passenger Utility Workers
KnowledgeWorkers
Public Safety
Transportation
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 14/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 14
Mobile IP An IP Mobility
Technology
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 15/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 15
Mobile IP Concept: The Problems
R2
R3
R1
R4
R6
5.5.5.0/24
5.5.5.1
3.3.3.1
IPCP
5.5.5.1
Assume the IPAddress IsUnchanged
IPCP a New Local
IP Address
Problem 1:
Network Continuesto Route Traffic to R1Which Is Dropped
Problem 2:
TCP/IP Points to 5.5.5.1
TCPIP 5.5.5.1
App
When Going
Unwired…
5.5.5.0/24 R1
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 16/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 16
R5
5.5.5.1
Mobile IP Concept: The Basics
Introduce the concept of“mobile node gateway”
which keeps track of
where a mobile node isGateway
5.5.5.1/24 R3
5.5.5.1 R2
R1
5.5.5.0/24
5.5.5.1
To Reach 5.5.5.1, Go to R1
To Reach 5.5.5.1, Go to R1
5.5.5.1
R3
R4
R6
R2
A fixed IP address is used by themobile node to communicate
with any correspondent node
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 17/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 17
R5
R3
R4
R6
R2
Mobile IP Concept: Protocol
Operation Requirements
How does the gateway—Home Agent—get the
new location of themobile device?
Gateway
5.5.5.1/24 R3
5.5.5.0/24 R1
5.5.5.0/24 R1
5.5.5.0/24 R1
5.5.5.1/24 R2
How do the systemsknow a movementhas occurred and what the new pointof attachment is?
R1
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 18/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 18
Mobile IP Protocol Components
Movement
Detectionand
Location
Discovery
Location Info
Propagation
Data Path
Update
Conceptual Level
Location
DatabaseUpdate and
Tunnel
Creation
Agent
Discovery
Registration
Process
Software Components
Control Signaling Data Plane
Hardware Components
(Optional)
Foreign Agent
Home Agent(the Gateway)
Mobile Node (MN)(Device with Mobile IPClient Software)
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 19/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 19
Mobile IPProtocol Details
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 20/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 20
Movement Detection and
Location Discovery
RegistrationProcess
Location DatabaseUpdate and
TunnelEstablishment
Topology DataPropagation
TopologyEstablishment
Move Detectionand
Location Discovery
AgentDiscovery
Control Signaling
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 21/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 21
Movement Detection and Location
Discovery Overview
Performed by the mobile node with assistance from networks
Foreign Agent sends out a signal message including thelocation information
Mobile node evaluates the message to detect its movementand discover its location
Mobile node can send a signal message to seek a foreign agent
FASignal Message (Location)
Mobile Node
a) Discover theLocation
b) Determine If
It Moves
Known as Agent Advertisement
Signal Message (FA Exist?)
Known as Agent Solicitation
MN
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 22/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 22
Agent Advertisements Message Format
What?
An ICMP packet withMobility Agent extension
Who?
Used by home agent
and foreign agent
Determined by Flags
When?
Periodically sent
Or response asolicitation from MN
Mobility Agent
Extensions
ICMP
Header
IP
Header
Type (16) Lifetime FlagsCare of
Address…. ….
Type (19) PrefixLength
….
DA224.0.0.1
255.255.255.255
Type 9 Lifetime…. Router
Address
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 23/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 23
“How” Does Movement Detection Work?
Lifetime Expiration(in ICMP Header)
If not receiving anotheradvertisement from theannounced window, MNthinks it has moved
Prefix Length Extension
If this FA is on a differentsubnet, we must have moved
Not Equal
Movement Detected
Example:
Mobility Agent
Extensions
ICMP
Header
IP
Header
Type (16) Lifetime FlagsCare of
Address…. ….
Type (19) PrefixLength
….
DA224.0.0.1
255.255.255.255
Type 9 Lifetime…. Router
Address
2.2.3.0242.2.3.1New
2.2.2.0242.2.2.1Existing
SubnetPrefixRouter
Addr
Agent
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 24/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 24
“How” Does Location Discover Work?
Care-of-Address (CoA)
Any address on a FA (the first hop router or known as anaccess router)
CoA
AgentAdvertisement
FA HA
CoAMN
NHDest
MN
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 25/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 25
“How” Does Location Discover Work?
Care-of-Address (CoA)
Any address on a FA (the first hop router or known as anaccess router)
What if there is no FA?
Collocated Care-of-Address (CCoA)
Commonly the IP address acquired via DHCP or IPCPby a mobile node
Agent
Solicitation
Router HA
CCoAMN
NHDest
MN
DHCP
No response. I’ll use theDHCP address as CoA
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 26/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 26
What Is Significant?
Agent Discovery can influence roaming time
Fast detection =fast roaming
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 26
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 27/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 27
What Is Significant? (Cont.)
Adjust Agent Advertisement timer?
Fast vs. chatty
Proactive approach
Trigger Agent Solicitation when an interface is up
When there is no agent at all, DHCP/IPCP operationsbecome an important roaming time factor
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 28/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 28
Topology Information Propagation
Location DatabaseUpdate and
TunnelEstablishment
TopologyEstablishment
Move Detectionand
Location Discovery
AgentDiscovery
Control Signaling
RegistrationProcess
Topology DataPropagation
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 29/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 29
Registration Process Overview
Reporting MN’s location to HA
Occurring periodically or after the movementis detected
Involving MN, FA, and HA
Used for deregistration purposes—reporting MNleaving the Mobile IP networks
Accomplished through Registration Request Message(RRQ) and Registration Reply Message (RRP)
FA HA
MN Registration
RRQ
RRP
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 30/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 30
Registration Request Message
Who is the mobile node?
Where is a mobile node’s location? Where to send the registration message?
How long is the registration valid?
How to ensure the MN is an authorized user?
Answers the Following Questions
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 31/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 31
RRQ Message FormatIP
Header
UDP Header
(Dest. 434)Registration Message
Foreign-Home
Authentication
Mobile-Foreign
AuthenticationHome Address
Lifetime
Identification
Care-of-Address
Home Agent
Address
Type
Flags (SBDMGV)
Mobile-HomeAuthentication
Extension
Optional
Extensions
Required Fields
Option Fields
ie:
NAI
Extension
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 32/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 32
Home Address and Home Network
Home NetworkNetworks attached to aHome Agent
Can be a physical orlogical interface
Logical is usually easierto use
Cisco IOS® Softwarelogical networks arecalled “virtual networks”
Home Address An IP address on the homenetwork allocated to aMobile Node
Used for all communication
192.168.1.0/24
Home Address of MN:192.168.1.20
Home Agent192.168.1.20
Home Network
MNMNFA
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 33/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 33
Home Address (HoA) vs.
Care-of-Address (CoA)
Home Agent
MNCN
FA
I am talking toa host with the
IP addressequal to homeaddress (HoA)
I am forwardinga mobile node’shome address
(HoA) to itscurrent Care-of-Address (CoA) Care-of-Address
(CoA)
Home Address(HoA)
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 34/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 34
Another Method to Identify a
Mobile Node
Network AccessIdentifier (NAI)
Save IP addresses
a user name appendedas an extension inregistration message
Formation is either“user” or “user@realm”
A home address still
needs to be allocatedto a mobile nodewhen requested
Home
Agent
RRQ:NAI
RRP:Home
Address
(HoA)
MN
Home AddressNAI
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 35/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 35
Home
Agent
RRQ
RRQ
MN
How Long Is the RRQ Valid?
Lifetime:
Maximum amount of time
a mobile node will bekept active
RRQ is periodically sent
Can be used to validate thepath to a home agent
Fast vs. performance
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 36/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 36
Secure Authentication Review
Security Association (SA)
Is a set of security parameters used to sign a message
Hash algorithms
Key size
Replay protection
Security Parameter Index (SPI)Is a numeric identifier for the SA
Allows multiple SAs to be configured between two devicesto support multiple sessions
Key Management
Manual key distribution
Public Key Infrastructure (PKI)
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 37/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 37
Mobile IP Registration Authentication Mobile IP authentication
can occur between anytwo Mobile IP components
The mandatory one isbetween the mobile nodeand home agent—knownas MHAE
Foreign-Home
Authentication
Mobile-Foreign
Authentication
Mobile-Home
AuthenticationExtension
IPHeader
UDP Header(Dest. 434)
Registration Message
Required Fields
Option Fields
Manual DistributionKeyManagement
Timestamp and NonceReplayProtection
128-bitKey
HMAC-MD5; Keyed-MD5 Algorithm
SA and Key ManagementUsed by Mobile IP
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 38/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 38
Registration Authentication
MHAE, Example
Selects SAUsing SPI 100
Secret Registration Message
HMAC-MD5
MessageDigest
Completed RRQ
Home
Agent
Same Approach as MN toConstruct the Message Digest
Compare Message Digests
Equal and Timestamp <Accepted Interval
Timestamp
Authenticated
Selects SAUsing MNHome Addressand SPI 100
All Prior ExtensionsType, Length, SPI Fields
MN
TimestampReplayProtection
SecretKey
HMAC-MD5 Algorithm
SPI 100
TimestampReplayProtection
SecretKey
HMAC-MD5 Algorithm
MN 10.1.1.1/SPI 100
Authentication Is Built-in,
in the Mobile IP Protocol,but Data Encryption Is Not
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 39/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 39
Registration Reply (RRP) Generated by HA to ACK the
acceptance or rejection of theregistration (RRQ)
Packet format is similar toRRQ with an additional“code” field
The code filed is particular
useful to indicate whaterrors may be
Reply codes range: 0 to 2550–8: Success
64–127: Error from the
Foreign Agent128–192: Error from theHome Agent
192–255: Unallocated
129—Administratively ProhibitedDenied by an access list
130—Insufficient ResourcesCould not assign a Home Address
131—Mobile Node Failed Authentication
Mismatched keys or SPI
133—Registration IdentificationMismatch
Clocks out of sync; shouldretry automatically
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 40/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 40
Registration Messages Review
© 2007 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 40
What is used torepresent the
current location?
How to identify an MN?
What is the destinationof the registrationmessages?
How long is theregistration valid?
How can the network
ensure that the MN isan authorized user?
How to response thesuccess of registrationmessage?
CoA or CCoA
Home address or “NAI”
Home Agent address
RFP Message
Security Association
Lifetime
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 41/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 41
Topology Establishment
Move Detectionand
Location Discovery
AgentDiscovery
Control Signaling
RegistrationProcess
Topology DataPropagation
Location DatabaseUpdate and
TunnelEstablishment
TopologyEstablishment
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 42/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 42
Topology Establishment
Location database update
Contains CoA (the current point of attachment) of a MN
Similar to a routing protocol’s topology table
The tables are known as “binding table” on a home agent and“visitor table” on a foreign agent in Cisco IOS Software
Tunnel creationA logical interface to forward traffic to and from a mobile node
Can be an IPinIP, GRE, or UDP tunnel or referring to as aMobile IP tunnel in the Mobile IP context
FA HA
MN Mobile IP Tunnel
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 43/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 43
Reverse Tunneling
Reverse Tunneling—Traffic is sent from the MN to theHA via the tunnel, then delivered via routing
Ingress filtering and uRPF will drop packets that havetopologically incorrect source address
MobileNode
HomeAgent
ForeignAgent
CorrespondentHost
COA
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 44/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 44
Topology Establishment Example
HA
Eth0CoATunnelMN HoA
NHDest
Eth0
WLANFAFA*
NHDest
FAWLAN
WLANMN
NHDest
T1
MN HoA
Src
Tunnel
NH
T1HA
HA FA MN
Home Address
(HoA)
Data Data Data
Data Data Data
Src (HA)Dest (CoA)
Src (CoA)
Dest (HA)
MN
HA Address CoA
Mobile IP Tunnel
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 45/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 45
Mobile IP Protocol Summary
Move Detectionand
Location Discovery
AgentDiscovery
Control Signaling
RegistrationProcess
Topology DataPropagation
Location DatabaseUpdate andTunnel
Establishment
TopologyEstablishment
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 46/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 46
Cisco Mobile IPImplementations
and Key Features
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 47/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 47
Cisco Mobile IP Technology IETF RFC 3344 and 3GPP2 compliant
General availability since January 1999 Cisco platforms and software for Home Agent and
Foreign Agent functions are
3rd party standard compliant Mobile IP clients can beused with the Cisco Home Agent and Foreign Agent
IETF RFC 3344and 3GPP2
SX ImageCisco 7200, MWAM
IETF RFC 3344T Train with IP VoiceFeature Set or Above
Cisco 1800, 2800, 3800,7200, 7300, 7400
IETF RFC 3344T Train with IP Plus
Feature Set or AboveCisco 1700,
2600XM, 3700
Standard ComplianceSoftwareHardware
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 48/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 48
AAA DHCP
Adding Mobile IP Adding mobile IP is as
simple as adding an HA
or enabling the HA onan existing router
… and installing client
software Mobile IP can run in
co-located Care-of-Address mode
MN
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 49/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 49
Home Agent Configurations
radius-server host 10.82.70.12 key
itsasecretRADIUS Server
ip mobile home-agent
ip mobile host nai @example address pool
dhcp-proxy-client
dhcp-server 10.82.70.10 interface
FastEthernet0/0 aaa load-sa!
Enable HA andIdentify Clients
Allowed to Roam
router mobile
!
Enable Mobile
IP Process
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255. 0
!Home Network
aaa new-model
aaa authorization ipmobile default group
radius
!
AAA
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 50/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 50
Turning on the FA The FA needs be enabled
on edge routers if used
FA is only minimaloverhead
Reverse tunneling may
not be needed insidean enterprise network
AAA DHCP
MN
FA
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 51/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 51
FA Configuration
ip mobile foreign-agent care-of Loopback0/0Enable theForeign Agent
router mobile
!Enable MobileIP Process
interface FastEthernet0/1
ip address 192.168.101.1 255.255.255.0
ip irdp
ip mobile foreign-service
ip mobile prefix-length!
Foreign Interface
interface Loopback0
ip address 192.168.250.1 255.255.255.255
!
COA Interface
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 52/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 52
Cisco Mobile IPKey Features YouHave Most Likely
Encountered
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 53/81
RFC 3519
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 54/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 54
NAPT Traversal Detection Outbound registration sets
up the NAT translation
Home Agent detects thatsource of registration isnot the same as CoA
If RRQ contains UDPtunneling extension, theHA enables UDP tunneling
MN can force UDPtunneling for firewalltraversal
SRC: 10.2.2.20COA: 10.1.1.10
SRC: 4.3.2.10COA: 10.1.1.10
Translation10.1.1.10:55234.3.2.10:7178NATNAT
PrivateNetwork
Internet
RR Q
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 55/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 55
Cisco Stateful Home Agent Redundancy Uses Cisco HSRP to detect the
failure within seconds
The redundant Home Agent is in
the “standby” mode
The redundant Home Agentcontains real-time mobile user’sservice context
The redundant Home Agent isparticipating in the network routingand can forward traffic if needed
Service Context
Recovery
Enterprises
Failure
Detection
System
Initialization
Part
Replacement
Network
Converge
Resume
Service
Active HomeAgent
RedundantHome Agent
H S RP
Derived from Enterprise Costs: Infonetics Research, September 2000
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 56/81
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 57/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 57
Mobile IPv6 Protocol RFC 3775
Similar to the Mobile IPv4 concept
A home agent keeps track of the mobile node’s location
Including location discovery, movement detection, registration,and topology establishment
Different from the Mobile IPv4
No Foreign Agent
Traffic can be sent directly between two communicating nodes
A driver for IPv6
Location Discovery:
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 58/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 58
A Host Builds a Link-
Local Address, then Its
Global IPv6 Address(es)
from the RA
RA (Subnet Prefix)
yIPv6 Host Address Auto-Configuration
Stateless (RFC 2462)
Host autonomously configures
its own Link-Local address
Router Solicitation (RS)are sent by booting nodesto request Router
Advertisement (RA)
Stateful (DHCPv6)(RFC 3315)
The acquired address is theCoA—represents the pointof attachment
SUBNET PREFIX +MAC ADDRESS
SUBNET PREFIX +
MAC ADDRESSSubnet Prefix +MAC Address
SUBNET PREFIX +
MAC ADDRESS
SUBNET PREFIX +MAC ADDRESSSubnet Prefix +
MAC Address
Stateless
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 59/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 59
Movement Detection
Informs Home Agent of a new pointof attachment
How?
Slightly complicated, but conceptually…
When a new prefix has appeared and thecurrent default router has disappeared
Fast detection is possible
msec vs. sec for Router Advertisement interval
Can also be done using link layer—up/down
RA:Old Prefix
RA:New Prefix
OldRouter
NewRouter
Stateless Host AddressAuto Configuration
Dynamic Home Agent Address
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 60/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 60
Discovery (DHAAD)
A mechanism to find an active home agent in the home link
MN still needs to configure the home link address
But not the specific home agent address—Anycast address
Useful if an existing home agent router needs to be replaced
Mobile nodes away from home can automatically use thenew home agent
Provides a failover protection
A non-stateful approach
RFC 3775
HA1 HA2
Anycast Address
Home Link
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 61/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 61
Mobility Header
NextHeader
Hdr ExtLength
Message Data
MH TypeReserved
Checksum
IPv6 Protocol Extensions for Mobile IPv6
Previous
Header
Next Header
Home Address
Next
Header
Hdr Ext
Length
Option
Type
OptionLength
Destination Header Next Header = 60
Example
Alternate Care-of-Address Option
Defined for Mobile IPv6registration and bindingcreation
Various types and
option extensions
RFC 3775 for details
IPv6 basicHeader
= 135
Binding Refresh
Request0
Binding Acknowledge
6
Binding Update5
MessageMHValue
R i i
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 62/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 62
Registration
Two important messages youshould know
Binding Update (BU) and Binding Acknowledge (BA)
Encapsulation vs. optionextensions
Care-of-AddressTypically derived from the sourceIP address of the header
Optionally stored in the“alternative care of address” field
Home address
Stored in Destination Optionheader of IPv6
Mobile IPv4 Comparison
RRQ and RRP
UDP (434) encapsulation
RFC 3775
Care of address
A field inside of RRQ
Home address
A field inside of RRQ
T 2 R ti H d
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 63/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 63
Type 2 Routing Header
A new routing header variant
Allows a packet to be routed directly from a CN to an MN CoA
CoA is inserted in the IPv6 Destination Address field (from CN)
MN swaps the Home Address in the routing header with the
destination address in the IP header (normal IPv6 process)
Next Header Hdr Ext Length
Home Address
Routing Type = 2 Segments Left = 1
IPv6 Basic Header Next Header = 43
Routing Header
Routing Header
Reserved
Put All Together:M bil IP 6 R i t ti
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 64/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 64
(New Home
Agent
Information
Option)
RA
Mobile IPv6 RegistrationMobile
Node
Access
Router
Home
Agent 1
Home
Agent 2
Correspondent
Node
RS
RA
DHAAD Request
Acquired IP Address
on the Visit Network
(Used as Care-of-Addr)
DHAAD Reply
Use the First
HA AddressBinding Update (BU)
Binding Ack (BA)
Create
Binding
CacheCreate HA Cache
Use HA
Anycast Address
Redistribute
Mobile Networks
(Home Agent List)
Core
Bi-Directional Tunnel
Data Packets Data PacketsIPinIP
M bil IP 6 P d t A il bilit
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 65/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 65
Mobile IPv6 Product Availability
Cisco Mobile IPv6 Home Agent available inCisco IOS Software Release 12.3(14)T
RFC 3755 compliance
Does not support IPsec yet
Mobile IPv6 client
Microsoft Tech preview for Windows XP and 2000
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 66/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 66
Cisco MobileIP ApplicationsMobile Networks
Host Mobility vs Group Mobility
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 67/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 67
Host Mobility vs. Group Mobility
Host Mobility Group Mobility
I can go anywhereI want! Free ride! Savesus lots of energy!
Network Mobility
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 68/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 68
Network Mobility
Capability to enable IPmobility for a groupof hosts
Also known as “MobileNetworks” in Cisco
The network or subnet
where the group of hostsconnected to is referringto as “mobile network”
The router where themobile network isconnected to is referringto as “mobile router”
MobileNetwork
Mobile Router
Mobile Networks Solution Concept
ANIMATION
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 69/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 69
Mobile Networks Solution Concept
Based on the sameconcept as theMobile IP
Home Agent as thegateway to routetraffic destined toa mobile network
Foreign agentis optional
Useful for fastroaming, performance,and managementimprovement
Mobile Router (MR)is similar to a mobilenode but with a networkconnecting to it
Home Agent
(HA)
Mobile Network HA
MobileNetwork
Mobile Network HA
MobileNetwork
R1 (FA)
Mobile Router
More Details
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 70/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 70
More Details…
Basic Mobile IP Concept
For traffic destined
to a mobile router,it is routed as usual
Home Agent(HA)
FACoA
MRHome Address Router 1
Int FE0
Int. FE0Router 1CoA
TunnelBlue
CoAMR Home Address
Out Int.Next HopDestination
More Details (Cont )
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 71/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 71
MR Home AddressMobile Network
Int. FE0Router 1CoA
Tunnel BlueCoAMR Home Address
Out Int.Next HopDestination
More Details… (Cont.)
If I know how to reach amobile router, then I cansimply forward the mobile
network associated withthe mobile router to thatmobile router
Home Agent(HA)
FACoA
Router 1
Int FE0
MRHome Address
Tunnel Green
MobileNetwork
Connection Management on CiscoMobile Router
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 72/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 72
Mobile Router
Multiple links are likelyequipped by a mobile router
Select the “best” link to
establish a Mobile IP tunnel
3G: UMTS,EVDO
ProprietaryWireless Link
802.11bWiFi
Mobile
Router
11Mbps
~500kbps
9.6kbps
Selection Algorithm
Priority can be configured on
mobile router interfaces(default 100)
MR prefers to register withhigher priority interface
If priority is equal, the interface
with the higher bandwidthis preferred
If priority and bandwidth areequal, then the interface
with the higher IP addressis preferred
Cisco Mobile Networks
Cisco Network Mobility forIPv4 Is Available Since2001
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 73/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 73
Cisco Mobile Networks
Cisco home agent and foreign agent
The same home agent routers and the foreign agent routers
running Cisco IOS Software Release 12.2T or later for themobile nodes can be used for the mobile networks
Cisco mobile routers
Available in the Cisco IOS Software Release 12.2T or later Support Cisco Home Agent Redundancy and NAT
traversal features
Cisco Mobile Networks for IPv6Implementation is based on IETF RFC3963—NEMO
Test image is available
Cisco Mobile Access Router 3200
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 74/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 74
Cisco Mobile Access Router 3200
A specialrugged router
Equipped with 802.11 wireless cards
Connecting toan external
wireless modemthrough aserial interface
In-Vehicle Configuration WAN WirelessNetworks
SMIC
FESMIC
WMIC
MARC
WMIC
P C I
B u s
802.11
Cellular/OtherWireless
SatCom
In-Vehicle Wireless/Wired LAN(s)
Modem/Radio
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 75/81
Summary
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 76/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 76
Summary
IP Mobility is a keyfunctionality for mobile
wireless networking
Mobile IP, a IP Mobilityprotocol, enables seamlessmulti-access roaming
Move Detectionand
Location Discovery
Agent Discovery
Control Signaling
RegistrationProcess
Topology DataPropagation
Location DatabaseUpdate and
TunnelEstablishment
TopologyEstablishment
CDMA, GSM,
W-CDMA, OFDM
802.11a/b/g
4.9GSatellite
Bluetooth
ZigBee
Summary (Cont.)
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 77/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 77
y ( )
Components to construct aMobile IP network
Cisco Mobile Networks enablesmobility for an entire subnet
MobileNetwork
Mobile Router
Home Agent(HA)
ForeignAgent (FA)
(Optional)
Mobile Node(MN)
Reference Materials
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 78/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 78
Cisco Mobile IP on CCO
Collateral: http://www.cisco.com/go/mobile_ip
Feature Navigator: http://www.cisco.com/go/fn
Mobile IP Client
Birdstep: http://www.birdstep.com
IPunplugged: http://www.ipunplugged.com
IETF Standards
http://www.mip4.org
http://www.ietf.org/html.charters/mip4-charter.html
Recommended Reading
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 79/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 79
g
Mobile IP Technology and Applications,ISBN: 1-58705-132-X
802.11 Wireless LAN Fundamentals[1-58705-077-3]
Wireless Networks First-Step[1-58720-111-9] available August 2004
Deploying License-Free WirelessWide-Area Networks [1-58705-069-2]
802.11 Wireless Network Site Surveyingand Installation [1-58705-164-8]
available September 2004
Available On-Site at the Cisco Company Store
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 80/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 80
Q and A
8/18/2019 Cisco Mobility Application
http://slidepdf.com/reader/full/cisco-mobility-application 81/81
© 2007 Cisco Systems, Inc. All rights reserved.Presentation_ID 81