1. Introduction
This document specifies a protocol which allows nodes to remain
reachable while moving around in the IPv6 Internet. Without specific
support for mobility in IPv6 [11], packets destined to a mobile node
would not be able to reach it while the mobile node is away from its
home link. In order to continue communication in spite of its
movement, a mobile node could change its IP address each time it
moves to a new link, but the mobile node would then not be able to
maintain transport and higher-layer connections when it changes
location. Mobility support in IPv6 is particularly important, as
mobile computers are likely to account for a majority or at least a
substantial fraction of the population of the Internet during the
lifetime of IPv6.
The protocol defined in this document, known as Mobile IPv6, allows a
mobile node to move from one link to another without changing the
mobile node's "home address". Packets may be routed to the mobile
node using this address regardless of the mobile node's current point
of attachment to the Internet. The mobile node may also continue to
communicate with other nodes (stationary or mobile) after moving to a
new link. The movement of a mobile node away from its home link is
thus transparent to transport and higher-layer protocols and
applications.
The Mobile IPv6 protocol is just as suitable for mobility across
homogeneous media as for mobility across heterogeneous media. For
example, Mobile IPv6 facilitates node movement from one Ethernet
segment to another as well as it facilitates node movement from an
Ethernet segment to a wireless LAN cell, with the mobile node's IP
address remaining unchanged in spite of such movement.
One can think of the Mobile IPv6 protocol as solving the network-
layer mobility management problem. Some mobility management
applications -- for example, handover among wireless transceivers,
each of which covers only a very small geographic area -- have been
solved using link-layer techniques. For example, in many current
wireless LAN products, link-layer mobility mechanisms allow a
"handover" of a mobile node from one cell to another, re-establishing
link-layer connectivity to the node in each new location.
Mobile IPv6 does not attempt to solve all general problems related to
the use of mobile computers or wireless networks. In particular,
this protocol does not attempt to solve:
o Handling links with unidirectional connectivity or partial
reachability, such as the hidden terminal problem where a host is
hidden from only some of the routers on the link.
o Access control on a link being visited by a mobile node.
o Local or hierarchical forms of mobility management (similar to
many current link-layer mobility management solutions).
o Assistance for adaptive applications.
o Mobile routers.
o Service Discovery.
o Distinguishing between packets lost due to bit errors vs. network
congestion.
2. Comparison with Mobile IP for IPv4
The design of Mobile IP support in IPv6 (Mobile IPv6) benefits both
from the experiences gained from the development of Mobile IP support
in IPv4 (Mobile IPv4) [22, 23, 24], and from the opportunities
provided by IPv6. Mobile IPv6 thus shares many features with Mobile
IPv4, but is integrated into IPv6 and offers many other improvements.
This section summarizes the major differences between Mobile IPv4 and
Mobile IPv6:
o There is no need to deploy special routers as "foreign agents", as
in Mobile IPv4. Mobile IPv6 operates in any location without any
special support required from the local router.
o Support for route optimization is a fundamental part of the
protocol, rather than a nonstandard set of extensions.
o Mobile IPv6 route optimization can operate securely even without
pre-arranged security associations. It is expected that route
optimization can be deployed on a global scale between all mobile
nodes and correspondent nodes.
o Support is also integrated into Mobile IPv6 for allowing route
optimization to coexist efficiently with routers that perform
"ingress filtering" [26].
o The IPv6 Neighbor Unreachability Detection assures symmetric
reachability between the mobile node and its default router in the
current location.
o Most packets sent to a mobile node while away from home in Mobile
IPv6 are sent using an IPv6 routing header rather than IP
encapsulation, reducing the amount of resulting overhead compared
to Mobile IPv4.
o Mobile IPv6 is decoupled from any particular link layer, as it
uses IPv6 Neighbor Discovery [12] instead of ARP. This also
improves the robustness of the protocol.
o The use of IPv6 encapsulation (and the routing header) removes the
need in Mobile IPv6 to manage "tunnel soft state".
o The dynamic home agent address discovery mechanism in Mobile IPv6
returns a single reply to the mobile node. The directed broadcast
approach used in IPv4 returns separate replies from each home
agent.
3. Terminology
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC 2119 [2].
3.1. General Terms
IP
Internet Protocol Version 6 (IPv6).
node
A device that implements IP.
router
A node that forwards IP packets not explicitly addressed to
itself.
unicast routable address
An identifier for a single interface such that a packet sent to it
from another IPv6 subnet is delivered to the interface identified
by that address. Accordingly, a unicast routable address must
have either a global or site-local scope (but not link-local).
host
Any node that is not a router.
link
A communication facility or medium over which nodes can
communicate at the link layer, such as an Ethernet (simple or
bridged). A link is the layer immediately below IP.
interface
A node's attachment to a link.
subnet prefix
A bit string that consists of some number of initial bits of an IP
address.
interface identifier
A number used to identify a node's interface on a link. The
interface identifier is the remaining low-order bits in the node's
IP address after the subnet prefix.
link-layer address
A link-layer identifier for an interface, such as IEEE 802
addresses on Ethernet links.
packet
An IP header plus payload.
security association
An IPsec security association is a cooperative relationship formed
by the sharing of cryptographic keying material and associated
context. Security associations are simplex. That is, two
security associations are needed to protect bidirectional traffic
between two nodes, one for each direction.
security policy database
A database that specifies what security services are to be offered
to IP packets and in what fashion.
destination option
Destination options are carried by the IPv6 Destination Options
extension header. Destination options include optional
information that need be examined only by the IPv6 node given as
the destination address in the IPv6 header, not by routers in
between. Mobile IPv6 defines one new destination option, the Home
Address destination option (see Section 6.3).
routing header
A routing header may be present as an IPv6 header extension, and
indicates that the payload has to be delivered to a destination
IPv6 address in some way that is different from what would be
carried out by standard Internet routing. In this document, use
of the term "routing header" typically refers to use of a type 2
routing header, as specified in Section 6.4.
"" (concatenation)
Some formulas in this specification use the symbol "" to indicate
bytewise concatenation, as in A B. This concatenation requires
that all of the octets of the datum A appear first in the result,
followed by all of the octets of the datum B.
First (size, input)
Some formulas in this specification use a functional form "First
(size, input)" to indicate truncation of the "input" data so that
only the first "size" bits remain to be used.
3.2. Mobile IPv6 Terms
home address
A unicast routable address assigned to a mobile node, used as the
permanent address of the mobile node. This address is within the
mobile node's home link. Standard IP routing mechanisms will
deliver packets destined for a mobile node's home address to its
home link. Mobile nodes can have multiple home addresses, for
instance when there are multiple home prefixes on the home link.
home subnet prefix
The IP subnet prefix corresponding to a mobile node's home
address.
home link
The link on which a mobile node's home subnet prefix is defined.
mobile node
A node that can change its point of attachment from one link to
another, while still being reachable via its home address.
movement
A change in a mobile node's point of attachment to the Internet
such that it is no longer connected to the same link as it was
previously. If a mobile node is not currently attached to its
home link, the mobile node is said to be "away from home".
L2 handover
A process by which the mobile node changes from one link-layer
connection to another. For example, a change of wireless access
point is an L2 handover.
L3 handover
Subsequent to an L2 handover, a mobile node detects a change in an
on-link subnet prefix that would require a change in the primary
care-of address. For example, a change of access router
subsequent to a change of wireless access point typically results
in an L3 handover.
correspondent node
A peer node with which a mobile node is communicating. The
correspondent node may be either mobile or stationary.
foreign subnet prefix
Any IP subnet prefix other than the mobile node's home subnet
prefix.
foreign link
Any link other than the mobile node's home link.
care-of address
A unicast routable address associated with a mobile node while
visiting a foreign link; the subnet prefix of this IP address is a
foreign subnet prefix. Among the multiple care-of addresses that
a mobile node may have at any given time (e.g., with different
subnet prefixes), the one registered with the mobile node's home
agent for a given home address is called its "primary" care-of
address.
home agent
A router on a mobile node's home link with which the mobile node
has registered its current care-of address. While the mobile node
is away from home, the home agent intercepts packets on the home
link destined to the mobile node's home address, encapsulates
them, and tunnels them to the mobile node's registered care-of
address.
binding
The association of the home address of a mobile node with a care-
of address for that mobile node, along with the remaining lifetime
of that association.
registration
The process during which a mobile node sends a Binding Update to
its home agent or a correspondent node, causing a binding for the
mobile node to be registered.
mobility message
A message containing a Mobility Header (see Section 6.1).
binding authorization
Correspondent registration needs to be authorized to allow the
recipient to believe that the sender has the right to specify a
new binding.
return routability procedure
The return routability procedure authorizes registrations by the
use of a cryptographic token exchange.
correspondent registration
A return routability procedure followed by a registration, run
between the mobile node and a correspondent node.
home registration
A registration between the mobile node and its home agent,
authorized by the use of IPsec.
nonce
Nonces are random numbers used internally by the correspondent
node in the creation of keygen tokens related to the return
routability procedure. The nonces are not specific to a mobile
node, and are kept secret within the correspondent node.
nonce index
A nonce index is used to indicate which nonces have been used when
creating keygen token values, without revealing the nonces
themselves.
cookie
A cookie is a random number used by a mobile node to prevent
spoofing by a bogus correspondent node in the return routability
procedure.
care-of init cookie
A cookie sent to the correspondent node in the Care-of Test Init
message, to be returned in the Care-of Test message.
home init cookie
A cookie sent to the correspondent node in the Home Test Init
message, to be returned in the Home Test message.
keygen token
A keygen token is a number supplied by a correspondent node in the
return routability procedure to enable the mobile node to compute
the necessary binding management key for authorizing a Binding
Update.
care-of keygen token
A keygen token sent by the correspondent node in the Care-of Test
message.
home keygen token
A keygen token sent by the correspondent node in the Home Test
message.
binding management key (Kbm)
A binding management key (Kbm) is a key used for authorizing a
binding cache management message (e.g., Binding Update or Binding
Acknowledgement). Return routability provides a way to create a
binding management key.
4. Overview of Mobile IPv6
4.1. Basic Operation
A mobile node is always expected to be addressable at its home
address, whether it is currently attached to its home link or is away
from home. The "home address" is an IP address assigned to the
mobile node within its home subnet prefix on its home link. While a
mobile node is at home, packets addressed to its home address are
routed to the mobile node's home link, using conventional Internet
routing mechanisms.
While a mobile node is attached to some foreign link away from home,
it is also addressable at one or more care-of addresses. A care-of
address is an IP address associated with a mobile node that has the
subnet prefix of a particular foreign link. The mobile node can
acquire its care-of address through conventional IPv6 mechanisms,
such as stateless or stateful auto-configuration. As long as the
mobile node stays in this location, packets addressed to this care-of
address will be routed to the mobile node. The mobile node may also
accept packets from several care-of addresses, such as when it is
moving but still reachable at the previous link.
The association between a mobile node's home address and care-of
address is known as a "binding" for the mobile node. While away from
home, a mobile node registers its primary care-of address with a
router on its home link, requesting this router to function as the
"home agent" for the mobile node. The mobile node performs this
binding registration by sending a "Binding Update" message to the
home agent. The home agent replies to the mobile node by returning a
"Binding Acknowledgement" message. The operation of the mobile node
is specified in Section 11, and the operation of the home agent is
specified in Section 10.
Any node communicating with a mobile node is referred to in this
document as a "correspondent node" of the mobile node, and may itself
be either a stationary node or a mobile node. Mobile nodes can
provide information about their current location to correspondent
nodes. This happens through the correspondent registration. As a
part of this procedure, a return routability test is performed in
order to authorize the establishment of the binding. The operation
of the correspondent node is specified in Section 9.
There are two possible modes for communications between the mobile
node and a correspondent node. The first mode, bidirectional
tunneling, does not require Mobile IPv6 support from the
correspondent node and is available even if the mobile node has not
registered its current binding with the correspondent node. Packets
from the correspondent node are routed to the home agent and then
tunneled to the mobile node. Packets to the correspondent node are
tunneled from the mobile node to the home agent ("reverse tunneled")
and then routed normally from the home network to the correspondent
node. In this mode, the home agent uses proxy Neighbor Discovery to
intercept any IPv6 packets addressed to the mobile node's home
address (or home addresses) on the home link. Each intercepted
packet is tunneled to the mobile node's primary care-of address.
This tunneling is performed using IPv6 encapsulation [15].
The second mode, "route optimization", requires the mobile node to
register its current binding at the correspondent node. Packets from
the correspondent node can be routed directly to the care-of address
of the mobile node. When sending a packet to any IPv6 destination,
the correspondent node checks its cached bindings for an entry for
the packet's destination address. If a cached binding for this
destination address is found, the node uses a new type of IPv6
routing header [11] (see Section 6.4) to route the packet to the
mobile node by way of the care-of address indicated in this binding.
Routing packets directly to the mobile node's care-of address allows
the shortest communications path to be used. It also eliminates
congestion at the mobile node's home agent and home link. In
addition, the impact of any possible failure of the home agent or
networks on the path to or from it is reduced.
When routing packets directly to the mobile node, the correspondent
node sets the Destination Address in the IPv6 header to the care-of
address of the mobile node. A new type of IPv6 routing header (see
Section 6.4) is also added to the packet to carry the desired home
address. Similarly, the mobile node sets the Source Address in the
packet's IPv6 header to its current care-of addresses. The mobile
node adds a new IPv6 "Home Address" destination option (see Section
6.3) to carry its home address. The inclusion of home addresses in
these packets makes the use of the care-of address transparent above
the network layer (e.g., at the transport layer).
Mobile IPv6 also provides support for multiple home agents, and a
limited support for the reconfiguration of the home network. In
these cases, the mobile node may not know the IP address of its own
home agent, and even the home subnet prefixes may change over time.
A mechanism, known as "dynamic home agent address discovery" allows a
mobile node to dynamically discover the IP address of a home agent on
its home link, even when the mobile node is away from home. Mobile
nodes can also learn new information about home subnet prefixes
through the "mobile prefix discovery" mechanism. These mechanisms
are described starting from Section 6.5.
4.2. New IPv6 Protocol
Mobile IPv6 defines a new IPv6 protocol, using the Mobility Header
(see Section 6.1). This Header is used to carry the following
messages:
Home Test Init
Home Test
Care-of Test Init
Care-of Test
These four messages are used to perform the return routability
procedure from the mobile node to a correspondent node. This
ensures authorization of subsequent Binding Updates, as described
in Section 5.2.5.
Binding Update
A Binding Update is used by a mobile node to notify a
correspondent node or the mobile node's home agent of its current
binding. The Binding Update sent to the mobile node's home agent
to register its primary care-of address is marked as a "home
registration".
Binding Acknowledgement
A Binding Acknowledgement is used to acknowledge receipt of a
Binding Update, if an acknowledgement was requested in the Binding
Update, the binding update was sent to a home agent, or an error
occurred.
Binding Refresh Request
A Binding Refresh Request is used by a correspondent node to
request a mobile node to re-establish its binding with the
correspondent node. This message is typically used when the
cached binding is in active use but the binding's lifetime is
close to expiration. The correspondent node may use, for
instance, recent traffic and open transport layer connections as
an indication of active use.
Binding Error
The Binding Error is used by the correspondent node to signal an
error related to mobility, such as an inappropriate attempt to use
the Home Address destination option without an existing binding.
4.3. New IPv6 Destination Option
Mobile IPv6 defines a new IPv6 destination option, the Home Address
destination option. This option is described in detail in Section
6.3.
4.4. New IPv6 ICMP Messages
Mobile IPv6 also introduces four new ICMP message types, two for use
in the dynamic home agent address discovery mechanism, and two for
renumbering and mobile configuration mechanisms. As described in
Section 10.5 and Section 11.4.1, the following two new ICMP message
types are used for home agent address discovery:
o Home Agent Address Discovery Request, described in Section 6.5.
o Home Agent Address Discovery Reply, described in Section 6.6.
The next two message types are used for network renumbering and
address configuration on the mobile node, as described in Section
10.6:
o Mobile Prefix Solicitation, described in Section 6.7.
o Mobile Prefix Advertisement, described in Section 6.8.
4.5. Conceptual Data Structure Terminology
This document describes the Mobile IPv6 protocol in terms of the
following conceptual data structures:
Binding Cache
A cache of bindings for other nodes. This cache is maintained by
home agents and correspondent nodes. The cache contains both
"correspondent registration" entries (see Section 9.1) and "home
registration" entries (see Section 10.1).
Binding Update List
This list is maintained by each mobile node. The list has an item
for every binding that the mobile node has or is trying to
establish with a specific other node. Both correspondent and home
registrations are included in this list. Entries from the list
are deleted as the lifetime of the binding expires. See Section
11.1.
Home Agents List
Home agents need to know which other home agents are on the same
link. This information is stored in the Home Agents List, as
described in more detail in Section 10.1. The list is used for
informing mobile nodes during dynamic home agent address
discovery.
4.6. Site-Local Addressability
This specification requires that home and care-of addresses MUST be
unicast routable addresses. Site-local addresses may be usable on
networks that are not connected to the Internet, but this
specification does not define when such usage is safe and when it is
not. Mobile nodes may not be aware of which site they are currently
in, it is hard to prevent accidental attachment to other sites, and
ambiguity of site-local addresses can cause problems if the home and
visited networks use the same addresses. Therefore, site-local
addresses SHOULD NOT be used as home or care-of addresses.
This document specifies a protocol which allows nodes to remain
reachable while moving around in the IPv6 Internet. Without specific
support for mobility in IPv6 [11], packets destined to a mobile node
would not be able to reach it while the mobile node is away from its
home link. In order to continue communication in spite of its
movement, a mobile node could change its IP address each time it
moves to a new link, but the mobile node would then not be able to
maintain transport and higher-layer connections when it changes
location. Mobility support in IPv6 is particularly important, as
mobile computers are likely to account for a majority or at least a
substantial fraction of the population of the Internet during the
lifetime of IPv6.
The protocol defined in this document, known as Mobile IPv6, allows a
mobile node to move from one link to another without changing the
mobile node's "home address". Packets may be routed to the mobile
node using this address regardless of the mobile node's current point
of attachment to the Internet. The mobile node may also continue to
communicate with other nodes (stationary or mobile) after moving to a
new link. The movement of a mobile node away from its home link is
thus transparent to transport and higher-layer protocols and
applications.
The Mobile IPv6 protocol is just as suitable for mobility across
homogeneous media as for mobility across heterogeneous media. For
example, Mobile IPv6 facilitates node movement from one Ethernet
segment to another as well as it facilitates node movement from an
Ethernet segment to a wireless LAN cell, with the mobile node's IP
address remaining unchanged in spite of such movement.
One can think of the Mobile IPv6 protocol as solving the network-
layer mobility management problem. Some mobility management
applications -- for example, handover among wireless transceivers,
each of which covers only a very small geographic area -- have been
solved using link-layer techniques. For example, in many current
wireless LAN products, link-layer mobility mechanisms allow a
"handover" of a mobile node from one cell to another, re-establishing
link-layer connectivity to the node in each new location.
Mobile IPv6 does not attempt to solve all general problems related to
the use of mobile computers or wireless networks. In particular,
this protocol does not attempt to solve:
o Handling links with unidirectional connectivity or partial
reachability, such as the hidden terminal problem where a host is
hidden from only some of the routers on the link.
o Access control on a link being visited by a mobile node.
o Local or hierarchical forms of mobility management (similar to
many current link-layer mobility management solutions).
o Assistance for adaptive applications.
o Mobile routers.
o Service Discovery.
o Distinguishing between packets lost due to bit errors vs. network
congestion.
2. Comparison with Mobile IP for IPv4
The design of Mobile IP support in IPv6 (Mobile IPv6) benefits both
from the experiences gained from the development of Mobile IP support
in IPv4 (Mobile IPv4) [22, 23, 24], and from the opportunities
provided by IPv6. Mobile IPv6 thus shares many features with Mobile
IPv4, but is integrated into IPv6 and offers many other improvements.
This section summarizes the major differences between Mobile IPv4 and
Mobile IPv6:
o There is no need to deploy special routers as "foreign agents", as
in Mobile IPv4. Mobile IPv6 operates in any location without any
special support required from the local router.
o Support for route optimization is a fundamental part of the
protocol, rather than a nonstandard set of extensions.
o Mobile IPv6 route optimization can operate securely even without
pre-arranged security associations. It is expected that route
optimization can be deployed on a global scale between all mobile
nodes and correspondent nodes.
o Support is also integrated into Mobile IPv6 for allowing route
optimization to coexist efficiently with routers that perform
"ingress filtering" [26].
o The IPv6 Neighbor Unreachability Detection assures symmetric
reachability between the mobile node and its default router in the
current location.
o Most packets sent to a mobile node while away from home in Mobile
IPv6 are sent using an IPv6 routing header rather than IP
encapsulation, reducing the amount of resulting overhead compared
to Mobile IPv4.
o Mobile IPv6 is decoupled from any particular link layer, as it
uses IPv6 Neighbor Discovery [12] instead of ARP. This also
improves the robustness of the protocol.
o The use of IPv6 encapsulation (and the routing header) removes the
need in Mobile IPv6 to manage "tunnel soft state".
o The dynamic home agent address discovery mechanism in Mobile IPv6
returns a single reply to the mobile node. The directed broadcast
approach used in IPv4 returns separate replies from each home
agent.
3. Terminology
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC 2119 [2].
3.1. General Terms
IP
Internet Protocol Version 6 (IPv6).
node
A device that implements IP.
router
A node that forwards IP packets not explicitly addressed to
itself.
unicast routable address
An identifier for a single interface such that a packet sent to it
from another IPv6 subnet is delivered to the interface identified
by that address. Accordingly, a unicast routable address must
have either a global or site-local scope (but not link-local).
host
Any node that is not a router.
link
A communication facility or medium over which nodes can
communicate at the link layer, such as an Ethernet (simple or
bridged). A link is the layer immediately below IP.
interface
A node's attachment to a link.
subnet prefix
A bit string that consists of some number of initial bits of an IP
address.
interface identifier
A number used to identify a node's interface on a link. The
interface identifier is the remaining low-order bits in the node's
IP address after the subnet prefix.
link-layer address
A link-layer identifier for an interface, such as IEEE 802
addresses on Ethernet links.
packet
An IP header plus payload.
security association
An IPsec security association is a cooperative relationship formed
by the sharing of cryptographic keying material and associated
context. Security associations are simplex. That is, two
security associations are needed to protect bidirectional traffic
between two nodes, one for each direction.
security policy database
A database that specifies what security services are to be offered
to IP packets and in what fashion.
destination option
Destination options are carried by the IPv6 Destination Options
extension header. Destination options include optional
information that need be examined only by the IPv6 node given as
the destination address in the IPv6 header, not by routers in
between. Mobile IPv6 defines one new destination option, the Home
Address destination option (see Section 6.3).
routing header
A routing header may be present as an IPv6 header extension, and
indicates that the payload has to be delivered to a destination
IPv6 address in some way that is different from what would be
carried out by standard Internet routing. In this document, use
of the term "routing header" typically refers to use of a type 2
routing header, as specified in Section 6.4.
"" (concatenation)
Some formulas in this specification use the symbol "" to indicate
bytewise concatenation, as in A B. This concatenation requires
that all of the octets of the datum A appear first in the result,
followed by all of the octets of the datum B.
First (size, input)
Some formulas in this specification use a functional form "First
(size, input)" to indicate truncation of the "input" data so that
only the first "size" bits remain to be used.
3.2. Mobile IPv6 Terms
home address
A unicast routable address assigned to a mobile node, used as the
permanent address of the mobile node. This address is within the
mobile node's home link. Standard IP routing mechanisms will
deliver packets destined for a mobile node's home address to its
home link. Mobile nodes can have multiple home addresses, for
instance when there are multiple home prefixes on the home link.
home subnet prefix
The IP subnet prefix corresponding to a mobile node's home
address.
home link
The link on which a mobile node's home subnet prefix is defined.
mobile node
A node that can change its point of attachment from one link to
another, while still being reachable via its home address.
movement
A change in a mobile node's point of attachment to the Internet
such that it is no longer connected to the same link as it was
previously. If a mobile node is not currently attached to its
home link, the mobile node is said to be "away from home".
L2 handover
A process by which the mobile node changes from one link-layer
connection to another. For example, a change of wireless access
point is an L2 handover.
L3 handover
Subsequent to an L2 handover, a mobile node detects a change in an
on-link subnet prefix that would require a change in the primary
care-of address. For example, a change of access router
subsequent to a change of wireless access point typically results
in an L3 handover.
correspondent node
A peer node with which a mobile node is communicating. The
correspondent node may be either mobile or stationary.
foreign subnet prefix
Any IP subnet prefix other than the mobile node's home subnet
prefix.
foreign link
Any link other than the mobile node's home link.
care-of address
A unicast routable address associated with a mobile node while
visiting a foreign link; the subnet prefix of this IP address is a
foreign subnet prefix. Among the multiple care-of addresses that
a mobile node may have at any given time (e.g., with different
subnet prefixes), the one registered with the mobile node's home
agent for a given home address is called its "primary" care-of
address.
home agent
A router on a mobile node's home link with which the mobile node
has registered its current care-of address. While the mobile node
is away from home, the home agent intercepts packets on the home
link destined to the mobile node's home address, encapsulates
them, and tunnels them to the mobile node's registered care-of
address.
binding
The association of the home address of a mobile node with a care-
of address for that mobile node, along with the remaining lifetime
of that association.
registration
The process during which a mobile node sends a Binding Update to
its home agent or a correspondent node, causing a binding for the
mobile node to be registered.
mobility message
A message containing a Mobility Header (see Section 6.1).
binding authorization
Correspondent registration needs to be authorized to allow the
recipient to believe that the sender has the right to specify a
new binding.
return routability procedure
The return routability procedure authorizes registrations by the
use of a cryptographic token exchange.
correspondent registration
A return routability procedure followed by a registration, run
between the mobile node and a correspondent node.
home registration
A registration between the mobile node and its home agent,
authorized by the use of IPsec.
nonce
Nonces are random numbers used internally by the correspondent
node in the creation of keygen tokens related to the return
routability procedure. The nonces are not specific to a mobile
node, and are kept secret within the correspondent node.
nonce index
A nonce index is used to indicate which nonces have been used when
creating keygen token values, without revealing the nonces
themselves.
cookie
A cookie is a random number used by a mobile node to prevent
spoofing by a bogus correspondent node in the return routability
procedure.
care-of init cookie
A cookie sent to the correspondent node in the Care-of Test Init
message, to be returned in the Care-of Test message.
home init cookie
A cookie sent to the correspondent node in the Home Test Init
message, to be returned in the Home Test message.
keygen token
A keygen token is a number supplied by a correspondent node in the
return routability procedure to enable the mobile node to compute
the necessary binding management key for authorizing a Binding
Update.
care-of keygen token
A keygen token sent by the correspondent node in the Care-of Test
message.
home keygen token
A keygen token sent by the correspondent node in the Home Test
message.
binding management key (Kbm)
A binding management key (Kbm) is a key used for authorizing a
binding cache management message (e.g., Binding Update or Binding
Acknowledgement). Return routability provides a way to create a
binding management key.
4. Overview of Mobile IPv6
4.1. Basic Operation
A mobile node is always expected to be addressable at its home
address, whether it is currently attached to its home link or is away
from home. The "home address" is an IP address assigned to the
mobile node within its home subnet prefix on its home link. While a
mobile node is at home, packets addressed to its home address are
routed to the mobile node's home link, using conventional Internet
routing mechanisms.
While a mobile node is attached to some foreign link away from home,
it is also addressable at one or more care-of addresses. A care-of
address is an IP address associated with a mobile node that has the
subnet prefix of a particular foreign link. The mobile node can
acquire its care-of address through conventional IPv6 mechanisms,
such as stateless or stateful auto-configuration. As long as the
mobile node stays in this location, packets addressed to this care-of
address will be routed to the mobile node. The mobile node may also
accept packets from several care-of addresses, such as when it is
moving but still reachable at the previous link.
The association between a mobile node's home address and care-of
address is known as a "binding" for the mobile node. While away from
home, a mobile node registers its primary care-of address with a
router on its home link, requesting this router to function as the
"home agent" for the mobile node. The mobile node performs this
binding registration by sending a "Binding Update" message to the
home agent. The home agent replies to the mobile node by returning a
"Binding Acknowledgement" message. The operation of the mobile node
is specified in Section 11, and the operation of the home agent is
specified in Section 10.
Any node communicating with a mobile node is referred to in this
document as a "correspondent node" of the mobile node, and may itself
be either a stationary node or a mobile node. Mobile nodes can
provide information about their current location to correspondent
nodes. This happens through the correspondent registration. As a
part of this procedure, a return routability test is performed in
order to authorize the establishment of the binding. The operation
of the correspondent node is specified in Section 9.
There are two possible modes for communications between the mobile
node and a correspondent node. The first mode, bidirectional
tunneling, does not require Mobile IPv6 support from the
correspondent node and is available even if the mobile node has not
registered its current binding with the correspondent node. Packets
from the correspondent node are routed to the home agent and then
tunneled to the mobile node. Packets to the correspondent node are
tunneled from the mobile node to the home agent ("reverse tunneled")
and then routed normally from the home network to the correspondent
node. In this mode, the home agent uses proxy Neighbor Discovery to
intercept any IPv6 packets addressed to the mobile node's home
address (or home addresses) on the home link. Each intercepted
packet is tunneled to the mobile node's primary care-of address.
This tunneling is performed using IPv6 encapsulation [15].
The second mode, "route optimization", requires the mobile node to
register its current binding at the correspondent node. Packets from
the correspondent node can be routed directly to the care-of address
of the mobile node. When sending a packet to any IPv6 destination,
the correspondent node checks its cached bindings for an entry for
the packet's destination address. If a cached binding for this
destination address is found, the node uses a new type of IPv6
routing header [11] (see Section 6.4) to route the packet to the
mobile node by way of the care-of address indicated in this binding.
Routing packets directly to the mobile node's care-of address allows
the shortest communications path to be used. It also eliminates
congestion at the mobile node's home agent and home link. In
addition, the impact of any possible failure of the home agent or
networks on the path to or from it is reduced.
When routing packets directly to the mobile node, the correspondent
node sets the Destination Address in the IPv6 header to the care-of
address of the mobile node. A new type of IPv6 routing header (see
Section 6.4) is also added to the packet to carry the desired home
address. Similarly, the mobile node sets the Source Address in the
packet's IPv6 header to its current care-of addresses. The mobile
node adds a new IPv6 "Home Address" destination option (see Section
6.3) to carry its home address. The inclusion of home addresses in
these packets makes the use of the care-of address transparent above
the network layer (e.g., at the transport layer).
Mobile IPv6 also provides support for multiple home agents, and a
limited support for the reconfiguration of the home network. In
these cases, the mobile node may not know the IP address of its own
home agent, and even the home subnet prefixes may change over time.
A mechanism, known as "dynamic home agent address discovery" allows a
mobile node to dynamically discover the IP address of a home agent on
its home link, even when the mobile node is away from home. Mobile
nodes can also learn new information about home subnet prefixes
through the "mobile prefix discovery" mechanism. These mechanisms
are described starting from Section 6.5.
4.2. New IPv6 Protocol
Mobile IPv6 defines a new IPv6 protocol, using the Mobility Header
(see Section 6.1). This Header is used to carry the following
messages:
Home Test Init
Home Test
Care-of Test Init
Care-of Test
These four messages are used to perform the return routability
procedure from the mobile node to a correspondent node. This
ensures authorization of subsequent Binding Updates, as described
in Section 5.2.5.
Binding Update
A Binding Update is used by a mobile node to notify a
correspondent node or the mobile node's home agent of its current
binding. The Binding Update sent to the mobile node's home agent
to register its primary care-of address is marked as a "home
registration".
Binding Acknowledgement
A Binding Acknowledgement is used to acknowledge receipt of a
Binding Update, if an acknowledgement was requested in the Binding
Update, the binding update was sent to a home agent, or an error
occurred.
Binding Refresh Request
A Binding Refresh Request is used by a correspondent node to
request a mobile node to re-establish its binding with the
correspondent node. This message is typically used when the
cached binding is in active use but the binding's lifetime is
close to expiration. The correspondent node may use, for
instance, recent traffic and open transport layer connections as
an indication of active use.
Binding Error
The Binding Error is used by the correspondent node to signal an
error related to mobility, such as an inappropriate attempt to use
the Home Address destination option without an existing binding.
4.3. New IPv6 Destination Option
Mobile IPv6 defines a new IPv6 destination option, the Home Address
destination option. This option is described in detail in Section
6.3.
4.4. New IPv6 ICMP Messages
Mobile IPv6 also introduces four new ICMP message types, two for use
in the dynamic home agent address discovery mechanism, and two for
renumbering and mobile configuration mechanisms. As described in
Section 10.5 and Section 11.4.1, the following two new ICMP message
types are used for home agent address discovery:
o Home Agent Address Discovery Request, described in Section 6.5.
o Home Agent Address Discovery Reply, described in Section 6.6.
The next two message types are used for network renumbering and
address configuration on the mobile node, as described in Section
10.6:
o Mobile Prefix Solicitation, described in Section 6.7.
o Mobile Prefix Advertisement, described in Section 6.8.
4.5. Conceptual Data Structure Terminology
This document describes the Mobile IPv6 protocol in terms of the
following conceptual data structures:
Binding Cache
A cache of bindings for other nodes. This cache is maintained by
home agents and correspondent nodes. The cache contains both
"correspondent registration" entries (see Section 9.1) and "home
registration" entries (see Section 10.1).
Binding Update List
This list is maintained by each mobile node. The list has an item
for every binding that the mobile node has or is trying to
establish with a specific other node. Both correspondent and home
registrations are included in this list. Entries from the list
are deleted as the lifetime of the binding expires. See Section
11.1.
Home Agents List
Home agents need to know which other home agents are on the same
link. This information is stored in the Home Agents List, as
described in more detail in Section 10.1. The list is used for
informing mobile nodes during dynamic home agent address
discovery.
4.6. Site-Local Addressability
This specification requires that home and care-of addresses MUST be
unicast routable addresses. Site-local addresses may be usable on
networks that are not connected to the Internet, but this
specification does not define when such usage is safe and when it is
not. Mobile nodes may not be aware of which site they are currently
in, it is hard to prevent accidental attachment to other sites, and
ambiguity of site-local addresses can cause problems if the home and
visited networks use the same addresses. Therefore, site-local
addresses SHOULD NOT be used as home or care-of addresses.
No comments:
Post a Comment