Mobile IP Technology and Applications

Stefan Raab

Madhavi W. Chandra, Ph.D.

Contributing Author: Kent Leung

Foreword by Fred Baker

Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA

X

Contents Foreword xvii Introduction xviii

Chapter 1 Mobile and Wireless Technologies 3 Mobility 4 Wireless Technology 4 Challenges of Communications Mobility 5

Location Discovery 6 Move Detection 7 Update Signaling 7 Path (Re)establishment 8

Full Mobility and the OSI Protocol Stack 8

Mobility at Layer 2 9 Mobility at Layers 4-7 9 Mobility at Layer 3 9 Combining Mobility Protocols 10

The Case for Mobile IP 10 Summary 11 Review Questions 11

Chapter 2 Understanding Mobile IP 13 Mobile IP: The Elevator Pitch 13

Mobile IP Is a Dynamic Routing Protocol... 15 ...Where End Devices Signal Their Own Routing Updates... 15 .. .and Dynamic Tunnels Eliminate the Need for Host Route Propagation 16

Mobile IP: Components 18 Mobile Node 18

Home Network and Home Address 19 Home Agent 21 Care-of Address 21

Colocated Care-of Address 21 Foreign Agent Care-of Address 22

Foreign Agent 22 Correspondent Node 22

Mobile IP Protocol Concepts 22 Mobile IP Agent Discovery 24

Location Discovery 28 Move Detection and Mobile IP Handover Policy 28

Steady-State Algorithm 29

xi

New Network Algorithm 30 Link-State Triggers 31

Mobile IP Handover 33 Mobile IP Registration 34

Identification 36 Services 37

Service Fields and Bits 37 Broadcast Support 38 Simultaneous Bindings 39

Authentication 41 Relevant Address Fields 42 Registration Reply Codes 45 Registration Delivery 46

Mobile IP Handover Other Than Returning Home 47 Mobile IP Handover Returning Home 48

Mobile IP Example 49 Tunneling 50

Encapsulation 51 Triangle Routing 51

Summary 53 Review Questions 53

Chapter 3 Mobile IP Security 57 Protocol Authentication Extensions 58

Security Associations 59 SPI 61 Algorithm and Mode 61 Key 62 Replay Protection Methods 62

Timestamp Replay Protection 63 Nonces Replay Protection 64

Mobile Node and Foreign Agent Authentication and Challenge Mechanism 64 FA Challenge 65 MN-AAA Authentication 67

Dynamic Keying 69 Standards-Based Dynamic Keying 69 Cisco Dynamic Security Association and Key Distribution 70

Session Index Extension 71 Security Association Setup Extension 71 Domain Extension 71

xii

Challenge Extension 71 Authentication Response Extension 72 Configuration Extensions 72

Location Privacy 72 Summary 73

Review Questions 73

Chapter 4 IOS Mobile IP in the Lab 77 Building the Baseline Topology 77

Intermediate System Configuration 79 Correspondent Node Configuration 79 Home Agent Configuration 80

Physical Home Network Configuration 80 Virtual Home Network Configuration 81 Mobile Host Configuration 81 Security Association Configuration 82 Home Agent Final Configuration 83

Foreign Agent Configuration 83 Mobile Node Configuration 85

Operation and Evaluation/Troubleshooting 86 Home Agent 87 Mobile Node 88 FA 89

Examining the Routing Table 90 Alternative Topologies 91

Single-Router Topology 91 Other Options for Single-Router Topology 92

Summary 92 Review Questions 93

Chapter 5 Campus Mobility: Client-Based Mobile IP 95 Campus Mobility Model 95 Storing Security Associations in AAA 96

RADIUS 100 TACACS+ 101

Cisco Zero Configuration Client 102 Home Agent Redundancy 104

Configuration Commands 107

Active-Standby Home Agent Configuration 108 Peer-Peer Home Agent Configuration 110

When to Use Peer-Peer Home Agent Redundancy 115

XIII

Summary 115 Review Questions 116

Chapter 6 Metro Mobility: Client-Based Mobile IP 119 Metro Mobility Model 119 Reverse Tunneling 120

Reverse-Tunnel Delivery Style 122 Reverse-Tunnel Signaling 123 Reverse-Tunnel Configuration 124

Tunnel Path MTU 125 Impact of Network Address Translation 126

NAT Traversal UDP Tunneling 127 NAT on the Home Agent 128 Mobile IP NAT Configuration 128

Configuration on the Home Agent 128 Configuration on the FA 129

VPN Integration 129

IPSec and Mobile IP 130 Mobile IP over IPSec over Mobile IP 132

Resource Revocation 133 Resource Revocation Overview 134 Revocation Support Extension and Messages 135 Registration Revocation Example 136

Registration Revocation Configuration 138 Bringing It All Together Through an Example 138

Evaluating the Metro Mobility Example 140 Summary 141

Review Questions 142

Chapter 7 Metro Mobility: Cisco Mobile Networks 145 Mobile Router 147

Mobile Networks (Static or Dynamic) 147 Configuration of Mobile Router and Its Mobile Networks 150 Mobile Router Service on an Interface 151 Mobile Router Interface-Level Configuration 153 Agent Selection and Mobile IP Registration 154 Routing to and from the Mobile Router 156

Home Agent Enhancements 157 Home Agent Configuration for Network Mobility 159 Priority Home Agent Assignment 160

xiv

Foreign Agent Details 161 Agent Discovery—Tuning IRDP Options 161 Local Routing to Mobile Networks 162 Configuration for Local Routing to Mobile Networks 164

Mobile Router Redundancy 165 Asymmetric Links 166

Configuration Needed for Asymmetric Links 167 Example of Asymmetric Link Behavior 168

Colocated Care-of Address Support 170 Static Colocated Care-of Address 170 Dynamic Colocated Care-of Address 171 Behavior Using Colocated Care-of Addresses 172 Configuration Examples Using Colocated Care-of Addresses 173

Example One: Mobile Networks with Static Colocated Care-of Address Only 173 Example Two: Mobile Networks with Dynamic CCoA 173 Example Three: Mobile Networks with Dynamic CCoA Only 174

Quality of Service 174 IPSec and the Mobile Router 176 Summary 179 Review Questions 179

Chapter 8 Deployment Scalability and Management 183 Management of the Mobile Nodes Home Address 183

Virtual Networks 184 Static Home Addressing Without NAI 186 Dynamic Home Address Assignment 186

Fixed Addressing on the Command-Line Interface (CLI) 187 Local Pool Address Assignment 188 DHCP-Based Address Assignment 189

AAA 190 AAA Address Assignment 190 AAA-Based Local Pool Selection 190 AAA-Assigned DHCP Server 191

Static Home Addressing with NAI 192 Local Authorization of Static Home Addresses 192 AAA Authorization of Static Home Addresses 193

Scaling Issues 194 Building a Call Model 194 Number of Nodes 195 Frequency of Mobility 196

XV

Chapter 9

Appendix A Appendix В Index 283

Amount of Data Traffic 196 Number of Tunnels 197 An Example Call Model 197

Network Management 198 RFC 2006 Management Information Base (MIB) 199 Cisco Enterprise MIB 199 Objects Matching the Call Model 199 System Log Messages 200

Common Troubleshooting Issues 200 Path MTU Discovery 200 Reverse Path Forwarding Checks 201 Tunnel Transit 202 Security Association Incompatibilities 202

Summary 203 Review Questions 203

A Look Ahead 207 Mobile IP and Public Access Networks 207

Public Wireless LAN 208 Cdma2000 Technology 209 GSM Technology 213 FLASH-OFDM Technology 215

Cisco SWAN and Mobile IP 217 AAA-Based Dynamic Key Generation 220 Mobile IPv6 221

Protocol Operation 221 Route Optimization (Return Routability) in Mobile IPv6 Mobile IPv6 Messaging 224

Differences Between Mobile IPv4 and Mobile IPv6 229 Transition to Mobile IPv6 233 Lessons Learned 233

Network Access Identifier 234 Authentication Option 234 Bootstrap 236 Hierarchical Mobile IPv6 (HMIPv6) 238 Fast Mobile IP 240

MANET 242 References 246 Review Questions 247 Answers to Review Questions 249 IOS Mobile IP: Supported SNMP MIBs 275

223