Mobile IPv6 Tutorial Mobile IPv6 Tutorial

Karim El Malki Karim El Malki

Core Unit Core Network Development Core Unit Core Network Development

Ericsson AB

Ericsson AB

Outline

u Mobile IPv6 overview

u Mobile IPv6 improvements

u Mobile IPv6 Applications

Router A Router B

Router C

Why IP mobility?

Host 1

Address 1: PREFIX_B: HOST_ID

Host2

WLAN 1

WLAN 2

Router A Router B

Router C

Why IP mobility?

Host2

Address 2: PREFIX_C: HOST_ID

Host 1

Address 1: PREFIX_B: HOST_ID

WLAN 1

WLAN 2

Home Network

Foreign Network Foreign

Network

Mobile Node (MN) Correspondent

Node (CN)

Home Agent

IP Network IP Network

BA (Binding

Ack )

BU (Binding Update) IPv6 Data

MIPv6 messages

Mobile IPv6 – Routing through HA

Access Router

Reverse Tunnelling

Home Network

Foreign Network Foreign

Network

Mobile Node (MN) Correspondent

Node (CN)

Home Agent

BA (Binding Ack.) BU (Binding Update)

Routing through HA eliminated IPv6 Data

Mobile IPv6 – Route Optimisation

MIPv6 BU/BA

Securing Route optimisation signalling

• Why do we need to secure it?

– The BU orders the receiver to send traffic to a different IP address (e.g. Packets intended for address X should be sent to Y)

– Attackers can:

• Direct a MN’s traffic to themselves (steal traffic)

• Direct a MN’s traffic somewhere else (Bombing attacks)

• Deny a MN from communicating with other nodes (DoS attacks).

• More attacks are possible.

MN_A (victim) CN

Bad Guy Send

MN_A traffic to Bad Guy

MN_A (victim) CN

Bad Guy Send Bad

Guy’s traffic to

MN_A

Bad Guy bombs

MN_A Bad Guy

steals MN_A’s

traffic

Securing Route optimisation signalling…cont

• What type of security is needed?

– The CN needs to determine whether the MN has the right to send the BU – To do this the MN must prove that it owns both Home Address and Care-

of Address

– Encryption is not required, no confidential information.

• Is a proof of identity enough?

– Proof that a user is Person@ericsson.com does not mean that Person owns home address X or CoA Y.

– Certificate including Home Address could be used but can be complex to set up in practice (i.e. who gives out these special certificates, global PKI)

MIPv6 security – Return Routability

Mobile Node (MN)

Home Agent

Correspondent Node (CN) Inititate Test for

HoA and CoA Test for HoA and

CoA

BU, authenticated with keys exchanged during

test

• Localised Mobility Management (LMM)

• Fast handovers

• Granularity of movement:

• Flow movement

• Network mobility

Current and future Mobile IPv6 optimisations

Why are “Fast” & “Local” Mobility important?

•• Fast Handoffs: Anticipates Mobile IP messaging (before L2 movement)Fast Handoffs

•• Local Mobility: Reduces Mobile to Home network roundtrip delayLocal Mobility

•• Local Mobility: Reduces number of messages (radio transm. efficiency)Local Mobility

Home Network

Home Agent

Mobile Node (MN) Correspondent

Node (CN)

Mobile IP:

lReacts AFTER L2 movement lIntroduces a period of service disruption after L2 movement until signalling is complete

lPerformance depends on MIP Registration time and MN-HA distance

Foreign Network Access Router

Mobile IP Handover performance

• Real-time services are sensitive to Mobile IP delays

• Mobile IP delays DO affect non-real-time services

• Results would be worse if we considered Route Optimisation RR tests

2.8e+06 2.85e+06 2.9e+06 2.95e+06 3e+06 3072756 3.1e+06 3.15e+06 3.2e+06 3.25e+06 3.3e+06 3.35e+06 3.4e+06

4 5.23

5.43

5.83 6.53 7 8.0

9 10 11.43 12 13 14 15

Time (in Seconds)

Packet Sequence Numbers

MIP handoff completed

Packet dropped by the Path MTU discovery mechanism

Slow start period 3rd timeout

0.8 sec 1st timeout

0.2 sec

2nd timeout 0.4 sec

4th timeout 1.6 sec MIP handoff

started

8.23 3.05e+06

5th timeout 3.2 sec

From ” Performance Evaluation of TCP over Mobile IP, PIMRC 1999, Fikouras, El Malki et al.

Local Mobility using Mobile IPv6

Home Network

Access Network A

Mobile Node (MN) Correspondent

Node (CN)

Home Agent

Access Network B AR

AR

Correspondent Node (CN) Correspondent

Node (CN)

HMIPv6:

l draft-ietf-mobileip-hmipv6-08 l Local HA

l MN acquires 2 addresses:

LCoA and RCoA

l Reduce MIPv6 signalling load l Improve Handoff delay

Fast Handoffs Overview

Mobile Node (MN)

Old AR New AR

1. Proxy Router Solicitation

2. Proxy Router Advertisement

3. Fast Binding Update/

Ack

A. Handoff Initiate (HI)

B. Handoff Acknowledge (HAck)

L2 Trigger (source)

L2 Trigger (mobile) Mobile Movement

• Detect Movement in Anticipation -> Update Old AR (before L2 mov.)

• Traffic is then forwarded from Old AR to New AR (non-optimal)

• The MN must then also update HA and CNs (for optimal routing)

• ”Bicasting” can improve performance

Flow movement

Home Network

Access technology A

Mobile Node (MN) Correspondent

Node (CN)

Home Agent

Access Technology B AR

Correspondent Node (CN)

AR

Internet

WLAN

Cellular

Where can we find mobile nets: Cars, PANs,

Trains, Buses, multi-access technologies ..etc

Mobile IPv6 in current wireless systems

• Why is it needed?

• Session continuity

• Access independence

• Reachability => Permanent Public IP addresses

• The role of Mobile IP in current wireless systems:

WCDMA

GSM CDMA WLAN/Other

Mobile IP GPRS CN

(GTP) RAN

Core Network IP Network

CDMA2000 (MIP-based)

Thank You!

Thank You!