Chapter 6

Mobile IP
 Introduction
• Mobile IP is a communication protocol that allows
the users to move from one network to another with
the same IP address.
• It ensures that the communication will continue
without the user’s sessions or connections being
dropped.
• In simple words, Mobile IP is an IETF (Internet
Engineering Task Force) standard communications
protocol that allows users of mobile devices (such as
laptops, PDAs, mobile phones, and so on) to move
from one network to another network while keeping
their permanent IP (Internet Protocol) address.
 Mobile IP
• Routing
– based on IP destination address, network prefix (e.g. 129.13.42)
determines physical subnet
– change of physical subnet implies change of IP address to have
a topological correct address (standard IP) or needs special
entries in the routing tables
• Specific routes to end-systems?
– change of all routing table entries to forward packets to the right
destination
– does not scale with the number of mobile hosts and frequent
changes in the location, security problems
• Changing the IP-address?
– adjust the host IP address depending on the current location
– almost impossible to find a mobile system, DNS updates take to
long time
– TCP connections break, security problems
 Requirements for Mobile IP
Compatibility :- support of the same layer 2 protocols as IP
- no changes to current end-systems and routers required
- mobile end-systems can communicate with fixed systems
Transparency
- mobile end-systems keep their IP address
- continuation of communication after interruption of link
possible
-point of connection to the fixed network can be changed
-Scalability and Efficiency
- only little additional messages to the mobile system required
(connection - typically via a low bandwidth radio link)
- world-wide support of a large number of mobile systems in the
whole Internet
Security :- authentication of all registration messages
 Terminology
• Mobile Node (MN):-
• The Mobile Node is a device or a user or a
router that can frequently change their network
positions without changing its original IP
address.
• Examples of mobile nodes are cell phone,
personal digital assistant (PDA), laptop, etc.
whose software enables network roaming
capabilities.
• Home Agent (HA) :-system in the home
network of the MN, typically a router
– registers the location of the MN, tunnels IP
datagrams to the COA
 Cont..
• Foreign Agent (FA) :-system in the current foreign
network of the MN, typically a router
– forwards the tunneled datagrams to the MN,
typically also the default router for the MN
• Care-of Address (COA) :
 address of the current tunnel end-point for the
MN (at FA or MN)
 actual location of the MN from an IP point of
view
• Correspondent Node (CN)
– The partner nodes which are used for
communication with mobile nodes are called
corresponding nodes.
Mobile IP example network
IP Packet Delivery
 Network integration

• Agent Advertisement
– HA and FA periodically send advertisement messages into their physical
subnets
– MN listens to these messages and detects, if it is in the home or a
foreign network (standard case for home network)
– MN reads a COA from the FA advertisement messages
• Registration (always limited lifetime!)
– MN signals COA to the HA via the FA, HA acknowledges via FA to MN
– these actions have to be secured by authentication
• Advertisement
– HA advertises the IP address of the MN (as for fixed systems), i.e.
standard routing information
– routers adjust their entries, these are stable for a longer time (HA
responsible for a MN over a longer period of time)
– packets to the MN are sent to the HA,
– independent of changes in COA/FA
Agent Discovery: Agents advertise their
presence by periodically broadcasting their
agent advertisement messages. The mobile
node receiving the agent advertisement
messages observes whether the message is
from its own home agent and determines
whether it is in the home network or foreign
network.
• Agent Registration: Mobile node after
discovering the foreign agent sends a
registration request (RREQ) to the foreign
agent.
• The foreign agent, in turn, sends the
registration request to the home agent with
the care-of-address.
• The home agent sends a registration reply
(RREP) to the foreign agent. Then it forwards
the registration reply to the mobile node and
completes the process of registration.
• Tunneling: It establishes a virtual pipe for the
packets available between a tunnel entry and
an endpoint.
• It is the process of sending a packet via a
tunnel and it is achieved by a mechanism
called encapsulation.
• It takes place to forward an IP datagram from
the home agent to the care-of-address.
• Whenever the home agent receives a packet
from the correspondent node, it encapsulates
the packet with source address as home
address and destination as care-of-address.
Registration
Tunneling and encapsulation
 IP-in-IP encapsulation
Encapsulation of one packet into another as payload.
Encapsulation marks where a packet, or unit of data, begins
and ends. The beginning part of a packet is called the header,
and the end of a packet is called the trailer. The data between
the header and trailer is sometimes referred to as the payload.
e.g. IPv6 in IPv4 (6Bone), Multicast in Unicast (Mbone)
here: e.g. IP-in-IP-encapsulation, minimal encapsulation or GRE (Generic
Record Encapsulation)
IP-in-IP-encapsulation (mandatory, RFC 2003)
tunnel between HA and COA
 Optimization of packet forwarding
• Problem: Triangular Routing
– sender sends all packets via HA to MN
– higher latency and network load
• “Solutions”
– sender learns the current location of MN
– direct tunneling to this location
– HA informs a sender about the location of MN
– big security problems!
• Change of FA
– packets on-the-fly during the change can be lost
– new FA informs old FA to avoid packet loss, old FA now forwards
remaining packets to new FA
– this information also enables the old FA to release resources for
the MN
DHCP: Dynamic Host Configuration Protocol
• Application
– simplification of installation and maintenance of networked
computers
– supplies systems with all necessary information, such as IP
address, DNS server address, domain name, subnet mask,
default router etc.
– enables automatic integration of systems into an Intranet or the
Internet, can be used to acquire a COA for Mobile IP
• Client/Server-Model
– the client sends via a MAC broadcast a request to the DHCP
server (might be via a DHCP relay)
 DHCP characteristics

• Server
– several servers can be configured for DHCP,
coordination not yet standardized (i.e., manual
configuration)
• Renewal of configurations
– IP addresses have to be requested periodically,
simplified protocol
• Options
– available for routers, subnet mask, NTP (network time
protocol) timeserver, SLP (service location protocol)
directory, DNS (domain name system)
 Mobile Ad hoc Networks

• Standard Mobile IP needs an infrastructure

– Home Agent/Foreign Agent in the fixed network

– DNS, routing etc. are not designed for mobility

• Sometimes there is no infrastructure!

– remote areas, ad-hoc meetings, disaster areas

– cost can also be an argument against an infrastructure!

• Main topic: routing

– no default router available

– every node should be able to forward

MANETs and mobile IP
 Example ad-hoc network

Highly dynamic network topology

•Device mobility plus varying channel quality
•Separation and merging of networks possible
•Asymmetric connections possible
 Traditional routing algorithms
• Distance Vector
– periodic exchange of messages with all physical
neighbors that contain information about who can be
reached at what distance
– selection of the shortest path if several paths available
• Link State
– periodic notification of all routers about the current
state of all physical links
– router get a complete picture of the network
• Example :-ARPA packet radio network ( Advanced
Research Projects Agency 1973)
– every 7.5s exchange of routing tables including link
quality
– updating of tables also by reception of packets
– routing problems solved with limited flooding
 Routing in ad-hoc networks
• THE big topic in many research projects
– The most simplest one: Flooding!
– Flooding is used in computer networking routing
algorithms where each incoming packet is transmitted
through every outgoing link, except for the one on which it
arrived.
• Reasons: Classical approaches from fixed networks fail
• Very slow convergence, large overhead
– High dynamicity, low bandwidth, low computing
power
• Metrics for routing
– Minimal :Number of nodes, loss rate, delay, congestion,
interference …
– Maximal :Stability of the logical network, battery run-time,
time of connectivity
 Problems of traditional routing algorithms

• Dynamic nature of the topology

– frequent changes of connections, connection
quality, participants
• Limited performance of mobile systems
– periodic updates of routing tables need energy
without contributing to the transmission of user
data, sleep modes difficult to realize
– limited bandwidth of the system is reduced even
more due to the exchange of routing information
– links can be asymmetric, i.e., they can have a
direction dependent transmission quality
 Dynamic source routing
• Split routing into discovering a path and
maintaining a path
• Route Discover
– only if a path for sending packets to a certain
destination is needed and no path is currently
available
• Route Maintenance
– only while the path is in use one has to make sure
that it can be used continuously
• No periodic updates needed!
 Dynamic source routing
• Path discovery
– broadcast a packet with destination address and unique ID
– if a station receives a broadcast packet
• if the station is the receiver (i.e., has the correct destination address)
then return the packet to the sender (path was collected in the packet)
• if the packet has already been received earlier (identified via ID) then
discard the packet
• otherwise, append own address and broadcast packet
– sender receives packet with the current path (address list)
• Optimizations
– limit broadcasting if maximum diameter of the network is
known
– caching of address lists (i.e. paths) with help of passing packets
• stations can use the cached information for path discovery (own paths or
paths for other hosts)
 group assignment (10 %)
Discus the following topics: (Wireless network
security )
 Introduction to wireless security
 Examining wireless LAN vulnerabilities
 Understanding WLAN security models
 Securing wireless transmission using VPN
 Wireless security policies
The end of
the course!!!