Unit II

Download as pdf or txt
Download as pdf or txt
You are on page 1of 23

Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Mobile IP
The IP addresses are designed to work with stationary hosts because part of the address
defines the network to which the host is attached. A host cannot change its IP address without
terminating on-going sessions and restarting them after it acquires a new address. Other link
layer mobility solutions exist but are not sufficient enough for the global Internet.
Mobility is the ability of a node to change its point-of-attachment while maintaining all
existing communications and using the same IP address.
Nomadicity allows a node to move but it must terminate all existing communications and
then can initiate new connections with a new address.
Mobile IP is a network layer solution for homogenous and heterogeneous mobility on the
global Internet which is scalable, robust, secure and which allows nodes to maintain all ongoing
communications while moving.

Design Goals:
Mobile IP was developed as a means for transparently dealing with problems of mobile
users. Mobile IP was designed to make the size and the frequency of required routing updates as
small as possible. It was designed to make it simple to implement mobile node software. It was
designed to avoid solutions that require mobile nodes to use multiple addresses.

Requirements:
There are several requirements for Mobile IP to make it as a standard. Some of them are:
1. Compatibility: The whole architecture of internet is very huge and a new standard cannot
introduce changes to the applications or network protocols already in use. Mobile IP is to be
integrated into the existing operating systems. Also, for routers also it may be possible to
enhance its capabilities to support mobility instead of changing the routers which is highly
impossible. Mobile IP must not require special media or MAC/LLC protocols, so it must use the
same interfaces and mechanisms to access the lower layers as IP does. Finally, end-systems
enhanced with a mobile IP implementation should still be able to communicate with fixed
systems without mobile IP.
2. Transparency: Mobility remains invisible for many higher layer protocols and applications.
Higher layers continue to work even if the mobile computer has changed its point of attachment
to the network and even notice a lower bandwidth and some interruption in the service. As many
of today’s applications have not been designed to use in mobile environments, the effects of
mobility will be higher delay and lower bandwidth.
3. Scalability and efficiency: The efficiency of the network should not be affected even if a new
mechanism is introduced into the internet. Enhancing IP for mobility must not generate many
new messages flooding the whole network. Special care is necessary to be taken considering the
lower bandwidth of wireless links. Many mobile systems have a wireless link to an attachment
point. Therefore, only some additional packets must be necessary between a mobile system and a
node in the network. It is indispensable for a mobile IP to be scalable over a large number of
participants in the whole internet, throughout the world.
4. Security: Mobility possesses many security problems. A minimum requirement is the
authentication of all messages related to the management of mobile IP. It must be sure for the IP
layer if it forwards a packet to a mobile host that this host really is the receiver of the packet. The
IP layer can only guarantee that the IP address of the receiver is correct. There is no way to
prevent faked IP addresses and other attacks.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 1
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

The goal of a mobile IP can be summarized as: ‘supporting end-system mobility while
maintaining scalability, efficiency, and compatibility in all respects with existing applications
and Internet protocols’.

Entities and terminology


The following defines several entities and terms needed to understand mobile IP as
defined in RFC 3344.
Mobile Node (MN):
A mobile node is an end-system or router that can change its point of attachment to the
internet using mobile IP. The MN keeps its IP address and can continuously communicate with
any other system in the internet as long as link-layer connectivity is given. Examples are laptop,
mobile phone, router on an aircraft etc.
Correspondent node (CN):
At least one partner is needed for communication. In the following the CN represents this
partner for the MN. The CN can be a fixed or mobile node.
Home network:
The home network is the subnet the MN belongs to with respect to its IP address. No
mobile IP support is needed within the home network.
Foreign network:
The foreign network is the current subnet the MN visits and which is not the home
network.

Foreign agent (FA):


The FA can provide several services to the MN during its visit to the foreign network.
The FA can have the COA, acting as tunnel endpoint and forwarding packets to the MN. The FA
can be the default router for the MN. FAs can also provide security services because they belong
to the foreign network as opposed to the MN which is only visiting. FA is implemented on a
router for the subnet the MN attaches to.
Care-of address (COA):
The COA defines the current location of the MN from an IP point of view. All IP packets
sent to the MN are delivered to the COA, not directly to the IP address of the MN. Packet
delivery toward the MN is done using a tunnel, i.e., the COA marks the tunnel endpoint, i.e., the

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 2
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

address where packets exit the tunnel. There are two different possibilities for the location of the
COA:
Foreign agent COA:
The COA could be located at the FA, i.e., the COA is an IP address of the FA. The FA is
the tunnel end-point and forwards packets to the MN. Many MN using the FA can share this
COA as common COA.
Co-located COA:
The COA is co-located if the MN temporarily acquired an additional IP address which
acts as COA. This address is now topologically correct, and the tunnel endpoint is at the MN.
Co-located addresses can be acquired using services such as DHCP.

Home agent (HA):


The HA provides several services for the MN and is located in the home network. The
tunnel for packets toward the MN starts at the HA. The HA maintains a location registry, i.e., it
is informed of the MN’s location by the current COA. Three alternatives for the implementation
of an HA exist.
1. The HA can be implemented on a router that is responsible for the home network. This is
obviously the best position, because without optimizations to mobile IP, all packets for the MN
have to go through the router anyway.
2. If changing the router’s software is not possible, the HA could also be implemented on an
arbitrary node in the subnet. One disadvantage of this solution is the double

crossing of the router by the packet if the MN is in a foreign network. A packet for the MN
comes in via the router; the HA sends it through the tunnel which again crosses the router.
Finally, a home network is not necessary at all. The HA could be again on the ‘router’ but this
time only acting as a manager for MNs belonging to a virtual home network. All MNs are always
in a foreign network with this solution. A CN is connected via a router to the internet, as are the
home network and the foreign network. The HA is implemented on the router connecting the
home network with the internet, an FA is implemented on the router to the foreign network. The
MN is currently in the foreign network. The tunnel for packets toward the MN starts at the HA
and ends at the FA, for the FA has the COA in the above example.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 3
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

IP packet delivery
Consider the above example in which a correspondent node (CN) wants to send an IP
packet to the MN. One of the requirements of mobile IP was to support hiding the mobility of the
MN. CN does not need to know anything about the MN’s current location and sends the packet
as usual to the IP address of MN as shown below.
CN sends an IP packet with MN as a destination address and CN as a source address. The
internet, not having information on the current location of MN, routes the packet to the router
responsible for the home network of MN. This is done using the standard routing mechanisms of
the internet. The HA now intercepts the packet, knowing that MN is currently not in its home
network. The packet is not forwarded into the subnet as usual, but encapsulated and tunnelled to
the COA. A new header is put in front of the old IP header showing the COA as new destination
and HA as source of the encapsulated packet (step 2).
The foreign agent now decapsulates the packet, i.e., removes the additional header, and
forwards the original packet with CN as source and MN as destination to the MN (step 3). Again,
for the MN mobility is not visible. It receives the packet with the same sender and receiver
address as it would have done in the home network.

Sending packets from the mobile node (MN) to the CN is comparatively simple. The MN sends
the packet as usual with its own fixed IP address as source and CN’s address as destination (step
4). The router with the FA acts as default router and forwards the packet in the same way as it
would do for any other node in the foreign network. As long as CN is a fixed node the remainder
is in the fixed internet as usual. If CN were also a mobile node residing in a foreign network, the
same mechanisms as described in steps 1 through 3 would apply now in the other direction.

Working of Mobile IP:-


Mobile IP has two addresses for a mobile host: one home address and one care-of
address. The home address is permanent; the care-of address changes as the mobile host moves
from one network to another. To make the change of address transparent to the rest of the
Internet requires a home agent and a foreign agent. The specific function of an agent is
performed in the application layer. When the mobile host and the foreign agent are the same, the
care-of address is called a co-located care-of address. To communicate with a remote host, a
mobile host goes through three phases: agent discovery, registration, and data transfer.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 4
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Agent Discovery
A mobile node has to find a foreign agent when it moves away from its home network.
To solve this problem, mobile IP describes two methods: agent advertisement and agent
solicitation.

Agent advertisement
For this method, foreign agents and home agents advertise their presence periodically
using special agent advertisement messages, which are broadcast into the subnet. Mobile IP
does not use a new packet type for agent advertisement; it uses the router advertisement packet
of ICMP, and appends an agent advertisement message. The agent advertisement packet
according to RFC 1256 with the extension for mobility is shown below:

The TTL field of the IP packet is set to 1 for all advertisements to avoid forwarding them.
The type is set to 9, the code can be 0, if the agent also routes traffic from non-mobile nodes, or
16, if it does not route anything other than mobile traffic. The number of addresses advertised
with this packet is in #addresses while the addresses themselves follow as shown. Lifetime
denotes the length of time this advertisement is valid. Preference levels for each address help a
node to choose the router that is the most eager one to get a new node.
The extension for mobility has the following fields defined: type is set to 16, length
depends on the number of COAs provided with the message and equals 6 + 4*(number of
addresses). The sequence number shows the total number of advertisements sent since
initialization by the agent. By the registration lifetime the agent can specify the maximum
lifetime in seconds a node can request during registration. The following bits specify the
characteristics of an agent in detail.
The R bit (registration) shows, if a registration with this agent is required even when
using a colocated COA at the MN. If the agent is currently too busy to accept new registrations it
can set the B bit. The following two bits denote if the agent offers services as a home agent (H)
or foreign agent (F) on the link where the advertisement has been sent. Bits M and G specify the
method of encapsulation used for the tunnel. While IP-in-IP encapsulation is the mandatory
standard, M can specify minimal encapsulation and G generic routing encapsulation. In the first
version of mobile IP (RFC 2002) the V bit specified the use of header compression according to
RFC 1144. Now the field r at the same bit position is set to zero and must be ignored. The new
field T indicates that reverse tunneling is supported by the FA. The following fields contain the

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 5
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

COAs advertised. A foreign agent setting the F bit must advertise at least one COA. A mobile
node in a subnet can now receive agent advertisements from either its home agent or a foreign
agent. This is one way for the MN to discover its location.

Agent Solicitation
If no agent advertisements are present or the inter-arrival time is too high, and an MN has
not received a COA by other means, the mobile node must send agent solicitations. Care must
be taken to ensure that these solicitation messages do not flood the network, but basically an MN
can search for an FA endlessly sending out solicitation messages. If a node does not receive an
answer to its solicitations it must decrease the rate of solicitations exponentially to avoid
flooding the network until it reaches a maximum interval between solicitations (typically one
minute). Discovering a new agent can be done anytime, not just if the MN is not connected to
one.
After these steps of advertisements or solicitations the MN can now receive a COA, either one
for an FA or a co-located COA.

Agent Registration
Having received a COA, the MN has to register with the HA. The main purpose of the
registration is to inform the HA of the current location for correct forwarding of packets.

Registration can be done in two different ways depending on the location of the COA.
If the COA is at the FA, the MN sends its registration request containing the COA to the
FA which forwards the request to the HA. The HA now sets up a mobility binding, containing
the mobile node’s home IP address and the current COA. It also contains the lifetime of the
registration which is negotiated during the registration process. Registration expires
automatically after the lifetime and is deleted; so, an MN should reregister before expiration.
This mechanism is necessary to avoid mobility bindings which are no longer used. After setting
up the mobility binding, the HA sends a reply message back to the FA which forwards it to the
MN.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 6
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Registration of a mobile node via the FA or directly with the HA


If the COA is co-located, registration can be simpler, the MN sends the request directly to
the HA and vice versa. This is also the registration procedure for MNs returning to their home
network to register directly with the HA.
UDP packets are used for the registration requests using the port no 434. The IP source
address of the packet is set to the interface address of the MN, the IP destination address is that
of the FA or HA.

Registration Request
The first field type is set to 1 for a registration request. With the S bit an MN can specify
if it wants the HA to retain prior mobility bindings. This allows for simultaneous bindings.
Setting the B bit generally indicates that an MN also wants to receive the broadcast packets
which have been received by the HA in the home network. If an MN uses a co-located COA, it
also takes care of the decapsulation at the tunnel endpoint. The D bit indicates this behavior. As
already defined for agent advertisements, the bits M and G denote the use of minimal
encapsulation or generic routing encapsulation, respectively. T indicates reverse tunneling, r and
x are set to zero.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 7
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Lifetime denotes the validity of the registration in seconds. A value of zero indicates
deregistration; all bits set indicates infinity. The home address is the fixed IP address of the MN,
home agent is the IP address of the HA, and COA represents the tunnel endpoint. The 64 bit
identification is generated by the MN to identify a request and match it with registration replies.
This field is used for protection against replay attacks of registrations. The extensions must at
least contain parameters for authentication
A registration reply, which is conveyed in a UDP packet, contains a type field set to 3
and a code indicating the result of the registration request.

Registration Reply
The lifetime field indicates how many seconds the registration is valid if it was
successful. Home address and home agent are the addresses of the MN and the HA,
respectively. The 64-bit identification is used to match registration requests with replies. The
value is based on the identification field from the registration and the authentication method.
Again, the extensions must at least contain parameters for authentication.

Tunnelling and encapsulation


A tunnel establishes a virtual pipe for data packets between a tunnel entry and a tunnel
endpoint. Packets entering a tunnel are forwarded inside the tunnel and leave the tunnel
unchanged. Tunneling, i.e., sending a packet through a tunnel is achieved by using
encapsulation.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 8
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Encapsulation is the mechanism of taking a packet consisting of packet header and data
and putting it into the data part of a new packet. The reverse operation, taking a packet out of the
data part of another packet, is called decapsulation. Encapsulation and decapsulation are the
operations typically performed when a packet is transferred from a higher protocol layer to a
lower layer or from a lower to a higher layer respectively.
The HA takes the original packet with the MN as destination, puts it into the data part of
a new packet and sets the new IP header so that the packet is routed to the COA. The new header
is called outer header.

Mobile IP tunnelling

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 9
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Ip-in-Ip Encapsulation
There are different ways of performing the encapsulation needed for the tunnel between
HA and COA. Mandatory for mobile IP is IP-in-IP encapsulation as specified in RFC 2003.
The following fig shows a packet inside the tunnel.

The version field ver is 4 for IP version 4, the internet header length (IHL) denotes the
length of the outer header in 32 bit words. DS(TOS) is just copied from the inner header, the
length field covers the complete encapsulated packet. The fields up to TTL have no special
meaning for mobile IP and are set according to RFC 791. TTL must be high enough so the
packet can reach the tunnel endpoint. The next field, here denoted with IP-in-IP, is the type of
the protocol used in the IP payload. This field is set to 4, the protocol type for IPv4 because
again an IPv4 packet follows after this outer header. IP checksum is calculated as usual. The
next fields are the tunnel entry as source address (the IP address of the HA) and the tunnel exit
point as destination address (the COA).
If no options follow the outer header, the inner header starts with the same fields as
above. This header remains almost unchanged during encapsulation, thus showing the original
sender CN and the receiver MN of the packet. The only change is TTL which is decremented by
1. This means that the whole tunnel is considered a single hop from the original packet’s point of
view. This is a very important feature of tunneling as it allows the MN to behave as if it were
attached to the home network. No matter how many real hops the packet has to take in the
tunnel, it is just one (logical) hop away for the MN. Finally, the payload follows the two headers.

Minimal encapsulation
Minimal encapsulation (RFC 2004) as shown below is an optional encapsulation method
for mobile IP which avoids repetitions of identical fields in IP-in-IP encapsulation. The tunnel
entry point and endpoint are specified.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 10
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

The field for the type of the following header contains the value 55 for the minimal
encapsulation protocol. The inner header is different for minimal encapsulation. The type of the
following protocol and the address of the MN are needed. If the S bit is set, the original sender
address of the CN is included as omitting the source is quite often not an option. No field for
fragmentation offset is left in the inner header and minimal encapsulation does not work with
already fragmented packets.

Generic Routing Encapsulation


Unlike IP-in-IP and Minimal encapsulation which work only for IP packets, Generic
routing encapsulation (GRE) allows the encapsulation of packets of one protocol suite into the
payload portion of a packet of another protocol suite as shown below.

The packet of one protocol suite with the original packet header and data is taken and a
new GRE header is prepended. Together this forms the new data part of the new packet. Finally,
the header of the second protocol suite is put in front.The following figure shows the fields of a
packet inside the tunnel between HA and COA using GRE as an encapsulation scheme according
to RFC 1701. The outer header is the standard IP header with HA as source address and COA as
destination address. The protocol type used in this outer IP header is 47 for GRE.

The GRE header starts with several flags indicating if certain fields are present or not. A
minimal GRE header uses only 4 bytes. The C bit indicates if the checksum field is present and
contains valid information. If C is set, the checksum field contains a valid IP checksum of the
GRE header and the payload. The R bit indicates if the offset and routing fields are present and
contain valid information. The offset represents the offset in bytes for the first source routing
entry. The routing field, if present, has a variable length and contains fields for source routing.
GRE also offers a key field which may be used for authentication. If this field is present, the K

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 11
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

bit is set. The sequence number bit S indicates if the sequence number field is present, if the s bit
is set, strict source routing is used.
The recursion control field (rec.) is an important field that additionally distinguishes
GRE from IP-in-IP and minimal encapsulation. This field represents a counter that shows the
number of allowed recursive encapsulations. The default value of this field should be 0, thus
allowing only one level of encapsulation. The following reserved fields must be zero and are
ignored on reception. The version field contains 0 for the GRE version. The following 2 byte
protocol field represents the protocol of the packet following the GRE header. The standard
header of the original packet follows with the source address of the correspondent node and the
destination address of the mobile node.
A simplified header of GRE following RFC 2784 is shown below.

The field C indicates again if a checksum is present. The next 5 bits are set to zero, then 7
reserved bits follow. The version field contains the value zero. The protocol type, again, defines
the protocol of the payload following RFC 3232. If the flag C is set, then checksum field and a
field called reserved1 follows. The latter field is constant zero set to zero follow.

Optimizations
If a scenario occurs, where if the MN is in the same subnetwork as the node to which it is
communicating and HA is on the other side of the world. It is called triangular routing problem
as it causes unnecessary overheads for the network between CN and the HA.
A solution to this problem is to inform the CN of the current location of the MN. The CN
can learn the location by caching it in a binding cache, which is a part of the routing table for the
CN. HA informs the CN of the location. It needs four additional messages:
Binding Request: It is sent by the node that wants to know the current location of an MN to the
HA. HA checks if it is allowed to reveal the location and then sends back a binding update
Binding update: It is sent by the HA to the CN revealing the current location of an MN. It
contains the fixed IP address of the MN and the COA. This message can request an
acknowledgement.
Binding acknowledgement: If requested, a node returns this acknowledgement after receiving a
binding update message
Binding warning: A node sends a binding warning if it decapsulates a packet for an MN, but it
is note the current FA of this MN. It contains MN’s home address and a target nodes address.
The recipient can be the HA, so the HA now sends a binding update to the node that obviously
has a wrong COA for the MN.
The following figure shows how the four additional messages are used together if an MN
changes its FA.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 12
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

The CN can request the current location from the HA. If allowed by the MN, the HA
returns the COA of the MN via an update message. The CN acknowledges this update message
and stores the mobility binding. Now the CN can send its data directly to the current foreign
agent FAold. FAold forwards the packets to the MN. This scenario shows a COA located at an
FA. Encapsulation of data for tunneling to the COA is now done by the CN, not the HA.
The MN might now change its location and register with a new foreign agent, FAnew.
This registration is also forwarded to the HA to update its location database. Furthermore,
FAnew informs FAold about the new registration of MN. MN’s registration message contains
the address of FAold for this purpose. Passing this information is achieved via an update
message, which is acknowledged by FAold.
Without the information provided by the new FA, the old FA would not get to know
anything about the new location of MN. In this case, CN does not know anything about the new
location, so it still tunnels its packets for MN to the old FA, FAold. This FA now notices packets
with destination MN, but also knows that it is not the current FA of MN. FAold might now
forward these packets to the new COA of MN which is FAnew in this example. This forwarding
of packets is another optimization of the basic Mobile IP providing smooth handovers. Without
this optimization, all packets in transit would be lost while the MN moves from one FA to
another.
To tell CN that it has a stale binding cache, FAold sends, a binding warning message to
CN. CN then requests a binding update. (The warning could also be directly sent to the HA
triggering an update). The HA sends an update to inform the CN about the new location, which
is acknowledged. Now CN can send its packets directly to FAnew, again avoiding triangular
routing. Unfortunately, this optimization of mobile IP to avoid triangular routing causes several
security problems

Reverse Tunnelling
The reverse path from MS to the CN looks quite simple as the MN can directly send its
packets to the CN as in any other standard IP situation. The destination address in the packets is
that of CN. But it has some problems explained below:-
Quite often firewalls are designed to only allow packets with topologically correct addresses to
pass to provide simple protection against misconfigured systems of unknown addresses.
However, MN still sends packets with its fixed IP address as source which is not topologically

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 13
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

correct in a foreign network. Firewalls often filter packets coming from outside containing a
source address from computers of the internal network. This also implies that an MN cannot send
a packet to a computer residing in its home network.
While the nodes in the home network might participate in a multi-cast group, an MN in a foreign
network cannot transmit multi-cast packets in a way that they emanate from its home network
without a reverse tunnel. The foreign network might not even provide the technical infrastructure
for multi-cast communication (multi-cast backbone, Mbone).
If the MN moves to a new foreign network, the older TTL might be too low for the packets to
reach the same destination nodes as before. Mobile IP is no longer transparent if a user has to
adjust the TTL while moving. A reverse tunnel is needed that represents only one hop, no matter
how many hops are really needed from the foreign to the home network

Based on the above considerations, reverse tunnelling is defined as an extension to mobile IP


(per RFC 2344). It was designed backward compatible to mobile IP and defines topologically
correct reverse tunnelling to handle the above stated problems.

Reverse Tunnelling
Packet Forwarding Reverse Tunnel
Reverse tunneling does not solve problems with firewalls, the reverse tunnel can be
abused to circumvent security mechanisms (tunnel hijacking) and optimization of data paths, i.e.
packets will be forwarded through the tunnel via the HA to a sender (double triangular routing)

IPv6
The design of Mobile IP support in IPv6 (Mobile IPv6) benefits both from the
experiences gained from the development of Mobile IP support in IPv4, and from the
opportunities provided by IPv6. Mobile IPv6 thus shares many features with Mobile IPv4, but is
integrated into IPv6 and offers many other improvements. This section summarizes the major
differences between Mobile IPv4 and Mobile IPv6:
There is no need to deploy special routers as "foreign agents", as in Mobile IPv4. Mobile
IPv6 operates in any location without any special support required from the local router.
Support for route optimization is a fundamental part of the protocol, rather than a
nonstandard set of extensions.
Mobile IPv6 route optimization can operate securely even without pre-arranged security
associations. It is expected that route optimization can be deployed on a global scale between all
mobile nodes and correspondent nodes.
Support is also integrated into Mobile IPv6 for allowing route optimization to coexist
efficiently with routers that perform "ingress filtering"
The IPv6 Neighbor Unreachability Detection assures symmetric reachability between the
mobile node and its default router in the current location.
Most packets sent to a mobile node while away from home in Mobile IPv6 are sent using
an IPv6 routing header rather than IP encapsulation, reducing the amount of resulting overhead
compared to Mobile IPv4.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 14
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Mobile IPv6 is decoupled from any particular link layer, as it uses IPv6 Neighbor
Discovery instead of ARP. This also improves the robustness of the protocol.
The use of IPv6 encapsulation (and the routing header) removes the need in Mobile IPv6
to manage "tunnel soft state".
The dynamic home agent address discovery mechanism in Mobile IPv6 returns a single
reply to the mobile node. The directed broadcast approach used in IPv4 returns separate replies
from each home agent.

Dynamic Host Configuration Protocol (DHCP)


DHCP is an automatic configuration protocol used on IP networks. DHCP allows a
computer to join an IP-based network without having a pre-configured IP address. DHCP is a
protocol that assigns unique IP addresses to devices, then releases and renews these addresses as
devices leave and re-join the network. If a new computer is connected to a network, DHCP can
provide it with all the necessary information for full system integration into the network, e.g.,
addresses of a DNS server and the default router, the subnet mask, the domain name, and an IP
address. Providing an IP address makes DHCP very attractive for mobile IP as a source of care-
of-addresses.

DHCP is based on a client/server model as shown below. DHCP clients send a request to
a server (DHCPDISCOVER in the example) to which the server responds. A client sends
requests using MAC broadcasts to reach all devices in the LAN. A DHCP relay might be needed
to forward requests across inter-working units to a DHCP server.
Consider the scenario where there is one client and two servers are present. A typical
initialization of a DHCP client is shown below:

the client broadcasts a DHCPDISCOVER into the subnet. There might be a relay to
forward this broadcast. In the case shown, two servers receive this broadcast and determine the

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 15
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

configuration they can offer to the client. Servers reply to the client’s request with DHCPOFFER
and offer a list of configuration parameters. The client can now choose one of the configurations
offered. The client in turn replies to the servers, accepting one of the configurations and rejecting
the others using DHCPREQUEST. If a server receives a DHCPREQUEST with a rejection, it
can free the reserved configuration for other possible clients. The server with the configuration
accepted by the client now confirms the configuration with DHCPACK. This completes the
initialization phase. If a client leaves a subnet, it should release the configuration received by the
server using DHCPRELEASE. Now the server can free the context stored for the client and offer
the configuration again. The configuration a client gets from a server is only leased for a certain
amount of time, it has to be reconfirmed from time to time. Otherwise the server will free the
configuration. This timeout of configuration helps in the case of crashed nodes or nodes moved
away without releasing the context.
DHCP is a good candidate for supporting the acquisition of care-of addresses for mobile
nodes. The same holds for all other parameters needed, such as addresses of the default router,
DNS servers, the timeserver etc. A DHCP server should be located in the subnet of the access
point of the mobile node, or at least a DHCP relay should provide forwarding of the messages.
RFC 3118 specifies authentication for DHCP messages so as to provide protection from
malicious DHCP servers. Without authentication, a DHCP server cannot trust the mobile node
and vice versa…
The Transmission Control Protocol (TCP) is one of the core protocols of the Internet
protocol suite, often simply referred to as TCP/IP. TCP is reliable, guarantees in-order delivery
of data and incorporates congestion control and flow control mechanisms.
TCP supports many of the Internet's most popular application protocols and resulting
applications, including the World Wide Web, e-mail, File Transfer Protocol and Secure Shell. In
the Internet protocol suite, TCP is the intermediate layer between the Internet layer and
application layer.
The major responsibilities of TCP in an active session are to:
• Provide reliable in-order transport of data: to not allow losses of data.
• Control congestions in the networks: to not allow degradation of the network performance,
• Control a packet flow between the transmitter and the receiver: to not exceed the receiver's
capacity.
TCP uses a number of mechanisms to achieve high performance and avoid 'congestion
collapse', where network performance can fall by several orders of magnitude. These
mechanisms control the rate of data entering the network, keeping the data flow below a rate that
would trigger collapse. There are several mechanisms of TCP that influence the efficiency of
TCP in a mobile environment. Acknowledgments for data sent, or lack of acknowledgments, are
used by senders to implicitly interpret network conditions between the TCP sender and receiver.

Congestion Control
A transport layer protocol such as TCP has been designed for fixed networks with fixed
end- systems. Congestion may appear from time to time even in carefully designed networks.
The packet buffers of a router are filled and the router cannot forward the packets fast enough
because the sum of the input rates of packets destined for one output link is higher than the
capacity of the output link. The only thing a router can do in this situation is to drop packets. A
dropped packet is lost for the transmission, and the receiver notices a gap in the packet stream.
Now the receiver does not directly tell the sender which packet is missing, but continues to

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 16
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

acknowledge all in-sequence packets up to the missing one. The sender notices the missing
acknowledgement for the lost packet and assumes a packet loss due to congestion.
Retransmitting the missing packet and continuing at full sending rate would now be unwise, as
this might only increase the congestion. To mitigate congestion, TCP slows down the
transmission rate dramatically. All other TCP connections experiencing the same congestion do
exactly the same so the congestion is soon resolved. Slow start TCP’s reaction to a missing
acknowledgement is quite drastic, but it is necessary to get rid of congestion quickly. The
behavior TCP shows after the detection of congestion is called slow start. The sender always
calculates a congestion window for a receiver. The start size of the congestion window is one
segment (TCP packet). The sender sends one packet and waits for acknowledgement. If this
acknowledgement arrives, the sender increases the congestion window by one, now sending two
packets (congestion window = 2). This scheme doubles the congestion window every time the
acknowledgements come back, which takes one round trip time (RTT). This is called the
exponential growth of the congestion window in the slow start mechanism.
But doubling the congestion window is too dangerous. The exponential growth stops at
the congestion threshold. As soon as the congestion window reaches the congestion threshold,
further increase of the transmission rate is only linear by adding 1 to the congestion window each
time the acknowledgements come back.
Linear increase continues until a time-out at the sender occurs due to a missing
acknowledgement, or until the sender detects a gap in transmitted data because of continuous
acknowledgements for the same packet. In either case the sender sets the congestion threshold to
half of the current congestion window. The congestion window itself is set to one segment and
the sender starts sending a single segment. The exponential growth starts once more up to the
new congestion threshold, then the window grows in linear fashion.

Fast Retransmit/Fast Recovery


The congestion threshold can be reduced because of two reasons. First one is if the sender
receives continuous acknowledgements for the same packet. It informs the sender that the
receiver has got all the packets upto the acknowledged packet in the sequence and also the
receiver is receiving something continuously from the sender. The gap in the packet stream is not
due to congestion, but a simple packet loss due to a transmission error. The sender can now
retransmit the missing packet(s) before the timer expires. This behavior is called fast
retransmit. It is an early enhancement for preventing slow-start to trigger on losses not caused
by congestion. The receipt of acknowledgements shows that there is no congestion to justify a
slow start. The sender can continue with the current congestion window. The sender performs a
fast recovery from the packet loss. This mechanism can improve the efficiency of TCP
dramatically. The other reason for activating slow start is a time-out due to a missing
acknowledgement. TCP using fast retransmit/fast recovery interprets this congestion in the
network and activates the slow start mechanism.
The advantage of this method is its simplicity. Minor changes in the MH’s software
results in performance increase. No changes are required in FA or CH.
The disadvantage of this scheme is insufficient isolation of packet losses. It mainly focuses on
problems regarding Handover. Also it effects the efficiency when a CH transmits already
delivered packets.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 17
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Problems with Traditional TCP in wireless environments


Slow Start mechanism in fixed networks decreases the efficiency of TCP if used with
mobile receivers or senders.
Error rates on wireless links are orders of magnitude higher compared to fixed fiber or
copper links. This makes compensation for packet loss by TCP quite difficult.
Mobility itself can cause packet loss. There are many situations where a soft handover
from one access point to another is not possible for a mobile end-system.
Standard TCP reacts with slow start if acknowledgements are missing, which does not
help in the case of transmission errors over wireless links and which does not really help during
handover. This behavior results in a severe performance degradation of an unchanged TCP if
used together with wireless links or mobile nodes

Classical TCP Improvements


Indirect TCP (I-TCP)
Indirect TCP segments a TCP connection into a fixed part and a wireless part. The
following figure shows an example with a mobile host connected via a wireless link and an
access point to the ‘wired’ internet where the correspondent host resides.
Standard TCP is used between the fixed computer and the access point. No computer in the
internet recognizes any changes to TCP. Instead of the mobile host, the access point now
terminates the standard TCP connection, acting as a proxy. This means that the access point is
now seen as the mobile host for the fixed host and as the fixed host for the mobile host. Between
the access point and the mobile host, a special TCP, adapted to wireless links, is used. However,
changing TCP for the wireless link is not a requirement. A suitable place for segmenting the
connection is at the foreign agent as it not only controls the mobility of the mobile host anyway
and can also hand over the connection to the next foreign agent when the mobile host moves on.

The foreign agent acts as a proxy and relays all data in both directions. If CH
(correspondent host) sends a packet to the MH, the FA acknowledges it and forwards it to the
MH. MH acknowledges on successful reception, but this is only used by the FA. If a packet is
lost on the wireless link, CH doesn’t observe it and FA tries to retransmit it locally to maintain
reliable data transport. If the MH sends a packet, the FA acknowledges it and forwards it to CH.
If the packet is lost on the wireless link, the mobile hosts notice this much faster due to the lower
round trip time and can directly retransmit the packet. Packet loss in the wired network is now
handled by the foreign agent.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 18
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Socket and state migration after handover of a mobile host


During handover, the buffered packets, as well as the system state (packet sequence
number, acknowledgements, ports, etc), must migrate to the new agent. No new connection may
be established for the mobile host, and the correspondent host must not see any changes in
connection state. Packet delivery in I-TCP is shown below:

Advantages of I-TCP
No changes in the fixed network necessary, no changes for the hosts (TCP protocol)
necessary, all current optimizations to TCP still work
Simple to control, mobile TCP is used only for one hop between, e.g., a foreign agent and
mobile host
1. transmission errors on the wireless link do not propagate into the fixed network
2. therefore, a very fast retransmission of packets is possible, the short delay on the mobile hop s
known
It is always dangerous to introduce new mechanisms in a huge network without knowing
exactly how they behave.
New optimizations can be tested at the last hop, without jeopardizing the stability of the
Internet.
It is easy to use different protocols for wired and wireless networks.

Disadvantages of I-TCP
Loss of end-to-end semantics:- an acknowledgement to a sender no longer means that a
receiver really has received a packet, foreign agents might crash.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 19
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Higher latency possible:- due to buffering of data within the foreign agent and forwarding
to a new foreign agent
Security issue:- The foreign agent must be a trusted entity

Snooping TCP
The main drawback of I-TCP is the segmentation of the single TCP connection into two
TCP connections, which loses the original end-to-end TCP semantic. A new enhancement, which
leaves the TCP connection intact and is completely transparent, is Snooping TCP. The main
function is to buffer data close to the mobile host to perform fast local retransmission in case of
packet loss.

Snooping TCP as a transparent TCP extension

Here, the foreign agent buffers all packets with destination mobile host and additionally
‘snoops’ the packet flow in both directions to recognize acknowledgements. The foreign agent
buffers every packet until it receives an acknowledgement from the mobile host. If the FA does
not receive an acknowledgement from the mobile host within a certain amount of time, either the
packet or the acknowledgement has been lost. Alternatively, the foreign agent could receive a
duplicate ACK which also shows the loss of a packet. Now, the FA retransmits the packet
directly from the buffer thus performing a faster retransmission compared to the CH. For
transparency, the FA does not acknowledge data to the CH, which would violate end-to-end
semantic in case of a FA failure. The foreign agent can filter the duplicate acknowledgements to
avoid unnecessary retransmissions of data from the correspondent host. If the foreign agent now
crashes, the time-out of the correspondent host still works and triggers a retransmission. The
foreign agent may discard duplicates of packets already retransmitted locally and acknowledged
by the mobile host. This avoids unnecessary traffic on the wireless link.
For data transfer from the mobile host with destination correspondent host, the FA snoops into
the packet stream to detect gaps in the sequence numbers of TCP. As soon as the foreign agent
detects a missing packet, it returns a negative acknowledgement (NACK) to the mobile host. The
mobile host can now retransmit the missing packet immediately. Reordering of packets is done
automatically at the correspondent host by TCP.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 20
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Snooping TCP: Packet delivery

Advantages of snooping TCP:


The end-to-end TCP semantic is preserved.
Most of the enhancements are done in the foreign agent itself which keeps correspondent
host unchanged.
Handover of state is not required as soon as the mobile host moves to another foreign
agent. Even though packets are present in the buffer, time out at the CH occurs and the packets
are transmitted to the new COA.
No problem arises if the new foreign agent uses the enhancement or not. If not, the
approach automatically falls back to the standard solution.

Disadvantages of snooping TCP


Snooping TCP does not isolate the behavior of the wireless link as well as I-TCP.
Transmission errors may propagate till CH.
Using negative acknowledgements between the foreign agent and the mobile host
assumes additional mechanisms on the mobile host. This approach is no longer transparent for
arbitrary mobile hosts.
Snooping and buffering data may be useless if certain encryption schemes are applied
end-to-end between the correspondent host and mobile host. If encryption is used above the
transport layer, (eg. SSL/TLS), snooping TCP can be used.

Mobile TCP
Both I-TCP and Snooping TCP does not help much, if a mobile host gets disconnected.
The M-TCP (mobile TCP) approach has the same goals as I-TCP and snooping TCP: to prevent
the sender window from shrinking if bit errors or disconnection but not congestion cause current
problems. M-TCP wants to improve overall throughput, to lower the delay, to maintain end-to-
end semantics of TCP, and to provide a more efficient handover. Additionally, M-TCP is
especially adapted to the problems arising from lengthy or frequent disconnections. M-TCP
splits the TCP connection into two parts as I-TCP does. An unmodified TCP is used on the

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 21
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

standard host-supervisory host (SH) connection, while an optimized TCP is used on the SH-MH
connection.
The SH monitors all packets sent to the MH and ACKs returned from the MH. If the SH
does not receive an ACK for some time, it assumes that the MH is disconnected. It then chokes
the sender by setting the sender’s window size to 0. Setting the window size to 0 forces the
sender to go into persistent mode, i.e., the state of the sender will not change no matter how
long the receiver is disconnected. This means that the sender will not try to retransmit data. As
soon as the SH (either the old SH or a new SH) detects connectivity again, it reopens the window
of the sender to the old value. The sender can continue sending at full speed. This mechanism
does not require changes to the sender’s TCP. The wireless side uses an adapted TCP that can
recover from packet loss much faster. This modified TCP does not use slow start, thus, M-TCP
needs a bandwidth manager to implement fair sharing over the wireless link.

Advantages of M-TCP:
It maintains the TCP end-to-end semantics. The SH does not send any ACK itself but
forwards the ACKs from the MH.
If the MH is disconnected, it avoids useless retransmissions, slow starts or breaking
connections by simply shrinking the sender’s window to 0.
As no buffering is done as in I-TCP, there is no need to forward buffers to a new SH.
Lost packets will be automatically retransmitted to the SH.

Disadvantages of M-TCP:
As the SH does not act as proxy as in I-TCP, packet loss on the wireless link due to bit
errors is propagated to the sender. M-TCP assumes low bit error rates, which is not always a
valid assumption.
A modified TCP on the wireless link not only requires modifications to the MH protocol
software but also new network elements like the bandwidth manager.

Transmission/time-out freezing
Often, MAC layer notices connection problems even before the connection is actually
interrupted from a TCP point of view and also knows the real reason for the interruption. The
MAC layer can inform the TCP layer of an upcoming loss of connection or that the current
interruption is not caused by congestion. TCP can now stop sending and ‘freezes’ the current
state of its congestion window and further timers. If the MAC layer notices the upcoming
interruption early enough, both the mobile and correspondent host can be informed. With a fast
interruption of the wireless link, additional mechanisms in the access point are needed to inform
the correspondent host of the reason for interruption. Otherwise, the correspondent host goes into
slow start assuming congestion and finally breaks the connection.
As soon as the MAC layer detects connectivity again, it signals TCP that it can resume
operation at exactly the same point where it had been forced to stop. For TCP time simply does
not advance, so no timers expire.
Advantages:
It offers a way to resume TCP connections even after long interruptions of the
connection.
It can be used together with encrypted data as it is independent of other TCP mechanisms
such as sequence no or acknowledgements

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 22
Sri Vidya College of Engineering & Technology, Virudhunagar Course Material (Lecture Notes)

Disadvantages:
Lots of changes have to be made in software of MH, CH and FA.

Selective retransmission
A very useful extension of TCP is the use of selective retransmission. TCP
acknowledgements are cumulative, i.e., they acknowledge in-order receipt of packets up to a
certain packet. A single acknowledgement confirms reception of all packets upto a certain
packet. If a single packet is lost, the sender has to retransmit everything starting from the lost
packet (go-back-n retransmission). This obviously wastes bandwidth, not just in the case of a
mobile network, but for any network. Using selective retransmission, TCP can indirectly request
a selective retransmission of packets. The receiver can acknowledge single packets, not only
trains of in-sequence packets. The sender can now determine precisely which packet is needed
and can retransmit it. The advantage of this approach is obvious: a sender retransmits only the
lost packets. This lowers bandwidth requirements and is extremely helpful in slow wireless links.
The disadvantage is that a more complex software on the receiver side is needed. Also more
buffer space is needed to resequence data and to wait for gaps to be filled.

Transaction-oriented TCP
Assume an application running on the mobile host that sends a short request to a server
from time to time, which responds with a short message and it requires reliable TCP transport of
the packets. For it to use normal TCP, it is inefficient because of the overhead involved. Standard
TCP is made up of three phases: setup, data transfer and release. First, TCP uses a three-way
handshake to establish the connection. At least one additional packet is usually needed for
transmission of the request, and requires three more packets to close the connection via a three-
way handshake. So, for sending one data packet, TCP may need seven packets altogether. This
kind of overhead is acceptable for long sessions in fixed networks, but is quite inefficient for
short messages or sessions in wireless networks. This led to the development of transaction-
oriented TCP (T/TCP).
T/TCP can combine packets for connection establishment and connection release with
user data packets. This can reduce the number of packets down to two instead of seven. The
obvious advantage for certain applications is the reduction in the overhead which standard TCP
has for connection setup and connection release. Disadvantage is that it requires changes in the
software in mobile host and all correspondent hosts. This solution does not hide mobility
anymore. Also, T/TCP exhibits several security problems.

IT6601 Mobile Computing Unit II STUDENTSFOCUS.COM


Page 23

You might also like