Unit II
Unit II
Unit II
Mobile IP
The IP addresses are designed to work with stationary hosts because part of the address
defines the network to which the host is attached. A host cannot change its IP address without
terminating on-going sessions and restarting them after it acquires a new address. Other link
layer mobility solutions exist but are not sufficient enough for the global Internet.
Mobility is the ability of a node to change its point-of-attachment while maintaining all
existing communications and using the same IP address.
Nomadicity allows a node to move but it must terminate all existing communications and
then can initiate new connections with a new address.
Mobile IP is a network layer solution for homogenous and heterogeneous mobility on the
global Internet which is scalable, robust, secure and which allows nodes to maintain all ongoing
communications while moving.
Design Goals:
Mobile IP was developed as a means for transparently dealing with problems of mobile
users. Mobile IP was designed to make the size and the frequency of required routing updates as
small as possible. It was designed to make it simple to implement mobile node software. It was
designed to avoid solutions that require mobile nodes to use multiple addresses.
Requirements:
There are several requirements for Mobile IP to make it as a standard. Some of them are:
1. Compatibility: The whole architecture of internet is very huge and a new standard cannot
introduce changes to the applications or network protocols already in use. Mobile IP is to be
integrated into the existing operating systems. Also, for routers also it may be possible to
enhance its capabilities to support mobility instead of changing the routers which is highly
impossible. Mobile IP must not require special media or MAC/LLC protocols, so it must use the
same interfaces and mechanisms to access the lower layers as IP does. Finally, end-systems
enhanced with a mobile IP implementation should still be able to communicate with fixed
systems without mobile IP.
2. Transparency: Mobility remains invisible for many higher layer protocols and applications.
Higher layers continue to work even if the mobile computer has changed its point of attachment
to the network and even notice a lower bandwidth and some interruption in the service. As many
of today’s applications have not been designed to use in mobile environments, the effects of
mobility will be higher delay and lower bandwidth.
3. Scalability and efficiency: The efficiency of the network should not be affected even if a new
mechanism is introduced into the internet. Enhancing IP for mobility must not generate many
new messages flooding the whole network. Special care is necessary to be taken considering the
lower bandwidth of wireless links. Many mobile systems have a wireless link to an attachment
point. Therefore, only some additional packets must be necessary between a mobile system and a
node in the network. It is indispensable for a mobile IP to be scalable over a large number of
participants in the whole internet, throughout the world.
4. Security: Mobility possesses many security problems. A minimum requirement is the
authentication of all messages related to the management of mobile IP. It must be sure for the IP
layer if it forwards a packet to a mobile host that this host really is the receiver of the packet. The
IP layer can only guarantee that the IP address of the receiver is correct. There is no way to
prevent faked IP addresses and other attacks.
The goal of a mobile IP can be summarized as: ‘supporting end-system mobility while
maintaining scalability, efficiency, and compatibility in all respects with existing applications
and Internet protocols’.
address where packets exit the tunnel. There are two different possibilities for the location of the
COA:
Foreign agent COA:
The COA could be located at the FA, i.e., the COA is an IP address of the FA. The FA is
the tunnel end-point and forwards packets to the MN. Many MN using the FA can share this
COA as common COA.
Co-located COA:
The COA is co-located if the MN temporarily acquired an additional IP address which
acts as COA. This address is now topologically correct, and the tunnel endpoint is at the MN.
Co-located addresses can be acquired using services such as DHCP.
crossing of the router by the packet if the MN is in a foreign network. A packet for the MN
comes in via the router; the HA sends it through the tunnel which again crosses the router.
Finally, a home network is not necessary at all. The HA could be again on the ‘router’ but this
time only acting as a manager for MNs belonging to a virtual home network. All MNs are always
in a foreign network with this solution. A CN is connected via a router to the internet, as are the
home network and the foreign network. The HA is implemented on the router connecting the
home network with the internet, an FA is implemented on the router to the foreign network. The
MN is currently in the foreign network. The tunnel for packets toward the MN starts at the HA
and ends at the FA, for the FA has the COA in the above example.
IP packet delivery
Consider the above example in which a correspondent node (CN) wants to send an IP
packet to the MN. One of the requirements of mobile IP was to support hiding the mobility of the
MN. CN does not need to know anything about the MN’s current location and sends the packet
as usual to the IP address of MN as shown below.
CN sends an IP packet with MN as a destination address and CN as a source address. The
internet, not having information on the current location of MN, routes the packet to the router
responsible for the home network of MN. This is done using the standard routing mechanisms of
the internet. The HA now intercepts the packet, knowing that MN is currently not in its home
network. The packet is not forwarded into the subnet as usual, but encapsulated and tunnelled to
the COA. A new header is put in front of the old IP header showing the COA as new destination
and HA as source of the encapsulated packet (step 2).
The foreign agent now decapsulates the packet, i.e., removes the additional header, and
forwards the original packet with CN as source and MN as destination to the MN (step 3). Again,
for the MN mobility is not visible. It receives the packet with the same sender and receiver
address as it would have done in the home network.
Sending packets from the mobile node (MN) to the CN is comparatively simple. The MN sends
the packet as usual with its own fixed IP address as source and CN’s address as destination (step
4). The router with the FA acts as default router and forwards the packet in the same way as it
would do for any other node in the foreign network. As long as CN is a fixed node the remainder
is in the fixed internet as usual. If CN were also a mobile node residing in a foreign network, the
same mechanisms as described in steps 1 through 3 would apply now in the other direction.
Agent Discovery
A mobile node has to find a foreign agent when it moves away from its home network.
To solve this problem, mobile IP describes two methods: agent advertisement and agent
solicitation.
Agent advertisement
For this method, foreign agents and home agents advertise their presence periodically
using special agent advertisement messages, which are broadcast into the subnet. Mobile IP
does not use a new packet type for agent advertisement; it uses the router advertisement packet
of ICMP, and appends an agent advertisement message. The agent advertisement packet
according to RFC 1256 with the extension for mobility is shown below:
The TTL field of the IP packet is set to 1 for all advertisements to avoid forwarding them.
The type is set to 9, the code can be 0, if the agent also routes traffic from non-mobile nodes, or
16, if it does not route anything other than mobile traffic. The number of addresses advertised
with this packet is in #addresses while the addresses themselves follow as shown. Lifetime
denotes the length of time this advertisement is valid. Preference levels for each address help a
node to choose the router that is the most eager one to get a new node.
The extension for mobility has the following fields defined: type is set to 16, length
depends on the number of COAs provided with the message and equals 6 + 4*(number of
addresses). The sequence number shows the total number of advertisements sent since
initialization by the agent. By the registration lifetime the agent can specify the maximum
lifetime in seconds a node can request during registration. The following bits specify the
characteristics of an agent in detail.
The R bit (registration) shows, if a registration with this agent is required even when
using a colocated COA at the MN. If the agent is currently too busy to accept new registrations it
can set the B bit. The following two bits denote if the agent offers services as a home agent (H)
or foreign agent (F) on the link where the advertisement has been sent. Bits M and G specify the
method of encapsulation used for the tunnel. While IP-in-IP encapsulation is the mandatory
standard, M can specify minimal encapsulation and G generic routing encapsulation. In the first
version of mobile IP (RFC 2002) the V bit specified the use of header compression according to
RFC 1144. Now the field r at the same bit position is set to zero and must be ignored. The new
field T indicates that reverse tunneling is supported by the FA. The following fields contain the
COAs advertised. A foreign agent setting the F bit must advertise at least one COA. A mobile
node in a subnet can now receive agent advertisements from either its home agent or a foreign
agent. This is one way for the MN to discover its location.
Agent Solicitation
If no agent advertisements are present or the inter-arrival time is too high, and an MN has
not received a COA by other means, the mobile node must send agent solicitations. Care must
be taken to ensure that these solicitation messages do not flood the network, but basically an MN
can search for an FA endlessly sending out solicitation messages. If a node does not receive an
answer to its solicitations it must decrease the rate of solicitations exponentially to avoid
flooding the network until it reaches a maximum interval between solicitations (typically one
minute). Discovering a new agent can be done anytime, not just if the MN is not connected to
one.
After these steps of advertisements or solicitations the MN can now receive a COA, either one
for an FA or a co-located COA.
Agent Registration
Having received a COA, the MN has to register with the HA. The main purpose of the
registration is to inform the HA of the current location for correct forwarding of packets.
Registration can be done in two different ways depending on the location of the COA.
If the COA is at the FA, the MN sends its registration request containing the COA to the
FA which forwards the request to the HA. The HA now sets up a mobility binding, containing
the mobile node’s home IP address and the current COA. It also contains the lifetime of the
registration which is negotiated during the registration process. Registration expires
automatically after the lifetime and is deleted; so, an MN should reregister before expiration.
This mechanism is necessary to avoid mobility bindings which are no longer used. After setting
up the mobility binding, the HA sends a reply message back to the FA which forwards it to the
MN.
Registration Request
The first field type is set to 1 for a registration request. With the S bit an MN can specify
if it wants the HA to retain prior mobility bindings. This allows for simultaneous bindings.
Setting the B bit generally indicates that an MN also wants to receive the broadcast packets
which have been received by the HA in the home network. If an MN uses a co-located COA, it
also takes care of the decapsulation at the tunnel endpoint. The D bit indicates this behavior. As
already defined for agent advertisements, the bits M and G denote the use of minimal
encapsulation or generic routing encapsulation, respectively. T indicates reverse tunneling, r and
x are set to zero.
Lifetime denotes the validity of the registration in seconds. A value of zero indicates
deregistration; all bits set indicates infinity. The home address is the fixed IP address of the MN,
home agent is the IP address of the HA, and COA represents the tunnel endpoint. The 64 bit
identification is generated by the MN to identify a request and match it with registration replies.
This field is used for protection against replay attacks of registrations. The extensions must at
least contain parameters for authentication
A registration reply, which is conveyed in a UDP packet, contains a type field set to 3
and a code indicating the result of the registration request.
Registration Reply
The lifetime field indicates how many seconds the registration is valid if it was
successful. Home address and home agent are the addresses of the MN and the HA,
respectively. The 64-bit identification is used to match registration requests with replies. The
value is based on the identification field from the registration and the authentication method.
Again, the extensions must at least contain parameters for authentication.
Encapsulation is the mechanism of taking a packet consisting of packet header and data
and putting it into the data part of a new packet. The reverse operation, taking a packet out of the
data part of another packet, is called decapsulation. Encapsulation and decapsulation are the
operations typically performed when a packet is transferred from a higher protocol layer to a
lower layer or from a lower to a higher layer respectively.
The HA takes the original packet with the MN as destination, puts it into the data part of
a new packet and sets the new IP header so that the packet is routed to the COA. The new header
is called outer header.
Mobile IP tunnelling
Ip-in-Ip Encapsulation
There are different ways of performing the encapsulation needed for the tunnel between
HA and COA. Mandatory for mobile IP is IP-in-IP encapsulation as specified in RFC 2003.
The following fig shows a packet inside the tunnel.
The version field ver is 4 for IP version 4, the internet header length (IHL) denotes the
length of the outer header in 32 bit words. DS(TOS) is just copied from the inner header, the
length field covers the complete encapsulated packet. The fields up to TTL have no special
meaning for mobile IP and are set according to RFC 791. TTL must be high enough so the
packet can reach the tunnel endpoint. The next field, here denoted with IP-in-IP, is the type of
the protocol used in the IP payload. This field is set to 4, the protocol type for IPv4 because
again an IPv4 packet follows after this outer header. IP checksum is calculated as usual. The
next fields are the tunnel entry as source address (the IP address of the HA) and the tunnel exit
point as destination address (the COA).
If no options follow the outer header, the inner header starts with the same fields as
above. This header remains almost unchanged during encapsulation, thus showing the original
sender CN and the receiver MN of the packet. The only change is TTL which is decremented by
1. This means that the whole tunnel is considered a single hop from the original packet’s point of
view. This is a very important feature of tunneling as it allows the MN to behave as if it were
attached to the home network. No matter how many real hops the packet has to take in the
tunnel, it is just one (logical) hop away for the MN. Finally, the payload follows the two headers.
Minimal encapsulation
Minimal encapsulation (RFC 2004) as shown below is an optional encapsulation method
for mobile IP which avoids repetitions of identical fields in IP-in-IP encapsulation. The tunnel
entry point and endpoint are specified.
The field for the type of the following header contains the value 55 for the minimal
encapsulation protocol. The inner header is different for minimal encapsulation. The type of the
following protocol and the address of the MN are needed. If the S bit is set, the original sender
address of the CN is included as omitting the source is quite often not an option. No field for
fragmentation offset is left in the inner header and minimal encapsulation does not work with
already fragmented packets.
The packet of one protocol suite with the original packet header and data is taken and a
new GRE header is prepended. Together this forms the new data part of the new packet. Finally,
the header of the second protocol suite is put in front.The following figure shows the fields of a
packet inside the tunnel between HA and COA using GRE as an encapsulation scheme according
to RFC 1701. The outer header is the standard IP header with HA as source address and COA as
destination address. The protocol type used in this outer IP header is 47 for GRE.
The GRE header starts with several flags indicating if certain fields are present or not. A
minimal GRE header uses only 4 bytes. The C bit indicates if the checksum field is present and
contains valid information. If C is set, the checksum field contains a valid IP checksum of the
GRE header and the payload. The R bit indicates if the offset and routing fields are present and
contain valid information. The offset represents the offset in bytes for the first source routing
entry. The routing field, if present, has a variable length and contains fields for source routing.
GRE also offers a key field which may be used for authentication. If this field is present, the K
bit is set. The sequence number bit S indicates if the sequence number field is present, if the s bit
is set, strict source routing is used.
The recursion control field (rec.) is an important field that additionally distinguishes
GRE from IP-in-IP and minimal encapsulation. This field represents a counter that shows the
number of allowed recursive encapsulations. The default value of this field should be 0, thus
allowing only one level of encapsulation. The following reserved fields must be zero and are
ignored on reception. The version field contains 0 for the GRE version. The following 2 byte
protocol field represents the protocol of the packet following the GRE header. The standard
header of the original packet follows with the source address of the correspondent node and the
destination address of the mobile node.
A simplified header of GRE following RFC 2784 is shown below.
The field C indicates again if a checksum is present. The next 5 bits are set to zero, then 7
reserved bits follow. The version field contains the value zero. The protocol type, again, defines
the protocol of the payload following RFC 3232. If the flag C is set, then checksum field and a
field called reserved1 follows. The latter field is constant zero set to zero follow.
Optimizations
If a scenario occurs, where if the MN is in the same subnetwork as the node to which it is
communicating and HA is on the other side of the world. It is called triangular routing problem
as it causes unnecessary overheads for the network between CN and the HA.
A solution to this problem is to inform the CN of the current location of the MN. The CN
can learn the location by caching it in a binding cache, which is a part of the routing table for the
CN. HA informs the CN of the location. It needs four additional messages:
Binding Request: It is sent by the node that wants to know the current location of an MN to the
HA. HA checks if it is allowed to reveal the location and then sends back a binding update
Binding update: It is sent by the HA to the CN revealing the current location of an MN. It
contains the fixed IP address of the MN and the COA. This message can request an
acknowledgement.
Binding acknowledgement: If requested, a node returns this acknowledgement after receiving a
binding update message
Binding warning: A node sends a binding warning if it decapsulates a packet for an MN, but it
is note the current FA of this MN. It contains MN’s home address and a target nodes address.
The recipient can be the HA, so the HA now sends a binding update to the node that obviously
has a wrong COA for the MN.
The following figure shows how the four additional messages are used together if an MN
changes its FA.
The CN can request the current location from the HA. If allowed by the MN, the HA
returns the COA of the MN via an update message. The CN acknowledges this update message
and stores the mobility binding. Now the CN can send its data directly to the current foreign
agent FAold. FAold forwards the packets to the MN. This scenario shows a COA located at an
FA. Encapsulation of data for tunneling to the COA is now done by the CN, not the HA.
The MN might now change its location and register with a new foreign agent, FAnew.
This registration is also forwarded to the HA to update its location database. Furthermore,
FAnew informs FAold about the new registration of MN. MN’s registration message contains
the address of FAold for this purpose. Passing this information is achieved via an update
message, which is acknowledged by FAold.
Without the information provided by the new FA, the old FA would not get to know
anything about the new location of MN. In this case, CN does not know anything about the new
location, so it still tunnels its packets for MN to the old FA, FAold. This FA now notices packets
with destination MN, but also knows that it is not the current FA of MN. FAold might now
forward these packets to the new COA of MN which is FAnew in this example. This forwarding
of packets is another optimization of the basic Mobile IP providing smooth handovers. Without
this optimization, all packets in transit would be lost while the MN moves from one FA to
another.
To tell CN that it has a stale binding cache, FAold sends, a binding warning message to
CN. CN then requests a binding update. (The warning could also be directly sent to the HA
triggering an update). The HA sends an update to inform the CN about the new location, which
is acknowledged. Now CN can send its packets directly to FAnew, again avoiding triangular
routing. Unfortunately, this optimization of mobile IP to avoid triangular routing causes several
security problems
Reverse Tunnelling
The reverse path from MS to the CN looks quite simple as the MN can directly send its
packets to the CN as in any other standard IP situation. The destination address in the packets is
that of CN. But it has some problems explained below:-
Quite often firewalls are designed to only allow packets with topologically correct addresses to
pass to provide simple protection against misconfigured systems of unknown addresses.
However, MN still sends packets with its fixed IP address as source which is not topologically
correct in a foreign network. Firewalls often filter packets coming from outside containing a
source address from computers of the internal network. This also implies that an MN cannot send
a packet to a computer residing in its home network.
While the nodes in the home network might participate in a multi-cast group, an MN in a foreign
network cannot transmit multi-cast packets in a way that they emanate from its home network
without a reverse tunnel. The foreign network might not even provide the technical infrastructure
for multi-cast communication (multi-cast backbone, Mbone).
If the MN moves to a new foreign network, the older TTL might be too low for the packets to
reach the same destination nodes as before. Mobile IP is no longer transparent if a user has to
adjust the TTL while moving. A reverse tunnel is needed that represents only one hop, no matter
how many hops are really needed from the foreign to the home network
Reverse Tunnelling
Packet Forwarding Reverse Tunnel
Reverse tunneling does not solve problems with firewalls, the reverse tunnel can be
abused to circumvent security mechanisms (tunnel hijacking) and optimization of data paths, i.e.
packets will be forwarded through the tunnel via the HA to a sender (double triangular routing)
IPv6
The design of Mobile IP support in IPv6 (Mobile IPv6) benefits both from the
experiences gained from the development of Mobile IP support in IPv4, and from the
opportunities provided by IPv6. Mobile IPv6 thus shares many features with Mobile IPv4, but is
integrated into IPv6 and offers many other improvements. This section summarizes the major
differences between Mobile IPv4 and Mobile IPv6:
There is no need to deploy special routers as "foreign agents", as in Mobile IPv4. Mobile
IPv6 operates in any location without any special support required from the local router.
Support for route optimization is a fundamental part of the protocol, rather than a
nonstandard set of extensions.
Mobile IPv6 route optimization can operate securely even without pre-arranged security
associations. It is expected that route optimization can be deployed on a global scale between all
mobile nodes and correspondent nodes.
Support is also integrated into Mobile IPv6 for allowing route optimization to coexist
efficiently with routers that perform "ingress filtering"
The IPv6 Neighbor Unreachability Detection assures symmetric reachability between the
mobile node and its default router in the current location.
Most packets sent to a mobile node while away from home in Mobile IPv6 are sent using
an IPv6 routing header rather than IP encapsulation, reducing the amount of resulting overhead
compared to Mobile IPv4.
Mobile IPv6 is decoupled from any particular link layer, as it uses IPv6 Neighbor
Discovery instead of ARP. This also improves the robustness of the protocol.
The use of IPv6 encapsulation (and the routing header) removes the need in Mobile IPv6
to manage "tunnel soft state".
The dynamic home agent address discovery mechanism in Mobile IPv6 returns a single
reply to the mobile node. The directed broadcast approach used in IPv4 returns separate replies
from each home agent.
DHCP is based on a client/server model as shown below. DHCP clients send a request to
a server (DHCPDISCOVER in the example) to which the server responds. A client sends
requests using MAC broadcasts to reach all devices in the LAN. A DHCP relay might be needed
to forward requests across inter-working units to a DHCP server.
Consider the scenario where there is one client and two servers are present. A typical
initialization of a DHCP client is shown below:
the client broadcasts a DHCPDISCOVER into the subnet. There might be a relay to
forward this broadcast. In the case shown, two servers receive this broadcast and determine the
configuration they can offer to the client. Servers reply to the client’s request with DHCPOFFER
and offer a list of configuration parameters. The client can now choose one of the configurations
offered. The client in turn replies to the servers, accepting one of the configurations and rejecting
the others using DHCPREQUEST. If a server receives a DHCPREQUEST with a rejection, it
can free the reserved configuration for other possible clients. The server with the configuration
accepted by the client now confirms the configuration with DHCPACK. This completes the
initialization phase. If a client leaves a subnet, it should release the configuration received by the
server using DHCPRELEASE. Now the server can free the context stored for the client and offer
the configuration again. The configuration a client gets from a server is only leased for a certain
amount of time, it has to be reconfirmed from time to time. Otherwise the server will free the
configuration. This timeout of configuration helps in the case of crashed nodes or nodes moved
away without releasing the context.
DHCP is a good candidate for supporting the acquisition of care-of addresses for mobile
nodes. The same holds for all other parameters needed, such as addresses of the default router,
DNS servers, the timeserver etc. A DHCP server should be located in the subnet of the access
point of the mobile node, or at least a DHCP relay should provide forwarding of the messages.
RFC 3118 specifies authentication for DHCP messages so as to provide protection from
malicious DHCP servers. Without authentication, a DHCP server cannot trust the mobile node
and vice versa…
The Transmission Control Protocol (TCP) is one of the core protocols of the Internet
protocol suite, often simply referred to as TCP/IP. TCP is reliable, guarantees in-order delivery
of data and incorporates congestion control and flow control mechanisms.
TCP supports many of the Internet's most popular application protocols and resulting
applications, including the World Wide Web, e-mail, File Transfer Protocol and Secure Shell. In
the Internet protocol suite, TCP is the intermediate layer between the Internet layer and
application layer.
The major responsibilities of TCP in an active session are to:
• Provide reliable in-order transport of data: to not allow losses of data.
• Control congestions in the networks: to not allow degradation of the network performance,
• Control a packet flow between the transmitter and the receiver: to not exceed the receiver's
capacity.
TCP uses a number of mechanisms to achieve high performance and avoid 'congestion
collapse', where network performance can fall by several orders of magnitude. These
mechanisms control the rate of data entering the network, keeping the data flow below a rate that
would trigger collapse. There are several mechanisms of TCP that influence the efficiency of
TCP in a mobile environment. Acknowledgments for data sent, or lack of acknowledgments, are
used by senders to implicitly interpret network conditions between the TCP sender and receiver.
Congestion Control
A transport layer protocol such as TCP has been designed for fixed networks with fixed
end- systems. Congestion may appear from time to time even in carefully designed networks.
The packet buffers of a router are filled and the router cannot forward the packets fast enough
because the sum of the input rates of packets destined for one output link is higher than the
capacity of the output link. The only thing a router can do in this situation is to drop packets. A
dropped packet is lost for the transmission, and the receiver notices a gap in the packet stream.
Now the receiver does not directly tell the sender which packet is missing, but continues to
acknowledge all in-sequence packets up to the missing one. The sender notices the missing
acknowledgement for the lost packet and assumes a packet loss due to congestion.
Retransmitting the missing packet and continuing at full sending rate would now be unwise, as
this might only increase the congestion. To mitigate congestion, TCP slows down the
transmission rate dramatically. All other TCP connections experiencing the same congestion do
exactly the same so the congestion is soon resolved. Slow start TCP’s reaction to a missing
acknowledgement is quite drastic, but it is necessary to get rid of congestion quickly. The
behavior TCP shows after the detection of congestion is called slow start. The sender always
calculates a congestion window for a receiver. The start size of the congestion window is one
segment (TCP packet). The sender sends one packet and waits for acknowledgement. If this
acknowledgement arrives, the sender increases the congestion window by one, now sending two
packets (congestion window = 2). This scheme doubles the congestion window every time the
acknowledgements come back, which takes one round trip time (RTT). This is called the
exponential growth of the congestion window in the slow start mechanism.
But doubling the congestion window is too dangerous. The exponential growth stops at
the congestion threshold. As soon as the congestion window reaches the congestion threshold,
further increase of the transmission rate is only linear by adding 1 to the congestion window each
time the acknowledgements come back.
Linear increase continues until a time-out at the sender occurs due to a missing
acknowledgement, or until the sender detects a gap in transmitted data because of continuous
acknowledgements for the same packet. In either case the sender sets the congestion threshold to
half of the current congestion window. The congestion window itself is set to one segment and
the sender starts sending a single segment. The exponential growth starts once more up to the
new congestion threshold, then the window grows in linear fashion.
The foreign agent acts as a proxy and relays all data in both directions. If CH
(correspondent host) sends a packet to the MH, the FA acknowledges it and forwards it to the
MH. MH acknowledges on successful reception, but this is only used by the FA. If a packet is
lost on the wireless link, CH doesn’t observe it and FA tries to retransmit it locally to maintain
reliable data transport. If the MH sends a packet, the FA acknowledges it and forwards it to CH.
If the packet is lost on the wireless link, the mobile hosts notice this much faster due to the lower
round trip time and can directly retransmit the packet. Packet loss in the wired network is now
handled by the foreign agent.
Advantages of I-TCP
No changes in the fixed network necessary, no changes for the hosts (TCP protocol)
necessary, all current optimizations to TCP still work
Simple to control, mobile TCP is used only for one hop between, e.g., a foreign agent and
mobile host
1. transmission errors on the wireless link do not propagate into the fixed network
2. therefore, a very fast retransmission of packets is possible, the short delay on the mobile hop s
known
It is always dangerous to introduce new mechanisms in a huge network without knowing
exactly how they behave.
New optimizations can be tested at the last hop, without jeopardizing the stability of the
Internet.
It is easy to use different protocols for wired and wireless networks.
Disadvantages of I-TCP
Loss of end-to-end semantics:- an acknowledgement to a sender no longer means that a
receiver really has received a packet, foreign agents might crash.
Higher latency possible:- due to buffering of data within the foreign agent and forwarding
to a new foreign agent
Security issue:- The foreign agent must be a trusted entity
Snooping TCP
The main drawback of I-TCP is the segmentation of the single TCP connection into two
TCP connections, which loses the original end-to-end TCP semantic. A new enhancement, which
leaves the TCP connection intact and is completely transparent, is Snooping TCP. The main
function is to buffer data close to the mobile host to perform fast local retransmission in case of
packet loss.
Here, the foreign agent buffers all packets with destination mobile host and additionally
‘snoops’ the packet flow in both directions to recognize acknowledgements. The foreign agent
buffers every packet until it receives an acknowledgement from the mobile host. If the FA does
not receive an acknowledgement from the mobile host within a certain amount of time, either the
packet or the acknowledgement has been lost. Alternatively, the foreign agent could receive a
duplicate ACK which also shows the loss of a packet. Now, the FA retransmits the packet
directly from the buffer thus performing a faster retransmission compared to the CH. For
transparency, the FA does not acknowledge data to the CH, which would violate end-to-end
semantic in case of a FA failure. The foreign agent can filter the duplicate acknowledgements to
avoid unnecessary retransmissions of data from the correspondent host. If the foreign agent now
crashes, the time-out of the correspondent host still works and triggers a retransmission. The
foreign agent may discard duplicates of packets already retransmitted locally and acknowledged
by the mobile host. This avoids unnecessary traffic on the wireless link.
For data transfer from the mobile host with destination correspondent host, the FA snoops into
the packet stream to detect gaps in the sequence numbers of TCP. As soon as the foreign agent
detects a missing packet, it returns a negative acknowledgement (NACK) to the mobile host. The
mobile host can now retransmit the missing packet immediately. Reordering of packets is done
automatically at the correspondent host by TCP.
Mobile TCP
Both I-TCP and Snooping TCP does not help much, if a mobile host gets disconnected.
The M-TCP (mobile TCP) approach has the same goals as I-TCP and snooping TCP: to prevent
the sender window from shrinking if bit errors or disconnection but not congestion cause current
problems. M-TCP wants to improve overall throughput, to lower the delay, to maintain end-to-
end semantics of TCP, and to provide a more efficient handover. Additionally, M-TCP is
especially adapted to the problems arising from lengthy or frequent disconnections. M-TCP
splits the TCP connection into two parts as I-TCP does. An unmodified TCP is used on the
standard host-supervisory host (SH) connection, while an optimized TCP is used on the SH-MH
connection.
The SH monitors all packets sent to the MH and ACKs returned from the MH. If the SH
does not receive an ACK for some time, it assumes that the MH is disconnected. It then chokes
the sender by setting the sender’s window size to 0. Setting the window size to 0 forces the
sender to go into persistent mode, i.e., the state of the sender will not change no matter how
long the receiver is disconnected. This means that the sender will not try to retransmit data. As
soon as the SH (either the old SH or a new SH) detects connectivity again, it reopens the window
of the sender to the old value. The sender can continue sending at full speed. This mechanism
does not require changes to the sender’s TCP. The wireless side uses an adapted TCP that can
recover from packet loss much faster. This modified TCP does not use slow start, thus, M-TCP
needs a bandwidth manager to implement fair sharing over the wireless link.
Advantages of M-TCP:
It maintains the TCP end-to-end semantics. The SH does not send any ACK itself but
forwards the ACKs from the MH.
If the MH is disconnected, it avoids useless retransmissions, slow starts or breaking
connections by simply shrinking the sender’s window to 0.
As no buffering is done as in I-TCP, there is no need to forward buffers to a new SH.
Lost packets will be automatically retransmitted to the SH.
Disadvantages of M-TCP:
As the SH does not act as proxy as in I-TCP, packet loss on the wireless link due to bit
errors is propagated to the sender. M-TCP assumes low bit error rates, which is not always a
valid assumption.
A modified TCP on the wireless link not only requires modifications to the MH protocol
software but also new network elements like the bandwidth manager.
Transmission/time-out freezing
Often, MAC layer notices connection problems even before the connection is actually
interrupted from a TCP point of view and also knows the real reason for the interruption. The
MAC layer can inform the TCP layer of an upcoming loss of connection or that the current
interruption is not caused by congestion. TCP can now stop sending and ‘freezes’ the current
state of its congestion window and further timers. If the MAC layer notices the upcoming
interruption early enough, both the mobile and correspondent host can be informed. With a fast
interruption of the wireless link, additional mechanisms in the access point are needed to inform
the correspondent host of the reason for interruption. Otherwise, the correspondent host goes into
slow start assuming congestion and finally breaks the connection.
As soon as the MAC layer detects connectivity again, it signals TCP that it can resume
operation at exactly the same point where it had been forced to stop. For TCP time simply does
not advance, so no timers expire.
Advantages:
It offers a way to resume TCP connections even after long interruptions of the
connection.
It can be used together with encrypted data as it is independent of other TCP mechanisms
such as sequence no or acknowledgements
Disadvantages:
Lots of changes have to be made in software of MH, CH and FA.
Selective retransmission
A very useful extension of TCP is the use of selective retransmission. TCP
acknowledgements are cumulative, i.e., they acknowledge in-order receipt of packets up to a
certain packet. A single acknowledgement confirms reception of all packets upto a certain
packet. If a single packet is lost, the sender has to retransmit everything starting from the lost
packet (go-back-n retransmission). This obviously wastes bandwidth, not just in the case of a
mobile network, but for any network. Using selective retransmission, TCP can indirectly request
a selective retransmission of packets. The receiver can acknowledge single packets, not only
trains of in-sequence packets. The sender can now determine precisely which packet is needed
and can retransmit it. The advantage of this approach is obvious: a sender retransmits only the
lost packets. This lowers bandwidth requirements and is extremely helpful in slow wireless links.
The disadvantage is that a more complex software on the receiver side is needed. Also more
buffer space is needed to resequence data and to wait for gaps to be filled.
Transaction-oriented TCP
Assume an application running on the mobile host that sends a short request to a server
from time to time, which responds with a short message and it requires reliable TCP transport of
the packets. For it to use normal TCP, it is inefficient because of the overhead involved. Standard
TCP is made up of three phases: setup, data transfer and release. First, TCP uses a three-way
handshake to establish the connection. At least one additional packet is usually needed for
transmission of the request, and requires three more packets to close the connection via a three-
way handshake. So, for sending one data packet, TCP may need seven packets altogether. This
kind of overhead is acceptable for long sessions in fixed networks, but is quite inefficient for
short messages or sessions in wireless networks. This led to the development of transaction-
oriented TCP (T/TCP).
T/TCP can combine packets for connection establishment and connection release with
user data packets. This can reduce the number of packets down to two instead of seven. The
obvious advantage for certain applications is the reduction in the overhead which standard TCP
has for connection setup and connection release. Disadvantage is that it requires changes in the
software in mobile host and all correspondent hosts. This solution does not hide mobility
anymore. Also, T/TCP exhibits several security problems.