Mobile IP

Mobile IP UsesEnable computers to maintain Internet connectivity while moving from one Internet attachment point to anotherMobile user's point of attachment changes dynamically and all connections are automatically maintained despite the changeNomadic - user's Internet connection is terminated each time the user moves and a new connection is initiated when the user dials back inNew, temporary IP address is assigned

Operation of Mobile IPMobile node is assigned to a particular network home networkIP address on home network is static home addressMobile node can move to another network foreign networkMobile node registers with network node on foreign network foreign agent (typically a router)Mobile node gives care-of address to agent on home network home agent

Operation of Mobile IP

Operation of Mobile IPWhen IP datagrams are exchanged over a connection between the mobile node and another host, the following operations occur:

Operation of Mobile IP1. Server X transmits an IP datagram destined for mobile node A, with A's home address in the IP header. The IP datagram is routed to A's home network.2. At the home network, the incoming IP datagram is intercepted by the home agent. The home agent encapsulates the entire datagram inside a new IP datagram that has the A's care-of address in the header, and retransmits the datagram. The use of an outer IP datagram with a different destination IP address is known as tunneling. This IP datagram is routed to the foreign agent.3. The foreign agent strips off the outer IP header, encapsulates the original IP datagram in a network-level PDU* (e.g., a LAN LLC frame), and delivers the original datagram to A across the foreign network. [*PDUProtocol data unit]

Operation of Mobile IP4. When A sends IP traffic to X, it uses X's IP address. In our example, this is a fixed address; that is, X is not a mobile node. Each IP datagram is sent by A to a router on the foreign network for routing to X. Typically, this router is also the foreign agent.5. The IP datagram from A to X travels directly across the Internet to X, using X's IP address.

Capabilities of Mobile IPDiscovery mobile node uses discovery procedure to identify prospective home and foreign agentsRegistration mobile node uses an authenticated registration procedure to inform home agent of its care-of addressTunneling used to forward IP datagrams from a home address to a care-of address

Capabilities of Mobile IPFigure indicates the underlying protocol support for the Mobile IP capability.

Some useful terminology from RFC 2002

Some useful terminology from RFC 2002

DiscoveryThe discovery process in Mobile IP is very similar to the Router Advertisement process defined in ICMP (Internet Control Message Protocol - is a connectionless protocol)

Mobile node is responsible for ongoing discovery processMust determine if it is attached to its home network or a foreign network

Transition from home network to foreign network can occur at any time without notification to the network layer.

Mobile node listens for agent advertisement messagesCompares network portion of the router's IP address with the network portion of home address

Discovery

The agent advertisement extension follows the ICMP router advertisement fields and consists of the following fields:Type: Indicates that this is an agent advertisement.Length: Number of bytes in the extension, excluding the Type and Length fields. The value is (6 + 4N), where N is the number of care-of addresses advertised.Sequence Number: The count of agent advertisement messages sent since the agent was initialized.Discovery

The agent advertisement extension follows the ICMP router advertisement fields and consists of the following fields:Lifetime: The longest lifetime, in seconds, that this agent is willing to accept a registration request from a mobile node.R: Registration with this foreign agent is required (or another foreign agent on this network). Even those mobile nodes that have already acquired a care-of address from this foreign agent must re-register.Discovery

B: Busy. The foreign agent will not accept registrations from additional mobile nodes.H: This agent offers services as a home agent on this network.F: This agent offers services as a foreign agent on this network.M: This agent can receive tunneled IP datagrams that use minimal encapsulation, explained subsequently.Discovery

G: This agent can receive tunneled IP datagrams that use GRE encapsulation, explained subsequently.r: reserved.T: Foreign agent supports reverse tunneling.Care-Of Address: The care-of address or addresses supported by this agent on this network. There must be at least one such address if the F bit is set. There may be multiple addresses.Discovery

Registration ProcessOnce a mobile node has recognized that it is on a foreign network and has acquired a care-of address, it needs to alert a home agent on its home network and request that the home agent forward its IP traffic.Involves four steps:Mobile node sends registration request to foreign agent requesting forwarding serviceForeign agent relays request to home agentHome agent accepts or denies request and sends registration reply to foreign agentForeign agent relays reply to mobile nodeIf the mobile node uses a care-of address, then it registers directly with its home agent, rather than going through a foreign agent.

Registration Operation MessagesThe registration operation uses two types of messages:Registration request messageFields such as: type, lifetime, home address, home agent, care-of-address, identification, extensions, etc.

Registration reply messageFields = type, code, lifetime, home address, home agent, identification, extensions.

Registration Operation MessagesThe Registration Request Message consists of the following fields:

The Registration Reply Message consists of the following fields:Registration Operation Messages

The registration request message consists of the following fields:Type: Indicates that this is a registration request.S: Simultaneous bindings. B: Broadcast datagrams. Indicates that the mobile node would like to receive copies of broadcast datagrams that it would have received if it were attached to its home network.Registration Operation Messages

D: Decapsulation by mobile node. The mobile node is using a co-located care-of address and will decapsulate its own tunneled IP datagrams.M: Indicates that the home agent should use minimal encapsulation, explained subsequently.G: Indicates that the home agent should use GRE encapsulation, explained subsequently.r: Reserved.T: Reverse tunneling requested.x: Reserved.Registration Operation Messages

Lifetime: The number of seconds before the registration is considered expired. A value of zero is a request for de-registration.Home Address: The home IP address of the mobile node. The home agent can expect to receive IP datagrams with this as a destination address, and must forward those to the care-of address.Home Agent: The IP address of the mobile node's home agent. This informs the foreign agent of the address to which this request should be relayed.Registration Operation Messages

Care-Of Address: The IP address at this end of the tunnel. The home agent should forward IP datagrams that it receives with mobile node's home address to this destination address.Identification: A 64-bit number generated by the mobile node, used for matching registration requests to registration replies and for security purposes, as explained subsequently.Extensions: The only extension so far defined is the authentication extension, explained subsequently.Registration Operation Messages

The registration reply message consists of the following fields:Type: 3, indicates that this is a registration reply.Code: Indicates result of the registration requestLifetime: If the code field indicates that the registration was accepted, the number of seconds before the registration is considered expired. A value of zero indicates that the mobile node has been de-registered.Home Address: The home IP address of the mobile node.Home Agent: The IP address of the mobile node's home agent.Registration Operation Messages

Mobile IP designed to resist attacksNode pretending to be a foreign agent sends registration request to a home agent to divert mobile node traffic to itselfAgent replays old registration messages to cut mobile node from networkFor message authentication, registration request and reply contain authentication extensionFields = type, length, security parameter index (SPI), authenticatorRegistration Operation Messages

Types of Authentication ExtensionsMobile-home provides for authentication of registration messages between mobile node and home agent; must be presentMobile-foreign may be present when a security association exists between mobile node and foreign agentForeign-home may be present when a security association exists between foreign agent and home agent

TunnelingHome agent intercepts IP datagrams sent to mobile node's home addressHome agent informs other nodes on home network that datagrams to mobile node should be delivered to home agentDatagrams forwarded to care-of address via tunneling Datagram encapsulated in outer IP datagram

Mobile IP Encapsulation OptionsIP-within-IP entire IP datagram becomes payload in new IP datagramOriginal, inner IP header unchanged except TTL decremented by 1Outer header is a full IP headerMinimal encapsulation new header is inserted between original IP header and original IP payloadOriginal IP header modified to form new outer IP headerGeneric routing encapsulation (GRE) developed prior to development of Mobile IP

Wireless Application Protocol (WAP)Open standard providing mobile users of wireless terminals access to telephony and information servicesWireless terminals include wireless phones, pagers and personal digital assistants (PDAs)Designed to work with all wireless network technologies such as GSM, CDMA, and TDMABased on existing Internet standards such as IP, XML, HTML, and HTTPIncludes security facilities

WAP Protocol Stack

WAP Programming Model

Wireless Markup Language (WML) FeaturesText and image support formatting and layout commandsDeck/card organizational metaphor WML documents subdivided into cards, which specify one or more units of interactionSupport for navigation among cards and decks includes provisions for event handling; used for navigation or executing scripts

Hello World WAP

WMLScriptScripting language for defining script-type programs in a user device with limited processing power and memoryWMLScript capabilities:Check validity of user input before its sentAccess device facilities and peripheralsInteract with user without introducing round trips to origin server

WMLScript WMLScript features:JavaScript-based scripting language WMLScript is a subset of JavaScript, with some extensionsProcedural logic WMLScript adds the power of procesural logic to the Wireless Application Environment (WAE)Event-based WMLScript may be invoked in response to certain user or environmental eventsCompiled implementation WMLScript can be compiled down to a more efficient byte code that is transported to the clientIntegrated into WAE WMLScript is fully integrated with the WML browser

Wireless Application Environment (WAE)WAE specifies an application framework for wireless devicesWAE elements:WAE User agents software that executes in the wireless deviceContent generators applications that produce standard content formats in response to requests from user agents in the mobile terminalStandard content encoding defined to allow a WAE user agent to navigate Web contentWireless telephony applications (WTA) collection of telephony-specific extensions for call and feature control mechanisms

WAE Client Components

Wireless Session Protocol (WSP)Transaction-oriented protocol based on the concept of a request and a replyProvides applications with interface for two session services:Connection-oriented session service operates above reliable transport protocol WTPConnectionless session service operates above unreliable transport protocol WDP

Connection-mode WSP ServicesEstablish reliable session from client to server and releaseAgree on common level of protocol functionality using capability negotiationExchange content between client and server using compact encodingSuspend and resume a sessionPush content from server to client in an unsynchronized manner

WSP Transaction TypesSession establishment client WSP user requests session with server WSP userSession termination client WSP user initiates terminationSession suspend and resume initiated with suspend and resume requestsTransaction exchange of data between a client and serverNonconfirmed data push used to send unsolicited information from server to clientConfirmed data push server receives delivery confirmation from client

Wireless Transaction Protocol (WTP)Lightweight protocol suitable for "thin" clients and over low-bandwidth wireless linksWTP featuresThree classes of transaction serviceOptional user-to-user reliability: WTP user triggers confirmation of each received messageOptional out-of-band data on acknowledgmentsProtocol Data Unit (PDU) concatenation and delayed acknowledgment to reduce the number of messages sentAsynchronous transactions

WTP Transaction ClassesClass 0: Unreliable invoke message with no result messageClass 1: Reliable invoke message with no result messageClass 2: Unreliable invoke message with one reliable result message

WTP PDU TypesInvoke PDU used to convey a request from an initiator to a responderACK PDU used to acknowledge an Invoke or Result PDUResult PDU used to convey response of the server to the clientAbort PDU used to abort a transactionSegmented invoke PDU and segmented result PDU used for segmentation and reassemblyNegative acknowledgment PDU used to indicate that some packets did not arrive

Examples of WTP Operation

Wireless Transport Layer Security (WTLS) FeaturesData integrity ensures that data sent between client and gateway are not modified, using message authenticationPrivacy ensures that the data cannot be read by a third party, using encryptionAuthentication establishes authentication of the two parties, using digital certificatesDenial-of-service protection detects and rejects messages that are replayed or not successfully verified

WTLS Protocol StackWTLS consists of two layers of protocolsWTLS Record Protocol provides basic security services to various higher-layer protocolsHigher-layer protocols:The Handshake ProtocolThe Change Cipher Spec ProtocolThe Alert Protocol

WTLS Record Protocol Operation

Phases of the Handshake Protocol ExchangeFirst phase used to initiate a logical connection and establish security capabilitiesSecond phase used for server authentication and key exchangeThird phase used for client authentication and key exchangeForth phase completes the setting up of a secure connection

Wireless Datagram Protocol (WDP)Used to adapt higher-layer WAP protocol to the communication mechanism used between mobile node and WAP gatewayWDP hides details of the various bearer networks from the other layers of WAPAdaptation may include:Partitioning data into segments of appropriate size for the bearerInterfacing with the bearer network

Wireless Control Message Protocol (WCMP)Performs the same support function for WDP as ICMP does for IPUsed in environments that dont provide IP bearer and dont lend themselves to the use of ICMPUsed by wireless nodes and WAP gateways to report errors encountered in processing WDP datagramsCan also be used for informational and diagnostic purposes

SourcesFromWilliam Stallings - Wireless communications and networks /Second Edition, Prentice Hall 2005 Chapter 12

DatagramA self-contained, independent entity of data carrying sufficient information to be routed from the source to the destination computer without reliance on earlier exchanges between this source and destination computer and the transporting network.BACK