Intro
-----
This post addresses section 9.8.3 and 10.{16,17} in the Mobile IPv6
draft,concerning Tunneled Router Solicitations and Advertisements. As I
posted on the Mobile IP mailing list, the procedure proposed in these
sections will not work when a MN is in the process of configuration and
without a Home Address. Below, I will recommend an alternate solution
which will cover this possibility.
Since I am posting this to the IPng mailing list, I will reiterate some
of the problem.
Background of Problem
---------------------
A Mobile Node, when configuring itself, may first configure its (global)
COA, then find its Home Agent's address, and send a Tunneled Router
Solicitation, in order to get prefix info to configure its normal Home
Address(es).
In 10.16, the MN without a HAddr encapsulates a RS using an inner source
address of 0::0 (unspecified). The HA receiving this packet is justified
in removing the outer layer without saving any state, meaning it would
then be presented with a packet coming from an unspecified address. This
is, at the least, problematic and annoying. The HA could be forced to
keep the outer source address (COA) around, which would solve this.
In 9.8.3, the draft instructs Home Agents to tunnel the RA to the MN
using the MN's COA using a routing header containing the address 0::0.
As Ken Powell pointed out:
> This also violates the addressing architecture, RFC 2373 section
> 2.5.2:
>
> The unspecified address must not be used as the destination address
> of IPv6 packets or in IPv6 Routing Headers.
One possible solution is forming a temporary Home Address; however,
there is no advantage to doing this other than to provide routability.
If the temporary HAddr is already in use, the HA can not send a packet
to that address with a Routing Hdr, and so it does not solve the
problem.
Solution
--------
The solution to this problem involves two steps: relaxing a Neighbor
Discovery rule on the HA and MN, and creating a mobility processing rule
on the HA and MN. Now RS/RA can be sent without any special Mobile IP
headers, and look very similar to normal RS/RA, except that they are
routed unicast packets. This solution is very general, and uses the COA
and HA addr only, so it does not matter whether the MN does, or does
not, have an HAddr.
RELAXING TTL:
1. An unicast Router Solicitation arriving at an Home Agent is NOT
discarded if the TTL < 255 (off-link, from MN).
2. An unicast Router Advertisement arriving at a Mobile Node is NOT
discarded if the TTL < 255 (off-link, from HA)
MOBILITY PROCESSING:
1. The Home Agent receiving a Router Solicitation with TTL<255 (from off
link) knows that this is a request from a MN, and will include extra
Prefix Information as per the draft.
2. The Mobile Node receiving a Router Advertisement with TTL<255 knows
that this was sent from a HA and contains HA prefix info and it should
be processed differently by Mobile IP code to create HAddr(s).
Recap Of Changes From Current Draft
-----------------------------------
We are removing
- encapsulation on RS
- routing header on RA
We are adding
- a rule that TTL<255 is allowed and specifies mobility signaling
- RS and RA come into/out of COA on MN. HAddr is not used for this
info.
This buys us
- mobile nodes without an HAddr are now routable
- simplification and shortening of messages
-
Open Issues
-----------
SECURITY:
The Router Solicitation must be protected by an Authentication Header.
This is already a requirement.
The Router Advertisement should/may be encrypted. If it is not, note
that prefix information about the home network will be available for
inspection along the path the RA travels. This security issue is the
same as what exists in the current version.
I am open for comments on this idea.
--
T.J. Kniveton
NOKIA Research Center
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
