TOC 
MIP4 Working GroupC. Perkins, Ed.
Internet-DraftWiChorus Inc.
Intended status: Standards TrackNovember 03, 2008
Expires: May 7, 2009 


IP Mobility Support for IPv4, revised
draft-ietf-mip4-rfc3344bis-07

Status of this Memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on May 7, 2009.

Abstract

This document specifies protocol enhancements that allow transparent routing of IP datagrams to mobile nodes in the Internet. Each mobile node is always identified by its home address, regardless of its current point of attachment to the Internet. While situated away from its home, a mobile node is also associated with a care-of address, which provides information about its current point of attachment to the Internet. The protocol provides for registering the care-of address with a home agent. The home agent sends datagrams destined for the mobile node through a tunnel to the care-of address. After arriving at the end of the tunnel, each datagram is then delivered to the mobile node.



Table of Contents

1.  Introduction
    1.1.  Protocol Requirements
    1.2.  Goals
    1.3.  Assumptions
    1.4.  Applicability
    1.5.  New Architectural Entities
    1.6.  Terminology
    1.7.  Protocol Overview
    1.8.  Message Format and Protocol Extensibility
    1.9.  Type-Length-Value Extension Format for Mobile IP Extensions
    1.10.  Long Extension Format
    1.11.  Short Extension Format
2.  Agent Discovery
    2.1.  Agent Advertisement
        2.1.1.  Mobility Agent Advertisement Extension
        2.1.2.  Prefix-Lengths Extension
        2.1.3.  One-byte Padding Extension
    2.2.  Agent Solicitation
    2.3.  Foreign Agent and Home Agent Considerations
        2.3.1.  Advertised Router Addresses
        2.3.2.  Sequence Numbers and Rollover Handling
    2.4.  Mobile Node Considerations
        2.4.1.  Registration Required
        2.4.2.  Move Detection
        2.4.3.  Returning Home
        2.4.4.  Sequence Numbers and Rollover Handling
3.  Registration
    3.1.  Registration Overview
    3.2.  Authentication
    3.3.  Registration Request
    3.4.  Registration Reply
    3.5.  Registration Extensions
        3.5.1.  Computing Authentication Extension Values
        3.5.2.  Mobile-Home Authentication Extension
        3.5.3.  Mobile-Foreign Authentication Extension
        3.5.4.  Foreign-Home Authentication Extension
    3.6.  Mobile Node Considerations
        3.6.1.  Sending Registration Requests
        3.6.2.  Receiving Registration Replies
        3.6.3.  Registration Retransmission
    3.7.  Foreign Agent Considerations
        3.7.1.  Configuration and Registration Tables
        3.7.2.  Receiving Registration Requests
        3.7.3.  Receiving Registration Replies
    3.8.  Home Agent Considerations
        3.8.1.  Configuration and Registration Tables
        3.8.2.  Receiving Registration Requests
        3.8.3.  Sending Registration Replies
4.  Routing Considerations
    4.1.  Encapsulation Types
    4.2.  Unicast Datagram Routing
        4.2.1.  Mobile Node Considerations
        4.2.2.  Foreign Agent Considerations
        4.2.3.  Home Agent Considerations
    4.3.  Broadcast Datagrams
    4.4.  Multicast Datagram Routing
    4.5.  Mobile Routers
    4.6.  ARP, Proxy ARP, and Gratuitous ARP
5.  Security Considerations
    5.1.  Message Authentication Codes
    5.2.  Areas of Security Concern in this Protocol
    5.3.  Key Management
    5.4.  Picking Good Random Numbers
    5.5.  Privacy
    5.6.  Ingress Filtering
    5.7.  Replay Protection for Registration Requests
        5.7.1.  Replay Protection using Timestamps
        5.7.2.  Replay Protection using Nonces
6.  IANA Considerations
    6.1.  Mobile IP Message Types
    6.2.  Extensions to RFC 1256 Router Advertisement
    6.3.  Extensions to Mobile IP Registration Messages
    6.4.  Code Values for Mobile IP Registration Reply Messages
7.  Acknowledgments
8.  References
    8.1.  Normative References
    8.2.  Informative References
Appendix A.  Patent Issues
Appendix B.  Link-Layer Considerations
Appendix C.  TCP Considerations
    C.1.  TCP Timers
    C.2.  TCP Congestion Management
Appendix D.  Example Scenarios
    D.1.  Registering with a Foreign Agent Care-of Address
    D.2.  Registering with a Co-Located Care-of Address
    D.3.  Deregistration
Appendix E.  Applicability of Prefix-Lengths Extension
Appendix F.  Interoperability Considerations
Appendix G.  Changes since RFC 2002
    G.1.  Recent Changes
    G.2.  Major Changes
    G.3.  Minor Changes
    G.4.  Changes since RFC3344
Appendix H.  Example Messages
    H.1.  Example ICMP Agent Advertisement Message Format
    H.2.  Example Registration Request Message Format
    H.3.  Example Registration Reply Message Format
§  Author's Address
§  Intellectual Property and Copyright Statements




 TOC 

1.  Introduction

IP version 4 assumes that a node's IP address uniquely identifies the node's point of attachment to the Internet. Therefore, a node must be located on the network indicated by its IP address in order to receive datagrams destined to it; otherwise, datagrams destined to the node would be undeliverable. For a node to change its point of attachment without losing its ability to communicate, currently one of the two following mechanisms must typically be employed:

Both of these alternatives are often unacceptable. The first makes it impossible for a node to maintain transport and higher-layer connections when the node changes location. The second has obvious and severe scaling problems, especially relevant considering the explosive growth in sales of notebook (mobile) computers.

A new, scalable, mechanism is required for accommodating node mobility within the Internet. This document defines such a mechanism, which enables nodes to change their point of attachment to the Internet without changing their IP address.

Changes between this revised specification for Mobile IP and the original specifications (see [40] (Perkins, C., “IP Mobility Support,” October 1996.),[15] (Perkins, C., “IP Encapsulation within IP,” October 1996.),[16] (Perkins, C., “Minimal Encapsulation within IP,” October 1996.),[21] (Solomon, J., “Applicability Statement for IP Mobility Support,” October 1996.),[4] (Cong, D., Hamlen, M., and C. Perkins, “The Definitions of Managed Objects for IP Mobility Support using SMIv2,” October 1996.)) are detailed in Appendix G (Changes since RFC 2002).



 TOC 

1.1.  Protocol Requirements

A mobile node must be able to communicate with other nodes after changing its link-layer point of attachment to the Internet, yet without changing its IP address.

A mobile node must be able to communicate with other nodes that do not implement these mobility functions. No protocol enhancements are required in hosts or routers that are not acting as any of the new architectural entities introduced in Section 1.5 (New Architectural Entities).

All messages used to update another node as to the location of a mobile node must be authenticated in order to protect against remote redirection attacks.



 TOC 

1.2.  Goals

The link by which a mobile node is directly attached to the Internet may often be a wireless link. This link may thus have a substantially lower bandwidth and higher error rate than traditional wired networks. Moreover, mobile nodes are likely to be battery powered, and minimizing power consumption is important. Therefore, the number of administrative messages sent over the link by which a mobile node is directly attached to the Internet should be minimized, and the size of these messages should be kept as small as is reasonably possible.



 TOC 

1.3.  Assumptions

The protocols defined in this document place no additional constraints on the assignment of IP addresses. That is, a mobile node can be assigned an IP address by the organization that owns the machine.

This protocol assumes that mobile nodes will generally not change their point of attachment to the Internet more frequently than once per second.

This protocol assumes that IP unicast datagrams are routed based on the destination address in the datagram header (and not, for example, by source address).



 TOC 

1.4.  Applicability

Mobile IP is intended to enable nodes to move from one IP subnet to another. It is just as suitable for mobility across homogeneous media as it is for mobility across heterogeneous media. That is, Mobile IP facilitates node movement from one Ethernet segment to another as well as it accommodates node movement from an Ethernet segment to a wireless LAN, as long as the mobile node's IP address remains the same after such a movement.

One can think of Mobile IP as solving the "macro" mobility management problem. It is less well suited for more "micro" mobility management applications -- for example, handoff amongst wireless transceivers, each of which covers only a very small geographic area. As long as node movement does not occur between points of attachment on different IP subnets, link-layer mechanisms for mobility (i.e., link-layer handoff) may offer faster convergence and far less overhead than Mobile IP.



 TOC 

1.5.  New Architectural Entities

Mobile IP introduces the following new functional entities:

Mobile Node

A host or router that changes its point of attachment from one network or subnetwork to another. A mobile node may change its location without changing its IP address; it may continue to communicate with other Internet nodes at any location using its (constant) IP address, assuming link-layer connectivity to a point of attachment is available.
Home Agent

A router on a mobile node's home network which tunnels datagrams for delivery to the mobile node when it is away from home, and maintains current location information for the mobile node.
Foreign Agent

A router on a mobile node's visited network which provides routing services to the mobile node while registered. The foreign agent detunnels and delivers datagrams to the mobile node that were tunneled by the mobile node's home agent. For datagrams sent by a mobile node, the foreign agent may serve as a default router for registered mobile nodes.

A mobile node is given a long-term IP address on a home network. This home address is administered in the same way as a "permanent" IP address is provided to a stationary host. When away from its home network, a "care-of address" is associated with the mobile node and reflects the mobile node's current point of attachment. The mobile node uses its home address as the source address of all IP datagrams that it sends, except where otherwise described in this document for datagrams sent for certain mobility management functions (e.g., as in Section 3.6.1.1 (IP Fields)).



 TOC 

1.6.  Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [1] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.).

In addition, this document frequently uses the following terms:

Authorization-enabling extension

An authentication which makes a (registration) message acceptable to the ultimate recipient of the registration message. An authorization-enabling extension MUST contain an SPI.
In this document, all uses of authorization-enabling extension refer to authentication extensions that enable the Registration Request message to be acceptable to the home agent. Using additional protocol structures specified outside of this document, it may be possible for the mobile node to provide authentication of its registration to the home agent, by way of another authenticating entity within the network that is acceptable to the home agent (for example, see RFC 2794 [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.)).
Agent Advertisement

An advertisement message constructed by attaching a special Extension to a router advertisement [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.) message.
Authentication

The process of verifying (using cryptographic techniques, for all applications in this specification) the identity of the originator of a message.
Care-of Address

The termination point of a tunnel toward a mobile node, for datagrams forwarded to the mobile node while it is away from home. The protocol can use two different types of care-of address: a "foreign agent care-of address" is an address of a foreign agent with which the mobile node is registered, and a "co-located care-of address" is an externally obtained local address which the mobile node has associated with one of its own network interfaces.
Correspondent Node

A peer with which a mobile node is communicating. A correspondent node may be either mobile or stationary.
Foreign Network

Any network other than the mobile node's Home Network.
Gratuitous ARP

An ARP packet sent by a node in order to spontaneously cause other nodes to update an entry in their ARP cache [42] (Stevens, R., “TCP/IP Illustrated, Volume 1: The Protocols,” 1994.). See Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP).
Home Address

An IP address that is assigned for an extended period of time to a mobile node. It remains unchanged regardless of where the node is attached to the Internet.
Home Network

A network, possibly virtual, having a network prefix matching that of a mobile node's home address. Note that standard IP routing mechanisms will deliver datagrams destined to a mobile node's Home Address to the mobile node's Home Network.
Link

A facility or medium over which nodes can communicate at the link layer. A link underlies the network layer.
Link-Layer Address

The address used to identify an endpoint of some communication over a physical link. Typically, the Link-Layer address is an interface's Media Access Control (MAC) address.
Mobility Agent

Either a home agent or a foreign agent.
Mobility Binding

The association of a home address with a care-of address, along with the remaining lifetime of that association.
Mobility Security Association

A collection of security contexts, between a pair of nodes, which may be applied to Mobile IP protocol messages exchanged between them. Each context indicates an authentication algorithm and mode (Section 5.1 (Message Authentication Codes)), a secret (a shared key, or appropriate public/private key pair), and a style of replay protection in use (Section 5.7 (Replay Protection for Registration Requests)).
Node

A host or a router.
Nonce

A randomly chosen value, different from previous choices, inserted in a message to protect against replays.
Security Parameter Index (SPI)

An index identifying a security context between a pair of nodes among the contexts available in the Mobility Security Association. SPI values 0 through 255 are reserved and MUST NOT be used in any Mobility Security Association.
Tunnel

The path followed by a datagram while it is encapsulated. The model is that, while it is encapsulated, a datagram is routed to a knowledgeable decapsulating agent, which decapsulates the datagram and then correctly delivers it to its ultimate destination.
Virtual Network

A network with no physical instantiation beyond a router (with a physical network interface on another network). The router (e.g., a home agent) generally advertises reachability to the virtual network using conventional routing protocols.
Visited Network

A network other than a mobile node's Home Network, to which the mobile node is currently connected.
Visitor List

The list of mobile nodes visiting a foreign agent.


 TOC 

1.7.  Protocol Overview

The following support services are defined for Mobile IP:

Agent Discovery

Home agents and foreign agents may advertise their availability on each link for which they provide service. A newly arrived mobile node can send a solicitation on the link to learn if any prospective agents are present.
Registration

When the mobile node is away from home, it registers its care-of address with its home agent. Depending on its method of attachment, the mobile node will register either directly with its home agent, or through a foreign agent which forwards the registration to the home agent.
silently discard

The implementation discards the datagram without further processing, and without indicating an error to the sender. The implementation SHOULD provide the capability of logging the error, including the contents of the discarded datagram, and SHOULD record the event in a statistics counter.

The following steps provide a rough outline of operation of the Mobile IP protocol:

When away from home, Mobile IP uses protocol tunneling to hide a mobile node's home address from intervening routers between its home network and its current location. The tunnel terminates at the mobile node's care-of address. The care-of address must be an address to which datagrams can be delivered via conventional IP routing. At the care-of address, the original datagram is removed from the tunnel and delivered to the mobile node.

Mobile IP provides two alternative modes for the acquisition of a care-of address:

a.
A "foreign agent care-of address" is a care-of address provided by a foreign agent through its Agent Advertisement messages. In this case, the care-of address is an IP address of the foreign agent. In this mode, the foreign agent is the endpoint of the tunnel and, upon receiving tunneled datagrams, decapsulates them and delivers the inner datagram to the mobile node. This mode of acquisition is preferred because it allows many mobile nodes to share the same care-of address and therefore does not place unnecessary demands on the already limited IPv4 address space.
b.
A "co-located care-of address" is a care-of address acquired by the mobile node as a local IP address through some external means, which the mobile node then associates with one of its own network interfaces. The address may be dynamically acquired as a temporary address by the mobile node such as through DHCP [30] (Droms, R., “Dynamic Host Configuration Protocol,” March 1997.), or may be owned by the mobile node as a long-term address for its use only while visiting some foreign network. Specific external methods of acquiring a local IP address for use as a co-located care-of address are beyond the scope of this document. When using a co-located care-of address, the mobile node serves as the endpoint of the tunnel and itself performs decapsulation of the datagrams tunneled to it.

The mode of using a co-located care-of address has the advantage that it allows a mobile node to function without a foreign agent, for example, in networks that have not yet deployed a foreign agent. It does, however, place additional burden on the IPv4 address space because it requires a pool of addresses within the foreign network to be made available to visiting mobile nodes. It is difficult to efficiently maintain pools of addresses for each subnet that may permit mobile nodes to visit.

It is important to understand the distinction between the care-of address and the foreign agent functions. The care-of address is simply the endpoint of the tunnel. It might indeed be an address of a foreign agent (a foreign agent care-of address), but it might instead be an address temporarily acquired by the mobile node (a co-located care-of address). A foreign agent, on the other hand, is a mobility agent that provides services to mobile nodes. See Section 3.7 (Foreign Agent Considerations) and Section 4.2.2 (Foreign Agent Considerations) for additional details.

A home agent MUST be able to attract and intercept datagrams that are destined to the home address of any of its registered mobile nodes. Using the proxy and gratuitous ARP mechanisms described in Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP), this requirement can be satisfied if the home agent has a network interface on the link indicated by the mobile node's home address. Other placements of the home agent relative to the mobile node's home location MAY also be possible using other mechanisms for intercepting datagrams destined to the mobile node's home address. Such placements are beyond the scope of this document.

Similarly, a mobile node and a prospective or current foreign agent MUST be able to exchange datagrams without relying on standard IP routing mechanisms; that is, those mechanisms which make forwarding decisions based upon the network-prefix of the destination address in the IP header. This requirement can be satisfied if the foreign agent and the visiting mobile node have an interface on the same link. In this case, the mobile node and foreign agent simply bypass their normal IP routing mechanism when sending datagrams to each other, addressing the underlying link-layer packets to their respective link-layer addresses. Other placements of the foreign agent relative to the mobile node MAY also be possible using other mechanisms to exchange datagrams between these nodes, but such placements are beyond the scope of this document.



            2) Datagram is intercepted   3) Datagram is
               by home agent and            detunneled and
               is tunneled to the           delivered to the
               care-of address.             mobile node.

                  +-----+          +-------+         +------+
                  |home | =======> |foreign| ------> |mobile|
                  |agent|          | agent | <------ | node |
                  +-----+          +-------+         +------+
 1) Datagram to    /|\         /
    mobile node     |        /   4) For datagrams sent by the
    arrives on      |      /        mobile node, standard IP
    home network    |    /          routing delivers each to its
    via standard    |  |_           destination.  In this figure,
    IP routing.   +----+            the foreign agent is the
                  |host|            mobile node's default router.
                  +----+
 Figure 1: Operation of Mobile IPv4 

If a mobile node is using a co-located care-of address (as described in (b) above), the mobile node MUST be located on the link identified by the network prefix of this care-of address. Otherwise, datagrams destined to the care-of address would be undeliverable.

For example, Figure 1 (Operation of Mobile IPv4) illustrates the routing of datagrams to and from a mobile node away from home, once the mobile node has registered with its home agent. In figure 1, the mobile node is using a foreign agent care-of address, not a co-located care-of address.



 TOC 

1.8.  Message Format and Protocol Extensibility

Mobile IP defines a set of new control messages, sent with UDP [18] (Postel, J., “User Datagram Protocol,” August 1980.) using well-known port number 434. The following two message types are defined in this document:

1 Registration Request

3 Registration Reply

Up-to-date values for the message types for Mobile IP control messages are specified in the IANA online database [45] (IANA Assigned Numbers Online Database, “Mobile IPv4 Numbers,” .).

In addition, for Agent Discovery, Mobile IP makes use of the existing Router Advertisement and Router Solicitation messages defined for ICMP Router Discovery [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.).

Mobile IP defines a general Extension mechanism to allow optional information to be carried by Mobile IP control messages or by ICMP Router Discovery messages. Some extensions have been specified to be encoded in the simple Type-Length-Value format described in Section 1.9 (Type-Length-Value Extension Format for Mobile IP Extensions).

Extensions allow variable amounts of information to be carried within each datagram. The end of the list of Extensions is indicated by the total length of the IP datagram.

Two separately maintained sets of numbering spaces, from which Extension Type values are allocated, are used in Mobile IP:

Each individual Extension is described in detail in a separate section later in this document. Up-to-date values for these Extension Type numbers are specified in the IANA online database [45] (IANA Assigned Numbers Online Database, “Mobile IPv4 Numbers,” .).

Due to the separation (orthogonality) of these sets, it is conceivable that two Extensions that are defined at a later date could have identical Type values, so long as one of the Extensions may be used only in Mobile IP control messages and the other may be used only in ICMP Router Discovery messages.

The type field in the Mobile IP extension structure can support up to 255 (skippable and not skippable) uniquely identifiable extensions. When an Extension numbered in either of these sets within the range 0 through 127 is encountered but not recognized, the message containing that Extension MUST be silently discarded. When an Extension numbered in the range 128 through 255 is encountered which is not recognized, that particular Extension is ignored, but the rest of the Extensions and message data MUST still be processed. The Length field of the Extension is used to skip the Data field in searching for the next Extension.

Unless additional structure is utilized for the extension types, new developments or additions to Mobile IP might require so many new extensions that the available space for extension types might run out. Two new extension structures are proposed to solve this problem. Certain types of extensions can be aggregated, using subtypes to identify the precise extension, for example as has been done with the Generic Authentication Keys extensions [43] (Perkins, C. and P. Calhoun, “Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4,” March 2005.). In many cases, this may reduce the rate of allocation for new values of the type field.

Since the new extension structures will cause an efficient usage of the extension type space, it is recommended that new Mobile IP extensions follow one of the two new extension formats whenever there may be the possibility to group related extensions together.

The following subsections provide details about three distinct structures for Mobile IP extensions:



 TOC 

1.9.  Type-Length-Value Extension Format for Mobile IP Extensions

The Type-Length-Value format illustrated in Figure 2 (Type-Length-Value extension format for Mobile IPv4) is used for extensions which are specified in this document. Since this simple extension structure does not encourage the most efficient usage of the extension type space, it is recommended that new Mobile IP extensions follow one of the two new extension formats specified in Section 1.10 (Long Extension Format) or Section 1.11 (Short Extension Format) whenever there may be the possibility to group related extensions together.



  0                   1                   2
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
 |     Type      |    Length     |    Data ...
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
 Figure 2: Type-Length-Value extension format for Mobile IPv4 

Type

Indicates the particular type of Extension.
Length

Indicates the length (in bytes) of the data field within this Extension. The length does NOT include the Type and Length bytes.
Data

The particular data associated with this Extension. This field may be zero or more bytes in length. The format and length of the data field is determined by the type and length fields.


 TOC 

1.10.  Long Extension Format

This format is applicable for non-skippable extensions which carry information more than 256 bytes.

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |  Sub-Type     |           Length              |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                           Data      .....
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The Long Extension format requires that the following fields be specified as the first fields of the extension.

Type

is the type, which describes a collection of extensions having a common data type.
Sub-Type

is a unique number given to each member in the aggregated type.
Length

indicates the length (in bytes) of the data field within this Extension. It does NOT include the Type, Length and Sub-Type bytes.
Data

is the data associated with the subtype of this extension. This specification does not place any additional structure on the subtype data.

Since the length field is 16 bits wide, the extension data can exceed 256 bytes in length.



 TOC 

1.11.  Short Extension Format

This format is compatible with the skippable extensions defined in Section 1.9 (Type-Length-Value Extension Format for Mobile IP Extensions). It is not applicable for extensions which require more than 256 bytes of data; for such extensions, use the format described in Section 1.10 (Long Extension Format).

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |   Length      |    Sub-Type   |    Data ....
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The Short Extension format requires that the following fields be specified as the first fields of the extension:

Type

is the type, which describes a collection of extensions having a common data type.
Sub-Type

is a unique number given to each member in the aggregated type.
Length

8-bit unsigned integer. Length of the extension, in bytes, excluding the extension Type and the extension Length fields. This field MUST be set to 1 plus the total length of the data field.
Data

is the data associated with this extension. This specification does not place any additional structure on the subtype data.


 TOC 

2.  Agent Discovery

Agent Discovery is the method by which a mobile node determines whether it is currently connected to its home network or to a foreign network, and by which a mobile node can detect when it has moved from one network to another. When connected to a foreign network, the methods specified in this section also allow the mobile node to determine the foreign agent care-of address being offered by each foreign agent on that network.

Mobile IP extends ICMP Router Discovery [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.) as its primary mechanism for Agent Discovery. An Agent Advertisement is formed by including a Mobility Agent Advertisement Extension in an ICMP Router Advertisement message (Section 2.1 (Agent Advertisement)). An Agent Solicitation message is identical to an ICMP Router Solicitation, except that its IP TTL MUST be set to 1 (Section 2.2 (Agent Solicitation)). This section describes the message formats and procedures by which mobile nodes, foreign agents, and home agents cooperate to realize Agent Discovery.

Agent Advertisement and Agent Solicitation may not be necessary for link layers that already provide this functionality. The method by which mobile nodes establish link-layer connections with prospective agents is outside the scope of this document (but see Appendix B (Link-Layer Considerations)). The procedures described below assume that such link-layer connectivity has already been established.

No authentication is required for Agent Advertisement and Agent Solicitation messages. They MAY be authenticated using the IP Authentication Header [9] (Kent, S., “IP Authentication Header,” December 2005.), which is unrelated to the messages described in this document. Further specification of the way in which Advertisement and Solicitation messages may be authenticated is outside of the scope of this document.



 TOC 

2.1.  Agent Advertisement

Agent Advertisements are transmitted by a mobility agent to advertise its services on a link. Mobile nodes use these advertisements to determine their current point of attachment to the Internet. An Agent Advertisement is an ICMP Router Advertisement that has been extended to also carry an Mobility Agent Advertisement Extension (Section 2.1.1 (Mobility Agent Advertisement Extension)) and, optionally, a Prefix-Lengths Extension (Section 2.1.2 (Prefix-Lengths Extension)), One-byte Padding Extension (Section 2.1.3 (One-byte Padding Extension), or other Extensions that might be defined in the future.

Within an Agent Advertisement message, ICMP Router Advertisement fields of the message are required to conform to the following additional specifications:

Link-Layer Fields
Destination Address

The link-layer destination address of a unicast Agent Advertisement MUST be the same as the source link-layer address of the Agent Solicitation which prompted the Advertisement.
IP Fields
TTL

The TTL for all Agent Advertisements MUST be set to 1.
Destination Address

As specified for ICMP Router Discovery [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.), the IP destination address of an multicast Agent Advertisement MUST be either the "all systems on this link" multicast address (224.0.0.1) [6] (Deering, S., “Host extensions for IP multicasting,” August 1989.) or the "limited broadcast" address (255.255.255.255). The subnet-directed broadcast address of the form <prefix>.<-1> cannot be used since mobile nodes will not generally know the prefix of the foreign network. When the Agent Advertisement is unicast to a mobile node, the IP home address of the mobile node SHOULD be used as the Destination Address.
ICMP Fields
Code

The Code field of the agent advertisement is interpreted as follows:

0 The mobility agent handles common traffic -- that is, it acts as a router for IP datagrams not necessarily related to mobile nodes.

16 The mobility agent does not route common traffic. However, all foreign agents MUST (minimally) forward to a default router any datagrams received from a registered mobile node (Section 4.2.2 (Foreign Agent Considerations)).

Lifetime

The maximum length of time that the Advertisement is considered valid in the absence of further Advertisements.
Router Address(es)

See Section 2.3.1 (Advertised Router Addresses) for a discussion of the addresses that may appear in this portion of the Agent Advertisement.
Num Addrs

The number of Router Addresses advertised in this message. Note that in an Agent Advertisement message, the number of router addresses specified in the ICMP Router Advertisement portion of the message MAY be set to 0. See Section 2.3.1 (Advertised Router Addresses) for details.

If sent periodically, the nominal interval at which Agent Advertisements are sent SHOULD be no longer than 1/3 of the advertisement Lifetime given in the ICMP header. This interval MAY be shorter than 1/3 the advertised Lifetime. This allows a mobile node to miss three successive advertisements before deleting the agent from its list of valid agents. The actual transmission time for each advertisement SHOULD be slightly randomized [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.) in order to avoid synchronization and subsequent collisions with other Agent Advertisements that may be sent by other agents (or with other Router Advertisements sent by other routers). Note that this field has no relation to the "Registration Lifetime" field within the Mobility Agent Advertisement Extension defined below.



 TOC 

2.1.1.  Mobility Agent Advertisement Extension

The Mobility Agent Advertisement Extension follows the ICMP Router Advertisement fields. It is used to indicate that an ICMP Router Advertisement message is also an Agent Advertisement being sent by a mobility agent. The Mobility Agent Advertisement Extension is defined as follows:

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |    Length     |        Sequence Number        |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |    Registration Lifetime      |R|B|H|F|M|G|r|T|   reserved    |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                  zero or more Care-of Addresses               |
 |                              ...                              |

Type

16
Length

(6 + 4*N), where 6 accounts for the number of bytes in the Sequence Number, Registration Lifetime, flags, and reserved fields, and N is the number of care-of addresses advertised.
Sequence Number

The count of Agent Advertisement messages sent since the agent was initialized (Section 2.3.2 (Sequence Numbers and Rollover Handling)).
Registration Lifetime

The longest lifetime (measured in seconds) that this agent is willing to accept in any Registration Request. A value of 0xffff indicates infinity. This field has no relation to the "Lifetime" field within the ICMP Router Advertisement portion of the Agent Advertisement.
R

Registration required. Registration with this foreign agent (or another foreign agent on this link) is required even when using a co-located care-of address.
B

Busy. The foreign agent will not accept registrations from additional mobile nodes.
H

Home agent. This agent offers service as a home agent on the link on which this Agent Advertisement message is sent.
F

Foreign agent. This agent offers service as a foreign agent on the link on which this Agent Advertisement message is sent.
M

Minimal encapsulation. This agent implements receiving tunneled datagrams that use minimal encapsulation [16] (Perkins, C., “Minimal Encapsulation within IP,” October 1996.).
G

GRE encapsulation. This agent implements receiving tunneled datagrams that use GRE encapsulation [13] (Farinacci, D., Li, T., Hanks, S., Meyer, D., and P. Traina, “Generic Routing Encapsulation (GRE),” March 2000.).
r

Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses.
T

Foreign agent supports reverse tunneling [12] (Montenegro, G., “Reverse Tunneling for Mobile IP, revised,” January 2001.).
reserved

Sent as zero; ignored on reception.
Care-of Address(es)

The advertised foreign agent care-of address(es) provided by this foreign agent. An Agent Advertisement MUST include at least one care-of address if the 'F' bit is set. The number of care-of addresses present is determined by the Length field in the Extension.

A home agent MUST always be prepared to serve the mobile nodes for which it is the home agent. A foreign agent may at times be too busy to serve additional mobile nodes; even so, it must continue to send Agent Advertisements, so that any mobile nodes already registered with it will know that they have not moved out of range of the foreign agent and that the foreign agent has not failed. A foreign agent may indicate that it is "too busy" to allow new mobile nodes to register with it, by setting the 'B' bit in its Agent Advertisements. An Agent Advertisement message MUST NOT have the 'B' bit set if the 'F' bit is not also set. Furthermore, at least one of the 'F' bit and the 'H' bit MUST be set in any Agent Advertisement message sent.

When a foreign agent wishes to require registration even from those mobile nodes which have acquired a co-located care-of address, it sets the 'R' bit to one. Because this bit applies only to foreign agents, an agent MUST NOT set the 'R' bit to one unless the 'F' bit is also set to one.



 TOC 

2.1.2.  Prefix-Lengths Extension

The Prefix-Lengths Extension MAY follow the Mobility Agent Advertisement Extension. It is used to indicate the number of bits of network prefix that applies to each Router Address listed in the ICMP Router Advertisement portion of the Agent Advertisement. Note that the prefix lengths given DO NOT apply to care-of address(es) listed in the Mobility Agent Advertisement Extension. The Prefix-Lengths Extension is defined as follows:

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |    Length     | Prefix Length |      ....
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type

19 (Prefix-Lengths Extension)
Length

N, where N is the value (possibly zero) of the Num Addrs field in the ICMP Router Advertisement portion of the Agent Advertisement.
Prefix Length(s)

The number of leading bits that define the network number of the corresponding Router Address listed in the ICMP Router Advertisement portion of the message. The prefix length for each Router Address is encoded as a separate byte, in the order that the Router Addresses are listed in the ICMP Router Advertisement portion of the message.

See Section 2.4.2 (Move Detection) for information about how the Prefix-Lengths Extension MAY be used by a mobile node when determining whether it has moved. See Appendix E (Applicability of Prefix-Lengths Extension) for implementation details about the use of this Extension.



 TOC 

2.1.3.  One-byte Padding Extension

Some IP protocol implementations insist upon padding ICMP messages to an even number of bytes. If the ICMP length of an Agent Advertisement is odd, this Extension MAY be included in order to make the ICMP length even. Note that this Extension is NOT intended to be a general-purpose Extension to be included in order to word- or long-align the various fields of the Agent Advertisement. An Agent Advertisement SHOULD NOT include more than one One-byte Padding Extension and if present, this Extension SHOULD be the last Extension in the Agent Advertisement.

Note that unlike other Extensions used in Mobile IP, the One-byte Padding Extension is encoded as a single byte, with no "Length" nor "Data" field present. The One-byte Padding Extension is defined as follows:

  0 1 2 3 4 5 6 7
 +-+-+-+-+-+-+-+-+
 |     Type      |
 +-+-+-+-+-+-+-+-+

    Type 0 (One-byte Padding Extension)


 TOC 

2.2.  Agent Solicitation

An Agent Solicitation is identical to an ICMP Router Solicitation with the further restriction that the IP TTL Field MUST be set to 1.



 TOC 

2.3.  Foreign Agent and Home Agent Considerations

Any mobility agent which cannot be discovered by a link-layer protocol MUST send Agent Advertisements. An agent which can be discovered by a link-layer protocol SHOULD also implement Agent Advertisements. However, the Advertisements need not be sent, except when the site policy requires registration with the agent (i.e., when the 'R' bit is set), or as a response to a specific Agent Solicitation. All mobility agents MUST process packets that they receive addressed to the Mobile-Agents multicast group, at address 224.0.0.11. A mobile node MAY send an Agent Solicitation to 224.0.0.11. All mobility agents SHOULD respond to Agent Solicitations.

The same procedures, defaults, and constants are used in Agent Advertisement messages and Agent Solicitation messages as specified for ICMP Router Discovery [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.), except that:

If the home network is not a virtual network, then the home agent for any mobile node SHOULD be located on the link identified by the mobile node's home address, and Agent Advertisement messages sent by the home agent on this link MUST have the 'H' bit set. In this way, mobile nodes on their own home network will be able to determine that they are indeed at home. Any Agent Advertisement messages sent by the home agent on another link to which it may be attached (if it is a mobility agent serving more than one link), MUST NOT have the 'H' bit set unless the home agent also serves as a home agent (to other mobile nodes) on that other link. A mobility agent MAY use different settings for each of the 'R', 'H', and 'F' bits on different network interfaces.

If the home network is a virtual network, the home network has no physical realization external to the home agent itself. In this case, there is no physical network link on which to send Agent Advertisement messages advertising the home agent. Mobile nodes for which this is the home network are always treated as being away from home.

On a particular subnet, either all mobility agents MUST include the Prefix-Lengths Extension or all of them MUST NOT include this Extension. Equivalently, it is prohibited for some agents on a given subnet to include the Extension but for others not to include it. Otherwise, one of the move detection algorithms designed for mobile nodes will not function properly (Section 2.4.2 (Move Detection)).



 TOC 

2.3.1.  Advertised Router Addresses

The ICMP Router Advertisement portion of the Agent Advertisement MAY contain one or more router addresses. An agent SHOULD only put its own addresses, if any, in the advertisement. Whether or not its own address appears in the Router Addresses, a foreign agent MUST route datagrams it receives from registered mobile nodes (Section 3.7 (Foreign Agent Considerations)).



 TOC 

2.3.2.  Sequence Numbers and Rollover Handling

The sequence number in Agent Advertisements ranges from 0 to 0xffff. After booting, an agent MUST use the number 0 for its first advertisement. Each subsequent advertisement MUST use the sequence number one greater, with the exception that the sequence number 0xffff MUST be followed by sequence number 256. In this way, mobile nodes can distinguish a reduction in the sequence number that occurs after a reboot from a reduction that results in rollover of the sequence number after it attains the value 0xffff.



 TOC 

2.4.  Mobile Node Considerations

Every mobile node MUST implement Agent Solicitation. Solicitations SHOULD only be sent in the absence of Agent Advertisements and when a care-of address has not been determined through a link-layer protocol or other means. The mobile node uses the same procedures, defaults, and constants for Agent Solicitation as specified for ICMP Router Solicitation messages [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.), except that the mobile node MAY solicit more often than once every three seconds, and that a mobile node that is currently not connected to any foreign agent MAY solicit more times than MAX_SOLICITATIONS.

The rate at which a mobile node sends Solicitations MUST be limited by the mobile node. The mobile node MAY send three initial Solicitations at a maximum rate of one per second while searching for an agent. After this, the rate at which Solicitations are sent MUST be reduced so as to limit the overhead on the local link. Subsequent Solicitations MUST be sent using a binary exponential backoff mechanism, doubling the interval between consecutive Solicitations, up to a maximum interval. The maximum interval SHOULD be chosen appropriately based upon the characteristics of the media over which the mobile node is soliciting. This maximum interval SHOULD be at least one minute between Solicitations.

While still searching for an agent, the mobile node MUST NOT increase the rate at which it sends Solicitations unless it has received a positive indication that it has moved to a new link. After successfully registering with an agent, the mobile node SHOULD also increase the rate at which it will send Solicitations when it next begins searching for a new agent with which to register. The increased solicitation rate MAY revert to the maximum rate, but then MUST be limited in the manner described above. In all cases, the recommended solicitation intervals are nominal values. Mobile nodes MUST randomize their solicitation times around these nominal values as specified for ICMP Router Discovery [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.).

Mobile nodes MUST process received Agent Advertisements. A mobile node can distinguish an Agent Advertisement message from other uses of the ICMP Router Advertisement message by examining the number of advertised addresses and the IP Total Length field. When the IP total length indicates that the ICMP message is longer than needed for the number of advertised addresses, the remaining data is interpreted as one or more Extensions. The presence of a Mobility Agent Advertisement Extension identifies the advertisement as an Agent Advertisement.

If there is more than one advertised address, the mobile node SHOULD pick the first address for its initial registration attempt. If the registration attempt fails with a status Code indicating rejection by the foreign agent, the mobile node MAY retry the attempt with each subsequent advertised address in turn.

When multiple methods of agent discovery are in use, the mobile node SHOULD first attempt registration with agents including Mobility Agent Advertisement Extensions in their advertisements, in preference to those discovered by other means. This preference maximizes the likelihood that the registration will be recognized, thereby minimizing the number of registration attempts.

A mobile node MUST ignore reserved bits in Agent Advertisements, as opposed to discarding such advertisements. In this way, new bits can be defined later, without affecting the ability for mobile nodes to use the advertisements even when the newly defined bits are not understood.



 TOC 

2.4.1.  Registration Required

When the mobile node receives an Agent Advertisement with the 'R' bit set, the mobile node SHOULD register through the foreign agent, even when the mobile node might be able to acquire its own co-located care-of address. This feature is intended to allow sites to enforce visiting policies (such as accounting) which require exchanges of authorization.

If formerly reserved bits require some kind of monitoring/enforcement at the foreign link, foreign agents implementing the new specification for the formerly reserved bits can set the 'R' bit. This has the effect of forcing the mobile node to register through the foreign agent, so the foreign agent could then monitor/enforce the policy.



 TOC 

2.4.2.  Move Detection

Two primary mechanisms are provided for mobile nodes to detect when they have moved from one subnet to another. Other mechanisms MAY also be used. When the mobile node detects that it has moved, it SHOULD register (Section 3 (Registration)) with a suitable care-of address on the new foreign network. However, the mobile node MUST NOT register more frequently than once per second on average, as specified in Section 3.6.3 (Registration Retransmission).



 TOC 

2.4.2.1.  Algorithm 1

The first method of move detection is based upon the Lifetime field within the main body of the ICMP Router Advertisement portion of the Agent Advertisement. A mobile node SHOULD record the Lifetime received in any Agent Advertisements, until that Lifetime expires. If the mobile node fails to receive another advertisement from the same agent within the specified Lifetime, it SHOULD assume that it has lost contact with that agent. If the mobile node has previously received an Agent Advertisement from another agent for which the Lifetime field has not yet expired, the mobile node MAY immediately attempt registration with that other agent. Otherwise, the mobile node SHOULD attempt to discover a new agent with which to register.



 TOC 

2.4.2.2.  Algorithm 2

The second method uses network prefixes. The Prefix-Lengths Extension MAY be used in some cases by a mobile node to determine whether or not a newly received Agent Advertisement was received on the same subnet as the mobile node's current care-of address. If the prefixes differ, the mobile node MAY assume that it has moved. If a mobile node is currently using a foreign agent care-of address, the mobile node SHOULD NOT use this method of move detection unless both the current agent and the new agent include the Prefix-Lengths Extension in their respective Agent Advertisements; if this Extension is missing from one or both of the advertisements, this method of move detection SHOULD NOT be used. Similarly, if a mobile node is using a co-located care-of address, it SHOULD not use this method of move detection unless the new agent includes the Prefix-Lengths Extension in its Advertisement and the mobile node knows the network prefix of its current co-located care-of address. On the expiration of its current registration, if this method indicates that the mobile node has moved, rather than re-registering with its current care-of address, a mobile node MAY choose instead to register with a the foreign agent sending the new Advertisement with the different network prefix. The Agent Advertisement on which the new registration is based MUST NOT have expired according to its Lifetime field.



 TOC 

2.4.3.  Returning Home

A mobile node can detect that it has returned to its home network when it receives an Agent Advertisement from its own home agent. If so, it SHOULD deregister with its home agent (Section 3 (Registration)). Before attempting to deregister, the mobile node SHOULD configure its routing table appropriately for its home network (Section 4.2.1 (Mobile Node Considerations)). In addition, if the home network is using ARP [17] (Plummer, D., “Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware,” November 1982.), the mobile node MUST follow the procedures described in Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP) with regard to ARP, proxy ARP, and gratuitous ARP.



 TOC 

2.4.4.  Sequence Numbers and Rollover Handling

If a mobile node detects two successive values of the sequence number in the Agent Advertisements from the foreign agent with which it is registered, the second of which is less than the first and inside the range 0 to 255, the mobile node SHOULD register again. If the second value is less than the first but is greater than or equal to 256, the mobile node SHOULD assume that the sequence number has rolled over past its maximum value (0xffff), and that reregistration is not necessary (Section 2.3 (Foreign Agent and Home Agent Considerations)).



 TOC 

3.  Registration

Mobile IP registration provides a flexible mechanism for mobile nodes to communicate their current reachability information to their home agent. It is the method by which mobile nodes:

Registration messages exchange information between a mobile node, (optionally) a foreign agent, and the home agent. Registration creates or modifies a mobility binding at the home agent, associating the mobile node's home address with its care-of address for the specified Lifetime.

Several other (optional) capabilities are available through the registration procedure, which enable a mobile node to:



 TOC 

3.1.  Registration Overview

Mobile IP defines two different registration procedures, one via a foreign agent that relays the registration to the mobile node's home agent, and one directly with the mobile node's home agent. The following rules determine which of these two registration procedures to use in any particular circumstance:

Both registration procedures involve the exchange of Registration Request and Registration Reply messages (Section 3.3 (Registration Request) and Section 3.4 (Registration Reply)). When registering via a foreign agent, the registration procedure requires the following four messages:

a.
The mobile node sends a Registration Request to the prospective foreign agent to begin the registration process.
b.
The foreign agent processes the Registration Request and then relays it to the home agent.
c.
The home agent sends a Registration Reply to the foreign agent to grant or deny the Request.
d.
The foreign agent processes the Registration Reply and then relays it to the mobile node to inform it of the disposition of its Request.

When the mobile node instead registers directly with its home agent, the registration procedure requires only the following two messages:

a.
The mobile node sends a Registration Request to the home agent.
b.
The home agent sends a Registration Reply to the mobile node, granting or denying the Request.

The registration messages defined in Section 3.3 (Registration Request) and Section 3.4 (Registration Reply) use the User Datagram Protocol (UDP) [18] (Postel, J., “User Datagram Protocol,” August 1980.). A nonzero UDP checksum SHOULD be included in the header, and MUST be checked by the recipient. A zero UDP checksum SHOULD be accepted by the recipient. The behavior of the mobile node and the home agent with respect to their mutual acceptance of packets with zero UDP checksums SHOULD be defined as part of the mobility security association which exists between them.



 TOC 

3.2.  Authentication

Each mobile node, foreign agent, and home agent MUST be able to support a mobility security association for mobile entities, indexed by their SPI and IP address. In the case of the mobile node, this must be its Home Address. See Section 5.1 (Message Authentication Codes) for requirements for support of authentication algorithms. Registration messages between a mobile node and its home agent MUST be authenticated with an authorization-enabling extension, e.g. the Mobile-Home Authentication Extension (Section 3.5.2 (Mobile-Home Authentication Extension)). This extension MUST be the first authentication extension; other foreign agent-specific extensions MAY be added to the message after the mobile node computes the authentication.



 TOC 

3.3.  Registration Request

A mobile node registers with its home agent using a Registration Request message so that its home agent can create or modify a mobility binding for that mobile node (e.g., with a new lifetime). The Request may be relayed to the home agent by the foreign agent through which the mobile node is registering, or it may be sent directly to the home agent in the case in which the mobile node is registering a co-located care-of address.

IP fields:
Source Address

Typically the interface address from which the message is sent.
Destination Address

Typically that of the foreign agent or the home agent.
See Section 3.6.1.1 (IP Fields) and Section 3.7.2.2 (Forwarding a Valid Request to the Home Agent) for details.
UDP fields:
Source Port

variable
Destination Port

434

The UDP header is followed by the Mobile IP fields shown below:

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |S|B|D|M|G|r|T|x|          Lifetime             |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                          Home Address                         |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                           Home Agent                          |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                        Care-of Address                        |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                                                               |
 +                         Identification                        +
 |                                                               |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 | Extensions ...
 +-+-+-+-+-+-+-+-

Type

1 (Registration Request)
S

Simultaneous bindings. If the 'S' bit is set, the mobile node is requesting that the home agent retain its prior mobility bindings, as described in Section 3.6.1.2 (Registration Request Fields).
B

Broadcast datagrams. If the 'B' bit is set, the mobile node requests that the home agent tunnel to it any broadcast datagrams that it receives on the home network, as described in Section 4.3 (Broadcast Datagrams).
D

Decapsulation by mobile node. If the 'D' bit is set, the mobile node will itself decapsulate datagrams which are sent to the care-of address. That is, the mobile node is using a co-located care-of address.
M

Minimal encapsulation. If the 'M' bit is set, the mobile node requests that its home agent use minimal encapsulation [16] for datagrams tunneled to the mobile node.
G

GRE encapsulation. If the 'G' bit is set, the mobile node requests that its home agent use GRE encapsulation [13] for datagrams tunneled to the mobile node.
r

Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses.
T

Reverse Tunneling requested; see [12].
x

Sent as zero; ignored on reception.
Lifetime

The number of seconds remaining before the registration is considered expired. A value of zero indicates a request for deregistration. A value of 0xffff indicates infinity.
Home Address

The IP address of the mobile node.
Home Agent

The IP address of the mobile node's home agent.
Care-of Address

The IP address for the end of the tunnel.
Identification

A 64-bit number, constructed by the mobile node, used for matching Registration Requests with Registration Replies, and for protecting against replay attacks of registration messages. See Section 5.4 (Picking Good Random Numbers) and Section 5.7 (Replay Protection for Registration Requests).
Extensions

The fixed portion of the Registration Request is followed by one or more of the Extensions listed in Section 3.5 (Registration Extensions). An authorization-enabling extension MUST be included in all Registration Requests. See Section 3.6.1.3 (Extensions) and Section 3.7.2.2 (Forwarding a Valid Request to the Home Agent) for information on the relative order in which different extensions, when present, MUST be placed in a Registration Request message.


 TOC 

3.4.  Registration Reply

A mobility agent typically returns a Registration Reply message to a mobile node which has sent a Registration Request message. If the mobile node is requesting service from a foreign agent, that foreign agent will typically receive the Reply from the home agent and subsequently relay it to the mobile node. Reply messages contain the necessary codes to inform the mobile node about the status of its Request, along with the lifetime granted by the home agent, which MAY be smaller than the original Request.

The foreign agent MUST NOT increase the Lifetime selected by the mobile node in the Registration Request, since the Lifetime is covered by an authentication extension which enables authorization by the home agent. Such an extension contains authentication data which cannot be correctly (re)computed by the foreign agent. The home agent MUST NOT increase the Lifetime selected by the mobile node in the Registration Request, since doing so could increase it beyond the maximum Registration Lifetime allowed by the foreign agent. If the Lifetime received in the Registration Reply is greater than that in the Registration Request, the Lifetime in the Request MUST be used. When the Lifetime received in the Registration Reply is less than that in the Registration Request, the Lifetime in the Reply MUST be used.

IP fields:
Source Address

Typically copied from the destination address of the Registration Request to which the agent is replying. See Section 3.7.2.3 (Denying Invalid Requests) and Section 3.8.3.2 (Registration Reply Fields) for complete details.
Destination Address

Copied from the source address of the Registration Request to which the agent is replying

UDP fields:
Source Port

Copied from the UDP destination port of the corresponding Registration Request.
Destination Port

Copied from the source port of the corresponding Registration Request (Section 3.7.1 (Configuration and Registration Tables)).

The UDP header is followed by the Mobile IP fields shown below:

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |     Code      |           Lifetime            |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                          Home Address                         |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                           Home Agent                          |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |                                                               |
 +                         Identification                        +
 |                                                               |
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 | Extensions ...
 +-+-+-+-+-+-+-+-

Type

3 (Registration Reply)
Code

A value indicating the result of the Registration Request. See below for a list of currently defined Code values.
Lifetime

If the Code field indicates that the registration was accepted, the Lifetime field is set to the number of seconds remaining before the registration is considered expired. A value of zero indicates that the mobile node has been deregistered. A value of 0xffff indicates infinity. If the Code field indicates that the registration was denied, the contents of the Lifetime field are unspecified and MUST be ignored on reception.
Home Address

The IP address of the mobile node.
Home Agent

The IP address of the mobile node's home agent.
Identification

A 64-bit number used for matching Registration Requests with Registration Replies, and for protecting against replay attacks of registration messages. The value is based on the Identification field from the Registration Request message from the mobile node, and on the style of replay protection used in the security context between the mobile node and its home agent (defined by the mobility security association between them, and SPI value in the authorization-enabling extension). See Section 5.4 (Picking Good Random Numbers) and Section 5.7 (Replay Protection for Registration Requests).
Extensions

The fixed portion of the Registration Reply is followed by one or more of the Extensions listed in Section 3.5 (Registration Extensions). An authorization-enabling extension MUST be included in all Registration Replies returned by the home agent. See Section 3.7.2.2 (Forwarding a Valid Request to the Home Agent) and Section 3.8.3.3 (Extensions) for rules on placement of extensions to Reply messages.

The following values are defined for use within the Code field. Registration successful:

0 registration accepted

1 registration accepted, but simultaneous mobility bindings unsupported

Registration denied by the foreign agent:

64 reason unspecified

65 administratively prohibited

66 insufficient resources

67 mobile node failed authentication

68 home agent failed authentication

69 requested Lifetime too long

70 poorly formed Request

71 poorly formed Reply

72 requested encapsulation unavailable

73 reserved and unavailable

TBD-IANA Invalid Home Agent address

77 invalid care-of address

78 registration timeout

80 home network unreachable (ICMP error received)

81 home agent host unreachable (ICMP error received)

82 home agent port unreachable (ICMP error received)

88 home agent unreachable (other ICMP error received)

Registration denied by the home agent:

128 reason unspecified

129 administratively prohibited

130 insufficient resources

131 mobile node failed authentication

132 foreign agent failed authentication

133 registration Identification mismatch

134 poorly formed Request

135 too many simultaneous mobility bindings

136 unknown home agent address

Up-to-date values of the Code field are specified in the IANA online database [45] (IANA Assigned Numbers Online Database, “Mobile IPv4 Numbers,” .).



 TOC 

3.5.  Registration Extensions



 TOC 

3.5.1.  Computing Authentication Extension Values

The Authenticator value computed for each authentication Extension MUST protect the following fields from the registration message:

The default authentication algorithm uses HMAC-MD5 [10] (Krawczyk, H., Bellare, M., and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” February 1997.) to compute a 128-bit "message digest" of the registration message. The data over which the HMAC is computed is defined as:

Note that the Authenticator field itself and the UDP header are NOT included in the computation of the default Authenticator value. See Section 5.1 (Message Authentication Codes) for information about support requirements for message authentication codes, which are to be used with the various authentication Extensions.

The Security Parameter Index (SPI) within any of the authentication Extensions defines the security context which is used to compute the Authenticator value and which MUST be used by the receiver to check that value. In particular, the SPI selects the authentication algorithm and mode (Section 5.1 (Message Authentication Codes)) and secret (a shared key, or appropriate public/private key pair) used in computing the Authenticator. In order to ensure interoperability between different implementations of the Mobile IP protocol, an implementation MUST be able to associate any SPI value with any authentication algorithm and mode which it implements. In addition, all implementations of Mobile IP MUST implement the default authentication algorithm (HMAC-MD5) specified above.



 TOC 

3.5.2.  Mobile-Home Authentication Extension

At least one authorization-enabling extension MUST be present in all Registration Requests, and also in all Registration Replies generated by the Home Agent. The Mobile-Home Authentication Extension is always an authorization-enabling for registration messages specified in this document. This requirement is intended to eliminate problems [26] (Bellovin, S., “Security Problems in the TCP/IP Protocol Suite,” March 1989.) which result from the uncontrolled propagation of remote redirects in the Internet. The location of the authorization-enabling extension marks the end of the data to be authenticated by the authorizatizing agent interpreting that authorization-enabling extension.

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |     Length    |         SPI  ....
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        ... SPI (cont.)          |       Authenticator ...
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type

32
Length

4 plus the number of bytes in the Authenticator.
SPI

Security Parameter Index (4 bytes). An opaque identifier (see Section 1.6 (Terminology)).
Authenticator

(variable length) (See Section 3.5.1 (Computing Authentication Extension Values))


 TOC 

3.5.3.  Mobile-Foreign Authentication Extension

This Extension MAY be included in Registration Requests and Replies in cases in which a mobility security association exists between the mobile node and the foreign agent. See Section 5.1 (Message Authentication Codes) for information about support requirements for message authentication codes.

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |     Length    |         SPI  ....
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        ... SPI (cont.)          |       Authenticator ...
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type

33
Length

4 plus the number of bytes in the Authenticator.
SPI

Security Parameter Index (4 bytes). An opaque identifier (see Section 1.6 (Terminology)).
Authenticator

(variable length) (See Section 3.5.1 (Computing Authentication Extension Values))


 TOC 

3.5.4.  Foreign-Home Authentication Extension

This Extension MAY be included in Registration Requests and Replies in cases in which a mobility security association exists between the foreign agent and the home agent, as long as the Registration Request is not a deregistration (i.e., the mobile node requested a nonzero lifetime and the home address is different than the care-of address). The Foreign-Home Authentication extension MUST NOT be applied to deregistration messages. See Section 5.1 (Message Authentication Codes) for information about support requirements for message authentication codes.

  0                   1                   2                   3
  0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 |     Type      |     Length    |         SPI  ....
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        ... SPI (cont.)          |       Authenticator ...
 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Type

34
Length

4 plus the number of bytes in the Authenticator.
SPI

Security Parameter Index (4 bytes). An opaque identifier (see Section 1.6 (Terminology)).
Authenticator

(variable length) (See Section 3.5.1 (Computing Authentication Extension Values))

In order to perform the authentication, the Home Agent and the Foreign Agent are configured with a mobility security association that is indexed by the SPI (in the appended Foreign-Home Authentication Extension) and the IP Source Address of the Registration Request. When the extension is used with a Registration Reply message, the foreign agent address MUST be used as the Destination IP address in the IP header.

When this extension is applied to a Registration Request message, the mobility security association for verifying the correctness of the authentication data is selected by the Home Agent based on the value of the Source IP Address field of the Registration Request and the SPI of the Authentication extension. The Source IP Address will be the same as the Care-of Address field of the Registration Request (see Section 3.7.2.2 (Forwarding a Valid Request to the Home Agent))

When this extension is applied to a Registration Reply message, the mobility security association for verifying the correctness of the authentication data is selected by the foreign agent based on the value of the Home Agent Address field of the Registration Reply.

If the Care-of Address in the Registration Request is not in the Agent Advertisement, then the foreign agent MUST NOT append the Foreign-Home Authentication Extension when relaying the message to the home agent. Moreover, for a deregistration message (i.e., lifetime = 0), the foreign agent MUST NOT append the Foreign-Home Authentication Extension when relaying the message to the home agent. Consequently, when the HA receives a deregistration request that does not contain a Foreign-Home Authentication Extension it MUST NOT for this reason discard the request as part of security association processing.



 TOC 

3.6.  Mobile Node Considerations

A mobile node MUST be configured (statically or dynamically) with a netmask and a mobility security association for each of its home agents. In addition, a mobile node MAY be configured with its home address, and the IP address of one or more of its home agents; otherwise, the mobile node MAY discover a home agent using the procedures described in Section 3.6.1.2 (Registration Request Fields).

If the mobile node is not configured with a home address, it MAY use the Mobile Node NAI extension [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.) to identify itself, and set the Home Address field of the Registration Request to 0.0.0.0. In this case, the mobile node MUST be able to assign its home address after extracting this information from the Registration Reply from the home agent.

For each pending registration, the mobile node maintains the following information:

A mobile node SHOULD initiate a registration whenever it detects a change in its network connectivity. See Section 2.4.2 (Move Detection) for methods by which mobile nodes MAY make such a determination. When it is away from home, the mobile node's Registration Request allows its home agent to create or modify a mobility binding for it. When it is at home, the mobile node's (de)Registration Request allows its home agent to delete any previous mobility binding(s) for it. A mobile node operates without the support of mobility functions when it is at home.

There are other conditions under which the mobile node SHOULD (re)register with its foreign agent, such as when the mobile node detects that the foreign agent has rebooted (as specified in Section 2.4.4 (Sequence Numbers and Rollover Handling)) and when the current registration's Lifetime is near expiration.

In the absence of link-layer indications of changes in point of attachment, Agent Advertisements from new agents SHOULD NOT cause a mobile node to attempt a new registration, if its current registration has not expired and it is still also receiving Agent Advertisements from the foreign agent with which it is currently registered. In the absence of link-layer indications, a mobile node MUST NOT attempt to register more often than once per second.

A mobile node MAY register with a different agent when transport-layer protocols indicate excessive retransmissions. A mobile node MUST NOT consider reception of an ICMP Redirect from a foreign agent that is currently providing service to it as reason to register with a new foreign agent. Within these constraints, the mobile node MAY register again at any time.

Appendix D (Example Scenarios) shows some examples of how the fields in registration messages would be set up in some typical registration scenarios.



 TOC 

3.6.1.  Sending Registration Requests

The following sections specify details for the values the mobile node MUST supply in the fields of Registration Request messages.



 TOC 

3.6.1.1.  IP Fields

This section provides the specific rules by which mobile nodes pick values for the IP header fields of a Registration Request.

IP Source Address:

IP Destination Address:

IP Time to Live:



 TOC 

3.6.1.2.  Registration Request Fields

This section provides specific rules by which mobile nodes pick values for the fields within the fixed portion of a Registration Request.

A mobile node MAY set the 'S' bit in order to request that the home agent maintain prior mobility binding(s). Otherwise, the home agent deletes any previous binding(s) and replaces them with the new binding specified in the Registration Request. Multiple simultaneous mobility bindings are likely to be useful when a mobile node using at least one wireless network interface moves within wireless transmission range of more than one foreign agent. IP explicitly allows duplication of datagrams. When the home agent allows simultaneous bindings, it will tunnel a separate copy of each arriving datagram to each care-of address, and the mobile node will receive multiple copies of datagrams destined to it.

The mobile node SHOULD set the 'D' bit if it is registering with a co-located care-of address. Otherwise, the 'D' bit MUST NOT be set.

A mobile node MAY set the 'B' bit to request its home agent to forward to it, a copy of broadcast datagrams received by its home agent from the home network. The method used by the home agent to forward broadcast datagrams depends on the type of care-of address registered by the mobile node, as determined by the 'D' bit in the mobile node's Registration Request:

The mobile node MAY request alternative forms of encapsulation by setting the 'M' bit and/or the 'G' bit, but only if the mobile node is decapsulating its own datagrams (the mobile node is using a co-located care-of address) or if its foreign agent has indicated support for these forms of encapsulation by setting the corresponding bits in the Mobility Agent Advertisement Extension of an Agent Advertisement received by the mobile node. Otherwise, the mobile node MUST NOT set these bits.

The Lifetime field is chosen as follows:

The Home Address field MUST be set to the mobile node's home address, if this information is known. Otherwise, the Home Address MUST be set to zeroes.

The Home Agent field MUST be set to the address of the mobile node's home agent, if the mobile node knows this address. Otherwise, the mobile node MAY use dynamic home agent address resolution to learn the address of its home agent. In this case, the mobile node MUST set the Home Agent field to the subnet-directed broadcast address of the mobile node's home network. Each home agent receiving such a Registration Request with a broadcast destination address MUST reject the mobile node's registration and SHOULD return a rejection Registration Reply indicating its unicast IP address for use by the mobile node in a future registration attempt.

The Care-of Address field MUST be set to the value of the particular care-of address that the mobile node wishes to (de)register. In the special case in which a mobile node wishes to deregister all care-of addresses, it MUST set this field to its home address.

The mobile node chooses the Identification field in accordance with the style of replay protection it uses with its home agent. This is part of the mobility security association the mobile node shares with its home agent. See Section 5.7 (Replay Protection for Registration Requests) for the method by which the mobile node computes the Identification field.



 TOC 

3.6.1.3.  Extensions

This section describes the ordering of any mandatory and any optional Extensions that a mobile node appends to a Registration Request. This ordering is REQUIRED:

a.
The IP header, followed by the UDP header, followed by the fixed-length portion of the Registration Request, followed by
b.
If present, any non-authentication Extensions expected to be used by the home agent or other authorizing agent (which may or may not also be useful to the foreign agent), followed by
c.
All authorization-enabling extensions (see Section 1.6 (Terminology)), followed by
d.
If present, any non-authentication Extensions used only by the foreign agent, followed by
e.
The Mobile-Foreign Authentication Extension, if present.

Note that items (a) and (c) MUST appear in every Registration Request sent by the mobile node. Items (b), (d), and (e) are optional. However, item (e) MUST be included when the mobile node and the foreign agent share a mobility security association.



 TOC 

3.6.2.  Receiving Registration Replies

Registration Replies will be received by the mobile node in response to its Registration Requests. Registration Replies generally fall into three categories:

The remainder of this section describes the Registration Reply handling by a mobile node in each of these three categories.



 TOC 

3.6.2.1.  Validity Checks

Registration Replies with an invalid, non-zero UDP checksum MUST be silently discarded.

In addition, the low-order 32 bits of the Identification field in the Registration Reply MUST be compared to the low-order 32 bits of the Identification field in the most recent Registration Request sent to the replying agent. If they do not match, the Reply MUST be silently discarded.

Also, the Registration Reply MUST be checked for presence of an authorization-enabling extension. For all Registration Reply messages containing a Status Code indicating status from the Home Agent, the mobile node MUST check for the presence of an authorization-enabling extension, acting in accordance with the Code field in the Reply. The rules are as follows:

a.
If the mobile node and the foreign agent share a mobility security association, exactly one Mobile-Foreign Authentication Extension MUST be present in the Registration Reply, and the mobile node MUST check the Authenticator value in the Extension. If no Mobile-Foreign Authentication Extension is found, or if more than one Mobile-Foreign Authentication Extension is found, or if the Authenticator is invalid, the mobile node MUST silently discard the Reply and SHOULD log the event as a security exception.
b.
If the Code field indicates that service is denied by the home agent, or if the Code field indicates that the registration was accepted by the home agent, exactly one Mobile-Home Authentication Extension MUST be present in the Registration Reply, and the mobile node MUST check the Authenticator value in the Extension. If the Registration Reply was generated by the home agent but no Mobile-Home Authentication Extension is found, or if more than one Mobile-Home Authentication Extension is found, or if the Authenticator is invalid, the mobile node MUST silently discard the Reply and SHOULD log the event as a security exception.

If the Code field indicates an authentication failure, either at the foreign agent or the home agent, then it is quite possible that any authenticators in the Registration Reply will also be in error. This could happen, for example, if the shared secret between the mobile node and home agent was erroneously configured. The mobile node SHOULD log such errors as security exceptions.



 TOC 

3.6.2.2.  Registration Request Accepted

If the Code field indicates that the request has been accepted, the mobile node SHOULD configure its routing table appropriately for its current point of attachment (Section 4.2.1 (Mobile Node Considerations)).

If the mobile node is returning to its home network and that network is one which implements ARP, the mobile node MUST follow the procedures described in Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP) with regard to ARP, proxy ARP, and gratuitous ARP.

If the mobile node has registered on a foreign network, it SHOULD re-register before the expiration of the Lifetime of its registration. As described in Section 3.6 (Mobile Node Considerations), for each pending Registration Request, the mobile node MUST maintain the remaining lifetime of this pending registration, as well as the original Lifetime from the Registration Request. When the mobile node receives a valid Registration Reply, the mobile node MUST decrease its view of the remaining lifetime of the registration by the amount by which the home agent decreased the originally requested Lifetime. This procedure is equivalent to the mobile node starting a timer for the granted Lifetime at the time it sent the Registration Request, even though the granted Lifetime is not known to the mobile node until the Registration Reply is received. Since the Registration Request is certainly sent before the home agent begins timing the registration Lifetime (also based on the granted Lifetime), this procedure ensures that the mobile node will re-register before the home agent expires and deletes the registration, in spite of possibly non-negligible transmission delays for the original Registration Request and Reply that started the timing of the Lifetime at the mobile node and its home agent.



 TOC 

3.6.2.3.  Registration Request Denied

If the Code field indicates that service is being denied, the mobile node SHOULD log the error. In certain cases the mobile node may be able to "repair" the error. These include:

Code 69: (Denied by foreign agent, Lifetime too long)

In this case, the Lifetime field in the Registration Reply will contain the maximum Lifetime value which that foreign agent is willing to accept in any Registration Request. The mobile node MAY attempt to register with this same agent, using a Lifetime in the Registration Request that MUST be less than or equal to the value specified in the Reply.
Code 133: (Denied by home agent, Identification mismatch)

In this case, the Identification field in the Registration Reply will contain a value that allows the mobile node to synchronize with the home agent, based upon the style of replay protection in effect (Section 5.7 (Replay Protection for Registration Requests)). The mobile node MUST adjust the parameters it uses to compute the Identification field based upon the information in the Registration Reply, before issuing any future Registration Requests.
Code 136: (Denied by home agent, Unknown home agent address)

This code is returned by a home agent when the mobile node is performing dynamic home agent address resolution as described in Section 3.6.1.1 (IP Fields) and Section 3.6.1.2 (Registration Request Fields). In this case, the Home Agent field within the Reply will contain the unicast IP address of the home agent returning the Reply. The mobile node MAY then attempt to register with this home agent in future Registration Requests. In addition, the mobile node SHOULD adjust the parameters it uses to compute the Identification field based upon the corresponding field in the Registration Reply, before issuing any future Registration Requests.


 TOC 

3.6.3.  Registration Retransmission

When no Registration Reply has been received within a reasonable time, another Registration Request MAY be transmitted. When timestamps are used, a new registration Identification is chosen for each retransmission; thus it counts as a new registration. When nonces are used, the unanswered Request is retransmitted unchanged; thus the retransmission does not count as a new registration (Section 5.7 (Replay Protection for Registration Requests)). In this way a retransmission will not require the home agent to resynchronize with the mobile node by issuing another nonce in the case in which the original Registration Request (rather than its Registration Reply) was lost by the network.

The maximum time until a new Registration Request is sent SHOULD be no greater than the requested Lifetime of the Registration Request. The minimum value SHOULD be large enough to account for the size of the messages, twice the round trip time for transmission to the home agent, and at least an additional 100 milliseconds to allow for processing the messages before responding. The round trip time for transmission to the home agent will be at least as large as the time required to transmit the messages at the link speed of the mobile node's current point of attachment. Some circuits add another 200 milliseconds of satellite delay in the total round trip time to the home agent. The minimum time between Registration Requests MUST NOT be less than 1 second. Each successive retransmission timeout period SHOULD be at least twice the previous period, as long as that is less than the maximum as specified above.



 TOC 

3.7.  Foreign Agent Considerations

The foreign agent plays a mostly passive role in Mobile IP registration. It relays Registration Requests between mobile nodes and home agents, and, when it provides the care-of address, decapsulates datagrams for delivery to the mobile node. It SHOULD also send periodic Agent Advertisement messages to advertise its presence as described in Section 2.3 (Foreign Agent and Home Agent Considerations), if not detectable by link-layer means.

A foreign agent MUST NOT transmit a Registration Request except when relaying a Registration Request received from a mobile node, to the mobile node's home agent. A foreign agent MUST NOT transmit a Registration Reply except when relaying a Registration Reply received from a mobile node's home agent, or when replying to a Registration Request received from a mobile node in the case in which the foreign agent is denying service to the mobile node. In particular, a foreign agent MUST NOT generate a Registration Request or Reply because a mobile node's registration Lifetime has expired. A foreign agent also MUST NOT originate a Registration Request message that asks for deregistration of a mobile node; however, it MUST relay well-formed (de)Registration Requests originated by a mobile node.



 TOC 

3.7.1.  Configuration and Registration Tables

Each foreign agent MUST be configured with a care-of address. In addition, for each pending or current registration the foreign agent MUST maintain a visitor list entry containing the following information obtained from the mobile node's Registration Request:

If there is an NAI extension in the Registration Request message (often, for example, when the mobile node's Home Address is zero), then the foreign agent MUST follow the procedures specified in RFC 2794 [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.). In particular, if the foreign agent cannot manage pending registration request records with such a zero Home Address for the mobile node, the foreign agent MUST return a Registration Reply with Code indicating NONZERO_HOMEADDR_REQD (see [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.)).

The foreign agent MAY configure a maximum number of pending registrations that it is willing to maintain (typically 5). Additional registrations SHOULD then be rejected by the foreign agent with code 66. The foreign agent MAY delete any pending Registration Request after the request has been pending for more than 7 seconds; in this case, the foreign agent SHOULD reject the Request with code 78 (registration timeout).

As with any node on the Internet, a foreign agent MAY also share mobility security associations with any other nodes. When relaying a Registration Request from a mobile node to its home agent, if the foreign agent shares a mobility security association with the home agent, it MUST add a Foreign-Home Authentication Extension to the Request. In this case, when the Registration Reply has nonzero lifetime, the foreign agent MUST check the required Foreign-Home Authentication Extension in the Registration Reply from the home agent (Section 3.3 (Registration Request) and Section 3.4 (Registration Reply)). Similarly, when receiving a Registration Request from a mobile node, if the foreign agent shares a mobility security association with the mobile node, it MUST check the required Mobile-Foreign Authentication Extension in the Request and MUST add a Mobile-Foreign Authentication Extension to the Registration Reply to the mobile node.



 TOC 

3.7.2.  Receiving Registration Requests

If the foreign agent accepts a Registration Request from a mobile node, it checks to make sure that the indicated home agent address does not belong to any network interface of the foreign agent. If not, the foreign agent then MUST relay the Request to the indicated home agent. Otherwise, if the foreign agent denies the Request, it MUST send a Registration Reply to the mobile node with an appropriate denial Code, except in cases where the foreign agent would be required to send out more than one such denial per second to the same mobile node. The following sections describe this behavior in more detail.

If the foreign agent has configured one of its network interfaces with the IP address specified by the mobile node as its home agent address, the foreign agent MUST NOT forward the request again. If the foreign agent serves the mobile node as a home agent, the foreign agent follows the procedures specified in Section 3.8.2 (Receiving Registration Requests). Otherwise, if the foreign agent does not serve the mobile node as a home agent, the foreign agent rejects the Registration Request with code TBD-IANA (Invalid Home Agent Address).

If a foreign agent receives a Registration Request from a mobile node in its visitor list, the existing visitor list entry for the mobile node SHOULD NOT be deleted or modified until the foreign agent receives a valid Registration Reply from the home agent with a Code indicating success. The foreign agent MUST record the new pending Request as a separate part of the existing visitor list entry for the mobile node. If the Registration Request requests deregistration, the existing visitor list entry for the mobile node SHOULD NOT be deleted until the foreign agent has received a successful Registration Reply. If the Registration Reply indicates that the Request (for registration or deregistration) was denied by the home agent, the existing visitor list entry for the mobile node MUST NOT be modified as a result of receiving the Registration Reply.



 TOC 

3.7.2.1.  Validity Checks

Registration Requests with an invalid, non-zero UDP checksum MUST be silently discarded. Requests with non-zero bits in reserved fields MUST be rejected with code 70 (poorly formed request). Requests with the 'D' bit set to 0, nonzero lifetime, and specifying a care-of address not offered by the foreign agent, MUST be rejected with code 77 (invalid care-of address).

Also, the authentication in the Registration Request MUST be checked. If the foreign agent and the mobile node share a mobility security association, exactly one Mobile-Foreign Authentication Extension MUST be present in the Registration Request, and the foreign agent MUST check the Authenticator value in the Extension. If no Mobile-Foreign Authentication Extension is found, or if more than one Mobile-Foreign Authentication Extension is found, or if the Authenticator is invalid, the foreign agent MUST silently discard the Request and SHOULD log the event as a security exception. The foreign agent also SHOULD send a Registration Reply to the mobile node with Code 67.



 TOC 

3.7.2.2.  Forwarding a Valid Request to the Home Agent

If the foreign agent accepts the mobile node's Registration Request, it MUST relay the Request to the mobile node's home agent as specified in the Home Agent field of the Registration Request. The foreign agent MUST NOT modify any of the fields beginning with the fixed portion of the Registration Request up through and including the Mobile-Home Authentication Extension or other authentication extension supplied by the mobile node as an authorization-enabling extension for the home agent. Otherwise, an authentication failure is very likely to occur at the home agent. In addition, the foreign agent proceeds as follows:

Specific fields within the IP header and the UDP header of the relayed Registration Request MUST be set as follows:

IP Source Address

The care-of address offered by the foreign agent for the mobile node sending the Registration Request.
IP Destination Address

Copied from the Home Agent field within the Registration Request.
UDP Source Port

variable
UDP Destination Port

434

After forwarding a valid Registration Request to the home agent, the foreign agent MUST begin timing the remaining lifetime of the pending registration based on the Lifetime in the Registration Request. If this lifetime expires before receiving a valid Registration Reply, the foreign agent MUST delete its visitor list entry for this pending registration.



 TOC 

3.7.2.3.  Denying Invalid Requests

If the foreign agent denies the mobile node's Registration Request for any reason, it SHOULD send the mobile node a Registration Reply with a suitable denial Code. In such a case, the Home Address, Home Agent, and Identification fields within the Registration Reply are copied from the corresponding fields of the Registration Request.

If the Reserved field is nonzero, the foreign agent MUST deny the Request and SHOULD return a Registration Reply with status code 70 to the mobile node. If the Request is being denied because the requested Lifetime is too long, the foreign agent sets the Lifetime in the Reply to the maximum Lifetime value it is willing to accept in any Registration Request, and sets the Code field to 69. Otherwise, the Lifetime SHOULD be copied from the Lifetime field in the Request.

Specific fields within the IP header and the UDP header of the Registration Reply MUST be set as follows:

IP Source Address

Copied from the IP Destination Address of Registration Request, unless the "All Agents Multicast" address was used. In this case, the foreign agent's address (on the interface from which the message will be sent) MUST be used.
IP Destination Address

If the Registration Reply is generated by the Foreign Agent in order to reject a mobile node's Registration Request, and the Registration Request contains a Home Address which is not 0.0.0.0, then the IP Destination Address is copied from the Home Address field of the Registration Request. Otherwise, if the Registration Reply is received from the Home Agent, and contains a Home Address which is not 0.0.0.0, then the IP Destination Address is copied from the Home Address field of the Registration Reply. Otherwise, the IP Destination Address of the Registration Reply is set to be 255.255.255.255.
UDP Source Port

434
UDP Destination Port

Copied from the UDP Source Port of the Registration Request.


 TOC 

3.7.3.  Receiving Registration Replies

The foreign agent updates its visitor list when it receives a valid Registration Reply from a home agent. It then relays the Registration Reply to the mobile node. The following sections describe this behavior in more detail.

If upon relaying a Registration Request to a home agent, the foreign agent receives an ICMP error message instead of a Registration Reply, then the foreign agent SHOULD send to the mobile node a Registration Reply with an appropriate "Home Agent Unreachable" failure Code (within the range 80-95, inclusive). See Section 3.7.2.3 (Denying Invalid Requests) for details on building the Registration Reply.



 TOC 

3.7.3.1.  Validity Checks

Registration Replies with an invalid, non-zero UDP checksum MUST be silently discarded.

When a foreign agent receives a Registration Reply message, it MUST search its visitor list for a pending Registration Request with the same mobile node home address as indicated in the Reply. If there are multiple entries with the same home address, and if the Registration Reply has the Mobile Node NAI extension [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.), the foreign agent MUST use the NAI to disambiguate the pending Registration Requests with the same home address. If no matching pending Request is found, and if the Registration Reply does not correspond with any pending Registration Request with a zero mobile node home address (see Section 3.7.1 (Configuration and Registration Tables)), the foreign agent MUST silently discard the Reply. The foreign agent MUST also silently discard the Reply if the low-order 32 bits of the Identification field in the Reply do not match those in the Request.

Also, the authentication in the Registration Reply MUST be checked. If the foreign agent and the home agent share a mobility security association, exactly one Foreign-Home Authentication Extension MUST be present in the Registration Reply, and the foreign agent MUST check the Authenticator value in the Extension. If no Foreign-Home Authentication Extension is found, or if more than one Foreign-Home Authentication Extension is found, or if the Authenticator is invalid, the foreign agent MUST silently discard the Reply and SHOULD log the event as a security exception. The foreign agent also MUST reject the mobile node's registration and SHOULD send a Registration Reply to the mobile node with Code 68.



 TOC 

3.7.3.2.  Forwarding Replies to the Mobile Node

A Registration Reply which satisfies the validity checks of Section 3.8.2.1 (Validity Checks) is relayed to the mobile node. The foreign agent MUST also update its visitor list entry for the mobile node to reflect the results of the Registration Request, as indicated by the Code field in the Reply. If the Code indicates that the home agent has accepted the registration and the Lifetime field is nonzero, the foreign agent SHOULD set the Lifetime in the visitor list entry to the minimum of the following two values:

If, instead, the Code indicates that the Lifetime field is zero, the foreign agent MUST delete its visitor list entry for the mobile node. Finally, if the Code indicates that the registration was denied by the home agent, the foreign agent MUST delete its pending registration list entry, but not its visitor list entry, for the mobile node.

The foreign agent MUST NOT modify any of the fields beginning with the fixed portion of the Registration Reply up through and including the Mobile-Home Authentication Extension. Otherwise, an authentication failure is very likely to occur at the mobile node. In addition, the foreign agent SHOULD perform the following additional procedures:

Specific fields within the IP header and the UDP header of the relayed Registration Reply are set according to the same rules specified in Section 3.7.2.3 (Denying Invalid Requests).

After forwarding a valid Registration Reply to the mobile node, the foreign agent MUST update its visitor list entry for this registration as follows. If the Registration Reply indicates that the registration was accepted by the home agent, the foreign agent resets its timer of the lifetime of the registration to the Lifetime granted in the Registration Reply; unlike the mobile node's timing of the registration lifetime as described in Section 3.6.2.2 (Registration Request Accepted), the foreign agent considers this lifetime to begin when it forwards the Registration Reply message, ensuring that the foreign agent will not expire the registration before the mobile node does. On the other hand, if the Registration Reply indicates that the registration was rejected by the home agent, the foreign agent deletes its visitor list entry for this attempted registration.



 TOC 

3.8.  Home Agent Considerations

Home agents play a reactive role in the registration process. The home agent receives Registration Requests from the mobile node (perhaps relayed by a foreign agent), updates its record of the mobility bindings for this mobile node, and issues a suitable Registration Reply in response to each.

A home agent MUST NOT transmit a Registration Reply except when replying to a Registration Request received from a mobile node. In particular, the home agent MUST NOT generate a Registration Reply to indicate that the Lifetime has expired.



 TOC 

3.8.1.  Configuration and Registration Tables

Each home agent MUST be configured with an IP address and with the prefix size for the home network. The home agent MUST be configured with the mobility security association of each authorized mobile node that it is serving as a home agent.

When the home agent accepts a valid Registration Request from a mobile node that it serves as a home agent, the home agent MUST create or modify the entry for this mobile node in its mobility binding list containing:

The home agent MAY optionally offer the capability to dynamically associate a home address to a mobile node upon receiving a Registration Request from that mobile node. The method by which a home address is allocated to the mobile node is beyond the scope of this document, but see [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.). After the home agent makes the association of the home address to the mobile node, the home agent MUST put that home address into the Home Address field of the Registration Reply.

The home agent MAY also maintain mobility security associations with various foreign agents. When receiving a Registration Request from a foreign agent, if the home agent shares a mobility security association with the foreign agent, the home agent MUST check the Authenticator in the required Foreign-Home Authentication Extension in the message, based on this mobility security association, unless the Lifetime field equals 0. When processing a Registration Request with Lifetime=0, the HA MAY skip checking for the presence and validity of a Foreign-Home Authentication Extension. Similarly, when sending a Registration Reply to a foreign agent, if the home agent shares a mobility security association with the foreign agent, the home agent MUST include a Foreign-Home Authentication Extension in the message, based on this mobility security association.



 TOC 

3.8.2.  Receiving Registration Requests

If the home agent accepts an incoming Registration Request, it MUST update its record of the the mobile node's mobility binding(s) and SHOULD send a Registration Reply with a suitable Code. Otherwise (the home agent has denied the Request), it SHOULD in most cases send a Registration Reply with an appropriate Code specifying the reason the Request was denied. The following sections describe this behavior in more detail. If the home agent does not support broadcasts (see Section 4.3 (Broadcast Datagrams)), it MUST ignore the 'B' bit (as opposed to rejecting the Registration Request).



 TOC 

3.8.2.1.  Validity Checks

Registration Requests with an invalid, non-zero UDP checksum MUST be silently discarded by the home agent.

The authentication in the Registration Request MUST be checked. This involves the following operations:

a.
The home agent MUST check for the presence of at least one authorization-enabling extension, and ensure that all indicated authentications are carried out. At least one authorization-enabling extension MUST be present in the Registration Request; and the home agent MUST either check the Authenticator value in the extension or verify that the authenticator value has been checked by another agent with which it has a security association.
If the home agent receives a Registration Request from a Mobile Node with which it does not have any security association, the home agent MUST silently discard the Registration Request.

If the home agent receives a Registration Request without any authorization-enabling extension, the home agent MUST silently discard the Registration Request.

If the Authenticator is invalid, the home agent MUST reject the mobile node's registration. Further action to be taken in this case depends upon whether the Request has a valid Foreign-Home authentication extension (as follows):
  • If there is a valid Foreign-Home authentication extension, the home agent MUST send a Registration Reply with Code 131.
  • Otherwise, if there is no Foreign-Home security association, the home agent MAY send a Registration Reply to the mobile node with Code 131. The home agent MUST then discard the Request and SHOULD log the error as a security exception.
b.
The home agent MUST check that the registration Identification field is correct using the context selected by the SPI within the authorization-enabling extension that the home agent used to authenticate the Mobile Node's Registration Request. See Section 5.7 (Replay Protection for Registration Requests) for a description of how this is performed. If incorrect, the home agent MUST reject the Request and SHOULD send a Registration Reply to the mobile node with Code 133, including an Identification field computed in accordance with the rules specified in Section 5.7 (Replay Protection for Registration Requests). The home agent MUST do no further processing with such a Request, though it SHOULD log the error as a security exception.
c.
If the home agent shares a mobility security association with the foreign agent, and this is a registration request (has non-zero lifetime), the home agent MUST check for the presence of a valid Foreign-Home Authentication Extension. Exactly one Foreign-Home Authentication Extension MUST be present in the Registration Request in this case, and the home agent MUST check the Authenticator value in the Extension. If no Foreign-Home Authentication Extension is found, or if more than one Foreign-Home Authentication Extension is found, or if the Authenticator is invalid, the home agent MUST reject the mobile node's registration and SHOULD send a Registration Reply to the mobile node with Code 132. The home agent MUST then discard the Request and SHOULD log the error as a security exception.
d.
If the home agent and the foreign agent do not share a mobility security association, and the Registration contains a Foreign-Home Authentication Extension, the home agent MUST discard the Request and SHOULD log the error as a security exception.

In addition to checking the authentication in the Registration Request, home agents MUST deny Registration Requests that are sent to the subnet-directed broadcast address of the home network (as opposed to being unicast to the home agent). The home agent MUST discard the Request and SHOULD returning a Registration Reply with a Code of 136. In this case, the Registration Reply will contain the home agent's unicast address, so that the mobile node can re-issue the Registration Request with the correct home agent address.

Note that some routers change the IP destination address of a datagram from a subnet-directed broadcast address to 255.255.255.255 before injecting it into the destination subnet. In this case, home agents that attempt to pick up dynamic home agent discovery requests by binding a socket explicitly to the subnet-directed broadcast address will not see such packets. Home agent implementors should be prepared for both the subnet-directed broadcast address and 255.255.255.255 if they wish to support dynamic home agent discovery.



 TOC 

3.8.2.2.  Accepting a Valid Request

If the Registration Request satisfies the validity checks in Section 3.8.2.1 (Validity Checks), and the home agent is able to accommodate the Request, the home agent MUST update its mobility binding list for the requesting mobile node and MUST return a Registration Reply to the mobile node. In this case, the Reply Code will be either 0 if the home agent supports simultaneous mobility bindings, or 1 if it does not. See Section 3.8.3 (Sending Registration Replies) for details on building the Registration Reply message.

The home agent updates its record of the mobile node's mobility bindings as follows, based on the fields in the Registration Request:

In all cases, the home agent MUST send a Registration Reply to the source of the Registration Request, which might indeed be a different foreign agent than that whose care-of address is being (de)registered. If the home agent shares a mobility security association with the foreign agent whose care-of address is being deregistered, and that foreign agent is different from the one which relayed the Registration Request, the home agent MAY additionally send a Registration Reply to the foreign agent whose care-of address is being deregistered. The home agent MUST NOT send such a Reply if it does not share a mobility security association with the foreign agent. If no Reply is sent, the foreign agent's visitor list will expire naturally when the original Lifetime expires.

When a foreign agent relays a deregistration message containing a care-of address that it does not own, it MUST NOT add a Foreign-Home Authentication Extension to that deregistration. See Section 3.5.4 (Foreign-Home Authentication Extension) for more details.

The home agent MUST NOT increase the Lifetime above that specified by the mobile node in the Registration Request. However, it is not an error for the mobile node to request a Lifetime longer than the home agent is willing to accept. In this case, the home agent simply reduces the Lifetime to a permissible value and returns this value in the Registration Reply. The Lifetime value in the Registration Reply informs the mobile node of the granted lifetime of the registration, indicating when it SHOULD re-register in order to maintain continued service. After the expiration of this registration lifetime, the home agent MUST delete its entry for this registration in its mobility binding list.

If the Registration Request duplicates an accepted current Registration Request, the new Lifetime MUST NOT extend beyond the Lifetime originally granted. A Registration Request is a duplicate if the home address, care-of address, and Identification fields all equal those of an accepted current registration.

In addition, if the home network implements ARP [17] (Plummer, D., “Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware,” November 1982.), and the Registration Request asks the home agent to create a mobility binding for a mobile node which previously had no binding (the mobile node was previously assumed to be at home), then the home agent MUST follow the procedures described in Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP) with regard to ARP, proxy ARP, and gratuitous ARP. If the mobile node already had a previous mobility binding, the home agent MUST continue to follow the rules for proxy ARP described in Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP).



 TOC 

3.8.2.3.  Denying an Invalid Request

If the Registration Request does not satisfy all of the validity checks in Section 3.8.2.1 (Validity Checks), or the home agent is unable to accommodate the Request, the home agent SHOULD return a Registration Reply to the mobile node with a Code that indicates the reason for the error. If a foreign agent was involved in relaying the Request, this allows the foreign agent to delete its pending visitor list entry. Also, this informs the mobile node of the reason for the error such that it may attempt to fix the error and issue another Request.

This section lists a number of reasons the home agent might reject a Request, and provides the Code value it should use in each instance. See Section 3.8.3 (Sending Registration Replies) for additional details on building the Registration Reply message.

Many reasons for rejecting a registration are administrative in nature. For example, a home agent can limit the number of simultaneous registrations for a mobile node, by rejecting any registrations that would cause its limit to be exceeded, and returning a Registration Reply with error code 135. Similarly, a home agent may refuse to grant service to mobile nodes which have entered unauthorized service areas by returning a Registration Reply with a Code of 129.

Requests with non-zero bits in reserved fields MUST be rejected with code 134 (poorly formed request).



 TOC 

3.8.3.  Sending Registration Replies

If the home agent accepts a Registration Request, it then MUST update its record of the mobile node's mobility binding(s) and SHOULD send a Registration Reply with a suitable Code. Otherwise (the home agent has denied the Request), it it SHOULD in most cases send a Registration Reply with an appropriate Code specifying the reason the Request was denied. The following sections provide additional detail for the values the home agent MUST supply in the fields of Registration Reply messages.



 TOC 

3.8.3.1.  IP/UDP Fields

This section provides the specific rules by which home agents pick values for the IP and UDP header fields of a Registration Reply.

IP Source Address

Copied from the IP Destination Address of Registration Request, unless a multicast or broadcast address was used. If the IP Destination Address of the Registration Request was a broadcast or multicast address, the IP Source Address of the Registration Reply MUST be set to the home agent's (unicast) IP address.
IP Destination Address

Copied from the IP Source Address of the Registration Request.
UDP Source Port

Copied from the UDP Destination Port of the Registration Request.
UDP Destination Port

Copied from the UDP Source Port of the Registration Request.

When sending a Registration Reply in response to a Registration Request that requested deregistration of the mobile node (the Lifetime is zero and the Care-of Address equals the mobile node's home address) and in which the IP Source Address was also set to the mobile node's home address (this is the normal method used by a mobile node to deregister when it returns to its home network), the IP Destination Address in the Registration Reply will be set to the mobile node's home address, as copied from the IP Source Address of the Request.

In this case, when transmitting the Registration Reply, the home agent MUST transmit the Reply directly onto the home network as if the mobile node were at home, bypassing any mobility binding list entry that may still exist at the home agent for the destination mobile node. In particular, for a mobile node returning home after being registered with a care-of address, if the mobile node's new Registration Request is not accepted by the home agent, the mobility binding list entry for the mobile node will still indicate that datagrams addressed to the mobile node should be tunneled to the mobile node's registered care-of address; when sending the Registration Reply indicating the rejection of this Request, this existing binding list entry MUST be ignored, and the home agent MUST transmit this Reply as if the mobile node were at home.



 TOC 

3.8.3.2.  Registration Reply Fields

This section provides the specific rules by which home agents pick values for the fields within the fixed portion of a Registration Reply.

The Code field of the Registration Reply is chosen in accordance with the rules specified in the previous sections. When replying to an accepted registration, a home agent SHOULD respond with Code 1 if it does not support simultaneous registrations.

The Lifetime field MUST be copied from the corresponding field in the Registration Request, unless the requested value is greater than the maximum length of time the home agent is willing to provide the requested service. In such a case, the Lifetime MUST be set to the length of time that service will actually be provided by the home agent. This reduced Lifetime SHOULD be the maximum Lifetime allowed by the home agent (for this mobile node and care-of address).

If the Home Address field of the Registration Request is nonzero, it MUST be copied into the Home Address field of the Registration Reply message. If the Home Agent cannot support the specified nonzero unicast address in the Home Address field of the Registration Request, then the Home Agent MUST reject the Registration Request with an error code of 129.

Otherwise, if the Home Address field of the Registration Request is zero as specified in Section 3.6 (Mobile Node Considerations), the home agent SHOULD arrange for the selection of a home address for the mobile node, and insert the selected address into the Home Address field of the Registration Reply message. See [2] (Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” March 2000.) for further relevant details in the case where mobile nodes identify themselves using an NAI instead of their IP home address.

If the Home Agent field in the Registration Request contains a unicast address of this home agent, then that field MUST be copied into the Home Agent field of the Registration Reply. Otherwise, the home agent MUST set the Home Agent field in the Registration Reply to its unicast address. In this latter case, the home agent MUST reject the registration with a suitable code (e.g., Code 136) to prevent the mobile node from possibly being simultaneously registered with two or more home agents.



 TOC 

3.8.3.3.  Extensions

This section describes the ordering of any required and any optional Mobile IP Extensions that a home agent appends to a Registration Reply. The following ordering MUST be followed:

a.
The IP header, followed by the UDP header, followed by the fixed-length portion of the Registration Reply,
b.
If present, any non-authentication Extensions used by the mobile node (which may or may not also be used by the foreign agent),
c.
The Mobile-Home Authentication Extension,
d.
If present, any non-authentication Extensions used only by the foreign agent, and
e.
The Foreign-Home Authentication Extension, if present.

Note that items (a) and (c) MUST appear in every Registration Reply sent by the home agent. Items (b), (d), and (e) are optional. However, item (e) MUST be included when the home agent and the foreign agent share a mobility security association.



 TOC 

4.  Routing Considerations

This section describes how mobile nodes, home agents, and (possibly) foreign agents cooperate to route datagrams to/from mobile nodes that are connected to a foreign network. The mobile node informs its home agent of its current location using the registration procedure described in Section 3 (Registration). See the protocol overview in Section 1.7 (Protocol Overview) for the relative locations of the mobile node's home address with respect to its home agent, and the mobile node itself with respect to any foreign agent with which it might attempt to register.



 TOC 

4.1.  Encapsulation Types

Home agents and foreign agents MUST support tunneling datagrams using IP in IP encapsulation [15] (Perkins, C., “IP Encapsulation within IP,” October 1996.). Any mobile node that uses a co-located care-of address MUST support receiving datagrams tunneled using IP in IP encapsulation. Minimal encapsulation [16] (Perkins, C., “Minimal Encapsulation within IP,” October 1996.) and GRE encapsulation [13] (Farinacci, D., Li, T., Hanks, S., Meyer, D., and P. Traina, “Generic Routing Encapsulation (GRE),” March 2000.) are alternate encapsulation methods which MAY optionally be supported by mobility agents and mobile nodes. The use of these alternative forms of encapsulation, when requested by the mobile node, is otherwise at the discretion of the home agent.



 TOC 

4.2.  Unicast Datagram Routing



 TOC 

4.2.1.  Mobile Node Considerations

When connected to its home network, a mobile node operates without the support of mobility services. That is, it operates in the same way as any other (fixed) host or router. The method by which a mobile node selects a default router when connected to its home network, or when away from home and using a co-located care-of address, is outside the scope of this document. ICMP Router Advertisement [5] (Deering, S., “ICMP Router Discovery Messages,” September 1991.) is one such method.

When registered on a foreign network, the mobile node chooses a default router by the following rules:

While they are away from the home network, mobile nodes MUST NOT broadcast ARP packets to find the MAC address of another Internet node. Thus, the (possibly empty) list of Router Addresses from the ICMP Router Advertisement portion of the message is not useful for selecting a default router, unless the mobile node has some means not involving broadcast ARP and not specified within this document for obtaining the MAC address of one of the routers in the list. Similarly, in the absence of unspecified mechanisms for obtaining MAC addresses on foreign networks, the mobile node MUST ignore redirects to other routers on foreign networks.



 TOC 

4.2.2.  Foreign Agent Considerations

Upon receipt of an encapsulated datagram sent to its advertised care-of address, a foreign agent MUST compare the inner destination address to those entries in its visitor list. When the destination does not match the address of any mobile node currently in the visitor list, the foreign agent MUST NOT forward the datagram without modifications to the original IP header, because otherwise a routing loop is likely to result. The datagram SHOULD be silently discarded. ICMP Destination Unreachable MUST NOT be sent when a foreign agent is unable to forward an incoming tunneled datagram. Otherwise, the foreign agent forwards the decapsulated datagram to the mobile node.

The foreign agent MUST NOT advertise to other routers in its routing domain, nor to any other mobile node, the presence of a mobile router (Section 4.5 (Mobile Routers)) or mobile node in its visitor list.

The foreign agent MUST route datagrams it receives from registered mobile nodes. At a minimum, this means that the foreign agent must verify the IP Header Checksum, decrement the IP Time To Live, recompute the IP Header Checksum, and forward such datagrams to a default router.

A foreign agent MUST NOT use broadcast ARP for a mobile node's MAC address on a foreign network. It may obtain the MAC address by copying the information from an Agent Solicitation or a Registration Request transmitted from a mobile node. A foreign agent's ARP cache for the mobile node's IP address MUST NOT be allowed to expire before the mobile node's visitor list entry expires, unless the foreign agent has some way other than broadcast ARP to refresh its MAC address associated with the mobile node's IP address.

Each foreign agent SHOULD support the mandatory features for reverse tunneling [12] (Montenegro, G., “Reverse Tunneling for Mobile IP, revised,” January 2001.).



 TOC 

4.2.3.  Home Agent Considerations

The home agent MUST be able to intercept any datagrams on the home network addressed to the mobile node while the mobile node is registered away from home. Proxy and gratuitous ARP MAY be used in enabling this interception, as specified in Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP).

The home agent must examine the IP Destination Address of all arriving datagrams to see if it is equal to the home address of any of its mobile nodes registered away from home. If so, the home agent tunnels the datagram to the mobile node's currently registered care-of address or addresses. If the home agent supports the optional capability of multiple simultaneous mobility bindings, it tunnels a copy to each care-of address in the mobile node's mobility binding list. If the mobile node has no current mobility bindings, the home agent MUST NOT attempt to intercept datagrams destined for the mobile node, and thus will not in general receive such datagrams. However, if the home agent is also a router handling common IP traffic, it is possible that it will receive such datagrams for forwarding onto the home network. In this case, the home agent MUST assume the mobile node is at home and simply forward the datagram directly onto the home network.

For multihomed home agents, the source address in the outer IP header of the encapsulated datagram MUST be the address sent to the mobile node in the home agent field of the registration reply. That is, the home agent cannot use the the address of some other network interface as the source address.

See Section 4.1 (Encapsulation Types) regarding methods of encapsulation that may be used for tunneling. Nodes implementing tunneling SHOULD also implement the "tunnel soft state" mechanism [15] (Perkins, C., “IP Encapsulation within IP,” October 1996.), which allows ICMP error messages returned from the tunnel to correctly be reflected back to the original senders of the tunneled datagrams.

Home agents MUST decapsulate packets addressed to themselves, sent by a mobile node for the purpose of maintaining location privacy, as described in Section 5.5 (Privacy). This feature is also required for support of reverse tunneling [12] (Montenegro, G., “Reverse Tunneling for Mobile IP, revised,” January 2001.).

If the Lifetime for a given mobility binding expires before the home agent has received another valid Registration Request for that mobile node, then that binding is deleted from the mobility binding list. The home agent MUST NOT send any Registration Reply message simply because the mobile node's binding has expired. The entry in the visitor list of the mobile node's current foreign agent will expire naturally, probably at the same time as the binding expired at the home agent. When a mobility binding's lifetime expires, the home agent MUST delete the binding, but it MUST retain any other (non-expired) simultaneous mobility bindings that it holds for the mobile node.

When a home agent receives a datagram, intercepted for one of its mobile nodes registered away from home, the home agent MUST examine the datagram to check if it is already encapsulated. If so, special rules apply in the forwarding of that datagram to the mobile node:



 TOC 

4.3.  Broadcast Datagrams

When a home agent receives a broadcast datagram, it MUST NOT forward the datagram to any mobile nodes in its mobility binding list other than those that have requested forwarding of broadcast datagrams. A mobile node MAY request forwarding of broadcast datagrams by setting the 'B' bit in its Registration Request message (Section 3.3 (Registration Request)). For each such registered mobile node, the home agent SHOULD forward received broadcast datagrams to the mobile node, although it is a matter of configuration at the home agent as to which specific categories of broadcast datagrams will be forwarded to such mobile nodes.

If the 'D' bit was set in the mobile node's Registration Request message, indicating that the mobile node is using a co-located care-of address, the home agent simply tunnels appropriate broadcast IP datagrams to the mobile node's care-of address. Otherwise (the 'D' bit was NOT set), the home agent first encapsulates the broadcast datagram in a unicast datagram addressed to the mobile node's home address, and then tunnels this encapsulated datagram to the foreign agent. This extra level of encapsulation is required so that the foreign agent can determine which mobile node should receive the datagram after it is decapsulated. When received by the foreign agent, the unicast encapsulated datagram is detunneled and delivered to the mobile node in the same way as any other datagram. In either case, the mobile node must decapsulate the datagram it receives in order to recover the original broadcast datagram.



 TOC 

4.4.  Multicast Datagram Routing

As mentioned previously, a mobile node that is connected to its home network functions in the same way as any other (fixed) host or router. Thus, when it is at home, a mobile node functions identically to other multicast senders and receivers. This section therefore describes the behavior of a mobile node that is visiting a foreign network.

In order to receive multicasts, a mobile node MUST join the multicast group in one of two ways. First, a mobile node MAY join the group via a (local) multicast router on the visited subnet. This option assumes that there is a multicast router present on the visited subnet. If the mobile node is using a co-located care-of address, it SHOULD use this address as the source IP address of its IGMP [6] (Deering, S., “Host extensions for IP multicasting,” August 1989.) messages. Otherwise, it MAY use its home address.

Alternatively, a mobile node which wishes to receive multicasts MAY join groups via a bi-directional tunnel to its home agent, assuming that its home agent is a multicast router. The mobile node tunnels IGMP messages to its home agent and the home agent forwards multicast datagrams down the tunnel to the mobile node. For packets tunneled to the home agent, the source address in the IP header SHOULD be the mobile node's home address.

The rules for multicast datagram delivery to mobile nodes in this case are identical to those for broadcast datagrams (Section 4.3 (Broadcast Datagrams)). Namely, if the mobile node is using a co-located care-of address (the 'D' bit was set in the mobile node's Registration Request), then the home agent SHOULD tunnel the datagram to this care-of address; otherwise, the home agent MUST first encapsulate the datagram in a unicast datagram addressed to the mobile node's home address and then MUST tunnel the resulting datagram (nested tunneling) to the mobile node's care-of address. For this reason, the mobile node MUST be capable of decapsulating packets sent to its home address in order to receive multicast datagrams using this method.

A mobile node that wishes to send datagrams to a multicast group also has two options: (1) send directly on the visited network; or (2) send via a tunnel to its home agent. Because multicast routing in general depends upon the IP source address, a mobile node which sends multicast datagrams directly on the visited network MUST use a co-located care-of address as the IP source address. Similarly, a mobile node which tunnels a multicast datagram to its home agent MUST use its home address as the IP source address of both the (inner) multicast datagram and the (outer) encapsulating datagram. This second option assumes that the home agent is a multicast router.



 TOC 

4.5.  Mobile Routers

A mobile node can be a router that is responsible for the mobility of one or more entire networks moving together, perhaps on an airplane, a ship, a train, an automobile, a bicycle, or a kayak. The nodes connected to a network served by the mobile router may themselves be fixed nodes or mobile nodes or routers. In this document, such networks are called "mobile networks".

A mobile router MAY act as a foreign agent and provide a foreign agent care-of address to mobile nodes connected to the mobile network. Typical routing to a mobile node via a mobile router in this case is illustrated by the following example:

a.
A laptop computer is disconnected from its home network and later attached to a network port in the seat back of an aircraft. The laptop computer uses Mobile IP to register on this foreign network, using a foreign agent care-of address discovered through an Agent Advertisement from the aircraft's foreign agent.
b.
The aircraft network is itself mobile. Suppose the node serving as the foreign agent on the aircraft also serves as the default router that connects the aircraft network to the rest of the Internet. When the aircraft is at home, this router is attached to some fixed network at the airline's headquarters, which is the router's home network. While the aircraft is in flight, this router registers from time to time over its radio link with a series of foreign agents below it on the ground. This router's home agent is a node on the fixed network at the airline's headquarters.
c.
Some correspondent node sends a datagram to the laptop computer, addressing the datagram to the laptop's home address. This datagram is initially routed to the laptop's home network.
d.
The laptop's home agent intercepts the datagram on the home network and tunnels it to the laptop's care-of address, which in this example is an address of the node serving as router and foreign agent on the aircraft. Normal IP routing will route the datagram to the fixed network at the airline's headquarters.
e.
The aircraft router and foreign agent's home agent there intercepts the datagram and tunnels it to its current care-of address, which in this example is some foreign agent on the ground below the aircraft. The original datagram from the correspondent node has now been encapsulated twice: once by the laptop's home agent and again by the aircraft's home agent.
f.
The foreign agent on the ground decapsulates the datagram, yielding a datagram still encapsulated by the laptop's home agent, with a destination address of the laptop's care-of address. The ground foreign agent sends the resulting datagram over its radio link to the aircraft.
g.
The foreign agent on the aircraft decapsulates the datagram, yielding the original datagram from the correspondent node, with a destination address of the laptop's home address. The aircraft foreign agent delivers the datagram over the aircraft network to the laptop's link-layer address.

This example illustrated the case in which a mobile node is attached to a mobile network. That is, the mobile node is mobile with respect to the network, which itself is also mobile (here with respect to the ground). If, instead, the node is fixed with respect to the mobile network (the mobile network is the fixed node's home network), then either of two methods may be used to cause datagrams from correspondent nodes to be routed to the fixed node.

A home agent MAY be configured to have a permanent registration for the fixed node, that indicates the mobile router's address as the fixed host's care-of address. The mobile router's home agent will usually be used for this purpose. The home agent is then responsible for advertising connectivity using normal routing protocols to the fixed node. Any datagrams sent to the fixed node will thus use nested tunneling as described above.

Alternatively, the mobile router MAY advertise connectivity to the entire mobile network using normal IP routing protocols through a bi-directional tunnel to its own home agent. This method avoids the need for nested tunneling of datagrams.



 TOC 

4.6.  ARP, Proxy ARP, and Gratuitous ARP

The use of ARP [17] (Plummer, D., “Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware,” November 1982.) requires special rules for correct operation when wireless or mobile nodes are involved. The requirements specified in this section apply to all home networks in which ARP is used for address resolution.

In addition to the normal use of ARP for resolving a target node's link-layer address from its IP address, this document distinguishes two special uses of ARP:

While a mobile node is registered on a foreign network, its home agent uses proxy ARP [46] (Postel, J., “Multi-LAN address resolution,” October 1984.) to reply to ARP Requests it receives that seek the mobile node's link-layer address. When receiving an ARP Request, the home agent MUST examine the target IP address of the Request, and if this IP address matches the home address of any mobile node for which it has a registered mobility binding, the home agent MUST transmit an ARP Reply on behalf of the mobile node. After exchanging the sender and target addresses in the packet [46] (Postel, J., “Multi-LAN address resolution,” October 1984.), the home agent MUST set the sender link-layer address in the packet to the link-layer address of its own interface over which the Reply will be sent.

When a mobile node leaves its home network and registers a binding on a foreign network, its home agent uses gratuitous ARP to update the ARP caches of nodes on the home network. This causes such nodes to associate the link-layer address of the home agent with the mobile node's home (IP) address. When registering a binding for a mobile node for which the home agent previously had no binding (the mobile node was assumed to be at home), the home agent MUST transmit a gratuitous ARP on behalf of the mobile node. This gratuitous ARP packet MUST be transmitted as a broadcast packet on the link on which the mobile node's home address is located. Since broadcasts on the local link (such as Ethernet) are typically not guaranteed to be reliable, the gratuitous ARP packet SHOULD be retransmitted a small number of times to increase its reliability.

When a mobile node returns to its home network, the mobile node and its home agent use gratuitous ARP to cause all nodes on the mobile node's home network to update their ARP caches to once again associate the mobile node's own link-layer address with the mobile node's home (IP) address. Before transmitting the (de)Registration Request message to its home agent, the mobile node MUST transmit this gratuitous ARP on its home network as a local broadcast on this link. The gratuitous ARP packet SHOULD be retransmitted a small number of times to increase its reliability, but these retransmissions SHOULD proceed in parallel with the transmission and processing of its (de)Registration Request.

When the mobile node's home agent receives and accepts this (de)Registration Request, the home agent MUST also transmit a gratuitous ARP on the mobile node's home network. This gratuitous ARP also is used to associate the mobile node's home address with the mobile node's own link-layer address. A gratuitous ARP is transmitted by both the mobile node and its home agent, since in the case of wireless network interfaces, the area within transmission range of the mobile node will likely differ from that within range of its home agent. The ARP packet from the home agent MUST be transmitted as a local broadcast on the mobile node's home link, and SHOULD be retransmitted a small number of times to increase its reliability; these retransmissions, however, SHOULD proceed in parallel with the transmission and processing of its (de)Registration Reply.

While the mobile node is away from home, it MUST NOT transmit any broadcast ARP Request or ARP Reply messages. Finally, while the mobile node is away from home, it MUST NOT reply to ARP Requests in which the target IP address is its own home address unless the ARP Request is unicast by a foreign agent with which the mobile node is attempting to register or a foreign agent with which the mobile node has an unexpired registration. In the latter case, the mobile node MUST use a unicast ARP Reply to respond to the foreign agent. Note that if the mobile node is using a co-located care-of address and receives an ARP Request in which the target IP address is this care-of address, then the mobile node SHOULD reply to this ARP Request. Note also that, when transmitting a Registration Request on a foreign network, a mobile node may discover the link-layer address of a foreign agent by storing the address as it is received from the Agent Advertisement from that foreign agent, but not by transmitting a broadcast ARP Request message.

The specific order in which each of the above requirements for the use of ARP, proxy ARP, and gratuitous ARP are applied, relative to the transmission and processing of the mobile node's Registration Request and Registration Reply messages when leaving home or returning home, are important to the correct operation of the protocol.

To summarize the above requirements, when a mobile node leaves its home network, the following steps, in this order, MUST be performed:

When a mobile node later returns to its home network, the following steps, in this order, MUST be performed:



 TOC 

5.  Security Considerations

The mobile computing environment is potentially very different from the ordinary computing environment. In many cases, mobile computers will be connected to the network via wireless links. Such links are particularly vulnerable to passive eavesdropping, active replay attacks, and other active attacks.



 TOC 

5.1.  Message Authentication Codes

Home agents and mobile nodes MUST be able to perform authentication. The default algorithm is HMAC-MD5 [10] (Krawczyk, H., Bellare, M., and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” February 1997.), with a key size of 128 bits. The foreign agent MUST also support authentication using HMAC-MD5 and key sizes of 128 bits or greater, with manual key distribution. Keys with arbitrary binary values MUST be supported.

The "prefix+suffix" use of MD5 to protect data and a shared secret is considered vulnerable to attack by the cryptographic community. Where backward compatibility with existing Mobile IP implementations that use this mode is needed, new implementations SHOULD include keyed MD5 [20] (Rivest, R., “The MD5 Message-Digest Algorithm,” April 1992.) as one of the additional authentication algorithms for use when producing and verifying the authentication data that is supplied with Mobile IP registration messages, for instance in the extensions specified in Section 3.5.2 (Mobile-Home Authentication Extension), Section 3.5.3 (Mobile-Foreign Authentication Extension), and Section 3.5.4 (Foreign-Home Authentication Extension).

More authentication algorithms, algorithm modes, key distribution methods, and key sizes MAY also be supported for all of these extensions.



 TOC 

5.2.  Areas of Security Concern in this Protocol

The registration protocol described in this document will result in a mobile node's traffic being tunneled to its care-of address. This tunneling feature could be a significant vulnerability if the registration were not authenticated. Such remote redirection, for instance as performed by the mobile registration protocol, is widely understood to be a security problem in the current Internet if not authenticated [26] (Bellovin, S., “Security Problems in the TCP/IP Protocol Suite,” March 1989.). Moreover, the Address Resolution Protocol (ARP) is not authenticated, and can potentially be used to steal another host's traffic. The use of "Gratuitous ARP" (Section 4.6 (ARP, Proxy ARP, and Gratuitous ARP)) brings with it all of the risks associated with the use of ARP.



 TOC 

5.3.  Key Management

This specification requires a strong authentication mechanism (keyed MD5) which precludes many potential attacks based on the Mobile IP registration protocol. However, because key distribution is difficult in the absence of a network key management protocol, messages with the foreign agent are not all required to be authenticated. In a commercial environment it might be important to authenticate all messages between the foreign agent and the home agent, so that billing is possible, and service providers do not provide service to users that are not legitimate customers of that service provider.



 TOC 

5.4.  Picking Good Random Numbers

The strength of any authentication mechanism depends on several factors, including the innate strength of the authentication algorithm, the secrecy of the key used, the strength of the key used, and the quality of the particular implementation. This specification requires implementation of keyed MD5 for authentication, but does not preclude the use of other authentication algorithms and modes. For keyed MD5 authentication to be useful, the 128-bit key must be both secret (that is, known only to authorized parties) and pseudo-random. If nonces are used in connection with replay protection, they must also be selected carefully. Eastlake, et al. [8] (Eastlake, D., Schiller, J., and S. Crocker, “Randomness Requirements for Security,” June 2005.) provides more information on generating pseudo-random numbers.



 TOC 

5.5.  Privacy

Users who have sensitive data that they do not wish others to see should use mechanisms outside the scope of this document (such as encryption) to provide appropriate protection. Users concerned about traffic analysis should consider appropriate use of link encryption. If absolute location privacy is desired, the mobile node can create a tunnel to its home agent. Then, datagrams destined for correspondent nodes will appear to emanate from the home network, and it may be more difficult to pinpoint the location of the mobile node. Such mechanisms are all beyond the scope of this document.



 TOC 

5.6.  Ingress Filtering

Many routers implement security policies such as "ingress filtering" [31] (Ferguson, P. and D. Senie, “Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing,” May 2000.) that do not allow forwarding of packets that have a Source Address which appears topologically incorrect. In environments where this is a problem, mobile nodes may use reverse tunneling [12] (Montenegro, G., “Reverse Tunneling for Mobile IP, revised,” January 2001.) with the foreign agent supplied care-of address as the Source Address. Reverse tunneled packets will be able to pass normally through such routers, while ingress filtering rules will still be able to locate the true topological source of the packet in the same way as packets from non-mobile nodes.



 TOC 

5.7.  Replay Protection for Registration Requests

The Identification field is used to let the home agent verify that a registration message has been freshly generated by the mobile node, not replayed by an attacker from some previous registration. Two methods are described in this section: timestamps (mandatory) and "nonces" (optional). All mobile nodes and home agents MUST implement timestamp-based replay protection. These nodes MAY also implement nonce-based replay protection (but see Appendix A (Patent Issues)).

The style of replay protection in effect between a mobile node and its home agent is part of the mobile security association. A mobile node and its home agent MUST agree on which method of replay protection will be used. The interpretation of the Identification field depends on the method of replay protection as described in the subsequent subsections.

Whatever method is used, the low-order 32 bits of the Identification MUST be copied unchanged from the Registration Request to the Reply. The foreign agent uses those bits (and the mobile node's home address) to match Registration Requests with corresponding replies. The mobile node MUST verify that the low-order 32 bits of any Registration Reply are identical to the bits it sent in the Registration Request.

The Identification in a new Registration Request MUST NOT be the same as in an immediately preceding Request, and SHOULD NOT repeat while the same security context is being used between the mobile node and the home agent. Retransmission as in Section 3.6.3 (Registration Retransmission) is allowed.



 TOC 

5.7.1.  Replay Protection using Timestamps

The basic principle of timestamp replay protection is that the node generating a message inserts the current time of day, and the node receiving the message checks that this timestamp is sufficiently close to its own time of day. Unless specified differently in the security association between the nodes, a default value of 7 seconds MAY be used to limit the time difference. This value SHOULD be greater than 3 seconds. Obviously the two nodes must have adequately synchronized time-of-day clocks. As with any messages, time synchronization messages may be protected against tampering by an authentication mechanism determined by the security context between the two nodes.

If timestamps are used, the mobile node MUST set the Identification field to a 64-bit value formatted as specified by the Network Time Protocol [11] (Mills, D., “Network Time Protocol (Version 3) Specification, Implementation,” March 1992.). The low-order 32 bits of the NTP format represent fractional seconds, and those bits which are not available from a time source SHOULD be generated from a good source of randomness. Note, however, that when using timestamps, the 64-bit Identification used in a Registration Request from the mobile node MUST be greater than that used in any previous Registration Request, as the home agent uses this field also as a sequence number. Without such a sequence number, it would be possible for a delayed duplicate of an earlier Registration Request to arrive at the home agent (within the clock synchronization required by the home agent), and thus be applied out of order, mistakenly altering the mobile node's current registered care-of address.

Upon receipt of a Registration Request with an authorization-enabling extension, the home agent MUST check the Identification field for validity. In order to be valid, the timestamp contained in the Identification field MUST be close enough to the home agent's time of day clock and the timestamp MUST be greater than all previously accepted timestamps for the requesting mobile node. Time tolerances and resynchronization details are specific to a particular mobility security association.

If the timestamp is valid, the home agent copies the entire Identification field into the Registration Reply it returns the Reply to the mobile node. If the timestamp is not valid, the home agent copies only the low-order 32 bits into the Registration Reply, and supplies the high-order 32 bits from its own time of day. In this latter case, the home agent MUST reject the registration by returning Code 133 (identification mismatch) in the Registration Reply.

As described in Section 3.6.2.1 (Validity Checks), the mobile node MUST verify that the low-order 32 bits of the Identification in the Registration Reply are identical to those in the rejected registration attempt, before using the high-order bits for clock resynchronization.



 TOC 

5.7.2.  Replay Protection using Nonces

The basic principle of nonce replay protection is that node A includes a new random number in every message to node B, and checks that node B returns that same number in its next message to node A. Both messages use an authentication code to protect against alteration by an attacker. At the same time node B can send its own nonces in all messages to node A (to be echoed by node A), so that it too can verify that it is receiving fresh messages.

The home agent may be expected to have resources for computing pseudo-random numbers useful as nonces [8] (Eastlake, D., Schiller, J., and S. Crocker, “Randomness Requirements for Security,” June 2005.). It inserts a new nonce as the high-order 32 bits of the identification field of every Registration Reply. The home agent copies the low-order 32 bits of the Identification from the Registration Request message into the low-order 32 bits of the Identification in the Registration Reply. When the mobile node receives an authenticated Registration Reply from the home agent, it saves the high-order 32 bits of the identification for use as the high-order 32 bits of its next Registration Request.

The mobile node is responsible for generating the low-order 32 bits of the Identification in each Registration Request. Ideally it should generate its own random nonces. However it may use any expedient method, including duplication of the random value sent by the home agent. The method chosen is of concern only to the mobile node, because it is the node that checks for valid values in the Registration Reply. The high-order and low-order 32 bits of the identification chosen SHOULD both differ from their previous values. The home agent uses a new high-order value and the mobile node uses a new low-order value for each registration message. The foreign agent uses the low-order value (and the mobile host's home address) to correctly match registration replies with pending Requests (Section 3.7.1 (Configuration and Registration Tables)).

If a registration message is rejected because of an invalid nonce, the Reply always provides the mobile node with a new nonce to be used in the next registration. Thus the nonce protocol is self-synchronizing.



 TOC 

6.  IANA Considerations

Mobile IP specifies several new number spaces for values to be used in various message fields. These number spaces include the following:

There are additional Mobile IP numbering spaces specified in [3] (Perkins, C., Calhoun, P., and J. Bharatia, “Mobile IPv4 Challenge/Response Extensions (Revised),” January 2007.).

Information about assignment of mobile-ip numbers derived from specifications external to this document is given by IANA at http://www.iana.org/numbers.html. From that URL, follow the hyperlinks to "M" within the "Directory of General Assigned Numbers", and subsequently to the specific section for "Mobile IP Numbers".

In this revised specification, a new Code value (for the field in the Registration Reply message) is needed within the range typically used for Foreign Agent messages. This error code is needed to indicate the status "Invalid Home Agent Address". See Section 3.7.2 (Receiving Registration Requests) for details.



 TOC 

6.1.  Mobile IP Message Types

Mobile IP messages are defined to be those that are sent to a message recipient at port 434 (UDP or TCP). The number space for Mobile IP messages is specified in Section 1.8 (Message Format and Protocol Extensibility). Approval of new extension numbers is subject to Expert Review, and a specification is required [14] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” October 1998.). The currently standardized message types have the following numbers, and are specified in the indicated sections.

    Type  Name                                             Section
    ----  --------------------------------------------     ---------
    1     Registration Request                             3.3
    3     Registration Reply                               3.4


 TOC 

6.2.  Extensions to RFC 1256 Router Advertisement

RFC 1256 defines two ICMP message types, Router Advertisement and Router Solicitation. Mobile IP defines a number space for extensions to Router Advertisement, which could be used by protocols other than Mobile IP. The extension types currently standardized for use with Mobile IP have the following numbers.

    Type  Name                                             Reference
    ----  --------------------------------------------     ---------
    0     One-byte Padding                                 2.1.3
    16    Mobility Agent Advertisement                     2.1.1
    19    Prefix-Lengths                                   2.1.2

Approval of new extension numbers for use with Mobile IP is subject to Expert Review, and a specification is required [14] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” October 1998.).



 TOC 

6.3.  Extensions to Mobile IP Registration Messages

The Mobile IP messages, specified within this document, and listed in Section 1.8 (Message Format and Protocol Extensibility) and Section 6.1 (Mobile IP Message Types), may have extensions. Mobile IP message extensions all share the same number space, even if they are to be applied to different Mobile IP messages. The number space for Mobile IP message extensions is specified within this document. Approval of new extension numbers is subject to Expert Review, and a specification is required [14] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” October 1998.).

    Type  Name                                             Reference
    ----  --------------------------------------------     ---------
    0     One-byte Padding
    32    Mobile-Home Authentication                       3.5.2
    33    Mobile-Foreign Authentication                    3.5.3
    34    Foreign-Home Authentication                      3.5.4


 TOC 

6.4.  Code Values for Mobile IP Registration Reply Messages

The Mobile IP Registration Reply message, specified in Section 3.4 (Registration Reply), has a Code field. The number space for the Code field values is also specified in Section 3.4 (Registration Reply). The Code number space is structured according to whether the registration was successful, or whether the foreign agent denied the registration request, or lastly whether the home agent denied the registration request, as follows:

         0-8        Success Codes
         9-63       No allocation guidelines currently exist
         64-127     Error Codes from the Foreign Agent
         128-192    Error Codes from the Home Agent
         193-255    No allocation guidelines currently exist

Approval of new Code values requires Expert Review [14] (Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” October 1998.).



 TOC 

7.  Acknowledgments

Special thanks to Steve Deering (Xerox PARC), along with Dan Duchamp and John Ioannidis (JI) (Columbia University), for forming the working group, chairing it, and putting so much effort into its early development. Columbia's early Mobile IP work can be found in [33] (Ioannidis, J., Duchamp, D., and G. Maguire, “IP-Based Protocols for Mobile Interworking,” September 1991.),[34] (Ioannidis, J. and G. Maguire, “The Design and Implementation of a Mobile Internetworking Architecture,” January 1993.),[35] (Ioannidis, J., “Protocols for Mobile Interworking,” July 1993.).

Thanks also to Kannan Alaggapan, Greg Minshall, Tony Li, Jim Solomon, Erik Nordmark, Basavaraj Patil, and Phil Roberts for their contributions to the group while performing the duties of chairperson, as well as for their many useful comments.

Thanks to the active members of the Mobile IP Working Group, particularly those who contributed text, including (in alphabetical order)

Ran Atkinson (Naval Research Lab),

Samita Chakrabarti (Sun Microsystems)

Ken Imboden (Candlestick Networks, Inc.)

Dave Johnson (Carnegie Mellon University),

Frank Kastenholz (FTP Software),

Anders Klemets (KTH),

Chip Maguire (KTH),

Alison Mankin (ISI)

Andrew Myles (Macquarie University),

Thomas Narten (IBM),

Al Quirt (Bell Northern Research),

Yakov Rekhter (IBM),

Fumio Teraoka (Sony), and

Alper Yegin (NTT DoCoMo)

Thanks to Charlie Kunzinger and to Bill Simpson, the editors who produced the first drafts for of this document, reflecting the discussions of the Working Group. Much of the new text in the later revisions preceding RFC 2002 is due to Jim Solomon and Dave Johnson.

Thanks to Greg Minshall (Novell), Phil Karn (Qualcomm), Frank Kastenholz (FTP Software), and Pat Calhoun (Sun Microsystems) for their generous support in hosting interim Working Group meetings.

Section 1.10 (Long Extension Format) and Section 1.11 (Short Extension Format), which specify new extension formats to be used with aggregatable extension types, were included from a specification document (entitled "Mobile IP Extensions Rationalization (MIER)", which was written by

Mohamed M.Khalil, Nortel Networks

Raja Narayanan, nVisible Networks

Haseeb Akhtar, Nortel Networks

Emad Qaddoura, Nortel Networks

Thanks to these authors, and also for the additional work on MIER, which was contributed by Basavaraj Patil, Pat Calhoun, Neil Justusson, N. Asokan, and Jouni Malinen.

Thanks to Vijay Devarapalli, who put in many hours to convert the source for this text document into XML format.



 TOC 

8.  References



 TOC 

8.1. Normative References

[1] Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” BCP 14, RFC 2119, March 1997 (TXT, HTML, XML).
[2] Calhoun, P. and C. Perkins, “Mobile IP Network Access Identifier Extension for IPv4,” RFC 2794, March 2000 (TXT).
[3] Perkins, C., Calhoun, P., and J. Bharatia, “Mobile IPv4 Challenge/Response Extensions (Revised),” RFC 4721, January 2007 (TXT).
[4] Cong, D., Hamlen, M., and C. Perkins, “The Definitions of Managed Objects for IP Mobility Support using SMIv2,” RFC 2006, October 1996 (TXT).
[5] Deering, S., “ICMP Router Discovery Messages,” RFC 1256, September 1991 (TXT).
[6] Deering, S., “Host extensions for IP multicasting,” STD 5, RFC 1112, August 1989 (TXT).
[7] Dommety, G. and K. Leung, “Mobile IP Vendor/Organization-Specific Extensions,” RFC 3115, April 2001 (TXT).
[8] Eastlake, D., Schiller, J., and S. Crocker, “Randomness Requirements for Security,” BCP 106, RFC 4086, June 2005 (TXT).
[9] Kent, S., “IP Authentication Header,” RFC 4302, December 2005 (TXT).
[10] Krawczyk, H., Bellare, M., and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication,” RFC 2104, February 1997 (TXT).
[11] Mills, D., “Network Time Protocol (Version 3) Specification, Implementation,” RFC 1305, March 1992 (TXT, PDF).
[12] Montenegro, G., “Reverse Tunneling for Mobile IP, revised,” RFC 3024, January 2001 (TXT).
[13] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P. Traina, “Generic Routing Encapsulation (GRE),” RFC 2784, March 2000 (TXT).
[14] Narten, T. and H. Alvestrand, “Guidelines for Writing an IANA Considerations Section in RFCs,” BCP 26, RFC 2434, October 1998 (TXT, HTML, XML).
[15] Perkins, C., “IP Encapsulation within IP,” RFC 2003, October 1996 (TXT, HTML, XML).
[16] Perkins, C., “Minimal Encapsulation within IP,” RFC 2004, October 1996 (TXT, HTML, XML).
[17] Plummer, D., “Ethernet Address Resolution Protocol: Or converting network protocol addresses to 48.bit Ethernet address for transmission on Ethernet hardware,” STD 37, RFC 826, November 1982 (TXT).
[18] Postel, J., “User Datagram Protocol,” STD 6, RFC 768, August 1980 (TXT).
[19] Postel, J., “Internet Protocol,” STD 5, RFC 791, September 1981 (TXT).
[20] Rivest, R., “The MD5 Message-Digest Algorithm,” RFC 1321, April 1992 (TXT).
[21] Solomon, J., “Applicability Statement for IP Mobility Support,” RFC 2005, October 1996 (TXT, HTML, XML).


 TOC 

8.2. Informative References

[22] Solomon, J. and S. Glass, “Mobile-IPv4 Configuration Option for PPP IPCP,” RFC 2290, February 1998 (TXT, HTML, XML).
[23] Montenegro, G., Dawkins, S., Kojo, M., Magret, V., and N. Vaidya, “Long Thin Networks,” RFC 2757, January 2000 (TXT).
[24] Allman, M., Glover, D., and L. Sanchez, “Enhancing TCP Over Satellite Channels using Standard Mechanisms,” BCP 28, RFC 2488, January 1999 (TXT, HTML, XML).
[25] Paxson, V. and M. Allman, “Computing TCP's Retransmission Timer,” RFC 2988, November 2000 (TXT).
[26] Bellovin, S., “Security Problems in the TCP/IP Protocol Suite,” ACM Computer Communications Review, 19(2), March 1989.
[27] Border, J., Kojo, M., Griner, J., Montenegro, G., and Z. Shelby, “Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations,” RFC 3135, June 2001 (TXT).
[28] Caceres, R. and L. Iftode, “Improving the Performance of Reliable Transport Protocols in Mobile Computing Environments,” IEEE Journal on Selected Areas in Communication, 13(5):850--857, June 1995.
[29] Dawkins, S., Montenegro, G., Kojo, M., Magret, V., and N. Vaidya, “End-to-end Performance Implications of Links with Errors,” BCP 50, RFC 3155, August 2001 (TXT).
[30] Droms, R., “Dynamic Host Configuration Protocol,” RFC 2131, March 1997 (TXT, HTML, XML).
[31] Ferguson, P. and D. Senie, “Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing,” BCP 38, RFC 2827, May 2000 (TXT).
[32] Jacobson, V., “Compressing TCP/IP headers for low-speed serial links,” RFC 1144, February 1990 (TXT, PS, PDF).
[33] Ioannidis, J., Duchamp, D., and G. Maguire, “IP-Based Protocols for Mobile Interworking,” In Proceedings of the SIGCOMM '01 Conference: Communications Architectures and Protocols, Pages 235--245, September 1991.
[34] Ioannidis, J. and G. Maguire, “The Design and Implementation of a Mobile Internetworking Architecture,” In Proceedings of the Winter USENIX Technical Conference, Pages 489--500, January 1993.
[35] Ioannidis, J., “Protocols for Mobile Interworking,” PhD Dissertation - Columbia University in the City of New York , July 1993.
[36] Jacobson, V., “Congestion Avoidance and Control,” In Proceedings of the SIGCOMM '88 Workshop, ACM SIGCOMM, ACM Press, Pages 314--329, August 1998.
[37] McCloghrie, K. and F. Kastenholz, “The Interfaces Group MIB,” RFC 2863, June 2000 (TXT).
[38] McGregor, G., “The PPP Internet Protocol Control Protocol (IPCP),” RFC 1332, May 1992 (TXT).
[39] Montenegro, G. and V. Gupta, “Sun's SKIP Firewall Traversal for Mobile IP,” RFC 2356, June 1998 (TXT, HTML, XML).
[40] Perkins, C., “IP Mobility Support,” RFC 2002, October 1996 (TXT).
[41] Perkins, C., “IP Mobility Support for IPv4,” RFC 3344, August 2002 (TXT).
[42] Stevens, R., “TCP/IP Illustrated, Volume 1: The Protocols,” Addison-Wesley, Reading, Massachussets, 1994.
[43] Perkins, C. and P. Calhoun, “Authentication, Authorization, and Accounting (AAA) Registration Keys for Mobile IPv4,” RFC 3957, March 2005 (TXT).
[44] Simpson, W., “The Point-to-Point Protocol (PPP),” STD 51, RFC 1661, July 1994 (TXT).
[45] IANA Assigned Numbers Online Database, “Mobile IPv4 Numbers,” http://www.iana.org/assignments/mobileip-numbers .
[46] Postel, J., “Multi-LAN address resolution,” RFC 925, October 1984 (TXT).


 TOC 

Appendix A.  Patent Issues

The IETF has been notified of intellectual property rights claimed in regard to some or all of the specification contained in this document. For more information consult the online list of claimed rights.



 TOC 

Appendix B.  Link-Layer Considerations

The mobile node MAY use link-layer mechanisms to decide that its point of attachment has changed. Such indications include the Down/Testing/Up interface status [37] (McCloghrie, K. and F. Kastenholz, “The Interfaces Group MIB,” June 2000.), and changes in cell or administration. The mechanisms will be specific to the particular link-layer technology, and are outside the scope of this document.

The Point-to-Point-Protocol (PPP) [44] (Simpson, W., “The Point-to-Point Protocol (PPP),” July 1994.) and its Internet Protocol Control Protocol (IPCP) [38] (McGregor, G., “The PPP Internet Protocol Control Protocol (IPCP),” May 1992.), negotiates the use of IP addresses.

The mobile node SHOULD first attempt to specify its home address, so that if the mobile node is attaching to its home network, the unrouted link will function correctly. When the home address is not accepted by the peer, but a transient IP address is dynamically assigned to the mobile node, and the mobile node is capable of supporting a co-located care-of address, the mobile node MAY register that address as a co-located care-of address. When the peer specifies its own IP address, that address MUST NOT be assumed to be a foreign agent care-of address or the IP address of a home agent. PPP extensions for Mobile IP have been specified in RFC 2290 [22] (Solomon, J. and S. Glass, “Mobile-IPv4 Configuration Option for PPP IPCP,” February 1998.). Please consult that document for additional details for how to handle care-of address assignment from PPP in a more efficient manner.



 TOC 

Appendix C.  TCP Considerations



 TOC 

C.1.  TCP Timers

When high-delay (e.g. SATCOM) or low-bandwidth (e.g. High-Frequency Radio) links are in use, some TCP stacks may have insufficiently adaptive (non-standard) retransmission timeouts. There may be spurious retransmission timeouts, even when the link and network are actually operating properly, but just with a high delay because of the medium in use. This can cause an inability to create or maintain TCP connections over such links, and can also cause unneeded retransmissions which consume already scarce bandwidth. Vendors are encouraged to follow the algorithms in RFC 2988 [25] (Paxson, V. and M. Allman, “Computing TCP's Retransmission Timer,” November 2000.) when implementing TCP retransmission timers. Vendors of systems designed for low-bandwidth, high-delay links should consult RFCs 2757 and 2488 [23] (Montenegro, G., Dawkins, S., Kojo, M., Magret, V., and N. Vaidya, “Long Thin Networks,” January 2000.), [24] (Allman, M., Glover, D., and L. Sanchez, “Enhancing TCP Over Satellite Channels using Standard Mechanisms,” January 1999.). Designers of applications targeted to operate on mobile nodes should be sensitive to the possibility of timer-related difficulties.



 TOC 

C.2.  TCP Congestion Management

Mobile nodes often use media which are more likely to introduce errors, effectively causing more packets to be dropped. This introduces a conflict with the mechanisms for congestion management found in modern versions of TCP [36] (Jacobson, V., “Congestion Avoidance and Control,” August 1998.). Now, when a packet is dropped, the correspondent node's TCP implementation is likely to react as if there were a source of network congestion, and initiate the slow-start mechanisms [36] (Jacobson, V., “Congestion Avoidance and Control,” August 1998.) designed for controlling that problem. However, those mechanisms are inappropriate for overcoming errors introduced by the links themselves, and have the effect of magnifying the discontinuity introduced by the dropped packet. This problem has been analyzed by Caceres, et al. [28] (Caceres, R. and L. Iftode, “Improving the Performance of Reliable Transport Protocols in Mobile Computing Environments,” June 1995.). TCP approaches to the problem of handling errors that might interfere with congestion management are discussed in documents from the [pilc] working group [27] (Border, J., Kojo, M., Griner, J., Montenegro, G., and Z. Shelby, “Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations,” June 2001.) [29] (Dawkins, S., Montenegro, G., Kojo, M., Magret, V., and N. Vaidya, “End-to-end Performance Implications of Links with Errors,” August 2001.). While such approaches are beyond the scope of this document, they illustrate that providing performance transparency to mobile nodes involves understanding mechanisms outside the network layer. Problems introduced by higher media error rates also indicate the need to avoid designs which systematically drop packets; such designs might otherwise be considered favorably when making engineering tradeoffs.



 TOC 

Appendix D.  Example Scenarios

This section shows example Registration Requests for several common scenarios.



 TOC 

D.1.  Registering with a Foreign Agent Care-of Address

The mobile node receives an Agent Advertisement from a foreign agent and wishes to register with that agent using the advertised foreign agent care-of address. The mobile node wishes only IP-in-IP encapsulation, does not want broadcasts, and does not want simultaneous mobility bindings:

     IP fields:
       Source Address = mobile node's home address
       Destination Address = copied from the IP source address of the
         Agent Advertisement
       Time to Live = 1
     UDP fields:
       Source Port = <any>
       Destination Port = 434
     Registration Request fields:
       Type = 1
       S=0,B=0,D=0,M=0,G=0
       Lifetime = the Registration Lifetime copied from the
         Mobility Agent Advertisement Extension of the
         Router Advertisement message
       Home Address = the mobile node's home address
       Home Agent = IP address of mobile node's home agent
       Care-of Address = the Care-of Address copied from the
       Mobility Agent Advertisement Extension of the
         Router Advertisement message
       Identification = Network Time Protocol timestamp or Nonce
     Extensions:
       An authorization-enabling extension (e.g., the Mobile-Home
       Authentication Extension)



 TOC 

D.2.  Registering with a Co-Located Care-of Address

The mobile node enters a foreign network that contains no foreign agents. The mobile node obtains an address from a DHCP server [30] (Droms, R., “Dynamic Host Configuration Protocol,” March 1997.) for use as a co-located care-of address. The mobile node supports all forms of encapsulation (IP-in-IP, minimal encapsulation, and GRE), desires a copy of broadcast datagrams on the home network, and does not want simultaneous mobility bindings:

     IP fields:
       Source Address = care-of address obtained from DHCP server
       Destination Address = IP address of home agent
       Time to Live = 64
     UDP fields:
       Source Port = <any>
       Destination Port = 434
     Registration Request fields:
       Type = 1
       S=0,B=1,D=1,M=1,G=1
       Lifetime = 1800 (seconds)
       Home Address = the mobile node's home address
       Home Agent = IP address of mobile node's home agent
       Care-of Address = care-of address obtained from DHCP server
       Identification = Network Time Protocol timestamp or Nonce
     Extensions:
       The Mobile-Home Authentication Extension



 TOC 

D.3.  Deregistration

The mobile node returns home and wishes to deregister all care-of addresses with its home agent.

     IP fields:
       Source Address = mobile node's home address
       Destination Address = IP address of home agent
       Time to Live = 1
     UDP fields:
       Source Port = <any>
       Destination Port = 434
     Registration Request fields:
       Type = 1
       S=0,B=0,D=0,M=0,G=0
       Lifetime = 0
       Home Address = the mobile node's home address
       Home Agent = IP address of mobile node's home agent
       Care-of Address = the mobile node's home address
       Identification = Network Time Protocol timestamp or Nonce
     Extensions:
       An authorization-enabling extension (e.g., the Mobile-Home
       Authentication Extension)



 TOC 

Appendix E.  Applicability of Prefix-Lengths Extension

Caution is indicated with the use of the Prefix-Lengths Extension over wireless links, due to the irregular coverage areas provided by wireless transmitters. As a result, it is possible that two foreign agents advertising the same prefix might indeed provide different connectivity to prospective mobile nodes. The Prefix-Lengths Extension SHOULD NOT be included in the advertisements sent by agents in such a configuration.

Foreign agents using different wireless interfaces would have to cooperate using special protocols to provide identical coverage in space, and thus be able to claim to have wireless interfaces situated on the same subnetwork. In the case of wired interfaces, a mobile node disconnecting and subsequently connecting to a new point of attachment, may well send in a new Registration Request no matter whether the new advertisement is on the same medium as the last recorded advertisement. And, finally, in areas with dense populations of foreign agents it would seem unwise to require the propagation via routing protocols of the subnet prefixes associated with each individual wireless foreign agent; such a strategy could lead to quick depletion of available space for routing tables, unwarranted increases in the time required for processing routing updates, and longer decision times for route selection if routes (which are almost always unnecessary) are stored for wireless "subnets".



 TOC 

Appendix F.  Interoperability Considerations

This document specifies revisions to RFC 2002 that are intended to improve interoperability by resolving ambiguities contained in the earlier text. Implementations that perform authentication according to the new more precisely specified algorithm would be interoperable with earlier implementations that did what was originally expected for producing authentication data. That was a major source of non-interoperability before.

However, this specification does have new features that, if used, would cause interoperability problems with older implementations. All features specified in RFC 2002 will work with the new implementations, except for V-J compression [32] (Jacobson, V., “Compressing TCP/IP headers for low-speed serial links,” February 1990.). The following list details some of the possible areas of compatibility problems that may be experienced by nodes conforming to this revised specification, when attempting to interoperate with nodes obeying RFC 2002.

In all of these cases, a robust and well-configured mobile node is very likely to be able to recover if it takes reasonable actions upon receipt of a Registration Reply with an error code indicating the cause for rejection. For instance, if a mobile node sends a registration request that is rejected because it contains the wrong kind of authentication extension, then the mobile node could retry the registration with a mobile-home authentication extension, since the foreign agent and/or home agent in this case will not be configured to demand the alternative authentication data.



 TOC 

Appendix G.  Changes since RFC 2002



 TOC 

G.1.  Recent Changes

The following changes have been made since RFC 3344 was published. For items marked with issue numbers, more information is available by consulting the MIP4 issues web page, http://www.mip4.org/issues/tracker/mip4/



 TOC 

G.2.  Major Changes



 TOC 

G.3.  Minor Changes



 TOC 

G.4.  Changes since RFC3344

This section lists the changes between this document and the previous version of the Mobile IPv4 Proposed Standard, RFC 3344 [41] (Perkins, C., “IP Mobility Support for IPv4,” August 2002.).



 TOC 

Appendix H.  Example Messages



 TOC 

H.1.  Example ICMP Agent Advertisement Message Format

   0                   1                   2                   3
   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |     Type      |     Code      |           Checksum            |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |   Num Addrs   |Addr Entry Size|           Lifetime            |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                       Router Address[1]                       |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                      Preference Level[1]                      |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                       Router Address[2]                       |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                      Preference Level[2]                      |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                        ....                                   |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |   Type = 16   |     Length    |      Sequence Number          |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  | Registration Lifetime         |R|B|H|F|M|G|r|T|  reserved     |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                     Care-of Address[1]                        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                     Care-of Address[2]                        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                         ....                                  |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  :                     Optional  Extensions                      :
  :   ....                ......                      ......      :
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


 TOC 

H.2.  Example Registration Request Message Format

The UDP header is followed by the Mobile IP fields shown below:

   0                   1                   2                   3
   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |     Type = 1  |S|B|D|M|G|r|T|x|          Lifetime             |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                          Home Address                         |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                           Home Agent                          |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                        Care-of Address                        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                                                               |
  +                         Identification                        +
  |                                                               |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                Optional Non-Auth Extensions for HA ...        |
  |                     ( variable length )                       |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |    Type =32   |      Length   |           SPI                 |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |          SPI (cont..)         |                               |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
  :         MN-HA Authenticator ( variable length )               :
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  :           Optional  Non-Auth Extensions for FA .........
  :           Optional  MN-FA  Authentication Extension...
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


 TOC 

H.3.  Example Registration Reply Message Format

The UDP header is followed by the Mobile IP fields shown below:

   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |   Type = 3    |     Code      |           Lifetime            |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                          Home Address                         |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                           Home Agent                          |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                                                               |
  +                         Identification                        +
  |                                                               |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                 Optional  HA  Non-Auth Extensions ...         |
  |                     ( variable length )                       |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |    Type =32   |      Length   |           SPI                 |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |          SPI (cont...)        |                               |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               |
  :         MN-HA Authenticator ( variable length )               :
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  :           Optional  Extensions used by FA.........
  :           Optional  MN-FA Authentication Extension...
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


 TOC 

Author's Address

  Charles E. Perkins
  WiChorus Inc.
  3590 N. 1st Street, Suite 300
  San Jose, CA 95134
  USA
Email:  charliep@computer.org


 TOC 

Full Copyright Statement

Intellectual Property