T U T O R I A L
A lthough the Internet offers access to information sources worldwide, typically we do not expect to benefit from that access until we arrive at some familiar point--whether home, office, or school. However, the increasing variety of wireless devices offering IP connectivity, such as PDAs, handhelds, and digital cellular phones, is beginning to change our perceptions of the Internet.
To understand the contrast between the current realities of IP connectivity and future possibilities, consider the transition toward mobility that has occurred in telephony over the past 20 years. An analogous transition in the domain of networking, from dependence on fixed points of attachment to the flexibility afforded by mobility, has just begun.
Mobile computing and networking should not be confused with the portable computing and networking we have today. In mobile networking, computing activities are not disrupted when the user changes the computer's point of attachment to the Internet. Instead, all the needed reconnection occurs automatically and noninteractively.
Truly mobile computing offers many advantages. Confident access to the Internet anytime, anywhere will help free us from the ties that bind us to our desktops. Consider how cellular phones have given people new freedom in carrying out their work. Taking along an entire computing environment has the potential not just to extend that flexibility but to fundamentally change the existing work ethic. Having the Internet available to us as we move will give us the tools to build new computing environments wherever we go. Those who have little interest in mobility per se will still benefit from the ability to resume previous applications when they reconnect. This is especially convenient in a wireless LAN office environment, where the boundaries between attachment points are not sharp and are often invisible.
The evolution of mobile networking will differ from that of telephony in some important respects. The endpoints of a telephone connection are typically human; computer applications are likely to involve interactions between machines without human intervention. Obvious examples of this are mobile computing devices on airplanes, ships, and automobiles. Mobile networking may well also come to depend on position-finding devices, such as a satellite global positioning system, to work in tandem with wireless access to the Internet.
Another difference may well be rate of adoption. It took many years for mobile phones to become cheap and light-weight enough to be perceived as convenient. Because wireless mobile computing devices such as PDAs and pocket organizers have already found user acceptance, mobile computing may become popular much more quickly.
However, there are still some technical obstacles that must be overcome before mobile networking can become widespread. The most fundamental is the way the Internet Protocol, the protocol that connects the networks of today's Internet, routes packets to their destinations according to IP addresses. These addresses are associated with a fixed network location much as a nonmobile phone number is associated with a physical jack in a wall. When the packet's destination is a mobile node, this means that each new point of attachment made by the node is associated with a new network number and, hence, a new IP address, making transparent mobility impossible.
Mobile IP (RFC 2002),1 a standard proposed by a working group within the Internet Engineering Task Force, was designed to solve this problem by allowing the mobile node to use two IP addresses: a fixed home address and a care-of address that changes at each new point of attachment. This article will present the Mobile IP standard in moderate technical detail and point the reader toward a wealth of further information.2 , 3 In addition, readers can go to the sidebar Mobile IP Web Resources in this issue's IC Online at http://computer.org/internet/ for a convenient set of hyperlinked resources.
I also describe how Mobile IP will change with IP version 6,4 , 5 the product of a major effort within the IETF to engineer an eventual replacement for the current version of IP.6 Although IPv6 will support mobility to a greater degree than IPv4, it will still need Mobile IP to make mobility transparent to applications and higher level protocols such as TCP.
There is a great deal of interest in mobile computing and apparently in Mobile IP as a way to provide for it. A quick Web search for items related to Mobile IP returned over 60,000 hits--impressive even given the notorious lack of selectivity for such procedures. Mobile IP forms the basis either directly or indirectly of many current research efforts and products. The Cellular Digital Packet Data (CDPD),7 for example, has created a widely deployed communications infrastructure based on a previous draft specification of the protocol. In addition, most major router vendors have developed implementations for Mobile IP.
The outlook for Mobile IP in the complex Internet marketplace is far from clear, and some technical problems remain, security being the most important. However, once the security solutions are solid, nomadic users may finally begin to enjoy the convenience of seamless untethered roaming and effective application transparency that is the promise of Mobile IP.
HOW MOBILE IP WORKS
IP routes packets from a source endpoint to a destination by allowing routers to forward packets from incoming network interfaces to outbound interfaces according to routing tables. The routing tables typically maintain the next-hop (outbound interface) information for each destination IP address, according to the number of networks to which that IP address is connected. The network number is derived from the IP address by masking off some of the low-order bits. Thus, the IP address typically carries with it information that specifies the IP node's point of attachment.
To maintain existing transport-layer connections (see the sidebar "Nomadicity: How Mobility Will Affect the Protocol Stack" on the next pages) as the mobile node moves from place to place, it must keep its IP address the same. In TCP (which accounts for the overwhelming majority of Internet connections), connections are indexed by a quadruplet that contains the IP addresses and port numbers of both connection endpoints. Changing any of these four numbers will cause the connection to be disrupted and lost. On the other hand, correct delivery of packets to the mobile node's current point of attachment depends on the network number contained within the mobile node's IP address, which changes at new points of attachment. To change the routing requires a new IP address associated with the new point of attachment.
Mobile IP has been designed to solve this problem by allowing the mobile node to use two IP addresses (see the sidebar "Mobile Networking Terminology" for definitions of italicized terms). In Mobile IP, the home address is static and is used, for instance, to identify TCP connections. The care-of address changes at each new point of attachment and can be thought of as the mobile node's topologically significant address; it indicates the network number and thus identifies the mobile node's point of attachment with respect to the network topology. The home address makes it appear that the mobile node is continually able to receive data on its home network, where Mobile IP requires the existence of a network node known as the home agent. Whenever the mobile node is not attached to its home network (and is therefore attached to what is termed a foreign network), the home agent gets all the packets destined for the mobile node and arranges to deliver them to the mobile node's current point of attachment.
Whenever the mobile node moves, it registers its new care-of address with its home agent. To get a packet to a mobile node from its home network, the home agent delivers the packet from the home network to the care-of address. The further delivery requires that the packet be modified so that the care-of address appears as the destination IP address. This modification can be understood as a packet transformation or, more specifically, a redirection. When the packet arrives at the care-of address, the reverse transformation is applied so that the packet once again appears to have the mobile node's home address as the destination IP address. When the packet arrives at the mobile node, addressed to the home address, it will be processed properly by TCP or whatever higher level protocol logically receives it from the mobile node's IP (that is, layer 3) processing layer. More information on the abstract modeling as a way to perform layer 3 redirection on packets can be found in Bhagwat, Perkins, and Tripathi.8
In Mobile IP the home agent redirects packets from the home network to the care-of address by constructing a new IP header that contains the mobile node's care-of address as the destination IP address. This new header then shields or encapsulates the original packet, causing the mobile node's home address to have no effect on the encapsulated packet's routing until it arrives at the care-of address. Such encapsulation is also called tunneling, which suggests that the packet burrows through the Internet, bypassing the usual effects of IP routing.
Mobile IP, then, is best understood as the cooperation of three separable mechanisms:
Discovering the Care-of
Home agents use agent advertisements to make themselves known, even if they do not offer any care-of addresses. However, it is not possible to associate preferences to the various care-of addresses in the router advertisement, as is the case with default routers. The IETF working group was concerned that dynamic preference values might destabilize the operation of Mobile IP. Because no one could defend static preference assignments except for backup mobility agents, which do not help distribute the routing load, the group eventually decided not to use the preference assignments with the care-of address list.
Thus, an agent advertisement performs the following functions:
Mobile nodes use router solicitations as defined in RFC 1256 to detect any change in the set of mobility agents available at the current point of attachment. (In Mobile IP this is then termed agent solicitation.) If advertisements are no longer detectable from a foreign agent that previously had offered a care-of address to the mobile node, the mobile node should presume that foreign agent is no longer within range of the mobile node's network interface. In this situation, the mobile node should begin to hunt for a new care-of address, or possibly use a care-of address known from advertisements it is still receiving. The mobile node may choose to wait for another advertisement if it has not received any recently advertised care-of addresses, or it may send an agent solicitation.
Registering the Care-of
Authentication. Registration requests contain parameters and flags that characterize the tunnel through which the home agent will deliver packets to the care-of address. Tunnels can be constructed in various ways, described briefly in the next section.10 , 11 When a home agent accepts the request, it begins to associate the home address of the mobile node with the care-of address, and maintains this association until the registration lifetime expires. The triplet that contains the home address, care-of address, and registration lifetime is called a binding for the mobile node. A registration request can be considered a binding update sent by the mobile node.
A binding update is an example of a remote redirect, because it is sent remotely to the home agent to affect the home agent's routing table. This view of registration makes the need for authentication very clear.12 The home agent must be certain registration was originated by the mobile node and not by some other malicious node pretending to be the mobile node. A malicious node could cause the home agent to alter its routing table with erroneous care-of address information, and the mobile node would be unreachable to all incoming communications from the Internet.
The need to authenticate registration information has played a major role in determining the acceptable design parameters for Mobile IP. Each mobile node and home agent must share a security association and be able to use Message Digest 5 (RFC 1321) with 128-bit keys to create unforgeable digital signatures for registration requests.13 The signature is computed by performing MD5's one-way hash algorithm over all the data within the registration message header and the extensions that precede the signature.
To secure the registration request, each request must contain unique data so that two different registrations will in practical terms never have the same MD5 hash. Otherwise, the protocol would be susceptible to replay attacks, in which a malicious node could record valid registrations for later replay, effectively disrupting the ability of the home agent to tunnel to the current care-of address of the mobile node at that later time. To ensure this does not happen, Mobile IP includes within the registration message a special identification field that changes with every new registration. The exact semantics of the identification field depend on several details, which are described at greater length in the protocol specification.1 Briefly, there are two main ways to make the identification field unique.
One is to use a timestamp; then each new registration will have a later timestamp and thus differ from previous registrations. The other is to cause the identification to be a pseudorandom number; with enough bits of randomness, it is highly unlikely that two independently chosen values for the identification field will be the same. When randomness is used, Mobile IP defines a method that protects both the registration request and reply from replay, and calls for 32 bits of randomness in the identification field. If the mobile node and the home agent get too far out of synchronization for the use of timestamps, or if they lose track of the expected random numbers, the home agent will reject the registration request and include information to allow resynchronization within the reply. Using random numbers instead of timestamps avoids problems stemming from attacks on the NTP protocol that might cause the mobile node to lose time synchronization with the home agent or to issue authenticated registration requests for some future time that could be used by a malicious node to subvert a future registration.
The identification field is also used by the foreign agent to match pending registration requests to registration replies when they arrive at the home agent and to subsequently be able to relay the reply to the mobile node. The foreign agent also stores other information for pending registrations, including the mobile node's home address, the mobile node's Media Access Layer (MAC) address, the source port number for the registration request from the mobile node, the registration lifetime proposed by the mobile node, and the home agent's address. The foreign agent can limit registration lifetimes to a configurable value that it puts into its agent advertisements. The home agent can reduce the registration lifetime, which it includes as part of the registration reply, but it can never increase it.
As Figure 1 shows, in Mobile IP foreign agents are mostly passive, relaying registration requests and replies back and forth between the home agent and the mobile node, doing mostly what they are told. The foreign agent also decapsulates traffic from the home agent and forwards it to the mobile node. They Note that foreign agents do not have to authenticate themselves to the mobile node or home agent. A bogus foreign agent could impersonate a real foreign agent simply by following protocol and offering agent advertisements to the mobile node. The bogus agent could, for instance, then refuse to forward decapsulated packets to the mobile node when they were received. However, the result is no worse than if any node were tricked into using the wrong default router, which is possible using unauthenticated router advertisements as specified in RFC 1256.9
Automatic home agent discovery. When the mobile node cannot contact its home agent, Mobile IP has a mechanism that lets the mobile node try to register with another unknown home agent on its home network. This method of automatic home agent discovery works by using a broadcast IP address instead of the home agent's IP address as the target for the registration request. When the broadcast packet gets to the home network, other home agents on the network will send a rejection to the mobile node; however, their rejection notice will contain their address for the mobile node to use in a freshly attempted registration message. Note that the broadcast is not an Internet-wide broadcast, but a directed broadcast that reaches only IP nodes on the home network.
Tunneling to the Care-of
Figure 2 shows that sometimes the tunnel header uses protocol number 55 as the inner header. This happens when the home agent uses minimal encapsulation11 instead of IP-within-IP. Processing for the minimal encapsulation header is slightly more complicated than that for IP-within-IP, because some of the information from the tunnel header is combined with the information in the inner minimal encapsulation header to reconstitute the original IP header. On the other hand, header overhead is reduced.
CHANGES WITH IP VERSION 6
How will Mobile IP change when IP version 6 is adopted? IPv6 includes many features for streamlining mobility support that are missing in IP version 4 (current version), including Stateless Address Autoconfiguration14 and Neighbor Discovery.15 IPv6 also attempts to drastically simplify the process of renumbering, which could be critical to the future routability of the Internet.16 Because the number of mobile computers accessing the Internet will likely increase, efficient support for mobility will make a decisive difference in the Internet's future performance. This, along with the growing importance of the Internet and the Web, indicates the need to pay attention to supporting mobility.17
Mobility Support in IPv6,18 as proposed by the Mobile IP working group, follows the design for Mobile IPv4. It retains the ideas of a home network, home agent, and the use of encapsulation to deliver packets from the home network to the mobile node's current point of attachment. While discovery of a care-of address is still required, a mobile node can configure its a care-of address by using Stateless Address Autoconfiguration and Neighbor Discovery. Thus, foreign agents are not required to support mobility in IPv6. IPv6-within-IPv6 tunneling is also already specified.19
However, the objections to the use of source routes do not apply to IPv6, because IPv6's more careful specification eliminates the need for source-route reversal and lets routers ignore options that do not need their attention. Consequently, correspondent nodes can use routing headers without penalty. This allows the mobile node to easily determine when a correspondent node does not have the right care-of address. Packets delivered by encapsulation instead of by source routes in a routing header must have been sent by correspondent nodes that need to receive binding updates from the mobile node. It is a further point of contrast to route optimization in IPv4 that, in IPv6 mobility support, the mobile node delivers binding updates to correspondent nodes instead of to the home agent. In IPv6, key management between the mobile node and correspondent node is more likely to be available.
Other features supported by IPv6 mobility include
ONGOING WORK AND OPEN QUESTIONS
Problems Facing Mobile IP
Routing inefficiencies. The base Mobile IP specification has the effect of introducing a tunnel into the routing path followed by packets sent by the correspondent node to the mobile node. Packets from the mobile node, on the other hand, can go directly to the correspondent node with no tunneling required. This asymmetry is captured by the term triangle routing, where a single leg of the triangle goes from the mobile node to the correspondent node, and the home agent forms the third vertex controlling the path taken by data from the correspondent node to the mobile node. Triangle routing is alleviated by use of techniques in the route optimization draft,20 but doing so requires changes in the correspondent nodes that will take a long time to deploy for IPv4. It is hoped that triangle routing will not be a factor for IPv6 mobility.
Security issues. A great deal of attention is being focused on making Mobile IP coexist with the security features coming into use within the Internet. Firewalls,27 in particular, cause difficulty for Mobile IP because they block all classes of incoming packets that do not meet specified criteria. Enterprise firewalls are typically configured to block packets from entering via the Internet that appear to emanate from internal computers. Although this permits management of internal Internet nodes without great attention to security, it presents difficulties for mobile nodes wishing to communicate with other nodes within their home enterprise networks. Such communications, originating from the mobile node, carry the mobile node's home address, and would thus be blocked by the firewall.
Mobile IP can be viewed as a protocol for establishing secure tunnels. Gupta and Glass have proposed a firewall traversal solution.28 Efforts along these lines are also being made at BBN as part of the MOIPS (Managed Objects for IP Mobility Support)29 project to extend Mobile IP operation across firewalls, even when multiple security domains are involved.
Ingress filtering. Complications are also presented by ingress filtering25 operations. Many border routers discard packets coming from within the enterprise if the packets do not contain a source IP address configured for one of the enterprise's internal networks. Because mobile nodes would otherwise use their home address as the source IP address of the packets they transmit, this presents difficulty. Solutions to this problem in Mobile IPv4 typically involve tunneling outgoing packets from the care-of address, but then the difficulty is how to find a suitable target for the tunneled packet from the mobile node. The only universally agreed on possibility is the home agent, but that target introduces yet another serious routing anomaly for communications between the mobile node and the rest of the Internet. Montenegro has proposed the use of reverse tunnels to the home agent to counter the restriction imposed by ingress filtering.30 Mobile IPv6 also offers a solution in the home address destination option.18
User perceptions of reliability. The design of Mobile IP is founded on the premise that connections based on TCP should survive cell changes. However, opinion is not unanimous on the need for this feature. Many people believe that computer communications to laptop computers are sufficiently bursty that there is no need to increase the reliability of the connections supporting the communications. The analogy is made to fetching Web pages by selecting the appropriate URLs. If a transfer fails, people are used to trying again. This is tantamount to making the user responsible for the retransmission protocol and depends for its acceptability on a widespread perception that computers and the Internet cannot be trusted to do things right the first time. Naturally, such assumptions are strongly distasteful to many Internet protocol engineers, myself included. Nevertheless, the fact that products exhibiting this model are currently economically viable cannot be denied. Hopefully in the near future better engineering will counter this perception and increase the demand for Internet reliability.
Issues in IP addressing. Mobile IP creates the perception that the mobile node is always attached to its home network. This forms the basis for the reachability of the mobile node at an IP address that can be conventionally associated with its fully qualified domain name (FQDN).31 If the FQDN is associated with one or more other IP addresses, perhaps dynamically, then those alternative IP addresses may deserve equal standing with the mobile node's home address. Moreover, it is possible that such an alternative IP address would offer a shorter routing path if, for instance, the address were apparently located on a physical link nearer to the mobile node's care-of address, or if the alternative address were the care-of address itself. Finally, many communications are short-lived and depend on neither the actual identity of the mobile node nor its FQDN, and thus do not take advantage of the simplicity afforded by use of the mobile node's home address. These issues surrounding the mobile node's selection of an appropriate long-term (or not-so-long-term) address for use in establishing connections are complex and are far from being resolved.
Slow growth in the wireless LAN market. Mobile IP has been engineered as a solution for wireless LAN location management and communications, but the wireless LAN market has been slow to develop. It is difficult to make general statements about the reasons for this slow development, but with the recent ratification of the IEEE 802.11 MAC protocol,32 wireless LANs may become more popular. Moreover, the bandwidth for wireless devices has been constantly improving, so that radio and infrared devices on the market today offer multimegabyte-per-second data rates. Faster wireless access over standardized MAC layers could be a major catalyst for growth of this market.
Competition from other protocols. Mobile IP may well face competition from alternative tunneling protocols such as PPTP33 and L2TP.34 These other protocols, based on PPP, offer at least portability to mobile computers. Although I believe portable operation will ultimately not be a long-term solution, it may look quite attractive in the short term in the absence of full Mobile IP deployment. If these alternative methods are made widely available, it is unclear if the use of Mobile IP will be displaced or instead made more immediately desirable as people experience the convenience of mobile computing. In the future, it is also possible that Mobile IP could specify use of such alternative tunneling protocols to capitalize on their deployment on platforms that do not support IP-within-IP encapsulation.
Current Development Efforts
Current IETF drafts that employ Mobile IP include the Tunnel Establishment Protocol39 and Mobile IP Local Registration with Hierarchical Foreign Agents.40 The latter uses the ability to advertise multiple foreign agents to arrange hierarchies of mobility agents. This may help cut the number of registrations that must transit the global Internet between the home and foreign networks. DHCP for Mobile Networking with TCP/IP41 investigates the suitability of using the Dynamic Host Configuration Protocol42 , 43 to provide care-of addresses to mobile nodes.41 Mobile IPv4 Configuration Option for PPP IPCP44 is a new extension to PPP45 that will enable dial-up users to more efficiently employ their dynamic IP addresses as care-of addresses.
As this brief introduction to mobile networking has shown, Mobile IP has great potential. Security needs are getting active attention and will benefit from the deployment efforts underway. Within the IETF, Mobile IP is likely to move from a proposed standard1 to a draft standard46 in the near future.
The IETF standardization process requires the working group to rigorously demonstrate interoperability among various independent implementations before the protocol can advance. FTP Software has hosted two interoperability testing sessions, and many vendors have taken advantage of the opportunity. Test results have given added confidence that the Mobile IP specification is sound, implementable, and of diverse interest throughout the Internet community. Only a few minor revisions have been needed to ensure the specification can be interpreted in only one way by the network protocol engineers and programmers who must implement it.
It is possible that the deployment pace of Mobile IP will track that of IPv6, or that the requirements for supporting mobility in IPv6 nodes will give additional impetus to the deployment of both IPv6 and mobile networking. The increased user convenience and the reduced need for application awareness of mobility can be a major driving force for adoption. Since both IPv6 and Mobile IP have little direct effect on the operating systems of mobile computers outside of the network layer of the protocol stack, application designers should find this to be an acceptable programming environment. Of course, everything depends heavily on the willingness of platform and router vendors to implement Mobile IP and/or IPv6, but indications are strong that most major vendors already have implementations either finished or underway. *
HISTORY OF THE MOBILE IP WORKING GROUP
The Mobile IP Working Group of the Internet Engineering task Force (IETF) had its origin in BOF (Birds of a Feather) sessions held at the Atlanta (July 1991), Santa Fe (November 1991), and San Diego (March 1992) IETF meetings. In June 1992 Steve Deering, chair of the working group, submitted a proposed charter for a formal Working Group to the IETF, and, following a revision of the charter, the Working Group was officially formed in June 30, 1992. An IPv4 Mobile Host Protocol was submitted to the Internet Engineering Steering Group (IESG) as a proposed standard in 1996. An IPv6 protocol will be submitted to the IESG later this year.
Send general comments and
questions about the IEEE Internet Computing Online website to
Copyright (c) 1997
Institute of Electrical and Electronics Engineers, Inc.
IConline designed and maintained by Steve Woods