idnits 2.17.00 (12 Aug 2021) /tmp/idnits32020/draft-wakikawa-mip6-nemo-haha-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. (A line matching the expected section header was found, but with an unexpected indentation: ' 3. Overview of Inter Home Agents Protocol' ) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 4 instances of too long lines in the document, the longest one being 2 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 198: '...tisement message MUST be sent with the...' RFC 2119 keyword, line 267: '... MUST be unicasted to invoke Home Ag...' RFC 2119 keyword, line 268: '...Agent Solicitation message MUST NOT be...' RFC 2119 keyword, line 269: '... multicasted and MUST NOT be used for ...' RFC 2119 keyword, line 282: '...ed of the IPv6 header MUST be set to a...' (66 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The "Author's Address" (or "Authors' Addresses") section title is misspelled. == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'SHOULD not' in this paragraph: A Home Agent MUST know other Home Agents which configured in different links beforehand. This is manually configured on each Home Agent. This mechanism MUST be used only between Home Agents on different links serving the same home prefix. It SHOULD not be used between Home Agents on the same link. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '3' is defined on line 996, but no explicit reference was found in the text == Unused Reference: '5' is defined on line 1004, but no explicit reference was found in the text == Outdated reference: draft-ietf-mobileip-ipv6 has been published as RFC 3775 == Outdated reference: draft-ietf-nemo-terminology has been published as RFC 4885 ** Downref: Normative reference to an Informational draft: draft-ietf-nemo-terminology (ref. '2') == Outdated reference: draft-ietf-mobileip-mipv6-ha-ipsec has been published as RFC 3776 ** Obsolete normative reference: RFC 2402 (ref. '4') (Obsoleted by RFC 4302, RFC 4305) == Outdated reference: draft-ietf-nemo-basic-support has been published as RFC 3963 -- No information found for draft-ietf-nemo-basic-usage - is the name correct? -- Possible downref: Normative reference to a draft: ref. '7' ** Obsolete normative reference: RFC 2461 (ref. '8') (Obsoleted by RFC 4861) Summary: 9 errors (**), 0 flaws (~~), 9 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 NEMO Working Group Ryuji Wakikawa 3 INTERNET DRAFT Keio University/WIDE 4 Category: Standards Track Vijay Devarapalli 5 20 Oct 2003 Nokia 6 Pascal Thubert 7 Cisco Systems 9 Inter Home Agents Protocol (HAHA) 10 draft-wakikawa-mip6-nemo-haha-00.txt 12 Status of This Memo 14 This document is an Internet-Draft and is in full conformance with 15 all provisions of Section 10 of RFC2026. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as Internet- 20 Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at 24 any time. It is inappropriate to use Internet- Drafts as reference 25 material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at: 28 http://www.ietf.org/ietf/1id-abstracts.txt 29 The list of Internet-Draft Shadow Directories can be accessed at: 30 http://www.ietf.org/shadow.html. 32 Abstract 34 This document describes an inter Home Agents (HAHA) protocol to 35 provide multiple Home Agents support for both Mobile IPv6 and the 36 Nemo Basic Support protocol. The HAHA protocol provides Home Agent 37 redundancy and load-balancing for both protocols. The HAHA protocol 38 allows multiple Home Agents to be placed at different links. It 39 also allows a Mobile Node/Router to utilize multiple Home Agents 40 simultaneously. The protocol consists of 3 mechanisms, Home Agent 41 List management, Binding Synchronization, and Home Agent Switching. 42 A Mobile Node/Router picks one Home Agent as its primary Home Agent 43 and registers with it. The primary Home Agent synchronizes the 44 binding cache information with other Home Agents. Any of Home Agents 45 can intercept a packet meant for the Mobile Node/Router and tunnel 46 the packet directly to its current Care-of address. Alternatively, 47 the Home Agent can tunnel the packet to the primary Home Agent. 49 Contents 51 Status of This Memo 1 53 Abstract 1 55 1. Introduction 4 57 2. Terminology 6 59 3. Overview of Inter Home Agents Protocol 7 61 4. Message Formats 9 62 4.1. New ICMP Messages . . . . . . . . . . . . . . . . . . . . 9 63 4.1.1. Home Agent Solicitation Message . . . . . . . . . 9 64 4.1.2. Home Agent Advertisement Message . . . . . . . . 10 65 4.2. New Mobility Header Messages . . . . . . . . . . . . . . 11 66 4.2.1. Binding Information Request Message . . . . . . . 11 67 4.2.2. Binding Information Reply Message . . . . . . . . 12 68 4.2.3. Home Agent Switch Request Message . . . . . . . . 12 69 4.3. New Mobility Options . . . . . . . . . . . . . . . . . . 13 70 4.3.1. Home Address . . . . . . . . . . . . . . . . . . 13 71 4.3.2. Mobile Network Prefix Option . . . . . . . . . . 14 72 4.3.3. Binding Cache Entry Information Option . . . . . 14 74 5. Home Agent Lists Management 16 75 5.1. Requesting Home Agent Information . . . . . . . . . . . . 16 76 5.2. Notifying Home Agent Information . . . . . . . . . . . . 16 78 6. Binding Synchronization among Home Agents 17 79 6.1. Requesting Binding . . . . . . . . . . . . . . . . . . . 17 80 6.2. Notifying Binding . . . . . . . . . . . . . . . . . . . . 17 82 7. Primary Home Agent Switching 18 83 7.1. Home Agent initiated Switching . . . . . . . . . . . . . 19 84 7.2. Mobile Router initiated Switching . . . . . . . . . . . . 19 86 8. Scenarios 20 87 8.1. Solo Home Agent Activation . . . . . . . . . . . . . . . 20 88 8.2. Multiple Home Agent Activation . . . . . . . . . . . . . 21 90 9. Modifications to Mobile IPv6 and the Nemo Basic Support Protocol 24 92 10. IANA Considerations 26 94 11. Security Considerations 26 96 A. Predictive HA discovery 28 98 Addresses 33 99 1. Introduction 101 In Mobile IPv6 [1], a Mobile Node could be tunneling and receiving 102 all its traffic through a bi-directional tunnel with its Home Agent, 103 unless it uses Route Optimization with its Correspondent Nodes. In 104 Nemo Basic Support protocol [6], the default mode of operation is 105 to tunnel all traffic meant for the Mobile Network through the Home 106 Agent serving the Mobile Router. Consequently, Home Agents could 107 become a considerable bottleneck in the performance of Mobile IPv6 108 and Nemo protocols. This becomes more significant when the Home 109 Agent serves thousands of Mobile Node and Mobile Routers. Sometimes 110 the Mobile Network could be closer to the Correspondent Node than 111 the Home Agent. If the Mobile Router could pick another Home Agent 112 closer to its current location, the tunneling overhead on every 113 packet could be reduced to a much shorter path in the Internet. 115 This draft specifies the inter Home Agents protocol (HAHA protocol) 116 to provide redundancy and load balancing of Home Agents. For the 117 HAHA protocol, the definition of Home Agent is extended to place 118 multiple Home Agents at different links. Multiple Home Agents could 119 be located on different links and still serve the same home prefix. 120 Mobile IPv6 uses a IPv6 Neighbor Discovery based mechanism for 121 maintaining the list of Home Agents serving the same prefix, at each 122 Home Agent. If the Home Agents are not present on the same physical 123 link, Neighbor Discovery based mechanisms don't work. The HAHA 124 protocol defines a mechanism for Home Agents List management using 125 new ICMP messages for Home Agents located on different links. 127 The HAHA protocol makes it possible to have two new scenarios which 128 would not have possible with Mobile IPv6 and the Nemo Basic Support 129 Protocol. These scenarios are Solo Home Agent Activation and 130 Multiple Home Agent Activation and are explained in the following 131 paragraphs. 133 In the scenario of Solo Home Agent activation, a Mobile Router always 134 selects the best Home Agent to register its binding depending on 135 Mobile Router's current location or Home Agent status. For example, 136 when a Mobile Router registers its binding to the nearest Home Agent, 137 the path between the Mobile Router and the Home Agent can be the 138 shortest possible path. This is particularly useful for a Mobile 139 Router which moves over geographically wide areas such as a Mobile 140 Router on an airplane. 142 In the scenario of Multiple Home Agent activation, a Mobile 143 Node/Router registers its binding to multiple Home Agents at the same 144 time. The Mobile Router sends a binding update to its primary home 145 agent. After the home registration, the primary Home Agent exchanges 146 the binding information with the other Home Agents. Thereafter, the 147 Mobile Node/Router can use any of these Home Agents which have the 148 binding. The Mobile Router can accept packets which are tunneled by 149 any of the Home Agents. Alternatively, a Home Agent who intercepts 150 packets can tunnel packets to the primary Home Agent. In this case, 151 the Mobile Router receives packets through the primary Home Agent. 152 If many Home Agents are scattered on the Internet, the Home Agent 153 nearest to the correspondent node intercepts packets meant for the 154 Mobile Node or the Mobile Network and tunnels them to the Mobile 155 Node/Router. The route path between the correspondent node and the 156 Home Agent can be kept short. 158 2. Terminology 160 There is a separate Nemo terminology document [2], which defines the 161 terms related to Network Mobility used in the document. 163 The keywords ``MUST'', ``MUST NOT'', ``REQUIRED'', ``SHALL'', ``SHALL 164 NOT'', ``SHOULD'', ``SHOULD NOT'', ``RECOMMENDED'', ``MAY'', and 165 ``OPTIONAL'' in this document are to be interpreted as described in 166 RFC 2119. 168 Home Agent 170 A Home Agent is originally defined in [1]. Traditional 171 Home Agents, if they all serve the same home prefix are 172 configured on a single link. This document extends the 173 definition of Home Agents such that the Home Agents need 174 not be on the same link. There could be multiple Home 175 Agents attached to different links serving the same home 176 prefix. 178 Primary Home Agent 180 A Home Agent who receives Binding Update from a Mobile 181 Router. The Mobile Router is always associated with a 182 primary Home Agent to register its binding. 184 3. Overview of Inter Home Agents Protocol 186 When multiple Home Agents are configured at different links, each 187 home agent is expected to know the other Home Agents beforehand and 188 establishes Security Association with them for a secure path towards 189 the other home agent. 191 Each Home Agent manages information of all Home Agents in its Home 192 Agent list. But each Home Agent can not listen Router Advertisements 193 sent by the other Home Agents configured at different link, because 194 Router Advertisements can not be sent over the link-local scope. 195 Therefore, each Home Agents periodically unicasts a Home Agent 196 Advertisement message instead of Router Advertisement to the 197 other Home Agents configured at different links. The Home Agent 198 Advertisement message MUST be sent with the ICMP Prefix Information 199 Option and the ICMP Home Agent Information Option defined in [1]. 200 Whenever a Home Agent receives a Home Agent Advertisement message, it 201 updates its home agent list according to the received message. The 202 Home Agent proceeds the Home Agent Advertisement as same as when it 203 receives Router Advertisements with the H bit flag. The Home Agent 204 manages the home agent list as same as the Mobile IPv6 specification. 205 If the lifetime of an entry is expired in the home agent list, the 206 Home Agent should solicit a Home Agent Advertisement message by 207 unicasting a Home Agent Solicitation message. 209 Binding synchronization of a particular Mobile Node/Router can 210 activate multiple Home Agents simultaneously. When a primary 211 Home Agent receives a Binding Update and creates a binding, it 212 notifies the binding to the other Home Agents by unicasting Binding 213 Information Reply messages. Home Agents receiving the Binding 214 Information Reply message records binding information and the address 215 of the primary home agent into their binding cache. A Home Agent 216 sends a Binding Information Request message to solicit a Binding 217 Information Reply message to the primary Home Agent if needed. 219 When a Home Agent wants a Mobile Router to change the primary Home 220 Agent, it sends a Home Agent Switch Request message to trigger the 221 Dynamic Home Agent Address Discovery to a Mobile Node/Router. After 222 receiving an ICMP Home Agent Address Discovery Request, the Home 223 Agent should reply an ICMP Home Agent Address Discovery Reply with 224 addresses of appropriate Home Agent addresses. If the Home Agent 225 has already had the desired new primary Home Agent, it contains 226 the address of the new Home Agent in the Home Agent Switch Request 227 message. The Mobile Router switches its primary Home Agent to the 228 new Home Agent. When the Mobile Node/Router changes the primary Home 229 Agent proactively, it selects a new Home Agent from its home agent 230 list. After determination of the new Home Agent, it simply registers 231 its binding to the new Home Agent. The Mobile Node/Router should 232 de-register its binding from the old Home Agent before the home 233 registration to the new Home Agent. 235 The scenarios for the HAHA protocol are described in Section 8. In 236 the solo Home Agent activation scenario, only a primary Home Agent 237 manages a binding for a Mobile Node/Router and takes responsibility 238 for tunneling packets from and to a Mobile Node/Router. The Mobile 239 Node/Router can switch its primary Home Agent to a Home Agent located 240 in different link by the HAHA protocol. 242 In the Multiple Home Agents activation scenario, a primary Home 243 Agent shares the registered binding for a Mobile Node/Router with 244 all other Home Agents. Each Home Agent intercepts packets and take 245 responsibility for delivering intercepted packets to either the 246 Mobile Node/Router or the primary Home Agent. The Mobile Node/Router 247 accepts tunneled packets directly from the Home Agent. Otherwise, 248 when the primary Home Agent receives tunneled packets from other Home 249 Agents, it delivers packets to the Mobile Node/Router. The Mobile 250 Node/Router always tunnels outgoing packets to the primary Home 251 Agent. The Mobile Node/Router can switch its primary Home Agent to a 252 Home Agent located in different link by the HAHA protocol. 254 4. Message Formats 256 4.1. New ICMP Messages 258 4.1.1. Home Agent Solicitation Message 260 The Home Agents Solicitation message is only used if a particular 261 entry is expiring in the Home Agents list and there has been no 262 unsolicited Home Agent Advertisement message from the Home Agent 263 whose entry is expiring. 265 The Home Agent Solicitation message has similar format of Route 266 Solicitation message [8]. The Home Agent Solicitation message 267 MUST be unicasted to invoke Home Agent Advertisement messages to 268 other Home Agents. The Home Agent Solicitation message MUST NOT be 269 multicasted and MUST NOT be used for Home Agents located at the local 270 link. 272 0 1 2 3 273 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 274 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 275 | Type | Code | Checksum | 276 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 277 | Reserved | 278 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 279 | Options ... 280 +-+-+-+-+-+-+-+-+-+-+-+- 282 The Source Address filed of the IPv6 header MUST be set to a 283 originator (Home Agent) address. The Destination Address field of 284 the IPv6 header MUST be set to an IPv6 global unicast address of 285 other Home Agents. Both a non-global scope address and non unicast 286 address MUST NOT be used in a Home Agent Solicitation message. The 287 Hop Limit field of the IPv6 header MUST be set to an initial hop 288 limit value, similarly to any other unicast packet. 290 The fields of a Home Agent Solicitation message are same as a Router 291 Solicitation message except for the Type field. The type field MUST 292 be set to 155 (To Be Assigned by IANA). 294 Home Agent Solicitation message MUST be authenticated and encrypted 295 by the use of IPsec ESP. 297 4.1.2. Home Agent Advertisement Message 299 The Home Agent Advertisement messages are sent between Home Agents to 300 maintain the Home Agents List at each Home Agent. 302 0 1 2 3 303 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 304 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 305 | Type | Code | Checksum | 306 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 307 | Cur Hop Limit |M|O|H| Reserved| Router Lifetime | 308 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 309 | Reachable Time | 310 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 311 | Retrans Timer | 312 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 313 | Options ... 314 +-+-+-+-+-+-+-+-+-+-+-+- 316 The Source Address filed of the IPv6 header MUST be set to a 317 originator (Home Agent) address. The Destination Address field of 318 the IPv6 header MUST be set to the global unicast address of another 319 Home Agent. Non-global scope or non-unicast addresses MUST NOT be 320 used in a Home Agent Advertisement message. The Hop Limit field of 321 the IPv6 header MUST be set to an initial hop limit value, similarly 322 to any other unicast packet. 324 The fields of a Home Agent Advertisement message are same as a Router 325 Advertisement message except for the Type field. The type field MUST 326 be set to 156 (To Be Assigned by IANA). 328 A Prefix Information Option and a Home Agent Information Option MUST 329 be included in a Home Agent Advertisement message. The treatment of 330 options is same as options defined in Mobile IPv6 [1]. 332 Home Agent Advertisement message MUST be authenticated and encrypted 333 by IPsec ESP. 335 4.2. New Mobility Header Messages 337 The Mobility Header format is defined in section 6 of [1]. This 338 document defines three new mobility messages for Binding Cache 339 information exchange and for switching primary Home Agents. 341 4.2.1. Binding Information Request Message 343 The Binding Information Request Message is used to request Binding 344 Cache Information corresponding to a particular Mobile Node/Router. 345 It is sent only between Home Agents. The format of the is as 346 follows: 348 0 1 2 3 349 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 350 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 351 | Identifier | 352 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 353 | | 354 . . 355 . Mobility Options . 356 . . 357 . | 358 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 360 Identifier 362 The 16-bit identifier to aid in matching Home Agent Information 363 Reply message. The identifier should never be set to 0. It 364 should always be more than 1. 366 This message MUST include either the Home Address mobility option 367 4.3.1 or the Mobile Network Prefix Option 4.3.2. If a Home 368 Agents want the Binding Cache Information for a particular Mobile 369 Node/Router it includes a Home Address mobility option. If a Home 370 Agent wants to know the forwarding state setting up for a particular 371 Mobile Network Prefix, it includes the Mobile Network Prefix Option. 373 This message is optional if Home Agents send out unsolicited Binding 374 Information Reply messages. 376 Binding Information Request message MUST be authenticated and 377 encrypted by IPsec ESP. 379 4.2.2. Binding Information Reply Message 381 The Binding Information Reply message is used by the Home Agents 382 to exchange Binding Cache Information. The message format is as 383 follows: 385 0 1 2 3 386 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 387 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 388 | Identifier | 389 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 390 | | 391 . . 392 . Mobility Options . 393 . . 394 . | 395 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 397 Identifier 399 The identifier should be set 0 for unsolicited Binding 400 Information Reply messages. Otherwise, the identifier should 401 be set to the identifier in a Binding Information Request 402 message if this is a solicited Binding Information Reply 403 message. 405 Binding Information Reply message MUST be authenticated and encrypted 406 by IPsec ESP. 408 4.2.3. Home Agent Switch Request Message 410 This message is sent by a Home Agent to a Mobile Node/Router to 411 trigger Dynamic Home Agent Discovery. The message format is as 412 follows: 414 0 1 2 3 415 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 416 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 417 | Reserved | 418 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 419 | | 420 + + 421 | | 422 + Home Agent Address + 423 | | 424 + + 425 | | 426 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 428 Reserved 430 16-bit field reserved for future use. The value SHOULD be 431 initialized to zero by the sender, and MUST be ignored by the 432 receiver. 434 Home Agent Address 436 A 16 byte field contains the new primary Home Agent Address. 437 The Home Agent address MUST be recorded in the Home Agent list 438 of the Mobile Router. If this field does not contain the 439 valid global IPv6 address or the unknown Home Agent address, 440 the Mobile Router sends dynamic Home Agent address discovery 441 request message. Otherwise, the Mobile Router switches to this 442 Home Agent immediately as its primary Home Agent. 444 Home Agent Switch Request message MUST be authenticated and encrypted 445 by the use of IPsec ESP mode. 447 4.3. New Mobility Options 449 4.3.1. Home Address 451 The Home Address option has an alignment requirement of 8n+6. Its 452 format is as follows: 454 0 1 2 3 455 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 456 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 457 | Type = 0x8 | Option Length | 458 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 459 | | 460 + + 461 | Home Address | 462 + + 463 | | 464 + + 465 | | 466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 468 This option is used when the Home Agent needs to figure out the 469 Binding Cache information for a particular Mobile Node or Mobile 470 Router. not useful when each Home Agent sends an unsolicited binding 471 cache information for each BU it receives. 473 4.3.2. Mobile Network Prefix Option 475 This option is already defined in the Nemo basic support [6]. This 476 option is included in the Binding Information Request message only if 477 a Home Agent is requesting information regarding a particular Mobile 478 Network Prefix. 480 4.3.3. Binding Cache Entry Information Option 482 The Binding Cache Entry Information option has an alignment 483 requirement of 8n+2. Its format is as follows: 485 0 1 2 3 486 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 487 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 488 | Type = 0x9 | Option Length | 489 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 490 | | 491 + + 492 | Home Address | 493 + + 494 | | 495 + + 496 | | 497 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 498 | | 499 + + 500 | | 501 + Care-of Address + 502 | | 503 + + 504 | | 505 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 506 | Flags | Sequence Number | 507 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 508 | Lifetime | Number of MNPs | 509 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 510 | | 511 . Mobile Network Prefixes . 512 . . 514 Binding Cache Entry Information option is valid in the Binding 515 Information Reply. 517 The fields of Home Address, Care-of Address, Flags, Sequence Number, 518 and Lifetime are copied from the registered binding of a particular 519 Mobile Node or Mobile Router. 521 The field ``Number of MNPs'' tells the receiving Home Agent which 522 Mobile Network Prefixes are owned by a Mobile Router. The receiving 523 Home Agent can then setup forwarding for each Mobile Network Prefix. 524 for Mobile IPv6, the ``Number of MNPs'' field is set to 0. 526 5. Home Agent Lists Management 528 Mobile IPv6 uses Router Advertisement messages to manage Home Agent 529 lists on each Home Agents. When home agents are placed at different 530 links, Router Solicitation and Advertisement messages can not be 531 used due to link-local limitation. Therefore, we defined new ICMP 532 messages to exchange similar information of Router Solicitation and 533 Advertisement among Home Agents over the home link. 535 A Home Agent MUST know other Home Agents which configured in 536 different links beforehand. This is manually configured on each 537 Home Agent. This mechanism MUST be used only between Home Agents on 538 different links serving the same home prefix. It SHOULD not be used 539 between Home Agents on the same link. 541 If a Home Agent Solicitation message or a Home Agent Advertisement 542 message is received from unknown Home Agent, the message MUST be 543 silently dropped. 545 5.1. Requesting Home Agent Information 547 A Home Agent sends a Home Agent Solicitation message when the home 548 agent wants to update information of a particular Home Agent. This 549 is useful a Home Agent boots up and starts acting as a home agent or 550 when the lifetime of a Home Agent list entry is about to expire. 552 A sender Home Agent MUST construct the Home Agent Solicitation in the 553 same manner as a Router Solicitation message [8] and MUST unicast it 554 to the target Home Agent. 556 The receiver MUST verify the Source address field of the IPv6 header. 557 If the source address is not among the known Home Agents, the 558 message MUST be discarded. If the Home Agent Solicitation message is 559 processed successfully, the receiver sends a Home Agent Advertisement 560 message to the Home Agent which solicits the information. 562 5.2. Notifying Home Agent Information 564 A Home Agent MUST send a Home Agent advertisement message when 565 it receives a valid Home Agent Solicitation message. The Home 566 Agent SHOULD also send a Home Agent Advertisement when its local 567 information such as preference, lifetime, and registration status, 568 etc. changes. 570 A Home Agent Advertisement MUST be constructed as same manner as a 571 Router Advertisement message described in section 7 of [1] and MUST 572 be sent by a unicast to the destination (other Home Agents). 574 The receiver of a Home Agent Advertisement MUST verify the Source 575 address field of the IPv6 header. If the source address is not in 576 the list of know Home Agents, the message MUST be silently dropped. 577 Otherwise, the receiver processes the Home Agent Advertisement 578 message to update its Home Agent list. 580 The receiver MUST NOT treat the Home Agent Advertisement as a Router 581 Advertisement for the address autoconfiguration or the default 582 router list management. The Home Agent Advertisement MUST be used 583 only for the Home Agent list management. Therefore, the Home Agent 584 Advertisement MUST have Home Agent (H) bit and MUST have a Modified 585 Prefix Information Option and a Home Agent Information Option. If 586 these are not included in the Home Agent Advertisement message, the 587 receiver MUST ignore the message. 589 Any Home Agent Advertisement message satisfying all of these tests 590 MUST be processed to update its Home Agent list according to the 591 processing rules described in section 10.5.1 of [1]. 593 6. Binding Synchronization among Home Agents 595 A binding for a particular Mobile Node/Router is shared among Home 596 Agents. Therefore, each Home Agents can always know the binding 597 for a particular Mobile Router and the primary Home Agent which is 598 currently serving the Mobile Router. This makes it possible for 599 Mobile Routers to utilize multiple Home Agents simultaneously. 601 6.1. Requesting Binding 603 When a Home Agent wants a binding for a particular Mobile 604 Node/Router, it can solicit Binding Information Reply message. The 605 Home Agent sends a Binding Information Request message to the primary 606 home agent of the Mobile Node/Router. The Home Agent MUST set a 607 random value to the Identifier field in the Binding Information 608 Request message and MUST include either a Home Address mobility 609 option or a Mobile Network Prefix mobility option. 611 6.2. Notifying Binding 613 The primary Home Agent sends Binding Information Reply messages when 614 it is solicited by Binding Information Request message or when it 615 creates or updates binding for a particular Mobile Node/Router. 617 When the primary Home Agent receives a Binding Information Request 618 message, it MUST verifies the Source address field of the IPv6 619 header. If the source address is not among the know Home Agents, the 620 message MUST be silently discarded. 622 If a Home Agent who receives a Binding Information Request message is 623 not the primary Home Agent for the requested Mobile Node/Router, it 624 MUST ignore the message. Otherwise, it SHOULD reply to the Binding 625 Information Request message. 627 The binding information of the requested Mobile Node/Router are 628 stored in the Binding Information Reply message. The primary Home 629 Agent MUST copy the binding information of the requested Mobile 630 Node/Router to each fields of a Binding Cache Entry Information 631 option. If the Binding Information Reply message is sent in response 632 to the Binding Information Request message, the primary Home Agent 633 MUST copy the Identifier field of the Request message to the same 634 filed in the Reply message. Otherwise, it MUST set zero to the 635 Identifier field. 637 When a Home Agent receives a Binding Information Reply message, it 638 MUST verify the Source address field of the IPv6 header. If the 639 source address is not among the know Home Agents, the message MUST be 640 silently discarded. If the Binding Information Reply message is sent 641 from the primary Home Agent, the Home Agent SHOULD record the binding 642 information and the primary Home Agent address into its Binding 643 Cache. 645 Both a Binding Information Reply message and a Binding Information 646 Request message MUST be authenticated and encrypted by IPsec ESP. 647 If a message does not have IPsec ESP header, the message MUST be 648 ignored. 650 7. Primary Home Agent Switching 652 A Mobile Router always associates with the best Home Agent from home 653 agents configured for the Mobile Router. The Mobile Router initiates 654 dynamic Home Agent discovery to get the most appropriate home agents. 655 The Mobile Router can ensure the best Home Agent by issuing a dynamic 656 Home Agent address discovery request message at each visiting foreign 657 links. Alternatively, Home Agent can send Home Agent Switch Request 658 message as a trigger of a dynamic Home Agent address discovery 659 request message to the Mobile Router. 661 The Home Agent initiated switching is useful for load-sharing of each 662 Home Agents. A Home Agent can control the load average by moving 663 some of Mobile Routers to other Home Agents compulsory. 665 The Mobile Router initiated switching guarantees a Mobile Router 666 to register its binding to the best Home Agent all the time. For 667 example, the best Home Agent is the nearest one. 669 7.1. Home Agent initiated Switching 671 A Mobile Router can change its primary Home Agent when it is 672 requested by a Home Agent. When a Mobile Router receives a Home 673 Agent Switch Request, it checks the Home Address field in the 674 request. If the address in the Home Address field is global scope 675 address and is already recorded in the Home Agent list of the Mobile 676 Router, the Mobile Router immediately switches to the requested 677 Home Agent by the Home Agent Switch Request. On the other hand, 678 the Mobile Router MUST send a Dynamic Home Agent Discovery Request 679 message to the Mobile IPv6 Home-Agents anycast address. After 680 receiving a Dynamic Home Agent Discovery Reply, the Mobile Router 681 selects the most appropriate home agent and changes its primary Home 682 Agent to the selected Home Agent. 684 The primary Home Agent switching is completed when the Mobile Router 685 registers its binding to the new Home Agent. 687 7.2. Mobile Router initiated Switching 689 When a Mobile Router decides to change its primary Home Agent, it 690 selects the new Home Agent from its Home Agent list. The Mobile 691 Router can start Dynamic Home Agent Address Discovery to update Home 692 Agents information such as a preference value of each Home Agents. 694 After selection of a new Home Agent, it registers its binding to the 695 new Home Agent. 697 8. Scenarios 699 8.1. Solo Home Agent Activation 701 MR PHA HA2 HA3 CN 702 | | | | | 703 |------>| | | | 1. Home Registration 704 | | | | | 705 |======>|---------------------->| 2. Sending Packet to CN 706 | | | | | via Primary HA"(PHA) 707 |<======|<----------------------| 3. Sending Packet to MN/MR 708 | | | | | via PHA 709 |<------|(HA1) | | | 4. Trigger primary HA switching 710 | | | | | 711 |-------------->|(PHA) | | 5. Sending Binding Update 712 | | | | | 713 | |<------|------>| | 6. Soliciting the binding 714 | | | | | to other HAs. (no reply) 715 |<--------------| | | 7. Sending Binding Acknowledgement 716 | | | | | 717 |==============>|-------------->| 8. Sending Packet to CN 718 | | | | | 719 |<==============|<--------------| 9. Sending Packet to CN 720 | | | | | 722 Figure 1: Solo Home Agent with single bi-directional tunnel 724 This scenario is only valid for the Nemo basic support. Only the 725 primary Home Agent advertises a home prefix and mobile network 726 prefixes (might be aggregated in terms of extended/aggregated home 727 prefix [7]) to the Internet in Fig 1. When a Home Agent receives a 728 Binding Update from a Mobile Router and processes the Binding Update 729 successfully, it enables route distribution for the mobile network 730 prefixes. On the other hand, if the Home Agent receives a Binding 731 Update requesting to delete the binding (de-registration), it stops 732 distributing routes for the mobile network prefixes. The Home Agent 733 should not stop route distribution when the binding is expired due to 734 lifetime expiration. The Home Agent needs explicit de-registration 735 (i.e. Binding Updates for de-registration) to stop the routes 736 distribution. 738 All packets meant for the mobile network are routed to the primary 739 Home Agent and are intercepted by the primary Home Agent as well as 740 the Nemo basic support. Then, the primary Home Agent tunnels packets 741 to the Mobile Router according to the forwarding states established 742 by a Binding Update (Seq2 and Seq3). 744 When the Mobile Router switches its primary Home Agent, it sends a 745 Binding Update to the new primary Home Agent (Seq5). The new primary 746 Home Agent receiving the Binding Update verifies whether the other 747 Home Agents still hold the binding for the Mobile Router. It sends 748 Binding Information Request messages to all the other Home Agents 749 (Seq6). If it receives any Binding Information Reply message in 750 response to the Binding Information Request messages, it sends a 751 Binding Acknowledge to the Mobile Router with the status value set to 752 144 (another Home Agent is still active). Otherwise, the Home Agent 753 accepts the Binding Update and becomes the primary Home Agent for the 754 Mobile Router (Seq7). 756 If the Mobile Router receives the Binding Acknowledge with a negative 757 status code, it de-registers its binding from the old primary home 758 agent and retries to send a Binding Update to the new primary home 759 agent. Before trying home registration to the new Home Agent, the 760 Mobile Router should de-register its binding from the current primary 761 Home Agent. 763 When the Mobile Router receives a Home Agent Switch Request from the 764 current primary Home Agent, it MUST switch its primary Home Agent 765 to the new Home Agent specified in the Home Agent Switch Request. 766 The Mobile Router can also switch the primary Home Agent proactively 767 without the Home Agent Switch Request. 769 8.2. Multiple Home Agent Activation 771 This scenario can be applied to both Mobile IPv6 and the Nemo basic 772 support protocol. Each Home Agent advertises the same home prefix 773 to the Internet. In the Nemo case, all the Home Agents having a 774 binding for a Mobile Router MUST distribute routes for mobile network 775 prefixes as well as the home prefix. The home prefix and the mobile 776 network prefixes could be aggregated in terms of extended/aggregated 777 home prefix described in [7]. 779 Each Home Agent synchronizes a binding for a particular Mobile 780 Node/Router by the HAHA protocol. If all the Home Agents who have 781 the binding for the Mobile Router can setup forwarding for the Home 782 Address and the mobile network prefixes owned by the Mobile Router, 783 it tunnels intercepted packets directly to the Mobile Node/Router 784 (Fig 3). On the other hand, if the Home Agent does not enable 785 forwarding for the Home Address and the mobile network prefixes, 786 it tunnels intercepted packets to the primary Home Agent (Fig 2) 787 first. Then the primary Home Agent re-tunnels packets to the Mobile 789 MN/MR PHA HA2 CN1 HA3 CN2 790 | | | | | | 791 |------>| | | | | 1. Home Registration 792 | | | | | | 793 | |------>| | | | 2. Sending binding to HA2 794 | | | | | | 795 | |---------------------->| | 3. Sending binding to HA3 796 | | | | | | 797 |======>|-------------->| | | 4. Sending Packet to CN1 798 | | | | | | via PHA 799 |<======|<------|<------| | | 5. Sending Packet to MN/MR 800 | | | | | | via HA2 and PHA 801 |======>|------------------------------>| 6. Sending Packet to CN2 802 | | | | | | via PHA 803 |<======|<----------------------|<------| 7. Sending Packet to MN/MR 804 | | | | | | via HA3 and PHA 805 |-------------->|(PHA) | | | 8. Home Registration 806 | | | | | | 807 | (HA1)|<------|-------------->| | 9. Sending binding to 808 | | | | | | HA1 and HA3 809 |==============>|---------------------->| 10. Sending Packet to CN2 810 | | | | | | via PHA 811 |<==============|<--------------|<------| 11. Sending Packet to MN/MR 812 | | | | | | via HA3 and PHA 814 Figure 2: Multiple Home Agents with single bi-directional tunnel 816 Node/Router. It is a matter of operations whether forwarding setting 817 is enable on all the Home Agent or not. 819 In the figure 2, a Mobile Node/Router first registers its binding to 820 the primary Home Agent (Seq1). Once the primary Home Agent creates 821 a binding for the home address of the Mobile Node/Router and sets 822 up forwarding for the mobile network prefixes, it sends Binding 823 Information Reply messages to other Home Agents to synchronize the 824 binding information (Seq2 and Seq3). When a Home Agent receives the 825 Binding Information Reply message, it records the binding and the 826 primary Home Agent address (which can be retrieved from the source 827 address of the Binding Information Reply messages) in the binding 828 cache entry. 830 After the completion of the binding synchronization, all Home 831 Agents start to distribute the network routes for the mobile network 832 prefixes to the Internet. Therefore, when the mobile network node 833 communicates with a correspondent node, outgoing packets from the 834 mobile network are tunneled to the closer primary Home Agent (Seq4) 835 and incoming packets to the mobile network are intercepted by the 836 Home Agent which is close to the correspondent node (Seq5). Then, 837 the intercepted packets are forwarded/tunneled to the primary Home 838 Agent. The primary Home Agent delivers the packets to the Mobile 839 Router through the bi-directional tunnel (Seq5). 841 If the Mobile Router decides to switch its primary Home Agent due 842 to its movement, it sends a Binding Update to the new primary home 843 agent. Then, the new primary Home Agent starts to synchronize the 844 binding information with other Home Agents (Seq9). All Home Agent 845 updates the binding and the primary Home Agent address according to 846 the received Binding Information Reply message. 848 MN/MR HA1 HA2 CN1 HA3 CN2 849 | | | | | | 850 |------>| | | | | 1. Home Registration 851 | | | | | | 852 | |------>| | | | 2. Sending the binding 853 | | | | | | to HA2 854 | |---------------------->| | 3. Sending the binding 855 | | | | | | to HA3 856 |======>|-------------->| | | 4. Sending Packet to CN1 857 | | | | | | via HA1 858 |<==============|<------| | | 5. Replying to MN/MR 859 | | | | | | via HA2 860 |======>|------------------------------>| 6. Sending Packet to CN2 861 | | | | | | via HA1 862 |<==============================|<------| 7. Replying to MN/MR 863 | | | | | | via HA3 865 Figure 3: Multiple Home Agents with multiple 866 bi-directional tunnels 868 In the figure 3, a Mobile Node/Router first sends a Binding Update 869 to its primary Home Agent (Seq1). The primary Home Agent also 870 notifies the binding information to other Home Agents by using 871 Binding Information Reply messages (Seq2 and Seq3). When a Home 872 Agent receives the Binding Information Reply message, it records the 873 binding and the primary home agent address as a binding cache entry 874 for the Mobile Node/Router and sets up forwarding for mobile network 875 prefixes if any. 877 After creating the binding cache entry and setting up forwarding, 878 each Home Agent starts to distribute network routes for the mobile 879 network prefixes to the Internet. When the Mobile Network Node 880 communicates with a Correspondent Node, outgoing packets from 881 the mobile network are tunneled to the primary Home Agent (Seq4). 882 Incoming packets to the mobile network are intercepted by the Home 883 Agent which is close to the Correspondent Node (Seq5). Then, the 884 intercepted packets are tunneled directly to the current Care-of 885 Address according to binding and forwarding (Seq5). 887 The procedure of primary Home Agent switching is same as the 888 procedure described in Fig 2. 890 9. Modifications to Mobile IPv6 and the Nemo Basic Support Protocol 892 The HAHA protocol modifies the below items of Mobile IPv6 [1] and the 893 Nemo Basic Support protocol [6]. 895 - The new status values for the Binding Acknowledgment. 897 When a Mobile Node/Router receives this status for its home 898 registration, it MUST de-register its binding from the old 899 primary Home Agent and SHOULD re-try home registration. A 900 Home Agent SHOULD use this status value only in the solo Home 901 Agent activation scenario. The primary Home Agent can not be 902 duplicated in the scenario and can only have a binding for a 903 particular Mobile Node/Router all the time. 905 Status 907 144 Another primary Home Agent is still active. 909 - Binding Cache Registration 910 The conceptual fields of each Binding Cache entry are defined 911 in [1]. The HAHA protocol introduces an additional field to 912 record the primary Home Agent address for a Mobile Node/Router. 914 When a Home Agent receives a Binding Information Reply message, 915 it creates or updates the binding cache entry. The Home Agent 916 MUST record the primary Home Agent address in the binding cache 917 entry. The address can be derived from the Source address field 918 of IPv6 header in the Binding Information Reply message. 920 When a primary Home Agent receives a Binding Update from a Mobile 921 Node/Router, it MUST records its own address as the primary Home 922 Agent address in the binding cache entry. 924 - Tunneling packets to Mobile Node/Router from Home Agents 925 Home Agents who registers a binding by the HAHA protocol can 926 tunnel packets meant for the Mobile Node/Network to the current 927 Care-of Address as well as the primary Home Agent. The Mobile 928 Node/Router can accept the tunneled packets. The Mobile 929 Node/Router MUST know all the Home Agents who has its binding in 930 the home agent list so as to verify the Source address of outer 931 IPv6 header. 933 - Tunneling packets to primary Home Agent from Home Agents 934 When one of Home Agents who has a binding intercepts packets 935 meant for a particular Mobile Node/Router, the Home Agent can 936 tunnel packets to the primary Home Agent recorded in the binding 937 cache. The primary Home Agent tunnels packets to the current 938 Care-of Address of the Mobile Node/Router. 940 10. IANA Considerations 942 This document defines two new ICMP options 944 - Home Agent Solicitation Message 946 - Home Agent Advertisement Message 948 This document defines three new Mobility Header messages 950 - Binding Information Request Message 952 - Binding Information Reply Message 954 - Home Agent Switch Request Message 956 This document defines two new Mobility Options. 958 - Home Address 960 - Binding Cache Entry Information 962 11. Security Considerations 964 Multiple Home Agents advertise routes for either same Home Prefix and 965 possibly Mobile Network Prefix in the HAHA protocol, these routes 966 MUST be correctly advertised. System Administrators MUST prevent 967 malicious (blackhole) routes for these prefixes. 969 A Home Agent MUST know the other Home Agent serving a same Mobile 970 Node/Router and MUST establish a secure association with each Home 971 Agent. All signaling messages between the Mobile Router and the Home 972 Agent MUST be authenticated and encrypted by IPsec ESP [4]. 974 The Mobile Node/Router MUST verify that packets are tunneled through 975 the known Home Agent. In Multiple Home Agent activation scenario, 976 the Mobile Node/Router may receives packets tunneled by multiple Home 977 Agents. The Mobile Node/Router MUST know all Home Agents who has its 978 binding by the HAHA protocol in its Home Agent List by using Home 979 Agent Address Discovery. It is necessary for a Mobile Node/Router to 980 know all other Home Agents in order to protect attacks launched by 981 malicious Home Agents. 983 Please refer to the Mobile IPv6 specification [1] and the Nemo Basic 984 Support protocol specification [6] for security considerations. 986 References 988 [1] D. Johnson, C. Perkins and J. Arkko. Mobility Support 989 in IPv6 (work in progress). Internet Draft, IETF. 990 draft-ietf-mobileip-ipv6-22.txt. May 2003. 992 [2] T. Ernst and H. Lach. Network Mobility Support Terminology (work 993 in progress). Internet Draft, IETF. draft-ietf-nemo-terminology 994 -00.txt May 2003. 996 [3] J. Arkko, V. Devarapalli and F. Dupont. Using IPsec to 997 Protect Mobile IPv6 Signaling between Mobile Nodes and 998 Home Agents (work in progress). Internet Draft, IETF. 999 draft-ietf-mobileip-mipv6-ha-ipsec-05.txt May 2003 1001 [4] S. Kent and R. Atkinson. IP Encapsulating Security Payload (ESP). 1002 RFC 2402, IETF. November 1998. 1004 [5] A. Conta and S. Deering. Generic Packet Tunneling in IPv6 1005 Specification. RFC 2473, IETF. December 1998. 1007 [6] V. Devarapalli and R. Wakikawa and A. Petrescu and P. Thubert. 1008 Nemo Basic Support Protocol (work in progress). Internet Draft, 1009 IETF. draft-ietf-nemo-basic-support-01.txt September 2003 1011 [7] P. Thubert and R. Wakikawa and V. Devarapalli. Examples of 1012 basic Nemo usage (work in progress). Internet Draft, IETF. 1013 draft-ietf-nemo-basic-usage-00.txt October 14 2003. 1015 [8] T. Narten and E. Nordmark and W. Simpson. Neighbor Discovery for 1016 IP Version 6 (IPv6). RFC 2461, IETF. December 1998. 1018 A. Predictive HA discovery 1020 There are at least 3 approaches in order to locate the Home Agent 1021 that has a registration for a given Mobile Node, Router or Mobile 1022 Network: 1024 - reactive: This method is also referred to as 'on-demand'. In 1025 case of a binding cache miss, a Home Agent floods a request to 1026 all the other Home Agents with the (destination of the packet) 1027 home address that is sought for. Every Home Agent that has 1028 a registration for that home address or for a Mobile Network 1029 that encompasses that home address responds. This approach is 1030 traditionally used in fast changing configurations, for instance 1031 if Mobile Nodes register and de-register very often. 1033 - proactive: an information is pushed to all Home Agents with 1034 the home address and the Mobile Network Prefixes each time a 1035 primary binding entry is created for a new registration. This 1036 approach is preferred for stable configurations, for instance if 1037 Mobile IP is used as a tool to simplify the configuration and 1038 reconfiguration of mostly stable networks. 1040 - predictive: Ranges of Home Addresses and prefixes are assigned 1041 to the Home Agents, following a rule that is commonly computed by 1042 all Home Agents. Dynamic Home Agent Address Discovery (DHAAD) 1043 returns only the address of one Home Agent, the one that is 1044 pre-allocated for that Mobile Node. When the wrong Home Agent 1045 intercepts packets, it can compute which is the right Home Agent 1046 and forward packets to it at L2 if they are directly connected, 1047 or via a HAHA tunnel which is established between Home Agents. 1048 This is what we call 'Z' routing. 1050 CN --------> closest HA CN ----------> closest HA 1051 / | 1052 / | 1053 / | 1054 / | 1055 / | 1056 Assigned / | 1057 HA v V 1058 ----------> Mobile Node Mobile Node 1060 Figure 4: Z routing vs dogleg 1062 The Predictive Mode minimizes the control traffic, which may be 1063 required for a large configuration. Some additional controls would 1064 be necessary for the HAHA protocol to allow the negotiation and the 1065 distribution of the shares of Home to be attributed to each Home 1066 Agent. 1068 One specific advantage of not relying on a Home Link for HAHA 1069 communication is that for a large configuration, the Home Agents can 1070 be organized hierarchically and distributed geographically, as a set 1071 of local clusters linked together to form a global Home Network. 1073 For instance, it is possible for a large ISP to partition the Home 1074 Network for a given worldwide service, and assign a partition to a 1075 cluster of Home Agents in each of the geographies. In predictive 1076 mode, each Home Agent in the world would be able to compute the 1077 best suited Home Agent in its local cluster (call this a Acting 1078 Home Agent) and the best suited Home Agent worldwide (call this the 1079 Assigned Home Agent) for each and any Home Address. 1081 Any Home Agent processing a anycast DHAAD can predict the Assigned HA 1082 and local Acting Home Agents for a Home Address if that information 1083 is added to the DHAAD request. In the case of Mobile Routers, the 1084 service must be arranged in such ways that, for a given registration, 1085 all the Mobile Networks are assigned to a same Home Agent. 1087 Possible flows: 1089 In order to register, a Mobile Router uses DHAAD which returns one 1090 Home Agent in the closest cluster. This can be a Acting HA if the 1091 Mobile Node is roaming far from Home, but hopefully it is in general 1092 the Assigned Home Agent for that Mobile Node. When this is a Acting 1093 HA, it needs to register to the Assigned HA as proxy binding. 1095 +---------------------------------- 1096 | +-------------+ ^ ^ 1097 | | +-----+ | ^ | | 1098 | | | MNP | | | | | 1099 | | +-----+ | HA | | cluster | 1100 | | +-----+ | share | | share | 1101 | | | MNP | | | | | 1102 | | +-----+ | v | | 1103 | | +-----+ | ^ | | 1104 | | | | | | | | 1105 | | +-----+ | HA | | | 1106 | | +-----+ | share | | | 1107 | | | | | | | | 1108 | | +-----+ | v | | 1109 | | | | | 1110 | | Local Home | | | 1111 | | Network | v | 1112 | +-------------+ | 1113 | | 1114 | +-------------+ | 1115 | | | | 1116 | | +-----+ | | 1117 | | | | | global | 1118 | | +-----+ | Home | 1119 | | | Network | 1120 | +-------------+ | 1121 +--------------------------------- v 1123 Figure 5: Distributed Hierarchical Home Network 1125 When a packet destined to a given Home Address arrives at a Home 1126 Agent from a Correspondent Node: 1128 If the Home Agent is Assigned for that Home Address and it has a 1129 direct registration (it is primary), the Home Agent forwards the 1130 packet over its bi-directional tunnel established with the Mobile 1131 Node/Router (the MRHA tunnel). If it has a proxy registration (it 1132 is secondary), it forwards the packet to the primary Acting HA - or 1133 directly to the Mobile Node/Router if that is practical for tunnel 1134 setup and security reasons. Else it drops the packet. 1136 Else If the Home Agent is Acting HA for that Home Address and it has 1137 a direct registration (it is primary), the Home Agent forwards the 1138 packet over its MRHA tunnel. If it has a proxy registration (it is 1139 secondary), it forwards the packet to the primary Acting HA - or 1140 directly to the Mobile Node if that is practical for tunnel setup and 1141 security reasons. Else, it forwards the packet to the Assigned HA. 1143 CN ----------> Acting HA 1144 / closest to CN 1145 / 1146 / 1147 / 1148 Assigned / 1149 HA V 1150 " 1151 " 1152 " 1153 " 1154 " 1155 " Acting HA primary 1156 MN <----------- for that registration 1157 (closest to MR) 1159 Figure 6: Acting HA to Acting HA without Route Optimization 1161 CN ----------> closest HA 1162 | to CN 1163 | 1164 | 1165 | 1166 | 1167 v Acting HA, primary 1168 MN <--------- for that registration 1169 (closest to MR) 1171 Figure 7: Acting HA to Acting HA Route Optimization 1173 Else (if the HA is the 'wrong Home Agent') the Home Agent tunnels 1174 the packet to the best suited of the local Home Agents, be it the 1175 Assigned Home Agent, or a local Acting Home Agent. 1177 In the worst case, the packet may bounce from the receiving Home 1178 Agent to the local Acting HA, then to the Assigned HA, and finally to 1179 the Acting HA that has the registration. It is up to the Assigned 1180 Home Agent to forward the proxy binding states to the Acting Home 1181 Agent on the receiving side in order to allow Acting HA to Acting HA 1182 'Z' routing. 1184 If the Home Agents are distributed geographically, it is expected 1185 that, in general, the angles of the Z (the Home Agents) are close to 1186 the Mobile Router and Correspondent Node respectively, relatively to 1187 the distance between the Home Agents, which makes the cost of the 1188 bouncing acceptable in terms of distance and hops. 1190 When a packet from a registered Mobile Node arrives over the MRHA 1191 tunnel to a Home Agent (one that it is registered to), the Home Agent 1192 forwards the packet directly to the Correspondent Node. That Home 1193 Agent is supposed to be close to the Mobile Node, making the MR-HA-CN 1194 triangle as flat as possible and limiting the cost of the dogleg. 1196 Authors Addresses 1198 Ryuji Wakikawa 1199 Keio University and WIDE 1200 5322 Endo Fujisawa Kanagawa 1201 252-8520 1202 Japan 1203 Email: ryuji@sfc.wide.ad.jp 1205 Vijay Devarapalli 1206 Nokia Research Center 1207 313 Fairchild Drive 1208 Mountain View, CA 94043 1209 USA 1210 Email: vijay.devarapalli@nokia.com 1212 Pascal Thubert 1213 Cisco Systems Technology Center 1214 Village d'Entreprises Green Side 1215 400, Avenue Roumanille 1216 Biot - Sophia Antipolis 06410 1217 France 1218 Email: pthubert@cisco.com 1220 Full Copyright Statement 1222 Copyright (C) The Internet Society (2003). All Rights Reserved. 1224 This document and translations of it may be copied and furnished to 1225 others, and derivative works that comment on or otherwise explain it 1226 or assist in its implementation may be prepared, copied, published 1227 and distributed, in whole or in part, without restriction of any 1228 kind, provided that the above copyright notice and this paragraph 1229 are included on all such copies and derivative works. However, 1230 this document itself may not be modified in any way, such as by 1231 removing the copyright notice or references to the Internet Society 1232 or other Internet organizations, except as needed for the purpose 1233 of developing Internet standards in which case the procedures 1234 for copyrights defined in the Internet Standards process must be 1235 followed, or as required to translate it into languages other than 1236 English. 1238 The limited permissions granted above are perpetual and will not be 1239 revoked by the Internet Society or its successors or assignees. 1241 This document and the information contained herein is provided on an 1242 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1243 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1244 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1245 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1246 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1248 Acknowledgement 1250 Funding for the RFC Editor function is currently provided by the 1251 Internet Society.