Mobile IP Working Group                               Milind Kulkarni
 INTERNET-DRAFT                                           Alpesh Patel
 Category: Standards Track                                  Kent Leung
 Date    : 28 April June 2004                             Cisco Systems Inc.

                  Mobile IPv4 Dynamic Home Agent Assignment
                   draft-ietf-mip4-dynamic-assignment-01.txt
                  draft-ietf-mip4-dynamic-assignment-02.txt

 Status of this Memo

        This document is an Internet-Draft

     By submitting this Internet-Draft, I certify that any applicable
     patent or other IPR claims of which I am aware have been disclosed,
     and is any of which I become aware will be disclosed, in full conformance accordance
     with all provisions of Section 10 of RFC2026. RFC 3668.

     Internet-Drafts are working documents of the Internet Engineering
     Task Force (IETF), its areas, and its working groups. Note that
     other groups may also distribute working documents as Internet-Drafts. Internet-
     Drafts.

     Internet-Drafts are draft documents valid for a maximum of six
     months and may be updated, replaced, or obsoleted by other
     documents at any time. It is inappropriate to use Internet- Internet Drafts
     as reference material or to cite them other than as "work in progress."
     progress".

     The list of current Internet-Drafts can be accessed at
        http://www.ietf.org/ietf/1id-abstracts.txt
     http://www.ietf.org/ietf/1id-abstracts.txt.

     The list of Internet-Draft Shadow Directories can be accessed at
     http://www.ietf.org/shadow.html.

     This Internet-Draft will expire on December 28, 2004.

   Copyright Notice

     Copyright (C) The Internet Society (2003). All Rights Reserved.

   Abstract

     Mobile IP (RFC 3344) IPv4 [1] uses the Home Agent (HA) to anchor sessions of a
     roaming Mobile Node (MN). This draft proposes a messaging mechanism
     for dynamic home agent assignment and HA redirection. The goal is
     to provide a mechanism to assign an optimal HA for a Mobile IP
     session while allowing any suitable method for HA selection.

     Table of Contents

     1. Introduction.....................................................2 Introduction.................................................3
     2. Terminology.......................................................3 Requirements Terminology.....................................3
     3. Problem Statement.................................................4 Statement............................................4
     3.1 Scope............................................................5 Scope.......................................................5
     3.2 Dynamic Home Agent Discovery in RFC 3344.........................5 Mobile IPv4.................5
     3.3 NAI usage and dynamic HA assignment..............................5 assignment.........................5
     3.4 Dynamic HA extension.............................................5 extension........................................6
     3.4.1 Redirected Requested HA extension........................................6 extension....................................6
     3.4.2 Requested Redirected HA extension.........................................6 extension...................................7
     4. Messaging mechanism for dynamic HA assignment/redirection.........7 assignment/redirection....7
     4.1 Messaging for dynamic HA assignment..............................7 assignment.........................7
     4.1.1 Example with Message Flow Diagram..............................7 Diagram.........................8
     4.2 Messaging for HA redirection.....................................9 redirection................................9
     4.2.1 Example with Message Flow Diagram.............................10 Diagram........................10
     5. Mobility Agent Considerations for dynamic HA assignment..........11 Considerations...............................12
     5.1 Mobile Node Considerations......................................11 Considerations.................................12
     5.1.1 MN using FA CoA...............................................12 CoA..........................................12
     5.1.2 MN using Collocated CoA.......................................12 CoA..................................13
     5.1.3 Refreshing Assigned HA Address on Mobile Node.................13 Node............13
     5.2 Foreign Agent Considerations....................................13 Considerations...............................14
     5.3 Home Agent Considerations.......................................13 Considerations..................................14
     5.3.1 Assigned Home Agent Considerations............................14 Considerations.......................15
     6. Requested Home Agent Selection...................................16 Selection..............................16
     7. Error Values.....................................................17 Values................................................17
     8. IANA Considerations..............................................17 Considerations.........................................17
     9. Security Considerations..........................................17
     9.1 Message Authentication Codes....................................17
     9.2 Areas of Security Concern in this Protocol......................18 Considerations.....................................18
     10. Backward Compatibility Considerations...........................18 Considerations......................19
     11. Change Log from previous version................................19 versions..........................19
     12. Intellectual Property Rights....................................19 Acknowledgements...........................................20
     13. Acknowledgements................................................19
     14. References......................................................19 Normative References.......................................20
     Authors' Addresses..................................................20
     Full Copyright Statement............................................20 Addresses.............................................20
     Intellectual Property...............................................21
     Acknowledgement.....................................................21 Property Statement................................21
   1. Introduction

     This document adds to the Mobile IP protocol [1], by proposing a
     messaging mechanism for dynamic home agent assignment and home
     agent redirection during initial registration. The goal is to
     assign an optimal HA for a Mobile IP session.  The mobile node MUST
     use Network Access Identifier (NAI) extension for
        home address assignment. [2] when requesting a
     dynamically assigned HA.

     MN requests the network to a dynamically assign an assigned HA by setting the HA field in
     the initial Registration Request to ALL-ZERO-ONE-ADDR (defined in next section) in
        initial Registration Request.
     section 2). If the request is accepted, the HA field in successful
     Registration Reply contains the HA address. The requested HA can
     suggest an alternate HA and if so, the Registration Reply is
     rejected with a new error code (REDIRECT-HA-REQ) and the alternate
     HA address is specified in a new extension (Redirected HA
     extension).

     If the RRQ is rejected with Redirected HA extension or if the MN
     wishes to register at a specific HA, MN can put the HA address in
     the Requested HA extension in Registration Request. The HA address
     in Requested HA extension is a hint to the network where the MN may
     be anchored. The HA field is set to ALL-ZERO-ONE-ADDRESS for
     dynamic HA assignment.

     The messaging mechanism proposed here is generic and defined in this document so that the
     MN can be
        used as request and receive a common foundation to facilitate dynamic HA address in Mobile IP
     messages. However, the mechanism by which the network selects
     an HA for assignment
        using  any  suitable  method.  No  specific  method to the MN is  either
        mandated outside the scope of this
     document. For example, the selection may be made by any
     network node that receives the registration request (or
     information about the registration request), such as a Foreign
     Agent, AAA server, or suggested. Home Agent.  The node that selects the
     HA receiving Registration Request may suggest an alternate HA (HA redirection) for select one based on a number of
        reasons; criteria, including but
     not limited to HA load-balancing, geographical proximity,
     administrative policy etc. etc..

   2. Requirements Terminology

     The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
     "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
     this document are to be interpreted as described in RFC 2119 [6].

     The Mobile IP related terminology described in RFC 3344 [1] is used
     in this document.  In addition, the following terms are used:

     ALL-ZERO-ONE-ADDR:  IP address 0.0.0.0 or 255.255.255.255. An
                         address of 255.255.255.255 would indicate
                         assigning HA in home domain. An address of
                         0.0.0.0 would mean MN just needs a dynamic
                         HA, it does not care whether in home or visited
                         domain.

     Requested HA:       Destination IP address of Home Agent that the
                         first Registration Request is sent to. Must be
                         a unicast IP address. This address can be
                         obtained as described in section 5.4. 6.

     Assigned HA:        If registration is successful, this Home Agent
                         address field is obtained from successful
                         Registration Reply.

     Redirected HA:      If the registration is rejected with error code
                         (REDIRECT-HA-REQ), the HA being referred to is
                         specified in a new extension (Redirected HA
                         extension).

     AAA server:         Authentication, Authorization and Accounting
                         Server.

     DNS:                Domain Name Service. System.

     DHCP:               Dynamic Host Configuration Protocol.

     MN:                 Mobile Node as defined in RFC 3344. Mobile IPv4 [1].

     HA:                 Home Agent as defined in RFC 3344. Mobile IPv4 [1].

     FA:                 Foreign Agent as defined in RFC 3344. Mobile IPv4 [1].

     CoA:                Care of Address.

     CCoA:               Collocated Care of Address.

     MN HoA:             Mobile Node's Home Address.

     NAI:                Network Access Identifier [2].

     Src IP:             Source IP address of the packet.

     Dest IP:            Destination IP address of the packet.

   3. Problem Statement

     Mobile IPv4 NAI Extension for IPv4 [2] introduced the concept of
     identifying a MN by the NAI and enabling dynamic home address
     assignment. When the home address is dynamically assigned, it is
     desirable to discover the Home Agent dynamically or inform the MN
     about an optimal HA to use for a multitude of reasons, such as:

     - If the distance between the visited network and the home network
     of the mobile node is large, the signaling delay for these
     registrations may be long. In such a case the MN will be anchored
     to its distant home agent, resulting in tunneled traffic traveling
     a long distance between home agent and the mobile node. When a
     Mobile IP session initiates, if the mobile node can be assigned a
     home agent, which agent that is close to the mobile
        node, node it can drastically
     reduce the latency between the home agent and mobile node.

     - Also, in In a large scale Mobile IP deployment, it is cumbersome to
     provision MNs with multiple HA addresses.

     - It is desirable to achieve some form of load balancing between
     multiple HAs in the network. Dynamic HA assignment and/or HA
     redirection lets the network select the optimal HA from among a set
     of HAs and thus achieve load balancing among a group of HAs.

     - Local administrative policies is yet another reason for
        dynamic HA assignment/HA redirection during policies.

   3.1 Scope

     This specification does not address the start problem of distributing a
        Mobile IP session.

        - The problem of discovering a Mobile node’s HA address is
        acknowledged in the MIPv6 working group as part of [8].

   3.1 Scope

        This specification assumes that
     security association between the Mobile Node MN and Assigned
        Home Agent are in the same administrative domain. The scenario
        where the Mobile Node HA, and its anchoring Assigned Home Agent are
        in different administrative domain is beyond the scope of this
        specification. it can either be
     statically preconfigured or dynamically distributed using other
     mechanisms [7].

     The draft introduces the terms Requested/Assigned/Redirected HA
     (section 5.4). These terms are merely HA addresses and used
        depending upon the direction of the registration request or
        reply. 6). The discovery of Requested/Assigned/Redirected HA can
     be done by various means, which are network and/or deployment
     specific and hence this discovery/assignment of
     Requested/Assigned/Redirected HA is kept outside the scope of this
     specification.

   3.2 Dynamic Home Agent Discovery in RFC 3344 Mobile IP RFC 3344 IPv4

     Mobile IPv4 [1] specifies the mechanism for discovering the mobile
     node's home agent using subnet-directed broadcast IP address in the
     home agent field of the Registration Request.  This mechanism was
     designed for mobile nodes with a static home address and subnet
     prefix, anchored on fixed home network.  But using subnet-directed
     broadcast as the destination IP address of the Registration
     Request, it is unlikely that the Registration Request will reach
     the home subnet because routers will drop these packets by default.
     See CERT Advisory CA-1998-
        01 CA-1998-01 Smurf IP Denial-of-Service Attacks
     [3].

   3.3 NAI usage and dynamic HA assignment

     Mobile IPv4 NAI Extension for IPv4 [2] introduced the
     concept of identifying a MN by the NAI and enabling dynamic
     home address assignment. This document mandates that while
     using dynamic HA assignment, MN MUST use NAI and obtain a home
     address. MN can still suggest a static home address in Registration
     Request, but must take the address in Registration Reply as the
     home address for the session. This reference to
        obtaining home address using NAI is as per compatible with the
     procedures documented in the NAI specification [2].

   3.4 Dynamic HA extension

     The Dynamic HA extension, shown in figure 1, contains the address
     of the HA. This is a generic extension and can be used in
     Registration Request and Reply messages. It is a skippable
     extension.

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |     Type      |   Sub-Type    |           Length              |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |                           HA-Address...                           HA-Address                          |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                     Figure 1: The Dynamic HA address Extension

         Type         DYNAMIC-HA-ADDRESS (skippable) [1] (to be assigned
                      by IANA) is the type, which specifies the
                      dynamic HA address.

         Sub-Type   is a unique number given to each member in     Defines the
                    aggregated type. use of this extension as:
                      sub-type 1 = Requested HA extension
                               2 = Redirected HA extension

         Length       Indicates the length of the extension not
                      including the type, sub-type and length fields.
                      Length is always 4 bytes.

         HA-Address The address   Address of HA the Home Agent.

   3.4.1 Redirected Requested HA extension

     The format Requested HA extension is a Dynamic HA extension of subtype 1.

     MN may include the Redirected Requested HA extension is as defined in
        section 3.4. the registration
     request as a hint to the network where it wishes to be anchored.
     This extension uses contains the subtype value address of 1. This
        extension has the length field set HA. A valid unicast IP
     address MUST be used as HA address in this extension.

     In absence of an FA, the RRQ is forwarded to 4. this HA. In presence
     of an FA, FA MUST forward RRQ to the HA address in this extension.

   3.4.2 Redirected HA extension

     The Redirected HA extension is a Dynamic HA extension of subtype 2.

     The Redirected HA extension, contains the address of the HA where
     the MN should attempt the next registration. The HA receiving a
     Registration Request can suggest an alternate HA and if so, the
     Registration Reply is rejected with a new error code  (REDIRECT-HA-REQ) (REDIRECT-HA-
     REQ) and the alternate HA address is specified in this extension.

        It

     The Redirected HA extension MUST be included in Registration Reply
     when the reply code is REDIRECT-HA-REQ.

   3.4.2 Requested HA extension
        The format of the Requested HA address extension is as defined
        in section 3.4. This extension uses the subtype value of 2.
        This extension has the length field set to 4.

        MN may include the Requested HA extension in the registration
        request as a hint to the network where it wishes to be
        anchored. This extension contains the address of the HA. A
        valid unicast IP address MUST be used as HA address in this
        extension.

        In absence of an FA, the RRQ is forwarded to this HA. In
        presence of an FA, FA MUST forward RRQ to the HA address in
        this extension.

   4. Messaging mechanism for dynamic HA assignment/redirection

     This specification presents two alternatives for home agent
     assignment. The two alternatives are:
     (a) Dynamic HA assignment (described in section 4.1) and
     (b) HA redirection (described in section 4.2).

   4.1 Messaging for dynamic HA assignment

     The following sequence of events occurs when the Requested HA
     accepts the Registration Request and returns a Registration Reply
     to the mobile node.

     1. MN sets the Home Agent address field in the Registration
        Request to ALL-ZERO-ONE-ADDR. If the MN is aware of an the HA
        address, it can add that address in the Requested HA extension
        in Registration Request.
     2. The MN (if using collocated CoA) or FA (if using FA CoA) sends
        the Registration Request to the "Requested HA". If the
        Requested HA extension is present, Requested HA is
             the HA address specified in
        the "HA Address" of this extension.
     3. "Requested HA" is the home agent, which processes the
        Registration Request in accordance with RFC 3344 Mobile IPv4 [1] and as
        per the specification in this document. It creates mobility
        binding for successful Registration Request. It also sends
        Registration Reply to the MN.
     4. The MN obtains an "Assigned HA" address from the HA field in
        the successful Registration Reply and uses it for the remainder
        of the session. (Note that the "Assigned HA" will be same as
        the "Requested HA").
     5. Subsequent Registration Request messages for renewal are sent
        to the Assigned HA.

     Section 5.3.1 describes the Assigned HA in detail. Some ideas on
     how to select the Requested HA are briefly covered in section 6.

   4.1.1 Example with Message Flow Diagram

     Detailed explanation of this specification alternative is best described with the
     help of a railroad message flow diagram and description.

     Figure 2 shows one specific example of a Mobile Node using FA Care
     of Address.

     Other scenarios such as mobile node using collocated care of
     address are not described below, but the behavior is similar.

                 MN            FA        Requested/Assigned HA
                 |      1      |                |
                 |------------>|       2        |
                 |             |--------------->|
                 |             |                |
                 |             |                |
                 |             |       3        |
                 |      4      |<---------------|
                 |<------------|                |
                 |             |                |
                 |             |       5        |
                 |----------------------------->|
                 |             |                |

      Figure 2: Example of Message message flows for the specification dynamic HA assignment

     1. MN sets the Home Agent address field in the Registration Request
     to ALL-ZERO-ONE-ADDR. Since MN is using FA CoA in this example, it
     sends the Registration Request to the FA. The Registration Request
     looks as follows:

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |  MN    |    FA      |         | ALL-ZERO-ONE-ADDR |FA CoA |
     +-----------------------------------------------------------+

     If the MN is aware of an HA address, it can add that address in the
     Requested HA extension in Registration  Request. Request as a hint. That
     extension is not shown above.

     2. The FA sends the Registration Request to the Requested HA. The
     Registration Request looks as follows:

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |  FA    |Requested HA|         | ALL-ZERO-ONE-ADDR |FA CoA |
     +-----------------------------------------------------------+

        If

     (If MN had included includes the Requested HA extension, the FA copies that
     extension. The FA then forwards the Registration
        Request is sent Request, along
     with the Requested HA extension, to the HA address specified in that extension.
     Requested HA extension.)

     3. HA processes the Registration Request in accordance with RFC
        3344 Mobile
     IPv4 [1] and the messaging defined in this document. HA creates
     mobility binding for successful request. HA then sends Registration
     Reply to the FA, which looks as follows. The Assigned HA address
     corresponds to the HA receiving and processing the request (and is
     same as Requested HA, only the name is changed for registration
     reply).

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
        |Assigned|CoA or NATed|
     |Assigned| Src IP of  |         |    Assigned HA    |FA CoA/|
     |   HA   | Src IP the RRQ    |         |                   |       |
     +-----------------------------------------------------------+

     4. The FA relays the Registration Reply to the MN, as follows.

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |  FA    |    MN      |         |    Assigned HA    |FA CoA/|
     +-----------------------------------------------------------+

     5. The MN obtains Assigned HA address from the HA field in the
     successful Registration Reply and uses it for the remainder of the
     session. MN sends subsequent Re-Registration or  De-
        Registration De-Registration
     Requests for the remaining session directly to the Assigned HA.
     Note that the Assigned HA is the same as the Requested HA.

   4.2 Messaging for HA redirection

     This section describes the events that occur when the Requested HA
     does not accept the Registration Request and redirects the mobile
     node to another HA (aka Redirected HA) instead.

     1. MN sets the Home Agent address field in the Registration Request
        to ALL-ZERO-ONE-ADDR.

     2. The MN (if using collocated CoA) or FA (if using FA CoA) sends
        the Registration Request to the "Requested HA". If the MN is
        aware of an HA address, it can add that address in the Requested
        HA extension in Registration Request.

     3. When HA receives the Registration Request, if the HA field is
        set to ALL-ZERO-ONE-ADDR, HA may reject the request with Reply
        code REDIRECT-HA-REQ and suggest an alternate HA.

        HA may reject the Request for a number of reasons, which are
        outside the scope of this specification. If the HA rejects the
        Request, the HA field in the Reply is set to this HAs address.
        The HA that IP address of the HA that is being referred to the target of the redirection
        is specified in Redirected HA extension. The presence of this
        extension is mandatory when the reply code is set to
             REDIRECT-HA-REQ. REDIRECT-
        HA-REQ. HA sends the Reply to the FA/MN FA/MN.

     4. FA sends the Reply to the MN.

     5. If the error code is set to REDIRECT-HA-REQ, MN obtains the HA
        address from Redirected HA extension and extension. The MN then sends a
        Registration Request to Redirected HA, unless it has already
        received a redirection response from this HA. HA while processing
        this Registration Request.

   4.2.1 Example with Message Flow Diagram

     Figure 3 shows one specific example of a Mobile Node using FA Care
     of Address.

        MN           FA          Requested HA    Redirected HA
        |      1      |                |               |
        |------------>|       2        |               |
        |             |--------------->|               |
        |             |                |               |
        |             |                |               |
        |             |       3        |               |
        |      4      |<---------------|               |
        |<------------|                |               |
        |             |                |               |
        |             |       5        |               |
           |------------------------------------------------->  |
        |--------------------------------------------->|
        |             |                |               |

        Figure 3: Example of Message message flows for the specification HA redirection

     1. MN sets the Home Agent address field in the Registration Request
     to ALL-ZERO-ONE-ADDR address. Since MN is using FA CoA in this
     example, it sends the Registration Request to the FA. The
     Registration Request looks as follows:

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |  MN    |    FA      |         | ALL-ZERO-ONE-ADDR |FA CoA |
     +-----------------------------------------------------------+

     If the MN is aware of an HA address, it can add that address in the
     Requested HA extension in Registration  Request. Request as a hint. That
     extension is not shown above.

     2. The FA sends the Registration Request to the Requested HA. If
     Requested HA extension is present, Requested HA is the HA address
     in this extension. The Registration Request looks as follows:

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |  FA    |Requested HA|         | ALL-ZERO-ONE-ADDR |FA CoA |
     +-----------------------------------------------------------+

    3. HA processes the Registration Request in accordance with RFC
        3344 Mobile
     IPv4 [1] and the messaging defined in this document. If the
     registration is successful, but local configuration/ administrative
     policy etc. directs HA to refer the MN to another HA, HA rejects
     the Request with error code REDIRECT-HA-
        REQ. REDIRECT-HA-REQ. HA fills in the
     address of the directed Redirected HA in the Redirected HA extension. HA
     then sends Registration Reply reject to the FA, which looks as
     follows:

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |        |CoA or NATed|        | Src IP of  |         |       HA          |FA CoA |
     |   HA   | Src IP the RRQ    |         |                   |       |
     +-----------------------------------------------------------+
     | Redirected HA extension ...                               |
     +-----------------------------------------------------------+

     4. The FA relays the Registration Reply to the MN, as follows.

     +-----------------------------------------------------------+
     | Src IP=| Dest IP =  | MN HoA  |    HA Address =   | CoA = |
     |  FA    |    MN      |         |       HA          |FA CoA/|
     +-----------------------------------------------------------+
     | Redirected HA extension ...                               |
     +-----------------------------------------------------------+

     5. If MN can authenticate the Reply, MN extracts the HA address
     from Redirected HA extension and extension. The MN then sends Registration
     Request to Redirected HA, unless it has already received a
     redirection response from this HA. HA while processing the Registration
     Request.

   5. Mobility Agent Considerations for dynamic HA assignment

     Following sections describe the behavior of each mobility agent in
     detail.

   5.1 Mobile Node Considerations

     The mobile node MUST use NAI extension for home address assignment
     when using the messaging mechanism in this document. Since MN uses
     NAI extension, the Home Address field is set to 0.0.0.0.

     While dynamic HA assignment is in progress and MN has not
     successfully anchored at a Home Agent, mobile node MUST set the
     Home Agent field in the Registration Request to an ALL-ZERO-
        ONE-ADDR, ALL-ZERO-ONE-
     ADDR, which is either 255.255.255.255 or 0.0.0.0.

     The Registration Request MUST be protected by a valid authenticator
     as specified in Mobile IPv4 [1] or Mobile IPv4 Challenge/Response
     Extensions [5]. Configuring security associations is deployment
     specific and hence outside the scope of this specification. The
     security associations between a MN and an individual HA may also be
     dynamically derived during the dynamic HA assignment, based on a
     shared secret between MN and AAA infrastructure. infrastructure [7].

     The mobile node must MUST maintain the remaining Mobile IP session with
     the Assigned HA.

     Following sections describe MN behavior in FA CoA mode and
     collocated CoA mode.

   5.1.1 MN using FA CoA

     When a mobile node initiates Mobile IP session requesting dynamic
     HA assignment, it MUST set the home agent address field in the
     Registration Request to ALL-ZERO-ONE-ADDR. The destination IP
     address of Registration Request is the FA. The FA will determine
     the Requested HA and forward the Registration Request to the
     Requested HA. Registration Request processing takes place on the
     Requested HA as per the specification in this draft.

     The Registration Request MUST be appropriately authenticated for
     the HA to validate the Request.

     If successful Registration Reply is received, MN obtains Assigned
     HA from the HA field of Reply. Assigned HA address is the same as
     Requested HA address.

     If Registration Reply is received with code REDIRECT-HA-REQ, MN
     MUST authenticate the Reply based on HA address in HA field of
     Reply and attempt Registration with the HA address specified in the
     Redirected HA extension. MN MUST put the Redirected HA in the HA
     address of the Requested HA extension.

     In some cases, for the first Registration Request MN may want to
     hint to the network to be anchored at a specific HA. In both these
        cases, HA and the MN MUST
     put that address in the HA address in of the Requested HA extension
        in extension.

     If the Registration Request contains the Requested HA extension,
     the HA address in that extension must match the destination IP of
     the Request.

   5.1.2 MN using Collocated CoA

     Mobile Node in collocated CoA mode requesting dynamic HA assignment
     MUST set the home agent address field in the Registration Request
     to ALL-ZERO-ONE-ADDR. The destination IP address of the
     Registration Request is the Requested HA. Some ideas on how to
     select a Requested HA are briefly covered in section 6.

     If successful Reply is received, the MN obtains Assigned HA address
     from successful Registration Reply. The Assigned HA will be same as
     Requested HA. The MN MUST cache the Assigned HA address for the
     length of the Mobile IP session. The mobile node then MUST use this
     previously cached Assigned HA address as the home agent address in
     subsequent re-
        registration re-registration and de-registration request(s). This
     will make sure that for the duration of the Mobile IP session, the
     mobile node will always be anchored to the assigned home agent with
     which it was initially registered.

     If Registration Reply is received with code REDIRECT-HA-REQ, MN
     MUST authenticate the Reply based on HA address in HA field of
     Reply and attempt Registration with the HA address specified in the
     Redirected HA extension. MN MUST put the Redirected HA in the HA
     address of the Requested HA extension.

     In some cases, for the first Registration Request MN may want to
     hint to the network to be anchored at a specific HA. In both these
        cases, HA and the MN MUST
     put that address in the HA address in of the Requested HA extension
        in Registration Request. extension.

     While requesting dynamic HA assignment in collocated CoA mode,
     Requested HA extension must always be included.

   5.1.3 Refreshing Assigned HA Address on Mobile Node

    When the Mobile IP session terminates, the mobile node MAY clear
     the Assigned HA address cached as the home agent address. It MAY
     request a new HA address for the new Mobile IP session by not
     including the Requested HA extension. The advantage of this
     approach is that the mobile node will be always anchored to an
     optimal home agent from where it initiated Mobile IP session.

     Alternately, MN may save the Assigned HA address and use it in the
     Requested HA extension along with ALL-ZERO-ONE HA ALL-ZERO-ONE-ADDR address in
     Registration Request.

   5.2 Foreign Agent Considerations

     When the mobile node is using foreign agent CoA, CoA or MN using CCoA
     finds R bit is set in the FA advertisement, it sends the
     Registration Request to the foreign agent.

     When the FA receives a Registration Request with HA address field
     set to ALL-ZERO-
        ONE-ADDR, ALL-ZERO-ONE-ADDR and it doesn't contain the Requested HA
     extension, FA obtains the Requested HA address to forward the
     Registration Request. Some ideas on how to select a Requested HA
     are briefly covered in section 6.

     If the FA cannot obtain the Requested HA to forward a Registration
     Request from MN, it MUST reject request with error code NONZERO-HA-REQD. NONZERO-HA-
     REQD.

     If the MN has included the Requested HA extension, FA MUST forward
     Registration Request to the address in this extension. If the HA
     address in this extension is not a routable unicast address, FA
     MUST reject request with error code NONZERO-HA-
        REQD. NONZERO-HA-REQD.

     If the Registration Request contains the Requested HA extension,
     the HA address in that extension must match the destination IP of
     the Request.

     Backward compatibility issues related to the mobility agents are
     addressed in section 9. 10.

   5.3 Home Agent Considerations

     Home Agent can process an incoming Registration Request in one of
     the following three two ways:

     1. MN or FA sends the Registration Request to the Requested HA. The
     term Requested HA has meaning in context of the Registration
     Request message. When the Requested HA successfully processes
     Registration Request and creates a binding and sends a Reply with
     its address, it becomes the Assigned HA. The term Assigned HA is
     meaningful in context of a Registration Reply message.

     2. Home Agent receiving the request Registration Request with HA field set
     to ALL-ZERO-
        ONE-ADDR ALL-ZERO-ONE-ADDR MAY reject the request even if successfully
     authenticated  for  a  multitude  of  reasons and suggest an alternate HA address in Reply. In such
     a case, the HA puts its own address in HA field of Reply and sets
     the Reply code to REDIRECT-HA-REQ and adds the Redirected HA
     extension.

     If the Registration Request contains the Requested HA extension,
     the HA address in that extension must match the destination IP of
     the Request. If it does not match, the Requested HA must reject the
     Registration Request with error code 136.

   5.3.1 Assigned Home Agent Considerations

     The HA that processes the incoming Registration Request fully in
     accordance with RFC 3344 Mobile IPv4 [1] and this specification becomes the
     Assigned HA. The Registration Request terminates at the Assigned
     HA.

     The Assigned HA creates one mobility  bindings binding per MN and sends
     Registration Reply to the MN by copying its address in the home
     agent field and as the source IP address of the Reply.

     There are two IP addresses to consider, destination IP address and
     Home Agent address field in the Registration Request.  When
     destination IP address is unicast, only one HA receives the
     Registration Request.  This HA should unambiguously accept or deny
     the registration, regardless of the value in the Home Agent field.
     When the Home Agent field is non-unicast, the HA should set the
     value to its own IP address in the Registration Reply.

     The following table summarizes the behavior of Assigned HA.

        No.

     Dest IP Addr   HA field      Processing at Assigned HA
        --
     ------------  ------------ -------------------------------
        1 ----------------------------------

     Unicast       non-unicast  RFC   3344:  Mobile IPv4 [1]: There is no change
                                in handling for this case from
     (Must be                   Mobile IPv4. It is mentioned here
     equal to the               for reference only.
     HA receiving               HA denies the registration
     the RRQ)                   with error code 136 and sets
                                HA field to its own IP
                                address in the reply as per
                                section 3.8.3.2. 3.8.3.2 in [1].

                   ALL-ZERO-
                   ONE-ADDR     New Behavior: Accept the RRQ as
                          ONE-ADDR per
                                this specification. Authenticate
                                the RRQ and create mobility binding
                                if the HA is acting as Assigned HA.
                                Set HA field to its own IP address
                                in the Registration Reply.

                                           OR

                                New Behavior:    Dest    IP
                                        corresponds to the HA receiving
                                        RRQ,   if If authentication is
                                successful, reject RRQ with a new
                                error code  (REDIRECT-HA-
                                        REQ). (REDIRECT-HA-REQ). HA
                                puts its address in HA address
                                field of Reject. HA suggests an
                                alternate HA to use in the new
                                Redirected HA
                                        extension extension.

     Table 1: Registration Request handling at Assigned HA

        This  specification  also  proposes  a  subtle  difference  in
        behavior for case #1 above from RFC 3344.

     As per the messaging proposed here, the mobile node (or the foreign
     agent) sends the Registration Request to the Requested HA address,
     which is a unicast address. Because HA does not receive
     Registration Request that is sent to the subnet-directed broadcast
     address,
        RFC 3344 Mobile IPv4 [1] section 3.8.2.1 doesn't apply.  Although
     the Home Agent field in the Registration Request is not a unicast
     address, the destination IP address is a unicast address.  This
     avoids the problem associated with subnet-directed broadcast
     destination IP address that may result in multiple HAs responding.
     Thus, there is no need to deny the registration as stated in RFC 3344 Mobile
     IPv4 [1] section 3.8.3.2.

     When the destination IP address is a unicast address and Home Agent
     field is ALL-ZERO-ONE-ADDR, the HA accepts/denies registration and
     sets HA field to its own IP address in the reply (i.e. registration
     is not rejected with error code 136).

     HA can reject the request with the error code REDIRECT-HA-REQ and
     suggest an alternate HA. This redirection can be used for
        load-balancing, load
     balancing, geographical proximity based on care-of-address or a multitude of other
     reasons. HA puts its own address in HA field
        on of the Registration
     Reply message and put puts the address of the redirected HA in the
     Redirected HA extension. If HA accepts the Request, HA field in the
     Registration Reply is set to this HA address.

     The Assigned HA performs standard validity checks on the
     Registration Request. If there is any error, the Registration
     Request is rejected with error codes specified in RFC 3344. Mobile IPv4 [1].

   6. Requested Home Agent Selection

        The

     When dynamic HA assignment is requested, the destination IP address
     of the Registration Request when
        dynamic HA assignment is requested, is the Requested HA.  This address MUST
     be a unicast IP address. If the MN has included a Requested HA
     extension in Registration Request, the HA address in this extension
     is the Requested HA.

     Some ideas on how to example methods by which the MN or the FA may select the
     Requested HA are briefly
        covered in this section, however this draft neither suggests
        nor mandates any specific mechanism. There can be more methods
        for selecting the HA to the MN. Here is a high level overview
        of some possibilities: described below:

     DHCP:

     MN performs DHCP to obtain an IP address on the visited network.
     The Requested HA is learned from the DHCP Mobile IP Home Agent
     Option 68 [4]. MN sends Registration Request directly to this HA
     and receives the Assigned HA to be used for the remainder of the
     Mobile IP session.

     AAA:

     MN performs challenge/response [5] with the FA. The FA retrieves
     the Requested HA from the AAA server and forwards the Registration
     Request directly to this HA.  The Assigned HA sends Registration
     Reply to the FA, which relays it to the MN.  MN uses the Assigned
     HA for the remainder of the Mobile IP session.

     DNS:

     In this case hostname of HA is configured on MN or obtained by some
     other means  e.g. using a service location protocol. MN performs DNS
     lookup on the HA hostname. The DNS infrastructure provides resource
     record with information to identify the nearest HA to the MN. The
     MN sends Registration Request directly to the HA and receives the
     Assigned HA to be used for remainder of the Mobile IP session.

     Static configuration:

     HA address is statically configured on MN. The MN uses sends the
        configured address
     Registration Request to send the Registration Request. configured address.

   7. Error Values

     Each entry in the following table contains the name and value for
     the error code to be returned in a Registration Reply. It also
     includes the section in which the error code is first mentioned in
     this document.

     Error Name       Value  Section  Description
     ----------       -----  -------  -----------------------------
     NONZERO-HA-REQD   XX     5.2     Non-zero HA address required
                                      in Registration Request.
     REDIRECT-HA-REQ   YY     5.3.1     5.3     Reregister with redirected HA.

   8. IANA Considerations
     The code value NONZERO-HA-REQD defined in Section 7, correspond
        to error is a Mobile IP response code [1]
     taken from the range of values conventionally associated with the rejection by the
     foreign agent (i.e. value in the range 64-127).

     The code value REDIRECT-HA-REQ defined in Section 7, correspond to error is a Mobile IP response code [1]
     taken from the range of values conventionally associated with the rejection by the
     home agent (i.e. value in the range 128-192).

     The Dynamic HA extension defined in section 3.4 corresponds to
        a skippable extension. is assigned from the range of values
     associated with skippable extensions at the home agent (i.e. value
     in the range 128-255).

     IANA should record the values as defined in Section 7 and 3.4.

   9. Security Considerations

     This specification assumes that a security configuration has been
     preconfigured between the Mobile Node MN and Assigned
        Home  Agent  are  in the  same  administrative  domain. HA or is configured along with
     the initial RRQ/RRP as per [7].
     This specification does not change or degrade the security model
     established in RFC-3344. Most of the time Mobile IPv4 [1]. Mobile Nodes will be are often connected to
     the network via wireless link. Such links are
        vulnerable link, which may be more prone to passive
     eavesdropping, replay attacks attacks. Such an attack might lead to bogus
     registrations or many
        other types redirection of attacks. traffic or denial of service.

     As per the messaging in this draft, the Assigned Home Agent will
     process the incoming Registration Request as per Mobile IPv4 [1].
     Hence the Assigned Home Agent will have same security concerns as
     that of the Home Agent in Mobile IPv4 [1]. They are considered below.

   9.1 Message Authentication Codes addressed in
     Section 5 "Security Considerations" of Mobile IPv4 [1].

     The Registration Request and Registration Reply messages are
     protected by a valid authenticator as specified in RFC 3344. Mobile IPv4 [1].
     Configuring security associations is a deployment specific issue
     and is covered by other specifications in Mobile IP WG. There can
     be many ways of configuring security associations, but this
     specification does not mandate any specific way.

     An example is where the security association between a MN and an
     individual HA (Dynamic or Assigned) is dynamically derived during
     the dynamic HA assignment, based on a shared secret between MN and
     AAA infrastructure, as defined in [7]. The Registration Request is
     protected with MN-AAA authentication extension and Registration
     Reply is protected with MHAE. MN-HA Authentication Extension. Since the
     security association is shared between MN and AAA, any dynamically
     assigned HA in the local domain can proxy authenticate the MN using
     AAA as per [7].

     The Assigned Home Agent authenticates Registration Request from the
     mobile node as specified in RFC-3344 Mobile IPv4 [1] and RFC-3012. The MN
     also authenticates the Registration Reply from the Assigned HA,
     thus the existing trust model in RFC 3344 Mobile IPv4 [1] is maintained.

   9.2 Areas of Security Concern in

   10. Backward Compatibility Considerations

     In this Protocol

        As per the messaging in section, we examine concerns that may arise when using this draft,
     specification in a mixed environment where some nodes implement the Assigned Home Agent
        will process
     specification and others do not.  In each of the incoming Registration Request as per RFC-3344.
        Hence examples below, we
     consider the Assigned Home Agent will have same security concerns
        as that of case where one node is a "Legacy" node which does not
     implement the Home Agent in RFC-3344. They are addressed specification in
        Section 5 “Security Considerations” the context of RFC-3344.

   10. Backward Compatibility Considerations other nodes which do.

     Legacy Home Agent:

     Legacy home agents may reject the Registration Request with error
     code 136 because the Home Agent field is not a unicast address.
     However, some legacy HA implementations may coincidentally process
     the Registration Request in accordance with this draft, when the HA
     field in RRQ is set to ALL-ZERO-
        ONE-ADDR. ALL-ZERO-ONE-ADDR.

     Legacy Foreign Agent:

     Legacy foreign agents may forward Registration Request with home
     agent field set to ALL-ZERO-ONE-ADDR by setting the destination IP
     address to ALL-ZERO-ONE-ADDR.  This will result packet being
     dropped or incidentally handled by a next hop HA, adjacent to the
     FA.

     Legacy Mobile Node:

     MN that does not set HA field to ALL-ZERO-ONE-ADDR will continue to
     achieve its registrations through statically configured HA. In
     collocated mode, the endpoint of the MN's tunnel is the Assigned
     HA.

   11. Change Log from previous version versions

     Changes from revision 1 to 2:

        1. Editorial changes suggested by the WG, the chair's reviews
           and idnits.

     Changes from revision 0 to 1:

        1. Added subtype field in Redirected HA Address Extension.
        2. Aligned the HA address at 4-byte world boundary.
        3. The case of handling unicast HA field is removed in section
        5.3.1.

   12. Intellectual Property Rights

        The IETF takes no position regarding the validity or scope of
        any intellectual property or other rights that might be claimed
        to pertain to the implementation or use of the technology
        described in this document or the extent to which any license
        under such rights might or might not be available; neither does
        it represent that it has made any effort to identify any such
        rights.  Information on the IETF's procedures with respect to
        rights in standards-track and standards-related documentation
        can be found in BCP-11.  Copies of claims of rights made
        available for publication and any assurances of licenses to be
        made available, or the result of an attempt made to obtain a
        general license or permission for the use of such proprietary
        rights by implementers or users of this specification can be
        obtained from the IETF Secretariat.

        The IETF invites any interested party to bring to its attention
        any  copyrights,  patents  or  patent  applications,  or  other
        proprietary rights, which may cover technology that may be
        required  to  practice  this  standard.    Please  address  the
        information to the IETF Executive Director.

   13. at 4-byte world boundary.
        3. The case of handling unicast HA field is removed in section
           5.3.1.

   12. Acknowledgements

     The authors would like to thank Pete McCann for thorough review,
     suggestions on security considerations and definition of ALL-ZERO-ONE-ADDR. ALL-ZERO-
     ONE-ADDR. Thanks to Kuntal Chowdhury for extensive review and
     comments on this draft. Also thanks to Henrik Levkowetz for
     detailed reviews and suggestions.

     The authors would like to thank Mike Andrews, Madhavi Chandra and
     Yoshi Tsuda for their review and suggestions.

   14.

   13. Normative References

   [1]  C. Perkins, "IP Mobility Support for IPv4", RFC 3344, August
        2002.
   [2]  P. Calhoun and C. Perkins, "Mobile IP Network Access Identifier
        Extension for IPv4", RFC 2794, March 2000.
   [3]  D. Senie, "Changing the Default for Directed Broadcasts in
        Routers", RFC 2644, August 1999.
   [4]  S. Alexander and R. Droms, "DHCP Options and BOOTP Vendor
        Extensions", RFC 2132, March 1997.
   [5]  C. Perkins and P. Calhoun, "Mobile IPv4 Challenge/Response
        Extensions", RFC 3012, November 2000.
   [6] H. Levkowetz and S. Vaarala, "Mobile IP Traversal of Network
        Address Translation (NAT) Devices",  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 3519, April 2003. 2119, March 1997.
   [7]  C. Perkins and P. Calhoun, "AAA Registration Keys for Mobile
        IP", draft-ietf-mobileip-aaa-key-13.txt, 22 draft-ietf-mip4-aaa-key-06.txt, June 2003.
   [8]  Jari  Arkko,  et.  al.,  “Thoughts  on  bootstrapping  mobility
        securely” as presented at 57th IETF in Vienna, Austria, 16th
        July, 2003 2004.

   Authors' Addresses

     Milind Kulkarni
     Cisco Systems Inc.
     170 W. Tasman Drive,
     San Jose, CA 95134
     USA

     Email: mkulkarn@cisco.com
     Phone:+1 408-527-8382

     Alpesh Patel
     Cisco Systems Inc.
     170 W. Tasman Drive,
     San Jose, CA 95134
     USA

     Email: alpesh@cisco.com
     Phone:+1 408-853-9580

     Kent Leung
     Cisco Systems Inc.
     170 W. Tasman Drive,
     San Jose, CA 95134
     USA

     Email: kleung@cisco.com
     Phone: +1 408-526-5030

   Full Copyright Statement
        Copyright (C) The Internet Society (2004).  This document is
        subject to the rights, licenses and restrictions contained in
        BCP 78 and except as set forth therein, the authors retain all
        their rights.

        This document and the information contained herein are provided
        on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION
        HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET
        SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
        WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
        ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
        INFRINGE  ANY  RIGHTS  OR  ANY  IMPLIED        WARRANTIES  OF
        MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

   Intellectual Property Statement

     The IETF takes no position regarding the validity or scope of any
     Intellectual Property Rights or other rights that might be claimed
     to pertain to the implementation or use of the technology described
     in this document or the extent to which any license under such
     rights might or might not be available; nor does it represent that
     it has made any independent effort to identify any such rights.
     Information on the procedures with respect to rights in RFC
     documents can be found in BCP 78 and BCP 79.

     Copies of IPR disclosures made to the IETF Secretariat and any
     assurances of licenses to be made available, or the result of an
     attempt made to obtain a general license or permission for the use
     of such proprietary rights by implementers or users of this
     specification can be obtained from the IETF on-line IPR repository
     at http://www.ietf.org/ipr.

     The IETF invites any interested party to bring to its attention
     any copyrights, patents or patent applications, or other
     proprietary rights that may cover technology that may be required
     to implement this standard. Please address the information to the
     IETF at ietf-ipr@ietf.org.

   Disclaimer of Validity

     This document and the information contained herein are provided on
     an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
     REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND
     THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
     EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
     THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR
     ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
     PARTICULAR PURPOSE.

   Copyright Statement
     Copyright (C) The Internet Society (2003). This document is subject
     to the rights, licenses and restrictions contained in BCP 78, and
     except as set forth therein, the authors retain all their rights.

     Acknowledgement

     Funding for the RFC Editor function is currently provided by the
     Internet Society.