draft-ietf-mip4-dynamic-assignment-02.txt   draft-ietf-mip4-dynamic-assignment-03.txt 
Mobile IP Working Group Milind Kulkarni Mobile IP Working Group Milind Kulkarni
INTERNET-DRAFT Alpesh Patel INTERNET-DRAFT Alpesh Patel
Category: Standards Track Kent Leung Category: Standards Track Kent Leung
Date : 28 June 2004 Cisco Systems Inc. Date : 28 September 2004 Cisco Systems Inc.
Mobile IPv4 Dynamic Home Agent Assignment Mobile IPv4 Dynamic Home Agent Assignment
draft-ietf-mip4-dynamic-assignment-02.txt draft-ietf-mip4-dynamic-assignment-03.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, I certify that any applicable By submitting this Internet-Draft, I certify that any applicable
patent or other IPR claims of which I am aware have been disclosed, patent or other IPR claims of which I am aware have been disclosed,
and any of which I become aware will be disclosed, in accordance and any of which I become aware will be disclosed, in accordance with
with RFC 3668. RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six months
months and may be updated, replaced, or obsoleted by other and may be updated, replaced, or obsoleted by other documents at any
documents at any time. It is inappropriate to use Internet Drafts time. It is inappropriate to use Internet Drafts as reference
as reference material or to cite them other than as "work in material or to cite them other than as "work in progress".
progress".
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 28, 2004. This Internet-Draft will expire on March 28, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved. Copyright (C) The Internet Society (2003). All Rights Reserved.
Abstract Abstract
Mobile IPv4 [1] uses the Home Agent (HA) to anchor sessions of a Mobile IPv4 [1] uses the Home Agent (HA) to anchor sessions of a
roaming Mobile Node (MN). This draft proposes a messaging mechanism roaming Mobile Node (MN). This draft proposes a messaging mechanism
for dynamic home agent assignment and HA redirection. The goal is for dynamic home agent assignment and HA redirection. The goal is to
to provide a mechanism to assign an optimal HA for a Mobile IP provide a mechanism to assign an optimal HA for a Mobile IP session
session while allowing any suitable method for HA selection. while allowing any suitable method for HA selection.
Table of Contents Table of Contents
1. Introduction.................................................3 1. Introduction................................................3
2. Requirements Terminology.....................................3 2. Requirements Terminology....................................3
3. Problem Statement............................................4 3. Problem Statement...........................................4
3.1 Scope.......................................................5 3.1 Scope.......................................................5
3.2 Dynamic Home Agent Discovery in Mobile IPv4.................5 3.2 Dynamic Home Agent Discovery in Mobile IPv4.................5
3.3 NAI usage and dynamic HA assignment.........................5 3.3 NAI usage and dynamic HA assignment.........................5
3.4 Dynamic HA extension........................................6 3.4 Dynamic HA Extension........................................6
3.4.1 Requested HA extension....................................6 3.4.1 Requested HA Extension....................................6
3.4.2 Redirected HA extension...................................7 3.4.2 Redirected HA Extension...................................7
4. Messaging mechanism for dynamic HA assignment/redirection....7 4. Messaging mechanism for dynamic HA assignment/redirection...7
4.1 Messaging for dynamic HA assignment.........................7 4.1 Messaging for dynamic HA assignment.........................7
4.1.1 Example with Message Flow Diagram.........................8 4.1.1 Example with Message Flow Diagram.........................8
4.2 Messaging for HA redirection................................9 4.2 Messaging for HA redirection................................9
4.2.1 Example with Message Flow Diagram........................10 4.2.1 Example with Message Flow Diagram........................10
5. Mobility Agent Considerations...............................12 5. Mobility Agent Considerations..............................12
5.1 Mobile Node Considerations.................................12 5.1 Mobile Node Considerations.................................12
5.1.1 MN using FA CoA..........................................12 5.1.1 MN using FA CoA..........................................12
5.1.2 MN using Collocated CoA..................................13 5.1.2 MN using Collocated CoA..................................13
5.1.3 Refreshing Assigned HA Address on Mobile Node............13 5.1.3 Refreshing Assigned HA Address on Mobile Node............13
5.2 Foreign Agent Considerations...............................14 5.2 Foreign Agent Considerations...............................14
5.3 Home Agent Considerations..................................14 5.3 Home Agent Considerations..................................14
5.3.1 Assigned Home Agent Considerations.......................15 5.3.1 Assigned Home Agent Considerations.......................15
6. Requested Home Agent Selection..............................16 6. Requested Home Agent Selection.............................16
7. Error Values................................................17 7. Error Values...............................................17
8. IANA Considerations.........................................17 8. IANA Considerations........................................18
9. Security Considerations.....................................18 9. Security Considerations....................................18
10. Backward Compatibility Considerations......................19 10. Backward Compatibility Considerations.....................19
11. Change Log from previous versions..........................19 11. Change Log from previous versions.........................19
12. Acknowledgements...........................................20 12. Acknowledgements..........................................20
13. Normative References.......................................20 13. Normative References......................................20
Authors' Addresses.............................................20 Authors' Addresses.............................................20
Intellectual Property Statement................................21 Intellectual Property Statement................................21
1. Introduction 1. Introduction
This document adds to the Mobile IP protocol [1], by proposing a This document adds to the Mobile IP protocol [1], by proposing a
messaging mechanism for dynamic home agent assignment and home messaging mechanism for dynamic home agent assignment and home agent
agent redirection during initial registration. The goal is to redirection during initial registration. The goal is to assign an
assign an optimal HA for a Mobile IP session. The mobile node MUST optimal HA for a Mobile IP session. The mobile node MUST use the
use Network Access Identifier (NAI) extension [2] when requesting a Network Access Identifier (NAI) extension [2] when requesting a
dynamically assigned HA. dynamically assigned HA.
MN requests a dynamically assigned HA by setting the HA field in The MN requests a dynamically assigned HA by setting the HA field in
the initial Registration Request to ALL-ZERO-ONE-ADDR (defined in the initial Registration Request to ALL-ZERO-ONE-ADDR (defined in
section 2). If the request is accepted, the HA field in successful section 2). If the request is accepted, the HA sends a successful
Registration Reply contains the HA address. The requested HA can Registration Reply containing the HA's own address. The requested HA
suggest an alternate HA and if so, the Registration Reply is can suggest an alternate HA and if so, the Registration Reply is
rejected with a new error code (REDIRECT-HA-REQ) and the alternate rejected with a new error code REDIRECT-HA-REQ and the alternate HA
HA address is specified in a new extension (Redirected HA address is specified in a new extension (Redirected HA Extension).
extension).
If the RRQ is rejected with Redirected HA extension or if the MN This document also defines a new Requested HA Extension for use in
wishes to register at a specific HA, MN can put the HA address in Registration Requests when the HA field is set to ALL-ZERO-ONE-
the Requested HA extension in Registration Request. The HA address ADDRESS. The Requested HA address is a hint to the network about the
in Requested HA extension is a hint to the network where the MN may MN's preferred HA.
be anchored. The HA field is set to ALL-ZERO-ONE-ADDRESS for
dynamic HA assignment.
The messaging mechanism is defined in this document so that the The messaging mechanism is defined in this document so that the
MN can request and receive a dynamic HA address in Mobile IP MN can request and receive a dynamic HA address in Mobile IP
messages. However, the mechanism by which the network selects messages. However, the mechanism by which the network selects
an HA for assignment to the MN is outside the scope of this an HA for assignment to the MN is outside the scope of this
document. For example, the selection may be made by any document. For example, the selection may be made by any
network node that receives the registration request (or network node that receives the registration request (or
information about the registration request), such as a Foreign information about the registration request), such as a Foreign
Agent, AAA server, or Home Agent. The node that selects the Agent, AAA server, or Home Agent. The node that selects the
HA may select one based on a number of criteria, including but HA may select one based on a number of criteria, including but
not limited to HA load-balancing, geographical proximity, not limited to HA load-balancing, geographical proximity,
administrative policy etc.. administrative policy etc.
2. Requirements Terminology 2. Requirements Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
this document are to be interpreted as described in RFC 2119 [6]. document are to be interpreted as described in RFC 2119 [6].
The Mobile IP related terminology described in RFC 3344 [1] is used The Mobile IP related terminology described in RFC 3344 [1] is used
in this document. In addition, the following terms are used: in this document. In addition, the following terms are used:
ALL-ZERO-ONE-ADDR: IP address 0.0.0.0 or 255.255.255.255. An ALL-ZERO-ONE-ADDR: IP address 0.0.0.0 or 255.255.255.255. An
address of 255.255.255.255 would indicate address of 255.255.255.255 indicates a preference
assigning HA in home domain. An address of for an HA in the home domain. An address of
0.0.0.0 would mean MN just needs a dynamic 0.0.0.0 indicates no preference for home vs.
HA, it does not care whether in home or visited visited domain.
domain.
Requested HA: Destination IP address of Home Agent that the Requested HA: Destination IP address of Home Agent that the
first Registration Request is sent to. Must be Registration Request is sent to. Must be a
a unicast IP address. This address can be unicast IP address. This address can be
obtained as described in section 6. obtained as described in section 6.
Assigned HA: If registration is successful, this Home Agent Note that this specification defines a new
address field is obtained from successful "Requested HA Extension" in section 3.4, which
Registration Reply. is different from the term "Requested HA".
Assigned HA: The HA that accepts an MN's Registration Request
and returns a successful Registration Reply.
Redirected HA: If the registration is rejected with error code Redirected HA: If the registration is rejected with error code
(REDIRECT-HA-REQ), the HA being referred to is REDIRECT-HA-REQ, the HA being referred to is
specified in a new extension (Redirected HA specified in a new extension (Redirected HA
extension). Extension).
AAA server: Authentication, Authorization and Accounting AAA server: Authentication, Authorization and Accounting
Server. Server.
DNS: Domain Name System. DNS: Domain Name System.
DHCP: Dynamic Host Configuration Protocol. DHCP: Dynamic Host Configuration Protocol.
MN: Mobile Node as defined in Mobile IPv4 [1]. MN: Mobile Node as defined in Mobile IPv4 [1].
skipping to change at page 4, line 48 skipping to change at page 4, line 49
MN HoA: Mobile Node's Home Address. MN HoA: Mobile Node's Home Address.
NAI: Network Access Identifier [2]. NAI: Network Access Identifier [2].
Src IP: Source IP address of the packet. Src IP: Source IP address of the packet.
Dest IP: Destination IP address of the packet. Dest IP: Destination IP address of the packet.
3. Problem Statement 3. Problem Statement
Mobile IPv4 NAI Extension for IPv4 [2] introduced the concept of The Mobile IPv4 NAI Extension for IPv4 [2] introduced the concept of
identifying a MN by the NAI and enabling dynamic home address identifying a MN by the NAI and enabling dynamic home address
assignment. When the home address is dynamically assigned, it is assignment. When the home address is dynamically assigned, it is
desirable to discover the Home Agent dynamically or inform the MN desirable to discover the Home Agent dynamically or inform the MN
about an optimal HA to use for a multitude of reasons, such as: about an optimal HA to use for a multitude of reasons, such as:
- If the distance between the visited network and the home network - If the distance between the visited network and the home network of
of the mobile node is large, the signaling delay for these the mobile node is large, the signaling delay for these registrations
registrations may be long. In such a case the MN will be anchored may be long. In such a case the MN will be anchored to its distant
to its distant home agent, resulting in tunneled traffic traveling home agent, resulting in tunneled traffic traveling a long distance
a long distance between home agent and the mobile node. When a between home agent and the mobile node. When a Mobile IP session
Mobile IP session initiates, if the mobile node can be assigned a initiates, if the mobile node can be assigned a home agent that is
home agent that is close to the mobile node it can drastically close to the mobile node it can drastically reduce the latency
reduce the latency between the home agent and mobile node. between the home agent and mobile node.
- In a large scale Mobile IP deployment, it is cumbersome to - In a large scale Mobile IP deployment, it is cumbersome to
provision MNs with multiple HA addresses. provision MNs with multiple HA addresses.
- It is desirable to achieve some form of load balancing between - It is desirable to achieve some form of load balancing between
multiple HAs in the network. Dynamic HA assignment and/or HA multiple HAs in the network. Dynamic HA assignment and/or HA
redirection lets the network select the optimal HA from among a set redirection lets the network select the optimal HA from among a set
of HAs and thus achieve load balancing among a group of HAs. of HAs and thus achieve load balancing among a group of HAs.
- Local administrative policies. - Local administrative policies.
3.1 Scope 3.1 Scope
This specification does not address the problem of distributing a This specification does not address the problem of distributing a
security association between the MN and HA, and it can either be security association between the MN and HA, and it can either be
statically preconfigured or dynamically distributed using other statically preconfigured or dynamically distributed using other
mechanisms [7]. mechanisms [7].
The draft introduces the terms Requested/Assigned/Redirected HA The draft introduces the terms Requested/Assigned/Redirected HA
(section 6). The discovery of Requested/Assigned/Redirected HA can (section 6). The discovery of candidate HA addresses for insertion
be done by various means, which are network and/or deployment into the Redirected HA Extension can be accomplished through various
specific and hence this discovery/assignment of means which are network and/or deployment specific and hence are
Requested/Assigned/Redirected HA is kept outside the scope of this outside the scope of this specification.
specification.
3.2 Dynamic Home Agent Discovery in Mobile IPv4 3.2 Dynamic Home Agent Discovery in Mobile IPv4
Mobile IPv4 [1] specifies the mechanism for discovering the mobile Mobile IPv4 [1] specifies the mechanism for discovering the mobile
node's home agent using subnet-directed broadcast IP address in the node's home agent using subnet-directed broadcast IP address in the
home agent field of the Registration Request. This mechanism was home agent field of the Registration Request. This mechanism was
designed for mobile nodes with a static home address and subnet designed for mobile nodes with a static home address and subnet
prefix, anchored on fixed home network. But using subnet-directed prefix, anchored on fixed home network. However, using subnet
broadcast as the destination IP address of the Registration directed broadcast as the destination IP address of the Registration
Request, it is unlikely that the Registration Request will reach Request, it is unlikely that the Registration Request will reach the
the home subnet because routers will drop these packets by default. home subnet because routers will drop these packets by default. See
See CERT Advisory CA-1998-01 Smurf IP Denial-of-Service Attacks CERT Advisory CA-1998-01 Smurf IP Denial-of-Service Attacks [3].
[3].
3.3 NAI usage and dynamic HA assignment 3.3 NAI usage and dynamic HA assignment
Mobile IPv4 NAI Extension for IPv4 [2] introduced the The Mobile IPv4 NAI Extension for IPv4 [2] introduced the
concept of identifying a MN by the NAI and enabling dynamic concept of identifying a MN by the NAI and enabling dynamic
home address assignment. This document mandates that while home address assignment. This document mandates that while
using dynamic HA assignment, MN MUST use NAI and obtain a home using dynamic HA assignment, MN MUST use the NAI and obtain a home
address. MN can still suggest a static home address in Registration address. MN can still suggest a static home address in the
Request, but must take the address in Registration Reply as the Registration Request, but must take the address in the Registration
home address for the session. This is compatible with the Reply as the home address for the session. This is compatible with
procedures documented in the NAI specification [2]. the procedures documented in the NAI specification [2].
3.4 Dynamic HA extension 3.4 Dynamic HA Extension
The Dynamic HA extension, shown in figure 1, contains the address The Dynamic HA Extension, shown in figure 1, contains the address of
of the HA. This is a generic extension and can be used in the HA. This is a generic extension and can be used in Registration
Registration Request and Reply messages. It is a skippable Request and Reply messages. It is a skippable extension.
extension.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Sub-Type | Length | | Type | Sub-Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HA-Address | | HA-Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: The Dynamic HA address Extension Figure 1: The Dynamic HA address Extension
Type DYNAMIC-HA-ADDRESS (skippable) (to be assigned Type DYNAMIC-HA-ADDRESS (skippable) (to be assigned by
by IANA) is the type, which specifies the IANA) is the type, which specifies the dynamic HA
dynamic HA address. address.
Sub-Type Defines the use of this extension as: Sub-Type Defines the use of this extension as:
sub-type 1 = Requested HA extension sub-type 1 = Requested HA Extension
2 = Redirected HA extension 2 = Redirected HA Extension
Length Indicates the length of the extension not Length Indicates the length of the extension not
including the type, sub-type and length fields. including the type, sub-type and length fields.
Length is always 4 bytes. Length is always 4 bytes.
HA-Address Address of the Home Agent. HA-Address Address of the Home Agent.
3.4.1 Requested HA extension 3.4.1 Requested HA Extension
The Requested HA extension is a Dynamic HA extension of subtype 1. The Requested HA Extension is a Dynamic HA Extension of subtype 1.
MN may include the Requested HA extension in the registration The MN may include the Requested HA Extension in the registration
request as a hint to the network where it wishes to be anchored. request as a hint to the network where it wishes to be anchored.
This extension contains the address of the HA. A valid unicast IP This extension contains the address of the HA. A valid unicast IP
address MUST be used as HA address in this extension. address MUST be used as HA address in this extension.
In absence of an FA, the RRQ is forwarded to this HA. In presence In absence of an FA, the RRQ is forwarded to this HA. In presence of
of an FA, FA MUST forward RRQ to the HA address in this extension. an FA, the FA MUST forward RRQ to the HA address in this extension.
3.4.2 Redirected HA extension 3.4.2 Redirected HA Extension
The Redirected HA extension is a Dynamic HA extension of subtype 2. The Redirected HA Extension is a Dynamic HA Extension of subtype 2.
The Redirected HA extension, contains the address of the HA where The Redirected HA Extension contains the address of the HA where the
the MN should attempt the next registration. The HA receiving a MN should attempt the next registration. The HA receiving a
Registration Request can suggest an alternate HA and if so, the Registration Request can suggest an alternate HA and, if so, the
Registration Reply is rejected with a new error code (REDIRECT-HA- Registration Reply is sent with a new error code REDIRECT-HA-REQ and
REQ) and the alternate HA address is specified in this extension. the alternate HA address is specified in this extension.
The Redirected HA extension MUST be included in Registration Reply The Redirected HA Extension MUST be included in Registration Reply
when the reply code is REDIRECT-HA-REQ. when the reply code is REDIRECT-HA-REQ.
4. Messaging mechanism for dynamic HA assignment/redirection 4. Messaging mechanism for dynamic HA assignment/redirection
This specification presents two alternatives for home agent This specification presents two alternatives for home agent
assignment. The two alternatives are: assignment. The two alternatives are:
(a) Dynamic HA assignment (described in section 4.1) and (a) Dynamic HA assignment (described in section 4.1) and
(b) HA redirection (described in section 4.2). (b) HA redirection (described in section 4.2).
4.1 Messaging for dynamic HA assignment 4.1 Messaging for dynamic HA assignment
The following sequence of events occurs when the Requested HA The following sequence of events occurs when the Requested HA accepts
accepts the Registration Request and returns a Registration Reply the Registration Request and returns a Registration Reply to the
to the mobile node. mobile node.
1. MN sets the Home Agent address field in the Registration 1. The MN sets the Home Agent address field in the Registration
Request to ALL-ZERO-ONE-ADDR. If the MN is aware of the HA Request to ALL-ZERO-ONE-ADDR. If the MN is aware of a desired HA
address, it can add that address in the Requested HA extension address, it can add that address in the Requested HA Extension in
in Registration Request. the Registration Request.
2. The MN (if using collocated CoA) or FA (if using FA CoA) sends 2. The MN (if using collocated CoA and registering directly with the
the Registration Request to the "Requested HA". If the HA) or the FA (if the MN is registering via the FA) sends the
Requested HA extension is present, Requested HA is specified in Registration Request to the "Requested HA". If the Requested HA
the "HA Address" of this extension. Extension is present, Requested HA is specified in the "HA
3. "Requested HA" is the home agent, which processes the Address" of this extension.
3. The "Requested HA" is the home agent that processes the
Registration Request in accordance with Mobile IPv4 [1] and as Registration Request in accordance with Mobile IPv4 [1] and as
per the specification in this document. It creates mobility per the specification in this document. It creates mobility
binding for successful Registration Request. It also sends binding for successful Registration Request. It also sends a
Registration Reply to the MN. Registration Reply to the MN.
4. The MN obtains an "Assigned HA" address from the HA field in 4. The MN obtains an "Assigned HA" address from the HA field in the
the successful Registration Reply and uses it for the remainder successful Registration Reply and uses it for the remainder of
of the session. (Note that the "Assigned HA" will be same as the session. (Note that the "Assigned HA" will be same as the
the "Requested HA"). "Requested HA").
5. Subsequent Registration Request messages for renewal are sent 5. Subsequent Registration Request messages for renewal are sent to
to the Assigned HA. the Assigned HA.
Section 5.3.1 describes the Assigned HA in detail. Some ideas on Section 5.3.1 describes the Assigned HA in detail. Some ideas on how
how to select the Requested HA are briefly covered in section 6. to select the Requested HA are briefly covered in section 6.
4.1.1 Example with Message Flow Diagram 4.1.1 Example with Message Flow Diagram
Detailed explanation of this alternative is best described with the Detailed explanation of this alternative is best described with the
help of a message flow diagram and description. help of a message flow diagram and description.
Figure 2 shows one specific example of a Mobile Node using FA Care Figure 2 shows one specific example of a Mobile Node using an FA-
of Address. located Care of Address (FA CoA).
Other scenarios such as mobile node using collocated care of Other scenarios such as when the mobile node uses a collocated care
address are not described below, but the behavior is similar. of address are not described below, but the behavior is similar.
MN FA Requested/Assigned HA MN FA Requested/Assigned HA
| 1 | | | 1 | |
|------------>| 2 | |------------>| 2 |
| |--------------->| | |--------------->|
| | | | | |
| | | | | |
| | 3 | | | 3 |
| 4 |<---------------| | 4 |<---------------|
|<------------| | |<------------| |
| | | | | |
| | 5 | | | 5 |
|----------------------------->| |----------------------------->|
| | | | | |
Figure 2: Example of message flows for dynamic HA assignment Figure 2: Example message flow for dynamic HA assignment
1. MN sets the Home Agent address field in the Registration Request 1. The MN sets the Home Agent address field in the Registration
to ALL-ZERO-ONE-ADDR. Since MN is using FA CoA in this example, it Request to ALL-ZERO-ONE-ADDR. Since the MN is using FA CoA in this
sends the Registration Request to the FA. The Registration Request example, it sends the Registration Request to the FA. The
looks as follows: Registration Request is formatted as follows:
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| MN | FA | | ALL-ZERO-ONE-ADDR |FA CoA | | MN | FA | | ALL-ZERO-ONE-ADDR |FA CoA |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
If the MN is aware of an HA address, it can add that address in the If the MN is aware of a desired HA address, it can add that address
Requested HA extension in Registration Request as a hint. That in the Requested HA Extension in Registration Request as a hint.
extension is not shown above. That extension is not shown above.
2. The FA sends the Registration Request to the Requested HA. The 2. The FA sends the Registration Request to the Requested HA. If
Registration Request looks as follows: Requested HA Extension is present, Requested HA is the HA address in
this extension. If the Requested HA Extension is not present, the FA
determines the Requested HA through means outside the scope of this
specification. The Registration Request is formatted as follows:
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| FA |Requested HA| | ALL-ZERO-ONE-ADDR |FA CoA | | FA |Requested HA| | ALL-ZERO-ONE-ADDR |FA CoA |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
(If MN includes the Requested HA extension, the FA copies that (If MN includes the Requested HA Extension, the FA copies that
extension. The FA then forwards the Registration Request, along extension. The FA then forwards the Registration Request, along with
with the Requested HA extension, to the HA address specified in the Requested HA Extension, to the HA address specified in Requested
Requested HA extension.) HA Extension.)
3. HA processes the Registration Request in accordance with Mobile 3. The HA processes the Registration Request in accordance with
IPv4 [1] and the messaging defined in this document. HA creates Mobile IPv4 [1] and the messaging defined in this document. The HA
mobility binding for successful request. HA then sends Registration creates mobility binding for successful request and becomes the
Reply to the FA, which looks as follows. The Assigned HA address Assigned HA. The HA then sends Registration Reply to the FA, which
corresponds to the HA receiving and processing the request (and is is formatted as follows:
same as Requested HA, only the name is changed for registration
reply).
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
|Assigned| Src IP of | | Assigned HA |FA CoA/| |Assigned| Src IP of | | Assigned HA |FA CoA/|
| HA | the RRQ | | | | | HA | the RRQ | | | |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
4. The FA relays the Registration Reply to the MN, as follows. 4. The FA relays the Registration Reply to the MN, as follows.
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| FA | MN | | Assigned HA |FA CoA/| | FA | MN | | Assigned HA |FA CoA/|
+-----------------------------------------------------------+ +-----------------------------------------------------------+
5. The MN obtains Assigned HA address from the HA field in the 5. The MN obtains the Assigned HA address from the HA field in the
successful Registration Reply and uses it for the remainder of the successful Registration Reply and uses it for the remainder of the
session. MN sends subsequent Re-Registration or De-Registration session. The MN sends subsequent Re-Registration or De-Registration
Requests for the remaining session directly to the Assigned HA. Requests for the remainder session directly to the Assigned HA. Note
Note that the Assigned HA is the same as the Requested HA. that the Assigned HA is the same as the Requested HA.
4.2 Messaging for HA redirection 4.2 Messaging for HA redirection
This section describes the events that occur when the Requested HA This section describes the events that occur when the Requested HA
does not accept the Registration Request and redirects the mobile does not accept the Registration Request and redirects the mobile
node to another HA (aka Redirected HA) instead. node to another HA (aka Redirected HA) instead.
1. MN sets the Home Agent address field in the Registration Request 1. The MN sets the Home Agent address field in the Registration
to ALL-ZERO-ONE-ADDR. Request to ALL-ZERO-ONE-ADDR.
2. The MN (if using collocated CoA) or FA (if using FA CoA) sends 2. The MN (if using collocated CoA and registering directly with the
the Registration Request to the "Requested HA". If the MN is HA) or FA (if the MN is registering via the FA) sends the
aware of an HA address, it can add that address in the Requested Registration Request to the "Requested HA". If the MN is aware of
HA extension in Registration Request. an HA address, it can add that address in the Requested HA
Extension in Registration Request.
3. When HA receives the Registration Request, if the HA field is 3. When the HA receives the Registration Request, if the HA field is
set to ALL-ZERO-ONE-ADDR, HA may reject the request with Reply set to ALL-ZERO-ONE-ADDR, the HA may reject the request with Reply
code REDIRECT-HA-REQ and suggest an alternate HA. code REDIRECT-HA-REQ and suggest an alternate HA.
HA may reject the Request for a number of reasons, which are The HA may reject the Request for a number of reasons, which are
outside the scope of this specification. If the HA rejects the outside the scope of this specification. If the HA rejects the
Request, the HA field in the Reply is set to this HAs address. Request, the HA field in the Reply is set to this HAs address.
The IP address of the HA that is the target of the redirection The IP address of the HA that is the target of the redirection is
is specified in Redirected HA extension. The presence of this specified in Redirected HA Extension. The presence of this
extension is mandatory when the reply code is set to REDIRECT- extension is mandatory when the reply code is set to REDIRECT-HA-
HA-REQ. HA sends the Reply to the FA/MN. REQ. HA sends the Reply to the FA/MN.
4. FA sends the Reply to the MN. 4. FA sends the Reply to the MN.
5. If the error code is set to REDIRECT-HA-REQ, MN obtains the HA 5. If the error code is set to REDIRECT-HA-REQ, MN obtains the HA
address from Redirected HA extension. The MN then sends a address from Redirected HA Extension. The MN then sends a
Registration Request to Redirected HA, unless it has already Registration Request to Redirected HA, unless it has already
received a redirection response from this HA while processing received a redirection response from this HA while processing this
this Registration Request. Registration Request.
4.2.1 Example with Message Flow Diagram 4.2.1 Example with Message Flow Diagram
Figure 3 shows one specific example of a Mobile Node using FA Care Figure 3 shows one specific example of a Mobile Node using FA-located
of Address. Care of Address.
MN FA Requested HA Redirected HA MN FA Requested HA Redirected HA
| 1 | | | | 1 | | |
|------------>| 2 | | |------------>| 2 | |
| |--------------->| | | |--------------->| |
| | | | | | | |
| | | | | | | |
| | 3 | | | | 3 | |
| 4 |<---------------| | | 4 |<---------------| |
|<------------| | | |<------------| | |
| | | | | | | |
| | 5 | | | | 5 | |
|--------------------------------------------->| |--------------------------------------------->|
| | | | | | | |
Figure 3: Example of message flows for HA redirection Figure 3: Example message flow for HA redirection
1. MN sets the Home Agent address field in the Registration Request 1. The MN sets the Home Agent address field in the Registration
to ALL-ZERO-ONE-ADDR address. Since MN is using FA CoA in this Request to ALL-ZERO-ONE-ADDR. Since the MN is using FA CoA in this
example, it sends the Registration Request to the FA. The example, it sends the Registration Request to the FA. The
Registration Request looks as follows: Registration Request is formatted as follows:
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| MN | FA | | ALL-ZERO-ONE-ADDR |FA CoA | | MN | FA | | ALL-ZERO-ONE-ADDR |FA CoA |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
If the MN is aware of an HA address, it can add that address in the If the MN is aware of an HA address, it can add that address in the
Requested HA extension in Registration Request as a hint. That Requested HA Extension in Registration Request as a hint. That
extension is not shown above. extension is not shown above.
2. The FA sends the Registration Request to the Requested HA. If 2. The FA sends the Registration Request to the Requested HA. If
Requested HA extension is present, Requested HA is the HA address Requested HA Extension is present, Requested HA is the HA address in
in this extension. The Registration Request looks as follows: this extension. If the Requested HA Extension is not present, the FA
determines the Requested HA through means outside the scope of this
specification. The Registration Request is formatted as follows:
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| FA |Requested HA| | ALL-ZERO-ONE-ADDR |FA CoA | | FA |Requested HA| | ALL-ZERO-ONE-ADDR |FA CoA |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
3. HA processes the Registration Request in accordance with Mobile 3. The HA processes the Registration Request in accordance with
IPv4 [1] and the messaging defined in this document. If the Mobile IPv4 [1] and the messaging defined in this specification. If
registration is successful, but local configuration/ administrative the registration is successful, but local configuration/
policy etc. directs HA to refer the MN to another HA, HA rejects administrative policy etc. directs HA to refer the MN to another HA,
the Request with error code REDIRECT-HA-REQ. HA fills in the the HA rejects the Request with error code REDIRECT-HA-REQ. The HA
address of the Redirected HA in the Redirected HA extension. HA fills in the address of the Redirected HA in the Redirected HA
then sends Registration Reply reject to the FA, which looks as Extension. The HA then sends Registration Reply reject to the FA,
follows: which is formatted as follows:
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| | Src IP of | | HA |FA CoA | | | Src IP of | | HA |FA CoA |
| HA | the RRQ | | | | | HA | the RRQ | | | |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Redirected HA extension ... | | Redirected HA Extension ... |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
4. The FA relays the Registration Reply to the MN, as follows. 4. The FA relays the Registration Reply to the MN, as follows.
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Src IP=| Dest IP = | MN HoA | HA Address = | CoA = | | Src IP=| Dest IP = | MN HoA | HA Address = | CoA = |
| FA | MN | | HA |FA CoA/| | FA | MN | | HA |FA CoA/|
+-----------------------------------------------------------+ +-----------------------------------------------------------+
| Redirected HA extension ... | | Redirected HA Extension ... |
+-----------------------------------------------------------+ +-----------------------------------------------------------+
5. If MN can authenticate the Reply, MN extracts the HA address 5. If the MN can authenticate the Reply, the MN extracts the HA
from Redirected HA extension. The MN then sends Registration address from the Redirected HA Extension. The MN then sends a
Request to Redirected HA, unless it has already received a Registration Request to the Redirected HA, unless it has already
redirection response from this HA while processing the Registration received a redirection response from that HA while processing the
Request. Registration Request.
5. Mobility Agent Considerations 5. Mobility Agent Considerations
Following sections describe the behavior of each mobility agent in The following sections describe the behavior of each mobility agent
detail. in detail.
5.1 Mobile Node Considerations 5.1 Mobile Node Considerations
The mobile node MUST use NAI extension for home address assignment The mobile node MUST use the NAI extension for home address
when using the messaging mechanism in this document. Since MN uses assignment when using the messaging mechanism in this document.
NAI extension, the Home Address field is set to 0.0.0.0. Since MN uses the NAI extension, the Home Address field is set to
0.0.0.0.
While dynamic HA assignment is in progress and MN has not While dynamic HA assignment is in progress and the MN has not
successfully anchored at a Home Agent, mobile node MUST set the successfully anchored at a Home Agent, the MN MUST set the Home Agent
Home Agent field in the Registration Request to an ALL-ZERO-ONE- field in the Registration Request to an ALL-ZERO-ONE-ADDR, which is
ADDR, which is either 255.255.255.255 or 0.0.0.0. either 255.255.255.255 or 0.0.0.0.
The Registration Request MUST be protected by a valid authenticator The Registration Request MUST be protected by a valid authenticator
as specified in Mobile IPv4 [1] or Mobile IPv4 Challenge/Response as specified in Mobile IPv4 [1] or Mobile IPv4 Challenge/Response
Extensions [5]. Configuring security associations is deployment Extensions [5]. Configuring security associations is deployment
specific and hence outside the scope of this specification. The specific and hence outside the scope of this specification. The
security associations between a MN and an individual HA may also be security associations between a MN and an individual HA may also be
dynamically derived during the dynamic HA assignment, based on a dynamically derived during the dynamic HA assignment, based on a
shared secret between MN and AAA infrastructure [7]. shared secret between MN and AAA infrastructure [7].
The mobile node MUST maintain the remaining Mobile IP session with The mobile node MUST maintain the remaining Mobile IP session with
the Assigned HA. the Assigned HA.
Following sections describe MN behavior in FA CoA mode and The following sections describe MN behavior in FA CoA mode and
collocated CoA mode. collocated CoA mode.
5.1.1 MN using FA CoA 5.1.1 MN using FA CoA
When a mobile node initiates Mobile IP session requesting dynamic When a mobile node initiates a Mobile IP session requesting dynamic
HA assignment, it MUST set the home agent address field in the HA assignment, it MUST set the home agent address field in the
Registration Request to ALL-ZERO-ONE-ADDR. The destination IP Registration Request to ALL-ZERO-ONE-ADDR. The destination IP
address of Registration Request is the FA. The FA will determine address of the Registration Request is the FA. The FA will determine
the Requested HA and forward the Registration Request to the the Requested HA and forward the Registration Request to the
Requested HA. Registration Request processing takes place on the Requested HA. Registration Request processing takes place on the
Requested HA as per the specification in this draft. Requested HA as per the specification in this draft.
The Registration Request MUST be appropriately authenticated for The Registration Request MUST be appropriately authenticated for the
the HA to validate the Request. HA to validate the Request.
If successful Registration Reply is received, MN obtains Assigned If a successful Registration Reply is received, the MN obtains the
HA from the HA field of Reply. Assigned HA address is the same as Assigned HA from the HA field of Reply. The Assigned HA address will
Requested HA address. be the same as the Requested HA Extension, if it was included in the
Registration Request by the MN.
If Registration Reply is received with code REDIRECT-HA-REQ, MN If a Registration Reply is received with code REDIRECT-HA-REQ, the MN
MUST authenticate the Reply based on HA address in HA field of MUST authenticate the Reply based on HA address in HA field of Reply
Reply and attempt Registration with the HA address specified in the and attempt Registration with the HA address specified in the
Redirected HA extension. MN MUST put the Redirected HA in the HA Redirected HA Extension. The MN MUST put the Redirected HA address
address of the Requested HA extension. as the Requested HA Extension of the new Registration Request.
In some cases, for the first Registration Request MN may want to In some cases, for the first Registration Request the MN may want to
hint to the network to be anchored at a specific HA and the MN MUST hint to the network to be anchored at a specific HA. The MN SHOULD
put that address in the HA address of the Requested HA extension. put that address in the HA address of the Requested HA Extension.
If the Registration Request contains the Requested HA extension, If the Registration Request contains the Requested HA Extension, the
the HA address in that extension must match the destination IP of HA address in that extension MUST match the destination IP of the
the Request. Request.
5.1.2 MN using Collocated CoA 5.1.2 MN using Collocated CoA
Mobile Node in collocated CoA mode requesting dynamic HA assignment An MN in collocated CoA mode requesting dynamic HA assignment MUST
MUST set the home agent address field in the Registration Request set the home agent address field in the Registration Request to ALL-
to ALL-ZERO-ONE-ADDR. The destination IP address of the ZERO-ONE-ADDR. The destination IP address of the Registration
Registration Request is the Requested HA. Some ideas on how to Request is the Requested HA. Some ideas on how to select a Requested
select a Requested HA are briefly covered in section 6. HA are briefly covered in section 6.
If successful Reply is received, the MN obtains Assigned HA address If a successful Reply is received, the MN obtains the Assigned HA
from successful Registration Reply. The Assigned HA will be same as address from the successful Registration Reply. The Assigned HA will
Requested HA. The MN MUST cache the Assigned HA address for the be the same as Requested HA to which the Registration Request was
length of the Mobile IP session. The mobile node then MUST use this sent. The MN MUST cache the Assigned HA address for the length of
previously cached Assigned HA address as the home agent address in the Mobile IP session. The mobile node then MUST use this previously
subsequent re-registration and de-registration request(s). This cached Assigned HA address as the home agent address in subsequent
will make sure that for the duration of the Mobile IP session, the re-registration and de-registration request(s). This will make sure
mobile node will always be anchored to the assigned home agent with that for the duration of the Mobile IP session, the mobile node will
which it was initially registered. always be anchored to the assigned home agent with which it was
initially registered.
If Registration Reply is received with code REDIRECT-HA-REQ, MN If a Registration Reply is received with code REDIRECT-HA-REQ, the MN
MUST authenticate the Reply based on HA address in HA field of MUST authenticate the Reply based on HA address in HA field of Reply
Reply and attempt Registration with the HA address specified in the and attempt Registration with the HA address specified in the
Redirected HA extension. MN MUST put the Redirected HA in the HA Redirected HA Extension. The MN MUST put the Redirected HA in the
address of the Requested HA extension. Requested HA Extension of the new Registration Request.
In some cases, for the first Registration Request MN may want to In some cases, for the first Registration Request MN may want to hint
hint to the network to be anchored at a specific HA and the MN MUST to the network to be anchored at a specific HA and the MN SHOULD put
put that address in the HA address of the Requested HA extension. that address in the HA address of the Requested HA Extension.
While requesting dynamic HA assignment in collocated CoA mode, While requesting dynamic HA assignment and registering directly with
Requested HA extension must always be included. an HA, the Requested HA Extension MUST be included and MUST contain
the address of the HA to which the Registration Request is sent.
When using collocated CoA but registering via an FA the Requested HA
Extension MAY be present or MAY be omitted.
5.1.3 Refreshing Assigned HA Address on Mobile Node 5.1.3 Refreshing Assigned HA Address on Mobile Node
When the Mobile IP session terminates, the mobile node MAY clear the
Assigned HA address cached as the home agent address. It MAY request
a new HA address for the new Mobile IP session by not including the
Requested HA Extension. The advantage of this approach is that the
mobile node will be always anchored to an optimal home agent from
where it initiated the Mobile IP session.
When the Mobile IP session terminates, the mobile node MAY clear Alternately, the MN may save the Assigned HA address and use it in
the Assigned HA address cached as the home agent address. It MAY the Requested HA Extension along with ALL-ZERO-ONE-ADDR HA address in
request a new HA address for the new Mobile IP session by not Registration Request for a new Mobile IP session.
including the Requested HA extension. The advantage of this
approach is that the mobile node will be always anchored to an
optimal home agent from where it initiated Mobile IP session.
Alternately, MN may save the Assigned HA address and use it in the
Requested HA extension along with ALL-ZERO-ONE-ADDR address in
Registration Request.
5.2 Foreign Agent Considerations 5.2 Foreign Agent Considerations
When the mobile node is using foreign agent CoA or MN using CCoA When the mobile node is using FA CoA it always registers via the FA.
finds R bit is set in the FA advertisement, it sends the When the MN is using a collocated CoA it may register using an FA or
Registration Request to the foreign agent. it may register directly with an HA, unless the R bit is set in the
FA's agent advertisement, in which case it always registers with the
FA.
When the FA receives a Registration Request with HA address field When the FA receives a Registration Request with HA address field set
set to ALL-ZERO-ONE-ADDR and it doesn't contain the Requested HA to ALL-ZERO-ONE-ADDR that doesn't contain the Requested HA Extension,
extension, FA obtains the Requested HA address to forward the the FA obtains the Requested HA address to forward the Registration
Registration Request. Some ideas on how to select a Requested HA Request using means outside the scope of this specification. Some
are briefly covered in section 6. ideas on how to select a Requested HA are briefly covered in section
6.
If the FA cannot obtain the Requested HA to forward a Registration If the FA cannot obtain the Requested HA to which to forward a
Request from MN, it MUST reject request with error code NONZERO-HA- Registration Request from MN, it MUST reject request with error code
REQD. NONZERO-HA-REQD.
If the MN has included the Requested HA extension, FA MUST forward If the MN has included the Requested HA Extension, the FA MUST
Registration Request to the address in this extension. If the HA forward Registration Request to the address in this extension. If
address in this extension is not a routable unicast address, FA the HA address in this extension is not a routable unicast address,
MUST reject request with error code NONZERO-HA-REQD. the FA MUST reject request with error code NONZERO-HA-REQD.
If the Registration Request contains the Requested HA extension, If the Registration Request contains the Requested HA Extension, the
the HA address in that extension must match the destination IP of FA uses that address as the destination for the relayed Registration
the Request. Request.
Backward compatibility issues related to the mobility agents are Backward compatibility issues related to the mobility agents are
addressed in section 10. addressed in section 10.
5.3 Home Agent Considerations 5.3 Home Agent Considerations
Home Agent can process an incoming Registration Request in one of A Home Agent can process an incoming Registration Request in one of
the following two ways: the following two ways:
1. MN or FA sends the Registration Request to the Requested HA. The 1. The MN or FA sends the Registration Request to the Requested HA.
term Requested HA has meaning in context of the Registration The term Requested HA has meaning in the context of a Registration
Request message. When the Requested HA successfully processes Request message. When the Requested HA successfully processes the
Registration Request and creates a binding and sends a Reply with Registration Request and creates a binding and sends a Reply with its
its address, it becomes the Assigned HA. The term Assigned HA is address, it becomes the Assigned HA. The term Assigned HA is
meaningful in context of a Registration Reply message. meaningful in the context of a Registration Reply message.
2. Home Agent receiving the Registration Request with HA field set 2. A Home Agent receiving a Registration Request with HA field set
to ALL-ZERO-ONE-ADDR MAY reject the request even if successfully to ALL-ZERO-ONE-ADDR MAY reject the request even if successfully
authenticated and suggest an alternate HA address in Reply. In such authenticated and suggest an alternate HA address in Reply. In such
a case, the HA puts its own address in HA field of Reply and sets a case, the HA puts its own address in HA field of Reply and sets the
the Reply code to REDIRECT-HA-REQ and adds the Redirected HA Reply code to REDIRECT-HA-REQ and adds the Redirected HA Extension.
extension.
If the Registration Request contains the Requested HA extension, If the Registration Request contains the Requested HA Extension, the
the HA address in that extension must match the destination IP of HA address in that extension must match the destination IP of the
the Request. If it does not match, the Requested HA must reject the Request. If it does not match, the Requested HA MUST reject the
Registration Request with error code 136. Registration Request with error code 136.
5.3.1 Assigned Home Agent Considerations 5.3.1 Assigned Home Agent Considerations
The HA that processes the incoming Registration Request fully in The HA that processes the incoming Registration Request fully in
accordance with Mobile IPv4 [1] and this specification becomes the accordance with Mobile IPv4 [1] and this specification becomes the
Assigned HA. The Registration Request terminates at the Assigned Assigned HA. The Registration Request terminates at the Assigned HA.
HA.
The Assigned HA creates one mobility binding per MN and sends The Assigned HA creates one mobility binding per MN and sends
Registration Reply to the MN by copying its address in the home Registration Reply to the MN by copying its address in the home agent
agent field and as the source IP address of the Reply. field and as the source IP address of the Reply.
There are two IP addresses to consider, destination IP address and
Home Agent address field in the Registration Request. When
destination IP address is unicast, only one HA receives the
Registration Request. This HA should unambiguously accept or deny
the registration, regardless of the value in the Home Agent field.
When the Home Agent field is non-unicast, the HA should set the
value to its own IP address in the Registration Reply.
The following table summarizes the behavior of Assigned HA. The following table summarizes the behavior of the Assigned HA, based
on the value of the destination IP address and Home Agent field of
the Registration Request.
Dest IP Addr HA field Processing at Assigned HA Dest IP Addr HA field Processing at Assigned HA
------------ ------------ ---------------------------------- ------------ ------------ ----------------------------------
Unicast non-unicast Mobile IPv4 [1]: There is no change Unicast non-unicast Mobile IPv4 [1]: There is no change
in handling for this case from in handling for this case from
(Must be Mobile IPv4. It is mentioned here (Must be Mobile IPv4. It is mentioned here
equal to the for reference only. equal to the for reference only.
HA receiving HA denies the registration HA receiving HA denies the registration with
the RRQ) with error code 136 and sets the RRQ) error code 136 and sets HA field to
HA field to its own IP its own IP address in the reply as
address in the reply as per per section 3.8.3.2 in [1].
section 3.8.3.2 in [1].
ALL-ZERO- ALL-ZERO- New Behavior: Accept the RRQ as per
ONE-ADDR New Behavior: Accept the RRQ as per ONE-ADDR this specification. Authenticate
this specification. Authenticate
the RRQ and create mobility binding the RRQ and create mobility binding
if the HA is acting as Assigned HA. if the HA is acting as Assigned HA.
Set HA field to its own IP address Set HA field to its own IP address
in the Registration Reply. in the Registration Reply.
OR OR
New Behavior: If authentication is New Behavior: If authentication is
successful, reject RRQ with a new successful, reject RRQ with a new
error code (REDIRECT-HA-REQ). HA error code REDIRECT-HA-REQ. HA
puts its address in HA address puts its address in HA address
field of Reject. HA suggests an field of Reject. HA suggests an
alternate HA to use in the new alternate HA to use in the new
Redirected HA extension. Redirected HA Extension.
Table 1: Registration Request handling at Assigned HA Table 1: Registration Request handling at Assigned HA
As per the messaging proposed here, the mobile node (or the foreign As per the messaging proposed here, the mobile node (or the foreign
agent) sends the Registration Request to the Requested HA address, agent) sends the Registration Request to the Requested HA address,
which is a unicast address. Because HA does not receive which is a unicast address. Therefore, this document does not
Registration Request that is sent to the subnet-directed broadcast specify any new behavior for the case where the HA receives a subnet
address, Mobile IPv4 [1] section 3.8.2.1 doesn't apply. Although directed broadcast Registration Request as specified in section
the Home Agent field in the Registration Request is not a unicast 3.8.2.1 of the Mobile IPv4 specification [1]. Although the Home
address, the destination IP address is a unicast address. This Agent field in the Registration Request is not a unicast address, the
avoids the problem associated with subnet-directed broadcast destination IP address is a unicast address. This avoids the
destination IP address that may result in multiple HAs responding. problem associated with subnet-directed broadcast destination IP
Thus, there is no need to deny the registration as stated in Mobile address that may result in multiple HAs responding. Thus, there is
IPv4 [1] section 3.8.3.2. no need to deny the registration as stated in Mobile IPv4 [1] section
3.8.3.2.
When the destination IP address is a unicast address and Home Agent When the destination IP address is a unicast address and the Home
field is ALL-ZERO-ONE-ADDR, the HA accepts/denies registration and Agent field is ALL-ZERO-ONE-ADDR, the HA accepts/denies registration
sets HA field to its own IP address in the reply (i.e. registration and sets the HA field to its own IP address in the reply (i.e. the
is not rejected with error code 136). registration is not rejected with error code 136).
HA can reject the request with the error code REDIRECT-HA-REQ and The HA can reject the request with the error code REDIRECT-HA-REQ and
suggest an alternate HA. This redirection can be used for load suggest an alternate HA. This redirection can be used for load
balancing, geographical proximity based on care-of-address or other balancing, geographical proximity based on care-of-address or other
reasons. HA puts its own address in HA field of the Registration reasons. The HA puts its own address in HA field of the Registration
Reply message and puts the address of the redirected HA in the Reply message and puts the address of the redirected HA in the
Redirected HA extension. If HA accepts the Request, HA field in the Redirected HA Extension. If the HA accepts the Request, it sets the
Registration Reply is set to this HA address. HA field in the Registration Reply to its own address.
The Assigned HA performs standard validity checks on the The Requested HA always performs standard validity checks on the
Registration Request. If there is any error, the Registration Registration Request. If there is any error, the Registration
Request is rejected with error codes specified in Mobile IPv4 [1]. Request is rejected with error codes specified in Mobile IPv4 [1].
6. Requested Home Agent Selection 6. Requested Home Agent Selection
When dynamic HA assignment is requested, the destination IP address When dynamic HA assignment is requested, the MN (or FA in the case of
of the Registration Request is the Requested HA. This address MUST registration via FA) sends the Registration Request to the Requested
be a unicast IP address. If the MN has included a Requested HA HA. This address MUST be a unicast IP address. If the MN has
extension in Registration Request, the HA address in this extension included a Requested HA Extension in Registration Request, the HA
is the Requested HA. address in this extension is the Requested HA.
Some example methods by which the MN or the FA may select the Some example methods by which the MN or the FA may select the
Requested HA are briefly described below: Requested HA are briefly described below:
DHCP: DHCP:
MN performs DHCP to obtain an IP address on the visited network. MN performs DHCP to obtain an IP address on the visited network. The
The Requested HA is learned from the DHCP Mobile IP Home Agent Requested HA is learned from the DHCP Mobile IP Home Agent Option 68
Option 68 [4]. MN sends Registration Request directly to this HA [4]. MN sends Registration Request directly to this HA and receives
and receives the Assigned HA to be used for the remainder of the the Assigned HA to be used for the remainder of the Mobile IP
Mobile IP session. session.
AAA: AAA:
MN performs challenge/response [5] with the FA. The FA retrieves MN performs challenge/response [5] with the FA. The FA retrieves the
the Requested HA from the AAA server and forwards the Registration Requested HA from the AAA server and forwards the Registration
Request directly to this HA. The Assigned HA sends Registration Request directly to this HA. The Assigned HA sends a Registration
Reply to the FA, which relays it to the MN. MN uses the Assigned Reply to the FA, which relays it to the MN. MN uses the Assigned HA
HA for the remainder of the Mobile IP session. for the remainder of the Mobile IP session.
DNS: DNS:
In this case hostname of HA is configured on MN or obtained by some In this case the hostname of the HA is configured on the MN or
other means e.g. using a service location protocol. MN performs DNS obtained by some other means; e.g., using a service location
lookup on the HA hostname. The DNS infrastructure provides resource protocol. MN performs DNS lookup on the HA hostname. The DNS
record with information to identify the nearest HA to the MN. The infrastructure provides a resource record with information to
MN sends Registration Request directly to the HA and receives the identify the optimal HA to the MN. The MN sends a Registration
Assigned HA to be used for remainder of the Mobile IP session. Request directly to the HA and receives the Assigned HA to be used
for remainder of the Mobile IP session.
Static configuration: Static configuration:
HA address is statically configured on MN. The MN sends the The HA address is statically configured on the MN. The MN sends the
Registration Request to the configured address. Registration Request to the configured address. The Requested HA may
then redirect the MN to a Redirected HA.
7. Error Values 7. Error Values
Each entry in the following table contains the name and value for Each entry in the following table contains the name and value for the
the error code to be returned in a Registration Reply. It also error code to be returned in a Registration Reply. It also includes
includes the section in which the error code is first mentioned in the section in which the error code is first mentioned in this
this document. document.
Error Name Value Section Description Error Name Value Section Description
---------- ----- ------- ----------------------------- --------------- ----- ------- -----------------------------
NONZERO-HA-REQD XX 5.2 Non-zero HA address required NONZERO-HA-REQD XX 5.2 Non-zero HA address required
in Registration Request. in Registration Request.
REDIRECT-HA-REQ YY 5.3 Reregister with redirected HA. REDIRECT-HA-REQ YY 5.3 Reregister with redirected HA.
8. IANA Considerations 8. IANA Considerations
The code value NONZERO-HA-REQD is a Mobile IP response code [1]
taken from the range of values associated with rejection by the
foreign agent (i.e. value in the range 64-127).
The code value REDIRECT-HA-REQ is a Mobile IP response code [1] The code value NONZERO-HA-REQD is a Mobile IP response code [1] taken
taken from the range of values associated with rejection by the from the range of values associated with rejection by the foreign
home agent (i.e. value in the range 128-192). agent (i.e. value in the range 64-127).
The Dynamic HA extension is assigned from the range of values The code value REDIRECT-HA-REQ is a Mobile IP response code [1] taken
associated with skippable extensions at the home agent (i.e. value from the range of values associated with rejection by the home agent
in the range 128-255). (i.e. value in the range 128-192).
The Dynamic HA Extension is assigned from the range of values
associated with skippable extensions at the home agent (i.e. value in
the range 128-255).
IANA should record the values as defined in Section 7 and 3.4. IANA should record the values as defined in Section 7 and 3.4.
9. Security Considerations 9. Security Considerations
This specification assumes that a security configuration has been This specification assumes that a security configuration has been
preconfigured between the MN and the HA or is configured along with preconfigured between the MN and the HA or is configured along with
the initial RRQ/RRP as per [7]. the initial RRQ/RRP as per [7].
This specification does not change or degrade the security model
established in Mobile IPv4 [1]. Mobile Nodes are often connected to This specification does not change the security model established in
the network via wireless link, which may be more prone to passive Mobile IPv4 [1]. Mobile Nodes are often connected to the network via
eavesdropping, replay attacks. Such an attack might lead to bogus wireless links, which may be more prone to passive eavesdropping or
registrations or redirection of traffic or denial of service. replay attacks. Such an attack might lead to bogus registrations or
redirection of traffic or denial of service.
As per the messaging in this draft, the Assigned Home Agent will As per the messaging in this draft, the Assigned Home Agent will
process the incoming Registration Request as per Mobile IPv4 [1]. process the incoming Registration Request as per Mobile IPv4 [1].
Hence the Assigned Home Agent will have same security concerns as Hence the Assigned Home Agent will have same security concerns as
that of the Home Agent in Mobile IPv4 [1]. They are addressed in that of the Home Agent in Mobile IPv4 [1]. They are addressed in
Section 5 "Security Considerations" of Mobile IPv4 [1]. Section 5 "Security Considerations" of Mobile IPv4 [1].
The Registration Request and Registration Reply messages are The Registration Request and Registration Reply messages are
protected by a valid authenticator as specified in Mobile IPv4 [1]. protected by a valid authenticator as specified in Mobile IPv4 [1].
Configuring security associations is a deployment specific issue Configuring security associations is a deployment specific issue and
and is covered by other specifications in Mobile IP WG. There can is covered by other Mobile IP specifications. There can be many ways
be many ways of configuring security associations, but this of configuring security associations, but this specification does not
specification does not mandate any specific way. mandate any specific way.
An example is where the security association between a MN and an An example is where the security association between an MN and an
individual HA (Dynamic or Assigned) is dynamically derived during individual HA (Requested or Assigned) is dynamically derived during
the dynamic HA assignment, based on a shared secret between MN and the registration process based on a shared secret between MN and AAA
AAA infrastructure, as defined in [7]. The Registration Request is infrastructure, as defined in [7]. The Registration Request is
protected with MN-AAA authentication extension and Registration protected with MN-AAA authentication extension and Registration Reply
Reply is protected with MN-HA Authentication Extension. Since the is protected with MN-HA Authentication Extension. Because the
security association is shared between MN and AAA, any dynamically security association is shared between MN and AAA, any dynamically
assigned HA in the local domain can proxy authenticate the MN using assigned HA in the local domain can proxy authenticate the MN using
AAA as per [7]. AAA as per [7].
The Assigned Home Agent authenticates Registration Request from the The Assigned Home Agent authenticates each Registration Request from
mobile node as specified in Mobile IPv4 [1] and RFC-3012. The MN the mobile node as specified in Mobile IPv4 [1] and/or RFC-3012. The
also authenticates the Registration Reply from the Assigned HA, MN also authenticates the Registration Reply from the Assigned HA,
thus the existing trust model in Mobile IPv4 [1] is maintained. thus the existing trust model in Mobile IPv4 [1] is maintained.
10. Backward Compatibility Considerations 10. Backward Compatibility Considerations
In this section, we examine concerns that may arise when using this In this section, we examine concerns that may arise when using this
specification in a mixed environment where some nodes implement the specification in a mixed environment where some nodes implement the
specification and others do not. In each of the examples below, we specification and others do not. In each of the examples below, we
consider the case where one node is a "Legacy" node which does not consider the case where one node is a "Legacy" node which does not
implement the specification in the context of other nodes which do. implement the specification in the context of other nodes which do.
Legacy Home Agent: Legacy Home Agent:
Legacy home agents may reject the Registration Request with error Legacy home agents may reject the Registration Request with error
code 136 because the Home Agent field is not a unicast address. code 136 because the Home Agent field is not a unicast address.
However, some legacy HA implementations may coincidentally process However, some legacy HA implementations may coincidentally process
the Registration Request in accordance with this draft, when the HA the Registration Request in accordance with this draft, when the HA
field in RRQ is set to ALL-ZERO-ONE-ADDR. field in Registration Request is set to ALL-ZERO-ONE-ADDR.
Legacy Foreign Agent: Legacy Foreign Agent:
Legacy foreign agents may forward Registration Request with home Legacy foreign agents may forward a Registration Request with home
agent field set to ALL-ZERO-ONE-ADDR by setting the destination IP agent field set to ALL-ZERO-ONE-ADDR by setting the destination IP
address to ALL-ZERO-ONE-ADDR. This will result packet being address to ALL-ZERO-ONE-ADDR. This will result packet being dropped
dropped or incidentally handled by a next hop HA, adjacent to the or incidentally handled by a next hop HA, adjacent to the FA.
FA.
Legacy Mobile Node: Legacy Mobile Node:
MN that does not set HA field to ALL-ZERO-ONE-ADDR will continue to A MN that does not set HA field to ALL-ZERO-ONE-ADDR will continue to
achieve its registrations through statically configured HA. In achieve its registrations through statically configured HA. In
collocated mode, the endpoint of the MN's tunnel is the Assigned collocated mode, the endpoint of the MN's tunnel is the Assigned HA.
HA.
11. Change Log from previous versions 11. Change Log from previous versions
Note: This section should be removed before publication.
Changes from revision 2 to 3:
1. More editorial changes suggested by the chair's reviews.
Changes from revision 1 to 2: Changes from revision 1 to 2:
1. Editorial changes suggested by the WG, the chair's reviews 1. Editorial changes suggested by the WG, the chair's reviews and
and idnits. idnits.
Changes from revision 0 to 1: Changes from revision 0 to 1:
1. Added subtype field in Redirected HA Address Extension. 1. Added subtype field in Redirected HA Address Extension.
2. Aligned the HA address at 4-byte world boundary. 2. Aligned the HA address at 4-byte world boundary.
3. The case of handling unicast HA field is removed in section 3. The case of handling unicast HA field is removed in section
5.3.1. 5.3.1.
12. Acknowledgements 12. Acknowledgements
The authors would like to thank Pete McCann for thorough review, The authors would like to thank Pete McCann for thorough review,
suggestions on security considerations and definition of ALL-ZERO- suggestions on security considerations and definition of ALL-ZERO-
ONE-ADDR. Thanks to Kuntal Chowdhury for extensive review and ONE-ADDR. Thanks to Kuntal Chowdhury for extensive review and
comments on this draft. Also thanks to Henrik Levkowetz for comments on this draft. Also thanks to Henrik Levkowetz for detailed
detailed reviews and suggestions. reviews and suggestions.
The authors would like to thank Mike Andrews, Madhavi Chandra and The authors would like to thank Mike Andrews, Madhavi Chandra and
Yoshi Tsuda for their review and suggestions. Yoshi Tsuda for their review and suggestions.
13. Normative References 13. Normative References
[1] C. Perkins, "IP Mobility Support for IPv4", RFC 3344, August [1] C. Perkins, "IP Mobility Support for IPv4", RFC 3344, August
2002. 2002.
[2] P. Calhoun and C. Perkins, "Mobile IP Network Access Identifier [2] P. Calhoun and C. Perkins, "Mobile IP Network Access Identifier
Extension for IPv4", RFC 2794, March 2000. Extension for IPv4", RFC 2794, March 2000.
skipping to change at page 21, line 18 skipping to change at page 21, line 24
170 W. Tasman Drive, 170 W. Tasman Drive,
San Jose, CA 95134 San Jose, CA 95134
USA USA
Email: kleung@cisco.com Email: kleung@cisco.com
Phone: +1 408-526-5030 Phone: +1 408-526-5030
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed Intellectual Property Rights or other rights that might be claimed to
to pertain to the implementation or use of the technology described pertain to the implementation or use of the technology described in
in this document or the extent to which any license under such this document or the extent to which any license under such rights
rights might or might not be available; nor does it represent that might or might not be available; nor does it represent that it has
it has made any independent effort to identify any such rights. made any independent effort to identify any such rights.
Information on the procedures with respect to rights in RFC Information on the procedures with respect to rights in RFC documents
documents can be found in BCP 78 and BCP 79. can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use attempt made to obtain a general license or permission for the use
of such proprietary rights by implementers or users of this of such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository specification can be obtained from the IETF on-line IPR repository
at http://www.ietf.org/ipr. at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention The IETF invites any interested party to bring to its attention
any copyrights, patents or patent applications, or other any copyrights, patents or patent applications, or other
proprietary rights that may cover technology that may be required proprietary rights that may cover technology that may be required to
to implement this standard. Please address the information to the implement this standard. Please address the information to the IETF
IETF at ietf-ipr@ietf.org. at ietf-ipr@ietf.org.
Disclaimer of Validity Disclaimer of Validity
This document and the information contained herein are provided on This document and the information contained herein are provided on an
an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
PARTICULAR PURPOSE.
Copyright Statement Copyright Statement
Copyright (C) The Internet Society (2003). This document is subject Copyright (C) The Internet Society (2003). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
Acknowledgement Acknowledgement
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/