MIP4 K. Leung Internet-Draft G. Dommety Intended status: Standards Track Cisco Systems Expires:
August 21,September 12, 2008 V. Narayanan Qualcomm, Inc. A. Petrescu Motorola February 18,March 11, 2008 Network Mobility (NEMO) Extensions for Mobile IPv4 draft-ietf-mip4-nemo-v4-base-10.txtdraft-ietf-mip4-nemo-v4-base-11.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 21,September 12, 2008. Copyright Notice Copyright (C) The IETF Trust (2008). Abstract This document describes a protocol for supporting Mobile Networks between a Mobile Router and a Home Agent by extending the Mobile IPv4 protocol. A Mobile Router is responsible for the mobility of one or more network segments or subnets moving together. The Mobile Router hides its mobility from the nodes on the mobile network. The nodes on the Mobile Network may be fixed in relationship to the Mobile Router and may not have any mobility function. Extensions to Mobile IPv4 are introduced to support Mobile Networks. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Examples of Mobile Networks . . . . . . . . . . . . . . . 3 1.2. Overview of Protocol . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 3. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 7 4. Mobile Network Extensions . . . . . . . . . . . . . . . . . . 8 4.1. Representing a Subnet . . . . . . . . . . . . . . . . . . 8 4.2.Mobile Network Request Extension . . . . . . . . . . . . . 9 4.3.8 4.2. Mobile Network Acknowledgement Extension . . . . . . . . . 109 5. Mobile Router Operation . . . . . . . . . . . . . . . . . . . 1311 5.1. Error Processing . . . . . . . . . . . . . . . . . . . . . 1412 5.2. Mobile Router Management . . . . . . . . . . . . . . . . . 1412 6. Home Agent Operation . . . . . . . . . . . . . . . . . . . . . 1513 6.1. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 1513 6.2. Data Structures . . . . . . . . . . . . . . . . . . . . . 1614 6.2.1. Registration Table . . . . . . . . . . . . . . . . . . 1614 6.2.2. Prefix Table . . . . . . . . . . . . . . . . . . . . . 1614 6.3. Mobile Network Prefix Registration . . . . . . . . . . . . 1614 6.4. Advertising Mobile Network Reachability . . . . . . . . . 1816 6.5. Establishment of Bi-directional Tunnel . . . . . . . . . . 1816 6.6. Sending Registration Replies . . . . . . . . . . . . . . . 1817 6.7. Mobile Network Prefix De-registration . . . . . . . . . . 1917 7. Data Forwarding Operation . . . . . . . . . . . . . . . . . . 1917 8. Nested Mobile Networks . . . . . . . . . . . . . . . . . . . . 2018 9. Routing Protocol between Mobile Router and Home Agent . . . . 2018 10. Security Considerations . . . . . . . . . . . . . . . . . . . 2119 10.1. Security when Dynamic Routing Protocol is Used . . . . . . 2220 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 2220 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 2422 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 2523 13.1. Normative References . . . . . . . . . . . . . . . . . . . 2523 13.2. Informative References . . . . . . . . . . . . . . . . . . 2624 Appendix A. ChangeLog . . . . . . . . . . . . . . . . . . . . . . 2624 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 3028 Intellectual Property and Copyright Statements . . . . . . . . . . 3230 1. Introduction This document describes network mobility extensions to the Mobile IPv4 protocol. The goal of introducing these extensions is to acommodate mobility scenarios where groups of hosts and routers move homogeneously (as a whole). It is required that all hosts and routers in a mobile network be able to run applications connecting to the Internet, and to be reachable from the Internet. For details regarding terminology related to network mobility (NEMO), the gentle reader is suggested a quick read of RFC 4885 [RFC4885]. 1.1. Examples of Mobile Networks A mobile network links together a set of hosts and routers. Connecting this mobile network to the Internet is ensured at two levels: first, a Mobile Router is connected on one side to the Mobile Network and on another side to a wireless access system; second, a Home Agent placed on the home link manages traffic between the Correspondent Node and a Local Fixed Node (LFN, a node in the mobile network) by means of encapsulating traffic. A scenario of applicability for this mobile network is described next. A mobile network is formed by a wireless-enabled Personal Digital Assistant (PDA) and a portable photographic camera, linked together by Bluetooth wireless link-layer technology. This is sometimes referred to as a Personal Area Network (PAN). In the illustration below one can notice the PDA playing the role of a Mobile Router and the camera the role of Local Fixed Node: ---- | HA | ---- -------- | / \ ---- -+--------| Internet |---------| CN | \ / ---- -------- / \ / \ / \ ---- ---- | AR | | AR | ---- ---- |cellular |cellular / |cellular | ---- ---- Mobile | | MR | |LFN | ---movement--> Network < ---- ---- | | | | -+-----------+- \ Bluetooth The camera (Local Fixed Node) uploads photographic content to a Correspondent Node (CN) server. When the mobile network moves away, the Mobile Router serving the mobile network changes its point of attachment from one cellular access (Access Router) to another, obtaining a new Care-of Address. The Home Agent (HA) encapsulates application traffic for CN and LFN. Whereas the illustration above is a very simple instantiation of the applicability of Mobile IP-based mobile networks, more complex mobile networks are easily acommodated by the Mobile IPv4 extensions presented in this document (NEMOv4). For example, laptop computers used by passengers in a bus, train, ship or in a plane should all be considered as forming mobile networks, as long as they move together (homogeneously). 1.2. Overview of Protocol As introduced previously, this document presents extensions to the Mobile IPv4 protocol. The entities sending and receiving these extensions are the Mobile Router and the Home Agent. The Local Fixed Node is relieved from running Mobile IP software and, although it moves (together with the mobile network), its IP stack is not seing any change in addressing. Mobility for the entire Mobile Network is supported by the Mobile Router registering its current point of attachment (Care-of Address) to its Home Agent: Mobile Router sends an extended Registration Request to Home Agent which returns an extended Registration Reply. This signaling sets up the tunnel between the two entities, as illustrated in the following figure: LFN MR HA CN | | | | | | Extended Registration | | | |---------------------->| | | | Request | | | | | | | | | | | | Extended Registration | | | |<----------------------| | | | Reply | | | | | | |<--------o=======================o-------->| | | Encapsulated | | | | Application Traffic | | | | | | The prefix(es) used within a Mobile Network (either implicitly configured on the Home Agent or explicitly identified by the Mobile Router in the Registration Request) is/are advertised by the Home Agent for route propagation in the home network. Traffic to and from nodes in the Mobile Network are tunelled by the Home Agent to the Mobile Router, and vice versa. Though packets from a Local Fixed Node placed in the Mobile Network can be forwarded by the Mobile Router directly without tunneling (if reverse tunneling were not used) these packets will be dropped if ingress filtering is turned on at the Access Router. Extensively relating to Mobile IPv4 RFC 3344 [RFC3344], this specification addresses mainly the co-located Care-of Address mode. Foreign Agent Care-of Address mode (with 'legacy' Foreign Agents, RFC 3344 [RFC3344]) are supported but without optimization, double encapsulation being used. For an optimization of this mode, the gentle reader is directed to an extension document [I-D.ietf-mip4-nemov4-fa]. Compared to Mobile IPv4, this document specifies an additional tunnel between a Mobile Router's Home Address and the Home Agent. This tunnel is encapsulated within the normal tunnel between the Care-of Address (CoA) and Home Agent. In Foreign Agent CoA mode, the tunnel between the Mobile Router and Home Agent is needed to allow the Foreign Agent to direct the decapsulated packet to the proper visiting Mobile Router. However, in Collocated CoA mode, the additional tunnel is not essential and could be eliminated because the Mobile Router is the recipient of the encapsulated packets for the Mobile Network; a proposal for this feature is in a further extending document [I-D.ietf-mip4-nemov4-fa]. All traffic between the nodes in the Mobile Network and Correspondent Nodes passes through the Home Agent. This document does not touch on aspects related to route optimization of this traffic. A similar protocol has been documented in RFC 3963 [RFC3963] for supporting IPv6 mobile networks with Mobile IPv6 extensions. Multihoming for Mobile Routers is outside the scope of this document. 2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Terminology for Mobile IPv4 mobility support is defined in RFC 3344 [RFC3344]. Terminology for network mobility support (NEMO), from an IPv6 perspective, is described in RFC 4885 [RFC4885]. In addition, this document defines the following terms for NEMOv4. Mobile Router RFC 3344 [RFC3344] defines a Mobile Router as a mobile node that can be a router that is responsible for the mobility of one or more entire networks moving together, perhaps on an airplane, a ship, a train, an automobile, a bicycle, or a kayak. Mobile Network Prefix The network prefix of the subnet delegated to a Mobile Router as the Mobile Network. Prefix Table A list of Mobile Network Prefixes indexed by the Home Address of a Mobile Router. The Home Agent manages and uses Prefix Table to determine which Mobile Network Prefixes belong to a particular Mobile Router. Local Fixed Node RFC 4885 [RFC4885] defines a Local Fixed Node (LFN) to be a fixed node belonging to the mobile network and unable to change its point of attachment. This definition should not be confused with "Long, Fat Network, LFN" of RFC 1323 [RFC1323], at least because this latter is pronounced "elephan(t)" whereas a NEMO LFN is distinctively pronounced "elefen". 3. Requirements Although the original Mobile IPv4 specifications stated that Mobile Networks can be supported by the Mobile Router and Home Agent using static configuration or running a routing protocol (see Section 4.5 of RFC 3344 [RFC3344]), there is no solution for explicit registration of the Mobile Networks served by the Mobile Router. A solution needs to provide the Home Agent a means to ensure that a Mobile Router claiming a certain Mobile Network Prefix is authorized to do so. A solution would also expose the Mobile Network Prefixes (and potentially other subnet-relevant information) in the exchanged messages, to aid in network debugging. The following requirements for Mobile Network support are enumerated: o A Mobile Router should be able to operate in explicit or implicit mode. A Mobile Router may explicitly inform the Home Agent which Mobile Network(s) need to be propagated via a routing protocol. A Mobile Router may also function in implicit mode, where the Home Agent may learn the mobile networks through other means, such as from the AAA server, via pre-configuration, or via a dynamic routing protocol. o The Mobile Network should be supported using Foreign Agents that are compliant to RFC 3344 [RFC3344] without any changes ('legacy' Foreign Agents). o The mobile network should allow Fixed Nodes, Mobile Nodes, or Mobile Routers to be on it. o The Local Fixed Nodes on a mobile network should be able to execute their sessions without running themselves Mobile IP stacks. The Mobile Router managing the LFNs' mobile network is 'hiding' mobility events like the changes of the Care-of Address from the Local Fixed Nodes in that mobile network. 4. Mobile Network Extensions 4.1. Representing a Subnet Since the protocol extensions presented in this document concentrate on treatment of prefixes, subnets and network masks it is important to choose an all-encompassing wire representation of subnets, as generic as possible. A subnet can easily be represented as address/prefix length, as in 192.0.2.0/24. This is interpreted as the subnet being the first leftmost 24 bits of the address 192.0.2.0, i.e. 192.0.2. This representation corresponds to an underlying forwarding system which uses longest-prefix match rules. It is typically in widespread deployment in the Internet. In a Mobile Network Extension, this representation is expressed by the tuple of Prefix and Prefix Length fields. On another hand, some forwarding systems don't use longest-prefix match rules. In these cases it is important to provide the more generic way of representing subnets by using non-contiguous sets of 1bits as netmasks. For example, 255.255.0.255 is a perfectly legal netmask which, when applied to an address like 192.0.2.1 gives the network part 192.0.x.1, the third 'x' byte acting alone as the host part. In a Mobile Network Extension, this non-contiguous netmask representation is expressed by the tuple of Prefix and Optional Netmask fields (Prefix Length field being ignored). The two representation methods (address/prefix and address/netmask) are alternative and only one method of representation is used by a Mobile Network Extension. Representing the subnet as address/prefix has the advantage of a more compact encoding (40bits) whereas the address/netmask requires 64bits. Hence it is suggested as a default. However, representing the subnet as address/netmask gives more applicability of NEMOv4 extensions to forwarding systems where more complex forwarding schemes are used. 4.2.Mobile Network Request Extension For Explicit Mode, the Mobile Router informs the Home Agent about the Mobile Network Prefixes during registration. The Registration Request contains zero, one or several Mobile Network Request extensions in addition to any other extensions defined by or in the context of RFC 3344 [RFC3344]. When several Mobile Networks are needed to be registered, each is included in a separate Mobile Network Request extension, with its own Type, Length, Sub-Type, Prefix Length, PrefixLength and optionally the Optional Netmask fields. For a discussion of the subnet encoding see Section 4.1.Prefix. A Mobile Network Request extension is encoded in Type-Length-Value (TLV) format and respects the following ordering: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Sub-Type | Prefix Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Prefix | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Optional Netmask | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+Type: Mobile Network Extension (skippable type range to be assigned by IANA). Length: Decimal 6 or decimal 10, not any other. If the masking is expressed as Prefix/Prefix Length (e.g. 192.0.2.1/24), the value of this Length field is decimal 6 and the Optional Netmask field is absent. If the masking is expressed as Prefix and Netmask (e.g. 192.0.2.1 255.255.0.255) then the value of this Length field is decimal 10, the Optional Netmask field is present and the value of the Prefix Length field is set to all-zero by sender and ignored by receiver.6. Sub-Type: TBA (Mobile Network Request) Prefix Length: 8-bit unsigned integer indicating the number of leftmost bits covering the network part of the address contained in the Prefix field. If the Optional Netmask field is present then this field is set to all-zero by sender and ignored by receiver. Prefix: 32-bit unsigned integer in network byte-order containing an IPv4 address. If the Optional Netmask field is absent then the first Prefix Length bits make up the Mobile Network Prefix. Otherwise the Mobile Network Prefix is obtained by masking this IPv4 address with the value of the Optional Netmask field. Optional Netmask: 32-bit unsigned integer in network byte-order containing an IPv4 netmask. For example '255.255.0.255'. This field is present when the subnet masking needs to be expressed as a non-contiguous set of 1 bits. Otherwise it is absent. If the Optional Netmask is present thenunsigned integer indicating the valuenumber of leftmost bits covering the network part of the fieldaddress contained in the Prefix field. Prefix: 32-bit unsigned integer in network byte-order containing an IPv4 address whose leftmost Prefix Length is set to all-zero by sender and ignored by receiver. 4.3.bits make up the Mobile Network Prefix. 4.2. Mobile Network Acknowledgement Extension The Registration Reply contains zero, one or several Mobile Network Acknowledgement extensions in addition to any other extensions defined by or in the context of RFC 3344 [RFC3344]. For Implicit Mode, the Mobile Network Acknowledgement informs the Mobile Router the prefixes for which the Home Agent sets up forwarding with respect to this Mobile Router. Policies such as permitting only traffic from these Mobile Networks to be tunneled to the Home Agent may be applied by the Mobile Router. For Explicit Mode, when several Mobile Networks are needed to be acknowledged explicitly, each is included in a separate Mobile Network Acknowledgement extension, with its own Type, Sub-Type, Length, Prefix,Prefix Lengthand optionally the Optional NetmaskPrefix Length fields. For a discussion of the subnet encoding see Section 4.1.At least one Mobile Network Acknowledgement extension MUST be in a successful Registration Reply to indicate to the Mobile Router that the Mobile Network Request extension was processed, thereby not skipped by the Home Agent. A Registration Reply may contain any non-zero number of Explicit Mode and Implicit Mode Acknowledgements sub-types. Both sub-types can be present in a single Registration Reply. A Mobile Network Acknowledgement extension is encoded in Type-Length-Value (TLV) format. When the registration is denied with Code HA_MOBNET_ERROR (Code field in the Registration Reply), the Code field in the included Mobile Network Extension provides the reason for the failure. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Sub-Type | Code | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Prefix Length | Reserved | Prefix... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ...Prefix | Optional Netmask... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ...Optional Netmask |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type: TBA Mobile Network Extension (skippable type range to be assigned by IANA). Length: Decimal 8 or decimal 12, not any other. If the masking is expressed as Prefix/Prefix Length (e.g. 192.0.2.1/24), the value of this Length field is decimal 8 and the Optional Netmask field is absent. If the masking is expressed as Prefix and Netmask (e.g. 192.0.2.1 255.255.0.255) then the value of this Length field is decimal 12, the Optional Netmask field is present and the value of the Prefix Length field set to all-zero by sender and ignored by receiver.8. Sub-Type: TBA (Explicit Mode Acknowledgement) TBA (Implicit Mode Acknowledgement) Code: Value indicating success or failure: TBA Success TBA Invalid prefix (MOBNET_INVALID_PREFIX_LEN) TBA Mobile Router is not authorized for prefix (MOBNET_UNAUTHORIZED) TBA Forwarding setup failed (MOBNET_FWDING_SETUP_FAILED) Prefix Length: 8-bit unsigned integer indicating the number of leftmost bits covering the network part of the address contained in the Prefix field. If the Optional Netmask field is present then this field is set to all-zero by sender and ignored by receiver.Reserved: Sent as zero; ignored on reception. Prefix: 32-bit unsigned integer in network byte-order containing an IPv4 address. If the Optional Netmask field is absent then the firstaddress whose leftmost Prefix Length bits make up the Mobile Network Prefix. Otherwise the Mobile Network Prefix is obtained by masking this IPv4 address with the value of the Optional Netmask field. Optional Netmask: 32-bit unsigned integer in network byte-order containing an IPv4 netmask. For example '255.255.0.255'. This field is present when the subnet masking needs to be expressed as a non-contiguous set of 1 bits. Otherwise it is absent. If the Optional Netmask is present then the value of the field Prefix Length is set to all-zero by sender and ignored by receiver.5. Mobile Router Operation A Mobile Router's operation is generally derived from the behavior of a Mobile Node, as set in RFC 3344 [RFC3344]. In addition to maintaining mobility bindings for its Home Address, the Mobile Router, together with the Home Agent, maintains forwarding information for the Mobile Network Prefix(es) assigned to the Mobile Router. A Mobile Router SHOULD set the 'T' bit to 1 in all Registration Request messages it sends to indicate the need for reverse tunnels for all traffic. Without reverse tunnels, all the traffic from the mobile network will be subject to ingress filtering in the visited networks. Upon reception of a successful Registration Reply, the Mobile Router processes the registration in accordance to RFC 3344 [RFC3344]. In addition, the following steps are taken: o Check for Mobile Network Acknowledgement extension(s) in Registration Reply o Create tunnel to the Home Agent if registered in reverse tunneling mode o Set up default route via this tunnel or egress interface when registered with or without reverse tunneling, respectively In accordance with this specification, a Mobile Router may operate in one of the following two modes: explicit and implicit. In explicit mode, the Mobile Router includes Mobile Network Prefix information in all Registration Requests (as Mobile Network Request extensions), while in implicit mode it does not include this information in any Registration Request. In this latter case, the Home Agent obtains the Mobile Network Prefixes by other means than Mobile IP. One example of obtaining the Mobile Network Prefix is through static configuration on the Home Agent. A Mobile Router can obtain a Collocated or Foreign Agent Care-of Address while operating in explicit or implicit modes. For de-registration, the Mobile Router sends a registration request with lifetime set to zero without any Mobile Network Request extensions. 5.1. Error Processing In a Mobile IP Registration Reply message there may be two Code fields: one proper to the Registration Reply header (the 'proper' Code) and one within the Mobile Network Acknowledgement Extension (simply the 'Code'). A Mobile Router interprets the values of the Code field in the Mobile Network Acknowledgement Extension of the Registration Reply in order to identify any error related to managing the Mobile Network Prefixes by the Home Agent. It also interprets the values of the Code field in the Registration Reply header (the proper Code). If the value of the Code field in the Registration Reply (the proper) is set to HA_MOBNET_DISALLOWED, then the Mobile Router MUST stop sending Registration Requests with any Mobile Network Prefix extensions to that Home Agent. If the value of the Code field in the Registration Reply (the proper) is set to HA_MOBNET_ERROR then the Mobile Router MUST stop sending Registration Requests that contain any of the Mobile Network Prefixes that are defined by the values of the fields Prefix and Prefix Length in the Mobile Network Acknowledgement extension. Note that the registration is denied in this case and no forwarding for any Mobile Network Prefixes would be set up by the Home Agent for the Mobile Router. It is possible that the Mobile Router receives a Registration Reply with no mobile network extensions if the registration was processed by a Mobile IPv4 home agent that does not support this specification at all. In that case, the absence of mobile network extensions must be interpreted by the Mobile Router as the case where the Home Agent does not support mobile networks. All the error code values are TBA (To Be Assigned) subject to IANA allocation. 5.2. Mobile Router Management Operating a Mobile Router in a Mobile IPv4 environment has certain requirements on the management of the necessary initial configuration and supervision of the ongoing status information. Mobile Router maintenance indicators may need to be exposed in a manner consistent with other Mobile IPv4 indicators. The objects for the Management Information Base (MIB) for Mobile IPv4 are defined in RFC 2006 [RFC2006]. The structure of the basic model of Mobile IP protocol describes three entities: Mobile Node, Home Agent and Foreign Agent. In addition to these entities this document proposes a functional entity to be the Mobile Router. The necessary initial configuration at a NEMOv4-enabled Home Agent includes, but is not limited to, the contents of the Prefix Table. The Mobile Router MAY need to store the Mobile Network Prefixes as the initial configuration. The definition of MIB objects related to Mobile Router and of a NEMOv4-enabled Home Agent is outside the scope of this document. 6. Home Agent Operation 6.1. Summary A Home Agent MUST support all the operations specified in RFC 3344 [RFC3344] for Mobile Node support. The Home Agent MUST support both implicit and explicit modes of operation for a Mobile Router. The Home Agent processes the registration in accordance to RFC 3344 [RFC3344], which includes route set up to the Mobile Router's Home Address via the tunnel to the Care-of Address. In addition, for a Mobile Router registering in explicit mode, the following steps are taken: 1. Check that the Mobile Network Prefix information is valid 2. Ensure the Mobile Network Prefix(es) is or are authorized to be on the Mobile Router 3. Create tunnel to the Mobile Router if it does not already exist 4. Set up route for the Mobile Network Prefix via this tunnel 5. Propagate Mobile Network Prefix routes via routing protocol if necessary 6. Send the Registration Reply with the Mobile Network Acknowledgement extension(s) If there are any subnet routes via the tunnel to the Mobile Router that are not specified in the Mobile Network extensions, these routes are removed. In the case where the Mobile Node is not permitted to act as a Mobile Router, the Home Agent sends a Registration Reply message whose Code field is HA_MOBNET_DISALLOWED (the proper Code field of the Registration Reply). For a Mobile Router registering in implicit mode, the Home Agent performs steps 3-6 above, once the registration request is processed successfully. For deregistration, the Home Agent removes the tunnel to the Mobile Router and all routes using this tunnel. The Mobile Network extensions are ignored. 6.2. Data Structures 6.2.1. Registration Table The Registration Table in the Home Agent, in accordance with RFC 3344 [RFC3344], contains binding information for every Mobile Node registered with it. RFC 3344 [RFC3344] defines the format of a Registration Table. In addition to all the parameters specified by RFC 3344 [RFC3344], the Home Agent MUST store the Mobile Network Prefixes associated with the Mobile Router in the corresponding registration entry, when the corresponding registration was performed in explicit mode. When the Home Agent is advertising reachability to Mobile Network Prefixes served by a Mobile Router, the information stored in the Registration Table can be used. 6.2.2. Prefix Table The Home Agent must be able to authorize a Mobile Router for use of Mobile Network Prefixes when the Mobile Router is operating in explicit mode. Also, when the Mobile Router operates in implicit mode, the Home Agent must be able to locate the Mobile Network Prefixes associated with that Mobile Router. The Home Agent may store the Home Address of the Mobile Router along with the mobile network prefixes associated with that Mobile Router. If the Mobile Router does not have a Home Address assigned, this table may store the NAI RFC 2794 [RFC2794] of the Mobile Router that will be used in dynamic Home Address assignment. 6.3. Mobile Network Prefix Registration The Home Agent must process registration requests coming from Mobile Routers in accordance with this section. The document RFC 3344 [RFC3344] specifies that the Home Address of a mobile node registering with a Home Agent must belong to a prefix advertised on the home network. In accordance with this specification, however, the Home Address must be configured from a prefix that is served by the Home Agent, not necessarily the one on the home network. If the registration request is valid, the Home Agent checks to see if there are any Mobile Network Prefix extensions included in the Registration Request. If so, the Mobile Network Prefix information is obtained from the included extensions, and the Home Address from the Home Address field of the Registration Request. For every Mobile Network Prefix extension included in the registration request, the Home Agent MUST perform a check against the Prefix Table. If the Prefix Table does not contain at least one entry pairing that Home Address to that Mobile Network Prefix then the check fails, otherwise it succeeds. Following this check against the Prefix Table, the Home Agent MUST construct a Registration Reply containing Mobile Network Acknowledgement extensions. For a Mobile Network Prefix for which the check was unsuccessful the Code field in the corresponding Mobile Network Acknowledgement extension should be set to MOBNET_UNAUTHORIZED. For a Mobile Network Prefix for which the check was successful the Code field in the respective Mobile Network Acknowledgement extensions should be set to 0. The Home Agent MUST attempt to set up forwarding for each Mobile Network Prefix extension for which the Prefix Table check was successful. If the forwarding setup fails for a particular Mobile Network Prefix (for reasons when, for example, there is not enough memory available, or not enough devices available, or other reason) the Code field in the respective Mobile Network Acknowledgement extension should be set to MOBNET_FWDING_SETUP_FAILED. If forwarding and setup was successful for at least one Mobile Network Prefix then the Code field (proper) of the Registration Reply message should be set to 0. Otherwise, when forwarding and setup was unsuccessful for each and every Mobile Network Prefixes, that Code (proper) should be HA_MOBNET_ERROR. If the registration request is sent in implicit mode, i.e., without any Mobile Network Request extension, the Home Agent may use pre- configured mobile network prefix information for the Mobile Router to set up forwarding. If the Home Agent is updating an existing binding entry for the Mobile Router, it MUST check all the prefixes in the registration table against the prefixes included in the registration request. If one or more mobile network prefix is missing from the included information in the registration request, it MUST delete those prefixes from the registration table. Also, the Home Agent MUST disable forwarding for those prefixes. If all checks are successful, the Home Agent either creates a new entry for the Mobile Router or updates an existing binding entry for it and returns a successful registration reply back to the Mobile Router or the Foreign Agent (if the registration request was received from a Foreign Agent). In accordance with RFC 3344 [RFC3344], the Home Agent does proxy ARP for the Mobile Router Home Address, when the Mobile Router Home Address is derived from the home network. If the 'T' bit is set, the Home Agent creates a bi-directional tunnel for the corresponding mobile network prefixes or updates the existing bi-directional tunnel. This tunnel is maintained independent of the reverse tunnel for the Mobile Router home address itself. 6.4. Advertising Mobile Network Reachability If the mobile network prefixes served by the Home Agent are aggregated with the home network prefix and if the Home Agent is the default router on the home network, the Home Agent does not have to advertise the Mobile Network Prefixes. The routes for the Mobile Network Prefix are automatically aggregated into the home network prefix (it is assumed that the Mobile Network Prefixes are automatically aggregated into the home network prefix). If the Mobile Router updates the mobile network prefix routes via a dynamic routing protocol, the Home Agent SHOULD propagate the routes on the appropriate networks. 6.5. Establishment of Bi-directional Tunnel The Home Agent creates and maintains a bi-directional tunnel for the mobile network prefixes of a Mobile Router registered with it. A home agent supporting IPv4 Mobile Router operation MUST be able to forward packets destined to the mobile network prefixes served by the Mobile Router to its Care-of Address. Also, the Home Agent MUST be able to accept packets tunneled by the Mobile Router with the source address of the outer header set to the Care-of Address of the Mobile Router and that of the inner header set to the Mobile Router's Home Address or an address from one of the registered mobile network prefixes. 6.6. Sending Registration Replies The Home Agent MUST set the status code in the registration reply to 0 to indicate successful processing of the registration request and successful set up of forwarding for at least one mobile network prefixes served by the Mobile Router. The registration reply MUST contain at least one Mobile Network Acknowledgement extension. If the Home Agent is unable to set up forwarding for one or more mobile network prefixes served by the Mobile Router, it MUST set the Mobile Network Acknowledgement Extension status Code in the registration reply to MOBNET_FWDING_SETUP_FAILED. When the prefix length is zero (and the Optional Netmask field is absent)or greater than decimal 32, the status Code MUST be set to MOBNET_INVALID_PREFIX_LEN. If the Mobile Router is not authorized to forward packets to a mobile network prefixes included in the request, the Home Agent MUST set the Code to MOBNET_UNAUTHORIZED. 6.7. Mobile Network Prefix De-registration If the received registration request is for de-registration of the Care-of Address, the Home Agent, upon successful processing of it, MUST delete the entry(ies) from its registration table. The home agent tears down the bi-directional tunnel and stops forwarding any packets to/from the Mobile Router. The Home Agent MUST ignore any included Mobile Network Request extension in a de-registration request. 7. Data Forwarding Operation For traffic to the nodes in the Mobile Network, the Home Agent MUST perform double tunneling of the packet, if the Mobile Router had registered with a Foreign Agent Care-of Address. In this case, the Home Agent MUST encapsulate the packet with tunnel header (source IP address set to Home Agent and destination IP address set to Mobile Router's Home Address) and then encapsulate one more time with tunnel header (source IP address set to Home Agent and destination IP address set to CoA). For optimization, the Home Agent SHOULD only encapsulate the packet with the tunnel header (source IP address set to Home Agent and destination IP address set to CoA) for Collocated CoA mode. When a Home Agent receives a packet from the mobile network prefix in the bi-directional tunnel, it MUST de-encapsulate the packet and route it as a normal IP packet. It MUST verify that the incoming packet has the source IP address set to the Care-of Address of the Mobile Router. The packet MUST be dropped if the source address is not set to the Care-of Address of the Mobile Router. For traffic from the nodes in the Mobile Network, the Mobile Router encapsulates the packet with a tunnel header (source IP address set to Mobile Router's Home Address and destination IP address set to Home Agent) if reverse tunnel is enabled. Otherwise, the packet is routed directly to the Foreign Agent or access router. In Collocated CoA mode, the Mobile Router MAY encapsulate one more times with a tunnel header (source IP address set to the CoA and destination IP address set to Home Agent). 8. Nested Mobile Networks Nested Network Mobility is a scenario where a Mobile Router allows another Mobile Router to attach to its Mobile Network. There could be arbitrary levels of nested mobility. The operation of each Mobile Router remains the same whether the Mobile Router attaches to another Mobile Router or to a fixed Access Router on the Internet. The solution described here does not place any restriction on the number of levels for nested mobility. Two issues should be noted though. First, whenever physical loops occur in a nested aggregation of mobile networks this protocol does neither detect nor solve them - datagram forwarding may be blocked. Second, Mobile Routers in a deep nested aggregation of mobile networks might introduce significant overhead on the data packets as each level of nesting introduces another tunnel header encapsulation. Applications that do not support MTU discovery are adversely affected by the additional header encapsulations, because the usable MTU is reduced with each level of nesting. 9. Routing Protocol between Mobile Router and Home Agent There are several benefits of running a dynamic routing protocol between the Mobile Router and the Home Agent. If the mobile network is relatively large, including several wireless subnets, then the topology changes within the moving network can be exposed from the Mobile Router to the Home Agent by using a dynamic routing protocol. The purpose of the NEMOv4 protocol extensions to Mobile IPv4, as defined in previous sections, is not to inform the Home Agent about these topology changes, but to manage the mobility of the Mobile Router. Similarly, topology changes in the home network can be exposed to the Mobile Router by using a dynamic routing protocol. This may be necessary when new fixed networks are added in the home network. Here too, the purpose of NEMOv4 extensions is not to inform the Mobile Router about topology changes at home. Examples of dynamic routing protocol include but are not limited to OSPF Version 2 RFC 2328 [RFC2328], BGP RFC 4271 [RFC4271] and RIP RFC 2453 [RFC2453]. The recommendations are related to how the routing protocol and the Mobile IPv4 implementation work in tandem on the Mobile Router and on the Home Agent (1) without creating incoherent states in the forwarding information bases at home and on the Mobile Router, (2) without introducing topologically incorrect addressing information in the visited domain and (3) efficiently avoid duplication of sent data or over-provisioning of security. The information exchanged between the Mobile Router and the Home Agent is sent over the bi-directional tunnel established by the Mobile IPv4 exchange Registration Request - Registration Reply (see Section 6.5). If a network address and prefix about a subnet in the moving network is sent by the Mobile Router within a routing protocol message then they SHOULD NOT be sent in the Mobile IPv4 Registration Request too, in order to avoid incoherencies in the forwarding information bases. The Mobile Router SHOULD use NEMOv4 implicit mode in this case (see Section 3). The Mobile Router SHOULD NOT send routing protocol information updates in the foreign network. The subnet addresses and prefixes valid in the moving network are topologically incorrect in the visited network. If the Mobile Router and the Home Agent use a dynamic routing protocol over the tunnel interface, and if that protocol offers security mechanisms to protect that protocol's messages, then the security recommendations in Section 10.1 apply. 10. Security Considerations The Mobile Network extension is protected by the same rules for Mobile IP extensions in registration messages. See the Security Considerations section in RFC 3344 [RFC3344]. The Home Agent MUST be able to verify that the Mobile Router is authorized to provide mobility service for the Mobile Networks in the registration request, before anchoring these Mobile Network Prefixes on behalf of the Mobile Router. Forwarding for prefixes MUST NOT be set up without successful authorization of the Mobile Router for those prefixes. A registration failure MUST be notified to the mobile router when it cannot be successfully authorized for prefixes requested by it. All registration requests and replies MUST be authenticated by the MN-HA Authentication Extension as specified in RFC 3344 [RFC3344]. When the registration request is sent in explicit mode, i.e., with one or more Mobile Network Prefix extensions, all the Mobile Network Prefix extensions MUST be included before the MN-HA Authentication extension. Also, these extensions MUST be included in the calculation of the MN-HA authenticator value. The Mobile Router should perform ingress filtering on all the packets received on the mobile network prior to reverse tunneling them to the Home Agent. The Mobile Router MUST drop any packets that do not have a source address belonging to the mobile network. The Mobile Router MUST also ensure that the source address of packets arriving on the mobile network is not the same as the Mobile Router's IP address on any interface. These checks will protect against nodes attempting to launch IP spoofing attacks through the bi-directional tunnel. The Home Agent, upon receiving packets through the bi-directional tunnel, MUST verify that the source addresses of the outer IP header of the packets are set to the Mobile Router's care-of-address. Also, it MUST ensure that the source address of the inner IP header is a topologically correct address on the mobile network. This will prevent nodes from using the Home Agent to launch attacks inside the protected network. 10.1. Security when Dynamic Routing Protocol is Used If a dynamic routing protocol is used between the Mobile Router and the Home Agent to propagate the mobile network information into the home network, the routing updates SHOULD be protected with IPsec ESP confidentiality between the Mobile Router and Home Agent, to prevent information about home network topology from being visible to eavesdroppers. 11. IANA Considerations IANA to assign rules for the existing registry "Mobile IPv4 numbers - per RFC 3344". The numbering space for Extensions that may appear in Mobile IP control messages (those sent to and from UDP port number 434) should be modified. The new Values and Names for the Type for Extensions appearing in Mobile IP control messages are the following: +-------+---------------------------------------------------+ | Value | Name | +-------+---------------------------------------------------+ | TBA | Mobile Network Extension (To Be Assigned by IANA) | +-------+---------------------------------------------------+ Table 1: New Values and Names for Extensions in Mobile IP Control Messages A new number space should be created for the Values and Names for the Sub-Type for Mobile Network Extensions. This number space is initially defined to hold the following entries, allocated by this document: +-------+-----------------------------------------+ | Value | Name | +-------+-----------------------------------------+ | TBA | Mobile Network Request Extension | | TBA | Explicit Mode Acknowledgement Extension | | TBA | Implicit Mode Acknowledgement Extension | +-------+-----------------------------------------+ Table 2: New Values and Names for the Sub-Type for Mobile Network Extensions The policy of future assignments to this number space should be following Standards Action or IESG Approval (see [RFC2434]). The new Code Values for Mobile IP Registration Reply messages are the following (for a registration denied by the Home Agent): +-------+-----------------------------------------------------------+ | Value | Name | +-------+-----------------------------------------------------------+ | TBA | Mobile Network Prefix operation error (HA_MOBNET_ERROR) | | TBA | Mobile Router operation is not permitted | | | (HA_MOBNET_DISALLOWED) | +-------+-----------------------------------------------------------+ Table 3: New Code Values for Mobile IP Registration Reply A new number space should be created for the Code Values for the Mobile Network Acknowledgement Extension. This number space is initially defined to hold the following entries, allocated by this document (result of registration, as sent by the Home Agent): +-----+-------------------------------------------------------------+ | TBA | Success | | TBA | Invalid prefix length (MOBNET_INVALID_PREFIX_LEN) | | TBA | Mobile Router is not authorized for prefix | | | (MOBNET_UNAUTHORIZED) | | TBA | Forwarding setup failed (MOBNET_FWDING_SETUP_FAILED) | +-----+-------------------------------------------------------------+ Table 4: New Code Values for Mobile Network Acknowledgement Extension The policy of future assignments to this number space should be following Standards Action or IESG Approval (see [RFC2434]). The current non-modified numbering spaces could be consulted at the URL http://www.iana.org/assignments/mobileip-numbers (contents last updated 2007-12-20 and last browsed 2008-01-04). 12. Acknowledgements The authors would like to thank Christophe Janneteau, George Popovich, Ty Bekiares, Ganesh Srinivasan, Alpesh Patel, Ryuji Wakikawa, George Tsirtsis, and Henrik Levkowetz for their helpful discussions, reviews and comments. Vijay Devarapalli extensively reviewed one of the later versions of the draft. Hans Sjostrand (Hans Sj\"ostrand) identified the last clarifications with respect to Foreign Agent mode treatment. Pete McCann contributed necessary refinements of many statements. Mobile IPv4 versions as early as 1996 (RFC 2002) described Mobile Networks and Mobile Routers support. Charles Perkins. Fred Templin indicated the potential confusion for the term "LFN". Amanda Baber of IANA agreed on the principles of allocating numbers for this specification and suggested improvements on the IANA section. Tim Polk of IESG identified a deeply entrenched error on managing the Code fields. Lars Eggert of IESG suggested the acommodation of the otherwise legal non-contiguous netmask fields, instead of simply prefix lengths. Dan Romascanu of IESG indicated the necessity of manageability of Mobile Routers and NEMOv4-enabled Home Agents and their deployability in MIP4 environments. David Borman of TSV-DIR reviewed this document as part of the transport area directorate's ongoing effort to review key IETF documents. The implications of the growth of usable MTU adversely affecting applications deep in a mobile network were suggested. Gonzalo Camarillo provided a generalist review by an additional set of eyes for documents as they are being considered for publication (General Area Review Team). Jari Arkko of IESG reviewed, suggested necessary improvements to, and diligently shepherded this document through IESG. 13. References 13.1. Normative References [RFC1323] Jacobson, V., Braden, B., and D. Borman, "TCP Extensions for High Performance", RFC 1323, May 1992. [RFC2006] Cong, D., Hamlen, M., and C. Perkins, "The Definitions of Managed Objects for IP Mobility Support using SMIv2", RFC 2006, October 1996. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. [RFC2434] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998. [RFC2453] Malkin, G., "RIP Version 2", STD 56, RFC 2453, November 1998. [RFC2794] Calhoun, P. and C. Perkins, "Mobile IP Network Access Identifier Extension for IPv4", RFC 2794, March 2000. [RFC3344] Perkins, C., "IP Mobility Support for IPv4", RFC 3344, August 2002. [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006. 13.2. Informative References [I-D.ietf-mip4-nemov4-fa] Tsirtsis, G., Park, V., Narayanan, V., and K. Leung, "FA extensions to NEMOv4 Base", draft-ietf-mip4-nemov4-fa-02 (work in progress), November 2007. [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. Thubert, "Network Mobility (NEMO) Basic Support Protocol", RFC 3963, January 2005. [RFC4885] Ernst, T. and H-Y. Lach, "Network Mobility Support Terminology", RFC 4885, July 2007. Appendix A. ChangeLog [RFC Editor: please remove this section prior to publication. (said IESG member Russ Housley on 6th of February 2008: "Please delete Appendix A before publication as an RFC.")] The changes are listed in reverse chronological order, most recent changes appearing at the top of the list. From draft-ietf-mip4-nemo-v4-base-10.txt to draft-ietf-mip4-nemo-v4-base-11.txt: o Based on David Ward comment removed the section discussing on non- contiguous netmasks, as well as the Optional Netmask fields (but still kept the prefixlen-based contiguous netmasks.) From draft-ietf-mip4-nemo-v4-base-09.txt to draft-ietf-mip4-nemo-v4-base-10.txt: o Changed "192.168.1.1" notation to "192.0.2.0" documentation style addresses, as suggested by idnits. From draft-ietf-mip4-nemo-v4-base-08.txt to draft-ietf-mip4-nemo-v4-base-09.txt, following IANA and IESG comments: o Introduced an Optional Netmask field in both registrations and replies. This is used when address/prefixlength is not a sufficient expression of network mask, for example when the subnet mask needs to be expressed as a non-contiguous set of 1bits (e.g. 255.255.0.255). Also described the reasoning of this in a section of its own. o Extended the Introduction section with two subsections: example of mobile network and overall protocol operation. Illustrated two figures. o Added Local Fixed Node term definition and some citations to reference rfc4885 "Network Mobility Support Terminology". o Clarified text about the Code field. There are two Code fields: one in Registration Reply header (the Code proper) and one in the Mobile Network Extension header. Also clarified conditions of proper Code being 0 successful and and relationships of proper Code 0 to Code in the Mobile Network Extension. o Added a sub-section 'Mobile Router Management' about the initial configuration, ongoing supervision and management indicators of a Mobile Router and Home Agent. o Substituted 'MOBNET_UNAUTHORIZED' for 'MOBNET_UNAUTHORIZED_MR'. o Substituted 'IANA to assign rules' for 'IANA to modify rules'. o Stressed that "applications that do not support MTU discovery are adversely affected by the additional header encapsulations, because the usable MTU is reduced with each level of nesting." o Removed citations and reference to rfc3344bis (draft-ietf-mip4-rfc3344bis-05). o Removed citations and reference to rfc2434bis (draft-narten-iana-considerations-rfc2434bis-08). o Extended the Acknowledgements section. From draft-ietf-mip4-nemo-v4-base-07.txt to draft-ietf-mip4-nemo-v4-base-08.txt, following AD Review (Jari Arkko): o HA propagates Mobile Network Prefix only if necessary (previously it was always doing it). o emphasized that within nested mobile networks looping may occur and this document doesn't do anything to address this. o dropped a phrase which said that Mobile-Home auth extension shouldn't be used when ESP protects the routing protocol message, because that extension is only applied to Registration messages (not tunneled data, which usually contains routing protocol exchange). o recommending "Standards Action or IESG Review" instead of "Expert Review" for this numbering space, and added reference to a draft for 2434bis. o editorial: re-phrased about how Mobile IPv4 claimed mobile networks support. o editorial: added a necessary paragraph in the Acknowledgements section. From draft-ietf-mip4-nemo-v4-base-06.txt to draft-ietf-mip4-nemo-v4-base-07.txt o encoded the draft into xml. Compiled with xml2rfc version 1.33pre4. o checked against 'idnits' script version 2.05.03. o substituted 'Care-of Address' for 'CoA'. From draft-ietf-mip4-nemo-v4-base-05.txt to draft-ietf-mip4-nemo-v4-base-06.txt o substituted "TBA" for "1" in Sub-type of Mobile Network Request Extension. o substituted "TBA" for "0" in Code of Mobile Network Acknowledgement Extension and in the IANA Section. o modified the IANA section to request definition two new spaces (instead of just defining new values) for Sub-Type of Mobile Network Extensions and for Code Values for Mobile Network Acknowledgement Extension, and to suggest "Expert Review" as method of new assignments in these two spaces (and not necessarily "IETF Consensus"). From draft-ietf-mip4-nemo-v4-base-04.txt to draft-ietf-mip4-nemo-v4-base-05.txt o updated the Acknowledgements section. o capitalized all occurences of "Home Address", "Mobile Router" and "Care-of Address". o refined many statements. o checked against 'idnits' script version 2.04.16. From draft-ietf-mip4-nemo-v4-base-03.txt to draft-ietf-mip4-nemo-v4-base-04.txt o more changes in Introduction to say that with FA mode only the non-optimized double-encapsulation operation is supported and [I-D.ietf-mip4-nemov4-fa] proposes a optimization. From draft-ietf-mip4-nemo-v4-base-02.txt to draft-ietf-mip4-nemo-v4-base-03.txt o changed a sentence in the Introduction to say that FA mode _is_ supported but unoptimized, and that a reference [I-D.ietf-mip4-nemov4-fa] optimizes that mode. o added I-D.ietf-mip4-rfc3344bis reference to the rfc3344bis draft. From draft-ietf-mip4-nemo-v4-base-01.txt to draft-ietf-mip4-nemo-v4-base-02.txt o changed title from "IPv4 Network Mobility (NEMO) Protocol" to "Network Mobility (NEMO) Extensions for Mobile IPv4". From draft-ietf-mip4-nemo-v4-base-00.txt to draft-ietf-mip4-nemo-v4-base-01.txt o added a section on Routing Protocol between Mobile Router and Home Agent. o added a security subsection about running simultaneously a secure routing protocol with secure Mobile IPv4. o added a date tag on the IANA URL for Mobile IP numbering spaces. o substituted 'Mobile Router' for 'MR' everywhere. o updated reference to NEMOv4 FA draft. From draft-ietf-nemo-v4-base-01.txt to draft-ietf-mip4-nemo-v4-base-00.txt: o changed draft name, headers and footers. o changed title. o a more coherent use of terms 'subnet', 'prefix' and 'mobile network'. o clarified only co-located CoA mode is supported (not FA CoA) for Mobile Routers in this specification. And added reference to the FA NEMO optimizations draft. o changed 'devices' to 'hosts'. o changed 'moving networks' to 'mobile networks'. o clarified what 'reachability' in a certain context is: packets may be dropped if ingress filtering is turned on. o removed the MR-FA-CoA tunnel overhead optimization. There is still an issue with text at HA doing optimization. This document was first presented as an individual contribution to the NEMO Working Group, then adopted as a WG item to that group. The 01 version in the NEMO WG has been Last Called on the INFORMATIONAL track. The evolution was: From version draft-ietf-nemo-v4-base-00 to draft-ietf-nemo-v4-base-01: o removed error code HA_MOBNET_UNSUPPORTED. o changed all values to be assigned by IANA, from specific numbers to "TBA" (To Be Assigned). o substituted "egress interface" for "roaming interface". o changed HA behaviour upon reception of MNPs. In 00 the HA replied positively only if all MNPs in RegReq were valid, in 01 a reply is constructed specifying which MNP was valid and which not. o clarified a 3-line paragraph saying that RegRep may contain both implicit and explicit acknowledgements. Authors' Addresses Kent Leung Cisco Systems 170 W. Tasman Drive San Jose, CA 95134 USA Phone: +1 408-526-5030 Email: firstname.lastname@example.org Gopal Dommety Cisco Systems 170 W. Tasman Drive San Jose, CA 95134 USA Phone: +1 408-525-1404 Email: email@example.com Vidya Narayanan QUALCOMM, Inc. 5775 Morehouse Dr San Diego, CA USA Phone: +1 858-845-2483 Email: firstname.lastname@example.org Alexandru Petrescu Motorola Parc les Algorithmes Saint Aubin Gif-sur-Yvette, Essonne 91140 France Phone: +33 169354827 Email: email@example.com Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at firstname.lastname@example.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).