T-110.5110 Computer Networks II Mobility Issues 28.09.2009 Prof. Sasu Tarkoma.

T-110.5110 Computer Networks IIT-110.5110 Computer Networks II

Mobility IssuesMobility Issues

28.09.200928.09.2009

Prof. Sasu Tarkoma

ContentsContents

•Overview

•Mobile IP

•NEMO

•Transport layer solutions

• i3

•SIP mobility

Mobility in the InternetMobility in the Internet

•This topic pertains to mobility of

– Networks

– Hosts

– Transport connections

– Sessions

– Objects (passive, active)

– Services

– Users

•Many solutions are needed on multiple layers

– Link layer, network, transport, application

– Vertical and horizontal handoffs

No mobility High mobility

mobile wireless user, using same access point

mobile user, passing through multiple access point while maintaining ongoing connections (like cell phone)

mobile user, connecting/ disconnecting from network using DHCP

Moderate mobility

Mobility Classification ProtocolsMobility Classification Protocols

Example topologyExample topology

A C

BA5

B1

A1

A2 A3

A4 B4

B3

C1

C3

C4

C2

B2

AS10Transit

StubAS20

StubAS30

StubAS40

Overlay node

Regular node

MobilityMobility

•What happens when network endpoints start to move?

•What happens when networks move?

•Problem for on-going conversations– X no longer associated with address– Solution: X informs new address

•Problem for future conversations– Where is X? what is the address?– Solution: X makes contact address available

•In practice not so easy. Security is needed!

Mobility

Micro Macro Global

Intra-subnet

Intra-domain Inter-domain

Cellular IP (1998)

TMIP (2001)

Hierarchical MIP (1996)

Hawaii (1999)

Dynamic Mobility Agent (2000)

HMIPv6 (2001)

MIP (1996)

MIPv6 (2001)

Time (evolutionary path)

Classifying Mobility ProtocolsClassifying Mobility Protocols

Routing vs. mobilityRouting vs. mobility

• Topology data aggregation is necessary

– Cannot track all hosts in the world

– IP addresses determined by topology

• Network gives the routing prefix

• Mobile hosts must change their IP addresses

– Causes sockets / connections to break

• How to communicate address changes?

• Two approaches:

– Let routing handle it not scalable

• Done by ad hoc routing protocols

– Let end-systems handle it protocol is needed

• Goal of a mobility protocol

– Transport and applications do not see address changes

– Mobility transparency

Networks: MobilityNetworks: Mobility

R

Public Switched Data Network

RouterRouter

R R R R

Backbone LAN

Router Router

MAN

NAT

AP

GPRS/UMTSAccess network NAT

BS BS

MH

MH

Ad hoc

MH

RendezvousRendezvous

•How to find the moving end-point?

– Tackling double jump

• What if both hosts move at the same time?

• Requires a rendezvous point

•Mobility management is needed!

– Initial rendezvous

– Can be based on directories

– Requires fast updates to directories

• Does not work well for DNS

Security issuesSecurity issues

•Address stealing

– Alice and Bob communicate

– Mallory tells Alice

• Bob is now at C

•Address flooding

– Mallory downloads from Alice, Bob, etc.

– Mallory tells everybody

• I have moved to C

Mobile IPMobile IP

•Two versions

– IPv4 (optional)

– integrated into IPv6 (with IPSec security)

•Home Agent (HA)

– Home address

– Initial reachability

– Triangular routing / reverse tunneling

•Route optimization

– Tunnels to bypass HA

– HA as a rendezvous point

Mobility Example:Mobile IP Mobility Example:Mobile IP Triangular RoutingTriangular Routing

Home agent

Correspondenthost

Foreign agent

Mobile host

Home link Foreign link

Ingress filtering causes problems for IPv4 (home address as source), IPv6 uses CoA

so not a problem . Solutions:(reverse tunnelling) or

route optimization

Foreign agent left out of MIPv6. No special

support needed withIPv6 autoconfigurationDELAY!

Care-of-Address (CoA)

Ingress FilteringIngress Filtering

home agentcorrespondent host

Packet from mobile host is deemed "topologically incorrect“ (as in source address spoofing)

With ingress filtering, routers drop source addresses that are not consistent with the observed source of the packet

Reverse TunnellingReverse Tunnelling

Home agent

Correspondenthost

Router

Mobile host

Home link Foreign link

DELAY!

Care-of-Address (CoA)

Firewalls and ingress filtering no longer a

problemDouble triangular routing leads to overhead and increases congestion

Firewalls and ingress filtering no longer a

problemDouble triangular routing leads to overhead and increases congestion

Mobility Example:Mobile IPv6 Mobility Example:Mobile IPv6 Route OptimizationRoute Optimization

Home agent

Correspondenthost

Router

Mobile host

Home link Foreign link

MH sends a binding update to CHwhen it receives a tunnelled packet.

CH sends packets using routing header

First, a Return Routability test to CH. CH sends home test and CoA test packets. When MH receives both,

It sends the BU with the Kbm key.

Secure tunnel (ESP)

Differences between MIPv4 and MIPv6Differences between MIPv4 and MIPv6

• No FA is needed (no infrastructure change)

• Address auto-configuration helps in acquiring COA

• MH uses COA as the source address in foreign link, so no ingress

filtering

• Option headers, and neighbor discovery of IPv6 protocol are used to

perform mobility functions

• 128 bit IP addresses help deployment of mobile IP in large

environments

• Route optimization is supported by header options

MIPv6MIPv6

• MIP6 utilizes IPv6 header options for signalling between the HA and CN.

• The important changes are a new extension header (mobility header)

for the creation and management of binding, a new routing header

type to allow packets to be routed directly from CN to a MN CoA (home

address in ext), and a new destination type (MN to CN, home address

again)

• MIP6 uses the new IPv6 autoconfiguration mechanism to determine the

CoA, and thus does not need a FA.

• Using autoconfiguration, the MN receives Router Advertisements that

contain the routing prefixes of the visited network. This prefix

information is then combined with the interface ID (MAC address) of the

MN to obtain the CoA.

• MIP6 also supports the dynamic discovery of the HA or HAs.

Extension HeadersExtension Headers

Mobility Header

Upper Layer headers

DataMH

CN to MN MN to CN

MN, HA, and CN for Binding

MH Type in Mobility Header: Binding Update, Binding Ack, Binding Err, Binding refresh

Source: Chittaranjan Hota, Computer Networks II lecture 22.10.2007

MIPv6 Operation: Mobile on a Foreign networkMIPv6 Operation: Mobile on a Foreign network

1

Stateless address Auto configuration

(Acquiring COA)

2 Foreign Network

4

3

Duplicate address detection, Proxy neighbor discovery, and Binding cache update

5 Update Binding Update List

Bidirectional tunnel

Source: Chittaranjan Hota, Computer Networks II lecture 22.10.2007

MIPv6: Dynamic Home Agent DiscoveryMIPv6: Dynamic Home Agent Discovery

12

Home Agents List Preference ValueHome Agent 2 6Home Agent 1 2

Home Agents List Preference ValueHome Agent 2 6Home Agent 1 2

1 Dynamic Home Agent Address Discovery request to anycast address

2 DHAAD reply with addresses of home agents with their preferences

Mobile Node

1

2

Source: Chittaranjan Hota, Computer Networks II lecture 22.10.2007

Source: Microsoft, Understanding Mobile IPv6

Security in Mobile IPSecurity in Mobile IP

• MIPv6 RFC 3775/3776– Protection of Binding Updates HA, CNs– IPsec extension headers or the binding authorization data

option– Binding management key, Kbm, which is established through

return routability procedure– Protection of mobile prefix discovery– Protection of the mechanisms that MIPv6 uses for

transporting data

• Protecting binding updates– Must be secured through IPsec– ESP is used for updates and acks

• Shoulds: init messages, prefix discovery

Return RoutabilityReturn Routability

Mobile Node Correspondent Node Home Agent

HOTI (HOme address Test Init)

COTI (Care-Of address Test Init )

HOTI

COT (Care-Of Test )

HOT (HOme Test)

HOT

BU

ACK BU

MN

CN

HA4

12

3

Can see HOT but not COT

Claim to own home address

Use current address as CoA.

Offpath attack using refresh

Sends COTI and HOTI to CN, construct Kbm claim

ownership of CoAsend binding updates, break

comms. with CN.Offpath attack

Both HOTI and HOT are encrypted. Malicious node may be able to forward traffic to neighbor if

has a valid HA

MiTM attacks. Cannot construct

Kbm.

Offpath attacksOffpath attacks

•DoS attacks: memory/processing capability exhaustion. Connection termination.

•Reflection attacks. Victim’s IP address is spoofed, receiver will respond, causing messages sent to the victim

– Ingress filtering can help

•MiTM attacks. Attacker compromises routers on-path. Route injection.

MIP specific attacksMIP specific attacks

•Prevent connections between CN and MN by picking a home address and RR

•Attacker can move to another location and refresh binding, continue deny service to MN while offpath

•Solutions

– When location changes, MN runs RR (malicious node fails this if offpath)

– Public keys and certificates, IKE

– Cryptographically generated address (CGA)

CGA and MIPCGA and MIP

•Each node has a key-pair

•Produce h(PK, data) 64 bits that can be used as the interface identifier

•Put this into IPv6 address host part

cryptographically generated address

•MN can prove it owns such an address by providing a signature inside a message

•CGA can be used to prove that a noede owns a particular addres, but not that a node is currently located at this address

RR is needed

Other Issues in Mobile IPOther Issues in Mobile IP

• How does a Mobile node acquire a care-of-address in the foreign network?

By DHCP, Router advertisements, Manually

• If Home agent does not reply to registration request

Send the request to broadcast address (redundancy)

• Reducing registration frequency (in high mobility scenario)

FAs into a multicast group, into an anycast group, Hierarchy

• Security (denial of service attack by bogus registration request)

Authentication using MD5 hashes

Replay attacks are prevented by (timestamp or nonce)

• Source Routing Option to avoid Tunneling and triangular routing

Not feasible as the load on intermediate routers will be more

Hierarchical Mobile IPHierarchical Mobile IP

•HMIPv6 is specified in RFC 4140

•Introduces local Mobility Anchor Points (MAP) that are essentially Home Agents

•MAPs can be located at any level in a hierarchical network of routers, including the access routers.

•The aim of the HMIPv6 is to minimize the signaling latency and reduce the number of required signaling messages.

•As long as the MN stays inside one MAP domain it only needs to update its location with the MAP.

•The localized mobility management can also be completely handled on the network side without MN's involvement at the IP mobility protocol level.

NEMONEMO

•It is also possible for a whole subnetwork to roam from one part of the Internet to another.

•Network Mobility (NEMO) is specified in RFC 3963

•The technical solution of NEMO is based on MIP6. NEMO allows subnetworks to change their location in a network.

•This is realized using a mobile router that manages the mobile network. The mobile router updates its HA regarding the CoA of the mobile router.

•A NEMO compliant HA can act also as a MIP6 HA. The basic solution creates a bi-directional tunnel between the mobile router and the HA, which effectively keeps the mobile network reachable.

•Hosts behind the mobile router do not need to be aware of mobility in any way.

NEMO: Nested TunnelingNEMO: Nested Tunneling

Suboptimal routing (bidirectional tunnel)Header overhead (many headers)Resilience of HA (single HA)Long packet delay (many tunnels)

Problems:

Nested Mobile networks: A PAN in a train or a car

Hierarchical Mobile IP (HMIP)Hierarchical Mobile IP (HMIP)

InternetLocalizing Registrations

HA

FA1

FA2FA3

FA4

FA5FA6

MH@FA1

MH@FA2

MH@FA4

MH@VL

Lineage <FA4, FA2, FA1>

<FA5 FA2, FA1>

<FA6, FA3, FA1>

MH@FA5

Common ancestor = FA2 (nearest)

Common ancestor = FA1 (nearest)

MH@FA3

MH@FA6

MH@VL

Source: Chittaranjan Hota, Computer Networks II lecture 22.10.2007

Multi-layer OperationMulti-layer Operation

•Mobility and multi-homing can be realized on different layers

– Network

• Mobile IP, HMIP, NEMO

– Between network and transport

• Host Identity Protocol (HIP)

– Transport (SCTP)• TCP extensions, SCTP (TrASH)

– Application

• SIP, Wireless CORBA, overlays

• Re-establish TCP-sessions after movement

TCP Solutions to MobilityTCP Solutions to Mobility

•When MN initiates a connection, it tells the CN it’s new IP address through SYN

•CN uses DNS lookup to locate a MN

•TCP Migrate option is used to migrate to a new connection

•(s_ip, s_port, d_ip, d_port) to (s_ip, s_port, d_ip’,d_port’)

•Segmented TCP, Indirect TCP (I-TCP)

•SCTP multihoming can be used as well

CN MN CN

MN after movement (Migrate SYN, Migrate SYN/ACK, ACK)

Source: Chittaranjan Hota, Computer Networks II lecture 22.10.2007

SIP MobilitySIP Mobility•Session mobility allows a user to maintain and manage a

media session across devices

•Terminal mobility allows a device to move between IP subnets while continuing to be reachable for incoming requests and maintaining sessions across subnet changes

•Personal mobility allows the addressing of a single user

•Located at different terminals by using the same logical address

•Service mobility allows users to maintain access to services while moving or changing devices and network service providers

•SIP implements these using URLs, proxies, and redirect servers. The home domain keeps track of users and devices. Message forking

Mobility using SIPMobility using SIP

SIP RedirectServer

SIP ProxyServerForeign

Network

MobileHost

HomeNetwork

CorrespondingHost

1 23

6

4

5

1 INVITE

2 302 moved temporarily

3, 4 INVITE

5, 6 OK

7 DataBenefits: Global mobility, No tunneling, No change to routing

7

IMSIMS

•Example of call routing•Example of call routing

User A

HSS

Interrogating CSCF

ServingCSCF

InviteFrom: sip:[email protected]: sip:[email protected]

Location Query

User B

Ok

Multimedia session

ServingCSCF

CSCF = Call State Control FunctionHSS = Home Subscriber Service

Host Identity ProtocolHost Identity Protocol

•New cryptographic namespace

•Connection endpoints mapped to 128 bit host identity tags (hashes of public keys)

•Mapping at HIP layer

•4-phase Base Exchange with cryptographic puzzle for DoS prevention

•IPSec for network-level security

Identity/Locator splitIdentity/Locator split

Process

Transport

ID Layer

IP Layer

Link Layer

identifier

locator

ESP from MN to CNESP from MN to CNESP from MN to CNESP from MN to CN

Mobility protocolMobility protocol

Mobile Corresponding

UPDATE: HITs, new locator(s), sig

UPDATE: HITs, RR challenge, sig

ESP on both directionsESP on both directionsESP on both directionsESP on both directions

UPDATE: HITs, RR response, sig

Basic HIP rendezvousBasic HIP rendezvous

Rendezvous server

Server

Client

Rendezvousregistration

I1

R1I2R2

Application-layer mobilityApplication-layer mobility

•Many application-layer protocols are, in principle, similar to Mobile IP

•Moving entity may differ

– Instead of host we have object, session, entity, or interests

•For example:

– Object mobility

• Wireless CORBA

– Session mobility

• SIP

– Interest mobility

• Content-based routing

– Generic mobility

• i3 overlay, service composition

Application-layer mobilityApplication-layer mobility

•Many application-layer protocols are, in principle, similar to Mobile IP

•Moving entity may differ

– Instead of host we have object, session, entity, or interests

•For example:

– Object mobility

• Wireless CORBA

– Session mobility

• SIP

– Interest mobility

• Content-based routing

– Generic mobility

• i3 overlay, service composition

Internet Indirection Infrastructure (i3) Internet Indirection Infrastructure (i3)

• An Overlay infrastructure.

• Every packet is associated with an identifier.

• Receiver receives using identifier

A Trigger

(Natural Support for Mobility)

Movement with a different address

[Source: http://i3.cs.berkeley.edu/]

i3: How it Works?i3: How it Works?

(A Receiver R inserts a trigger into i3)

(A Sender S sends a packet with same identifier 37, that is delivered to R)

CHORD ensures O (log N ) no. of intermediate hops to reach at the destination

[http://i3.cs.berkeley.edu/]

Mobile Web ServerMobile Web Server

Gateway

BrowserWebserver

Operator

Firewall

2.5/3G

InternetDNS

12

3

By courtesy of Johan WikmanPresented in EuroOSCON 2006

Indirection PointsIndirection Points

•Mobility may be characterized by indirection points

– Mobile IP

• Single fixed indirection point

– Location / Identity split

• Single indirection point

– SIP

• Single fixed indirection point (home domain) (other are possible)

– Content-based routing

• Many indirection points

Lessons to learnLessons to learn

•Hierarchical routing likely to stay

– Addresses carry topological information

– Efficient and well established

•Applications face changing connectivity

– QoS varies

– periods of non-connectivity

•Identifiers and locators likely to split

•Mobility management is needed

•Probably changes in directory services

– Overlays have been proposed

SummarySummary

•Topology based routing is necessary

•Mobility causes address changes

•Address changes must be signalled end-to-end

– Alternative: use triangular routing as in Mobile IP

•Mobility management needed

– Initial rendezvous: maybe a directory service

– Double jump problem: rendezvous needed

•Many engineering trade-offs