Mobile Communications Original design motivation was not so much - PowerPoint PPT Presentation

Motivation Mobility support needed to be able to use mobile devices in the Internet  Mobile devices need IP address for their communication  Applications would like to communicate while being “on the move” DHCP Mobile Communications  Original design motivation was not so much mobility support Mobility Support in Network Layer  BUT: DHCP is very important today to use mobile device like laptop in a foreign environment  Enables integration of device into network  Mobile IP  DHCP Mobile IP  Enables reachability of a device, using a specific, known IP address  Provides for transparency above IP, i.e. also to support ongoing TCP connections Mobile Communications Mobility Support in Network Layer 1 Mobile Communications Mobility Support in Network Layer 2 DHCP: Dynamic Host Configuration Protocol DHCP - protocol mechanisms client Application server server initialization (not selected) (selected)  simplification of installation and maintenance of networked computers DHCPDISCOVER DHCPDISCOVER  Dynamic assignment of IP address determine the determine the  supplies systems with all necessary information, such as IP address, DNS configuration configuration server address, domain name, subnet mask, default router etc. DHCPOFFER DHCPOFFER  enables automatic integration of systems into an Intranet or the Internet, collection of replies can be used to acquire an address for Mobile IP selection of configuration Client/Server-Model  the client sends via broadcast a request (DHCPDISCOVER) to find a DHCPREQUEST DHCPREQUEST confirmation of (reject) (options) DHCP server configuration DHCPDISCOVER DHCPACK initialization completed client server client release DHCPRELEASE delete context Mobile Communications Mobility Support in Network Layer 3 Mobile Communications Mobility Support in Network Layer 4

DHCP: Discovery via Relay DHCP characteristics not in all subnets a separate DHCP server Server  helps to reduce number servers  several servers can be configured for DHCP, coordination not yet standardized (i.e., manual configuration)  then in a subnet a relay agent is needed, this knows DHCP server in a neighboring subnet  relay forwards DHCPDISCOVER (as unicast) request to DHCP server Addresses:  DHCP can assign always the same IP address to a client  Or a clients gets a dynamically selected IP address from a certain range Options DHCPDISCOVER  available for routers, subnet mask, NTP (network time protocol) timeserver, (unicast) SLP (service location protocol) directory, DHCPDISCOVER DNS (domain name system) (broadcast) server Big security problems!  no authentication of DHCP information specified client relay Mobile Communications Mobility Support in Network Layer 5 Mobile Communications Mobility Support in Network Layer 6 DHCP Lease DHCP Security Concerns Basic questions: IP addresses are assigned for a limited time (“lease”)  Is client trustworthy?  Allows for reuse even if mobile device does not perform explicit disconnect  Is server / network trustworthy?  Lease has to be renewed if IP address is needed for longer time Client is informed about lease value plus two times T1 and T2 Network wrt Client  T1=50% of lease time  Devices in a subnetwork have often certain privileges  T2=87,5% of lease time  Should not be given to unknown guest device  Client may request many IP addresses After T1, client tries to renew lease Client wrt network / DHCP server  Send new request (DHCPREQUEST) to DHCP server which gave it the lease  Server may provide spurious configuration data At T2, if no positive response has been received by the client  Is server potentially doing a “man in the middle” attack?  new broadcast to all DHCP servers (DHCPDISCOVER) as at the beginning  Authentication of DHCP information should be performed  But often missing Mobile Communications Mobility Support in Network Layer 7 Mobile Communications Mobility Support in Network Layer 8

Motivation for Mobile IP Requirements to Mobile IP (RFC 3344, was: 3220, was: 2002) Routing Transparency  based on IP destination address, network prefix (e.g. 129.13.42)  mobile end-systems keep their IP address determines physical subnet  continuation of communication after interruption of link possible  change of physical subnet implies change of IP address to have a  point of connection to the fixed network can be changed topological correct address (standard IP) or needs special entries in the Compatibility routing tables  support of the same layer 2 protocols as IP Specific routes to end-systems?  no changes to current end-systems and routers required  change of all routing table entries to forward packets to the right destination  mobile end-systems can communicate with fixed systems  does not scale with the number of mobile hosts and frequent changes in Security the location, security problems  authentication of all registration messages Changing the IP-address? Efficiency and scalability  adjust the host IP address depending on the current location  only little additional messages to the mobile system required (connection  almost impossible to find a mobile system, DNS updates take to long time typically via a low bandwidth radio link)  TCP connections break, security problems  world-wide support of a large number of mobile systems in the whole Internet Mobile Communications Mobility Support in Network Layer 9 Mobile Communications Mobility Support in Network Layer 10 Terminology Example network Mobile Node (MN) HA  system (node) that can change the point of connection to the network without changing its IP address MN Home Agent (HA)  system in the home network of the MN, typically a router  registers the location of the MN, tunnels IP datagrams to the COA router Foreign Agent (FA) home network mobile end-system Internet  system in the current foreign network of the MN, typically a router (physical home network  forwards the tunneled datagrams to the MN, typically also the FA foreign for the MN) default router for the MN network Care-of Address (COA) router  address of the current tunnel end-point for the MN (at FA or MN) (current physical network  actual location of the MN from an IP point of view for the MN) CN  can be chosen, e.g., via DHCP Correspondent Node (CN) end-system router  communication partner Mobile Communications Mobility Support in Network Layer 11 Mobile Communications Mobility Support in Network Layer 12

Data transfer to the mobile system Data transfer from the mobile system HA HA 2 1 MN MN home network receiver home network sender 3 Internet Internet foreign FA FA foreign network network 1. Sender sends to the IP address of MN, 1. Sender sends to the IP address HA intercepts packet (proxy ARP) 1 of the receiver as usual, 2. HA tunnels packet to COA, here FA, CN CN FA works as default router by encapsulation 3. FA forwards the packet sender to the MN receiver Mobile Communications Mobility Support in Network Layer 13 Mobile Communications Mobility Support in Network Layer 14 Overview Network integration COA Agent Advertisement router  HA and FA periodically send advertisement messages into their home router MN FA network HA physical subnets foreign  MN listens to these messages and detects, if it is in the home or a Internet network foreign network (standard case for home network)  MN reads a COA from the FA advertisement messages Registration (always limited lifetime!) CN router  MN signals COA to the HA via the FA, HA acknowledges via FA to MN  these actions have to be secured by authentication 3. router Advertisement home router MN 2. FA network HA 4.  HA advertises the IP address of the MN (as for fixed systems), i.e. foreign standard routing information Internet network  routers adjust their entries, these are stable for a longer time (HA responsible for a MN over a longer period of time) 1.  packets to the MN are sent to the HA, CN router  independent of changes in COA/FA Mobile Communications Mobility Support in Network Layer 15 Mobile Communications Mobility Support in Network Layer 16