[savi] MIPv6 and SAVI

[Alberto García <alberto at it.uc3m.es>]

Hi,

While I was answering to the ‘IKEv2 address assignment method and SAVI’ mail, I realized that there may be a fundamental issue with SAVI affecting its interaction with MIPv6 (regardless the way addresses are obtained from the HA to be assigned to MN).

 

While the HA has a binding for the MN to a CoA, the HA defends the HoA for the MN with DAD NADVs (if any node performs DAD NSOLs).

Either if the HA is a SAVI device or it is just a node outside the SAVI perimeter, the result would be that SAVI would prevent hosts connecting through other ports to use the HoA as source address.

However, the mechanisms specified in 11.5.4 for informing the HA that the MN is back in the Home Network is (In RFC 3775, section 11.5.4):

   The mobile node SHOULD then send a Binding Update to its home agent,

   to instruct its home agent to no longer intercept or tunnel packets

   for it.  […] The mobile node MUST use its home

   address as the source address in the Binding Update.

 

This would not be allowed by default by FCFS SAVI (and in general, by any reasonable SAVI deployment).

Do you think this is a problem?

 

A solution could be to make SAVI devices to just let pass this type of MIPv6 Binding Update messages. This would make the HA stop defending the address, and the MN could gain the SAVI binding by the mechanisms currently defined to support mobility in the L2 network.

This still provides good protection: the SAVI binding is not released until the SAVI device is convinced that the legitimate MN is in the network, and this (the Binding Update) is protected by IPsec.

Hosts not using MIPv6 are not affected, since they are not going to give up its binding regardless the Binding Update messages that could issued by attackers.

 

Regards,

alberto