NEMO Working Group M. Kumazawa Internet-Draft Y. Watanabe Expires: January 12, 2006 T. Matsumoto S. Narayanan Panasonic July 11, 2005 Token based Duplicate Network Detection for split mobile network (Token based DND) draft-kumazawa-nemo-tbdnd-02.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 12, 2006. Copyright Notice Copyright (C) The Internet Society (2005). Abstract When multiple Mobile Routers share the same prefix, a Home Agent must be able to verify whether the Mobile Routers share the same Mobile Network or not. Otherwise, the Home Agent may not be able to forward a data packet to a correct recipient since the recipient may not be connected to the mobile router the Home Agent chooses to forward the Kumazawa, et al. Expires January 12, 2006 [Page 1] Internet-Draft Token based DND July 2005 packet. This document describes a Token based Duplicate Network Detection mechanism that enables a Home Agent to detect whether multiple Mobile Rotuers claiming the same prefix are in the same Mobile Network. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Usage scenarios . . . . . . . . . . . . . . . . . . . . . . . 6 3.1 Wireless Personal Area Network (W-PAN) . . . . . . . . . . 6 3.2 Automobile network . . . . . . . . . . . . . . . . . . . . 6 3.3 Mobile Routers in a plane . . . . . . . . . . . . . . . . 6 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.1 Registration as an Owner . . . . . . . . . . . . . . . . . 8 4.2 Registration as a Borrower . . . . . . . . . . . . . . . . 9 4.3 Refreshment of Token . . . . . . . . . . . . . . . . . . . 10 4.4 Registration Request from Token based DND-unaware Mobile Routers . . . . . . . . . . . . . . . . . . . . . . 11 5. Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.1 Mobile Network Prefix Option . . . . . . . . . . . . . . . 12 5.2 Token Option . . . . . . . . . . . . . . . . . . . . . . . 12 5.2.1 Binding Acknowledgement . . . . . . . . . . . . . . . 13 6. Mobile Router Operation . . . . . . . . . . . . . . . . . . . 14 6.1 Data Structure . . . . . . . . . . . . . . . . . . . . . . 14 6.2 Sending Binding Updates . . . . . . . . . . . . . . . . . 14 6.3 Receiving Binding Acknowledgements . . . . . . . . . . . . 15 6.4 Error Processing . . . . . . . . . . . . . . . . . . . . . 16 6.5 Token Update . . . . . . . . . . . . . . . . . . . . . . . 16 6.6 Returning Home . . . . . . . . . . . . . . . . . . . . . . 16 7. Home Agent operation . . . . . . . . . . . . . . . . . . . . . 17 7.1 Data Structures . . . . . . . . . . . . . . . . . . . . . 17 7.1.1 Binding Cache . . . . . . . . . . . . . . . . . . . . 17 7.1.2 Prefix Table . . . . . . . . . . . . . . . . . . . . . 17 7.2 Mobile Network Prefix Registration . . . . . . . . . . . . 17 7.3 Forwarding Packets . . . . . . . . . . . . . . . . . . . . 18 8. Security Consideration . . . . . . . . . . . . . . . . . . . . 19 8.1 Protection of Tokens . . . . . . . . . . . . . . . . . . . 19 8.2 how to generate Tokens . . . . . . . . . . . . . . . . . . 19 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 20 A. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Intellectual Property and Copyright Statements . . . . . . . . 22 Kumazawa, et al. Expires January 12, 2006 [Page 2] Internet-Draft Token based DND July 2005 1. Introduction Today, Mobile Internet Access using various kinds of wireless access technologies is gaining in popularity. This leads to the demand for ubiquitous networking, where portable devices can be connected to the Internet anywhere, at any time. To realize ubiquity, it is necessary to select the network most suitable for mobile Internet access from the various access networks available according to the user's location and preference. However, it is difficult to add various wireless access interfaces to all portable devices for reasons of cost and size. Wireless PAN (W-PAN) is one possible solutions enabling ubiquity. A W-PAN consists of a collection of portable devices with short distance wireless interfaces and some of them have additional access interfaces providing connectivity to the Internet. Devices with such Internet access interfaces need to provide session continuity of all nodes in W-PAN even when they change points of attachment to the Internet. The NEMO Basic Support [2] provides the mobility of an entire network. It realizes session continuity to all nodes in the Mobile Network by maintaining bi-directional tunnels between Mobile Routers and their Home Agents. Devices with Internet access interfaces in a W-PAN act as Mobile Routers. Mobile Network with multiple Mobile Routers providing multiple points of attachments to the Internet is one of Multihomed Mobile Networks [1] [3]. It is necessary to consider the issues relevant to the support of Mobile Network Prefixes by multiple Mobile Routers in a single Mobile Network. If each Mobile Router supports different prefixes, nodes in the Mobile Network must change its source address when they send packets via a different Mobile Router, which makes it difficult to maintain continous sessions. And a Home Agent needs to forward a data packet meant for a node to just one Mobile Router which supports the prefix of the node. Hence, to provide advantages of multihoming, it is important to allow multiple Mobile Routers in the same mobile network to support the same prefix. However, in the NEMO Basic Support protocol, a Home Agent can't know whether Mobile Routers claiming the same prefix are in the same Mobile Network or not. If Mobile Routers claiming the same prefix are in different places, packets forwarded from the Home Agent to one of the Mobile Routers might not reach correct recipient since it might be behind another Mobile Router. This problem is called "split mobile network" and the solution to detect split mobile network is called Duplicate Network Detection (DND) and they have been discussed in the NEMO working group mailing list [6]. Kumazawa, et al. Expires January 12, 2006 [Page 3] Internet-Draft Token based DND July 2005 Some solutions have already been proposed in the mailing list. In the proposed solutions, a Home Agent confirms connectivity between the Mobile Routers claiming the same prefix before it acknowledges a new binding update. These solutions have the following problems: o If the bi-directional tunnel between the first Mobile Router and the Home Agent is unavailable temporarily, the DND test can't be done. o Confirmation of connectivity before acknowledgement leads to some delay. This document describes a new DND solution using Tokens (Token based DND). The Token based DND can do DND tests without above problems. Since the Token based DND is compatible with NEMO Basic Support, Token-based-DND-aware Mobile Routers and Home Agent can coexist with existing Mobile Routers and Home Agents. Kumazawa, et al. Expires January 12, 2006 [Page 4] Internet-Draft Token based DND July 2005 2. Terminology The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119[7]. This document assumes that the reader is familiar with Mobile IPv6 as defined in [5] and with the concept of Mobile Router defined in the NEMO terminology document [4]. Owner When a Mobile Router owns Mobile Network prefixes (ex. manual- configured or obtains with DHCP), the Mobile Router is defined as an Owner of the Prefixes. Borrower When a Mobile Router supports a Mobile Network prefix from the Owner of the Prefix, the Mobile Router is defined as an Borrower of the Prefix. Token It is a number associated with a Mobile Network Prefix. It is generated and updated by the Owner of the Prefix. A Token is set in a Token option following the Mobile Network Prefix Option in a Binding Update and registered with its Home Agent. A Token is also distributed with the Mobile Network Prefix from the Owner to other Mobile Routers (Borrowers) using Router Advertisements. A Token is used for the Home Agent to confirm whether the Borrowers are connected to the Owner or not. The way to generate Token is discussed in Section 8.2. One of the simplest ways is just generating a random number. All zero means 'NULL' and that the Owner doesn't allow its own Prefix to be shared. Kumazawa, et al. Expires January 12, 2006 [Page 5] Internet-Draft Token based DND July 2005 3. Usage scenarios 3.1 Wireless Personal Area Network (W-PAN) Alice enjoys music downloaded via her cellular phone (working as a MR) with her silicon player. These devices are connected via Bluetooth and they form a W-PAN . She adds a PDA with 802.11b interface and Bluetooth into her W-PAN as a MR. The silicon player doesn't have to change its source address in using the PDA since it is configured with the same MNP as her cellular phone. One day she leaves her PDA switched on at home. It continues sending Binding Updates periodically and the Home Agent sends some packets destined for the player to it. When the DND operates, the HA will be aware that the PDA is away from the cellular phone, and will reject the BU from PDA. Thereby, all packets will be correctly sent to the player via the phone. If she leaves the phone instead of the PDA, which is the owner of the MNP, the PDA can't keep using it and has to obtain another MNP. 3.2 Automobile network Bob goes for a drive with his friends. All of their cellular phones work as MRs and so the NEMO has multiple cellular interfaces to enable broadband communication. When they enjoy video transferred via the MRs with a monitor in Bob's car, one of them gets down off the car. For the decreased bandwidth Bob sends the streaming server control messages to lower the quality of the video. However, he can't complete the operation since replies from the server are sent to the cellular phone outside of the car. Without DND, the user must operate his cellular phone when she/he moves away from the NEMO. 3.3 Mobile Routers in a plane A plane is equipped with Multiple MRs for load balancing and increasing bandwidth. A MNP of each MR will be shared among other MRs and be revoked in the case it is relocated to another plane automatically using DND. The DND will help network administrators to keep the integrity Kumazawa, et al. Expires January 12, 2006 [Page 6] Internet-Draft Token based DND July 2005 between the location of MRs and the MNP shared by them. Kumazawa, et al. Expires January 12, 2006 [Page 7] Internet-Draft Token based DND July 2005 4. Overview Figure 1 shows an example network for describing overview of the operation. +----+ | HA | +--+-+ | +-----------------------+ +------+ | Internet |-----+ CN | +-----------------------+ +------+ | | +-----+ +-----+ | MR1 | | MR2 | +--+--+ +--+--+ |P1:: |P2:: --------------------------- | P1::a | P2::b +--+--+ +--+--+ | LFNa| | LFNb| +-----+ +-----+ Figure 1: example network MR1 and MR2 establish bi-directional tunnels with their Home Agent. Mobile Network Prefixes MR1 and MR2 register are P1 and P2 respectively. LFNa and LFNb configures its address with P1::a and P2::b. MR1, MR2, and LFNa,LFNb are connected via a link. This configuration can be expressed as (2,1,2) based on the notation in [1]. This Mobile Network consists of two logical independent network P1::/64 and P2::/64. MR1 can neither forward LFNb's packets nor MR2 can do LFNb's ones currently. 4.1 Registration as an Owner As MR1 is the Owner of prefix P1, MR1 generates and updates a Token corresponding to P1. MR1 sends a Binding Update including a Mobile Network Prefix Option of P1 to the Home Agent when it attaches to a new access router. And MR1 sets a Prefix Delegated flag (D) to 0 in the Mobile Network Prefix option to indicate that it is the Owner of P1 and MUST put a Token option next to that in the Binding Update. If the Home Agent receives and processes the message successfully, the Home Agent stores the token and acknowledges it by sending MR1 a Binding Acknowledgement indicating that the prefix and the Token is processed successfully. Kumazawa, et al. Expires January 12, 2006 [Page 8] Internet-Draft Token based DND July 2005 After MR1 receives the Binding Acknowledgement, MR1 starts advertising P1 and the Token using Router Advertisements in the Mobile Network. After MR2 registers P2 and the corresponding Token, it advertises them in the same way as MR1. MR1(owner of P1) MR2(owner of P2) HA | | | |-----BU [P1, token, owner]--------|--------------------------------->| | | | |<---------------------------------|---------BA [status=OK]-----------| | | | |--------RA[P1, token]------------>| | | | | | |-----BU [P2, token, owner]------->| | | | | |<--------BA [status=OK]-----------| | | | |<--------RA[P1, token]------------| | Figure 2: sequence: Registration as an Owner Figure 2 shows the sequence where MR1 and MR2 register their own prefixes as Owners. 4.2 Registration as a Borrower When MR2 receives a Router Advertisement with prefix option including P1 and the corresponding Token from MR1, MR2 configures P1 as a prefix which it supports in addition to P2. To indicate support of P1 and P2 to the Home Agent, MR2 sends a Binding Update with two Mobile Network Prefix Options followed by corresponding Token options respectively. The token options for each of the prefix MUST follow the network prefix option as the ordering is used to match a particular prefix to a particular token. Figure 3 shows options in the Binding Update sent from MR2 to the Home Agent. First MNP option includes P2 with the Prefix Delegated Flag (D) set to 0 and the next MNP option includes P1 with the flag set to '1'. Kumazawa, et al. Expires January 12, 2006 [Page 9] Internet-Draft Token based DND July 2005 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length |0| Reserved | Prefix Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . Mobile Network Prefix(P2) . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Token for P2 (generated by MR2) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length |1| Reserved | Prefix Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . Mobile Network Prefix(P1) . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Token for P1 (generated by MR1) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3: Mobility Options of the Binding Update sent from MR2 When the Home Agent receives the Binding Update from MR2, it updates the entry of P2 and examines the Token option following the prefix option of P1. When it equals to the Token registered by MR1, the Home Agent acknowledges the Binding Update by sending a Binding Acknowledgement. MR2 becomes the Owner of P2 and the Borrower of P1 after the registration finishes successfully. MR1 registers as the Owner of P1 and the Borrower of P2 as well. Hence data packets meant for P1 and P2 can be forwarded via either MR1 or MR2. 4.3 Refreshment of Token A Token is updated periodically and registered with a Home Agent by the Owner of the prefix. After the Owner finishes registration successfully, they include the updated Tokens in Router Advertisements. When the Borrower finds the Token updated, it sends a Binding Update with the update Token to the Home Agent. If the Borrower moves away from the Mobile Network and Router Advertisements from the Owner do not reach it, it can't obtain the updated Token. After the Token is updated, Binding Updates with old Tokens are rejected by the Home Agent. Hence, a Borrower which moves away from the mobile network Kumazawa, et al. Expires January 12, 2006 [Page 10] Internet-Draft Token based DND July 2005 can't keep sharing the prefix. 4.4 Registration Request from Token based DND-unaware Mobile Routers A Binding Update without Token option means that the prefix must not be shared with any Mobile Router. Hence Mobile Network Prefixes owned by Mobile Routers unaware of Token based DND will not be shared. Kumazawa, et al. Expires January 12, 2006 [Page 11] Internet-Draft Token based DND July 2005 5. Format 5.1 Mobile Network Prefix Option A new Prefix Delegated flag (D) is included in a Mobile Network Prefix Option to indicate that the prefix is owned (0) or borrowed(1) by a Mobile Router sending the Binding Update. The rest of the Mobile Network Prefix Option format remains the same as defined in [2]. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length |D| Reserved | Prefix Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Mobile Network Prefix + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Prefix Delegated Flag (D) The Prefix Delegated Flag is used to indicate to its Home Agent that the Mobile Network Prefix is owned or borrowed. If the flag is set to 0, the prefix is owned by the Mobile Router. If the flag is set to 1, the prefix is borrowed from another Mobile Router(Owner). 5.2 Token Option Token options are included in a Binding Update. A Token option corresponds to a Mobile Network Prefix Option placed ahead it. Token options are also included in Router Advertisements distributed from an Owner to Borrowers. In a Router Advertisement, a Token option is placed next to a Prefix Option including the Mobile Network Prefix. Kumazawa, et al. Expires January 12, 2006 [Page 12] Internet-Draft Token based DND July 2005 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Token | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type TBA Length 8 bit unsigned integer indicating the length in octests of the option excluding the type and length fields. Set to 8. token 2 bytes field contains token. 5.2.1 Binding Acknowledgement The Binding Acknowledgement format used in this document is the same as defined in [2]. This document introduces the following new Binding Acknowledgement status values. 2 (TBA) DND test and set up are completed successfully Kumazawa, et al. Expires January 12, 2006 [Page 13] Internet-Draft Token based DND July 2005 6. Mobile Router Operation A Mobile Router is defined as either Owner or Borrower for each Mobile Network Prefix it supports. An Owner and Borrowers share Mobile Network Prefixes using Token. 6.1 Data Structure A Mobile Router maintains a Binding Update List, described in Section 5.1 of NEMO Basic Support specification [2]. This document introduces a new Token field and a Prefix Delegated Flag (D). The followings are relationships between Token and Prefix Delegated Flag (D). Prefix Delegated Flag (D) is set to 0 ( the Prefix is owned by the Mobile Router) * Token is generated or updated by the Owner. 'NULL' in Token field means that the Prefix is not shared. Prefix Delegated Flag (D) is set to 1 (the Prefix is borrowed from an Owner) * Token is extracted from Router Advertisements sent from the Owner. 6.2 Sending Binding Updates A Mobile Router sends a Binding Update including Mobile Network Prefix Options described in Section 5.2 of [2]. The difference from [2] is that a Mobile Router sets a Prefix Delegated Flag (D) of each Mobile Network Prefix Option and adds Token Options if necessary. A Mobile Router MUST send a Binding Update in Explicit mode when it uses any Token option. A Mobile Router includes options and sets flag of the options in the Binding Update as follows. When the Mobile Router includes Token Options in a Binding Update, it MUST put each Token Option next to the corresponding Mobile Network Prefix option. Kumazawa, et al. Expires January 12, 2006 [Page 14] Internet-Draft Token based DND July 2005 Owner The Mobile Router sets the Prefix Delegated Flag (D) to 0 in a Mobile Network Prefix Option and MUST put a Token Option next to it when the Mobile Router allows the Prefix to be shared. The Mobile Router doesn't put a Token Option when it doesn't allow sharing the Prefix. Borrower A Mobile Router sets the Prefix Delegated Flag (D) to 1 in a Mobile Network Prefix Option and puts a Token Option next to it. Mobile Network Prefix Option MUST be followed by the corresponding Token Option when its Prefix Delegate Flag is set to '1'. 6.3 Receiving Binding Acknowledgements If the status field of Binding Acknowledgement is '2' to indicate that the Home Agent processed prefixes and Tokens successfully, the Mobile Router assumes that the Home Agent set up forwarding for all the Prefixes including borrowed ones. The Mobile Router can then start using bi-directional tunnels for the Prefixes. If the status is set to '0', the Mobile Router assumes that the Home Agent isn't aware of the Token based DND and acts as described in [2]. In this case the Mobile Router SHOULD re-send the Binding Update including only its own Prefixes without Token Options. After the Binding finishes successfully, the Mobile Router then starts sending Router Advertisement including Prefixes which it owns and corresponding Tokens if any. The Mobile Router MUST NOT advertise Prefixes nor Tokens of which it is not the Owner but the Borrower. The Mobile Router SHOULD NOT include a Token option which is set to NULL in Router Advertisement messages. When the Mobile Router receives a Router Advertisement including a new Prefix and a corresponding Token from the Owner of the Prefix, it MAY become the Borrower of the Prefix by sending a Binding Update along with the token option. Kumazawa, et al. Expires January 12, 2006 [Page 15] Internet-Draft Token based DND July 2005 6.4 Error Processing This document doesn't introduce any new Binding Acknowledgement status value for errors. Since the Token based DND operates only in Explicit mode, the Mobile Router interprets the Binding Acknowledgement status values as described in Section 5.4.2 of [2]. A Mobile Network Prefix with Prefix Delegated Flag set to '1' will be rejected in two cases. One is when the Token is different from that registered by the Owner and the other is when no Owner registers the Prefix. The Binding Acknowledgement is returned with status '141' in both of the cases. In these cases, the Mobile Router SHOULD wait until an updated Token is distributed from the Owner or send a Binding Update without the Mobile Network Prefix borrowed from the Owner. 6.5 Token Update An Owner MUST update Tokens periodically. When a Borrower moves away from the mobile network, the Tokens held by the Borrower would be obsolete and enable the Home Agent to find the movement of the Borrower. The Owner MUST advertise the updated Tokens using Router Advertisement as soon as it finishes the registration of the Tokens. The Owner MUST NOT advertise the update Tokens until it receives the Binding Acknowledgement message indicating that the Home Agent finishes the registration successfully. The Owner need not include Token options in the Binding Update when it doesn't intend to update them. The Owner sets 'NULL' to the Token in the Binding Update when it intends to stop the sharing of the prefix by other Mobile Routers (Borrowers). The Borrower MUST send a Binding Update including the update Tokens as soon as it finds the Tokens updated in Router Advertisement. 6.6 Returning Home When a Mobile Router returns home, it de-registers with its Home Agent. After de-registration, the Mobile Router MUST NOT include any Token option corresponding to its own Prefixes in Router Advertisements since Tokens can't be registered with the Home Agent at home. This means that Mobile Network Prefixes can't be shared while the Owner of the Prefixes is connected to home link. The Borrower MUST send a Binding Update not including the Prefixes as soon as it finds the corresponding Token options removed from Router Advertisement from the Owner. Kumazawa, et al. Expires January 12, 2006 [Page 16] Internet-Draft Token based DND July 2005 7. Home Agent operation 7.1 Data Structures 7.1.1 Binding Cache The Binding Cache is a conceptual data structure described in detail in [5] and [2]. This document introduces a new Token field and a Prefix Delegated Flag (D). A Home Agent stores a Token corresponding to a Mobile Network Prefix when the Prefix Delegated Flag is set to '0' in the Mobile Network Prefix Option. 7.1.2 Prefix Table Prefix Delegated Flag (D) might need to be introduced in a Prefix Table Entry since the Home Agent SHOLUD be able to prevent the following cases: o As an Owner, a Mobile Router claims Mobile Network Prefixes owned by another Mobile Router (Owner). o A Mobile Router borrows Mobile Network Prefixes not allowed from the Owner of them. 7.2 Mobile Network Prefix Registration A Home Agent performs the following check of all of the Mobile Network Prefix Options and Token Options in the Binding Update in addition to checks in [2] in the case Mobile Router Flag (R) is set. o If there is any Token option which isn't placed next to a Mobile Network Prefix Option, it MUST reject the Binding Update and send a Binding Acknowledgement with status set to 143 (Forwarding Setup failed). When the Prefix Delegated Flag (D) is set to '0', it performs the following checks. o If there is already a binding cache entry or Prefix Table entry which has the same Prefix owned by another Mobile Router (Prefix Delegated Flag (D) is set to '0'), the Home Agent MUST reject the Binding Update and send a Binding Acknowledgement with status set to 142 ( Not Authorized for Prefix). When the Prefix Delegated Flag (D) is set to '1', it performs the following checks. Kumazawa, et al. Expires January 12, 2006 [Page 17] Internet-Draft Token based DND July 2005 o The Home Agent MUST reject the Binding Update and send a Binding Acknowledgement with status set to 141 (Invalid Prefix) in the following cases: * The Mobile Network Prefix Option isn't followed by a Token Option. * NULL (all zero) is set in a Token Option. * The Mobile Network Prefix is not registered by any Owners. * The Token is different from that registered by an Owner in the Binding Cache Entry. When the Home Agent has a valid binding cache entry with a Prefix Delegate Flag (D) set '1', it SHOULD NOT delete the entry with just one error of a Token. This is because a Borrower may not be able to obtain an updated Token as soon as the update occurs necessarily. However, the Home Agent might need to delete the entry if the number of errors exceeds threshold before it expires. If all checks are passed, the Home Agent creates a binding cache entry for Mobile Router's Home Address, or updates the binding cache entry if it already exists. When it has a valid binding cache entry with a Prefix Delegated Flag (D) set to '0' and it receives the Binding Update including the Mobile Network Prefix Option without a Token Option, the Home Agent doesn't update the Token. When it creates a binding cache entry with Prefix Delegated Flag (D) set to '0' by receiving a Binding Update including a Mobile Network Prefix Option without a Token Option, it sets NULL in the Token field of the entry. After setting up Mobile Network Prefixes and corresponding Tokens and forwarding, the Home Agent sends a Binding Acknowledgement with status set to '2' to indicate that the setup finishes successfully. If all of the tokens set up with the Binding Update are configured to 'NULL' and no Token option is included in the Binding Update, it MUST send the Binding Acknowledgement with status '0'. 7.3 Forwarding Packets When the Home Agent forwards a data packet destined for a Mobile Network Prefix, the Home Agent selects one Mobile Router among an Owner and Borrowers of the Prefix. This selection will be done based on various policies. The selection of Mobile Router is outside the scope of this document. Kumazawa, et al. Expires January 12, 2006 [Page 18] Internet-Draft Token based DND July 2005 8. Security Consideration 8.1 Protection of Tokens Tokens MUST NOT be obtained except by a Home Agent and nodes including Mobile Routers within a Mobile Network. Token Option in Binding Updates from a Mobile Router to the Home Agent would be protected with IPsec. Router Advertisements including Token Option MUST be prevented from being snooped by nodes outside the Mobile Network using some security mechanism such as layer 2 encryption. 8.2 how to generate Tokens A Token is used for a Home Agent to confirm reachability between an Owner and Borrowers via just one link. The following is not goal of using Tokens: o To indicate to the Home Agent that a Mobile Router claiming a Mobile Network Prefix is a true Owner of the Prefix. Hence it is enough to generate a random number as a Token and a Token need not be associated with any information. 9. References [1] Ernst, T., "Analysis of Multihoming in Network Mobility Support", draft-ietf-nemo-multihoming-issues-02 (work in progress), February 2005. [2] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. Thubert, "Network Mobility (NEMO) Basic Support Protocol", RFC 3963, January 2005. [3] Ernst, T., "Goals and Benefits of Multihoming", draft-ernst-generic-goals-and-benefits-01 (work in progress), February 2005. [4] Ernst, T. and H. Lach, "Network Mobility Support Terminology", draft-ietf-nemo-terminology-03 (work in progress), February 2005. [5] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support in IPv6", RFC 3775, June 2004. [6] IETF NEMO (NEtwork MObility) working group mailing list, Archive: http://www.ietf.org/html.charters/nemo-charter.html. Kumazawa, et al. Expires January 12, 2006 [Page 19] Internet-Draft Token based DND July 2005 [7] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. Authors' Addresses Masayuki Kumazawa Panasonic (Matsushita Electric Industrial Co., Ltd.) 4-5-15 Higashi-shinagawa Shinagawa-ku, Tokyo Japan Yasuhiko Watanabe Panasonic (Matsushita Electric Industrial Co., Ltd.) Taisuke Matsumoto Panasonic (Matsushita Electric Industrial Co., Ltd.) Sathya Narayanan Panasonic Digital Networking Lab Two Research Way, 3rd Floor Princeton, NJ 08536 USA Kumazawa, et al. Expires January 12, 2006 [Page 20] Internet-Draft Token based DND July 2005 Appendix A. Change Log From -00 to -01 o Added (n,*,n) case to (n,*,1) case. o Moved Prefix Delegated Flag from Binding Update to Mobile Network Prefix Option o Only Owner can generate tokens while a Home Agent could also do in -00. From -01 to -02 o Added usage scenarios (Section 3) Kumazawa, et al. Expires January 12, 2006 [Page 21] Internet-Draft Token based DND July 2005 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Kumazawa, et al. Expires January 12, 2006 [Page 22]