Network and Protocol Team N. Montavont Internet-Draft T. Noel Expires: January 21, 2004 LSIIT July 23, 2003 Home Agent Filtering for Mobile IPv6 draft-montavont-mobileip-ha-filtering-v6-00.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 21, 2004. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. Abstract Mobile IPv6 allows a MN to receive incoming packets to its home address while it is away from its home network. In a heterogeneous environment, a MN may have multiple interfaces, each with different characteristics. While a MN is in a visited network, due to the performance of the interfaces or to the user preferences, the MN may want to forbid the redirection from its home agent of a kind of flow, or to indicate a target CoA for a kind of flow. In this draft, we propose new mobility options that allow a MN to advertise filters to its home agent. A filter is associated with a CoA, in such a way that the MN can register several CoA and can register several filters for one CoA. A filter may indicate that a flow which maps to a Montavont & Noel Expires January 21, 2004 [Page 1] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 filter must be dropped or must be redirected to the indicated CoA. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. New mobility options . . . . . . . . . . . . . . . . . . . . 4 2.1 Primary filtering option for BU . . . . . . . . . . . . . . 4 2.2 Primary filtering option for BA . . . . . . . . . . . . . . 6 2.3 Port Number Filtering sub-option . . . . . . . . . . . . . . 7 2.4 CN Source Address filtering sub-option . . . . . . . . . . . 7 2.5 Protocol ID Filtering sub-option . . . . . . . . . . . . . . 9 3. Filtering operations . . . . . . . . . . . . . . . . . . . . 10 3.1 Rules for maintaing several bindings . . . . . . . . . . . . 10 3.2 MN operations . . . . . . . . . . . . . . . . . . . . . . . 10 3.2.1 Register new filter . . . . . . . . . . . . . . . . . . . . 11 3.2.2 Update a filter . . . . . . . . . . . . . . . . . . . . . . 12 3.2.3 Delete a filter . . . . . . . . . . . . . . . . . . . . . . 13 3.3 Home agent operations . . . . . . . . . . . . . . . . . . . 13 3.3.1 Receiving BU with filtering option(s) . . . . . . . . . . . 13 3.3.2 Deleting an entry in the binding cache . . . . . . . . . . . 13 4. Security considerations . . . . . . . . . . . . . . . . . . 15 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 16 References . . . . . . . . . . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 17 Intellectual Property and Copyright Statements . . . . . . . 18 Montavont & Noel Expires January 21, 2004 [Page 2] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 1. Introduction Mobile IPv6 [1] allows a MN to receive incoming packets to its home address while it is away from its home network. But nowadays, it is common to see laptop or handled devices which integrate several network interfaces. Mobile IPv6 does not explicitly specify how a MN may handle several CoAs (e.g. different network interfaces) bound to a single home address. In such a heterogeneous environment, a MN may want to spread its incoming flows on its several network interfaces (if available). Or, due to the performance of such technology, a MN may want to not receive a determined class of traffic. In this document, we propose new options of Binding Update (BU) in order to allow a MN to register several CoAs with its home agent and set filter(s) on traffic class associated with the CoAs. The goal of this draft is to allow the filtering of flows, or the redirection from the home agent of flows between several CoAs of a MN. Such a packet filtering was already done by [4] for Mobile IPv4 [7]. In IPv6, documents [5] and [6] explains how to use Mobile IPv6 when the MN has multiple CoAs/network interfaces, but do not allow an explicit per-flow redirection between different CoAs/network interfaces. The document [2] already deals with a per-flow movement between a MN's network interfaces. However, this document only gives the key to redirect and not to filter flows. In this document we propose new filtering options for BU that allow the MN to request its home agent to set filter(s) on potential future incoming packets or on current incomming packets. Due to the needed resources to manage filters, we focus on the home agent filtering. Moreover, since new flows from a CN will be sent to the home address of the MN, the home agent is the best place to perform filtering. The filtering options are quite flexible: the filter can only be on a port number (source, destination or whatever), on the CN source address, or on the quintuplet source/destination port numbers/ addresses and protocol number. Moreover, the MN can request the home agent to redirect packets that match the filter to a specific CoA, or to drop all packets matching the filter. The document is organized as follows. In the next section we detail the mobility options to perform packets filtering on home agent. In section 3 we developp the MNs and home agent operations. Then we consider security issues in the last section. Montavont & Noel Expires January 21, 2004 [Page 3] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 2. New mobility options In this section, we define new options to perform home agent filtering. These options are included within BU sent to the home agent and BA generated by the home agent. The information in such an option allows a home agent to filter current or future flows based on one (or several) identification of the flow. The flow identification is based on the port numbers (source and/or destination) and/or CN address and/or protocol ID. The filtering option in BU also includes a flag that indicates whether the flow which maps a filter must be dropped or forwarded to one of the current CoA of the MN. The filtering option is composed of a primary option which indicates the operations to take, and of one or more sub-option(s) which indicates the filter. The primary option is different whether the filtering option is included into a BU or a BA. If the MN wants to set a filter on several parameters of a flow (such as a source port and CN source address in the same filter), different sub-options MUST be introduced for the same primary filtering sub-option. Thus all sub-options will be taken as a unique filter. In this case, each sub-option MUST only indicate one parameter. 2.1 Primary filtering option for BU A MN may introduce a primary filtering option in BU sent to its home agent. This option can be used in two ways: either the MN requests its home agent to discard each packet wich contains the filter, or requests its home agent to redirect packets which map the filter to the specified CoA. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Len |I|R|S|D| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . filtering sub-option(s) . . . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1. Primary filtering option of BU Ignore (I) The Ignore (I) bit is set when the MN requests its home agent to drop every packets that match the filtering sub-option. In this case, the Montavont & Noel Expires January 21, 2004 [Page 4] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 CoA contained in the BU MUST be the primary CoA. If the Ignore (I) bit is not set, the MN requests its home agent to forward packets that match the filtering sub-option to the specified CoA in this BU. Remove Filter (R) The Remove Filter (R) bit is set when the MN wants to delete filter. If the BU includes an explicit filter (such as port number(s) or CN source address(es)), the MN requests that the receiver deletes the corresponding entries. Otherwise, if the BU does not include an explicit filter, all filters associated with the specified CoA MUST be deleted. When the MN creates or updates a filter, the Remove Filter (R) bit MUST NOT be set. Source Port Number (S) The Source Port Number (S) bit is set if the following port number filtering sub-option is the source port of packets. If the following sub-option does not include a port number, the Source Port Number (S) bit MUST NOT be set. Destination Port Number (D) The Destination Port Number (S) bit is set if the following port number filter sub-option is the destination port of packets. If the following sub-option does not include a port number, the Destination Port Number (D) bit MUST NOT be set. If none of the Source Port Number (S) bit and the Destination Port Number (D) bit are set, the advertised port number(s) of the Port Number Filtering sub-option applies to the source port number as well as the destination port number (if a Port Number filtering sub-option is included in the primary filtering option). Reserved These fields are unused. They MUST be initialized to zero by the sender and MUST be ignored by the receiver. Option Type TBD Option Len Length of option Montavont & Noel Expires January 21, 2004 [Page 5] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 2.2 Primary filtering option for BA When the home agent receives a BU including filtering option(s), the home agent MUST send BA to MN in order to inform the MN if the filter can be set. If the home address of the MN is already bound to a primary CoA, the filter option(s) should be considered. If all the filter option(s) can be satisfied, the home agent MUST send a standard BA as specified in [1] without any modification. Otherwise, if at least one of the filtering request can not be satisfied, the home agent MUST send a BA with as much filtering options as than in the BU originated by the MN and MUST indicate for each of them the status of the filter. Otherwise, if the home agent receives a BU with filtering option(s) and has no primary CoA bound to the home address, it MUST reject the BU and send a standard BA with the TBD code status. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Len | Status | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . filtering sub-option(s) . . . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2. Primary filtering option for BA Status 8-bit unsigned integer indicating the disposition of the filtering option. Values of the status field less than 128 are reserved for success. Values of the status field greater than 128 indicate that the filtering option was refused. We propose these values: 0 Filtering option accepted 128 Reason unspecified 129 Insufficient resources 130 Filter not supported Reserved Montavont & Noel Expires January 21, 2004 [Page 6] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 These fields are unused. They MUST be initialized to zero by the sender and MUST be ignored by the receiver. Option Type TBD Option Len Length of option 2.3 Port Number Filtering sub-option A BU with a port filtering sub-option may include more than one port number. However, if the BU includes more than one port number, the same rules will apply on each port number. If the MN wants to set different filters on different ports, it should either send several BU with a Port Number Filtering sub-option, or should include several (primary filtering option - port filtering sub-option) in a BU. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Port Number | ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3. Port number(s) filtering sub-option Port Number The port number for which the filter is valid. Option Type TBD Option Len Length of option 2.4 CN Source Address filtering sub-option A MN may introduce a CN Source Address filtering sub-option in BU sent to its home agent. A BU with a CN Source Address filter may include more than one source address. However, if the BU contains more than one CN Source Address, the same rules will apply on each Montavont & Noel Expires January 21, 2004 [Page 7] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 source address. If the MN wants to set different filters on different adresses, it should either send several BUs, or include several (primary filtering option - CN Source Addresses filtering sub-option) into a BU. This option can be used in two ways: either the MN requests the home agent to drop every packets with the source address(es) indicated in the option, or to redirect the packet(s) with the source address(es) indicated in this option to the specified CoA. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | CN Source Address | | | | ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4. CN Source Address filtering sub-option CN Source Address The source address of packets that the home agent has to filter. Option Type TBD Option Len Length of option Montavont & Noel Expires January 21, 2004 [Page 8] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 2.5 Protocol ID Filtering sub-option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Proto number | ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3. Port number(s) filtering sub-option Proto Number 8-bit unsigned integer representing number of the transport protocol Option Type TBD Option Len Length of option Montavont & Noel Expires January 21, 2004 [Page 9] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 3. Filtering operations The filtering options defined in section 2 allow a MN to request its home agent to perform filtering on incoming packets intended to the home address of the MN. The MN can request its home agent to add a filter on a current flow, or a future potential flow. The filter may indicate two kinds of operations from the home agent: either the home agent must drop every packets which do not match a filter, or the home agent must redirect every packet that matches the filter to the CoA associated with the filter. 3.1 Rules for maintaing several bindings With the new options defined in this document, a MN can now register several bindings in the binding cache of its home agent for a given home address. At any given time, the MN can have several CoAs registered with different filters and/or several filters for a given registered CoA. But each entry must be uniquely idendified. Each entry can be uniquely identified by the filter itself. To do so, the following rules MUST be respected: o For a given home address, a filter can only appear once in the binding cache of the home agent, even for different CoAs. o The binding cache of the home agent may contain several entries for the same couple (home address, CoA). The distinction between these entries is done by the associated filter, which MUST be different for each entry. We will see in the next section how a MN can register, update and delete binding associated with filters. 3.2 MN operations When the MN first connects to a visited network, it has to register a primary CoA with its home agent, as specified in [1]. The primary CoA is one of the reachable IPv6 addresses the MN may have at this time. The choice of the primary CoA is out of scope of this document. The corresponding entry in the home agent binding cache will be considered as the default entry for the MN. Then, if the home agent receives a packet intended to the home address of the MN and does not find a specific filter matching the packet, the home agent MUST use the default entry associated with the home address. Once the MN has registered its primary CoA, it might want to set filter on its home agent. The decision to set a filter can be taken by upper layers according to different policies, but this is out of Montavont & Noel Expires January 21, 2004 [Page 10] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 scope of this document. Then the MN can o Forbid the redirection of packets containing source port number x o Forbid the redirection of packets containing destination port number x o Forbid the redirection of packets containing port number x (source or destination) o Forbid the redirection of packets with the source address x o Forbid the redirection of packets from source address x and from source port number y o Forbid the redirection of packets from source address x and to destination port number y o Forbid the redirection of packets from source address x, source port number y and destination port number z o Request the redirection of packets containing the source port number x to the specified CoA o Request the redirection of packets containing the destination port number x to the specified CoA o Request the redirection of packets containing the port number x (source or destination) to the specified CoA o Request the redirection of packets with the source address to the specified CoA o Request the redirection of packets from source address x and from source port number y to the specified CoA o Request the redirection of packets from source address x and to destination port number y to the specified CoA o Request the redirection of packets from source address x, source port number y and destination port number z to the specified CoA 3.2.1 Register new filter When the MN wants to register a new filter on its home agent, it has to send a BU to register the target CoA with the new filter. If the BU does not contain an alternate CoA option (see section 6.2.5 of Montavont & Noel Expires January 21, 2004 [Page 11] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 [1]), the source address of the BU MUST be the target CoA. Otherwise, if the BU includes the alternate CoA option, the alternate CoA option MUST be the target CoA. If the MN wants its home agent to redirect packets belonging to a flow to a specific CoA, the MN MUST include the primary filtering option plus one or several filtering sub-option (such as Port Number filtering sub-option and/or CN Source Address filter (see section 2.2)). The Ignore (I) bit MUST NOT be set and the Remove Filter (R) MUST NOT be set. Otherwise, if the MN wants to forbid the home agent to redirect packets belonging to a flow, the advertised CoA in the BU MUST be the primary CoA. The BU MUST include a filtering option with the Ignore (I) bit set and the Remove Filter (R) bit not set. The filtering sub-option then indicate the packets filter. 3.2.2 Update a filter When a MN wants to update a binding which has a flow filter on its home agent, it has to send a BU. We distinguish two cases: the first case is when a binding between a home address and a CoA on the home agent is going to expire. If the MN wants to keep all filters associated with a CoA, it just has to send a standard BU as defined in [1] to refresh the binding cache entry. Otherwise, if the MN wants to keep a subset of filters associated with a target CoA, the MN has to send a BU with the chosen filtering option, as a new registration. For other binding linked to the target CoA, the MN can let the binding expires, or explicitly ask the home agent to remove them (see next subsection). The second case is when the MN moves between IPv6 subnets. When the MN moves between IPv6 subnets, one of its regestered CoA may change. Therefore it has to advertise its home agent about the new CoA. If the primary CoA has changed, the MN MUST first send a BU without filtering option to update its default entry. This will update the eventual filters that could have been set on the home agent. Then, if the MN wants to change some filters on the primary CoA, it has to send a new BU with its the appropriate filtering option. If a non-primary CoA of the MN has changed and the home agent had some filter rules with this old CoA, the MN has to update the CoA too. But the MN MUST NOT send a BU without filtering option in this case (because it would update the primary CoA entry). Therefore, the BU MUST contain the filtering option associated with the new CoA. If the MN wants to delete some filters associated with the old CoA, it can let the binding on the home agent expires, or explicitly remove it as explain in the next subsection. Montavont & Noel Expires January 21, 2004 [Page 12] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 3.2.3 Delete a filter When the MN wants to delete filter(s) on its home agent, it has to send a BU with the same filter option(s) as when it has registered the filter, except that the Remove Binding (R) bit MUST be set. This operation will make the home agent find the corresponding entry in its binding cache and delete it. 3.3 Home agent operations The home agent always keep a default entry in its binding cache for a MN. The default entry gives the primary CoA of the MN for a given home address. Then, the home agent can have several entries for the same home address. The filter(s) associated with each other entries than the default entry are sufficient to differentiate the entries, since each filter MUST be unique. 3.3.1 Receiving BU with filtering option(s) When the home agent receives a BU which includes at least one filtering option, it first checks if it already has a default entry in its binding cache for the home address contained in the BU. If it has not a binding for this home address, it MUST send a standard BA to the MN with a code status TBD. Otherwise, if the home agent already has a default entry in its binding cache for this home address, the home agent SHOULD consider the filtering option. First, the home agent checks if the filtering option already exists in its binding cache. If yes, the BU is an update of the entry. Therefore, if the CoA of the BU is different from the CoA in the binding cache, the home agent updates the entry with the new CoA. Otherwise, the home agent updates the lifetime of the corresponding entry. Else if the filtering option is not found in the binding cache, the BU contains a new filter. Therefore the home agent creates a new entry for the home address. Then in both cases, the home agent sends a BA to inform the MN about the filters set for it. 3.3.2 Deleting an entry in the binding cache A home agent might delete an entry in its binding cache for two reasons: either the entry is expired, or the MN explitly asked the home agent to remove a binding. If an entry is going to expire, the home agent SHOULD send a Binding Refresh Advice. If the default entry expires, the home agent MUST delete all other entries of the MN, even for different CoAs. Montavont & Noel Expires January 21, 2004 [Page 13] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 If the home agent receives a BU with a filtering option that has the Remove Binding (R) bit set, the home agent must delete the corresponding entry in its binding cache. Montavont & Noel Expires January 21, 2004 [Page 14] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 4. Security considerations Since the options defined in this document only concern an exchange between the home agent and the MN, IPsec security association as defined in [3] is considered sufficient to protect the integrity and authenticity of BU and BA. Montavont & Noel Expires January 21, 2004 [Page 15] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 5. Acknowledgements The authors would like to thank the members of the French RNRT Cyberte project (France Telecom RD, Cisco System, ENST Bretagne, IRISA, and LSIIT) for their valuable feedback. Montavont & Noel Expires January 21, 2004 [Page 16] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 References [1] Perkins, C. and J. Arko, "Mobility Support in IPv6", June 2003. [2] Soliman, H., Elmalki, K. and C. Castelluccia, "Flow Movement in Mobile IPv6", June 2003. [3] Arkko, J., Devarapalli, V. and F. Dupont, "Using IPsec to protect Mobile IPv6 signaling between Mobile Nodes and Home Agents", June 2003. [4] Fikouras, N., Udugama, A., Koensgen, A., Goerg, C., Zirwas, W. and J. Eichinger, "Filters for Mobile IPv4 Bindings (NOMADv4)", April 2003. [5] Montavont, N., Noel, T. and M. Kassi, "MIPv6 for Multiple Interfaces", July 2002. [6] Wakikawa, R., Uehara, K. and T. Ernst, "Multiple Care-of Address Registration on Mobile IPv6", June 2003. [7] Perkins, C., "IP Mobility Support for IPv4", January 2002. Authors' Addresses Nicolas Montavont LSIIT - Univerity Louis Pasteur PŸle API, bureau C444 Boulevard S‰bastien Brant Illkirch 67400 FRANCE Phone: (33) 3 90 24 45 87 EMail: montavont@dpt-info.u-strasbg.fr URI: http://www-r2.u-strasbg.fr/~montavont/ Thomas Noel LSIIT - Univerity Louis Pasteur PŸle API, bureau C444 Boulevard S‰bastien Brant Illkirch 67400 FRANCE Phone: (33) 3 90 24 45 92 EMail: noel@dpt-info.u-strasbg.fr URI: http://www-r2.u-strasbg.fr/~noel/ Montavont & Noel Expires January 21, 2004 [Page 17] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. Full Copyright Statement Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assignees. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION Montavont & Noel Expires January 21, 2004 [Page 18] Internet-Draft Home Agent Filtering for Mobile IPv6 July 2003 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Montavont & Noel Expires January 21, 2004 [Page 19]