2.5.2 IP Routing for Wireless/Mobile Hosts (mobileip)

NOTE: This charter is a snapshot of the 45th IETF Meeting in Oslo, Norway. It may now be out-of-date. Last Modified: 06-Jul-99

Chair(s):

Erik Nordmark <nordmark@eng.sun.com>
Basavaraj Patil <bpatil@nortelnetworks.com>

Routing Area Director(s):

David Oran <oran@cisco.com>
Rob Coltun <rcoltun@siara.com>

Routing Area Advisor:

Rob Coltun <rcoltun@siara.com>

Mailing Lists:

General Discussion:mobile-ip@standards.nortelnetworks.com
To Subscribe: listserv@standards.nortelnetworks.com
In Body: subscribe mobile-ip first_name last_name
Archive: http://www.nortelnetworks.com/standards/

Description of Working Group:

Note: Dave Oran (oran@cisco) is the WG Advisor

The Mobile IP Working Group has developed routing support to permit IP nodes (hosts and routers) using either IPv4 or IPv6 to seamlessly "roam" among IP subnetworks and media types. The Mobile IP method supports transparency above the IP layer, including the maintenance of active TCP connections and UDP port bindings. Where this level of transparency is not required, solutions such as DHCP and dynamic DNS updates may be adequate and techniques such as Mobile IP not needed.

The WG moving forward will focus on deployment issues in Mobile IP and provide appropriate protocol solutions to address known deficiencies and shortcomings. For example, the wireless/cellular industry is considering using Mobile IP as one technique for IP mobility for wireless data. The working group will endeavor to gain an understanding of data service in cellular systems such as GPRS, UMTS, CDMA2000, and interact with other standards bodies that are trying to adopt and deploy Mobile IP WG protocols in these contexts. In order to provide a complete solution and a set of protocols that can be used as a roadmap for widespread deployment, the following work needs to be accomplished by this WG. In the near term, the WG needs to work on:

- Use of NAIs to identify mobile users/nodes.

- Specifying how Mobile IP should use AAA functionality to support inter-domain and intra-domain mobility.

- Evolve the security framework/trust model for mobile nodes.

- Develop solutions for IPv4 private address spaces for the scenarios needed for deployment.

- Documenting any requirements specific to cellular/wireless networks.

In the longer term, the WG needs to address:

- Additional IP-based solutions for micro mobility (movement within a subnet).

- QoS in the mobile IP environment using diff-serv and/or int-serv/RSVP.

- Location Privacy.

The Working Group will ensure that solutions proposed for these problem domains are suitable for IPv4 and IPv6 respectively.

Goals and Milestones:

Done

  

Review and approve the charter, making any changes deemed necessary.

Done

  

Post an Internet-Draft documenting the Mobile Hosts protocol.

Done

  

Review the charter of the Mobile IP Working Group for additional work required to facilitate non-host mobility.

Jul 96

  

Submit the IPv4 Mobile Host Protocol to the IESG as a Proposed Standard.

Dec 96

  

Submit the IPv6 Mobile Host Protocol to the IESG as a Proposed Standard.

Mar 97

  

Review the WG charter and update as needed.

Jun 99

  

Review the WG charter and update based on current needs and focus.

Jun 99

  

Submit the Mobility Support in IPv6 to the IESG for consideration as a Proposed Standard.

Jun 99

  

Submit Internet-Draft for NAI support in Mobile IP to IESG for consideration as a Proposed Standard.

Aug 99

  

Review the use of AAA in Mobile IP to support inter-domain and intra-domain mobility and dynamic home agent assignment.

Dec 99

  

Review security framework requirements for Mobile IP.

Dec 99

  

Review solutions and submit drafts for mobility in private address spaces.

Dec 99

  

Submit draft on using AAA in Mobile IP for inter-domain and intra-domain mobility as a proposed standard.

Dec 99

  

Submit draft capturing cellular requirements to IESG as an Informational RFC.

Jul 00

  

Review QoS in a Mobile IP enabled network.

Jul 00

  

Submit Mobile IPv6 MIB to IESG for consideration as a Proposed Standard.

Sep 00

  

Submit the IPv4 Mobile IP Protocol to the IESG for consideration as a Draft Standard.

Internet-Drafts:

Request For Comments:

RFC

Status

Title

 

RFC1853

  

IP in IP Tunneling

RFC2005

PS

Applicability Statement for IP Mobility Support

RFC2004

PS

Minimal Encapsulation within IP

RFC2003

PS

IP Encapsulation within IP

RFC2002

PS

IP Mobility Support

RFC2006

PS

The Definitions of Managed Objects for IP Mobility Support using SMIv2

RFC2344

PS

Reverse Tunneling for Mobile IP

RFC2356

  

Sun's SKIP Firewall Traversal for Mobile IP

Current Meeting Report

Minutes of the Mobile IP Working Group Meeting at IETF45, Oslo Norway

Logistics:
Total attendance for the two sessions was 227.
Reported by: Phil Roberts and Gabriel Montenegro

Session 1 : Thursday, July 15th 1-3 PM

Vipul Gupta presented his draft on an inline security parameter extension (draft-gupta-mobileip-inline-secparams-00.txt)

- Designed to carry parameters that are usually configured out of band. Transition to public key while allowing private key. Motivation is to simplify pk authentication with Mobile IP, allowing inline exchange of pk certificates.
- Charlie Perkins raised the issue that before 2002 last call a previous related approach was rejected because of _ claims _ it might be insecure based on identifying the security algorithm by a key-id field. Charlie's point of view is that identifying the algorithm does not make the approach less secure to any significant degree and so MIP might use the same approach as in IPSEC and secure DHCP with no adverse effects. Vipul pointed out that even in IPSEC the algorithm is easy to discover. The same kind of approach is also being used in secure DHCP.
- Basavaraj Patil asked whether this didn't raise a lot of overhead which is a concern in wireless networks. Vipul responded that it did, but only once at the start of an exchange.

The group agreed to discuss how to proceed with this draft on the mailing list.

Martin Johnsson presented his draft on simple Mobile IP (draft-ietf-mobileip-simpleip-01.txt) The basic idea here is to use a fixed name but allow a variable IP address and provide this as an alternative to Mobile IP for certain applications with limited mobility and restricted organizational scope.

- Dave Johnson wanted to know why this was simpler than Mobile IP and what was wrong with Mobile IP that would make one want to use this approach instead? Martin asserted that there are fewer options, it is better at symmetric routing, easier to comprehend and manage. Dave still wanted to know why this was the case. Others wanted to know why this instead of Mobile IP. What was wrong with Mobile IP. Martin responded that this is really for a mobile terminal (laptop, notebook).
- Someone asserted that this approach doesn't provide application level mobility (editor: presumably due to the changing IP address during a "session"). Martin's response to this was : The IP address allocated to what is referred to the Mobile LAN (MLAN) (the IP layer below TCP/UDP) in SMIP is NEVER changing after a terminal/user once logged on to the network. Application mobility is in this sense the same as for MIP.
- Charlie Perkins asked whether the author had compared this to option 68 in DHCP.
- Gopal Dommety asked how authentication was to be handled. The author envisions this to be used in only one organizational scope.
- Milo Orsic raised questions about the utility of this approach where the mobile entitiy is a host.
- Someone raised a question about how DHCP can provide two addresses as called for in the proposal. Martin responded that DHCP will need to be enhanced to support this.

Karim El Malki presented his proposal for fast handoffs (draft-elmalki-mobileip-fast-handoffs-00.txt)

- Idea is to add an extra fast handoff method to Mobile IP to support inelastic services. Anticipate movement and create an auxiliary flow to prepare for handoff. Uses simultaneous binding in cdma where appropriate. Uses hierarchical agents (mip regionalized tunnel mgmt). Conclusion is to use this as a migration to 3G because of cdma technology support for simultaneous bindings, hierarchical networks are scalable. Cellular QoS to be based on intserv and diffserv.
- Charlie Perkins raised a question about whether one might do multicast registration messages based on link-layer detection of mobility and the answer was yes.
- Charlie next raised a question about whether it might be better to increase the frequency of advertisement messages when link layer information is not available and the answer was in general no for wireless systems IF it would chew up bandwidth. There are examples where increased frequency of advertisements would NOT consume too much bandwidth.
- When a question was raised about how an application handles receiving multiple copies of the same packet due to the multicast it was pointed out that TCP will sort that out for TCP based apps.

Erik Nordmark made a short presentation on IPv6 site prefixes (draft-ietf-ipngwg-site-prefixes-03.txt)

- Goals are to make site renumbering easier by reducing impact on communication within the site. Avoid breaking long running TCP connections internal to the site. Tolerate broken applications which store ip addresses. Administrative control of which nodes use site-local addresses.
- Recommendation is not to give mobile node's site local address, otherwise the mechanism in this draft are needed.

Ram Ramjee presented his draft on HAWAII (draft-ietf-mobileip-hawaii-00.txt)

- HAWAII is transparent to mn's that use mip w/extensions. The mip security model applies to HAWAII. The goal is for mobility to be handled locally.
- Design goals are to process updates locally (scalable) - regionalized tunnel mgmt; forward packets if necessary (limit disruption); avoid tunneling where possible (efficiency); qos ; leverage fault detection mechanism in routing protocols for reliability.
- Gopal Dommety pointed out that this does not rely on traditional routing procedures for failure detection and recovery and Ram commented that this is part of what HAWAII is supposed to do.
- It was pointed out that there is a patent involved here but the draft is 2026 compliant.

Emad Quadoura presented security enhancements for route optimization (draft-mkhalil-mobileip-optim-sec-00.txt)

- This solves a particular problem that a new foreign agent can begin to receive mn's data before being authenticated. Soln is not to send data to the new fa before authentication is complete.
- Charlie Perkins commented that the binding update should be secure (see secure keys) And that it was done so that you can start to receive your own data faster. One doesn't have to couple the start buffer request with the handoff.
- Dave Johnson stated that the registration reply indicates that the mn is who it claims to be. It doesn't prove anything to the fa. Binding update does not prove who the mn is, just that it's the same mn that was there before.
- Emad answered that this extension does allow the fa to be authenticated. Dave responded that that's not required.

Session 2 : Friday, July 16th 9-11:30 AM

Charlie Perkins presented the AAA requirements material for Mobile IP (draft-ietf-aaa-mobile-ip-req-00.txt)

- This is a summary of the Mobile IP requirements for AAA done for the AAA working group. The AAA working group is looking at results 2-3 years out.
- Milo Orsic asked about how an operator or network provide could terminate an existing authorization. Charlie responded that if this is needed it belongs as a AAA requirement but that there is no procedure for doing this with Mobile IP now. A separate work item would be needed to enable this functionality.
- Dave Johnson observed that such a capability would enable a denial-of-service attack.
- Tom Hiller suggested that DIAMETER be standardized in this group since US cellular can't wait for 2-3 years for a AAA protocol. Charlie suggested that it would be better to state requirements from a Mobile IP perspective rather than endorse a particular protocol. Stuart Jacobs suggested that secret key based systems need a lot more review. Pat Calhoun pointed out that roamops has taken up DIAMETER as a work item pending AD approval. Milo Orsic repeated that the network needs to be able to terminate a session. Erik Nordmark suggested the appropriate approach to handling an interface to a AAA system is to publish requirements for Mobile IP and to add extensions to Mobile IP to allow interoperabilty with whatever AAA system becomes standard.
- The working group was asked for its opinion on this issue. The working group agreed to requirements and extensions to enable interaction with AAA rather than agreeing to a particular AAA protocol.

Fergal Ladley presented his proposal for using DIAMETER with Mobile IP mainly for Mobile IP v6 (draft-ladley-diameter-pr-00.txt)

Pete McCann presented his proposal to use DIAMETER and Mobile IP together for security policy and key distribution (draft-mccann-transform-00.txt)

- Vipul Gupta raised some questions about the overhead associated with an IKE distribution system. He asserted that the number of messages going over a high bandwidth network would probably not be a problem. Pete responded that even a 6 message exchange would produce a high latency, and that latency was more the issue than bandwidth usage. Vipul asserted that with less than 3 messages you can't have replay protection. Pete suggested it could be done with AAA. Charlie Perkins pointed out that Mobile IP has replay protection using nonces and that it doesn't require 3 messages. Dave Johnson reminded the group that IBM has a patent claim on nonce technology.
- Vipul and Pete began a discussion of using IKE for identifying individuals. Pete pointed out that it is a requirement to identify individual mobiles, not on a per FA destination and agreed he and Vipul could talk more about it offline.

Basavaraj Patil presented his draft on the use of IPSec with Mobile IP (draft-bpatil-mobileip-sec-guide-00.txt)

- Charlie Perkins raised an issue that MCMGF participates in each message exchange and Raj responded that it is routed through. Charlie followed up asking who authenticates the message and that the MN and home agent need a security association. Raj responded that there is an authentication center that is not depicted. Pat Calhoun asked who establishes the trust relationship between the MN & FA. Raj responded that the MN obtains a session key in the registration response message and the MN and FA then use IKE to establish an IPSEC SA.

Charlie yielded the slot allocated to discuss private addresses for a discussion of the problem with tunnel identifiers and GRE. GRE is an informational RFC but there is some growing interest in a number of areas to use it, and it could use some cleanup.

Erik suggested that GRE could be moved rather strictly to a standards track by the IESG.

The conversation on use of Mobile IP and private addresses came to the following summary:

Dave Johnson observed that three speakers have stated that the last option is not possible. We will discuss this on the mailist list to determine how we should continue to pursue the use of private addresses with Mobile IP.

Ken Peirce presented his draft on interaction between Mobile IP, DIAMETER, and RADIUS (draft-ietf-mobileip-radius-challenge-00.txt) The draft deals with interactions between existing "AAA" systems including RADIUS, DIAMETER, and transitions from one system to the next.

- Pat Calhoun asked who generates key info. Assuming that there is a DIAMETER server in the HA network, there is a DIAMETER server in a broker network which generates the keys.
- Charlie Perkins pointed out that an SPI may not have to be allocated from the reserved set but that an extension could be added for this.

Bob Heile presented an overview of IEEE 802.15 activities. Bob is attempting to create liaisons with Mobile IP and manet working groups in the IETF.

Further information is available from the web as follows:
- WPAN Archives: http://grouper.ieee.org/groups/802/15
- WPAN Mailing List: stds-802-wpan@majordomo.ieee.org
- IEEE 802.11: http://grouper.ieee.org/groups/802/11
- Bluetooth Special Interest Group: http://www.bluetooth.com
- Home RF Working Group: http://www.homerf.org/

Lubovic Bellier made a presentation on hierarchical mobility management (draft-castelluccia-uhmm-framework-00.txt)
- Dave Johnson commented that this is in contrast with the design goals of mipv6

Ram Ramjee made a very brief presentation on paging in HAWAII as we were running out of time (draft-ietf-mobileip-paging-hawaii-00.txt)

We then began a discussion of the document cleanup on the web page. Since there wasn't time to do it justice, we decided to continue the cleanup on the mailing list. Raj has already mailed out the draft naming policy. The goal of the cleanup will be to eliminate expired drafts, rename drafts in accordance with the draft naming policy, get a current update on the status of existing drafts, and move those drafts to last call which are ready for it.

Dave Johnson raised an issue that the draft Mobile IP version 2 is misnamed as it is the same Mobile IP, just a cleaned up document, not a completely new version of Mobile IP.

Slides

802.15 Working Group for Wireless Personal Area Networks
Security Requirements/Implementation Guidelines for M-IP using IPSec
Security Enhancements for Route Optimization
Simple Mobile IP
AAA Requirements from Mobile IP
Private Addresses for Mobile IP
Toward a Hierarchical Mobility Management Framework for IPv6
Fast Mobile IP Handoffs in Cellular Systems
IP Micro- Mobility Support Using HAWAII
Authenticator Creation/Veri_cation
Paging support for IP Mobility Using HAWAII
IP Transform Policy Distribution Using Mobile IP/DIAMETER