Full interpretation of Mobile IPv6 protocol (1)

Source: Internet
Author: User

Many of our ideas have changed in the form of mutual integration between the Internet and communication networks. With the advent of the IPv6 era, communication network protocols will change. In this context, we propose the Mobile IPv6 protocol. QoS in a mobile IP address is much more complex than that in a fixed IP address. The following problems exist in the use of Differentiated Services for Mobile IP addresses:

◆ Differentiated Services are suitable for well-designed networks with reasonable bandwidth allocation. networks supporting mobile environments are complicated due to the fact that nodes in their networks are moved at any time 。

◆ In differentiated services, service level negotiation (SLA) in different QoS regions (such as networks provided by different ISPs) is often static, the high dynamic environment of the Mobile IP address conflicts with the static bandwidth allocation of differentiated services. Therefore, dynamic service level negotiation must be supported for the Dynamic Bandwidth Allocation of MN 。

◆ At the entrance of different QoS regions, the edge router of the network should identify the grouped streams, traditional grouped streams can be grouped by the 5-tuples (source/destination IP addresses, protocol types, source/destination port numbers) on the group header) and the source IP address (Group sent by MN) or destination IP address (group received by MN) of the group in Mobile IPv6 is the transfer address of MN, the address dynamically changes as the node moves 。

In order to implement Differentiated Services on Mobile IP networks, the network providing mobile services should be precisely designed to Dynamically Predict the bandwidth requirements of mobile nodes and the number of MN for access, or adopt signaling mechanisms such as resource reservation, more accurately predict the bandwidth required to meet the QoS of mobile nodes. For differentiated services, you can select RSVP as the signaling protocol, and analyze the RSVP packets by the edge router of the service network, service configuration parameters are differentiated based on RSVP information modification. However, the design of the existing Resource Reservation Protocol focuses on the network composed of static hosts. In order to support resource reservation in the mobile environment, the RSVP protocol should also be extended and modified to support reserved MN resources. Another way is to define a special IPv6 extension header as a resource reservation signaling, in this way, QoS information, address binding information, and IPv6 data groups can be integrated in one group, saves the signaling overhead. A data stream can be identified based on the local address and flow mark of the Group sent to the mobile IPv6 node, but each edge router needs to support the local address and sink option of Mobile IPv6 。

In addition, the packet transmission latency and packet loss introduced by MN during over-the-zone switching are also urgent problems for Mobile IP addresses. If this problem is not solved, QoS Assurance for mobile Internet will be impossible 。

Mobile IPv6 Protocol Security

When new features are added to the network architecture, new security risks are usually introduced. For mobile IPv6, because the movement of nodes often needs to send Binding Update packets to the local MN proxy and CN, this feature introduces many security issues. The most dangerous potential threat is that the bound update packet has a redirection function for the group. attackers send bound Update packets to CN by impersonating MN, the Group sent to MN can be redirected to the location specified by the attacker. The second is the DOS (Denial Of Service) attack. The attacker can block all the traffic on the unprotected link, it can also prevent communication between MN and other nodes. The means to overcome these threats is identity authentication between MN and local proxy and CN, and between MN and Access Router (or foreign proxy) authentication is also required 。

Mobile IPv6 stipulates that IPSec is used as the security protection for MN binding and updating packets. However, before using IPSec communication, both parties must establish a security association in advance, which authentication and encryption algorithm is used. It is generally considered that it is easy for MN to establish a security association with its local proxy, but in most cases, MN and CN do not have security associations or other security relationships. The wireless access features in mobile communication make the communication content of mobile users more vulnerable to illegal eavesdropping and tampering, user data security can be protected using IPSec or upper-layer security protocols. In addition, the firewall also needs to support the Mobile IPv6 protocol because the source address of the Group sent by the Mobile IPv6 node is the MN forwarding address, it changes with the movement of nodes, and the firewall cannot implement normal grouping filtering if it cannot be identified 。

The use of mobile IP businesses requires the Internet to provide AAA services that support mobile IP addresses, that is, mobile users' authentication, authorization, and billing services. When MN is moved to a foreign network, MN needs to authenticate the foreign agent or access device to determine the validity of the other party, and the foreign agent also needs to authenticate the MN, to prevent unauthorized attacks, authorization and billing mainly involve the usage and usage of MN resources on a foreign network. Currently, IETF has introduced a draft protocol to support AAA services of Mobile IP addresses (RFC 2977and draw.ietf-aaa-diameter-mobileip-08.txt) 。

Failover of mobile nodes

When MN switches over a region, the wireless link must be switched first. If the new and old links are not in the same IP subnet, IP subnet switching is required. Even if the routing optimization technology is adopted, the packet delay during wireless link Switching and subnet switching is considerable, the latency is mainly caused by end-to-end Mobile IP address registration after link switching, the Group sent to MN may be lost. Therefore, the quick switch solution will improve the service quality of the group data 。

In the next-generation wireless communication system, the micro-cell and pico-cell architectures will be used more and more out of consideration for channel saving, this will lead to frequent link Switching. The link switching is usually completed by Layer 2 protocol or hard switching, switching across IP subnets requires a layer-3 protocol or soft switchover, switching can be divided into three types: fast switching, smooth switching, and seamless switching. Fast Switching means low-latency switching. It often uses the cellular multicast method, bandwidth is used to reduce the latency of MN groups during over-region switching. Smooth switching means low loss rate switching. It uses the cache method to reduce the loss of MN groups during over-region switching; seamless switching not only reduces the loss rate of groups, but also reduces the delay of groups 。


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.