;)
The Internet Protocol Version 6 (IPv6) was designed to support mobility through features like its extensible header structure, address autoconfiguration, security (IPsec), and tunneling. Mobile IPv6 builds upon these features and defines operations that enable a mobile node to move from one link to another without changing the node's IP address. In this way, packets can be routed to and from mobile nodes transparently when they are on another network.
The Mobile IPv6 implementation has the following restrictions:
Not supported on TruCluster systems.
Does not support Binding Update authentication as specified
in the IETF Internet Draft for
Mobility Support in IPv6
(draft-ietf-mobileip-ipv6-15.txt), Section 4.4, including
the Authentication Data Sub-option defined in Section 5.6.
For that reason,
limit the use of this implementation to test environments that are not subject
to attack, since system integrity might be compromised by accepting unauthenticated
bindings.
This chapter describes the following:
For problem solving information, see
Section 10.4.
5.1 Mobile IPv6 History
In communications the trend is towards mobility. Mobile telephones have already transformed business and personal interactions. Computers, especially laptop computers and handhelds, are also mobile, but they currently do not enjoy the continuous connectivity that the mobile telephones have.
Today, there are very basic data services that use the Wireless Application Protocol (WAP) and General Packet Radio Service (GPRS). But the demand for full voice and data mobile communications is being driven by the following trends:
Development of Third Generation (3G) networks
Large amounts and types of content available on the Internet, including video, voice, and images
Ever increasing number of wireless subscribers and Internet users
Development of convergent devices that offer voice and data
In an Mobile IPv6 environment, nodes can have the following roles:
An IPv6 node, host or router, that can change its point of attachment from one link to another, while still being reachable through its home address.
A peer IPv6 node with which a mobile node communicates. The correspondent node, host or router, can be either mobile or stationary. The Tru64 UNIX implementation of Mobile IPv6 enables a system to be a correspondent node.
A router on a mobile node's home link with which the mobile node registers its current care-of address.
To completely understand the relationship among these nodes, you should be familiar with the following terms:
The IPv6 address of the mobile node when it is on its home link, or at home. The subnet prefix of this address is the home network's subnet prefix. The mobile node is always addressable by its home address; it does not change.
The IPv6 address of the mobile node when it is on a foreign link, or away from home. The subnet prefix of this address is the foreign network's subnet prefix. A mobile node can have multiple care-of addresses, but the care-of address registered with the mobile node's home agent is called its primary care-of address.
An association of the mobile node's home address with its care-of address. This association also has a lifetime. Each node maintains a cache of all bindings. See Section 11.4 for information on viewing the contents of the binding cache.
Figure 5-1 shows the following scenarios:
The mobile node on its home link. It is considered to be at home. Packets from the correspondent node that are addressed to the mobile node's home address are delivered through standard IP routing mechanisms.
The mobile node on a foreign link. It is considered to be away from home. The mobile node sends a Binding Update to the home agent, informing it of its care-of address. Packets from the correspondent node that are addressed to the mobile node's home address are intercepted by the home agent and tunneled to the mobile node. Upon receipt of the packet, the mobile node sends a Binding Update to the correspondent node. The correspondent node creates a binding between the home address and care-of address. It can then communicate directly with the mobile node without the need to go through the home network.
This route optimization eliminates what is commonly known as triangle routing, eliminates congestion at the mobile node's home agent and home link, and reduces the impact of any possible failure of the home agent, the home link, or intervening networks leading to or from the home link.
When the mobile node is away from home, it always sends a Home Address option to inform the receiver of its home address. That way, the receiver can correctly identify the connection to which the packet belongs.
The mobile node back on its home link. On the home link, the mobile node sends a Binding Update to the home agent and to the correspondent node to clear the bindings.
Figure 5-1: Mobile IPv6 Communications
This section describes those tasks that you need to do before configuring Mobile IPv6.
You must also configure your system as an IPv6 host node or a router.
See
Section 3.7
for more information.
5.4.1 Verifying IPv6 Support in the Kernel
Mobile IPv6 support is included as part of the IPv6 subset. Verify that the IPv6 subset is installed by entering the following command:
# sysconfig -q ipv6
If the
ipv6:
subsystem attributes are not displayed,
follow the steps in
Section 3.6.1
to select and install
the IPV6 option.
For more information on installing subsets, see
setld(8)5.4.2 Verifying Mobile IPv6 Support in the Kernel
Verify that the Mobile IPv6 support is configured in the kernel by entering the following command:
# sysconfig -q ipv6 mobileipv6_enabled
If
the
mobileipv6_enabled
attribute is unknown, Mobile IPv6
is not configured in the kernel.
Make sure you are running the correct kernel.
If you are, reconfigure the kernel by using the
doconfig
command.
See
Section 3.6.1
for more information.
If the
mobileipv6_enabled
attribute is known but
not set to 1, reconfigure it with the following command:
# sysconfig -r ipv6 mobileipv6_enabled=1 mobileipv6_enabled: reconfigured
The system is now ready to function as a correspondent node.
The correspondent
node can also forward packets as a router.
If you want your system to also
function as a router, see
Section 5.5.
5.5 Configuring Mobile IPv6
This section describes how to configure your IPv6 node as a correspondent
node and as a correspondent node that acts as an IPv6 router.
5.5.1 Configuring a Correspondent Node
After you verify IPv6 verify IPv6 support is in the kernel, your system is ready to function as a correspondent node and communicate with mobile nodes through the home agent and, after the receiving a Binding Update from a mobile node, directly with the mobile node. No further configuration is necessary.
For any IPv6 postinstallation tasks, see
Section 3.8.
5.5.2 Configuring a Correspondent Node and Router
If you want the correspondent node to act as an IPv6 router also, complete the following steps:
Configure the system as an IPv6 router. See Section 3.7.2 for more information.
Enable the
ip6rtrd
daemon to function in
a Mobile IPv6 environment at system boot.
First, retrieve the daemon's flags
by issuing the following command:
# rcmgr get IP6RTRD_FLAGS
Then, add the -m option to the flags. If the results of the previous command did not display any flags, the following command adds the -m option to the flags:
# rcmgr set IP6RTRD_FLAGS "-m"
Edit the
/etc/ip6rtrd.conf
file and modify
the Router Advertisement intervals as follows:
#
# Sample ip6rtrd configuration file
#
interface interface-name {
MinRtrAdvInterval 0 /* Min = seconds */
MinRtrAdvIntervalMsec 500 /* + milliseconds */
MaxRtrAdvInterval 1 /* Max = seconds*/
MaxRtrAdvIntervalMsec 500 /* + milliseconds */
}
This specifies that the IPv6 router will send unsolicited
multicast Router Advertisements every .5 to 1.5 seconds, making movement detection
occur more quickly for mobile nodes.
See
ip6rtrd.conf(4)
Restart IPv6 with the following command:
# /usr/sbin/rcinet restart inet6
For any IPv6 postinstallation tasks, see
Section 3.8.
5.6 Monitoring the Mobile IPv6 Environment
To monitor the Mobile IP environment, use the following:
tcpdump
command
netstat
command
IPv6 daemon log files
The
tcpdump
utility captures, parses, and prints IPv6 packets.
The
Binding Update and Acknowledgement options are contained in IPv6 Destination
Option headers in IPv6 packets.
In order to use
tcpdump,
you must configure the PACKETFILTER option into the kernel.
See
packetfilter(8)
To see all possible packets, configure the interface into Promiscuous
and Copyall mode, then issue the
tcpdump
command, as follows:
# pfconfig +p +c interface # tcpdump -i interface -s 1500 [-x] [ipv6]
See
tcpdump(8)5.6.2 Using netstat
The
netstat
-b
command enables you to monitor current mobility bindings and their attributes.
The following example shows the command output:
# netstat -b
Mobile IPv6 Binding Cache Home Address Care-of Address Flags Refs Sequence# Lifetime testhome testcoa A 1 1 43 [1] [2] [3] [4] [5] [6]
In the preceding example, the following is true:
The mobile node has a Home Address
testhome.
[Return to example]
It is currently reachable at Care-of Address
testcoa.
[Return to example]
It has asked for the Binding Update to be acknowledged (A flag). [Return to example]
There is currently one reference on this binding data structure. [Return to example]
It set the Sequence Number to 1 in the Binding Update. [Return to example]
There are 43 seconds remaining on this binding's lifetime. When the lifetime expires, the entry is removed from the cache. [Return to example]
The
netstat
-bs
command enables you
to monitor mobility binding statistics.
The following example shows the command
output:
# netstat -bs
Mobile IPv6:
1 entry in binding cache
1 add
0 deletes
0 changes
0 frees
3 lookups
See
Section 11.4
and
netstat(1)5.6.3 IPv6 Daemon Log Files
The
ip6rtrd
daemon logs informational and severe
events in the
/var/adm/syslog.dated/date/daemon.log
file.
See
Section 11.9
for more information.
To enable logging of debug information
for the
ip6rtrd
daemon, issue the following commands:
# rcmgr set IP6RTRD_FLAGS "-d -l -m /usr/tmp/ip6rtrd.log" # /usr/sbin/rcinet restart inet6