Wireless LANs: 802.

11 and Mobile IP

Outline
Overview of wireless networks
Single-hop wireless: Cellular, Wireless LANs (WLANs) multiple wireless hops Mobile ad hoc networks (MANETS)

Challenges of wireless communications IEEE 802.11

spread spectrum and physical layer specification MAC functional specification: DCF mode
role in WLANs infrastructure networks role in MANETs

MAC functional specification: PCF mode

Mobile IPv4 Mobile IPv6

Overview of wireless networks

Wireless networks
Access computing/communication services, on the move Cellular Networks
traditional base station infrastructure systems

Wireless LANs
infrastructure as well as ad-hoc networks possible very flexible within the reception area low bandwidth compared to wired networks (1-10 Mbit/s)

Multihop Ad hoc Networks

useful when infrastructure not available, impractical, or expensive military applications, rescue, home networking

Cellular Wireless
Single hop wireless connectivity to the wired world
Space divided into cells, and hosts assigned to a cell A base station is responsible for communicating with hosts/nodes in its cell Mobile hosts can change cells while communicating Hand-off occurs when a mobile host starts communicating via a new base station

Evolution of cellular networks

First-generation: Analog cellular systems (450-900 MHz)
Frequency shift keying; FDMA for spectrum sharing AMPS (US)

Second-generation: Digital cellular systems (900, 1800 MHz)

TDMA/CDMA for spectrum sharing; Circuit switching GSM (Europe) <9.6kbps data rates

2.5G: Packet switching extensions

Digital, Analog <115kbps data rates

3G: Full-fledged data services

High speed, data and Internet services IMT-2000, UMTS <2Mbps data rates

Wireless LANs
Infrared or radio links Advantages
very flexible within the reception area Ad-hoc networks possible (almost) no wiring difficulties

Disadvantages
low bandwidth compared to wired networks many proprietary solutions
Bluetooth, HiperLAN and IEEE 802.11

Wireless LANs vs. Wired LANs

Destination address does not equal destination location The media impact the design
wireless LANs intended to cover reasonable geographic distances must be built from basic coverage blocks

Impact of handling mobile (and portable) stations

Propagation effects Mobility management Power management

Infrastructure vs. Ad hoc WLANs

infrastructure network
AP AP wired network AP: Access Point

AP

ad-hoc network

Source: Schiller

Multi-Hop Wireless
May need to traverse multiple links to reach destination

Mobility causes route changes

Mobile Ad Hoc Networks (MANET)

Do not need backbone infrastructure support Host movement frequent Topology change frequent

Multi-hop wireless links Data must be routed via intermediate nodes

Applications of MANETS
Military - soldiers at Kargil, tanks, planes Disaster Management Orissa, Gujarat Emergency operations search-and-rescue, police and firefighters Sensor networks Taxicabs and other closed communities airports, sports stadiums etc. where two or more people meet and want to exchange documents Presently MANET applications use 802.11 hardware Personal area networks - Bluetooth

Challenges of Wireless Communications

Wireless Media
Physical layers used in wireless networks
have neither absolute nor readily observable boundaries outside which stations are unable to receive frames are unprotected from outside signals communicate over a medium significantly less reliable than the cable of a wired network have dynamic topologies lack full connectivity and therefore the assumption normally made that every station can hear every other station in a LAN is invalid have time varying and asymmetric propagation
properties

Limitations of the mobile environment

Limitations of the Wireless Network
limited communication bandwidth frequent disconnections heterogeneity of fragmented networks

Limitations Imposed by Mobility

route breakages lack of mobility awareness by system/applications

Limitations of the Mobile Device

short battery lifetime limited capacities

Wireless v/s Wired networks

Regulations of frequencies
Limited availability, coordination is required useful frequencies are almost all occupied

Bandwidth and delays

Low transmission rates
few Kbps to some Mbps.

Higher delays
several hundred milliseconds

Higher loss rates

susceptible to interference, e.g., engines, lightning

Always shared medium

Lower security, simpler active attacking radio interface accessible for everyone Fake base stations can attract calls from mobile phones secure access mechanisms important

Difference Between Wired and Wireless

Ethernet LAN A B C A C Wireless LAN B

If both A and C sense the channel to be idle at the same time, they send at the same time. Collision can be detected at sender in Ethernet. Half-duplex radios in wireless cannot detect collision at sender.

Hidden Terminal Problem

A and C cannot hear each other. A sends to B, C cannot receive A. C wants to send to B, C senses a free medium (CS fails) Collision occurs at B. A cannot receive the collision (CD fails). A is hidden for C.

Exposed Terminal Problem

A C

A starts sending to B. C senses carrier, finds medium in use and has to wait for A->B to end. D is outside the range of A, therefore waiting is not necessary. A and C are exposed terminals

Mobile IP

Traditional Routing
A routing protocol sets up a routing table in routers

Routing protocol is typically based on Distance-Vector or Link-State algorithms

Mobile IP
A standard that allows users with mobile devices whose IP addresses are associated with one network to stay connected when moving to a network with a different IP address. When a user leaves the network with which his device is associated (home network) and enters the domain of a foreign network, the foreign network uses the Mobile IP protocol to inform the home network of a care-of address to which all packets for the user's device should be sent. Mobile IP is most often found in wireless WAN environments where users need to carry their mobile devices across multiple LANs with different IP addresses.

 IP requires the location of any host connected to the Internet to be uniquely identified by an assigned IP address. This raises one of the most important issues in mobility, because when a host moves to another physical location, it has to change its IP address. However, the higher level protocols require IP address of a host to be fixed for identifying connections. The Mobile Internet Protocol (Mobile IP) is an extension to the Internet Protocol proposed by the Internet Engineering Task Force (IETF) that addresses this issue.

Overview of the Protocol

Mobile IP supports mobility by transparently binding the home address of the mobile node with its careof address. This mobility binding is maintained by some specialized routers known as mobility agents. Mobility agents are of two types - home agents - foreign agents. The home agent, a designated router in the home network of the mobile node, maintains the mobility binding in a mobility binding table where each entry is identified by the tuple <permanent home address, temporary care-of address, association lifetime>.

 The basic Mobile IP protocol has four distinct stages. These are: 1. Agent Discovery: Agent Discovery consists of the following steps:
Mobility agents advertise their presence by periodically broadcasting Agent Advertisement messages. An Agent Advertisement message lists one or more care-of addresses and a flag indicating whether it is a home agent or a foreign agent. The mobile node receiving the Agent Advertisement message observes whether the message is from its own home agent and determines whether it is on the home network or a foreign network. If a mobile node does not wish to wait for the periodic advertisement, it can send out Agent Solicitation messages that will be responded by a mobility agent.

2.

Registration: Registration consists of the following steps:

If a mobile node discovers that it is on the home network, it operates without any mobility services. If the mobile node is on a new network, it registers with the foreign agent by sending a Registration Request message which includes the permanent IP address of the mobile host and the IP address of its home agent. The foreign agent in turn performs the registration process on behalf of the mobile host by sending a Registration Request containing the permanent IP address of the mobile node and the IP address of the foreign agent to the home agent. When the home agent receives the Registration Request, it updates the mobility binding by associating the care-of address of the mobile node with its home address. The home agent then sends an acknowledgement to the foreign agent. The foreign agent in turn updates its visitor list by inserting the entry for the mobile node and relays the reply to the mobile node.

Registration process in Mobile IP

3. In Service: This stage can be subdivided into the following steps:

When a correspondent node wants to communicate with the mobile node, it sends an IP packet addressed to the permanent IP address of the mobile node. The home agent intercepts this packet and consults the mobility binding table to find out if the mobile node is currently visiting any other network. The home agent finds out the mobile node's care-of address and constructs a new IP header that contains the mobile node's care-of address as the destination IP address. The original IP packet is put into the payload of this IP packet. It then sends the packet. This process of encapsulating one IP packet into the payload of another is known as IP-within-IP encapsulation, or tunneling. When the encapsulated packet reaches the mobile node's current network, the foreign agent decapsulates the packet and finds out the mobile node's home address. It then consults the visitor list to see if it has an entry for that mobile node.

 If there is an entry for the mobile node on the visitor list, the foreign agent retrieves the corresponding media address and relays it to the mobile node. When the mobile node wants to send a message to a correspondent node, it forwards the packet to the foreign agent, which in turn relays the packet to the correspondent node using normal IP routing.

The foreign agent continues serving the mobile node until the granted lifetime expires. If the mobile node wants to continue the service, it has to reissue the Registration Request.

Tunneling operation in Mobile IP

4. Deregistration: If a mobile node wants to drop its care-of address, it has to deregister with its home agent. It achieves this by sending a Registration Request with the lifetime set to zero. There is no need for deregistering with the foreign agent as registration automatically expires when lifetime becomes zero. However if the mobile node visits a new network, the old foreign network does not know the new care-of address of the mobile node. Thus datagrams already forwarded by the home agent to the old foreign agent of the mobile node are lost.

Security Considerations
During registration procedure the home agent should be convinced that it is getting authentic Registration Request from a mobile node and not receiving information from a bogus node. Mobile IP solves this problem by specifying a security association between the home agent and the mobile node. This security association is at present manually configured. Every registration message should contain a mobile nodehome agent aunthentication extension which contain an Security Parameters Index(SPI) followed by an authenticator. . The SPI is an index into the mobility security association and it defines the security context (i.e., the algorithm and the secret) used to compute and check the authenticator. The default algorithm is keyed MD5 with a key size of 128 bits. Also each registration contains unique data to avoid valid registration recording by malicious nodes.

Route Optimization

In the basic Mobile IP protocol, IP packets destined to a mobile node that is outside its home network are routed through the home agent. However packets from the mobile node to the correspondent nodes are routed directly. This is known as triangle routing.

Triangle Routing

 This method may be inefficient in many cases. Consider the case when the correspondent host and the mobile host are in the same network, but not in the home network of the mobile host. In this case the messages will experience unnecessary delay since they have to be first routed to the home agent that resides in the home network. One way to improve this is Route Optimization.

 Route Optimization is an extension proposed to the basic Mobile IP protocol . Here messages from the correspondent node are routed directly to the mobile node's care-of address without having to go through the home agent. Route Optimization provides four main operations. These are: Updating binding caches, Managing smooth handoffs between foreign agents, Acquiring registration keys for smooth handoffs, Using special tunnels.

1. Updating binding caches: Binding caches are maintained by correspondent nodes for associating the home address of a mobile node with its care-of address. A binding cache entry also has an associated lifetime after which the entry has to be deleted from the cache. If the correspondent node has no binding cache entry for a mobile node, it sends the message addressed to the mobile node's home address. When the home agent intercepts this message, it encapsulates it and sends it to the mobile node's care-of address. It then sends a Binding Update message to the correspondent node informing it of the current mobility binding.

2. Managing smooth handoffs between foreign agents: When a mobile node registers with a new foreign agent, the basic Mobile IP does not specify a method to inform the previous foreign agent. Thus the datagrams in flight which had already tunneled to the old care-of address of the mobile node are lost. This problem is solved in Route Optimization by introducing smooth handoffs. Smooth handoff provides a way to notify the previous foreign agent of the mobile node's new mobility binding.

3. Acquiring registration keys for smooth handoffs: For managing smooth handoffs, mobile nodes need to communicate with the previous foreign agent. This communication needs to be done securely as any careful foreign agent should require assurance that it is getting authentic handoff information and not arranging to forward in-flight datagrams to a bogus destination. For this purpose a registration key is established between a foreign agent and a mobile node during the registration process.

4. Using special tunnels: When a foreign agent receives a tunneled datagram for which it has no visitor list entry, it concludes that the node sending the tunneled datagram has an out-of-date binding cache entry for the mobile node. If the foreign agent has a binding cache entry for the mobile node, it should re-tunnel the datagram to the care-of address indicated in its binding cache entry. On the other hand, when a foreign agent receives a datagram for a mobile node for which it has no visitor list or binding cache entry, it constructs a special tunnel datagram.

Routing and Mobility

Finding a path from a source to a destination Issues
Frequent route changes
amount of data transferred between route changes may be much smaller than traditional networks

Route changes may be related to host movement Low bandwidth links

Goal of routing protocols

decrease routing-related overhead find short routes find stable routes (despite mobility)

Mobile IP (RFC 3344): Motivation

Traditional routing
based on IP address; network prefix determines the subnet change of physical subnet implies
change of IP address (conform to new subnet), or special routing table entries to forward packets to new subnet

Changing of IP address
DNS updates take to long time TCP connections break security problems

Changing entries in routing tables

does not scale with the number of mobile hosts and frequent changes in the location security problems

Solution requirements
retain same IP address, use same layer 2 protocols authentication of registration messages,

Mobile IP: Basic Idea

MN

Router 3

Home agent Router 1 Router 2

Mobile IP: Basic Idea

move S Router 3 Foreign agent Home agent Router 1 Router 2
Packets are tunneled using IP in IP

MN

Mobile IP: Terminology

Mobile Node (MN)
node that moves across networks without changing its IP address

Home Agent (HA)

host in the home network of the MN, typically a router registers the location of the MN, tunnels IP packets to the COA

Foreign Agent (FA)

host in the current foreign network of the MN, typically a router forwards tunneled packets to the MN, typically the default router for MN

Care-of Address (COA)

address of the current tunnel end-point for the MN (at FA or MN) actual location of the MN from an IP point of view

Correspondent Node (CN)

host with which MN is corresponding (TCP connection)

Data transfer to the mobile system

HA

MN

home network Internet

3
FA

receiver foreign network

CN
sender

1. Sender sends to the IP address of MN, HA intercepts packet (proxy ) 2. HA tunnels packet to COA, here FA, by encapsulation 3. FA forwards the packet to the MN
Source: Schiller

Data transfer from the mobile system

HA

MN

home network Internet

sender

FA

foreign network

CN
receiver

1. Sender sends to the IP address of the receiver as usual, FA works as default router

Source: Schiller

Mobile IP: Basic Operation

Agent Advertisement
HA/FA periodically send advertisement messages into their physical subnets MN listens to these messages and detects, if it is in home/foreign network MN reads a COA from the FA advertisement messages

MN Registration
MN signals COA to the HA via the FA HA acknowledges via FA to MN limited lifetime, need to be secured by authentication

HA Proxy
HA advertises the IP address of the MN (as for fixed systems) packets to the MN are sent to the HA independent of changes in COA/FA

Packet Tunneling
HA to MN via FA

Mobile IP: Other Issues

Reverse Tunneling
firewalls permit only topological correct addresses a packet from the MN encapsulated by the FA is now topological correct

Optimizations
Triangular Routing
HA informs sender the current location of MN

Change of FA
new FA informs old FA to avoid packet loss, old FA now forwards remaining packets to new FA

Registration
MN re FA gist requ ration es
t regi s requ tration est n ratio t s i reg y repl

HA

MN re HA gist requ ration e

st n ratio t s i reg y repl

n ratio t s i reg y repl

Optimization of packet forwarding

Triangular Routing
sender sends all packets via HA to MN higher latency and network load

Solutions
sender learns the current location of MN direct tunneling to this location HA informs a sender about the location of MN big security problems!

Change of FA
packets on-the-fly during the change can be lost new FA informs old FA to avoid packet loss, old FA now forwards remaining packets to new FA this information also enables the old FA to release resources for the MN

Reverse tunneling (RFC 3024)

HA

MN

home network Internet

1
FA

sender

foreign network

CN
receiver

1. MN sends to FA 2. FA tunnels packets to HA by encapsulation 3. HA forwards the packet to the receiver (standard case)

Mobile IP with reverse tunneling

Router accept often only topological correct addresses (firewall!)
a packet from the MN encapsulated by the FA is now topological correct furthermore multicast and TTL problems solved (TTL in the home network correct, but MN is too far away from the receiver)

Reverse tunneling does not solve

problems with firewalls, the reverse tunnel can be abused to circumvent security mechanisms (tunnel hijacking) optimization of data paths, i.e. packets will be forwarded through the tunnel via the HA to a sender (double triangular routing)

The new standard is backwards compatible

the extensions can be implemented easily and cooperate with current implementations without these extensions

Mobile IPv4 Summary

Mobile node moves to new location Agent Advertisement by foreign agent Registration of mobile node with home agent Proxying by home agent for mobile node Encapsulation of packets Tunneling by home agent to mobile node via foreign agent

Optimizations for triangular routing Reverse tunneling

IPv6 Address Architecture

Unicast address
provider-based global address link-local(at least one per interface), site-local IPv4 compatible IPv6 address (IPv6 node) IPv4 mapped IPv6 address (IPv4 node)

A single interface can have multiple addresses of any type or scope Multicast address identifies a group of stations/interfaces (112-bit group ID) No Broadcast addresses
Broadcast applications in IPv4 will have to be re-written in IPv6

Autoconfiguration
Plug & Play - a machine when plugged in will automatically discover and register the required parameters for Internet connectivity Autoconfiguration includes
creating a link-local address verifying its uniqueness on a link determining what information should be autoconfigured, addresses and/or other info In the case of addresses, they may be obtained through stateless or stateful mechanism (DHCPv6), or both