Windows 7 / Networking

---

Mobile IPv6 Processes

Mobile IPv6 provides a method for a mobile node to determine it is on its home link and message exchanges for the following processes:

• Moving from the home link to a foreign link
• Moving from a foreign link to another foreign link
• Returning home

Additionally, the sending host and receiving host processes are modified to include special processing for mobility support.

Note:
This section assumes that the correspondent node is not a mobile node that is away from home.

Attaching to the Home Link

The method used by a mobile node to determine that it is attached to the home link is not defined in RFC 3775. Once a mobile node determines that it is connected to its home link, it can store the home subnet prefix, home address, and global address of its home agent. The following are methods for configuring home-link parameters:

• Manual configuration: In the simplest case, the home subnet prefix, home address, and address of the home agent are manually configured, typically through a keyboardbased command, and are permanent until manually changed. These implementations do not support the dynamic discovery of home agents or changes in the home subnet prefix.
• Pseudo-automatic configuration: For pseudo-automatic configuration, when an IPv6 node is attached to a link, the user has the option (typically through a button in the user interface of the operating system) to indicate to the IPv6 protocol that the node is now connected to the home link. Based on this indication, the IPv6 protocol stores the home subnet link prefix and home address and listens for additional router advertisements containing the Home Agent (H) flag set to 1. The home agent is the router advertising itself with home agent capabilities and has the highest preference level. Once the address is determined, the IPv6 protocol stores the address of the home agent. These implementations might or might not support the dynamic discovery of home agents or changes in the home subnet prefix.
• Automatic configuration: With automatic configuration, the IPv6 node is always listening for router advertisements with the H flag set to 1. Based on additional protocol or operating system parameters, the IPv6 node determines that the IPv6 node is potentially on its home link. Next, it chooses the most preferred home agent and attempts to establish a security relationship with it. If the security relationship with the home agent fails, the IPv6 node must not be on its home link. If the security relationship succeeds, the IPv6 node is on its home link and stores its home subnet prefix, its home address, and the address of its home agent. These implementations might or might not support the dynamic discovery of home agents or changes in the home subnet prefix.

Moving from the Home Link to a Foreign Link

When the mobile node is at home, it autoconfigures its home address through the receipt of a router advertisement, and communication with other nodes occurs normally without the use of Mobile IPv6 functionality.

Attaching to the Foreign Link

When the mobile node attaches to the foreign link, it must perform the following functions:

• Receive a new care-of address.
• Discover a home agent on the home link (if needed).
• Register the primary care-of address with the selected home agent on the home link.

When the mobile node attaches to the foreign link, the following occurs:

1. The mobile node sends a multicast Router Solicitation message on the foreign link. The mobile node might send a router solicitation either because the link layer indicated a media change or because the node received a router advertisement that contains a new prefix. Depending on the Mobile IPv6 implementation, the mobile node sends a router solicitation either from its link-local address (assuming that the link-local address of the mobile node is most likely unique on the foreign link) or from the unspecified address (::) (assuming that the link-local address of the mobile node might not be unique on the foreign link).
2. All routers on the foreign link reply with a Router Advertisement message. Depending on the source address of the Router Solicitation message, the reply is either unicast (because the Router Solicitation was sent from a link-local address) or multicast (because the router solicitation was sent from the unspecified address). Figure below shows the router advertisement being unicast to the mobile node. The stateless autoconfiguration and registration of solicited node multicast addresses on the foreign link introduces some latency in the process of obtaining a valid care-of address. From the receipt of the Router Advertisement message or messages, the mobile node determines that it has connected to a foreign link because the router advertisements contain new network prefixes. The mobile node forms care-of addresses from the advertised prefixes, verifies their uniqueness by using duplicate address detection, and joins the corresponding solicited node multicast groups (not shown in Figure below).
3. If the mobile node is already configured with the address of its home agent, go to step 5. If not, to determine the address of a home agent on the mobile node's home link, the mobile node uses the home agent discovery process.
   Mobile nodes do not maintain a list of home agents while connected to the home link. To automatically discover the home agents on the home link, it is sufficient for the mobile node to learn its home subnet prefix. When the mobile node that uses automatic configuration of home agents leaves its home link and moves to the first foreign link, it sends an ICMPv6 Home Agent Address Discovery Request message to the Mobile IPv6 Home Agents anycast address formed from the home subnet prefix.
4. A home agent on the home link that is using the Mobile IPv6 Home Agents anycast address corresponding to the home subnet prefix and is topologically closest to the mobile node receives the ICMPv6 Home Agent Address Discovery Request message. Next, it sends back an ICMPv6 Home Agent Address Discovery Reply message containing the entries in the home agent's home agent list in preference order.
   Upon receipt of the ICMPv6 Home Agent Address Discovery Reply message, the mobile node selects the first home agent in the list as its home agent.
5. Before the binding update is sent, an IPsec security association (SA) must be created between the mobile node and the home agent. If the mobile node and the home agent support the use of Internet Key Exchange (IKE) for Mobile IPv6, an IKE negotiation takes place to create SAs for the ESP protection of packets sent between the mobile node and the home agent. The IKE negotiation is not shown in Figure below.
   If the mobile node and the home agent support the sending of binding updates without IPsec protection or the manual configuration of an IPsec SA, this step is skipped.
6. To register the primary care-of address with the home agent, the mobile node sends the home agent a binding update. In the binding update, the Home Registration and Acknowledgement flags are set to 1.
7. The home agent receives the binding update and updates its binding cache. To intercept packets destined for the mobile node's home address while the mobile node is away from home, the home agent performs duplicate address detection and proxy ND for the mobile node by answering neighbor solicitations on behalf of the mobile node. Depending on the implementation, the home agent might immediately send an unsolicited multicast Neighbor Advertisement message as if it were the mobile node or respond only to multicast neighbor solicitations for the mobile node's home address. The duplicate address detection and proxy ND introduces an additional latency in the home registration process.
   In the first case, to ensure that the nodes on the home link are updated with the new link-layer address of the home agent's interface on the home link, the home agent sends an unsolicited multicast Neighbor Advertisement message to the link-local scope allnodes multicast address (FF02::1) with the Override (O) flag set to 1. Additionally, the home agent joins the multicast group for the solicited node multicast address corresponding to the mobile node's home address, and it registers interest in receiving linklayer multicast frames to the multicast MAC address corresponding to the solicited node multicast address. This is shown in Figure below.
   In the second case, the home agent does not send an unsolicited multicast Neighbor Advertisement message. However, the home agent does join the multicast group for the solicited node multicast address corresponding to the mobile node's home address, and it registers interest in receiving link-layer multicast frames to the multicast MAC address corresponding to the solicited node multicast address. If a node on the home link was communicating with the mobile node while it was at home, neighbor unreachability detection eventually causes the home node to send three unicast neighbor solicitations (while in the PROBE state) and then send a multicast neighbor solicitation. The home agent answers the multicast neighbor solicitation on behalf of the mobile node. This is not shown in Figure below.
   If the mobile node has set the Link-Local Address Compatibility (L) flag in the binding update to 1, the home agent also performs duplicate address detection and proxy ND for the link-local address associated with the interface identifier (the last 64 bits) of the mobile node's home address.
8. Because the binding update has the A flag set to 1, the home agent responds with a binding acknowledgement.

Because there are no entries in the binding update list, the mobile node does not send a binding update to all the nodes with which the mobile node was communicating when connected to the home link. The mobile node relies on subsequent data sent on existing connections or the receipt of traffic tunneled via the home agent to initiate correspondent registration with correspondent nodes.

Mobile Node Initiates Communication with a New Correspondent Node

When a mobile node initiates communication with a new correspondent node (a node for which no binding exists), it must perform a correspondent registration, which consists of the Return Routability procedure and the exchange of Binding Update and Binding Acknowledgement messages. Although this process must occur for any kind of communication using the home address that is initiated by a mobile node that is away from home, the following example is for a TCP connection.

When a mobile node that is away from home initiates a new TCP connection with a correspondent node, the following occurs:

1. The mobile node begins the TCP connection by sending the initial TCP SYN (synchronize) segment to the correspondent node, tunneled via the home agent. Subsequent TCP handshake segments and the initial data communication between the mobile node and the correspondent node are sent using bidirectional tunneling until the correspondent registration is complete. (See step 5.) This is done so that the application that is attempting to communicate does not have to wait until the correspondent registration is complete before it can begin communicating.
2. The mobile node adds an entry for the correspondent node to its binding update list and performs the Return Routability procedure with the correspondent node to determine the binding management key for binding management (not shown in Figure below).
3. The mobile node sends a Binding Update message to the correspondent node with the Acknowledgement flag set to 1.
4. The correspondent node updates its binding cache and sends a Binding Acknowledgement message back to the mobile node.
5. After the correspondent registration is complete, subsequent TCP segments on the connection are sent directly between the mobile node and the correspondent node.

Figure below shows this process.

If the mobile node is resuming communication on an existing TCP connection, the TCP segments of the continuing communication are bidirectionally tunneled until the correspondent registration is complete.

After correspondent registration is complete, data between the correspondent node and the mobile node is sent as follows:

• Data from the mobile node is sent from the mobile node's care-of address to the correspondent node's address and includes the Home Address option in the Destination Options header.
• Data from the correspondent node is sent to the mobile node's care-of address and includes a Type 2 Routing header containing the mobile node's home address.

Note:
If the mobile node is multihomed, it is possible for the mobile node to register different care-of addresses with different correspondent nodes. Which care-of address is chosen depends on the source address selection algorithm. The mobile node chooses the care-of address that is matched in scope and is topologically closest to the correspondent node.

A New Correspondent Node Communicates with a Mobile Node When a new correspondent node either resumes communication or initiates communication with a mobile node using the mobile node's home address and the mobile node is away from home, the following occurs:

1. The correspondent node begins the TCP connection by sending the initial TCP SYN segment to the mobile node, tunneled via the home agent. Subsequent TCP handshake segments and the initial data communication between the correspondent node and the mobile node are sent using bidirectional tunneling until the correspondent registration is complete. (See step 5.) This is done so that the application that is attempting to communicate does not have to wait until the correspondent registration is complete before it can begin communicating.
2. The mobile node adds an entry for the correspondent node to its binding update list and initiates the Return Routability procedure (not shown in Figure below).
3. After the Return Routability procedure is complete, the mobile node sends the correspondent node a Binding Update message with the A flag set to 1.
4. Upon receipt of the Binding Update message, the correspondent node updates its binding cache and sends back a Binding Acknowledgement message.
5. After the correspondent registration is complete, subsequent TCP segments on the connection are sent directly between the mobile node and the correspondent node.

Because the TCP connection creation occurs separately from the correspondent registration, the subsequent segments in the TCP handshake (the SYN Acknowledge [ACK] and ACK segments) and the ensuing application data sent over the TCP connection are bidirectionally tunneled until the correspondent registration is complete.

Figure below shows this process.

After this process is complete, data between the correspondent node and the mobile node is sent as follows:

• Data from the mobile node is sent from the care-of address to the correspondent node's address and includes the Home Address option in the Destination Options header.
• Data from the correspondent node is sent to the mobile node's care-of address and includes a Type 2 Routing header containing the mobile node's home address.

If the upper-layer session is idle and no packets are sent for a while, the binding cache entry might expire. When the communication resumes, the same process is performed starting from step 1.

A Node on the Home Link Communicates with the Mobile Node

When a node on the home link either resumes or initiates communication with a mobile node using the mobile node's home address and the mobile node is away from home, the following occurs (example assumes a new TCP connection):

1. The node on the home link sends a multicast Neighbor Solicitation message to the solicited node multicast address corresponding to the mobile node's home address.
2. The home agent is acting as an ND proxy for the mobile node. It has registered the solicited node multicast address corresponding to the mobile node's home address as a multicast address to which it is listening. The home agent receives the neighbor solicitation and sends a unicast neighbor advertisement containing the home agent's link-layer address.
3. The initial TCP SYN segment and subsequent TCP segments are sent between the node on the home link and the home agent using each other's link-layer address.
4. The TCP segments are tunneled to and from the mobile node. The bidirectional tunneling of TCP segments continues until the correspondent registration is complete. (See step 5.)
5. Upon receipt of the initial tunneled TCP SYN segment from the home agent, the mobile node performs a Return Routability procedure with the node on the home link (not shown in Figure below).
6. The mobile node sends the node on the home link a Binding Update message.
7. The node on the home link sends a Binding Acknowledgement message.
8. After the correspondent registration is complete, subsequent TCP segments on the connection are sent directly between the mobile node and the node on the home link.

Figure below shows this process.

As previously described in "A New Correspondent Node Communicates with a Mobile Node," because the TCP connection creation occurs separately from the correspondent registration, the subsequent segments in the TCP handshake (the SYN ACK and ACK segments) and the ensuing application data sent over the TCP connection are sent indirectly via the home agent until the correspondent registration is complete.

This same process of intercepting a packet for the mobile node (steps 1 through 3) is also used when a packet addressed to the mobile node's home address is delivered to the home link by a router that is not the mobile node's home agent.

Mobile Node Changes Its Home Address

To refresh a home address that is approaching the end of its valid lifetime or to receive a new home address following a change in the home subnet prefix, the following process is used:

1. The mobile node sends an ICMPv6 Home Prefix Solicitation message to the home agent.
2. The home agent sends back an ICMPv6 Home Prefix Advertisement message.
   Upon receipt of the Home Prefix Advertisement message, the mobile node examines the Prefix Information option. If there is no change in the home subnet prefix and therefore no change in the home address, the mobile node refreshes the valid and preferred lifetimes of the stateless home address and this process ends.
   If there is a change in the home subnet prefix, the mobile node must refresh the bindings at the home agent and all the correspondent nodes in its binding update list.
3. To register the new home address with the home agent, the mobile node sends the home agent a binding update. In the binding update, the Home Registration and Acknowledgement flags are set to 1.
4. The home agent sends a binding acknowledgement.
5. The mobile node must perform a new correspondent registration with each correspondent node in its binding update list. Therefore, a Return Routability procedure is performed (not shown in Figure F-32) with each correspondent node in the binding update list. Because only the path associated with the home address has changed, only the HoTI and HoT messages are exchanged.
6. After the Return Routability procedure is successful, the mobile node sends a binding update to each correspondent node.
7. Upon the receipt of the binding update, the correspondent node updates its binding cache and sends a binding acknowledgment.

Figure below shows this process.

Moving to a New Foreign Link

When the mobile node attaches to a new foreign link after being attached to another foreign link, it must perform the following functions:

• Receive a new care-of address.
• Register the new care-of address with its home agent.
• Send binding updates to all correspondent nodes.

When the mobile node attaches to the new foreign link, the following occurs:

1. The mobile node sends a multicast Router Solicitation message on the new foreign link. Depending on the Mobile IPv6 implementation, the mobile node sends the router solicitation either from its link-local address (assuming that the link-local address of the mobile node is most likely unique on the new foreign link) or from the unspecified address (::) (assuming that the link-local address of the mobile node might not be unique on the new foreign link).
2. All routers on the new foreign link reply with a Router Advertisement message. Depending on the source address of the Router Solicitation message, the reply is either unicast (because the router solicitation was sent from a link-local address) or multicast (because the router solicitation was sent from the unspecified address). Figure below shows the Router Advertisement message being unicast to the mobile node.
   From the receipt of the Router Advertisement message or messages, the mobile node forms a care-of address or addresses, verifies their uniqueness by using duplicate address detection, and joins the corresponding solicited node multicast groups (not shown in Figure below).
3. To register the new primary care-of address with the home agent, the mobile node sends the home agent a binding update. In the binding update, the Home Registration and Acknowledgement flags are set to 1.
4. The home agent sends a binding acknowledgement.
5. The mobile node must perform a new correspondent registration with each correspondent node in its binding update list. Therefore, a Return Routability procedure is performed (not shown in Figure F-33). Because only the path to the care-of address has changed, only the exchange of CoTI and CoT messages is performed.
6. After the Return Routability procedure is successful, the mobile node sends a binding update to the correspondent node.
7. Upon the receipt of the binding update, the correspondent node updates its binding cache and, if requested by the mobile node, sends a binding acknowledgment.

Figure below shows this process.

If the binding update sent by the mobile node to a correspondent node is dropped from the network, the correspondent node continues to send packets to the mobile node's previous care-of address based on the contents of its now outdated binding cache entry. The packets are forwarded to the previous foreign link and the router on the previous foreign link attempts to deliver them. If the previous foreign link router still considers the mobile node reachable on the previous foreign link, packets are forwarded to the mobile node's link-layer address.

Because the mobile node is no longer attached to the previous foreign link, the packets are dropped.

The methods for correcting this error condition are the following:

• The mobile node, after not receiving a binding acknowledgment from the correspondent node, retransmits a binding update. The correspondent node receives the retransmitted binding update, and its binding cache is updated with the mobile node's new care-of address.
• The previous foreign link router uses neighbor unreachability detection to determine that the mobile node is no longer attached to the previous foreign link. For a point-topoint link such as a wireless connection, the unreachability of the mobile node is indicated immediately by the lack of a wireless signal from the mobile node. For a broadcast link such as an Ethernet segment, the entry in the previous foreign link router's neighbor cache goes through the REACHABLE, STALE, DELAY, and PROBE states. After the neighbor cache entry for the mobile node is removed, attempts to deliver to the mobile node's previous care-of address are unsuccessful and the previous foreign link router sends an ICMPv6 Destination Unreachable-Address Unreachable message to the correspondent node. Upon receiving this message, the correspondent node removes the entry for the mobile node from its binding cache and communication resumes as described in the "A New Correspondent Node Communicates with a Mobile Node" section of this artilcle.
• All binding cache entries have a finite lifetime as determined by the Lifetime field of the last received binding update and the correspondent node's local policy. After the lifetime expires, the binding cache entry is removed and communication resumes as described in the "A New Correspondent Node Communicates with a Mobile Node" section of this article. Alternately, the correspondent node can send a binding refresh request before the binding cache entry expires. When there is no response to the binding refresh request, the correspondent node removes the entry from the binding cache.

Returning Home

When the mobile node attaches to its home link after being away from home, it must perform the following functions:

• Send a binding update to the home agent to delete the binding for the mobile node.
• Inform home link nodes that the correct link-layer address for the home address is now the mobile node's link-layer address.
• Send binding updates to all correspondent nodes to delete the binding for the mobile node.

When the mobile node returns home (reattaches to its home link), the following occurs:

1. The mobile node sends a multicast Router Solicitation message on the home link. The mobile node might send a router solicitation either because the link layer indicated a media change or because the node received a router advertisement that contains a new prefix. Depending on the Mobile IPv6 implementation, the mobile node sends a router solicitation either from its link-local address (assuming that the link-local address of the mobile node is most likely unique on the new link) or from the unspecified address (::) (assuming that the link-local address of the mobile node might not be unique on the new link).
2. All routers on the home link reply with a Router Advertisement message. Depending on the source address of the Router Solicitation message, the reply is either unicast (because the router solicitation was sent from a link-local address) or multicast (because the router solicitation was sent from the unspecified address). Figure below shows the Router Advertisement message being unicast to the mobile node.
   Because the router advertisement contains the address prefix that matches its home address prefix, the mobile node determines that it is attached to its home link. Depending on the Mobile IPv6 implementation, the mobile node might or might not perform duplicate address detection for its home address because the home agent is acting as an ND proxy for the mobile node and defending the use of the mobile node's home address. If the mobile node does perform duplicate address detection, it must ignore the Neighbor Advertisement message sent from the home agent.
3. To remove the binding cache entry from the home agent, the mobile node sends the home agent a binding update with the care-of address set to the mobile node's home address and with the Home Registration and Acknowledge flags set to 1.
   If multiple router advertisements are received, the mobile node can determine which router is its home agent from the router advertisement with the Prefix Information option that contains the home agent's global address in the Prefix field.
   The mobile node determines the home agent's link-layer address from the Link-Layer Address field in the Source Link-Layer Address option in the router advertisement sent by the home agent. If the Source Link-Layer Address option is not included, the mobile node can determine the link-layer address of the home agent using address resolution because the global address of the home agent is known.
4. Upon receipt of the binding update, the home agent removes the entry for the mobile node from its binding cache, stops defending the use of the mobile node's home address on the home link, and responds with a binding acknowledgement. This is shown in Figure below. Additionally, the home agent leaves the multicast group for the solicited node multicast address corresponding to the mobile node's home address and stops listening for link-layer multicast frames addressed to the multicast MAC address corresponding to the solicited node multicast address.
5. After receiving the binding acknowledgement from the home agent, the mobile node must inform nodes on the home link that the link-layer address for the home address has changed to the link-layer address of the mobile node. It sends an unsolicited multicast Neighbor Advertisement message to the link-local scope all-nodes multicast address (FF02::1) with the Override (O) flag set to 1.
   The mobile node also joins the multicast group for the solicited node multicast address corresponding to the mobile node's home address and registers interest in receiving link-layer multicast frames to the multicast MAC address corresponding to the solicited node multicast address (not shown in Figure below).
6. Before sending a binding update to each correspondent node to delete the binding for the mobile node, the mobile node performs a Return Routability procedure (not shown in Figure below). Because the home address and the mobile node's new address are the same, it is sufficient to exchange only the HoTI and HoT messages. The CoTI and CoT messages are not sent when the mobile node returns home.
7. The mobile node sends a binding update to each correspondent node with the care-of address set to the mobile node's home address.
8. Upon receipt of the binding update, the correspondent nodes remove the entry for the mobile node in their binding cache and send a binding acknowledgment.