[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Survey on proposed IPv6 multi-homing mechanisms



 In your previous mail you wrote:

   [cross-posting to mobile-ip list]
   
=> please keep further messages in the multi6 list.

   > Concerns
   > 
   > - Needs Mobile IP implementation on destination host. So, modifications
   >   in external hosts are needed to achieve internal multi-homing.
   > - Mobile IP security mechanisms impose the use of authentication header,
   >   raising complexity.
   
   Currently, Mobile IP WG has to come up with a solution to establish
   security associations between the MN (host A) and the CN (host B). SA
   establishment using public key infrastructure is assumed to not be
   available everywhere and with all CNs.
   
=> the mobility mechanism for IPv6 multi-homing was proposed before
the security details were specified in the IPv6 mobility drafts...
So don't expect that it works with any suggestion of this year (:-).
More seriously, the idea was that if the mechanism is applied to
critical connections then these connections are already protected
by some mechanisms, i.e. the key material is already available or
very easy to setup.

   The (unofficially?) proposed draft-perkins-bake-00.txt suggests a (weak
   but strong enough for the purpose) mechanism that involves a home agent
   during the key exchange. The validity of the MN's binding of the home
   address is verified by the CN by sending packets via the home network.
   The home agent address belongs to the same prefix as the MN's home
   address, i.e. PrefA:Prefsite::.
   
   If no SA is set up prior to the failure of ISPA, the key exchange will
   fail since the CN can't send packets through the home agent any more.
   
=> a SA set up prior to the failure of ISPA is the very easy case but
can be common. Issues with the lack of home agent are different:
 - the CN should not flush the binding (i.e. a bit/sub-option/...
   is needed, its meaning should be "keep this binding as long as possible")
 - there is no support for mobile to mobile, in the multi-home environment
   this is translated by no support for failure on both the node and
   its CN ISPs or one has to assume that this condition is detectable.
   A common case is the failure of a high level ISP: if both nodes
   are connected to it they will see a failure at the same time,
   to understand this situation is hard but not impossible...
I like this mechanism (of course :-) but we wait for the IPv6 mobility RFC
before work again on it. BTW this is very easy to implement (movement
detection is a dream).

Regards

Francis.Dupont@enst-bretagne.fr