Mobile IP Working Group Jari T. Malinen INTERNET DRAFT Charles E. Perkins 14 July 2000 Nokia Research Center Category: Standards Track Mobile IPv6 Regional Registrations draft-malinen-mobileip-regreg6-00.txt Status of This Memo This document is a submission by the mobile-ip Working Group of the Internet Engineering Task Force (IETF). Comments should be submitted to the MOBILE-IP@STANDARDS.NORTELNETWORKS.COM mailing list. Distribution of this memo is unlimited. This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at: http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at: http://www.ietf.org/shadow.html. Abstract This document describes Mobile IPv6 regional registration as an optional extension to Mobile IPv6. Regional registration introduces visited-domain mobility agent functionality for proxying a public care-of-address which remains the same while the mobile node moves in the visited domain. This reduces the binding update signaling latency for the mobile node and signaling load outside the visited domain. The protocol defines regional mobility capability negotiation, regional binding update signaling, and regional-aware data routing through a hierarchy of visited-domain mobility agents. The protocol allows for an arbitrary point in the visited-domain hierarchy to distribute the connection-state maintenance between several mobility agents. IPSec AH is used for securing the protocol as in basic Mobile IPv6. Malinen, Perkins Expires 14 January 2001 [Page 1] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Contents Status of This Memo 1 Abstract 1 1. Introduction 3 2. Terms 4 3. Protocol Operation Overview 5 3.1. Movement to a new Link . . . . . . . . . . . . . . . . . 7 3.2. Visited-domain capability discovery . . . . . . . . . . . 8 3.3. Regional Registrations signaling . . . . . . . . . . . . 8 3.4. Regional-Aware Data Routing . . . . . . . . . . . . . . . 10 3.4.1. Regional Forwarding of Encapsulated Packets . . . 10 3.4.2. Regional Forwarding of Route-Optimised Packets . 10 4. Protocol Extensions 11 4.1. Router Advertisement modifications . . . . . . . . . . . 11 4.2. Regional CoA Extension . . . . . . . . . . . . . . . . . 12 4.3. Regional Binding Update . . . . . . . . . . . . . . . . . 13 4.4. Previous Access Router Sub-Option . . . . . . . . . . . . 14 5. New requirements for IPv6 Nodes 15 5.1. Visited Domain Router Requirements . . . . . . . . . . . 15 5.2. Mobile Node Requirements . . . . . . . . . . . . . . . . 15 6. IANA Considerations 16 7. Security Considerations 16 8. Acknowledgements 16 Addresses 18 Malinen, Perkins Expires 14 January 2001 [Page 2] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 1. Introduction Mobile IPv6 regional registration reduces the binding update signaling latency and the signaling load for a mobile node moving within the same visited domain. The latency is reduced by localizing binding updates to the visited domain and the signaling load is reduced by using a regional-aware router for a proxy care-of-address, the regional care-of-address, as seen by hosts outside the visited domain. The protocol re-uses the general idea of regional registrations for Mobile IPv4 [3], but is a different IPv6-specific protocol, in data routing in particular. The regional care-of address can be in an arbitrary node in the visited domain, not just in an edge router or the gateway mobility agent highest in the hierarchy. The selection of a particular regional care-of address is done by the mobile node from a list of addresses advertised by the access router. The regional binding update is transported over an arbitrary-depth tree hierarchy of regional-aware routers up to the closest possible router in the hierarchy. This router is the crossover between the old path from the gateway router to the previous access router and from the gateway router to the new access router. The protocol supports network-controlled selection of the crossover router which hides the inner structure of the hierarchy and enables constant-length signaling independent of the depth of the hierarchy. The regional registration protocol does not require modifications to any network elements other than the mobile node and the regional-aware routers. These modifications are optional additions to basic Mobile IPv6. Non-regional-aware routers, hosts, home agents, and mobile nodes can interoperate with regional-aware entitites without change. The added routing state maintenance in the visited domain is minimal. It does not involve the routing tables at all; all per-mobile state is kept in the regional binding cache. This data structure is internal to the regional mobility agent and can re-use the existing binding cache. Security is provided by the IPSec, thus the end-to-end security model is not compromised. Basic Mobile IP security can thus be used for regional registrations. This protocol defines the regional registrations transport for IPv6 and it can be used in combination with other components of the general smooth hand-over framework [5] for gaining cost-efficient signaling. In such a combination, the mobile node sends the message over the wireless interface encapsulated with the state transfer SHIN Malinen, Perkins Expires 14 January 2001 [Page 3] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 option up to the access router. The encapsulating header may carry e.g. buffering [7] or header compression [6] state transfer signaling needed for smooth and efficient handoffs. 2. Terms The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [2]. In addition, this document frequently uses the following terms: Access Router The closest router to the mobile node in the visited domain that the mobile node uses to access the network. Crossover Router When a mobile node is performing a regional registration, the Crossover Router is the router where the old path leading to a mobile node and the new path cross, i.e. the regional router in the hierarchy where a connection state change is needed to maintain an up-to-date communication path to the mobile node. Gateway Mobility Agent The software module implementing regional registrations in the gateway router. Gateway Router A router controlling the regional care-of-address of a mobile node; This is the gateway through which traffic for the mobile node enters the visited domain. Highest Router Router used in a visited domain as the root of a physical hierarchy; The gateway mobility agent can exist anywhere in the physical hierarchy. The visible hierarchy for a mobile node is thus rooted at the gateway router possibly below the highest router. Home Binding The binding cache entry in a home agent used for storing home registration state. Home Registration Sending of a binding update to the home agent to create a home binding. Malinen, Perkins Expires 14 January 2001 [Page 4] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Regional-aware Router Router that supports regional registrations. Regional Binding Cache A conceptual data structure in regional-aware routers; it is keyed on the home address of a mobile node and contains the care-of-address, lifetime, flags, security association, and network interface as data elements. All regional routing state is contained in this entry. Regional Care-of-address A care-of-address, as seen from outside the visited domain, used to locate a mobile node. Remains the same while the mobile node does regional binding updates within a visited domain. Regional Mobility Agent The software module implementing regional registrations in a regional-aware router. Visited Domain A domain that is visited by the mobile node; A set of subnets usually administered by one entity. In this document, all routers in a visited domain are assumed to have a security association with one another. This terminology is intended to conform to those that have been used in Mobile IP and other Internet protocols. Basic Mobile IPv6 terminology is used as defined in [4]. 3. Protocol Operation Overview A foreign domain advertises its capability for regional registrations with a router advertisement flag. When entering a visited domain for the first time, the mobile node registers with its home domain. During or after this registration, the mobile node can perform a regional registration. A regional registration establishes a regional care-of-address that is seen from outside the visited domain as the mobile node's primary care-of-address. This address is contolled by one of the visited-domain routers and the mobile node obtains the address from a list of Regional CoA extensions (Section 4.2), attached to the router advertisement. After obtaining a regional care-of-address, the mobile node stores the current visited domain identity, and sends binding updates to its home agent and corresponding nodes. The mobile node uses the Malinen, Perkins Expires 14 January 2001 [Page 5] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 ________ +------------+ / \ +--------------------+ | Home Agent |------( Internet )----| Corresponding node | +------------+ \________/ +--------------------+ | | regional \ | care-of-address + +------------------------+ | | Gateway Mobility Agent | | | (GMA) | | +------------------------+ | / \ | 1./ \ | / \ | +------------------+ +--------+ | | Crossover Router | | Router | | +------------------+ +--------+ | / \ | Visited 1./ \ 2. |o Domain / \ | +----------+ +--------+ | | Previous | | New | | | Access | | Access | | | Router | | Router | | +----------+ +--------+ | ^ ^ | |1. |2. | | | | +-+ +-+ (on-link) primary | | | ---> | | care-of-address | +-+ +-+ + Mobile Mobile / Node Node Figure 1: Hierarchy of regional-aware routers regional care-of-address as the alternate care-of-address when sending basic Mobile IPv6 binding updates to nodes outside the visited domain. While staying within the visited domain, the mobile node MAY send regional binding updates for the duration of its home binding. The mobile node may also send ordinary binding updates to the home agent or to corresponding nodes at any time. Malinen, Perkins Expires 14 January 2001 [Page 6] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Figure 1 illustrates a typical regional registration scenario. The mobile node sends a regional binding update to the crossover router which updates its connection state from the old path to the new path. The gateway router is the crossover router during the first regional registration (signal 1). After this (signal 2), the crossover may exist lower in the hierarchy. The regional binding update is a modified Binding Update destination option. It updates the regional binding cache entries of a mobile node in regional-aware router hierarchy. The binding update also enables the visited domain to decide the crossover router. The mobile node attaches additional information to this binding update such that a regional-aware router can decide from it whether it is a crossover router. The regional binding cache is used for regional data routing, forwarding of encapsulated or route-optimised Mobile IPv6 data packets to the mobile node. The binding cache entries are deleted by timeout or by de-registration. The semantics of this is identical to that in basic Mobile IPv6. 3.1. Movement to a new Link When entering a new foreign link , with the same or another visted domain, the mobile node performs movement detection and uses router discovery to discover new routers as defined in Mobile IPv6. The mobile node may also receive a handoff indication from the link layer and consequently send a router solicitation. The mobile node also performs visited domain detection as an additional part of the movement detection of basic Mobile IPv6. The mobile node uses the visited domain identity field of the router advertisement's prefix information option (Section 4.1) to detect movement to a new visited domain. This identity MUST be unique. A recommended way to generate it is to take a suitable (TBD) 32-bit hash from the realm part of the access router's network access identifier [1]. When the mobile node changes its regional care-of-address, or when the selected regional care-of-address is not in the router advertisement of the new access router, the mobile node SHOULD behave as if it arrived to a new visited domain. This avoids the situation where the crossover router would be beyond the GMA in the hierarchy. The mobile node then selects its primary care-of-address, which is on the same link as is the access router, as defined in Mobile IPv6. The address is co-located to the mobile node together with its routing identity, its home address, and used as the target for local Malinen, Perkins Expires 14 January 2001 [Page 7] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 communication between the visited domain and the mobile node. The mobile node MAY also use this address as the care-of-address in its binding updates for corresponding nodes within the visited domain. 3.2. Visited-domain capability discovery The router advertisement from a regional-aware router contains flags to indicate the supported capabilities. The supported capability flag for regional registrations is the `I' bit in the Reserved1 field of the Mobile IPv6 Modified Router Advertisement Message's Modified Prefix Information Option [4]. If the `I' bit is set, the mobile node SHOULD make use of regional registration. In this case, the mobile node selects its regional care-of-address from the one or more regional care-of-address extensions in the router advertisement. 3.3. Regional Registrations signaling When entering the visited domain, the mobile node performs an home registration in combination with the first regional binding update. The regional binding update is a modified Mobile IPv6 binding update destination option. It propagates upwards hop-by-hop through a hierarchy of regional-aware routers to a router controlling the selected regional care-of-address. There may be regional-unaware routers between adjacent regional-aware routers in a hierarchy. The regional care-of-address can be an address of the visited domain router or an address from a pool of regional care-of-addresses controlled by a router. Association between such a care-of-address and a router within the visited domain, selected as target of the first regional binding update, is implementation-specific. The destination address in the IP header of the regional binding update at the sending mobile node is the source address of the router advertisement containing the selected regional care-of-address. There MUST be a home address detination option in the IPv6 packet carrying the regional binding update as with basic Mobile IPv6. When the regional binding update is re-sent from the receiving router up to the next higher router, each regional-aware router establishes or updates its regional binding cache entry for the mobile node. The key to the entry is the home address, and the care-of-address is the source address of the regional binding update received from the next lower regional-aware router. In the access router, the care-of-address is the sending link address of the mobile node. Malinen, Perkins Expires 14 January 2001 [Page 8] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Implementation of the regional binding cache can reuse the basic Mobile IPv6 binding cache entry with a new `I' flag set. Since the network controls the crossover router selection, the visited domain target router is not known to the mobile node. Thus, it then sends the packet to the router from which the advertisement was received. The regional care-of-address MUST be inserted as a alternate care-of-address sub-option of the regional binding update. The `A' bit MUST be set and the `H' bit MUST NOT be set. The mobile node appends the previous access router sub-option (Section 4.4) to the regional binding update. This sub-option identifies the previous access router so that each router can locally decide whether it is the crossover router. When the signal is propagated upwards, the first router that has the previous access router among its descendants is the crossover router. To know its descendants, a regional-aware router maintains a list of all of its descendants. How this list is configured is out of the scope of this protocol, it can be statically configured from a parameter file, for example. After a successful regional binding update, a basic Mobile IPv6 binding acknowledgement is returned to the mobile node. A succesful regional registration is denoted by a new success status value 1. This denotes regional-aware success, status value 0 denotes regional-unaware success. In the latter case, the receiving node accepted the binding update as any corresponding node would. The mobile node can thus send regional binding updates to any node and recognize regional-awareness of the other end from this status value. This gives the protocol robustness against mis-configured regional-aware routers. The mobile node SHOULD NOT send binding updates with the regional care-of-address to regular nodes until it has received the regional-aware success status value 1. If the regional-aware router fails to accept the regional registration, it returns a Reason Unspecified status value 128 in the binding acknowledgement. If the access control policies allow, the regional and non-regional binding updates MAY be transmitted in parallel. However, if the mobile node does not receive status value 1 from the gateway mobility agent, the mobile node MUST re-send the non-regional binding updates with the primary care-of-address. A regional-aware mobile node MAY support mobile multi-homing, i.e. the mobile node MAY register more than one home address simultaneously with one or more home agents. Operation of these addresses occur independently, i.e. as if there were multiple mobile nodes within the same physical host. The mobile node MUST NOT register more than one care-of-address for each home address. Malinen, Perkins Expires 14 January 2001 [Page 9] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 3.4. Regional-Aware Data Routing Regional data routing considers routing towards the mobile node. Since the regional care-of-address is in the visited domain, packets targeted to it go through the regional-aware routing hierarchy from the GMA to the mobile node. The other direction is not affected by regional registrations. 3.4.1. Regional Forwarding of Encapsulated Packets When a corresponding node sends data packets to a mobile node to which it does not yet have an entry in its binding cache, these packets are intercepted by the home agent and encapsulated to the registered care-of-address mobile node, as specified in the basic Mobile IPv6. However, this care-of-address is the alternate care-of-address. In the case with tunneled packets, the regional care-of-address of the mobile node is selected as the target for the outer encapsulation header. The router which controls that regional care-of-address decapsulates the tunneled packets. The destination of the encapsulated packet is the home address of the mobile node. If there is an entry in the regional binding cache for this home address, the router MUST re-encapsulate these packets to the corresponding lower care-of-address. This is in the next lower regional-aware router or in the mobile node if the forwarder is the access router. Thus, the data packets get re-capsulated at each regional-aware router on their way down the hierarchy. 3.4.2. Regional Forwarding of Route-Optimised Packets When a corresponding node has received a binding update, it knows the regional care-of-address and sends packets to the mobile node using this address as the destination address. The corresponding node includes a type 0 routing header to the packet so that the home address of the mobile node is the only entry in the routing header of this route-optimised packet, as specified in the basic Mobile IPv6. A regional-aware router forwards a route-optimised packet to the next lower regional-aware router in a special way. If there is an entry in the regional binding cache for the home address in the routing header, the routing header is kept in its original state. That is, the home address remains in the routing header entry, and the `segments left' field is not decreased. Malinen, Perkins Expires 14 January 2001 [Page 10] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 The packet is then forwarded ahead using the regional binding cache entry. The destination address of the route-optimised packet is replaced with the care-of-address in the regional binding cache and the packet is then submitted back to the IP forwarding engine for further processing. If no regional binding cache entry exists for the given home address, standard IPv6 routing processing applies. When the mobile node receives the packet that has been forwarded using regional-aware data routing, packets have the encapsulation or routing header so that the MN can still distinguish whether to send a binding update to a corresponding node, as in basic Mobile IPv6. The authentication header integrity check calculation is also still identical to what would be needed in a basic Mobile IP mobile node. When the mobile node sends packets to a corresponding node, the source address is the primary care-of-address of the mobile node, and the destination address is the corresponding node. The packets contain the home address extension as with the basic Mobile IPv6. Thus, their routing towards the corresponding node occurs exactly as with the basic Mobile IPv6. 4. Protocol Extensions The following protocol extensions are defined: - A modification to the Modified Router Advertisement Message to indicate whether the visited domain supports regional registrations (the `I' bit) (Section 4.1). - A visited-domain identifier in the router advertisement (Section 4.1). - A regional care-of-address extension to the router advertisement (Section 4.2). - A modification to the Binding Update destination option to indicate whether the option is a Regional Binding Update (the `I' bit) (Section 4.3). - An previous access router sub-option for the binding update (Section 4.4). 4.1. Router Advertisement modifications The router advertisement, as defined in the basic Mobile IPv6, contains additionally the `I' bit and the visited domain identity in the Modified Prefix Information Option of the Router Advertisement Malinen, Perkins Expires 14 January 2001 [Page 11] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Message. The format of the new Modified Prefix Information Option is the following: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Prefix Length |L|A|R|I|Rsrvd1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Valid Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Preferred Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Visited-Domain Identity | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Prefix + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: The Modified Prefix Information Option I Indicates regional registrations support. Visited-Domain Identity This identity is a unique unsigned 32-bit integer. A recommended way to generate it is to take a suitable 32-bit (TBD) hash from the realm part of the access router's network access identifier [1]. The Rsvrd1 field is here a 4-bit field instead of the 5 bits Reserved1 prior to adding the `I' bit. Other fields are as described in the Mobile IPv6 and the Neighbor Discovery [8] documents. 4.2. Regional CoA Extension The router advertisement may contain one or more visited-domain care-of-addresses from which the mobile node chooses a regional care-of-address. Each such address is advertised in a Regional CoA Extension of the modified Router Advertisement. Malinen, Perkins Expires 14 January 2001 [Page 12] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 The format of the regional CoA extension is the following : 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length=2 | Preference | Index | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Regional Care-of-Address | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3: Regional CoA extension Type TBD (skippable) Length 8-bit unsigned integer. The length of the option (including the type and length fields) in units of 8 octets. This field MUST be 2. Lifetime The time the advertised CoA is valid in the visited domain. Preference A preference for the CoA. An 8 bit unsigned integer. A value of 255 means lowest preference. Index Index describing which of the global prefixes can be used with this address. 1 denotes the first prefix in the advertisement. Special value 0 denotes that this address applies to all prefixes. The options SHOULD be ordered so that regional CoA extensions associated with a given prefix are immediately after that prefix. Regional Care-of-Address The advertised address, which MUST be a global IPv6 address from the visited domain. 4.3. Regional Binding Update The Regional Binding Update is a Mobile IP Binding Update with the following modifications. In the Reserved field after the flags field, there will be the following additional bit. Malinen, Perkins Expires 14 January 2001 [Page 13] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Description of extensions to the BU option: I Indicates regional registrations support. This implies that the receiving router will use the BU information to establish or maintain a regional binding cache entry. The bit is the first bit from the Reserved field of the Mobile IPv6 Binding Update destination option. Previous Access Router Sub-Option A sub-option for determining the crossover router. 4.4. Previous Access Router Sub-Option The previous access router sub-option is used by the network to determine the crossover router. A crossover router address is obtained from the IP header source address of the router advertisement. The mobile node remembers this for the previous router and uses it to create an previous access router sub-option. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Previous access router | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4: Previous Access Router Sub-option Type TBD (skippable) Length 8-bit unsigned integer. The length of the sub-option (including the type and length fields) in units of 8 octets. Previous access router The IP address of the previous access router as seen by the mobile node. There is no requirement for alignment of the Previous Access Router sub-option. Malinen, Perkins Expires 14 January 2001 [Page 14] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 The previous access router sub-option is valid in the Binding Update destination option. The previous access router contains the IPv6 address of the access router as seen by the mobile node. It is used to identify the crossover router in the visited domain regional router graph. This is done by comparing the previous access router to the known descendants when the regional binding update gets forwarded upward in the tree of regional-aware routers. When the router finds the previous access router in its list of descendants, it is the crossover router. 5. New requirements for IPv6 Nodes The presented option requires modifications to the visited-domain routers and to the mobile node. The option does not pose new requirements, in particular, to the home agent, to corresponding nodes, or to other network elements than to the regional-aware routers in the visited domain. 5.1. Visited Domain Router Requirements The support of the protocol is optional to basic Mobile IPv6; elements can function in both regional-aware and regional-unaware visted domains. Introducing regional-aware routers to a visited domain does not mandate the use of regional registrations. The regional-aware access router MUST be capable of advertising regional registration support. The router MUST be capable of maintaining regional binding cache entries based on regional binding updates. These routers MUST route the data packets to the regional-registered mobile nodes so that a mobile node can recognize the use of route optimization from the presence of a routing header, as described in Section 3.4. 5.2. Mobile Node Requirements A regional non-aware mobile node can operate in a regional-aware network. A regional-aware mobile node MUST recognize the use of regional registrations from the router advertisement. The regional-aware mobile node MUST be able to select a regional care-of-address and send a regional binding update accordingly. Malinen, Perkins Expires 14 January 2001 [Page 15] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 6. IANA Considerations The presented protocol does require the addition of one skippable option type to the router advertisement [8] and one skippable sub-option type to the Binding Update destination option. Also, the protocol requires two modifications from the Modified Router Advertisement Message`s Prefix Information Option, one bit in its Reserved1 field, and the Reserved2 field completely, from the format specified in the basic Mobile IPv6 [4]. The protocol also needs one new bit from the Reserved field of the Mobile IPv6 Binding Update option. The Binding Acknowledgement would need one new regional-aware success code, with a proposed value of 1 to be added to the list of known status field values. 7. Security Considerations The regional-aware mobile node SHOULD use a mobile-visited-domain key for authentication. IPsec and its authentication header is used for security as in basic Mobile IPv6. In regional signaling, the mobile node and visited domain share a dynamic security association, in form of a mobile-visited-domain key for IPsec. The mobile-visited-domain key is obtained when entering the visited domain and transported to the visted domain routers and to the mobile node. Details of security, such as regional authorization, key distribution, and replay protection are out of the scope of this document. 8. Acknowledgements We would like to thank people who have participated in reviewing this document, including Hannu Flinck, Robert Chalmers, Rajeev Koodli, Govind Krishnamurthi, and Dan Forsberg. References [1] B. Aboba and M. Beadles. The Network Access Identifier. Request for Comments (Proposed Standard) 2486, Internet Engineering Task Force, January 1999. [2] S. Bradner. Key words for use in RFCs to Indicate Requirement Levels. Request for Comments (Best Current Practice) 2119, Internet Engineering Task Force, March 1997. Malinen, Perkins Expires 14 January 2001 [Page 16] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 [3] Eva Gustafsson, A. Jonsson, and C. Perkins. Mobile IP Regional Registration (work in progress). draft-ietf-mobileip-regtun-02.txt, June 2000. [4] D. Johnson and C. Perkins. Mobility Support in IPv6 (work in progress). Internet Draft, Internet Engineering Task Force, November 1998. [5] R. Koodli and C. Perkins. A Framework for Smooth Hand-overs in IP Mobile Networks (work in progress). draft-ietf-koodli-smoothv6-00.txt, July 2000. [6] Rajeev Koodli, Manish Tiwari, and C. Perkins. Header Compression State Relocation in IP Mobile Networks (work in progress). draft-koodli-rohc-hc-relocate-00.txt, July 2000. [7] Govind Krishnamurthi, Robert C. Chalmers, and C. Perkins. Buffer Management for Smooth HandOvers in Mobile IPv6 (work in progress). draft-krishnamurthi-mobileip-buffer6-00.txt, July 2000. [8] T. Narten, E. Nordmark, and W. Simpson. Neighbor Discovery for IP Version 6 (IPv6). Request for Comments (Draft Standard) 2461, Internet Engineering Task Force, December 1998. Malinen, Perkins Expires 14 January 2001 [Page 17] Internet Draft Mobile IPv6 Regional Registrations 14 July 2000 Addresses The working group can be contacted via the current chairs: Basavaraj Patil Phil Roberts Nokia Corporation Motorola 6000 Connection Drive 1501 West Shure Drive M/S M8-540 Irving, Texas 75039 Arlington Heights, IL 60004 USA USA Phone: +1 972-894-6709 Phone: +1 847-632-3148 Fax : +1 972-894-5349 EMail: Basavaraj.Patil@nokia.com EMail: QA3445@email.mot.com Questions about this memo can also be directed to the authors: Jari T. Malinen Charles E. Perkins Communications Systems Lab Communications Systems Lab Nokia Research Center Nokia Research Center Itamerenkatu 11-13 313 Fairchild Drive FIN-00180 Helsinki Mountain View, California 94043 Finland USA Phone: +358 40 4799 138 Phone: +1-650 625-2986 EMail: jari.t.malinen@nokia.com EMail: charliep@iprg.nokia.com Fax: +358 9 4376 6852 Fax: +1 650 625-2502 Malinen, Perkins Expires 14 January 2001 [Page 18]