Re: Comments on draft-ietf-mobileip-mipv6-ha-ipsec-04.txt

[Erik Nordmark <Erik.Nordmark@sun.com>]

> Section 3.2
> 
> Presumably the CoA is required as the Source Address for the HOTI message
> with no Home Address Option (HAO) since if HOTI/HOT is sent after
> movement, no binding cache entry exists binding the CoA to the HoA.
> However, it also seems possible for the HOTI/HOT messsage to be sent
> *before* movement (this gets HOTI/HOT out of the critical path), in which
> case a valid binding cache entry might exist. Is there another reason that
> the HAO is precluded? I mention this because it appears that the RR messages
> are the only ones in Section 3 that do not include a HAO or RH Type 2.

Some background info.
The HOTI messages are reverse tunnled through the HA with an outer source
address = CoA and an inner source address = HoA. The MN needs to send a binding
update to the HA before it can send HOTI messages to correspondents so that
the HA can check the HoA/CoA relationship in the reverse tunneled packets. (If
HOTI was sent with CoA as the source the reponse=HOT would go directly to the
CoA i.e. it would fail to test that the MN is indeed reachable at its Home
Address.)

Does that help clarify things?

>  At a minimum, I'd
> like to understand why the HOTI/HOT messages can't have an HAO even if
> HOTI/HOT is done prior to movement.

A HAO on the HOTI would cause the CN to reject the HOTI after movement
since the HoA/CoA wouldn't match the binding cache on the CN.

  Erik