Académique Documents
Professionnel Documents
Culture Documents
Visitor List
Maintained on FA
Maps MN’s home address
with HA address
Mobile IP Tunneling
• In the mobile IP, an IP- within- IP encapsulation mechanism is
used.
• Using IP- within- IP, the home agent adds a new IP header
called tunnel header
• The new tunnel header uses the mobile node’s care of
address(COA) as the tunnel destination IP address and the
tunnel source IP address is the home agent’s IP address
• In IP- within- IP, the entire original IP header is preserved as
the first part of the pay load of the tunnel header
• The foreign agent after receiving the packet, drops the tunnel
header and delivers the rest to the mobile node.
• When a mobile node is roaming in a foreign network, the
home agent must be able to intercept all IP datagram packets
sent to the mobile node so that these datagrams can be
forwarded via tunneling.
Problems with Mobile IP
• Security:
– authentication with FA problematic, for the FA typically
belongs to another organization
– no protocol for key management and key distribution has
been standardized in the Internet
– patent and export restrictions
• Firewalls:
– typically mobile IP cannot be used together with firewalls,
special set-ups are needed (such as reverse tunneling)
• QoS
– tunneling makes it hard to give a flow of packets a special
treatment needed for the QoS
Security Requirements
– Integrity
any changes to data between sender and receiver can be
detected by the receiver
– Authentication
sender address is really the address of the sender and all
data received is really data sent by this sender
– Confidentiality
only sender and receiver can read the data
– Non-Repudiation
sender cannot deny sending of data
– Traffic Analysis
creation of traffic and user profiles not be possible
– Replay Protection
receivers can detect replay of messages
Cellular IP
• The primary design goal for mobile IP protocols is to allow a
host to change its point of access during data transfer without
being disconnected or needing to be reconfigured.
• A change of access point while connectivity is maintained is
called handoff.
• To manage mobility, two tier addressing scheme is used.One
address for a fixed location and other one is for dynamic
location which changes as the user moves
• In mobile IP, a mobile host is associated with two IP
addresses: a fixed home address that serves as host identifier
and a care- of -address that reflects the current point of
attachment.
• The mobile IP architecture comprises of three functions
1. A database that contains the most up to date mapping
between home address and care- of- address
2. The translation of host identifier to the actual destination
address
3. Ensuring that routing of packets is proper
• Whenever the mobile host moves to a new subnet managed
by a different foreign agent, the dynamic care- of- address
will change.
• The changed care- of- address needs to be communicated to
the home agent.
• This process works for slowly moving hosts.
• For a high speed mobile host, the rate of update of addresses
needs to match with rate of change of addresses. Otherwise
packets will be forwarded to wrong(old) address.
• Mobile IP fails to update the addresses properly for high
speed mobility
• Cellular IP , a new host mobility protocol has been designed
to address this issue.
• In Cellular IP, None of the nodes know the exact location of a
mobile host.
• Packets addressed to a mobile host are routed to its current
base station on a hop-by-hop basis where each node only
needs to know on which of its outgoing ports to forward
packets.
• This limited routing information (referred as mapping) is local
to the node and does not assume that nodes have any
knowledge of the wireless network topology.
• Mappings are created and updated based on the packets
transmitted by mobile hosts.
• Cellular IP Uses two parallel structures of mappings through
Paging Caches (PC) and Routing Caches (RC)
• PCs maintain mappings for stationary and idle (not in data
communication state) hosts
• RC maintains mappings for mobile hosts
• Mapping entries in PC have a large timeout interval, in the
order of seconds or minutes. RCs maintain mappings for
mobile hosts currently receiving data or expecting to receive
data
Mobile IP Vs Cellular IP
• Location management
– Mobile IP: Care-of-address
– Cellular IP: paging update packet
• Routing
– Mobile IP: registration
– Cellular IP: routing cache
• Handoff
– Mobile IP: encapsulation
– Cellular IP: routing cache
Internet Protocol version 6 (IPV6)
• Internet offers access to information sources worldwide
• We access internet through increasing variety of wireless
devices offering internet connectivity such as laptops, PDAs,
hand held devices, palmtops and digital cellular phones.
• The explosion in the number of devices connected to the
internet combined with projections for the future, made
scientists think seriously whether the 32 bit address space of
TCP/IP is sufficient.
• IPV6 , the successor of IPV4 protocol expands the available
address space.
Problems with IPV4
1.Insuffieciency
- Only four bytes( 32 bit address)
• Maximum nodes ~ 4.3 billion
• Much less than the human population (6.799
billion)
- Not enough for growing number of users
- Will be exhausted in near future
g
g
s d s g s g
g g
unicast
IPv6 Security
• One of the biggest differences between IPV6 and IPV4 is that
all IPV6 nodes are expected to implement strong
authentication and encryption features to improve internet
security.
• IPV6 Comes native with a security protocol called IP Security
(IPSec)
• IPSec protocol is a standards-based method of providing
privacy, integrity and authenticity to information transferred
across IP networks
Features of IPSec
• Diffie-Hellman key exchange mechanism for deriving key
between peers on a public network
• Public key cryptography to guarantee the identity of the two
parties and avoid man-in-the-middle attacks
• Bulk encryption algorithms, such as 3DES, for encrypting the
data
• Keyed hash algorithms, such as HMAC, combined with
traditional hash algorithms such as MD5 or SHA for providing
packet authentication
• Digital certificates signed by a certificate authority to act as
digital ID cards
• IPSec provides IP network layer encryption
Differences between IPV4 and IPV6
Advantages:
•
Provides more address space
• More powerful internet (128bit versus IPv4's current 32 bit)
• Address allocation is done by the device itself
• Support for security using (IPsec) Internet Protocol Security
Disadvantages:
•
It will be much harder to remember IP addresses (compared to the
addresses now)
• Creating a smooth transition from IPv4 to IPv6
• IPv6 is not available to machines that run IPv4
• Time to convert over to IPv6
VOIP
• Technology to enable voice communication over the IP
network became known as Voice over Internet Protocol or
VoIP, in short.
• Voice over Internet Protocol (VoIP) is a technology that
enables one to make and receive phone calls through
the Internet instead of using the traditional analog
PSTN (Public Switched Telephone Network) lines
• Now more and more communication is done in digital format
and transported via data networks such as internet.
• As data traffic is much faster than telephone traffic, so we
prefer to send voice over data networks.
• VoIP is packetization and transport of classic public switched
telephone system audio over an IP network.
• It allows 2-way voice transmission over broadband
connection.
• It is also called IP telephony, internet telephony, voice over
broadband, broadband telephony.
VoIP Diagram
PSTN vs. INTERNET
PSTN
• Voice network use circuit switching.
• Dedicated path between calling and called party.
• Bandwidth reserved in advance.
• Cost is based on distance and time.
INTERNET
• Data network use packet switching.
• No dedicated path between sender and receiver.
• It acquires and releases bandwidth, as it needed.
• Cost is not based on distance and time.
Working
Three steps are involved
1. Compression – voice is compressed typically with one of the
following codecs, G7.11 64k, G7.29AB 8k, G723.1 6.3k
2. Encapsulation – the digitized voice is wrapped in an IP
packet
3. Routing – the voice packet is routed through the network to
its final destination
A Basic IP Telephone System