RE: MIPv6 and site local addresses
One more apparent headache: a mobile node running mobile IP for IPv6 (MIPv6) will often be in 2 different domains simultaneously. It's home domain (where it continues to have a Home Address and the domain that it is currently visiting). How does one handle site-locals in this case? The mobile node is effectively multi-sited in this situation. Here's one way to implement this. Some (most?) MIPv6 implementations assign the home address to a virtual interface. Then the virtual interface belongs to the home site, and the physical interface (which has the care-of address) belongs to the foreign site. Rich IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
RE: MIPv6 and site local addresses
One more apparent headache: a mobile node running mobile IP for IPv6 (MIPv6) will often be in 2 different domains simultaneously. It's home domain (where it continues to have a Home Address and the domain that it is currently visiting). How does one handle site-locals in this case? The mobile node is effectively multi-sited in this situation. Here's one way to implement this. Some (most?) = All the ones I know of do that (virtual interface). MIPv6 implementations assign the home address to a virtual interface. Then the virtual interface belongs to the home site, and the physical interface (which has the care-of address) belongs to the foreign site. = I'm not sure this solves the problem though. It all depends on where the SL address came from. Is it in the visited site or the home site? src address selection should by default provide the HoA to the app, but if the SL is in the visited site, it won't work. So do we need some coupling between src address selection and the resolver? If the CoA is given to the app, then MIPv6 won't work unless you use something link HMIPv6 which provides a local HA. But this will only provide session continuity while the MN is moving within the MAP domain. Have I missed something? Hesham IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
The mobile node is effectively multi-sited in this situation. Here's one way to implement this. Some (most?) MIPv6 implementations assign the home address to a virtual interface. Then the virtual interface belongs to the home site, and the physical interface (which has the care-of address) belongs to the foreign site. I take it that the implication here is that all MNs need to be multi-sited and support the site scoping document (or equivalent). In other words, it will need to be widely supported in practice. Is this really the implication? There is a hope/expectation that very many nodes will implement MIPv6. It would be nice of MNs wouldn't be required to implement the scoping document in order to make things work. Thomas IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
Hello Thomas, Consider the comparatively easy configuration where MIP is using global addresses for everything, but both sites happen to use SLs for some of their own internal stuff. When the MN needs to send an IP packet to a particular address, and it is a SL address, where does it send it? should it: - tunnel it back through the Home Agent? (I.e., assume the address is for a node at its home site) - send the packet locally (i.e, assume the packet is for a node on the local site) What if the rule is that the mobile node tunnels when it is away from home, and sends the packet locally when it is deregistered and attached to its home network? I don't see the case where that isn't a reasonable thing to do. Our current restriction is that a mobile node that uses a site-local home address also must have a site-local care-of address when using that address. I think this eliminates the problem entirely. Note that a fundamental assumption (at least in my mind) is that when one uses MIPv6, everything should just work. SLs seem to introduce some problems here. So far, when we have had problems, we have made restrictions (as just noted) so that indeed Mobile IPv6 just works. Sometimes the restrictions could be lifted by specifying additional protocol, but at this point the amount of additional protocol is to be reduced, even at the cost of some restriction. I hope this resolves the issue. Regards, Charlie P. IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
Charlie Perkins [EMAIL PROTECTED] writes: Hello Thomas, Consider the comparatively easy configuration where MIP is using global addresses for everything, but both sites happen to use SLs for some of their own internal stuff. When the MN needs to send an IP packet to a particular address, and it is a SL address, where does it send it? should it: - tunnel it back through the Home Agent? (I.e., assume the address is for a node at its home site) - send the packet locally (i.e, assume the packet is for a node on the local site) What if the rule is that the mobile node tunnels when it is away from home, and sends the packet locally when it is deregistered and attached to its home network? I don't see the case where that isn't a reasonable thing to do. The problem is that this doesn't seem to work in all cases. If the visited site is using SL addresses, the above rule means that the MN can't use them (for conversing with local nodes, at least not while using its Home Address). In other words, things that work one way for a regular node at the visited cite, won't work for the MN. That doesn't seem like a desireable property. Our current restriction is that a mobile node that uses a site-local home address also must have a site-local care-of address when using that address. I think this eliminates the problem entirely. The issue I cite also occurs when neither the Home Address or COA is a SL, so I don't understand the above comment. Note that a fundamental assumption (at least in my mind) is that when one uses MIPv6, everything should just work. SLs seem to introduce some problems here. So far, when we have had problems, we have made restrictions (as just noted) so that indeed Mobile IPv6 just works. Sometimes the restrictions could be lifted by specifying additional protocol, but at this point the amount of additional protocol is to be reduced, even at the cost of some restriction. My comments were prompted by my reading of the MIPv6 spec. IMO, the SL wording there has problems. In a few places, it says things like if you are visiting a network with the same site as your home, then But, AFAIK, we have know of no way of determining what site a node is connected to when it visits some arbitrary link. Thomas IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
Hello again Thomas, Thomas Narten wrote: The problem is that this doesn't seem to work in all cases. If the visited site is using SL addresses, the above rule means that the MN can't use them (for conversing with local nodes, at least not while using its Home Address). In other words, things that work one way for a regular node at the visited cite, won't work for the MN. That doesn't seem like a desireable property. I guess the Mobile IPv6 specification is not supposed to cover cases where the mobile node is not using Mobile IPv6. Then, if a mobile node wants to use visited site-local addresses for communication within the visited site, that should be O.K. If the mobile node IS using Mobile IPv6 with a global care-of address, then ...? should it use that global care-of address for other communications (e.g., very short term) for which the home address is not involved? So far, when we have had problems, we have made restrictions (as just noted) so that indeed Mobile IPv6 just works. Sometimes the restrictions could be lifted by specifying additional protocol, but at this point the amount of additional protocol is to be reduced, even at the cost of some restriction. My comments were prompted by my reading of the MIPv6 spec. IMO, the SL wording there has problems. In a few places, it says things like if you are visiting a network with the same site as your home, then But, AFAIK, we have know of no way of determining what site a node is connected to when it visits some arbitrary link. That is true, and it was discussed. The conclusion we came up with is that a mobile node might erroneously use a visited site-local address as a care-of address, but that its home agent would never see the Binding Update, so the mobile node would not be able to establish communications with its home site using the visited site-local address. This is the same, effectively, as the case where the node is not using Mobile IP at all. Regards, Charlie P. IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
RE: MIPv6 and site local addresses
I take it that the implication here is that all MNs need to be multi-sited and support the site scoping document (or equivalent). In other words, it will need to be widely supported in practice. Is this really the implication? There is a hope/expectation that very many nodes will implement MIPv6. It would be nice of MNs wouldn't be required to implement the scoping document in order to make things work. If a mobile node wants to have a site-local home address in addition to a global home address, then it needs to be multi-sited with all that entails. If it just wants to support global home addresses, then that's not necessary. Let me mention scoped care-of addresses. At least in our implementation, care-of address selection is governed by the normal address selection rules for choosing a source address for the correspondent (destination) address. The home agent's address should be global. So you should choose a global care-of address to register with the home agent. From Hesham: = I'm not sure this solves the problem though. It all depends on where the SL address came from. Is it in the visited site or the home site? I don't think I understand the problem to which you are referring. I think the best way to conceptualize this is, the MIPv6 virtual interface (which has the home address) is just like a VPN back to the home site. So the multi-site issues are the same as for any multi-sited host. Rich IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
Charlie Perkins wrote: I guess the Mobile IPv6 specification is not supposed to cover cases where the mobile node is not using Mobile IPv6. Then, if a mobile node wants to use visited site-local addresses for communication within the visited site, that should be O.K. If the mobile node IS using Mobile IPv6 with a global care-of address, then ...? should it use that global care-of address for other communications (e.g., very short term) for which the home address is not involved? The issue was simultaneous use of site-local addresses both at the home site and at the visited site. I think the problem is that when we see a site local address in the stack and expect to do, say, a TCP connect to it, we don't know where that address came from. If it came from home-site DNS then we should somehow get to the home site. If it came from visited network http link, then we should use it locally. I don't think solving the problem by picking the right source address is quite enough. This is because we may not have enough information to do this selection. On the other hand the problem also appears more general than just MIPv6 specific, because other types of tunnels have similar problems. Jari IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
RE: MIPv6 and site local addresses
From Hesham: = I'm not sure this solves the problem though. It all depends on where the SL address came from. Is it in the visited site or the home site? I don't think I understand the problem to which you are referring. I think the best way to conceptualize this is, the MIPv6 virtual interface (which has the home address) is just like a VPN back to the home site. So the multi-site issues are the same as for any multi-sited host. = I agree with this. My comment was essentially that the applications will need to indicate which site they should communicate to. Therefore, they would need to know if the SL address belong to the home site or the visited site. Nothing new is needed though as you mention above, I inconveniently didn't consider the API extensions for scoped addresses :( Hesham IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
RE: MIPv6 and site local addresses
The issue was simultaneous use of site-local addresses both at the home site and at the visited site. I think the problem is that when we see a site local address in the stack and expect to do, say, a TCP connect to it, we don't know where that address came from. The scope id will tell you what site the address belongs to, in other words, which of your interfaces you can use to reach the address. Yes, this is a multi-sited issue, not specific to MIPv6. Rich IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
I think the problem is that when we see a site local address in the stack and expect to do, say, a TCP connect to it, we don't know where that address came from. If it came from home-site DNS then we should somehow get to the home site. If it came from visited network http link, then we should use it locally. I don't think solving the problem by picking the right source address is quite enough. This is because we may not have enough information to do this selection. On the other hand the problem also appears more general than just MIPv6 specific, because other types of tunnels have similar problems. indeed, it's much the same problem regardless of whether you're triyng to 'connect' via a MIPv6 tunnel, another kind of tunnel, or some layer 7 protocol that uses IP addresses as endpoint identifiers. in all of these cases the fact that SLs are ambiguous makes them very difficult to use. Keith IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]
Re: MIPv6 and site local addresses
The issue was simultaneous use of site-local addresses both at the home site and at the visited site. I think the problem is that when we see a site local address in the stack and expect to do, say, a TCP connect to it, we don't know where that address came from. The scope id will tell you what site the address belongs to, in other words, which of your interfaces you can use to reach the address. Yes, this is a multi-sited issue, not specific to MIPv6. in mobile-ip case, mobile node would receive packets with site-local address on the same interface for both cases. itojun IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED]