mobile ip cisco

Mobile Networking Technology

The benefit of Mobile IP

“Mobile IP provides an IP node the ability to retain the same IP address and maintain uninterrupted network and application

connectivity while traveling across networks ”

“

”

Which ApplicationsWhich ApplicationsWhich ApplicationsWhich Applications

The objective

Maintaining continuous IP connectivity while crossing network boundaries, e.g. subnets or between

networks

Internet

Host BGateway A171.68.0.0

Gateway C140.31.0.0

Mobile Router171.68.69.0171.68.70.0 Mobile Router

171.68.69.0171.68.70.0

The Possibilities

Many Networks Roaming

InternetMobile Routers

Approved by the Internet Engineering Steering Group (IESG) in June 1996; published proposed standard in Nov. 1996

Mobile IP is an IETF proposed standard solution for mobility at Layer 3 IP

RFC2002/3220 - Mobile IP RFC2003 and RFC2004 - Tunnel encapsulation RFC2005 - Mobile IP applicability RFC2006 - Mobile IP MIB

Associated RFCs RFC1701 GRE – Generic Routing Encapsulation RFC3024 - Reverse Tunneling for Mobile IP

IETF Proposed Standard

The Problem with Mobility

Internet

Host BGateway A171.68.0.0

Gateway C140.31.0.0

Mobile Router171.68.69.0171.68.70.0 Mobile Router

171.68.69.0171.68.70.0

“Connect to171.68.69.24”

?

• Gateway A replies to Host B with an ICMP unreachable• Gateway C blocks router from joining network

SEND

X

• Routing Protocol rejects duplicate network advertisements

Where is 171.68.69.0???

Mobile IP Solution

Internet

Host B

Home Agent171.68.60.1Mobile Router

171.68.69.0171.68.70.0 Mobile Router

171.68.69.0171.68.70.0

Mobility Binding Table:MR CoA171.68.69.0 140.31.2.1

Mobility Binding Table:MR CoA171.68.69.0 140.31.2.1

Foreign AgentCOA 140.31.2.1

• Home Agent forwards packets to Mobile Router via Care of Address [CoA]

• Mobile Router sends Registration Request [RRQ] to Home Agent (HA)

Mobile IP

Operator Benefits

• All applications work without modifications (unlike application/transport layer mobility)

• Operator can control handover policies

• Access link independent (unlike link layer mobility)

“IETF Standard RFC 3344!”

Solution in a Nutshell

A mobile node has a “home address” for the end-to-end communications, but also uses a temporary “care-of address” on access networks for routing purpose.

A home agent maintains a mobility binding of home address and care-of address.

Mobile IP Network Elements

1. Mobile Node (MN): Mobile IP enabled clients identified by home address or NAI (notebooks, cell phones, PDAs) updates CoA via registrations

2. Home Agent (HA): Mobile IP enabled gateway acts as location database for MNs

3. Foreign Agent (FA): Mobile IP enabled gateway [Optional] off-loads CPU processing of encapsulation/decapsulation, enforces local network administration policy, allows for billing of MNs, conserves IP address space, reduce access link usage

Mobile IP Key Concepts

How does the Mobile Node find out where it is? Mobility Agent Advertisements—facilitates discovery of Mobility Agents

(MN may solicits on demand) How does the Mobile Node inform the Home Agent of its current location?

Via Registration—updates mobility binding after successful authentication using security association between MN and HA

How does the Mobile Node receive packets from the Home Agent? Tunneling—Home agent adds IP header to direct packets to CoA, where

decapsulation occurs

Mobility Binding Table:MN CoA171.68.69.24 140.31.2.1

Mobility Binding Table:MN CoA171.68.69.24 140.31.2.1

Mobile IP Activities Example

MN learns about FA and registers CoA HA maintains MN location database and tunnels traffic to

FA

Internet

Host BHome Agent 171.68.69.1

Host A171.68.69.24

Host A171.68.69.24

Foreign Agent 140.31.2.1

Mobile Router (MR) Home Agent (HA) Foreign Agent (FA) [1 Hop Away from MR] Care of Address (CoA) [Tunnel Endpoint] Correspondent Node (CN) Security Association (SA) [SPI/Key] ICMP Router Discovery Protocol (IRDP) [Advertisement] Registration Request (RRQ)

Mobile IP Terminology

MR

HA FA

CNInternet

MR sends out advertisement request (Solicitation) to “all router” multicast address 224.0.0.2

FA responds with unicast advertisement to MRResponse includes Care-of Address

AdvertisementIncludes COAAdvertisementIncludes COA

Src AddrFA Intfc Addr


Dest AddrMR Addr

Dest AddrMR Addr

FA HA

SolicitationSolicitation

Src AddrMR addrSrc AddrMR addr

Dest Addr224.0.0.2

Dest Addr224.0.0.2

Edited slide from original by Lawrence Searcy, Cisco Systems

Step 1: Agent Discovery

MR1.1.1.7

MR1.1.1.7

Options in FA advertisements

R Registration required. Registration with this foreign agent (or another foreign agent on this link) is required even when using a co-located care-of address.

B Busy. The foreign agent will not accept registrations from additional mobile nodes.

H Home agent. This agent offers service as a home agent on the link on which this Agent Advertisement message is sent.

F Foreign agent. This agent offers service as a foreign agent on the link on which this Agent Advertisement message is sent.

M Minimal encapsulation. This agent implements receiving tunneled datagrams that use minimal encapsulation [34].

G GRE encapsulation. This agent implements receiving tunneled datagrams that use GRE encapsulation [16].

r Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses.

T Foreign agent supports reverse tunneling [27].

Step 2: Registration Request

MR retrieves CoA from Advertisement and sends in RRQ

FA checks requested services and either rejects and replies or forwards the RRQ to HA

1.1.1.7MR

FA

1.1.1.7

HA

RRQIncludes COA from FA

RRQIncludes COA from FA

Dest Port434

Src AddrMR AddrSrc AddrMR Addr

Src PortrandomSrc Portrandom

Dest AddrFA Intfc Addr

RRQ Includes COA

RRQ Includes COA

Dest Port434



Src Port434

Src Port434

Dest AddrHA Addr

Options in RRQ S Simultaneous bindings. If the 'S' bit is set, the mobile node is requesting that the home agent retain its prior mobility bindings, as described in Section 3.6.1.2.

B Broadcast datagrams. If the 'B' bit is set, the mobile node requests that the home agent tunnel to it any broadcast datagrams that it receives on the home network, as described in Section 4.3.

D Decapsulation by mobile node. If the 'D' bit is set, the mobile node will itself decapsulate datagrams which are sent to the care-of address. That is, the mobile node is using a co-located care-of address.

M Minimal encapsulation. If the 'M' bit is set, the mobile node requests that its home agent use minimal encapsulation [34] for datagrams tunneled to the mobile node.

G GRE encapsulation. If the 'G' bit is set, the mobile node requests that its home agent use GRE encapsulation [16] for datagrams tunneled to the mobile node.

r Sent as zero; ignored on reception. SHOULD NOT be allocated for any other uses.

T Reverse Tunneling requested; see [27].

Home Agent HA authenticates MR Sends RRP Proxy ARPs for MR Brings up tunnel and adds host route

RRP ReplyRRP Reply

Dest AddrFA

Dest AddrFA

Dest Port434

Dest Port434

Src AddrHA Intfc Addr

Src AddrHA Intfc Addr

Src Port 434

Src Port 434

Step 2: RRQ Reply

RRP ReplyRRP Reply

Dest AddrMR Addr Dest AddrMR Addr

Dest PortOrig PortDest PortOrig Port



Src Port 434

Src Port 434

Foreign Agent

• FA sees MR is authenticated

• Forwards RRP to MR

• Brings up tunnel

1.1.1.7MR

FA

1.1.1.7

HA

MR States

MR has five states that it can be in: Unknown – MR has not heard any agent advertisements and does

not know where to send registration requests (RRQs) Isolated – MR has heard an agent advertisement Pending – MR has sent an RRQ and is waiting for a registration

reply (RRP) from HA Registered – MR has been accepted and received the RRP from

HA, which has set up a binding table entry, tunnels, and routes for the MR

Home—MR is on its home network

Step 3: Routing

HomeAgent

ForeignAgent

Correspondent Host

• The home agent intercepts the traffic while the Mobile Router is registered as away

• Traffic is sent as usual to the home subnet

• Traffic is tunneled to the CoA of the MR and forwarded to MR

• Traffic from the Mobile Networks can go directly to the correspondent host = “Triangle Routing”

MobileRouter

Mobile Network Routing – Packet Flow

Mobile Router

Foreign Agent

Home AgentCorrespondent Node

Internet

Mobile Networks

Mobile Networksappear to be here

Node on MR

Mobile Networks

Edited slide from original by Lawrence Searcy, Cisco Systems

Mobile Router

Foreign Agent

Correspondent Node

Internet

HA-FA Tunnel

Node on MR


Home Agent

Mobile Networkappears to be here

Mobile Networks

Mobile Router

Foreign Agent

Correspondent Node

Internet

HA-FA Tunnel

HA-MR Tunnel

FA WAN

Nodes on MR


Home Agent


Mobile Networks

Mobile Router

Foreign Agent

Correspondent Node

HA-MR Tunnel

Internet

HA-FA Tunnel

FA WAN

Node on MR


Home Agent


Mobile Networks

Mobile Router

Foreign Agent

Correspondent Node

HA-MR Tunnel

Internet

HA-FA Tunnel

FA WAN

Node on MR

Mobile Network Routing – Return Packet Flow

Home Agent


Mobile Networks

Tunneling HA double encapsulates the packets, creating two

tunnels: HA to FAHA to MR

FA strips outer header and forwards to MR MR strips inner header and forwards to node on

mobile network

Outer HeaderHA FA

Inner HeaderHA MR

Original Packet

100.100.100.1 30.30.30.1 100.100.100.1 65.1.1.1 <src> <dest> Data

Tunneling cont.

HA dynamically creates tunnel(s) as MRs and Mobile Hosts register

Tunnels are handled as interfaces HA Routing Table shows Tunnels as interfaces So “Tunneling” involves

ENCAPSULATIONINTERFACES IN ROUTING TABLE

Home_Agent_#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static routeGateway of last resort is not set 110.0.0.0/8 is variably subnetted, 10 subnets, 2 masksM 110.10.11.0/24 is directly connected, Mobile0M 110.10.11.237/32 [3/1] via 10.10.10.97, 00:57:28, Tunnel2M 110.10.11.245/32 [3/1] via 10.10.10.129, 03:01:54, Tunnel010.0.0.0/8 is variably subnetted, 14 subnets, 3 masksC 10.10.10.32/27 is directly connected, FastEthernet0/0C 10.10.10.76/30 is directly connected, Loopback0O IA 10.10.10.96/27 [110/11] via 10.10.10.36, 00:57:35, FastEthernet0/0M 10.10.11.112/28 [3/1] via 110.10.11.237, 03:55:57, Tunnel1O IA 10.10.10.128/27 [110/2] via 10.10.10.74, 00:57:35, FastEthernet0/1M 10.10.11.144/28 [3/1] via 110.10.11.245, 03:55:57, Tunnel5

HA State – Routing Table

MR Routing

Once MR is registered, routing is disabled on the MR’s roaming interfaces.

When MR is home, routing is resumed on the interfaces (bindings and tunnels are no longer needed).

Mobile Router Timers

Agent Solicitation-By default it is off, but if configured, keeps track of when to send next solicitation

Agent Advertisement-Based on IRDP lifetime. As advertisements are received, timer is restarted. When timer expires, agent removed from agent table.

Registration-Keeps track of when to send registrations before the registration lifetime expires. MR re-registers until a reply is received.

Registration lifetime-Based on granted lifetime. As replies are received, timer is restarted. When timer expires, there is no more registration.

Hold down-By default it is off, but if configured, MR waits for timer to expire before using an agent heard on that interface.

Mobile IPFeatures

Mobile Router Features

Co-located Care-of Address

Reverse tunneling

Preferred interfaces

Hold down timer

Agent solicitation

Mobile Router Features

MR redundancy

MR Asymmetric Links

MR Dynamic Networks

Identification mismatch adjustment

Sequence number detection

Co-located Care-of Address Support

Care-of Address resides on Mobile Router itselfRather than on the Foreign Agent

Does away with the need for Foreign Agents Two IP-in-IP tunnels are created: HA-Co-located

address, HA-MRHA-Co-located address tunnel is only used for routing Tunnel “Interfaces” added in Routing table

MR HA

Co-located Care-of Address cont.

Static Co-located Care-of Address support uses the address statically configured on the roaming interface as care-of address

Used for fixed-IP address connectionse.g. Cellular Data Modem

MR HA

© 2002, Cisco Systems, Inc. All rights reserved. Cisco Mobile Access Router—Module 2 -38

Static Co-located Care-of Address

Co-located Care-of Address cont.

CCoA can be Static or Dynamic

Dynamic Co-located Care-of Address support uses DHCP or IPCP to obtain a care-of address for the roaming interface

MR HA

Reverse Tunneling

Normally, routers route packets by looking at the destination address only.

A security measure against attacks (such as spoofing), ingress filtering on a router checks the source and destination addresses on a packet to make sure that they are topologically correct.

This poses a problem for Mobile IP because the source address of a packet from a mobile node does not belong to the network from which it emanated.

Mobile Router

Foreign Agent

Correspondent Node

HA-MR Tunnel

Internet

Mobile Network

HA-FA Tunnel

FA WAN

Node on MR


Home Agent


Reverse Tunneling

Reverse tunneling satisfies ingress filtering Packets from the mobile network are sent back to the HA

through the tunnel HA de-capsulates the packets and forwards them to their

destination through normal routing Thus, the received packets’ path is topologically correct

Mobile Router

Foreign Agent

Correspondent Node

HA-MR Tunnel

Internet

RoamingInterface

Mobile Network

HA-FA Tunnel

FA WAN

Node on MR

Mobile Network Routing – Reverse Tunneling

Edited slide from original by Lawrence Searcy, Cisco Systems Home Agent


Preferred Interfaces By default, the Mobile Router sends data out the active

interface with the highest bandwidth. If the bandwidth on multiple interfaces is equal, then the

interface with the higher IP address is preferred. Priority can be configured on mobile router interfaces

(default 100). MR prefers to register with higher priority interface. Uses – least-cost routing, preferential routing

Asymmetric Links

Mobile Router can route traffic unidirectionally over half-duplex links

Especially for a satellite environment MR configured to send traffic to a downlink

router even though it hears advertisements on another interface

FA configured to advertise foreign-agent service out only one interface, the uplink interface connected to MR

Asymmetric Links

Home Agent Foreign Agent

UplinkDownlink

MR

FA advertises service onits uplink to MR’s downlink

MR sends RRQ to HAvia FA using its uplink

RRP is sent to FA,which forwards it to MR on its uplink.

UplinkDownlink

ADVTRRQ

RRP

Then tunnels areset up between HA-FA,HA-MR’s downlink interface

Dynamic Mobile Networks

•Mobile Networks can register with Home Agent dynamically (as opposed to static network configuration on HA)

•Critical Vendor/Organization Specific Extension (CVSE) is appended to the RRQ by MR, which contains the mobile network information

•Re-registrations do not append CVSE

Dynamic Mobile Networks cont. •When mobile network is added/deleted, MR immediately sends another re-registration with CVSE

•HA processes RRQ with CVSE by adding/deleting mobile network(s) and creating/deleting routes to the mobile network via MR

•If mobile network already exists HA ignores the request

Dynamic Mobile Networks cont. 2

•FA needs to be able to process RRQs with CVSE in order to forward them on to HA.

•Dynamic and Static Networks can be configured at the same time for an MR.

NOTE: CVSE is being replaced by AVSE (standards-based) in near future

Mobile IPin real deployments

Mobile IP and GPRS Similarities

MT

GGSN

SGSNIP Network

MN

HA

FAIP Network

GTP

IPinIP/GRE/UDP

Mobile IP and GPRS Integration

Internet

WLAN WLAN HotspotHotspot

Serving GPRSSupport Node(SGSN)

BSC

BTS

Gateway GPRSSupport Node(GGSN)

RADIUS Server

GPRSGPRSBackboneBackboneNetworkNetwork

(IP-Based)(IP-Based)GTP

AP

Home Agent Foreign Agent function can be added to GGSN and WLAN Access Router, though Mobile IP works without FA as well.

3GPP WLAN Interworking Scenarios

6 Scenarios identified which corresponds to incremental steps in terms of services and operational features

1. Common billing and Customer care 11 no impact on 3GPP specs as such; access to Open internet

2. 3GPP system based access control and charging with access to UMTS/GSM authentication (based on EAP-SIM/AKA methods)3. Access to 3GPP system PS based services (e.g. IMS, Streaming, MMS, etc.) bearer path to the home domain (current GPRS model)4. Service Continuity L3 Mobility introduction (e.g. Mobile IP technology)5. Seamless service provision6. Access to 3GPP CS Services (no use case so far)

UMTS R6 includes scenario 2 & 3 UMTS R7 will consider scenario 4 (mobility)

WLAN/GPRS Seamless Mobility Scenario 4 (Tentative)

SGSNGGSN(FA)

GPRS/UMTS

IP CoreCMX

PDG (FA)

WLAN 802.11Access Network

Mobility(HA)

Dual-mode handsets with L3 Mobility support

Applications

RAN

RNCRNC

Content

Reiterate Benefit

Mobile IP operates at network layer, independent of link layer access technologies, allowing migration and coexistence of various access networks while providing seamless mobility transparently to the user

Proven mobility across satellite, WLAN, GPRS, CDMA2000 1xRTT, Flash OFDM, iDEN, CDPD, etc.

Differences between Mobile IPv4 and Mobile IPv6 Mobile IPv6 leverages enormous IPv6 address space Mobile IPv6 is integrated into base IPv6 protocol MNv6 automatically obtain CoA after Router Advertisement

received No Foreign Agent in Mobile IPv6 Registrations are protected by IPSec in Mobile IPv6 Built in route optimization between MNv6 and CNv6

Security implications of Mobile IP Access authentication independent of Mobile

IP PPP CHAP for dial up 802.1x for WLAN

Service authorization Mobile IP security association for registrations

QOS Implications of Mobile IP DSCP copy to tunnel header Per MN session policing

Mobile IP Scalability and Flexibility Demonstrated deployment of millions of MNs Mobile IP used for macro-mobility and micro-

mobility

References

Books MOBILE IP The Internet Unplugged, ISBN 0-13-

856246-6 James D. Solomon Cisco Mobile IP Web Page

• http://www.cisco.com/go/mobile_ip IETF Mobile IP Working Group

• http://www.ietf.org/html.charters/mobileip-charter.html

Cisco Mobile IP Software Development

Mobile IP Portfolio

Product portfolio consists of: Innovations Standards compliance

IOS FeaturesFeatures Releases

Home Agent and Foreign Agent(RFC 2002, RFC 2003) 12.0(1)T

Home Agent and Foreign Agent MIBs(RFC 2006) 12.0(1)T

Home Agent Redundancy 12.0(2)T

Cisco Enterprise Mobile IP MIBs 12.2(2)T

Home Agent Redundancy with SA Synchronization 12.1(7.1) 12.2(0.11)T

Resynchronize SA 12.1(5.6) 12.2(0.11)T

HA and FA Set/Trap MIBs 12.2(2)T

Mobile Router Redundancy

Mobile Node MIBs (RFC 2006)

IPinIP Tunnel CEF Switching 12.2(13)T

Cisco Mobile Networks Dynamic Network

Cisco Mobile Networks Asymmetric Link

Mobile IP Generic Network Access Identfier (NAI) Support and Home Address Allocation (RFC 2794)

Mobile IP Support for Foreign Agent Reverse Tunneling (RFC 2344, RFC 3024)

Mobile IP RFC 3220 and RFC 3344 Compliance

HMAC-MD5 Authentication

Vendor Specific Extensions (RFC 3025, RFC 3115)

Mobile IP Challenge/Response Extensions (RFC 3012)

Mobile IP - NAT Detect

IOS FeaturesFeatures Releases

Mobile IP Home Agent Policy Routing 12.2(13)T

Cisco Enterprise Mobile IP MIBs (NAI and HA Redundancy) 12.2(13)T

Mobile IP - Home Agent Accounting 12.2(15)T

Cisco Mobile Networks - Static Collocated Care-of Address 12.2(15)T

Cisco Mobile Networks - Priority HA Assignment 12.2(15)T

Cisco Mobile Networks - Tunnel Templates for Multicast 12.2(15)T

Mobile IP Dynamic Security Association and Key Distribution 12.3(4)T

Mobile Networks Deployment MIB 12.3(4)T

Mobile Networks Dynamic Collocated Care-of Address 12.3(4)T

Mobile Networks Home Agent Redundancy For Dynamic Networks 12.3(4)T

MIBs for Reverse Tunnel, FA Challenge, and VSE 12.3(4)T

NAT Detect for FA COA 12.3(5.2) 12.3(5.5)T

IGMP Query Trigger 12.3(5.9) 12.3(5.9)T

Mobile IP NAT Traversal (RFC 3519) 12.3(8)T

Cisco’s IP Mobility Role in Standards

Standards Priority

Focus on pragmatic existing deployment issues Address real world problems in Mobile IPv4 WG

Focus on features needed to facilitate Mobile IPv6 deployments Evaluate GAPs, CDMA2000 requirements

Cisco IETF drafts

Cisco Authored Drafts

WG TITLE DRAFT AUTHORS STATUS

MIP4

The Definitions of Managed Objects for IP Mobility Support using SMIv2, revised draft-ietf-mobileip-rfc2006bis-01.txt kleung WG item

Dynamic HA Assignment Framework draft-ietf-mip4-dynamic-assignment-00.txt mkulkarn, alpesh, kleung WG item

Experimental Message, Extension and Error Codes for Mobile IPv4 draft-ietf-mip4-experimental-messages-00.txt alpesh, kleung WG item

Mobile IPv4 NAI-based Home Address Assignment draft-paulkandasamy-mobileip-nai-based-home-address-00.txt naveenpk, kleung

MIP6

The Mobile IPv6 MIB draft-ietf-mipv6-mib-01.txt sgundave WG item

Authentication Protocol for Mobile IPv6 draft-patel-mipv6-auth-protocol-00.txt alpesh, kleung

Network Access Identifier Option for Mobile IPv6 draft-patel-mipv6-nai-option-00.txt alpesh, kleung

Vendor/Organization Specific Mobility Options for MIPv6 draft-patel-vendor-options-00.txt alpesh

Experimental Mobility Options for MiPv6 draft-patel-experimental-options-00.txt alpesh

Mobile IPv6 Bootstrap TBD alpesh

NEMO

Base NEMO draft-ietf-nemo-base.txt pthubert WG item

NEMO MIB draft-ietf-nemo-mib.00.txt sgundave WG item

OSPF-MANET

Problem Statement for OSPF Extensions for Mobile Ad Hoc Routing draft-baker-manet-ospf-problem-statement-00.txt mchandra WG item

Extensions to OSPF to Support Mobile Ad Hoc Networking draft-mchandra-ospf-manet-ext-00.txt mchandra WG item

Mobile IP is also about the clients

Handover enhancements, why Mobile IP is as good a other mobility schemes

Make before break

Clients are always connected to at least one radio network such as 2.5 or 3G, those are the underlying building blocks of IP Mobility

Clients can measure radio network characteristics, especially of those other/extra radio available ( WIFI / WIMAX / … )

They can always perform a new Registration Request on a new access link before having lost the previous link

Home Agent and Client establish new association

All routing changes updated before losing previous association

There is no packet loss in handover process

Mobile IP Clients

Notebook/PDA Support

Birdstep Technology Birdstep Intelligent Mobile IP Client

Cisco & Toshiba Partnership Cisco Mobile IP Client

Intel Intelligent Roaming Continuous Roaming Mobile IP Client

Lifix Systems Lifix Go! Mobile Client

ipUnplugged ipUnplugged Roaming Client

Ecutel Viatores Client

Greenpacket SONmobile

Cellphone Support

Motorola iDEN (Integrated Digital Enhanced Network) Motorola iDEN handsets Nextel is the Service Provider

Mobile IPv4 Clients PC/Workstation

IP Operating Systems Name License Comments

4 Cisco IOS Cisco Mobile IP commercial

4 FreeBSD 2.2.2 Monarch BSD style 1998 - Rice University

4 FreeBSD 2.2.8, 4.6, 4.8, 4.9, 5.2 Secure Mobile Net BSD style 2003 - Portland State University, actively updated

4 HP-UX 11.11 HP commercial Mobile IPv4 HA/CN, Reverse Tunneling, Route Optimization and AAA support

4 Linux Dynamics GPLv2 2001 - Helsinki University of Technology, not updated

4 Linux Secgo Mobile IP commercial

4 Linux Secure Mobile Net BSD style 2003 - Portland State University, actively updated

4 Linux UoB-NOMAD SPL 2003 - based on NOMADv4

4 Linux kernel 2.2.16 MosquitoNet GPL? 2000 Stanford University

4 NetBSD 1.1 Monarch BSD style 1998 - Rice University

4 Solaris Sun Mobile IP commercial

4 Userland, (platform independent) HP Mobile IP restricted 1997

4 Windows Birdstep commercial

4 Windows EcuTel commercial

4 Windows Roamin proprietary 2000 - binary dist. for non-commercial use only

4 Windows Secgo Mobile IP commercial

4 Windows ipUnplugged commercial

4 Windows client Dynamics GPLv2 2001 - Helsinki University of Technology, not updated

4 Windows/Linux Netseal MPN commercial High availability HA(Linux), MN(Windows)

4 embedded systems Birdstep commercial

4 embedded, OS independent Treck Inc. commercial

Mobile IPv6 Clients PC/Workstation

IP Operating Systems Name License Comments

6 BSD? NEC MIPv6? 2001? - NEC

6 Cisco IOS Cisco Mobile IP commercial 2003? - technology preview

6 FreeBSD SFC-MIP BSD-style?2002? - SFC of WIDE

6 FreeBSD 2.2.2 with INRIA's IPv6 Monarch BSD style 1997 - Rice University, (draft -03)

6 FreeBSD 3.4 INRIA HMIPv6 BSD-style 2000

6 FreeBSD 4.9 KAME BSD-style 2004 - Stable, MIP code experimental, actively updated

6 HP-UX 11.11, 11.23 HP commercial Mobile IPv6 HA/CN, draft-24

6 Linux HMIPv6 GPL or BSD-style 2003 - Monash University, based on MIPL

6 Linux Lancaster MIPv6 Pkg ? 1998 - Lancaster University

6 Linux 2.4 TKN HMIPv6 ? 2002 - Technical University of Berlin

6 Linux 2.4.0 MIPL GPL 2003 - draft -24

6 NetBSD 1.6.1 KAME BSD-style 2004 - Stable, MIP code experimental, actively updated

6 Tru64 UNIX 5.1B HP commercial 2003 - draft -24

6 Windows Microsoft Research ? 2000 - partial MIP v6 support

6 embedded, OS independent Treck Inc. commercial

Concrete applications in Mobile SP

Mobile IP key deployment pointsHome Agent is the anchor point for MNs

Bandwidth overhead and FA relationship

Authentication process

It is a second authentication, for mobility service

There is still a initial link layer authentication

Preferred interfaces

Make before break and minimal / no IP interruption

interfacing layer 2 signal strengths

Cisco Wireless Convergence

1 Access 3 Services2 Control

Network Manager Agg.Auth./ Access Control

Service / Content Billing

Mobile Internet Edge

Access NetworksVenue Owners

Off Net Services

3G

WLAN

GPRS

WiMAX

Cisco Mobile Exchange

BillingAuthent. Corporate

Intranet

WirelessASP

ContentProvider

Internet

On Net Services

Streaming Localization

L2TP

GRE

IPSec

MPLS

IPV4

IPV6

GGSN

802.11

WiMAX

VPN

Other

Next-Generation IP Infrastructure All-IP Multimedia Mobile Network

SGSNGGSN(FA)/

PDSN

GPRS/UMTS/CDMA

PLMN

IP Core

MSC/VLR

CCM

MSC/VLR

CMX

Session control(SIP)

PSTN Gateway

Visited AAA

Home AAA

(FA)

WLAN 802.11Access Network

Visited AAA

Mobility(HA)

Handsets with VoIP & dual-mode support &

Mobility supportCorp AAA

PresenceHosted Applications

V

Enterprises

Unified IP-based infrastructure allows for uniform delivery of services across consumer, enterprise and carrier domain

RAN

RNCRNC

Market Leaders Early Field Trial since 1997, General Availability January 1999 Home Agent Redundancy Largest mobile implementation of MoIP worldwide - Nextel

Mobile IPv4 RFC Compliant 2002, 2003, 2005, 2006, 2794, 3012, 3220, 3344, 3519, 3543 compliant

Applications Foreign Agent, Home Agent, Proxy Mobile Node, Mobile Router

Platforms Support 2600 through 7200, Cat5K RSM, Cat6K MSFC, 7600

Cisco IOS Tightly integrated with Cisco IOS functionality

Cisco & Mobile IP

GGSN Mobile IP support

Mobile IP proxy Foreign Agent On PDP context activation GGSN will perform:

AAA req to authenticate and get the HA credentials (IP address, security keys)

MIP RegistrationReq to the HA PDP Address can be allocated by HA GTPv0 and GTPv1 support Transparent to the MS (no Mobile IP support in the MS)

GGSN 5.0 feature

Full FA functionality on the roadmap

HA – Cisco IOSBasis and Resources

HA products leverage high proportion of IOS code base to enable advanced IP network services

Current features under use today in HA from IOS include MoIP, IPSec, Routing Protocols (e.g. OSPF, RIP, BGP, EIGRP), HSRP, ODAP, VRF, QoS

HA runs on established platforms (7200, 6500, 7600) and can leverage the service blades and functionality of the platforms

• Multiprocessor WAN Application Module

• Hardware design based on existing modules, e.g. Firewall Module

• Vehicle for delivery of IOS based features; IOS application runs on the daughter card

• 5 processors per MWAM utilized, 5 instances of HA or PDSN

• All Mobile Wireless Applications use same Underlying Hardware - SSG, GGSN, PDSN, HA

• Management : Mobile Wireless Center (MWC)

MWAM Product Overview

6509NEBs/7609 HA Sample Configuration*

• Supervisor Modules (SUP2)– Central Switching and management

function– Runs separate IOS – Second SUP2 can be configured for

redundancy

• MWAM– HA application– Up to 6 MWAMs per chassis**

• IPSec VPN Services Module– IPSec Acceleration

• I/O Modules:– 100BaseT (Fast Ethernet)– 1000BaseT (Gigabit Ethernet)

*This is a sample configuration for xx09 only.

** 6513/7613 chassis can have up to 10 MWAMs.

65xx/76xx Flexibility

Licensing is flexible to allow easy growth Can be licensed per MWAM Can be licensed per processor True for HA, CSG, SSG

Same chassis can be utilized for multiple CMX components Cost savings on h/w Easy growth and expansion as add services; example:

Simple IP services with VPN required for initial deployment. Mobile IP Services added. MWAM for HA added to same chassis. Additional content billing capabilities desired. CSG added to same chassis.

Standards-based product ensures successful interoperation with other vendors.

Basic features provide robust HA HA redundancy: No impact to user. HA load balancing: One IP address presented to FA. WLAN interworking: Seamless roaming.

Premium features further enhance the HA VRF: Supports overlapping IP addresses. Hotlining: Supports IP packet redirection QoS: Downstream per session QoS. Aggregate QoS on interfaces.

Cisco HA Features & Compliance

Mobile Wireless Home Agent (HA) Roadmap

GA = Generally Available FCS = First Customer Ship EFT = Early Field Trials EC = Execute Committed CC = Concept Committed NC = Not Committed

HA R1.2 FCS(7206VXR/76xx/65xx)

EFT – 15 May ’02 / 18 Nov ‘02FCS – 16 Sept ’02 / 30 Dec ’02

76xx/65xx Key Platform Features :Sup720

HA Key Features:Capacity/Performance ImprovementsMobile IPv6IP Reachability per 835B (DNS update by HA)HA Accounting per 835CContinuous MIB EnhancementDynamic IPSec per 835BStandards Compliance

Solution Notes:L2TPv3MPLSMWAM – Sibyte with 1GHz Processor and 1G of memory

NOTE: PRICING TBD.

HA R2.0 EC(7206VXR/76xx/65xx)

EFT – 15 Jan ‘04FCS – 30 Apr ’04

HA R3.0 NC(7206VXR/76xx/65xx)

EFT – Q1 CY05FCS – Q2 CY05

76xx/65xx Key Platform Features :Firewall & IDS Module Support

7206 Key Platform Features :NPE-G1 with 1GB DRAMSA-VAM2

HA Key Features :HA Load Balancer (HA-SLB) (MWAM only)HA Redundancy EnhancementsODAPStatic IPSec per 835BResource Revocation per 835CPacket of Disconnect (PoD) per 835CConditional Debugs for MoIPVRF (overlapping IP addresses)Hotlining(rebuild) QoS Solution Notes:SSHv2WLAN Interworking

NOTE: Pricing Available

CQ042003

CQ032003

Jun2003

Feb2003

Jan2003

Dec2002

Nov2002

Oct2002

Sep2002

Note: There is an associated cost for each release. Some features may have additional cost in addition to the base.Note: There is an associated cost for each release. Some features may have additional cost in addition to the base.

Mar2003

Apr2003

May2003

CQ012004

CQ022004

CQ032004

HA Key Features:Proxy MoIPHA Redundancy (1:1)HA Binding UpdateHA Accounting3DES Encryption SupportMoIP MIB Enhancements

Solution Notes:Features consistent on all platforms3DES Encryption Support (h/w required)

NOTE: Pricing Available

CQ042004

PDSN/HA Key Features:Capacity/Performance ImprovementsBroadcast/MulticastStandards ComplianceContinuous MIB EnhancementDiameterPSD

NOTE: PRICING TBD.

HA Rx.0 NCEFT – FCS –

R1.2 HA Performance

Users 7206 HAHAper

MWAM

xx13 HA Chassis

10 MWAMs

Total Bindings 235K 1.175M 11.75M

Throughput - NDR(512 bytes/pkt)

160 Mbps 2.5 Gbps 25 Gbps

• Results based on 512 Byte packets, unfragmented.• Performance measured for No Drop Rate. NDR is 0.01% or 1 in 10,000 packets.

Home Agent Summary

Feature Rich• Highly Compliant to Specifications and Customer Requirements• Value added service support such as VRF, Hot Lining, QoS• Service enablement via Cisco Mobile Exchange Framework components

Fault Tolerance• HA Redundancy, HA-SLB • Geographic Resiliency

Product Maturity• Real life deployment; deployed since 2001

Capacity and Performance Scalability • Small to very large deployment options

Management• Provisioning, Fault Mediation, Performance Mediation, Troubleshooting &

Security

Cisco 3200 Mobile Access Router Product Overview

Agenda

Overview of the Cisco 3200 Series Mobile Access Router Mobile Access Router Card Serial Mobile Interface Card Fast Ethernet Switch MIC Cisco 3200 Example Configurations

Cisco Mobile Access Router

Mobile Access Router Overview

Mobile Access Router Card (MARC) High performance processor One 10/100 Ethernet One console One powered async serial (for GPS)

Mobile Interface Cards (MICs) SMIC: 4 port sync/async serial FESMIC: 4 port FE/E Switch Card

MARC

MIC

MIC

Remember the Names

Cisco 3200 Mobile Access Router Cisco 3200 Series Cisco 3251 Mobile Access Router Card (MARC) Cisco 3201 Serial Mobile Interface Card (SMIC) Cisco 3201 FastEthernet Switch Mobile Interface

Card (FESMIC)

Cisco 3250 Mobile Access Router Platform

High performance mobile access router Modular Circuit-board construction Mobile Access Router Card (Cisco3251MARC) Serial Mobile Interface Card (Cisco3201SMIC) Fast Ethernet Switch MIC (FESMIC) PC/104-Plus Form Factor PC/104-Plus “Compliance”, PCI-Only Runs Cisco IOS Utilizes Cisco Mobile IP Feature Set Industrial Grade -40 C to 85 C local ambient

MARC

SMIC

SMIC

FESMIC

Static Control (ESD)

PC 104-Plus Mechanical Standard

More Specific information at www.PC104.org Including definition of our level of compliance

•Cisco 3200 Series will test with a 3rd Party Lab to conform to the level of PC104-Plus Compliant

Industry Standard Hardware form factor

Source: PC104-Plus Specification Version 1.2

Size = 3.775” x 3.55”

Why PC-104-Plus?

Smallest industry standard computing platform Both ISA and PCI bus

Cisco puts signals on PCI bus only Any non-Cisco cards cannot signal on PCI bus

ISA bus OK Self-stacking

No backplane or cardcage required Stand-offs and screws recommended

Designed for rugged, industrial-grade applications Good product availability, vendor support

PC-104-Plus Card Format

Cables and Connectors on I/O side provided by SI

PCI Bus Connector

120 pin, stack through, PCI BUS Connector (no key)

ISA Bus Connector

104 pin, Stack through, ISA Bus Connector (no key)

No Cisco signals over ISA Bus

Power provided By SIPower supply pins and grounds are connected to the Cisco boards via ISA / PCI connectors

Complete Solution Requires Integration

Cisco 3200 Series MARC + FESMIC+SMICAironet 350 Access Points

Wireless Infrastructure with external Radios compatible with network

Cables + Power Supply + EnclosureEnvironmental/Ruggedized to specs and integrated with customer-supplied device

or vehicle

Installation, deployment, training, etc.

System IntegrationSystem Integration

Mobile Access Router Card (MARC)

MPC8250, running at 200MHz CPU core, 133MHz CPM core and 66MHz Motorola 60x Bus.

32-bit PCI bus version 2.1 running at 25MHz, connects to Cisco MICs.

128Mbyte 64 bit, Unbuffered, Synchronous DRAM,

32Mbyte 16 bit of Flash memory, Single 10/100 Fast Ethernet, full-duplex 100

Base-T, with auto negotiation. Single Console, with modem flow control. Single Asynchronous, RS-232 serial, for

GPS/AUX devices. Integrated host-to-PCI bridge (PCI bus version

2.1), with built-in PCI arbiter that supports three external bus masters/PCI agents.

Mobile Access Router Card

34 pin, locking header Aux ConsoleLED’s5V power

10 pin, locking header, for MARC Fast Ethernet

PCI Bus Connector

120 pin, stack through, PCI BUS Connector (no key)

ISA Bus Connector

104 pin, Stack through, ISA Bus Connector (no key)

No Cisco signals over ISA Bus

Serial Mobile Interface Card (Cisco3201SMIC)

• Type of Mobile Interface Card (MIC) • Typically used for a WAN (modem)

interface to a wireless / satellite network• Asynch/Synch

Supports up to 2Mbps

• 4 Cisco 12-in-1 Serial Interfaces• All existing 12-in-1 signals

supported• Signals thru 2 60-pin multifunction headers• PCI Bus• Up to 3 per stack

Set rotary switch to unique number

60-pin Multifunction Header

Rotary Switch

PCI Bus ISA Bus

Fast Ethernet Switch MIC (FESMIC) 1 10/100 Ethernet with 4 port

switch with VLAN 802.1q and 802.1p supported Can route between FESMIC and MARC FastE

LED signals thru LED header No in-line power provided ISL not supported Limit one FESMIC per 3200

Fast Ethernet Headers

PCI BusLED HeaderISA Bus

111Presentation_ID © 2001, Cisco Systems, Inc.

Cisco 3200Cisco 3200Mobile Access RouterMobile Access RouterIOS Configuration

Agenda Configuration Outline Configuration Commands Example Configurations Troubleshooting

Reference: http://www.cisco.com/univercd/cc/td/doc/product/software/

ios122/122newft/122tcr/122tip1r/p1ftmobi.htm

Configuring Mobile IP An Outline

© 2002, Cisco Systems, Inc. All rights reserved. 114

• Step 1 – • A. Create HA as a mobile IP agent

• Define it as an HA

• B. Set virtual nets in HA • Redistribute the virtual nets in routing updates

• C. Define the IP address of the mobile router so the HA will recognize it • Define the networks that will be associated with that Mobile Router

• D. Set up security association for that Mobile Router

Steps to Configure Home Agent

Virtual Networks

Virtual Network is: Non-physical = no interface Added to Routing Table “Home” network for Mobile Host and Router

Mobile Host addresses are assigned from this Must be unrelated to “real” networks

• Step 2 – • A. Create FA as a mobile IP agent • B. Define it as an Foreign Agent

• Specify the interface to be used as Care-of Address

• C. Configure an interface to support Mobile IP• IP address and mask• Enable IRDP

• Optional: IRDP advertisement intervals• max, min, and holdtime

• Enable FA service on the interface

Steps to Configure Foreign Agent

• Step 3 – • A. Create Mobile Router as a mobile IP agent • B. Define it as an MR

• Specify its address and subnet mask• Specify the IP address of its HA• Optional – registration parameters• Optional - Set Reverse Tunnel on

• C. Configure Security Association with HA• Must match HA

• D. Specify an interface with Mobile IP service• Set the IP address and mask• Enable roaming

Steps to Configure Mobile Router

• Step 4 – Enable services (optional)• Solicitation, retransmission intervals

• Co-Located Care-of Address (optional) • Enable CCOA on interface

• Set Default Gateway on interface

Mobile Router – Optional Features

• Step 5 –Mobile Router Redundancy (optional)

• Enable HSRP on interface• Set Priority

• Set Preempt

• Configure group name

• Add redundancy group name to Mobile Router configuration

Mobile Router Redundancy

Cisco 3200 Installation CourseLab Diagram Network 10.10.10.0/24 Network 10.10.11.0/24

FE0/0.69/30 E1 .33/28

.34/28

Loopback 0110.10.11.209/32

10.10.11.36/283200 Bridge802.11b

802.11b

Home Agent

Foreign Agent 1

Foreign Agent 2

FE0/1.73/30

FE0/0

.74/30FE0/1

.129/28

FE0/0

.70/30

.130/28

.98/28

FE0/1

.97/28

FA1 Bridge

FA2 Bridge

E1/0.33/28

WebCam.35/28

Server.34/28

C3200

Lo0 .77/30

Virtual Network

110.10.11.0 / 24

Configuring Mobile IP


HA(config)#router mobile Enables Mobile IP on the router

HA(config-routerip mob)#ip mobile home-agent Enables home agent service.

HA(config)#ip mobile virtual-network Creates a Virtual network net mask [address address ]

HA(config)# router protocol [process ID] Enters router configuration mode

HA(config-router)# redistribute mobile subnets Enables redistribution of virtual network and mobile subnets into

routing protocols

HA(config)# ip mobile host lower [upper] Specifies mobile nodes on a virtual virtual-network net mask network

HA(config)#ip mobile host lower [upper] Specifies mobile nodes on a physical interface name interface

HA(config)# ip mobile mobile-networks address Specifies mobile router to be set up

HA(mobile-networks)# network net mask Specifies a network that will be hosted on the mobile host (router)

HA(config)#ip mobile secure host Sets up mobile host security address spi spi key [hex/ascii] string associations.

Configure HA

HA(config)# router mobile

HA(config-router)# ip mobile home-agent

HA(config)# ip mobile virtual-network 10.10.11.0 255.255.255.0

HA(config)# router ospf 64

HA(config-router)# redistribute mobile subnets

HA(config)# ip mobile host 10.10.11.77 virtual-network 10.10.11.0 255.255.255.0

HA(config)# ip mobile mobile-networks 10.10.11.77

HA(mobile-networks)# network 10.10.11.76 255.255.255.252

HA(config)# ip mobile secure host 10.10.11.77 spi 300 key hex 12345678123456781234567812345678

HA(config)#ip mobile home-agent lifetime 65535

Configure HA (example)

FA(config)#router mobile Enables Mobile IP on the router

FA(config)#ip mobile foreign-agent Sets up care-of addresses advertised to care-of interface all foreign agent-enabled interfaces.

FA(config-if)#ip mobile foreign-service Enables foreign agent service on the interface.

FA(config)#router mobile

FA(config)#ip mobile foreign-agent care-of Faste 0/0

FA(config)#ip mobile foreign-agent care-of Faste 0/1

FA(config)#interface Faste 0/0

FA(config-if)#ip mobile foreign-service

FA(config-if)#ip mobile registration-lifetime 65535

FA(config)#interface Faste 0/1

FA(config-if)#ip mobile foreign-service

Configure FA

C3200_(config)# interface loopback number Configure loopback address

C3200_(config-if)# ip address <IP address Specifies IP address for loopback subnet mask> interface

C3200_(config)# router mobile Enable Mobile IP on the router

C3200_(config-router)#ip mobile router Configure the mobile router

C3200_(mobile-router)# address IP address of mobile router (using <IP address><SN mask> loopback address)

C3200_(mobile-router# home-agent Specify Home Agent and priority <IP address> [priority priority]

C3200_(config)# ip mobile secure home-agent Set up authentication key <IP add> spi spi key [ hex/ascii ] string

C3200_(config)# interface interface Configure roaming interface

C3200_(config-if)# ip mobile router-service roam [priority priority level ]

C3200_(config-if)# ip mobile router-service solicit [interval seconds] [retransmit initital interval maximum interval retry number of retries ]

Configure Mobile Access Router

C3200_# interface loopback

C3200_(Interface)# ip address 10.0.11.77 255.255.255.252

C3200_# router mobile

C3200_# ip mobile router

C3200_# address 10.0.11.77 255.255.255.252

C3200_# home-agent 10.0.10.77

C3200_# ip mobile secure home-agent 10.0.10.77 spi 300 key hex 12345678123456781234567812345678

C3200_# interface Faste 0/0

C3200_(interface)# ip mobile router-service roam

C3200_(interface)# ip mobile router-service solicit

Configure Mobile Access Router (example)

HA(config)#interface name Interface providing the service

HA(config-if)#ip irdp Turn on the advertisements on the interface

HA(config-if)#ip irdp maxadvertinterval [4-1800]

HA(config-if)#ip irdp minadvertinterval [3-1800]

HA(config)#interface e5/0/2

HA(config-if)#ip irdp

HA(config-if)#ip irdp maxadvertinterval 10

HA(config-if)#ip irdp minadvertinterval 4

Configure HA Advertisements (Optional)

FA(config)#interface name Interface providing the service

FA(config-if)#ip irdp Turn on the advertisements on the interface

FA(config-if)#ip irdp maxadvertinterval [4-1800]

FA(config-if)#ip irdp minadvertinterval [3-1800]

FA(config)#interface e3/1

FA(config-if)#ip irdp

FA(config-if)#ip irdp maxadvertinterval 10

FA(config-if)#ip irdp minadvertinterval 4

FA(config)#interface e3/2

FA(config-if)#ip irdp

Configure FA Advertisements (Optional)

Troubleshooting Mobile IP


Troubleshooting Mobile IP - Outline

1. What is router’s configuration? Verify Agent, Operation Is it sending Advertisements?

SHOW IP MOBILE GLOBALS DEBUG IP MOBILE ADVERTISEMENTS2. What is Mobile Router seeing?

Is Wireless associated? Is Mobile Router receiving Advertisements?

DEBUG IP ICMP3. What is router doing?

Is Mobile Router trying to register? Are FA and HA accepting registrations?

DEBUG IP MOBILE4. Who are router’s neighbors? SHOW IP ROUTE SHOW ARP

Troubleshooting Mobile IP - Outline1. What is router’s configuration?

Verify Agent, Operation Is it sending Advertisements?






IP Mobility global information:

Home Agent

Registration lifetime: 10:00:00 (36000 secs) Broadcast disabled Replay protection time: 7 secs Reverse tunnel enabled ICMP Unreachable enabled Virtual networks 110.10.11.0 /24

Foreign Agent is not enabled, no care-of address

0 interfaces providing serviceEncapsulations supported: IPIP and GRETunnel fast switching enabledTunnel path MTU discovery aged out after 10 minha_#

HA#show ip mobile globals

Verifying HA Configuration

Foreign_Agent_2_#sh ip mob globalsIP Mobility global information:Home Agent is not enabled

Foreign Agent

Pending registrations expire after 15 secs Care-of addresses advertised FastEthernet0/1 (10.10.10.97) - up

1 interface providing serviceEncapsulations supported: IPIP and GRETunnel fast switching enabledTunnel path MTU discovery aged out after 10 minForeign_Agent_2_#

FA#show ip mobile globals

Verifying FA Configuration

Foreign_Agent_2_#debug ip mobile advertise

IP mobility agent advertisements debugging is on

Foreign_Agent_2_#

02:30:02: MobileIP: Agent advertisement sent out FastEthernet0/1:

type=16, len=10, seq=2984, lifetime=36000, flags=0x1400(rbhFmGv-rsv-),

02:30:02: Care-of address: 10.10.10.97

02:30:05: MobileIP: Agent advertisement sent out FastEthernet0/1:

type=16, len=10, seq=2985, lifetime=36000, flags=0x1400(rbhFmGv-rsv-),

02:30:05: Care-of address: 10.10.10.97

Debug Advertisements on FA

Troubleshooting Mobile IP - Outline1. What is router’s configuration? Verify Agent, Operation Is it sending Advertisements?






MR: Advertisements

*Mar 1 04:09:27.938: ICMP: rdp advert rcvd type 9, code 0, from 10.10.10.97*Mar 1 04:09:31.938: ICMP: rdp advert rcvd type 9, code 0, from 10.10.10.97*Mar 1 04:09:34.934: ICMP: rdp advert rcvd type 9, code 0, from 10.10.10.97*Mar 1 04:09:37.934: ICMP: rdp advert rcvd type 9, code 0, from 10.10.10.97*Mar 1 04:09:39.934: ICMP: rdp advert rcvd type 9, code 0, from 10.10.10.97

> It is receiving advertisements from Foreign Agent 10.10.10.97

MR#debug ip icmp








MR: Registration Requests RRQsMR#debug ip mob

IP mobility events debugging is onMR#*Mar 1 04:12:12.898: MobileIP: Authentication algorithm MD5*Mar 1 04:12:16.898: MobileIP: Authentication algorithm MD5*Mar 1 04:12:18.898: MobileIP: Authentication algorithm MD5*Mar 1 04:12:22.898: MobileIP: Authentication algorithm MD5

> It is sending in Registration Requests and not getting any answer

Home_Agent_#

00:14:18: MobileIP: HA 114 received registration for MN 10.4.1.1 on FastEthernet

0/1 using COA 10.3.1.1 HA 10.1.4.1 lifetime 36000 options sbdmgvt

00:14:18: MobileIP: Skip2TLV look for type 32, addr start 7D8742C end 7D87442

00:14:18: MobileIP: Skip2TLV look for type 32, addr start 7D87442 end 7D87442

00:14:18: MobileIP: MN 10.4.1.1 - authenticating MN 10.4.1.1 using SPI 100

00:14:18: MobileIP: MN 10.4.1.1 - authenticated MN 10.4.1.1 using SPI 100

00:14:18: MobileIP: Identification field has timestamp 146 secs greater than our

current time 03/01/93 00:14:18 (> allowed 7 secs) for MN 10.4.1.1

00:14:18: %IPMOBILE-6-SECURE: Security violation on HA from MN 10.4.1.1 - errcod

e registration id mismatch (133), reason Bad identifier (3)

00:14:18: MobileIP: HA rejects registration for MN 10.4.1.1 - registration id mi

smatch (133)

00:14:18: MobileIP: MN 10.4.1.1 - MH auth ext added (SPI 100) to MN 10.4.1.1

00:14:18: MobileIP: MN 10.4.1.1 - HA sent reply to 10.1.3.2

Home_Agent_#debug ip mobile

Debugs on HA – Registration Rejected

Home_Agent_# debug ip mobile 00:14:18: MobileIP: HA 114 received registration for MN 10.4.1.1 on FastEthernet0/1 using COA 10.3.1.1 HA 10.1.4.1 lifetime 36000 options sbdmgvt00:14:18: MobileIP: Skip2TLV look for type 32, addr start 7D877EC end 7D87802 00:14:18: MobileIP: Skip2TLV look for type 32, addr start 7D87802 end 7D87802 00:14:18: MobileIP: MN 10.4.1.1 - authenticating MN 10.4.1.1 using SPI 10000:14:18: MobileIP: MN 10.4.1.1 - authenticated MN 10.4.1.1 using SPI 10000:14:18: MobileIP: Mobility binding for MN 10.4.1.1 created00:14:18: MobileIP: 15 ifs in use00:14:18: MobileIP: Tunnel0 (IP/IP) created with src 10.1.4.1 dst 10.3.1.100:14:18: MobileIP: 16 ifs in use00:14:18: MobileIP: Tunnel1 (IP/IP) created with src 10.1.4.1 dst 10.4.1.100:14:18: MobileIP: Roam timer started for MN 10.4.1.1, lifetime 3600000:14:18: MobileIP: MN 10.4.1.1 is now roaming00:14:18: MobileIP: Insert route 10.4.1.1/255.255.255.255 via gateway 10.3.1.1 on Tunnel000:14:18: MobileIP: Insert route 10.5.2.0/255.255.255.0 via gateway 10.4.1.1 on Tunnel100:14:18: MobileIP: HA accepts registration from MN 10.4.1.100:14:18: MobileIP: MN 10.4.1.1 - MH auth ext added (SPI 100) to MN 10.4.1.100:14:18: MobileIP: MN 10.4.1.1 - HA sent reply to 10.1.3.200:14:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up00:14:19: MobileIP: swif coming up Tunnel000:14:19: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up00:14:19: MobileIP: swif coming up Tunnel1Home_Agent_#

Debugs on HA – Registration Accepted

1d02h: MobileIP: FA received registration for MN 20.0.197.84 on Ethernet3/1 using COA 40.0.197.19 HA 20.0.197.82 lifetime 990 options sBdmgvt

1d02h: MobileIP: Ethernet3/1 glean 20.0.197.84 accepted

1d02h: MobileIP: FA queued MN 20.0.197.84 in register table

1d02h: MobileIP: Visitor registration timer started for MN 20.0.197.84, lifetime 15

1d02h: MobileIP: Skip2TLV look for type 32, addr start 200210AC end 200210C2

1d02h: MobileIP: FA forwarded registration for MN 20.0.197.84 to HA 20.0.197.82

1d02h: MobileIP: FA received accept (0) reply for MN 20.0.197.84 on Ethernet3/5 using HA 20.0.197.82 lifetime 990

1d02h: MobileIP: Reply in for MN 20.0.197.84, accepted

1d02h: MobileIP: Update visitor table for MN 20.0.197.84

1d02h: MobileIP: Tunnel2 (IP/IP) created with src 40.0.197.19 dst 20.0.197.82

1d02h: MobileIP: ARP entry for MN 20.0.197.84 inserted

1d02h: MobileIP: Visitor timer started for MN 20.0.197.84, lifetime 990

1d02h: MobileIP: FA dequeued MN 20.0.197.84 from register table

1d02h: MobileIP: MN 20.0.197.84 visiting on Ethernet3/1

1d02h: MobileIP: Skip2TLV look for type 32, addr start 200215A8 end 200215BE

1d02h: MobileIP: FA forwarding reply to MN 20.0.197.84 using src 20.0.197.84 mac 0030.8538.1c90

1d02h: MobileIP: swif coming up Tunnel2

FA#debug ip mobile

Debugs on FA - Registration

*Mar 1 04:21:53.778: MobileIP: ParseRegExt type MHAE(32) addr 6002A08 end 6002A1E*Mar 1 04:21:53.778: MobileIP: ParseRegExt skipping 20 to next*Mar 1 04:21:53.778: MobileIP: Authenticating HA 10.10.10.77 using SPI 3003*Mar 1 04:21:53.782: MobileIP: Authentication algorithm MD5*Mar 1 04:21:53.782: MobileIP: Authenticated HA 10.10.10.77 using SPI 3003*Mar 1 04:21:57.762: MobileIP: Authentication algorithm MD5*Mar 1 04:21:57.782: MobileIP: ParseRegExt type MHAE(32) addr 61BF1A8 end 61BF1BE*Mar 1 04:21:57.782: MobileIP: ParseRegExt skipping 20 to next*Mar 1 04:21:57.782: MobileIP: Authenticating HA 10.10.10.77 using SPI 3003*Mar 1 04:21:57.782: MobileIP: Authentication algorithm MD5*Mar 1 04:21:57.782: MobileIP: Authenticated HA 10.10.10.77 using SPI 3003*Mar 1 04:21:57.782: MobileIP: Tunnel0 (IP/IP) created with src 110.10.11.217 dst 10.10.10.77*Mar 1 04:21:58.782: MobileIP: swif coming up Tunnel0

FA#debug ip mobile

Debugs on MR - Registration








ha_#show ip mobile binding ? A.B.C.D IP address home-agent Mobility bindings for specific home agent summary Summary of binding table | Output modifiers <cr>ha_#show ip mobile binding Mobility Binding List:Total 9110.10.11.237: Care-of Addr 10.10.10.97, Src Addr 10.10.10.70 Lifetime granted 10:00:00 (36000), remaining 06:59:10 Flags sbdmgvt, Identification AF3BF344.D8F21340 Tunnel2 src 10.10.10.77 dest 10.10.10.97 reverse-allowed MR Tunnel1 src 10.10.10.77 dest 110.10.11.237 reverse-allowed mobile-network 110.10.11.237 Routing Options - 110.10.11.233: Care-of Addr 10.10.10.97, Src Addr 10.10.10.70 Lifetime granted 10:00:00 (36000), remaining 06:59:10 Flags sbdmgvt, Identification AF3BF344.5F153F64………… etc.

HA Binding Table

Home_Agent_#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static routeGateway of last resort is not set 110.0.0.0/8 is variably subnetted, 10 subnets, 2 masksM 110.10.11.0/24 is directly connected, Mobile0M 110.10.11.237/32 [3/1] via 10.10.10.97, 00:57:28, Tunnel2M 110.10.11.245/32 [3/1] via 10.10.10.129, 03:01:54, Tunnel010.0.0.0/8 is variably subnetted, 14 subnets, 3 masksC 10.10.10.32/27 is directly connected, FastEthernet0/0C 10.10.10.72/30 is directly connected, FastEthernet0/1C 10.10.10.76/30 is directly connected, Loopback0O IA 10.10.10.96/27 [110/11] via 10.10.10.36, 00:57:35, FastEthernet0/0M 10.10.11.112/28 [3/1] via 110.10.11.237, 03:55:57, Tunnel1O IA 10.10.10.128/27 [110/2] via 10.10.10.74, 00:57:35, FastEthernet0/1M 10.10.11.144/28 [3/1] via 110.10.11.245, 03:55:57, Tunnel5

HA State – Routing Table

Virtual Network

Foreign_Agent_2_#show ip mobile visitor Mobile Visitor List:Total 5110.10.11.229: Interface FastEthernet0/1, MAC addr 0001.6441.87ba IP src 110.10.11.229, dest 10.10.10.97, UDP src port 434 HA addr 10.10.10.77, Identification AF3C1098.B402FE18 Lifetime 10:00:00 (36000) Remaining 08:56:25 Tunnel0 src 10.10.10.97, dest 10.10.10.77, reverse-allowed Routing Options - 110.10.11.245: Interface FastEthernet0/1, MAC addr 0001.6441.87a2 IP src 110.10.11.245, dest 10.10.10.97, UDP src port 434 HA addr 10.10.10.77, Identification AF3C114E.911E78F8 Lifetime 10:00:00 (36000) Remaining 08:59:27 Tunnel0 src 10.10.10.97, dest 10.10.10.77, reverse-allowed Routing Options - ……… etc.

FA State – Visiting Mobile Routers

Foreign_Agent_2_#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static routeGateway of last resort is not set 110.0.0.0/24 is subnetted, 1 subnetsO E2 110.10.11.0 [110/20] via 10.10.10.33, 00:58:44, FastEthernet0/0 10.0.0.0/8 is variably subnetted, 14 subnets, 4 masksC 10.10.10.32/27 is directly connected, FastEthernet0/0O 10.10.10.72/30 [110/2] via 10.10.10.33, 00:58:44, FastEthernet0/0O 10.10.10.77/32 [110/2] via 10.10.10.33, 00:58:44, FastEthernet0/0C 10.10.10.96/27 is directly connected, FastEthernet0/1O E2 10.10.11.112/28 [110/20] via 10.10.10.33, 00:58:47, FastEthernet0/0O IA 10.10.10.128/27 [110/3] via 10.10.10.33, 00:58:47, FastEthernet0/0O E2 10.10.11.144/28 [110/20] via 10.10.10.33, 00:58:47, FastEthernet0/0Foreign_Agent_2_#

Foreign Agent Routing Table

Foreign_Agent_2_#sh arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.10.10.73 8 000a.8a7d.0f41 ARPA FastEthernet0/0

Internet 10.10.10.129 - 000a.8a83.0d81 ARPA FastEthernet0/1

Internet 10.10.10.130 7 0040.9657.cc93 ARPA FastEthernet0/1

Internet 10.10.10.74 - 000a.8a83.0d80 ARPA FastEthernet0/0

Internet 110.10.11.237 2 00ff.ff40.00aa ARPA FastEthernet0/1

Foreign_Agent_2_#

FA State – ARP Table

mar_demo_1_#sh arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.3.1.1 12 000a.8a83.0d81 ARPA Vlan1

Internet 10.5.2.1 - 00ff.ff40.00aa ARPA FastEthernet0/0

Internet 10.5.3.1 - 00ff.ff40.00ab ARPA Vlan1

Internet 10.5.3.2 137 0040.9657.2624 ARPA Vlan1

Internet 10.5.3.34 4 0010.a49f.57d9 ARPA Vlan1

mar_demo_1_#

What FA is MR Visiting? Part 1

mar_demo_1_#sh ip routCodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route

Gateway of last resort is 10.3.1.1 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 4 subnets, 2 masksM 10.3.1.1/32 [3/1] via 10.3.1.1, 00:07:28, Vlan1C 10.5.3.0/24 is directly connected, Vlan1M 10.1.4.1/32 [3/1] via 10.3.1.1, 00:07:28, Vlan1C 10.5.1.0/24 is directly connected, Loopback0M* 0.0.0.0/0 [3/1] via 10.3.1.1, 00:07:28, Vlan1

What FA is MR Visiting? Part 2

ha_# 05:17:02: MobileIP: HA 120 received registration for MN 110.10.11.225 on FastEthernet0/1 using COA 10.10.10.129 HA 10.10.10.77 lifetime 36000 options sbdmgvt05:17:02: MobileIP: MN 110.10.11.225 - authenticating MN 110.10.11.225 using SPI 500505:17:02: MobileIP: MN 110.10.11.225 - authenticated MN 110.10.11.225 using SPI 500505:17:02: MobileIP: Delete tunnel route for 110.10.11.225/255.255.255.255 via gateway 10.10.10.9705:17:02: MobileIP: Deleted user (7 remains) from Tunnel2 src 10.10.10.77 dest 10.10.10.9705:17:02: MobileIP: Mobility binding for MN 110.10.11.225 updated – tunnel changed05:17:02: MobileIP: Added user (2 active) on Tunnel0 src 10.10.10.77 dest 10.10.10.12905:17:02: MobileIP: Insert route 110.10.11.225/255.255.255.255 via gateway 10.10.10.129 on Tunnel005:17:02: MobileIP: Roam timer started for MN 110.10.11.225, lifetime 3600005:17:02: MobileIP: HA accepts registration from MN 110.10.11.22505:17:02: MobileIP: MN 110.10.11.225 - MH auth ext added (SPI 5005) to MN 110.10.11.22505:17:02: MobileIP: MN 110.10.11.225 - HA sent reply to 10.10.10.74

Debugs on HA/FA - Handoff

Home_Agent_#show ip mobile traffic IP Mobility traffic:Advertisements: Solicitations received 0 Advertisements sent 0, response to solicitation 0Home Agent Registrations: Register 2622, Deregister 2 requests Register 1302, Deregister 2 replied Accepted 87, No simultaneous bindings 0 Denied 1215, Ignored 1322 , Dropped 0 Unspecified 1198, Unknown HA 0 Administrative prohibited 0, No resource 0 Authentication failed MN 0, FA 0, active HA 0 Bad identification 17, Bad request form 0 Unavailable encap 0, reverse tunnel 0 Binding updates received 0, sent 0 total 0 fail 0 Binding update acks received 0, sent 0 Binding info request received 0, sent 0 total 0 fail 0 Binding info reply received 0 drop 0, sent 0 total 0 fail 0 Binding info reply acks received 0 drop 0, sent 0 Gratuitous 0, Proxy 0 ARPs sent CONTINUED >>>

Show IP Mobile Traffic (Home Agent)

Home_Agent_#show ip mobile traffic CONTINUED…..Foreign Agent Registrations: Request in 0, Forwarded 0, Denied 0, Ignored 0 Unspecified 0, HA unreachable 0 Administrative prohibited 0, No resource 0 Bad lifetime 0, Bad request form 0 Unavailable encapsulation 0, Compression 0 Unavailable reverse tunnel 0 Replies in 0 Forwarded 0, Bad 0, Ignored 0 Authentication failed MN 0, HA 0Home_Agent_#

Show IP Mobile Traffic (Home Agent) cont.

Home_Agent_#show ip mob tunnelMobile Tunnels:Tunnel1: src 10.10.10.77, dest 110.10.11.237 encap IP/IP, mode reverse-allowed, tunnel-users 1 IP MTU 1460 bytes Path MTU Discovery, mtu: 0, ager: 10 mins, expires: never outbound interface Tunnel2 HA created, fast switching enabled, ICMP unreachable enabled 0 packets input, 0 bytes, 0 drops 10508 packets output, 1237820 bytesTunnel5: src 10.10.10.77, dest 110.10.11.245 encap IP/IP, mode reverse-allowed, tunnel-users 1 IP MTU 1460 bytes Path MTU Discovery, mtu: 0, ager: 10 mins, expires: never outbound interface Tunnel0 HA created, fast switching enabled, ICMP unreachable enabled 0 packets input, 0 bytes, 0 drops 0 packets output, 0 bytes

Show IP Mobile Tunnels

Home_Agent_# show ip mob secure hostSecurity Associations (algorithm,mode,replay protection,key):10.10.11.77: SPI 300, MD5, Prefix-suffix, Timestamp +/- 7, Key 12345678123456781234567812345678110.10.11.213: SPI 200, MD5, Prefix-suffix, Timestamp +/- 7, Key 23456781234567812345678123456781110.10.11.217: SPI 3003, MD5, Prefix-suffix, Timestamp +/- 7, Key 45678123456781234567812345678102110.10.11.221: SPI 4004, MD5, Prefix-suffix, Timestamp +/- 7, Key 56781234567812345678123456781203110.10.11.225: SPI 5005, MD5, Prefix-suffix, Timestamp +/- 7, Key 67812345678123456781234567812304……. etc.

Show IP Mobile Secure Hosts

Show IP Mobile Host

Mobile Host List:

20.0.197.84:

Allowed lifetime INFINITE/default)

Roam status -Registered-, Home link on interface Ethernet5/0/2

Accepted 8, Last time 03/26/01 10:40:30

Overall service time 00:28:39

Denied 1, Last time 04/24/02 18:13:22

Last code 'registration id mismatch (133)'

Total violations 1

Tunnel to MN - pkts 1, bytes 100

Reverse tunnel from MN - pkts 0, bytes 0

HA#show ip mobile host 20.0.197.84

Show IP Mobile Interface

Foreign_Agent_2_#sh ip mobile interface

IP Mobility interface information:

Interface FastEthernet0/1:

IRDP (includes agent advertisement) enabled

Prefix Length not advertised

Lifetime is 36000 seconds

Foreign Agent service provided

No registration required

Not busy

Home Agent access list:

Current number of visitors: 5

Foreign_Agent_2_#

Clear Commands

Router#clear ip mobile binding [addr] Removes the binding entry.

Router#clear ip mobile traffic Clears all the Mobile IP counters.

Router#clear ip mobile host counters [addr] Clears Mobile Host Counters.

Router#clear ip mobile visitor Removes the visitor information.

MobileIP: HA 30 received registration for MN 20.0.197.84 on Ethernet5/0/2 using COA 40.0.197.19 HA 20.0.197.82 lifetime 65535 options sBdmgvt

MobileIP: Skip2TLV look for type 32, addr start 61D8EBE4 end 61D8EBFA

MobileIP: Skip2TLV look for type 32, addr start 61D8EBFA end 61D8EBFA

MobileIP: MN 20.0.197.84 - authenticating MN 20.0.197.84 using SPI 100

MobileIP: MN 20.0.197.84 - invalid authenticator for MN 20.0.197.84

MobileIP: HA rejects registration for MN 20.0.197.84 - MN failed authentication (131)

MobileIP: MN 20.0.197.84 - MH auth ext added (SPI 100) to MN 20.0.197.84

MobileIP: MN 20.0.197.84 - HA sent reply to 20.0.197.81

Invalid SPI - Debug

Security Violation Log:

Total violations 1

Mobile Hosts:

20.0.197.84:

Violations: 1, Last time: 02/11/02 10:49:11

SPI: 100, Identification: C0122026.6D841504

Error Code: MN failed authentication (131), Reason: Bad authenticator (2)

HA#show ip mobile violation

Invalid SPI – Violations Log


MobileIP: Skip2TLV look for type 32, addr start 616B4100 end 616B4116



MobileIP: MN 20.0.197.84 - authenticated MN 20.0.197.84 using SPI 100

MobileIP: Identification field 2939948267 has timestamp 288712535 secs less than our current time 04/24/02 18:13:22 3228660802 (< allowed 7 secs) for MN 20.0.197.84

MobileIP: HA rejects registration for MN 20.0.197.84 - registration id mismatch (133)



Timestamp Mismatch


MobileIP: MN 20.0.197.85 is not configured, request ignored

MN Not Configured





MobileIP: MN 30.2.0.2 - authenticated MN 30.2.0.2 using SPI 200

MobileIP: MN 30.2.0.2 requested broadcast support, but disabled locally

MobileIP: Mobility binding for MN 30.2.0.2 updated

MobileIP: Roam timer started for MN 30.2.0.2, lifetime 1000

MobileIP: HA accepts registration from MN 30.2.0.2



Shorter Lifetime on HA

MobileIP: FA received registration for MN 30.2.0.2 on Serial4/1 using COA 40.0.200.1 HA 20.0.197.82 lifetime 40000 options sBdmgvt

MobileIP: Lifetime is too long in request from MN 30.2.0.2

MobileIP: FA rejects registration from MN 30.2.0.2 - lifetime too long (69)

MobileIP: MN 30.2.0.2 - FA sent reply to 30.2.0.2

Larger Lifetime on FA

MobileIP: Roam timer expired for MN 20.0.197.84

MobileIP: Delete tunnel route for 20.0.197.84 via gateway 40.0.197.19

MobileIP: Deleted Tunnel0 src 20.0.197.82 dest 40.0.197.19

MobileIP: HA route maint started with index 0

Lifetime Expires


MobileIP: FA queued MN 30.2.0.2 in register table

MobileIP: Visitor registration timer started for MN 30.2.0.2, lifetime 15

MobileIP: Skip2TLV look for type 32, addr start 2000060C end 20000622

MobileIP: FA forwarded registration for MN 30.2.0.2 to HA 20.0.197.83

MobileIP: Visitor registration timer expired for MN 30.2.0.2

MobileIP: FA dequeued MN 30.2.0.2 from register table

MobileIP: Visitor timer expired for MN 30.2.0.2

MobileIP: Host route 30.2.0.2 deleted from routing table

MobileIP: ARP entry for MN 30.2.0.2 removed

MobileIP: Deleted Tunnel0 src 40.0.200.1 dest 20.0.197.82

MobileIP: MN 30.2.0.2 no longer visiting on Serial4/1

HA not replying (seen from FA)


MobileIP: Care-of addr 40.0.200.10 is invalid in request from MN 30.2.0.2

MobileIP: FA rejects registration from MN 30.2.0.2 - reason unspecified (64)

MobileIP: MN 30.2.0.2 - FA sent reply to 30.2.0.2

Invalid Care-of Address

170170170© 2001, Cisco Systems, Inc. All rights reserved.Presentation_ID

Date post:	14-Nov-2014
Category:	Documents
Upload:	api-27431931
View:	143 times
Download:	0 times

mobile ip cisco

Documents