|
As described in the previous section, the mobile router provides and maintains IP connectivity to its mobile networks as it roams. The functionality and configuration of a mobile router can be broken down into the following components:
Each of these components is discussed in the following sections. Although the mobile router is an IOS router just like any other in your network, restrictions and limitations exist as to which IOS features are supported and how they interact with Cisco Mobile Networks. Several of these cases are directly described in this chapter and can be extrapolated to see the impact on other features. Mobile Networks (Static or Dynamic)For network mobility to work, the Home Agent must be aware of the mobile networks connected to a mobile router. This information can be provided either through static configuration of the mobile networks or through dynamic updates during the Mobile IP registration process, as shown in Figure 7-3. These mobile networks are generally stub networks, that is, packets are not routed through the network. A statically configured mobile network takes precedence over the same dynamically registered mobile network. Figure 7-3. Static and Dynamic Mobile Network RegistrationStatic mobile networks require static configuration on the Home Agent of the mobile networks associated with a specific mobile router. Each network is configured with the network prefix and mask. When the mobile router registers, the Home Agent automatically processes the mobile networks, as described in section "Home Agent Enhancements," later in this chapter. A Home Agent will most likely support many mobile routers. A priori knowledge of the mobile networks requires configuration for every mobile router and every mobile network, as shown in Figure 7-4. This practice does not lend itself well to network changes, or even scalability for that matter. Figure 7-4. A Single Home Agent Often Supports Many Mobile RoutersOn the contrary, dynamic mobile network registration allows significant flexibility because the Home Agent learns the mobile networks at registration time. Specifically, with dynamic networks, the mobile router tells the Home Agent which mobile networks it is supporting and their current status in RRQs. This allows easier administration and initialization because minimal configuration is needed on the Home Agent, that is, the Home Agent need not be statically configured with the mobile networks. NOTE Cisco Mobile Networks does not allow dynamic routing protocols such as Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) to be run between the mobile router and the Home Agent for a number of reasons, the most important of which is to maintain stability. Because the Home Agent injects mobile networks into the Interior Gateway Protocol (IGP), it is less likely that instability in the wireless network will impact the IGP. This method also minimizes traffic between the Mobile Node and the Home Agent, which is often important on pay-per-byte wireless links. To this end, the Mobile IP registration process is extended with the following Mobile Network Non-Critical Vendor Specific Extension (NVSE) [RFC 3115]:
These extensions convey the mobile network prefix and mask, and in the case of the Dynamic Mobile Network NVSE, specify whether the network is being added or deleted. When a mobile router registers, it appends the Mobile Router Dynamic Mobile Network NVSE and notifies its Home Agent of the mobile networks that it is currently supporting. After successful registration with its Home Agent, the mobile router does not need to include the NVSE in reregistrations if the status of the mobile networks has not changed. However, if there are any changes to the status of the dynamic mobile networks registered with the Home Agent, the mobile router sends a RRQ with an NVSE, either deleting or adding the appropriate mobile networks. In response to a RRQ with the Mobile Router Dynamic Mobile Network NVSE appended, the mobile router expects to receive a RRP from its Home Agent acknowledging all the mobile networks associated with the mobile router. Specifically, it expects to see a RRP with the Mobile Router Dynamic Mobile Network NVSE describing its dynamic mobile networks, and a Mobile Router Static Mobile Network NVSE describing its static mobile networks, if any exist. Such a RRP serves as an acknowledgment to the mobile router that the Home Agent has indeed processed its mobile networks properly. If the mobile network is a routed network, that is, other routers are attached to the mobile network interface, it requires static network configuration. When examining the configuration, it will be clear that this is the case because dynamic networks are learned from the interface configuration. It might seem odd to have a routed network attached to a mobile router, but it is not unheard of. For example, a large cruise ship might already have a routed network infrastructure on board and might be retrofitted with a mobile router to take advantage of multiple link types to provide passengers with optimal connectivity at a minimal cost. Configuration of Mobile Router and Its Mobile NetworksThe mobile router must first be configured as a Mobile Node. Its mobile networks are then either statically configured, or the mobile router is configured to send its mobile networks dynamically during the Mobile IP registration process. Because the mobile router is a Mobile Node, it requires the same basic configuration as we have previously seen with Mobile Nodes. The mobile router requires the use of a static Home Address and does not support the use of a Network Access Identifier (NAI) or dynamic addressing. This Home Address must be configured on an interface and then identified in the mobile router configuration. Although you can configure the Home Address on a physical interface and use a physical Home Network, numerous problems arise. For example, physical interfaces do not allow a 32-bit subnet mask to be configured. Thus, when the mobile router is not attached to its physical Home Network, it cannot reach other devices on its Home Network because it identifies them as being directly connected. Also, if the Home Address is on a physical interface and that interface is down, the mobile router cannot receive tunneled packets. The Home Address should be configured on a loopback interface, and a 32-bit mask should be applied to the address. The mask of the Home Network is identified in the mobile router configuration section. The Home Network should be configured as a virtual network on the Home Agent. The router mobile command must first be used to invoke the Mobile IP process on the router, and the mobile router must be configured to share a security association with its Home Agent, as described in Chapter 4, "IOS Mobile IP in the Lab." Configuration of the mobile router and its mobile networks is then accomplished through the ip mobile router command. This enables the Mobile Node client and enters the mobile router configuration mode. Within the mobile router configuration mode, the home IP address and the mobile networks of the mobile router are configured using the following commands:
Mobile Router Service on an InterfaceBecause the mobile router is serving as a roaming router, several interface-level considerations are important. Interfaces serve one of two purposes: They are either used as roaming interfaces or mobile networks. Roaming interfaces are used for uplink between the mobile router and the rest of the network. Mobile network interfaces attach devices to the mobile router. Although an interface can be used for both roaming and mobile networks, this is not generally recommended. NOTE If the roaming interface is used with an IP-managed radio, this dual configuration is necessary. For example, consider a mobile router that has a wireless local-area network (WLAN) bridge that needs an IP address for management, connected through Ethernet. For the bridge to be remotely managed, it must be given an IP address from a mobile network. The mobile router must consider the fact that it might obtain Layer 2 connections on different interfaces, and therefore must decide on which interface to roam and register. For example, the mobile router might be connected through satellite on one interface and through an 802.11 WLAN on another interface. To this end, the notion of preferred path is introduced to allow the mobile router to select the best interface on which to roam and register based on a priority, as depicted in Figure 7-5. Figure 7-5. Preferred Path Selection by a Mobile RouterWhen multiple interfaces have the same priority, the interface with the highest bandwidth is preferred. If a tie still results, the interface with the highest IP address is preferred. Typically, a mobile router is configured to wait for a hold down period before using a FA. That is, after hearing a FA's advertisement, the mobile router waits for the duration of the hold down period before deciding to use the agent. The hold down period allows the mobile router to be sure that a link is reliable enough to hear the agent for a period of time before committing to using the agent. If the interface transitions from the up state or if regularly scheduled agent advertisements are missed, the hold down timer is reset. Thus, the mobile router avoids prematurely registering with a FA on a lossy wireless link. In addition to interface-level configuration for preferred path, configuration is also needed to determine whether the mobile router should solicit Mobile IP agent advertisements, and if so, how often it should solicit. Typically, this decision is based on the ratio of mobile routers to FAs in the network deployment. If many mobile routers and few FAs exist, you should disable periodic solicitation and defer to frequent agent advertisements. Otherwise, the network is flooded with periodic solicitations. Using frequent advertisements, the mobile router can detect movement faster and can better evaluate roaming options. Conversely, if few mobile routers and many FAs exist, periodic solicitation is typically enabled. The basic idea is that sending frequent advertisements when only a few mobile routers exist can be a waste of radio bandwidth. Thus, it is better to let the mobile routers solicit for advertisements when they need them. Regardless of the configured periodic solicitation interval, the mobile router always sends a solicitation when an interface transitions to the up state. This allows fast agent discovery as a link comes up by not waiting for an advertisement from the FA. Unfortunately, many radio devices keep their fixed interface up, even when the radio link is down, to allow IP-based management of the device. When possible, this should be disabled to improve Mobile IP handover performance. Mobile Router Interface-Level ConfigurationThe following two steps are involved in configuring a roaming interface on a mobile router:
It might seem obvious that the interface needs to be configured with an IP address, but by this point in the book, you should understand why it isn't obvious. If you recall, after the FA has removed the encapsulation header, it delivers traffic to the Mobile Node using the home IP address and a Layer 2 address. As described previously, the Home Address should be configured on a loopback, and even if it is on a physical interface, it can only be configured on one interface at a time. So what purpose does the interface IP address serve? Unless it is being used as a CCoA or it is part of a mobile network, it does not serve a purpose. Unfortunately, it is still required, because IOS cannot receive IP packets on an interface without an IP address configured. What address should you use? That is hard to say; first, we look at what not to use. You should make sure that the address is not used anywhere else in the network. Otherwise, nodes on the mobile network can never reach that address because all traffic is delivered locally. Also, if two devices have the same IP address, Address Resolution Protocol (ARP) problems could ensue. So, what do you do? Well, the standards people will surely flame us, but the authors generally use addresses from the IPv4 link-local space. Why? These addresses are only used for link-local traffic delivery and of the nodes that implement zeroconf, most do a good job of resolving address conflicts. What is the link-local address range? You don't want us to get into trouble by telling you, do you? After the addressing problem has been solved, the interface can be configured for roaming. To enable mobile router service on an interface, use the following command in interface configuration mode: ip mobile router-service {hold-down seconds | roam [priority value] | solicit [interval seconds] [retransmit initial min maximum seconds retry number]} This command enables various services on the mobile router. Furthermore, it allows the following relevant parameters to be changed:
Agent Selection and Mobile IP RegistrationA mobile router learns about Mobility Agents on its interfaces configured for roaming through the same agent discovery process as for Mobile Nodes. It is highly conceivable that the mobile router can hear advertisements from multiple agents at the same time, as depicted in Figure 7-6. Figure 7-6. Mobile Router with Multiple Active Foreign AgentsIf the mobile router does not choose its agent in an intelligent manner, it could continually toggle between different agents, leading to inefficient communication, not to mention excess overhead and processing. So, what happens when a mobile router hears multiple FA advertisements? How does it select which of these agents to register through? For FAs heard on the same interface, the mobile router selects the Mobility Agent from which it has most recently learned about. That is not to say that if it is currently hearing from two FAs, it can flip-flop between them each time it hears an advertisement. Changes only occur when a new FA is heard (and its hold down timer has expired.) For FAs heard on different interfaces, the mobile router selects the agent on the preferred interface, that is, the preferred path as described previously. Keep in mind that a FA is selected only after the hold down period, as described in the previous section. If the mobile router does change FAs, it sends a Mobile IP RRQ to its Home Agent. In addition to moving from one FA to another, and the typical reregistration to extend a mobility binding's lifetime, several other events trigger a mobile router to send a Mobile IP registration to its Home Agent. If the mobile router detects that its FA has rebooted, as described in Chapter 2, and thus has lost all its visitor information, the mobile router initiates a RRQ. If the mobile router doesn't hear from its current FA for a period of time and thus ages out, the mobile router registers through another FA, if one exists. Similarly, if the interface that is connected to the current FA goes down, the mobile router registers with another FA, if one exists. If the mobile router does not have a usable CoA, it transitions to an isolated state. If the mobile router is in an isolated state and then hears an advertisement from a FA, it also initiates a RRQ. The final way that registration is triggered is with the clear ip mobile router registration exec command. The following events trigger a RRQ:
Regardless of the scenario, it is the mobile router's responsibility to maintain a valid mobility binding with its Home Agent whenever possible. Note that just as in standard Mobile IP, when the mobile router roams back home, it deregisters its mobility binding with its Home Agent and resumes standard operation. Routing to and from the Mobile RouterAt a risk of stating the obvious, the mobile router serves as the first-hop router for nodes that reside on mobile networks associated with the mobile router. For traffic that is originating on its mobile networks, the mobile router can either reverse-tunnel traffic to the Home Agent or forward traffic through the default gateway on the Foreign Network. To this end, the mobile router establishes a default route to its FA and sends all outgoing traffic through the FA. However, for traffic that must be reverse-tunneled, the mobile router first encapsulates the packets to the Home Agent, as shown in Figure 7-7(a). Specifically, for reverse tunneling, the mobile router creates a default route through a tunnel between itself and its Home Agent, and a host route to its Home Agent through the FA. Reverse tunneling should be used if the mobile network uses private addressing or if any routers between the mobile router and Home Agent use ingress filtering, and thus can drop packets that are not topologically correct. Figure 7-7. Mobile Router RoutingFor packets that are destined for nodes on its mobile networks, the mobile router receives an encapsulated packet from its Home Agent through the FA. The mobile router then decapsulates the tunneled packet to retrieve the original packet and forwards the packet to the appropriate node on its mobile network, as shown in Figure 7-7(b). |
|