Problem
You want to set up Local Area Mobility to allow devices to roam throughout your network.
Solution
In this example, the roaming device will have a statically configured address in the 192.168.10.0/24 range. We have to configure the home router to use Proxy ARP for mobile nodes, allowing other locally connected devices in the same range to communicate transparently with the roaming device:
RouterHome#configure terminal Enter configuration commands, one per line. End with CNTL/Z. RouterHome(config)#interface FastEthernet0/0 RouterHome(config-if)#ip address 192.168.10.1 255.255.255.0 RouterHome(config-if)#ip proxy-arp RouterHome(config-if)#ip mobile arp RouterHome(config-if)#exit RouterHome(config)#router eigrp 99 RouterHome(config-router)#network 192.168.10.0 RouterHome(config-router)#default-metric 10000 10 255 1 1500 RouterHome(config-router)#redistribute mobile RouterHome(config-router)#no auto-summary RouterHome(config-router)#exit RouterHome(config)#end RouterHome#
Then we have to configure the foreign router, which supports the network segment where our roaming node temporarily finds itself:
RouterForeign#configure terminal Enter configuration commands, one per line. End with CNTL/Z. RouterForeign(config)#interface FastEthernet0/0 RouterForeign(config-if)#ip address 192.168.110.1 255.255.255.0 RouterForeign(config-if)#ip proxy-arp RouterForeign(config-if)#ip mobile arp RouterForeign(config-if)#exit RouterForeign(config)#router eigrp 99 RouterForeign(config-router)#network 192.168.100.0 RouterForeign(config-router)#default-metric 10000 10 255 1 1500 RouterForeign(config-router)#redistribute mobile RouterForeign(config-router)#no auto-summary RouterForeign(config-router)#exit RouterForeign(config)#end RouterForeign#
Discussion
As this example shows, there are two steps to configuring Local Area Mobility. The first is to configure the ip mobile arp command on all of the interfaces that will support roaming devices either as home or foreign networks:
RouterForeign(config)#interface FastEthernet0/0 RouterForeign(config-if)#ip mobile arp
This command has two functions. On the home network, it tells the router to use Proxy ARP to support members of the local address range that are represented by a host route in the routing table. On the foreign network, it tells the router to create an ARP table entry and a host route whenever it sees packets from devices that don't belong to this subnet.
We also explicitly enable Proxy ARP on the interface, in case it has been disabled:
RouterForeign(config)#interface FastEthernet0/0 RouterForeign(config-if)#ip proxy-arp
The second step is to redistribute these mobile host routes into the Interior Gateway Protocol:
RouterForeign(config)#router eigrp 99 RouterForeign(config-router)#network 192.168.100.0 RouterForeign(config-router)#default-metric 10000 10 255 1 1500 RouterForeign(config-router)#redistribute mobile
In this example, we have used EIGRP as our IGP, but we could have used RIP, IS-IS or OSPF just as easily. We could even have used BGP, although we caution that doing so could be dangerous if you don't control all of the devices that are taking part in BGP. This is because the Local Area Mobility feature will work reliably only if every router can see both the route for the full subnet prefix and the host route for the roaming device. In BGP networks, it is relatively common to try to save network and router resources by filtering out extremely long prefixes like host networks.
For the same reason, we have explicitly disabled EIGRP's auto-summarization feature in this example.
You will notice that we have actually configured both the home and foreign routers essentially identically. In fact we didn't need to use the redistribute mobile command on the home router because only the foreign router will actually be supporting roaming end devices. However, in a more general situation it is likely that the home router will also serve as a foreign router some of the time. So, because there is essentially no overhead in configuring this mobile host route redistribution when it's not used, we suggest configuring it on all of the routers that will be supporting Local Area Mobility.
There are a few simple options available with Local Area Mobility. The ip mobile arp command accepts arguments to change how long the router keeps unused mobile ARP entries:
RouterForeign(config)#interface FastEthernet0/0 RouterForeign(config-if)#ip mobile arp timers 3 9
The first numerical argument here is a keepalive timer, which specifies in minutes how often to send ARP packets to see if the mobile device is still there. The second number is a hold time. This is the length of time, in minutes, that the router will maintain the ARP entry for a mobile device without seeing any traffic from this device. Cisco recommends making the hold time at least three times the keepalive time. The default values are 5 minutes and 15 minutes, respectively.
Note that because these timeout periods are relatively long, this solution is not suitable for situations involving active roaming. In fact, it would be faster in such situations to use DHCP. It's useful to remember that Cisco developed the Local Area Mobility feature primarily to be used as a temporary substitute for DHCP. Please refer to Chapter 20 for more information on DHCP.
The ip mobile arp command also allows you to specify an ACL to restrict which off-segment source addresses the router is willing to support:
RouterForeign(config)#interface FastEthernet0/0 RouterForeign(config-if)#ip mobile arp access-group 15 RouterForeign(config-if)#exit RouterForeign(config)#access-list 15 permit 192.168.10.0 0.0.0.255 RouterForeign(config)#access-list 15 deny any
There are two useful show commands with Local Area Mobility. The first is show ip arp, which shows the ARP cache, including any addresses learned by means of this feature:
RouterForeign#show ip arp FastEthernet0/0 Protocol Address Age (min) Hardware Addr Type Interface Internet 192.168.110.1 - 000e.d7d6.1060 ARPA FastEthernet0/0 Internet 192.168.10.109 1 00b0.64ab.0580 ARPA FastEthernet0/0 Internet 192.168.110.9 21 0000.0c75.c684 ARPA FastEthernet0/0 RouterForeign#
It is also useful to look at the routing table for any Mobile or host routes. On the foreign router, they will show up as Mobile routes:
RouterForeign#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set C 192.168.110.0/24 is directly connected, FastEthernet0/0 192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks M 192.168.10.109/32 [3/1] via 192.168.10.109, 00:17:59, FastEthernet0/0 D 192.168.10.0/24 [90/2172416] via 192.168.55.11, 00:29:43, Serial0/0 C 192.168.55.0/24 is directly connected, Serial0/0 RouterForeign#
On any other router, they will appear simply as external redistributed host routes:
RouterHome#show ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set D 192.168.110.0/24 [90/2172416] via 192.168.55.12, 00:31:43, Serial0/0 192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks D EX 192.168.10.109/32 [170/2172416] via 192.168.55.12, 00:18:19, Serial0/0 C 192.168.10.0/24 is directly connected, FastEthernet0/0 C 192.168.55.0/24 is directly connected, Serial0/0 RouterHome#
Note that if you have a lot of devices roaming using this method, then your routing tables will have a lot of host routes. Normally, we try to keep routing tables small by using features such as route summarization to help with routing protocol convergence and to improve route lookup performance. This feature works against such mechanisms, and consequently doesn't scale well. In general, we prefer DHCP for this type of semistatic mobility.
See Also
Chapter 20
Router Configuration and File Management
Router Management
User Access and Privilege Levels
TACACS+
IP Routing
RIP
EIGRP
OSPF
BGP
Frame Relay
Handling Queuing and Congestion
Tunnels and VPNs
Dial Backup
NTP and Time
DLSw
Router Interfaces and Media
Simple Network Management Protocol
Logging
Access-Lists
DHCP
NAT
First Hop Redundancy Protocols
IP Multicast
IP Mobility
IPv6
MPLS
Security
Appendix 1. External Software Packages
Appendix 2. IP Precedence, TOS, and DSCP Classifications
Index