As shown in Figure 2-5, a Mobile IP deployment can contain, at a minimum, a Home Agent and a Mobile Node, and can also contain a FA. A single router can serve as any or all of these three components. However, most common deployments use separate devices for each function or sometimes combine the Home Agent and FA into a single router. These functions can be enabled on existing access routers in the network, or they can be enabled on dedicated Mobility Agents. Other important concepts in Mobile IP include the Home Network, Home Address, and CoA.
Figure 2-5. Components of a Simple Mobile IP Deployment
A Mobility Node, shown in Figure 2-6, can be any IP device running a Mobile IP client stack; Mobile Nodes can be anything from personal digital assistants (PDAs) and laptops to routers. The Mobile Node does its own move detection and thus must be able to detect logical movement and learn its current location. Logical movement is not simply the change in the access device, but a change in the subnet associated with the access link. If a Mobile Node remains still physically, it still can move logically if the access device it is associated with fails and it associates with a new one. When a Mobile Node decides to hand over, it must signal this change to the Home Agent, typically through a FA. (These terms are described in the sections "Home Agent" and "Foreign Agent," later in this chapter.) Note that the Mobile Node and Home Agent must share a security association for Mobile IP to be used.
Figure 2-6. Overview of Mobile IP Components
Even though Mobile IP is a Layer 3based protocol, the line between Layer 2 and Layer 3 is often blurred. As we elaborate more on move detection and Mobile IP handover policy, you will see that Mobile IP cannot operate efficiently without Layer 2 interaction. The more information the Mobile Node has about Layer 2, the more intelligent its routing decisions can be.
Home Network and Home Address
Home is an important concept in Mobile IP, following the old cliché "home is where the route is," because Internet routing is based on the home IP address, as depicted in Figure 2-7.
Figure 2-7. Home Is Where the Route Is
IP routing scales effectively because large blocks of IP addresses can be aggregated based on their network prefix. IP networks are divided into subnetworks, or subnets. All hosts contained in a subnet share a common network prefix. The number of bits preceding the host portion of the address identifies the network prefix. All nodes on a subnet have the same network prefix. Traffic is delivered in the network by following the longest prefix routes.
A Mobile Node's IP address is referred to as its Home Address. The Home Address is allocated out of the Home Network, which is attached to the Home Agent. The Home Address is either statically assigned or dynamically allocated during the Mobile IP registration process. The concept of home in Mobile IP is simply an anchor point. The Home Network is the longest-prefix network advertised into traditional routing protocols. The goal of a Home Network is to avoid having to advertise host routes for each Mobile Node into the IGP routing protocol, a practice that would simply not scale.
When a Mobile Node is attached to its Home Network, Mobile IP is not needed, because traditional IP routing can deliver traffic to the Mobile Node as usual. When a Mobile Node has moved away from its Home Network and attaches to a new network, the new network/domain is referred to as the foreign domain or visited domain.
Traffic destined for the Mobile Node's Home Address continues to be delivered to the Home Network, even when the Mobile Node is no longer attached. This traffic must be redirected to the Mobile Node in its current location. This is the responsibility of the Home Agent. The Home Agent (refer to Figure 2-6) is a router capable of processing Mobile IP routing updates, called registrations, and forwarding traffic to the Mobile Node through dynamically created tunnels. If the Home Agent is in the forwarding path, it will forward traffic across the tunnel using a host route. If the Home Network is a physical network and the Home Agent is not in the forwarding path, the Home Agent will use proxy Address Resolution Protocol (ARP) to obtain all traffic destined for the Mobile Node and then forward it through the tunnel. Note that the Home Agent and Mobile Node must share a security association for Mobile IP to be used.
The CoA is an IP address that is valid and routable at the Mobile Node's current point of attachment in the Foreign Network (refer to Figure 2-6). The Mobile Node informs the Home Agent of this CoA during the Mobile IP registration process. Encapsulated (tunneled) traffic from the Home Agent is then delivered to the CoA, which is the logical location of the Mobile Node in the foreign domain. The Mobile IP tunnel is between the Home Agent Address and the CoA. The CoA can be either of the following:
Colocated Care-of Address
In CCoA mode, a Mobile Node acquires an IP address for itself on the Foreign Network, for example, through Dynamic Host Configuration Protocol (DHCP) or another address- management protocol. This address is known as the CCoA. In colocated mode, the Mobile Node has two addresses: the Home Address and the CCoA. The CCoA is valid and routable on the current link and receives tunneled traffic. Note that the Mobile Node must be capable of terminating the Mobile IP tunnel in the CCoA mode. The Home address is not routable on the current link but is used as the source and destination of all application traffic.
CCoA is considered an inefficient use of IP addresses because each Mobile Node requires a valid and routable address in each network it visits. Despite its inefficiency, CCoA mode is used often because it simplifies deployment. It is often coupled with private addressing to minimize the waste of IP addresses.
Foreign Agent Care-of Address
Another option is to use a FAbased CoA. In this case, many nodes share one CoA. A FA CoA is one or more of its interface IP addresses advertised by the FA, as described in the next section.
A FA is a router attached to the access link that is capable of terminating the tunnel on behalf of the Mobile Node (refer to Figure 2-6). The FA can advertise one or more of its IP addresses as a CoA. When a Mobile Node registers with its Home Agent, it registers through the FA. The FA keeps track of the access link to which the Mobile Node is attached. Traffic for the Mobile Node is tunneled from the Home Agent to the FA. After the FA removes the encapsulation header, it delivers the traffic to the Mobile Node. The FA must be connected to the Mobile Node's access link directly, because traffic can only be delivered through message authentication code (MAC) layer addressing. If the FA were to route the traffic, it would be sent back to the Home Agent and end up being caught in a routing loop.
Discussions of Mobile IP often include references to a CN. The CN is not a Mobile IP component but is a pedantic element that aids in the discussion of traffic flows. A CN is the peer of the Mobile Node in its IP communication, for example, another Mobile Node, a fixed node. If the Mobile Node is using a web browser, the CN would be the web server.