Mobile IP Traversal of Network Address Translation (NAT) Devices
RFC 3519
Document | Type | RFC - Proposed Standard (May 2003; No errata) | |
---|---|---|---|
Authors | Henrik Levkowetz , Sami Vaarala | ||
Last updated | 2020-07-29 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | WG Document | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 3519 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Thomas Narten | ||
IESG note |
-06 has all the IESG-requested changes, but the IANA considerations neglected to specify a policy for assinging sub-types. Edits are trivial; new ID to be submitted after Atlanta IETF, then IESG approval. |
||
Send notices to | <proberts@megisto.com> |
Network Working Group H. Levkowetz Request for Comments: 3519 ipUnplugged Category: Standards Track S. Vaarala Netseal April 2003 Mobile IP Traversal of Network Address Translation (NAT) Devices Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2003). All Rights Reserved. Abstract Mobile IP's datagram tunnelling is incompatible with Network Address Translation (NAT). This document presents extensions to the Mobile IP protocol and a tunnelling method which permits mobile nodes using Mobile IP to operate in private address networks which are separated from the public internet by NAT devices. The NAT traversal is based on using the Mobile IP Home Agent UDP port for encapsulated data traffic. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Problem description . . . . . . . . . . . . . . . . . . 3 1.3 Assumptions . . . . . . . . . . . . . . . . . . . . . . 4 2. NAT Traversal Overview. . . . . . . . . . . . . . . . . . . . 5 2.1 Basic Message Sequence. . . . . . . . . . . . . . . . . 5 3. New Message Formats . . . . . . . . . . . . . . . . . . . . . 6 3.1 UDP Tunnel Request Extension. . . . . . . . . . . . . . 6 3.1.1 F (Force) Flag. . . . . . . . . . . . . . . . . . 7 3.1.2 R (Registration through FA Required) flag . . . . 8 3.1.3 Reserved Fields . . . . . . . . . . . . . . . . . 8 3.1.4 Encapsulation . . . . . . . . . . . . . . . . . . 8 3.1.5 Mobile IP Registration Bits . . . . . . . . . . . 9 3.2 UDP Tunnel Reply Extension. . . . . . . . . . . . . . . 9 3.2.1 Reply Code. . . . . . . . . . . . . . . . . . . . 10 Levkowetz & Vaarala Standards Track [Page 1] RFC 3519 NAT Traversal for Mobile IP April 2003 3.3 MIP Tunnel Data Message . . . . . . . . . . . . . . . . 10 3.4 UDP Tunnelling Flag in Agent Advertisements . . . . . . 11 3.5 New Registration Reply Codes. . . . . . . . . . . . . . 12 4. Protocol Behaviour. . . . . . . . . . . . . . . . . . . . . . 12 4.1 Relation to standard MIP tunnelling . . . . . . . . . . 12 4.2 Encapsulating IP Headers in UDP . . . . . . . . . . . . 13 4.3 Decapsulation . . . . . . . . . . . . . . . . . . . . . 15 4.4 Mobile Node Considerations. . . . . . . . . . . . . . . 15 4.5 Foreign Agent Considerations. . . . . . . . . . . . . . 16 4.6 Home Agent Considerations . . . . . . . . . . . . . . . 18 4.6.1 Error Handling. . . . . . . . . . . . . . . . . . 19 4.7 MIP signalling versus tunnelling. . . . . . . . . . . . 20 4.8 Packet fragmentation. . . . . . . . . . . . . . . . . . 21 4.9 Tunnel Keepalive. . . . . . . . . . . . . . . . . . . . 21 4.10 Detecting and compensating for loss of NAT mapping. . . 22 4.11 Co-located registration through FA. . . . . . . . . . . 24 5. Implementation Issues . . . . . . . . . . . . . . . . . . . . 24 5.1 Movement Detection and Private Address Aliasing . . . . 24 5.2 Mobility Binding Lifetime . . . . . . . . . . . . . . . 25 6. Security Considerations . . . . . . . . . . . . . . . . . . . 26 6.1 Traffic Redirection Vulnerabilities . . . . . . . . . . 27 6.1.1 Manipulation of the Registration Request Message . . . . . . . . . . . . . . . . . 27 6.1.2 Sending a Bogus Keepalive Message . . . . . . . . 27 6.2 Use of IPsec. . . . . . . . . . . . . . . . . . . . . . 28 6.3 Firewall Considerations . . . . . . . . . . . . . . . . 28 7. UNSAF Considerations. . . . . . . . . . . . . . . . . . . . . 28 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 9. Intellectual Property Rights. . . . . . . . . . . . . . . . . 30 10. Acknowledgements. . . . . . . . . . . . . . . . . . . . . . . 31 11. Normative References. . . . . . . . . . . . . . . . . . . . . 31 12. Informative References. . . . . . . . . . . . . . . . . . . . 32 13. Authors' Addresses. . . . . . . . . . . . . . . . . . . . . . 33 14. Full Copyright Statement. . . . . . . . . . . . . . . . . . . 34Show full document text