Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents
RFC 3776
Document | Type |
RFC - Proposed Standard
(June 2004; No errata)
Updated by RFC 4877
|
|
---|---|---|---|
Authors | Vijay Devarapalli , Jari Arkko , Francis Dupont | ||
Last updated | 2015-10-14 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 3776 (Proposed Standard) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Thomas Narten | ||
Send notices to | <proberts@megisto.com>, <gab@sun.com> |
Network Working Group J. Arkko Request for Comments: 3776 Ericsson Category: Standards Track V. Devarapalli Nokia Research Center F. Dupont GET/ENST Bretagne June 2004 Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2004). Abstract Mobile IPv6 uses IPsec to protect signaling between the home agent and the mobile node. Mobile IPv6 base document defines the main requirements these nodes must follow. This document discusses these requirements in more depth, illustrates the used packet formats, describes suitable configuration procedures, and shows how implementations can process the packets in the right order. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Packet Formats . . . . . . . . . . . . . . . . . . . . . . . 5 3.1 Binding Updates and Acknowledgements . . . . . . . . . 5 3.2 Return Routability Signaling . . . . . . . . . . . . . 7 3.3 Prefix Discovery . . . . . . . . . . . . . . . . . . . 8 3.4 Payload Packets . . . . . . . . . . . . . . . . . . . 9 4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 9 4.1 Mandatory Support . . . . . . . . . . . . . . . . . . 10 4.2 Policy Requirements . . . . . . . . . . . . . . . . . 10 4.3 IPsec Protocol Processing . . . . . . . . . . . . . . 13 4.4 Dynamic Keying . . . . . . . . . . . . . . . . . . . . 15 5. Example Configurations . . . . . . . . . . . . . . . . . . . 16 Arkko, et al. Standards Track [Page 1] RFC 3776 Home Agent IPsec June 2004 5.1 Format . . . . . . . . . . . . . . . . . . . . . . . . 17 5.2 Manual Configuration . . . . . . . . . . . . . . . . . 18 5.2.1 Binding Updates and Acknowledgements . . . . . . 18 5.2.2 Return Routability Signaling . . . . . . . . . . 19 5.2.3 Prefix Discovery . . . . . . . . . . . . . . . . 20 5.2.4 Payload Packets . . . . . . . . . . . . . . . . 21 5.3 Dynamic Keying . . . . . . . . . . . . . . . . . . . . 22 5.3.1 Binding Updates and Acknowledgements . . . . . . 22 5.3.2 Return Routability Signaling . . . . . . . . . . 23 5.3.3 Prefix Discovery . . . . . . . . . . . . . . . . 24 5.3.4 Payload Packets . . . . . . . . . . . . . . . . 25 6. Processing Steps within a Node . . . . . . . . . . . . . . . 25 6.1 Binding Update to the Home Agent . . . . . . . . . . . 25 6.2 Binding Update from the Mobile Node . . . . . . . . . 26 6.3 Binding Acknowledgement to the Mobile Node . . . . . . 27 6.4 Binding Acknowledgement from the Home Agent . . . . . 28 6.5 Home Test Init to the Home Agent . . . . . . . . . . . 29 6.6 Home Test Init from the Mobile Node . . . . . . . . . 30 6.7 Home Test to the Mobile Node . . . . . . . . . . . . . 30 6.8 Home Test from the Home Agent . . . . . . . . . . . . 31 6.9 Prefix Solicitation Message to the Home Agent . . . . 31 6.10 Prefix Solicitation Message from the Mobile Node . . . 31 6.11 Prefix Advertisement Message to the Mobile Node . . . 32 6.12 Prefix Advertisement Message from the Home Agent . . . 32 6.13 Payload Packet to the Home Agent . . . . . . . . . . . 32 6.14 Payload Packet from the Mobile Node . . . . . . . . . 32 6.15 Payload Packet to the Mobile Node . . . . . . . . . . 32 6.16 Payload Packet from the Home Agent . . . . . . . . . . 32 6.17 Establishing New Security Associations . . . . . . . . 32 6.18 Rekeying Security Associations . . . . . . . . . . . . 33 6.19 Movements and Dynamic Keying . . . . . . . . . . . . . 34 7. Implementation Considerations . . . . . . . . . . . . . . . 35 7.1 IPsec . . . . . . . . . . . . . . . . . . . . . . . . 35Show full document text