Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents
RFC 3776
Document Type RFC - Proposed Standard (June 2004; No errata)
Updated by RFC 4877
Authors Vijay Devarapalli  , Jari Arkko  , Francis Dupont 
Last updated 2015-10-14
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3776 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Thomas Narten
Send notices to <proberts@megisto.com>, <gab@sun.com>
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                           J. Arkko
Request for Comments: 3776                                      Ericsson
Category: Standards Track                                 V. Devarapalli
                                                   Nokia Research Center
                                                               F. Dupont
                                                       GET/ENST Bretagne
                                                               June 2004

         Using IPsec to Protect Mobile IPv6 Signaling Between
                      Mobile Nodes and Home Agents

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   Mobile IPv6 uses IPsec to protect signaling between the home agent
   and the mobile node.  Mobile IPv6 base document defines the main
   requirements these nodes must follow.  This document discusses these
   requirements in more depth, illustrates the used packet formats,
   describes suitable configuration procedures, and shows how
   implementations can process the packets in the right order.

Table of Contents

   1.    Introduction . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.    Terminology  . . . . . . . . . . . . . . . . . . . . . . . .  5
   3.    Packet Formats . . . . . . . . . . . . . . . . . . . . . . .  5
         3.1   Binding Updates and Acknowledgements . . . . . . . . .  5
         3.2   Return Routability Signaling . . . . . . . . . . . . .  7
         3.3   Prefix Discovery . . . . . . . . . . . . . . . . . . .  8
         3.4   Payload Packets  . . . . . . . . . . . . . . . . . . .  9
   4.    Requirements . . . . . . . . . . . . . . . . . . . . . . . .  9
         4.1   Mandatory Support  . . . . . . . . . . . . . . . . . . 10
         4.2   Policy Requirements  . . . . . . . . . . . . . . . . . 10
         4.3   IPsec Protocol Processing  . . . . . . . . . . . . . . 13
         4.4   Dynamic Keying . . . . . . . . . . . . . . . . . . . . 15
   5.    Example Configurations . . . . . . . . . . . . . . . . . . . 16

Arkko, et al.               Standards Track                     [Page 1]
RFC 3776                    Home Agent IPsec                   June 2004

         5.1   Format . . . . . . . . . . . . . . . . . . . . . . . . 17
         5.2   Manual Configuration . . . . . . . . . . . . . . . . . 18
               5.2.1 Binding Updates and Acknowledgements . . . . . . 18
               5.2.2 Return Routability Signaling . . . . . . . . . . 19
               5.2.3 Prefix Discovery . . . . . . . . . . . . . . . . 20
               5.2.4 Payload Packets  . . . . . . . . . . . . . . . . 21
         5.3   Dynamic Keying . . . . . . . . . . . . . . . . . . . . 22
               5.3.1 Binding Updates and Acknowledgements . . . . . . 22
               5.3.2 Return Routability Signaling . . . . . . . . . . 23
               5.3.3 Prefix Discovery . . . . . . . . . . . . . . . . 24
               5.3.4 Payload Packets  . . . . . . . . . . . . . . . . 25
   6.    Processing Steps within a Node . . . . . . . . . . . . . . . 25
         6.1   Binding Update to the Home Agent . . . . . . . . . . . 25
         6.2   Binding Update from the Mobile Node  . . . . . . . . . 26
         6.3   Binding Acknowledgement to the Mobile Node . . . . . . 27
         6.4   Binding Acknowledgement from the Home Agent  . . . . . 28
         6.5   Home Test Init to the Home Agent . . . . . . . . . . . 29
         6.6   Home Test Init from the Mobile Node  . . . . . . . . . 30
         6.7   Home Test to the Mobile Node . . . . . . . . . . . . . 30
         6.8   Home Test from the Home Agent  . . . . . . . . . . . . 31
         6.9   Prefix Solicitation Message to the Home Agent  . . . . 31
         6.10  Prefix Solicitation Message from the Mobile Node . . . 31
         6.11  Prefix Advertisement Message to the Mobile Node  . . . 32
         6.12  Prefix Advertisement Message from the Home Agent . . . 32
         6.13  Payload Packet to the Home Agent . . . . . . . . . . . 32
         6.14  Payload Packet from the Mobile Node  . . . . . . . . . 32
         6.15  Payload Packet to the Mobile Node  . . . . . . . . . . 32
         6.16  Payload Packet from the Home Agent . . . . . . . . . . 32
         6.17  Establishing New Security Associations . . . . . . . . 32
         6.18  Rekeying Security Associations . . . . . . . . . . . . 33
         6.19  Movements and Dynamic Keying . . . . . . . . . . . . . 34
   7.    Implementation Considerations  . . . . . . . . . . . . . . . 35
         7.1   IPsec  . . . . . . . . . . . . . . . . . . . . . . . . 35
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools