Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol
RFC 4621
Document Type RFC - Informational (August 2006; No errata)
Authors Tero Kivinen  , Hannes Tschofenig 
Last updated 2018-12-20
Replaces draft-kivinen-mobike-design
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
SECDIR Early Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4621 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Russ Housley
Send notices to (None)
Email authors Email WG IPR 1 References Referenced by Nits 
Network Working Group                                         T. Kivinen
Request for Comments: 4621                                 Safenet, Inc.
Category: Informational                                    H. Tschofenig
                                                                 Siemens
                                                             August 2006

     Design of the IKEv2 Mobility and Multihoming (MOBIKE) Protocol

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   The IKEv2 Mobility and Multihoming (MOBIKE) protocol is an extension
   of the Internet Key Exchange Protocol version 2 (IKEv2).  These
   extensions should enable an efficient management of IKE and IPsec
   Security Associations when a host possesses multiple IP addresses
   and/or where IP addresses of an IPsec host change over time (for
   example, due to mobility).

   This document discusses the involved network entities and the
   relationship between IKEv2 signaling and information provided by
   other protocols.  Design decisions for the MOBIKE protocol,
   background information, and discussions within the working group are
   recorded.

Kivinen & Tschofenig         Informational                      [Page 1]
RFC 4621             Design of the MOBIKE Protocol           August 2006

Table of Contents

   1. Introduction ....................................................3
   2. Terminology .....................................................4
   3. Scenarios .......................................................6
      3.1. Mobility Scenario ..........................................6
      3.2. Multihoming Scenario .......................................7
      3.3. Multihomed Laptop Scenario .................................8
   4. Scope of MOBIKE .................................................8
   5. Design Considerations ..........................................10
      5.1. Choosing Addresses ........................................10
           5.1.1. Inputs and Triggers ................................11
           5.1.2. Connectivity .......................................11
           5.1.3. Discovering Connectivity ...........................12
           5.1.4. Decision Making ....................................12
           5.1.5. Suggested Approach .................................12
      5.2. NAT Traversal (NAT-T) .....................................12
           5.2.1. Background and Constraints .........................12
           5.2.2. Fundamental Restrictions ...........................13
           5.2.3. Moving behind a NAT and Back .......................13
           5.2.4. Responder behind a NAT .............................14
           5.2.5. NAT Prevention .....................................15
           5.2.6. Suggested Approach .................................15
      5.3. Scope of SA Changes .......................................15
      5.4. Zero Address Set Functionality ............................16
      5.5. Return Routability Check ..................................17
           5.5.1. Employing MOBIKE Results in Other Protocols ........19
           5.5.2. Return Routability Failures ........................20
           5.5.3. Suggested Approach .................................21
      5.6. IPsec Tunnel or Transport Mode ............................22
   6. Protocol Details ...............................................22
      6.1. Indicating Support for MOBIKE .............................22
      6.2. Path Testing and Window size ..............................23
      6.3. Message Presentation ......................................24
      6.4. Updating Address Set ......................................25
   7. Security Considerations ........................................26
   8. Acknowledgements ...............................................26
   9. References .....................................................27
      9.1. Normative references ......................................27
      9.2. Informative References ....................................27

Kivinen & Tschofenig         Informational                      [Page 2]
RFC 4621             Design of the MOBIKE Protocol           August 2006

1.  Introduction

   The purpose of IKEv2 is to mutually authenticate two hosts, to
   establish one or more IPsec Security Associations (SAs) between them,
   and subsequently to manage these SAs (for example, by rekeying or
   deleting).  IKEv2 enables the hosts to share information that is
   relevant to both the usage of the cryptographic algorithms that
   should be employed (e.g., parameters required by cryptographic
   algorithms and session keys) and to the usage of local security
   policies, such as information about the traffic that should
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools