1 / 19

End-to-End Host Mobility: An Integrated Architecture for Seamless Mobile Networking

This presentation by Alex C. Snoeren and Hari Balakrishnan explores an end-to-end approach to host mobility, addressing challenges in traditional TCP/IP stacks. It covers key concepts such as Mobile IP, transport layer migration, and proposed architectures, emphasizing the importance of transparency and security during the handoff process. The session details issues related to connection migration, dynamic DNS updates, and security mechanisms to prevent denial of service and connection hijacking. The architecture allows flexibility and a secure framework for handling mobile hosts, despite inherent limitations.

byron-ewing
Télécharger la présentation

End-to-End Host Mobility: An Integrated Architecture for Seamless Mobile Networking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMSC 628 - Presentation An End-to-End Approach to Host Mobility Alex C. Snoeren and Hari Balakrishnan

  2. Overview • Introduction • Mobile IP • Other IP layer approaches to mobility • Transport layer approaches • Proposed architecture • Issues • Conclusions

  3. Introduction • Routing issue with legacy TCP/IP stack • Host location and hand-off support • End-End Vs other approaches • Keeping mobility transparent from the transport layer

  4. Mobile IP • Essentially, mobility handled by ‘third party’ • Triangle routing and tunneling • Pure routing solution • Only IP substrate changed

  5. Other network layer approaches • For the most part, enhancements of Mobile IP • Cache care-of address of mobile host • IPv6 mobility support

  6. Transport layer approaches • Migration NOT transparent to TCP • Proxy approaches: transparent to sender • Current approach

  7. The End-to-End architecture • Addressing • Host location • TCP connection migration • Security

  8. Host Location • In case of fixed servers, no special service required • In case of mobile servers, use dynamic DNS updates • Set TTL of DNS cache entries to zero • Problems with fast mobility

  9. TCP connection migration • Use secure tokens to identify TCP connections • Token negotiated during handshake • Migrate-permitted option to negotiate token • Migrate option to migrate a connection

  10. TCP connection migration

  11. TCP connection migration • Migrate Permitted option

  12. TCP connection migration • SYN from client contains client’s public key • Likewise for SYN from the server • Shared secret key computed from the above • Token computed as a hash of the shared key and initial sequence numbers

  13. TCP connection migration • Migrate option

  14. TCP connection migration • Migrate option used in the SYN after migration • ReqNo used to order migrate requests • Token identifies the connection • Request is an authentication mechanism • Essentially, hash of the initial sequence numbers, shared key, request number, and the migrate SYN segment

  15. TCP connection migration • At the other end, compare token • Check if ReqNo is one greater than prev • Compute request hash and compare • Update destination address and port • The Migrate-Wait state

  16. Security • Denial of Service • Connection Hijacking • Key security

  17. Performance

  18. Limitations • Slow start begins after migration • Both hosts cannot move simultaneously • Address caching

  19. Conclusions • End-to-End architecture • Transport layer aware of mobility • Hosts have choice over approach used, hence more flexible • Pretty secure • Some limitations

More Related