Internet Engineering Task Force Fumio Teraoka INTERNET DRAFT SonyCSL December 1, 1995 Virtual Internet Protocol version 2 (VIPv2) draft-teraoka-mobileip-vip-01.txt Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Abstract This memo describes Virtual Internet Protocol version 2 (VIPv2), a protocol for mobility support in IPv4. The basic concept of VIP is separation of identifiers and addresses. TCP/UDP uses the identifier. The identifier is mapped to an address, and then the packet is routed in accordance with the address. End nodes as well as intermediate routers can have authentic mapping information for routing optimization and fault tolerance. 1. Introduction A mobility support protocol in IPv4 (Mobile-IP) is under development in IETF. For compatibility with the existing Internet, Mobile-IP makes use of a mechanism called tunneling to forward packets to mobile nodes. However, tunneling has several problems in terms of network architecture as well as network management. VIP[1] is another protocol to support mobility in IPv4. The basic concept of VIP is separation of identifiers and addresses. The identifier of a mobile node never changes regardless of the point of Teraoka Expires: June 1, 1996 [Page 1] draft-teraoka-mobileip-vip-01.txt December 1, 1995 attachment to the Internet, while the address of a mobile node changes when it moves to another subnet. The conventional IP address is the address of a mobile node. VIP introduces "VIP address" as the identifier of a mobile node. The VIP address and the IP address have the same format. TCP/UDP uses the VIP address to specify the target node. The VIP address is mapped to the IP address, and then the packet is routed in accordance with the IP address. For efficient mapping from the VIP address to the IP address, VIP nodes (including end nodes and routers) have a cache called "AMT (Address Mapping Table)". The AMT consists of authentic entries, each of which holds the relation between the VIP address and the IP address of a mobile node. The AMT allows routing optimization for packets destined to mobile nodes. It also provides fault tolerance of network partitioning. 1.1. Assumptions VIPv2 requires a mechanism for secret key distribution among nodes. VIPv2 itself does not include any protocols for key distribution. It is assumed that some key distribution mechanisms (including off-line distribution) are available. 1.2. Terminology This memo uses the following terms. IP Address The IP address of a mobile node specifies its current point of attachment to the Internet. In other words, the IP address is the "locator" of a mobile node. When a mobile node moves to another subnet, it obtains an IP address by some methods such as DHCP[2]. VIP Address The VIP address is the "identifier" of a mobile node. It never changes even if a mobile node moves in the Internet. The VIP address has the same format as the IP address. TCP/UDP uses the VIP address to specify the target node. The VIP address can be used as the "default locator" of a mobile node. Home Subnet The subnet specified by the VIP address of a mobile node. Each mobile node has its home subnet. The IP address of a mobile node becomes equal to its VIP address in its home subnet. Home Router Teraoka Expires: June 1, 1996 [Page 2] draft-teraoka-mobileip-vip-01.txt December 1, 1995 The router connected to the home subnet of a mobile node. Each mobile node has its home router(s). The home router maintains the relation between the VIP addresses and the IP addresses of mobile nodes it manages. The home router also advertises routing information for the VIP addresses of mobile nodes it manages. The home router catches a packet destined to the VIP address of a mobile node, resolves the destination VIP address into the destination IP address, and then forwards the packet. Address Resolution Address resolution is a process to map a VIP address to an IP address. Address Mapping Table (AMT) The AMT consists of authentic entries, each of which holds relation between a VIP address and an IP address. Each node (including an end node and a router) holds an AMT for address resolution. Address Resolver The address resolver is a node (including an end node and a router) that executes address resolution. The home router of a mobile node is an address resolver for the mobile node. A router becomes an address resolver for a mobile node if it holds an AMT entry for the mobile node. 2. Packet Format 2.1. Data Packet Header Format Figure 1 depicts the header format of the VIPv2 data packet. First 20 octets are the basic IP header followed by the VIP header as an IP option. In a VIPv2 packet, no other IP options can be included in the IP header because the VIP header occupies the whole space (40 octets) for IP options. Teraoka Expires: June 1, 1996 [Page 3] draft-teraoka-mobileip-vip-01.txt December 1, 1995 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Ver = 4|IHL=0xf| TOS | Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TTL | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source VIP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination IP Address | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |OptType = 0x8c | OptLen = 0x28 |ver = 2| rsvd | Flags | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source IP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination VIP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Resolver IP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Holding Time | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Authentication Data + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1. VIPv2 data packet header format 7 6 5 4 3 2 1 0 +---+---+---+---+---+---+---+---+ |1/0| 0 | 0 |1/0| 0 |1/0|1/0|1/0| +---+---+---+---+---+---+---+---+ ^ ^ ^ ^ ^ | | | | | | | | | +-- don't cache | | | +------ don't resolve | | +---------- keyed MD5 included | +------------------ control(1)/data(0) +------------------------------ RSA digital signature appended Figure 2. Flags Teraoka Expires: June 1, 1996 [Page 4] draft-teraoka-mobileip-vip-01.txt December 1, 1995 Source VIP Address This field specifies the identifier (the VIP address) of the source node. In IP, this field is used as the Source IP Address field. For backward compatibility with IP, this field is used as the Source VIP Address field in VIPv2. Destination IP address This field specifies the location of the destination node. This field will be rewritten by address resolution. Option Type (OptType) This field specifies that this IP option is the VIP header. The value is 0x8c (140), which means this option will be copied into every fragment when fragmentation occurs. Currently, this value is unofficial. Option Length (OptLen) This field specifies the length of the VIP header as an IP option. The value is 0x28 (40 octets). Version (ver) This field specifies the VIP version. The current version is 2. Flags Figure 2 depicts the format of the Flags field. don't cache If this flag is on, nodes other than the home router of the source node do not create an AMT entry for the source node. don't resolve If this flag is on, nodes other than the home router of the destination node do not execute address resolution for the destination node. keyed MD5 included If this flag is on, authentication data based on keyed MD5 is included in this packet. control/data If this flag is on, this packet is the VIP control packet. If Teraoka Expires: June 1, 1996 [Page 5] draft-teraoka-mobileip-vip-01.txt December 1, 1995 this flag is off, this packet is a VIP data packet. RSA digital signature appended If both of this flag and the control flag are on, this control packet includes authentication data based on RSA digital signature in the data part. Source IP Address This field specifies the location of the source node. For compatibility with IP, the Source IP Address field is placed in the VIP header. Source Address Version This field specifies the version number of the relation between the source VIP address and the source IP address. Destination VIP address This field specifies the identifier (the VIP address) of the destination node. Destination Address Version This field specifies the version number of the relation between the destination VIP address and the destination IP address. This field will be rewritten by address resolution. Resolver IP address This field specifies the IP address of the node that executed address resolution for this packet. This field will be rewritten by address resolution. Holding Time When this packet causes creation or update of an AMT entry on a node, this field specifies the time in second for which the node should keep this AMT entry. Timestamp This field specifies the time at which the source node transmits this packet. This field will be used to prevent "replay attack". Authentication Data The data for source node authentication. Keyed MD5 is used to Teraoka Expires: June 1, 1996 [Page 6] draft-teraoka-mobileip-vip-01.txt December 1, 1995 calculate this data. The source node shares a secret key with each destination node. On the source node, the authentication data is calculated as follows. MD5 is calculated over the following five fields followed by the secret key: Source VIP Address, Source IP Address, Source Address Version, Holding Time, and Timestamp. The length of the Authentication Data is 8 octets due to the limit of IP option length although MD5 generates a 16-octet message digest. The first 8-octet and the last 8-octet of the message digest are xor'ed to generate 8-octet data. 2.2. Control Packet Header Format The VIPv2 control packet is used for AMT update, e.g., to notify the current IP address to the home router. Figure 3 depicts the format of the VIPv2 control packet. Teraoka Expires: June 1, 1996 [Page 7] draft-teraoka-mobileip-vip-01.txt December 1, 1995 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Ver = 4|IHL=0xf| TOS | Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TTL | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source VIP address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination IP address | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ |OptType = 0x8c | OptLen = 0x28 |ver = 2| rsvd | Flags | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source IP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | VIP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Address Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Holding Time | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Authentication Data + | | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ | (Data Part of IP) | | | | Authentication Data | | (RSA digital signature) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3. Control packet header format The meanings of the following eight fields are the same as those of the VIPv2 data packet header: Source VIP Address, Destination IP Address, Option Type, Option Length, Version, Flags, Source IP Address, and Source Address Version. VIP Address This field specifies the VIP address for AMT update. Teraoka Expires: June 1, 1996 [Page 8] draft-teraoka-mobileip-vip-01.txt December 1, 1995 IP Address This field specifies the IP address corresponding to the VIP Address field. Address Version This field specifies the version number of the relation between the VIP Address field and the IP Address field. Holding Time When this packet causes creation or update of an AMT entry on a node, this field specifies the time in second for which the node should keep this AMT entry. Timestamp This field specifies the time at which the source node transmits this packet. This field will be used to prevent "replay attack". Authentication Data the data for authentication of the VIP Address field. Keyed MD5 is used to calculate this data. The source node shares a secret key with each destination node. On the source node, the authentication data is calculated as follows. MD5 is calculated over the following five fields followed by the secret key: VIP Address, IP Address, Address Version, Holding Time, and Timestamp. The length of the Authentication Data is 8 octets due to the limit of IP option length although MD5 generates a 16-octet message digest. The first 8-octet and the last 8-octet of the message digest are xor'ed to generate 8- octet data. Authentication Data (RSA digital signature) This field is in the data part of the IP packet, not in the IP header. The source node may append this field to create or update the AMT entry on intermediate routers. 3. AMT Entry Format Since the AMT is node-local data, there is no standard format of the AMT entry. Figure 4 depicts an example of an AMT entry format. The meanings of the following six fields are obvious: VIP Address, IP Address, Address Version, Holding Time, Timestamp, and Authentication Data. Teraoka Expires: June 1, 1996 [Page 9] draft-teraoka-mobileip-vip-01.txt December 1, 1995 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | VIP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IP Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Address Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Holding Time | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Flags | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4. AMT entry format Flags invalid If this flag is on, this AMT entry has invalid data. An invalid AMT entry is used to detect a packet having obsolete mapping between the destination VIP address and the destination IP address. home If a node has an AMT entry in which this flag is on, this node is connected to the home subnet of the mobile node specified by this AMT entry. If this node is a router, it is one of home routers of the mobile node. local If a node has an AMT entry in which this flag is on, this node is connected to the subnet to which the mobile node specified by this AMT entry is connected. Timer The value in this field is decremented every second. When the value becomes zero, this entry is deleted. Teraoka Expires: June 1, 1996 [Page 10] draft-teraoka-mobileip-vip-01.txt December 1, 1995 4. Procedures on a Mobile Node 4.1. Procedures upon Connecting to a Subnet When a mobile node moves to a subnet, it obtains an IP address in that subnet by some methods such as DHCP. The mobile node transmits a VIPv2 control packet to its home router. If a mobile node is connected to its home subnet, its IP address becomes equal to its VIP address. The mobile node broadcasts a VIPv2 control packet in the home subnet if the home subnet is a broadcast-type subnet such as an Ethernet. Each field of the control packet is set as follows: Source VIP Address the VIP address of the mobile node. Destination IP Address the IP address of the home router. The VIP address of the mobile node can be used. Flags "control", "don't cache", and "don't resolve" flags are on. Source IP Address the obtained IP address. Source Address Version the address version of the current IP address. VIP Address the VIP address of the mobile node. IP Address the obtained IP address. Address Version the address version of the current IP address. Holding Time a certain value. Timestamp the current time at which this packet is created. Authentication Data keyed MD5 calculated over the above five fields followed by the shared key with the home router. The mobile node periodically transmits the control packet to its home subnet while it is connected to the Internet. 4.2. Procedures upon Data Packet Transmission When a node transmits a data packet, each field of the header is set as Teraoka Expires: June 1, 1996 [Page 11] draft-teraoka-mobileip-vip-01.txt December 1, 1995 follows: Source VIP Address the VIP address of the node. Destination IP Address if the node holds an AMT entry for the target node, the IP address in the entry is set. If not, the VIP address of the target node is set. Flags none of flags are usually set. Source IP Address the current IP address of the node. Source Address Version the address version of the node. Destination VIP Address the VIP address of the target node. Destination Address Version If the node holds an AMT entry for the target node, the address version in the entry is set. If not, zero is set. Resolver IP Address If the node executes address resolution, the IP address of the node is set. If not, zero is set. Holding Time a certain value Timestamp the current time at which this packet is created. Authentication Data keyed MD5 calculated over the following five fields followed by the shared key with the target node: Source VIP Address, Source IP Address, Source Address Version, Holding Time, and Timestamp. 4.3. Procedures upon Data Packet Reception When a node receives a VIPv2 data packet, it compares its IP address with the destination IP address in the packet header, and then compares its VIP address with the destination VIP address in the packet header. If both addresses are the same, the received packet is passed to the upper layer. At the same time, the node checks the Authentication Data field. If the node has the shared key with the source node of the packet, it calculates keyed MD5 in the same way as the source node. If the calculation result is equal to the value in the Authentication Data field, the node updates its AMT based on the information in the received Teraoka Expires: June 1, 1996 [Page 12] draft-teraoka-mobileip-vip-01.txt December 1, 1995 packet header as described below. From Mobile Node Away from its Home If the node does not have an AMT entry for the source node and the source IP address and the source VIP address of the packet header are different, then a new AMT entry for the source node is created. Each field of the AMT entry is set as follows: VIP Address the Source VIP Address field of the packet. IP Address the Source IP Address field of the packet. Address Version the Source Address Version field of the packet. Holding Time the Holding Time field of the packet. Timestamp the Timestamp field of the packet. Timer the Timestamp field of the packet. If the node has an AMT entry for the source node and the Version field of the AMT entry is older than the Source Address Version field of the packet header, then the AMT entry is updated by modifying all the fields except the VIP address field. If the node has an AMT entry for the source node with the same version number and the Timestamp field of the AMT entry is older than the Timestamp field of the packet header, then the AMT entry is updated by modifying the Timestamp field and the Timer field. If the node has an AMT entry for the source node with the same version number and the same timestamp, then the Timer field of the AMT entry is re-initialized with the value in the Holding Time field. From Mobile Node in its Home If the node has an AMT entry for the source node, the Version field of the AMT entry is older than the Source Address Version field of the packet header, and the Source VIP Address field and the Source IP Address field of the packet header are the same, then the node set the Invalid flag in the Flags field of the AMT entry, instead of deleting the AMT entry. 5. Procedures on a Home Router Teraoka Expires: June 1, 1996 [Page 13] draft-teraoka-mobileip-vip-01.txt December 1, 1995 5.1. Procedures upon Control Packet Reception When a home router receives a VIPv2 control packet, it examines whether it is the home router of the source node of the packet, and whether the authentication data is correct. If both checks succeed, the home router updates its AMT as described below. From Mobile Node Away from its Home If the home router does not have an AMT entry for the source node, and the source IP address and the source VIP address of the packet header are different, then a new AMT entry for the source node is created. Each field of the AMT entry is set as follows: VIP Address the VIP Address field of the packet. IP Address the IP Address field of the packet. Address Version the Address Version field of the packet. Holding Time the Holding Time field of the packet. Timestamp the Timestamp field of the packet. Timer the Timestamp field of the packet. If the home router has an AMT entry for the source node and the Version field of the AMT entry is older than the Source Address Version field of the packet header, then the AMT entry is updated by modifying all the fields except the VIP address field. The home router also transmits a VIPv2 control packet to the subnet specified by the IP address field of the old AMT entry. This control packet has the same VIPv2 header as the received packet. If the home router has an AMT entry for the source node with the same version number and the Timestamp field of the AMT entry is older than the Timestamp field of the packet header, then the AMT entry is updated by modifying the Timestamp field and the Timer field. If the home router has an AMT entry for the source node with the same version number and the same timestamp, then the Timer field of the AMT entry is re-initialized with the value in the Holding Time field. In any case, when a home router receives a VIPv2 control packet from a mobile node it manages, it broadcasts the received control packet in the home subnet if the home subnet is a broadcast-type subnet such as an Ethernet. Teraoka Expires: June 1, 1996 [Page 14] draft-teraoka-mobileip-vip-01.txt December 1, 1995 From Mobile Node in its Home If the home router has an AMT entry for the source node, the Version field of the AMT entry is older than the Source Address Version field of the packet header, and the Source VIP Address field and the Source IP Address field of the packet header are the same, then the home router set the Invalid flag in the Flags field of the AMT entry, instead of deleting the AMT entry. The home router also transmits a VIP control packet to the subnet specified by the IP address field of the old AMT entry. This control packet has the same VIP header as the received packet. 5.2. Procedures on Data Packet Reception The Destination IP Address field of the basic IP header contains the VIP address of the destination node if the source node does not have an AMT entry for the destination node. This packet reaches the home router of the destination node because the home router advertises the routing information for the destination node. If the home router has an AMT entry for the destination node, it executes address resolution and forwards the packet. In address resolution, the following fields in the packet header are modified. Destination IP Address the IP Address field of the AMT entry. Destination Address Version the Address Version field of the AMT entry. If the packet is an IP packet, not a VIP packet, the home router convert the IP packet into a VIP packet and forwards it. 6. Procedures on an Router in the Previous Subnet When a mobile node leaves a subnet and enters a new subnet, the home router of the mobile node may transmit a VIPv2 control packet to the router in the previous subnet. This router updates its AMT if it has the key used for the authentication data in the packet. The router also broadcasts the received packet if the subnet is a broadcast-type subnet such as an Ethernet. 7. Procedures on an Intermediate Router 7.1. Procedures upon Control Packet Forwarding When a router forwards a VIPv2 control packet, if it has the key used for the authentication data in the packet header, it updates its AMT. Teraoka Expires: June 1, 1996 [Page 15] draft-teraoka-mobileip-vip-01.txt December 1, 1995 The router can also use the RSA digital signature included in the data part of the control packet to authenticate the mapping information in the packet header. A public key is used to authenticate a digital signature. Since distribution of public keys is easier than that of secret keys, digital signature is useful to create AMT entries for mobile nodes on intermediate routers for the sake of routing optimization and fault tolerance of network partitioning. 7.2. Procedures upon Data Packet Forwarding When a router forwards a VIPv2 data packet, it searches for an AMT entry for the destination node. If it has a valid AMT entry and the Version field of the AMT entry is newer than the Destination Address Version field of the packet header, the router executes address resolution. If the router has an invalid AMT entry and the Version field of the AMT entry is equal to or newer than the Destination Address Version field of the packet header, it modifies the packet header as follows and then forwards it. Destination IP Address the Destination VIP Address of the header. Destination Address Version 0 At the same time, if the router has the key used for the authentication data calculation in the packet, it updates its AMT. Author's Address Fumio Teraoka Sony Computer Science Laboratory Inc. 3-14-13 Higashigotanda, Shinagawa-ku, Tokyo 141, Japan. Phone: +81-3-5448-4380 Email: tera@csl.sony.co.jp References [1] F. Teraoka, K. Uehara, H. Sunahara, and J. Murai. VIP: A Protocol Providing Host Mobility. CACM, Vol. 37, No. 8, Aug. 1994. [2] R. Droms. Dynamic Host Configuration Protocol. RFC 1541, October 1993. Teraoka Expires: June 1, 1996 [Page 16]