Internet Engineering Task Force Renjie Zhang Internet-Draft Fiberhome Networks Expires: Hua Cai WRI Mobile IP Forward Packets Using NAPT Method Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on. Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved. Abstract Mobile IP's datagram tunnelling is inconvenient and complicated for mobile node or foreign agent.In CDMA2000 system,the PDSN acts as a foreign agent and it must do decapsulation work after receives datagrams from home agent to a mobile node away from home.The cost is big. Renjie Zhang & Hua Cai [Page 1] Internet-Draft Forward Packets Using NAPT Method June 2002 This document presents extensions to the Mobile IP protocol and a forwarding method using NAPT method instead of tunnel (IP-in-IP or GRE) when Home Agent forwards datagrams destined for the mobile node away from home. The term NAPT here is similar to that in RFC2663.For packets come from the host who initiates the session with the mobile node away from home,home agent would translate the source IP address, source transport identifier and related fields such as IP, TCP, UDP and ICMP header checksums.Transport identifier can be one of TCP/UDP port or ICMP query ID.For packets come from the mobile node and them belongs to a established binding , the destination IP address,destination transport identifier and the IP and transport header checksums are translated.Seen from the mobile node away from home,the session initiator is the home agent.So that the foreign agent need not do any decapsulation work,it just acts as a default router for the mobile node. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Problem description . . . . . . . . . . . . . . . . . . . . 4 2. Forwarding datagrams using NAPT method Overview. . . . . . . 4 3. The change to Mobility Agent Advertisement Extension . . . . 4 4. Operation procedures . . . . . . . . . . . . . . . . . . . . 6 4.1 A host initiate a session with mobile node away from home. . 6 4.2 Mobile node send datagrams belong to a established session and the inititor of the session is the host. . . . . . . . . 6 4.3 mobile node send datagrams to host initiatively. . . . . . . 7 5 MIP NAPT Table . . . . . . . . . . . . . . . . . . . . . . . 8 6 References . . . . . . . . . . . . . . . . . . . . . . . . . 9 Renjie Zhang & Hua Cai [Page 2] Internet-Draft Forward Packets Using NAPT Method June 2002 1. Introduction 1.1 Terminology The Mobile IP related terminology described in RFC 3220 [12] is used in this document. In addition, the following terms are used: NAT Network Address Translation is a method by which IP addresses are mapped from one realm to another, in an attempt to provide transparent routing to hosts. Traditionally, NAT devices are used to connect an isolated address realm with private unregistered addresses to an external realm with globally unique registered addresses. Session A session is defined as the set of traffic that is managed as a unit for translation.TCP/UDP sessions are uniquely identified by the tuple of (source IP address, source TCP/UDP port, target IP address, target TCP/UDP port).ICMP query sessions are identified by the tuple of (source IP address, ICMP query ID, target IP address). All other sessions are characterized by the tuple of (source IP address, target IP address,IP protocol). Address lookup and translation Once a state is established for a session, all packets belonging to the session will be subject to address lookup (and transport identifier lookup, in some cases) and translation. Network Address Port Translation (NAPT) NAPT extends the notion of translation one step further by also translating transport identifier (e.g., TCP and UDP port numbers,ICMP query identifiers). This allows the transport identifiers of a number of private hosts to be multiplexed into the transport identifiers of a single external address. NAPT allows a set of hosts to share a single external address. For packets come from the host who want to access the mobile node away from home,home agent(NAPT device) would translate the source IP address, source transport identifier and related fields such as IP, TCP, UDP and ICMP header checksums. Transport identifier can be one of TCP/UDP port or ICMP query ID. For packets come from the mobile node,if it belongs to a established NAPT session , the destination IP address, destination transport identifier and the IP and transport header checksums are translated. Renjie Zhang & Hua Cai [Page 3] Internet-Draft Forward Packets Using NAPT Method June 2002 1.2 Problem description As we know,the PDSN in wireless CDMA2000 system take the role of Foreign Agent.It MUST do de-encapsulation when receives datagrams tunnelling from Home Agent. What is needed is a easier way to forward the datagrams from home agent to mobile node away from home. 2. Forwarding datagrams using NAPT method Overview This section gives a brief overview of the forwarding mechanism using NAPT method when home agent forwarding datagrams to mobile node away from home. A mobile node determines whether it is on its home network by using extensions to the ICMP Router Discovery Protocol(IRDP),a protocol that uses router-advertisement and router-solicitation messages to discover the addresses of Home Agent on directly attached subnetworks.Home Agent regularly advertise their existence.If a mobile node picks up its own home agentí¯s advertisement, it knows it is on its home network and does not need to do anything special to receive its datagrams.If a mobile node receives an IRDP advertisement from another mobility agent, it will register its location via a foreign agent or directly with its home agent,which in turn authenticates the device. Now if a host initiate a session with the mobile node away from home. the home agent intercepts the datagrams and establishes a binding. home agent would translate the source IP address, source transport identifier and related fields such as IP, TCP, UDP and ICMP header checksums.Transport identifier can be one of TCP/UDP port or ICMP query ID. For datagrams come from the mobile node and them belongs to a established binding,the destination IP address,destination transport identifier and the IP and transport header checksums are translated. If the initiator of a session is the mobile node away from home.The mobile node can use the care-of-address to send datagrams directly. 3. The change to Mobility Agent Advertisement Extension The Mobility Agent Advertisement Extension follows the ICMP Router Advertisement fields. It is used to indicate that an ICMP Router Advertisement message is also an Agent Advertisement being sent by a mobility agent. The Mobility Agent Advertisement Extension is defined in RFC3220 as follows: Renjie Zhang & Hua Cai [Page 4] Internet-Draft Forward Packets Using NAPT Method June 2002 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Registration Lifetime |R|B|H|F|M|G|r|T| reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | zero or more Care-of Addresses | | ... | The only change to the Mobility Agent Advertisement Extension defined in RFC 3220 is a flag indicating that the home agent forwards datagrams using NAPT method.The flag is inserted after the flags defined in RFC3220 as follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Registration Lifetime |R|B|H|F|M|G|r|T|N| reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | zero or more Care-of Addresses | | ... | N Forwarding datagrams using NAPT method. Renjie Zhang & Hua Cai [Page 5] Internet-Draft Forward Packets Using NAPT Method June 2002 4. Operation procedures 4.1 A host initiate a session with mobile node away from home Figure 1 illustrates the routing of datagrams to a mobile node away from home, once the mobile node has registered with its home agent. Here the foreign agent just act as a default router of the mobile node. 2) Datagram is intercepted 3) Datagram is by home agent,the home forwarded to agent translates the mobile node. source IP address and source transport identifier and related fields. The source IP address will be translated to the home agent's IP address.If it is a TCP/UDP session,then the source port will be translated to a alias port A binding be added to the MIP NAPT Table. Then modify TTL to 255,and recalculate the checksum. +-----+ +-------+ +------+ |home | -------> |foreign| ------> |mobile| |agent| | agent | | node | +-----+ +-------+ +------+ 1) Datagram to /|\ mobile node | arrives on | home network | via standard | IP routing. +----+ |host| +----+ Figure 1: Routing Datagrams to Mobile Node (The host initiate the session) 4.2 Mobile node send datagrams belong to a established session and the inititor of the session is the host. figure 2 illustrates the routing of datagrams from the mobile,and the datagrams belong to a established session and the initiator is the host. Here the foreign agent just act as a default router of the mobile node. Renjie Zhang & Hua Cai [Page 6] Internet-Draft Forward Packets Using NAPT Method June 2002 2)The home agent receives 1) The datagram echo datagrams,looks-up the from the mobile is MIP NAPT Table,then sent to home agent. translates the destionation IP address into the host's IP address, and translates the transport identifier and related fields according the result of looking up. Modify the TTL to 255 and recalculates the checksum. +-----+ +-------+ +------+ |home | <------- |foreign| <------ |mobile| |agent| | agent | | node | +-----+ +-------+ +------+ 3) Datagram to | host via | standard | IP routing. | \|/ +----+ |host| +----+ Figure 2: Routing Datagrams from Mobile Node (Datagrams belong to a established session and the initiator is the host) 4.3 mobile node send datagrams to host initiatively If the mobile node send datagrams to host initiatively,there is no need for home agent to relay. Renjie Zhang & Hua Cai [Page 7] Internet-Draft Forward Packets Using NAPT Method June 2002 figure 3 illustrates how it works. +-----+ +-------+ +------+ |home | |foreign| <------ |mobile| |agent| | agent | | node | +-----+ +-------+ +------+ / / For datagrams sent by the / mobile node, standard IP / routing delivers each to its |_ destination. In this figure, +----+ the foreign agent is the |host| mobile node's default router. +----+ The care-of-address will be used instead of home network address. Figure 3: Routing Datagrams Initiated by Mobile Node 5. MIP NAPT Table The home agent MUST have a NAPT table to record the session. TCP/UDP +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Host Address | Session Source Port | care-of-address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Dest Port | home agent's address| Alias port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4: MIP NAPT Table(TCP/UDP) ICMP +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Host Address | ICMP Query ID | care-of-address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Dest Port | home agent's address| Alias ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: MIP NAPT Table(ICMP) When the host initiate a session with the mobile node away from home networks.The home agent intercept the datagrams and add a binding into MIP NAPT table. The datagrams sent from mobile node when initiator is the host,then the datagrams will be received by home agent and be translated. So seen from the mobile node,the session inititor is not the host but the home agent. Renjie Zhang & Hua Cai [Page 8] Internet-Draft Forward Packets Using NAPT Method June 2002 6. References [1] RFC 3220 “ IP mobility support for IPv4 [2] RFC 2663 “ IP Network Address Translator (NAT) Terminology and Considerations Authors' Addresses Renjie Zhang Wuhan Fiberhome Network Corp. Wuhan Research Institue of Post and Telecommunication Hubei,China Phone: 86-27-87691706--8032 Mobile:86-13808653517 EMail: rjzhang@wri.com.cn renjie@fhn.com.cn Hua Cai Wuhan Research Institue of Post and Telecommunication Hubei,China Phone: 86-27-87693861 EMail: caihua@fhn.com.cn Renjie Zhang & Hua Cai [Page 9] Internet-Draft Forward Packets Using NAPT Method June 2002