Summary: An End-to-End Approach to Host Mobility

This paper describes a way of handling the problems created by network devices
being mobile. The authors contrast their solution to Mobile IP, which
provides services such as connection migration and address redirection at the
network layer. They argue that the challenges posed by mobility are better
handled at the transport and application layers, in accordance with the
end-to-end principle.

Their solution is built out of two components. First, they argue that systems
generally locate each other on the Internet by name, rather than by
hard-coded IP address. Thus, should a system providing some service move to
a different IP address, a simple adjustment in the name-to-IP mapping is all
that is necessary in order to redirect future transport sessions. The
authors briefly mention that this can be easily done with secure DNS updates
on names that are marked as non-cacheable. They don't discuss the specifics
of this operation and instead refer the reader to the secure DNS papers.

The second, and main contribution of their paper is a method for automatically
migrating TCP sessions from one IP to another. The basic idea is that during
connection setup, the client (ie. the one sending the SYN) can set an option
flag indicating that he supports migration. The client also sends some
additional information that is used to derive the migration token. If the
server supports TCP migration, he sets a flag on the SYN/ACK and also
includes additional information used in the derivation of the migration
token.

When the client later acquires a new IP address, it sends the server a SYN
Migrate packet with the token identifying the flow. Based on this
information, the server can be sure that it is communicating with the same
client, even though its IP has changed. After the TCP handshake completes,
the session resumes -- any un-acked packets are automatically retransmitted,
etc. Therefore, a client that drops one IP and grabs another faster than the
TCP timeout value will be able to automatically migrate the sessions without
any application involvement. At the application level, the migration will
appear only as a transient loss of connectivity.

This scheme opens up the possibility for full session-highjacking. If an
adversary is able to determine the token information, he can cause an active
session to be redirected. To protect against this, the paper describes a
scheme where the token is generated as the result of a Diffie-Hellman
exchange.

The authors make an interesting observation regarding IP addresses. They
claim that IPs should be thought of as "routing locators", rather
than as host identifiers. Any attempt to treat IP addresses as host
identifiers rather than host (network) location specifiers is ultimately
doomed to failure, since doing so breaks the address-prefix matching scheme
that is one of the key enablers of Internet scalability.

One disadvantage of their system over Mobile IP is that some applications will
need to be modified. For example, client applications that exchange IPs with
other clients (ie. P2P apps) will need to be aware of when the system changes
its IP address. They would then need to notify their peers that the old
address is no longer valid and that they should instead be contacted at their
new address. The paper mentions that because of NATs, applications are
already somewhat careful about how they use IP addresses. However, I'm not
sure the authors address all the problems.

In general, this solution seems very usable as long as the mobile devices
aren't receiving incoming connections. It isn't obvious that it will work if
the mobile devices do need to receive connections since systems that aren't
dedicated servers are rarely referred to by DNS name. A subsection in the
evaluation section that dealt with this issue would have been beneficial.
Received on Wed Oct 18 2006 - 23:05:18 EDT