As the number of users of mobile devices continues to grow, it becomes
necessary to rethink certain aspects of Internet communication to resolve
issues specific to mobile devices. One such issue is the transition across
different physical attachment and the associated changes in the endpoint's
IP address. This paper presents an end-to-end solution for host mobility
that is secure and does not rely on a third party to perform connection
migration.
The proposed solution employs two techniques: DNS updates as means of
address indirection and a TCP-Migrate Option for connection migration. For
mobile server applications, it is reasonable to assume that any connection
attempt by the client would be preceded by a DNS lookup, allowing the client
to see the mobile server's new IP address. Obviously there may be race
conditions between the DNS update and the DNS query, but these should be
very rare. The TTL parameter of DNS records is set to 0 preventing
applications from caching the IP address. Once the mobile host obtains its
new IP address, it migrates its existing TCP connection by sending a SYN
packet with the TCP-Migrate Option from the new address. This operation is
secured against hijacking by requiring that a secure token be supplied with
the option. The token is initially communicated through Diffie-Hellman key
exchange during connection set up with a Migrate-Permitted option.
This approach is preferable to Mobile IP because it does not require any
changes to the underlying IP substrate and requires no third-party to enable
transitions. The latter is especially important because triangle-routing,
used for both sends and receives, is sub-optimal. Additionally, it is
undesirable for the end-points to lose connectivity when the third party
fails. However, the paper's approach does require modification to the TCP
state machine, notably the addition of a MIGRATE_WAIT state. The state is
entered with a RST message from the mobile device and exited through a
timeout or the receipt of a packet bearing the TCP-Migrate option.
The paper defends against some obvious objections to its approach:
connection hijacking is prevented with secure tokens and scalability isn't
affected by TTL 0 DNS records because the DNS server's name can be
cached. Some
unresolved issues remain such as both nodes moving simultaneously and
applications caching IP addresses. Overall, I find the approach interesting
although I am somewhat unsettled by the possibility that timing or specific
application designs may disrupt connections.
Received on Thu Oct 19 2006 - 10:18:46 EDT
This archive was generated by hypermail 2.2.0 : Thu Oct 19 2006 - 10:22:39 EDT