Login

Documentation index

FAQ

Handbook

Documents

Terms of Service

Manage Mobile Nodes

Log in user interface | TOC | Manage Live CDs

Manage Mobile Nodes

  1. 1. Create a Mobile Node
  2. 2. Destroy a Mobile Node
  3. 3. Specify network interfaces
    1. 3.1 Manage network interfaces for a Mobile Node
    2. 3.2 Specify network interfaces mode for Live CD
  4. 4. IPsec
    1. 4.1 Security parameters
    2. 4.2 How to install

1.  Create a Mobile Node

Within HAiku, you first create a virtual Mobile Node that generates the security bindings and gives you access to the Home Agent. Then, you setup your physical Mobile Node – your mobile device, e.g. a laptop or PDA – with the generated information.

You can create your Mobile Nodes from the "Manage Mobile Nodes" page that can be accessed with the appropriate link in the left menu. From this page, you will have the possibility to create new Mobile Nodes via the "Create MN" button. You will be asked to give a unique name among all your Mobile Nodes, eventually chose the type of Mobile Node if the operators decided to activate NEMO, and enter a small description for this new one.

When the operators have activated the NEtwork MObility (NEMO) features for the Home Agent, a Mobile Node can be of 2 types:

  • Mobile Host, the standard Mobile Node as defined by MIPv6 protocol
  • Mobile Router, a Mobile Nodes that forward traffic as defined by NEMO specifications

This operation will automatically create a Home Address (HoA) and eventually a Mobile Network Prefix (MNP), and Security Parameters bound on the Home Agent. Upon creation of your Mobile Node, its network interface list is empty and the Live CD interface mode is set to autodetect. You may want to edit the network interfaces list later through the Mobile Node edit procedure to match your configuration and be able download your customized configuration files.

Once you have created a virtual Mobile Node from the HAiku interface, you need to configure your physical mobile devices in order to register with the Home Agent and use the IPv6 mobility service. Depending on the installation of HAiku, you may have the choice between 2 solutions to use this service:

  • Configure your Mobile Node yourself: the detailed information page of a particular Mobile Node, accessed via the "Details" icon, gathers all the information needed to configure the node including the mobility and the IPsec parameters. It is the preferred solution since you have a total control over your node but it requires that your device has support for Mobile IPv6 which installation is a bit tricky. Please consult the MIPv6 Howto for details.
  • Use Homeguy, the Mobile IPv6 Live CD: each Mobile Node can have its own associated Live CD that already has support for Mobile IPv6 and a bunch of IPv6 and mobility related software. The use of Homeguy is an easy and instant way to benefit from the service and can be generated from the Live CD page. However, this feature has to be enabled by the operators of the Home Agent and may therefore not be available.

2.  Destroy a Mobile Node

You have the possibility to free the Mobile Nodes that you don't have a use for. This operation can be done from the "Manage Mobile Nodes" page that is accessed with the appropriate link in the left menu. From this page you should see a "destroy" link for each Mobile Nodes you have created so far.

A destroyed Mobile Node cannot be recovered.

This operation will remove any bindings between the Home Agent and the Mobile Nodes so the Live CDs that you may have created for the destroyed Mobile Nodes won't be usable anymore.

3.  Specify network interfaces

3.1  Manage network interfaces for a Mobile Node

You have the possibility to define the networking hardware present on your mobile device. The list of network interfaces is used to produce a ready-to-use configuration file for the mobility daemon matching your hardware configuration that can be downloaded on the detailed information page for a specific Mobile Node.

Also, the network interfaces list serves to specify the network interfaces to use for the Live CD when you set the Live CD interface mode to "User defined". See the section dedicated to the network interface mode for the Live CD for more information on this topic.

This is generally a good idea to define a list of network interfaces present on the mobile device, even when the Live CD interface mode is not set to "User defined".

The interface list management is accessed through the detailed information page of a Mobile Node, which can in turn be accessed from the Manage Mobile Nodes page. In the Network interfaces section, you have the possibility to edit the Mobile Node configuration and create/delete network interfaces for this Mobile Node.

When you create a new interface, you have the possibility to specify the type of access among Bluetooth, Ethernet, WIMAX and WLAN. This information should help you to classify the interface and may be used later as a hint for the network interface autodetection on the Live CDs. The name of the interface is the name under which your interface appears under Linux. Usual names for interface are eth0, eth1, ..., ethn for Ethernet devices, including WLAN and Bluetooth.

Creating a new interface for a Mobile Router will require that you set the type of interface between Egress (connected to the external network) and Ingress (connected to internal networks). An ingress interface will need to have an MNP associated to it.

When editing the Mobile Node, you also have the possibility to set a preference to an interface (only egress interfaces for Mobile Routers). This preference is used to determine which interface should be used in priority in case you have multiple interfaces on your mobile device. You can reorder you interfaces for the Mobile Node with Drag&Drop.

If you need to modify the name or the type of an interface for a Mobile Node, you should delete the interface and create a new one.

3.2  Specify network interfaces mode for Live CD

Homeguy can have 2 modes for the network interfaces detection that you can select from HAiku:

  • user defined: the interfaces list as it is defined by the user for the related Mobile Node serves to specify the network interfaces to use for the Live CD;
  • autodetect: Homeguy tries to detect automatically the available network interfaces at boot time and set pre-defined priorities. The Ethernet interfaces will have a higher priority, followed by the WLAN interfaces, etc. This mode is not available when no ingress interfaces are defined for a Mobile Router.

When you create a new Mobile Node, the default network interfaces mode is autodetect and you can not set the Live CD interfaces mode to user defined unless you have actually defined some network interfaces for this particular Mobile Node.

The network interfaces mode for the Live CD can be modified from the detailed information page for a specific Mobile Node, just like the management of network interfaces for a Mobile Node.

4.  IPsec

4.1  Security parameters

The Mobile IPv6 specification recommends that we use IPsec to protect the messages exchanged between the Mobile Node and the Home Agent. HAiku helps in the use of IPsec by generating your IPsec parameters and providing a ready-to-use configuration file.

From the detailed information about a Mobile Node page, you can access to current IPsec configuration for the Mobile Node including the Security Associations parameters and its Security Policies and edit it. Provided the operators of the Home Agent enabled support for dynamic keying you can configure the Security Association mechanism via the "edit" page of a Mobile Node. You will have the choice between dynamic (requires the use of a key management daemon supporting movements) and static keying. There is no mechanisms yet with static keying Security Associations to renew your keys. You are advised to use dynamic keying whenever possible.

Also you can edit the Security Policies and chose whether or not your Mobile Node should protect payload traffic in order to protect communications between the Home Agent and your Mobile Node via the "edit" page of a Mobile Node. This is needed to ensure confidentiality in visited networks.

4.2  How to install

You will have to protect the following messages:

  • Mobility messages (MH) exchanged between the Mobile Node and Home Agent
  • Mobile Prefix Solicitations and Advertisements (MPS/MPA) messages
  • the tunneled Home Test Init (HoTI) and Home Test (HoT) messages.
  • eventually the tunnel payload.

HAiku produces sample configuration files to easily configure IPsec. From the detailed information about a Mobile Node page, you can download configuration files for IPsec (setkey or Racoon2) depending on your environment (MIPL and SHISA mobility stack).

Static keying

Download the configuration file for IPsec and give it as input for the setkey command. As root type the following in a console (adapt it to your real file name though): 

 # setkey -f my_ipsec_file.conf

For more information on IPsec configuration, please refer to the Configuring IPsec for SHISA/MIPL document.

Dynamic keying

Download the configuration file for Racoon2 and put the uncompressed files your /etc/racoon2 directory.

For more information, please refer to the Dynamic keying for Mobile IPv6 using racoon2 and mip6d Howto.

Log in user interface | TOC | Manage Live CDs

 Nautilus6
 WIDE
Powered by PmWiki