IETF Logo Mail Archive

Re: [MEXT] Rethink on Mobile IPv6

Wassim Haddad <wassim.haddad@ericsson.com> Wed, 03 March 2010 20:31 UTC

Return-Path: <wassim.haddad@ericsson.com>
X-Original-To: mext@core3.amsl.com
Delivered-To: mext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9465328C171; Wed, 3 Mar 2010 12:31:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m1Jj0A2YksK3; Wed, 3 Mar 2010 12:30:59 -0800 (PST)
Received: from imr1.ericy.com (imr1.ericy.com [198.24.6.9]) by core3.amsl.com (Postfix) with ESMTP id 5D8BD28C276; Wed, 3 Mar 2010 12:30:53 -0800 (PST)
Received: from eusaamw0712.eamcs.ericsson.se ([147.117.20.181]) by imr1.ericy.com (8.13.1/8.13.1) with ESMTP id o23KWxuT022838; Wed, 3 Mar 2010 14:33:00 -0600
Received: from EUSAACMS0703.eamcs.ericsson.se ([169.254.1.20]) by eusaamw0712.eamcs.ericsson.se ([147.117.20.181]) with mapi; Wed, 3 Mar 2010 15:30:31 -0500
From: Wassim Haddad <wassim.haddad@ericsson.com>
To: "Basavaraj.Patil@nokia.com" <Basavaraj.Patil@nokia.com>, "mext@ietf.org" <mext@ietf.org>
Date: Wed, 03 Mar 2010 15:30:31 -0500
Thread-Topic: Rethink on Mobile IPv6
Thread-Index: Acq66gOoUWTseQTmoUO8Px+IuYFs9gAJgTqA
Message-ID: <2991246A29623A4082EB2B06A2B891A425CD0D87F6@EUSAACMS0703.eamcs.ericsson.se>
References: <C7B3E2AE.5767%basavaraj.patil@nokia.com>
In-Reply-To: <C7B3E2AE.5767%basavaraj.patil@nokia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="SHA1"; boundary="----=_NextPart_000_0067_01CABAD5.B1F60050"
MIME-Version: 1.0
Cc: "jari.arkko@piuha.net" <jari.arkko@piuha.net>, Wassim Haddad <wassim.haddad@ericsson.com>, "int-area@ietf.org" <int-area@ietf.org>, "rdroms@cisco.com" <rdroms@cisco.com>
Subject: Re: [MEXT] Rethink on Mobile IPv6
X-BeenThere: mext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mext>
List-Post: <mailto:mext@ietf.org>
List-Help: <mailto:mext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Mar 2010 20:31:00 -0000

Hi Raj, 

Mobile IPv6 (RFC3775) has been an RFC since 2004, and Dual-stack Mobile IPv6
(RFC5555) since 2009. Implementations of the protocol has been lacklustre to
say the least. Several SDOs have considered MIP6 and DSMIP6 as a solution
for interworking and mobility between different access technologies and only
3GPP has adopted it in a very limited manner for Rel 8 (for use on the S2c
interface) with the likelihood of it being actually deployed quite low
(IMO).

While there are many reasons that can be attributed to the lack of
implementations and use, one that I would like to raise is the the concern
with the overly complex security model that MIP6/DSMIP6 relies on today.
MIP6/DSMIP6 requires IPsec and IKE/IKEv2 (RFC3776/4877) to secure the
signaling between the MN and HA. The fundamental purpose of
MIP6/DSMIP6 is to provide mobility to hosts. At a very high level the
MIP6/DSMIP6 protocol boils down to the ability to setup a tunnel between the
MN and HA and update the MN tunnel end-point whenever there is a change in
the associated IP address (CoA). The signaling to establish the tunnel needs
to be secure. But using a protocol like
IKEv2 and IPsec to achieve this security is just an overkill. It increases
the complexity of the implementation as a result of many factors that have
been captured in I-D:
draft-patil-mext-mip6issueswithipsec and discussed in the MEXT WG meetings. 

Given the objective of the protocol is to enable IP mobility for hosts, it
should focus on doing that well in a manner that makes it easy to
implement/adopt/deploy/scale. My opinion as a result of implementation
experience is that MIP6/DSMIP6 can be significantly simplified, especially
the security architecture. The protocol as specified currently in
RFC3775/RFC5555 is a kitchensink of features. Getting back to basics of
simply establishing a tunnel between the MN and HA and managing that tunnel
is all that is needed and would potentially see the light of day in the real
world.

=> Does this mean that you want also to take out the RO mode or you want to
simplify it?


Wassim H.

v2.23.0 | Report a Bug | By Email