| R CN0 | | -----+-------+--------+---------------- LinkZ | R2 NUTY | | -----+-------+-----------------+------- LinkY | R1 NUTX | | -----+-------+-----------------+------- LinkX | HA0 Node0 NUT0 | | | ----------------------+---------------+---------+------- Link0
Link0 3ffe:501:ffff:100::/64 home link LinkX 3ffe:501:ffff:102::/64 LinkY 3ffe:501:ffff:103::/64 LinkZ 3ffe:501:ffff:104::/64 HA0(Link0) 3ffe:501:ffff:100:200:ff:fe00:a0a0 Node0(Link0) 3ffe:501:ffff:100:200:ff:fe00:a3a3 R1(LinkX) 3ffe:501:ffff:102:200:ff:fe00:a4a4 R2(LinkY) 3ffe:501:ffff:103:200:ff:fe00:a6a6 CN0(LinkZ) 3ffe:501:ffff:104:200:ff:fe00:a8a8
1. Selection Option - IPsec key management between MN and HA : manual configuration - IPsec support between MN and HA : YES 2. Position of Mobile Node - none
HA0 NUT0 R1 R2 CN0 | | | | | | ----> | | | | 1.Router Advertisement | | | | | | NUTX | | | | | | | | | | <---- | | | 2.Router Advertisement | | | | | | <---- | | | | 3.Neighbor Solicitations | | | | | 4.(no reply:3 seconds) | | | | | | <---- | | | | 5.Binding Update | ----> | | | | 6.Binding Acknowledgement | | | | | 7.(wait) (*1) | | | | | 1. Send Router Advertisement. (HA0 -> HA0_allnode_multi) 2. Send Router Advertisement. (R1 -> R1_allnode_multi) 3. Receive Neighbor Solicitations. (NUT0 -> HA0) 4. (no reply) # Wait during a maximum of 3 seconds(RFC2461). 5. Receive Binding Update. (NUTX -> HA0) 6. Send Binding Acknowledgement. (HA0 -> NUTX) # The Status field is set to 0(Binding Update accepted). # The K bit field is set to 0. 7. (wait) # Wait during enough retransmission timer. Packet Format is: 6. Binding Acknowledgement
(*1) PASS: HA0 does not receive the retransmitting of Binding Update.
(draft-ietf-mobileip-ipv6-24.txt) 11.7.3 Receiving Binding Acknowledgements (snip) If the acknowledgement came from the home agent, the mobile node examines the value of the Key Management Mobility Capability (K) bit. If this bit is not set, the mobile node SHOULD discard key management protocol connections, if any, to the home agent. The mobile node MAY also initiate a new key management connection. 10.3.1 Primary Care-of Address Registration (snip) Regardless of the setting of the Acknowledge (A) bit in the Binding Update, the home agent MUST return a Binding Acknowledgement to the mobile node, constructed as follows: o The Status field MUST be set to a value indicating success. The value 1 (accepted but prefix discovery necessary) MUST be used if the subnet prefix of the specified home address is deprecated, becomes deprecated during the lifetime of the binding, or becomes invalid at the end of the lifetime. The value 0 MUST be used otherwise. For the purposes of comparing the binding and prefix lifetimes, the prefix lifetimes are first converted into units of four seconds by ignoring the two least significant bits. o The Key Management Mobility Capability (K) bit is set if the following conditions are all fulfilled, and cleared otherwise: * The Key Management Mobility Capability (K) bit was set in the Binding Update. * The IPsec security associations between the mobile node and the home agent have been established dynamically. * The home agent has the capability to update its endpoint in the used key management protocol to the new care-of address every time it moves Depending on the final value of the bit in the Binding Acknowledgement, the home agent SHOULD perform the following actions: K = 0 Discard key management connections, if any, to the old care-of address. If the mobile node did not have a binding before sending this Binding Update, discard the connections to the home address. K = 1 Move the peer endpoint of the key management protocol connection, if any, to the new care-of address. For an IKE phase 1 connection, this means that any IKE packets sent to the peer are sent to this address, and packets from this address with the original ISAKMP cookies are accepted.