SHISA How To

Written by Keiichi SHIMA @ { KAME Project | Internet Initiative Japan}

$Id: index.html,v 1.17 2006/01/24 06:57:46 mitsuya Exp $

Before reading

This document is written based on the KAME snap kit on 11th July 2005. The contents may not applicable for any other KAME snap kits versions.

Overview

The SHISA is a Mobile IPv6/NEMO protocol stack. The stack consists of a small extension in a kernel space and several small programs which runs in a user space. In this document, we discuss how to configure the kernel and the startup scripts (aka, rc scripts) to use the SHISA stack.

Kernel configuration

Correspondent node

The following kernel option is required to enable correspondent node features. 

options MIP6

This option is the most basic option and is necessary for all other node types discussed bellow.

Mobile node

The following kernel options are required to enable mobile node features. 

options MIP6
options IPSEC
pseudo-device mip 1

The pseudo device mip represents a home network of a mobile node. Home addresses of the mobile node will be assigned to the pseudo interface when the node is away from home.

Home agent

The following kernel options are required to enable home agent features. 

options MIP6
options IPSEC

If you need a NEMO support, you need to define some pseudo device for NEMO tunneling in addition to the MIP6 option. 

options MIP6
options IPSEC
pseudo-device nemo 2

You can support multiple mobile routers up to the number of pseudo device you have defined in the kernel configuration file.

Mobile router

In addition to the mobile node configuration, you need a pseudo device configuration to use mobile router features. 

options MIP6
options IPSEC
pseudo-device mip 1
pseudo-device nemo 1

Building and installing a kernel

You need to follow the instruction of the KAME snap kit installation procedure with the above options.

User space programs

The user space programs which are related to mobility functions are shown bellow.

SHISA daemons
cnd The correspondent node daemon.
had The home agent daemon.
mnd The mobile node daemon.
mrd The mobile router daemon.
babymdd The movement detection daemon.
nemonetd The NEMO tunnel management daemon.
Other programs
rtadvd The router advertisement daemon.

SHISA daemons

SHISA daemons are build and installed during the installation procedure of the KAME snap kit.

The had daemon is compiled without NEMO support by default. To enable NEMO support, you need to modify the Makefile of the had daemon. The Makefile is located in ${KAME}/${YOUROS}/usr.sbin/shisad/had/Makefile. Add -DMIP_NEMO compiler macro definition to CFLAGS. 

CFLAGS+=-DMIP_NEMO

rtadvd daemon

rtadvd daemon provides a supplemental home agent function. To enable the function, you need to compile the daemon with -DMIP6 option. Add the option to the Makefile which is located in ${KAME}/${YOUROS}/usr.sbin/rtadvd/Makefile 

CFLAGS+=-DMIP6

Building and installing daemons

You need to follow the instruction of the KAME snap kit installation procedure to build and install mobility daemons.

Configuration files

The parameters of SHISA daemons are passed by their configuration files. There are four configuration files.

cnd.conf A configuration file for cnd daemon.
had.conf A configuration file for had and nemonetd daemon launched on a home agent.
mnd.conf A configuration file for mnd daemon.
mrd.conf A configuration file for mrd and nemonetd daemon launched on a mobile router.

These configuration files must be located at /usr/local/v6/etc/ directory. You can find sample configuration files in ${KAME}/kame/kame/shisad/sampleconf/ directory.

cnd.conf

The following is a sample of cnd.conf. 

debug 1;
command-port 7777;

debug increases the logging level. command-port specifies the port number of the telnet interface of cnd daemon.

had.conf

The following is a sample of had.conf. 

debug 1;

interface fxp0 {
	command-port 7778;
	preference 10;

	prefixtable {
#		homeaddress          mobilenetworkpfx  pl mode     bid
		2001:200:0:8c08::328 2001:200:0:8c0a::/64 explicit 111;
		2001:200:0:8c08::328 2001:200:0:8c0a::/64 explicit 800;
	};

	static-tunnel {
#		if    homeaddress          bid
		nemo3 2001:200:0:8c08::328 111;
		nemo6 2001:200:0:8c08::328 800;
	};
};

interface specifies the interface name of a home network. prefixtable and static-tunnel are valid only when had supports NEMO functions. prefixtable specifies the mapping between home addresses and mobile network prefixes. static-tunnel specifies binding between the nemo pseudo interfaces and binding IDs. You do not need to declare static-tunnel, if dynamic interface assignment is acceptable. The binding ID field can be omitted if you do not use multiple care-of address registration.

mnd.conf

The following is a sample of mnd.conf. 

debug 1;

interface mip0 {
	command-port 7778;
	home-registration-lifetime 10;
};

home-registration-lifetime specified the lifetime value when sending a binding update message to other nodes.

mrd.conf

The following is a sample of mrd.conf. 

debug 1;

interface mip0 {
	command-port 7778;
	home-registration-lifetime 10;

	prefixtable {
#		homeaddress          mobilenetworkpfx  pl mode     bid
		2001:200:0:8c08::328 2001:200:0:8c0a::/64 explicit 111;
	};

	static-tunnel {
#		if    homeaddress          bid
		nemo0 2001:200:0:8c08::328 111;
	};
};

The rc script

SHISA provides an additional startup script which adds some configuration parameters in your /etc/rc.conf file. You can find the startup script in ${KAME}/${YOUR_OS}/etc/rc.d/ directory. Copy the file (network_ipv6_mobile for FreeBSD5 or mobileip6 for NetBSD) to your /etc/rc.d/ directory.

rc.conf parameters

The following parameters can be specified in your rc.conf files.

Name Value Description
ipv6_mobile_enable YES|NO (default: NO). Enable mobility features when set to YES.
ipv6_mobile_nodetype mobile_node|mobile_router| home_agent (default: undefined). Specify the node type. The correspondent node is chosen when no node type is specified.
ipv6_mobile_home_agent_mode nemo Specify when a home agent need to support mobile routers. If no value is specified, a home agent only support mobile nodes. This parameter is valid only for home agents.
ipv6_mobile_home_interface interface_name_of_home_agent Specify the interface name of your home agent. This parameter is valid only for home agents.
ipv6_mobile_ingress_interfaces ingress_interface_name_of_mobile_router Specify the ingress interface name of your mobile router. This parameter is valid only for mobile routers.

Sample configuration for FreeBSD 5

In the following sections, we show some sample configuration files for /etc/rc.conf for FreeBSD5 system.

Correspondent node

A correspondent node can be configured as follows. 

PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ipv6_enable="YES"
ipv6_mobile_enable="YES"

Mobile node

A mobile node can be configured as follows. In the following sample configuration, the home address is 2001:db8:100:200::1234. 

PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ipv6_enable="YES"
ipv6_ifconfig_mip0="2001:db8:100:200::1234 home"
ipv6_ifconfig_em0="up"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="mobile_node"

Do not forget to specify home parameter when configuring the home address of the node. The last line is required to activate the network interface, since all interface stay down if we specify an IPv6 address statically. Replace em0 with the physical interface name of the node.

Home agent

A home agent can be configured as follows. In the following sample configuration, the address of a home agent is 2001:db8:100:200::1000/64 and the name of a network interface of a home network is fxp0. 

PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ipv6_enable="YES"
ipv6_gateway_enable="YES"
ipv6_ifconfig_fxp0_alias0="2001:db8:100:200::1000"
ipv6_ifconfig_fxp0_alias1="2001:db8:100:200:: anycast"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="home_agent"
ipv6_mobile_home_interface="fxp0"

When enabling the NEMO support, the following example can be used. Note that the had daemon is compiled without NEMO support by default. Don't forget to comple the had with -DMIP_NEMO CFLAGS. 

PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ipv6_enable="YES"
ipv6_gateway_enable="YES"
ipv6_ifconfig_fxp0_alias0="2001:db8:100:200::1000"
ipv6_ifconfig_fxp0_alias1="2001:db8:100:200:: anycast"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="home_agent"
ipv6_mobile_home_agent_mode="nemo"
ipv6_mobile_home_interface="fxp0"

Mobile router

A mobile router can be configured as follows. The home address in the following example is 2001:db8:100:200::9876 and the mobile network prefix of the mobile router is 2001:db8:100:300::/64. The interface name for the mobile network is em1. 

PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ipv6_enable="YES"
ipv6_gateway_enable="YES"
ipv6_ifconfig_mip0="2001:db8:100:200::9876 home"
ipv6_ifconfig_em0="up"
ipv6_ifconfig_em1_alias0="2001:db8:100:300::1"
rtadvd_enable="YES"
rtadvd_interfaces="em1"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="mobile_router"
ipv6_mobile_ingress_interfaces="em1"

Sample configuration for NetBSD 2

In the following sections, we show some sample configuration files for /etc/rc.conf for NetBSD2 system.

Correspondent node

A correspondent node can be configured as follows. Add the followings as local overrides on /etc/rc.conf . 

critical_filesystems_local="/usr"
PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ip6mode="autohost"
ipv6_mobile_enable="YES"

The path, /usr/local/v6/*, should be mounted before the configuration because /usr/local/v6/sbin/ifconfig has additional function than /sbin/ifconfig. So that it is required to configure the right vaule of $critical_filesystems_local .

Mobile node

A mobile node can be configured as follows. In the following sample configuration, the home address is 2001:db8:100:200::1234. 

critical_filesystems_local="/usr"
PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ip6mode="autohost"
ifconfig_mip0="inet6 2001:db8:100:200::1234 home"
ifconfig_em0="up"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="mobile_node"

Do not forget to specify home parameter when configuring the home address of the node. The last line is required to activate the network interface, since all interface stay down if we specify an IPv6 address statically. Replace em0 with the physical interface name of the node.

Home agent

A home agent can be configured as follows. In the following sample configuration, the address of a home agent is 2001:db8:100:200::1000/64 and the name of a network interface of a home network is fxp0. 

critical_filesystems_local="/usr"
PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ip6mode="router"
ifconfig_fxp0="inet6 2001:db8:100:200::1000"
ifconfig_fxp0="inet6 2001:db8:100:200:: anycast"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="home_agent"
ipv6_mobile_home_interface="fxp0"

When enabling the NEMO support, the following example can be used. Note that the had daemon is compiled without NEMO support by default. Don't forget to comple the had with -DMIP_NEMO CFLAGS. 

critical_filesystems_local="/usr"
PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ip6mode="router"
ifconfig_fxp0="inet6 2001:db8:100:200::1000"
ifconfig_fxp0="inet6 2001:db8:100:200:: anycast"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="home_agent"
ipv6_mobile_home_agent_mode="nemo"
ipv6_mobile_home_interface="fxp0"

Mobile router

A mobile router can be configured as follows. The home address in the following example is 2001:db8:100:200::9876 and the mobile network prefix of the mobile router is 2001:db8:100:300::/64. The interface name for the mobile network is em1. 

critical_filesystems_local="/usr"
PATH=/usr/local/v6/sbin:/usr/local/v6/bin:${PATH}

ip6mode="router"
ifconfig_mip0="inet6 2001:db8:100:200::9876 home"
ifconfig_em0="up"
ifconfig_em1="inet6 2001:db8:100:300::1"
rtadvd_enable="YES"
rtadvd_interfaces="em1"
ipv6_mobile_enable="YES"
ipv6_mobile_nodetype="mobile_router"
ipv6_mobile_ingress_interfaces="em1"

IP security

To be described.

FAQs and tips

Doesn't work?

Q1: The had stops with an error "syntax error".
A1: Don't you forget ";" at the end of line in the configuration file?

Q2: In NEMO situation, it seems that I could exchange DHAAD request/reply, I can see the increase of those counters in SHISA statistics (show stats). But I could not have an entry for HA on the BUL (show bul). Why?
A2: We are afraid that you compiled the had daemon without MIP_NEMO definition.

Shisa specification

Q1: What's the difference between babymdd and mdd?
A1: The algorithms to detect movement are different. The babymdd monitors the status of network interfaces. When the interface goes down, babymdd deletes its Care-of Address so that mnd(or mrd) can know the detachment. When the interface become up, babymdd sends RS so that the mobile host may get a new Care-of Address without delay. On the other hand, the mdd monitors the changes of IP address. When an IP address has been deleted or newly added, the mdd lists all available global IPv6 address and chose one as the primary Care of Address. Because the mdd do nothing related to L2 trigger, it normally used with a tool which monitors L2 status and plays some roles on L3 configuration like Casanova.

If you have any questions or find any problems, please contact to snap-users@kame.net.