test

System Administration Guide: IP Services

Configuring the Mobile IP Configuration File

When you configure the mipagent.conf file for the first time, you need to perform the following tasks:

  1. Depending on your organization's host's requirements, determine what functionality your Mobile IP agent can provide:

    • Foreign agent functionality only

    • Home agent functionality only

    • Both foreign and home agent functionality

  2. Create the /etc/inet/mipagent.conf file and enter the settings you require by using the procedures that are described in this section. You can also copy one of the following files to /etc/inet/mipagent.conf and modify it according to your requirements:

    • For foreign agent functionality, copy /etc/inet/mipagent.conf.fa-sample.

    • For home agent functionality , copy /etc/inet/mipagent.conf.ha-sample.

    • For both foreign agent and home agent functionality, copy /etc/inet/mipagent.conf-sample.

  3. You can reboot your system to invoke the boot script that starts the mipagent daemon. You can also start mipagent by typing the following command on a command line:


    # /etc/inet.d/mipagent start

Configuring the Mobile IP Configuration File Task Map

The following table provides a brief description of the tasks that are described in this section.

Table 24–1 Configuring the Mobile IP Configuration File Task Map

Task 

Description 

For Instructions, Go to ... 

Creating the Mobile IP configuration file 

Involves creating the /etc/inet/mipagent.conf file or copying one of the sample files

How to Create the Mobile IP Configuration File

Configuring the General section

Involves typing the version number into the General section of the Mobile IP configuration file

How to Configure the General Section

Configuring the Advertisements section

Involves adding labels and values or changing them in the Advertisements section of the Mobile IP configuration file

How to Configure the Advertisements Section

Configuring the GlobalSecurityParameters section

Involves adding labels and values or changing them in the GlobalSecurityParameters section of the Mobile IP configuration file

How to Configure the GlobalSecurityParameters Section

Configuring the Pool section

Involves adding labels and values or changing them in the Pool section of the Mobile IP configuration file

How to Configure the Pool Section

Configuring the SPI section

Involves adding labels and values or changing them in the SPI section of the Mobile IP configuration file

How to Configure the SPI Section

Configuring the Address section

Involves adding labels and values or changing them in the Address section of the Mobile IP configuration file

How to Configure the Address Section

How to Create the Mobile IP Configuration File

  1. Become superuser on the system where you want to enable Mobile IP.

  2. Depending on your preference, do one of the following substeps.

    • In the /etc/inet directory, create an empty file named mipagent.conf.

    • From the following list, copy the sample file that provides the functionality you want to the file /etc/inet/mipagent.conf.

      • /etc/inet/mipagent.conf.fa-sample

      • /etc/inet/mipagent.conf.ha-sample

      • /etc/inet/mipagent.conf-sample

  3. Add or change configuration parameters in the /etc/inet/mipagent.conf file to conform to your configuration requirements. The remaining procedures in this section describe the steps that you perform.

How to Configure the General Section

If you copied one of the sample files, you can omit this procedure because the sample file contains this entry.

    Edit the /etc/inet/mipagent.conf file and add the following lines.


    [General]
     Version = 1.0
Note –

The /etc/inet/mipagent.conf file must contain the preceding entry.

General Section provides descriptions of the labels and values that are used in this section.

How to Configure the Advertisements Section

    Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.


    [Advertisements Interface-name]
     HomeAgent = <yes/no>
     ForeignAgent = <yes/no>
     PrefixFlags = <yes/no>
     AdvertiseOnBcast = <yes/no>
     RegLifetime = n
     AdvLifetime = n
     AdvFrequency = n
     ReverseTunnel = <yes/no/FA/HA/both>
     ReverseTunnelRequired = <yes/no/FA/HA>
Note –

You must include a different Advertisements section for each interface on the local host that provides Mobile IP services.

Advertisements Section provides descriptions of the labels and values that are used in this section.

How to Configure the GlobalSecurityParameters Section

    Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.


    [GlobalSecurityParameters]
     MaxClockSkew = n
     HA-FAauth = <yes/no>
     MN-FAauth = <yes/no>
     Challenge = <yes/no>
     KeyDistribution = files

GlobalSecurityParameters Section provides descriptions of the labels and values that are used in this section.

How to Configure the Pool Section

    Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.


    [Pool Pool-identifier]
     BaseAddress = IP-address
     Size = size

Pool Section provides descriptions of the labels and values that are used in this section.

How to Configure the SPI Section

    Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.


    [SPI SPI-identifier]
     ReplayMethod = <none/timestamps>
     Key = key
Note –

You must include a different SPI section for each security context that is deployed.

SPI Section provides descriptions of the labels and values that are used in this section.

How to Configure the Address Section

    Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.

    • For a mobile node, use the following: 


      [Address address]
     Type = node
     SPI = SPI-identifier

    • For an agent, use the following: 


      [Address address]
     Type = agent
     SPI = SPI-identifier
     IPsecRequest = action {properties} [: action {properties}]
     IPsecReply = action {properties} [: action {properties}]
     IPsecTunnel = action {properties} [: action {properties}]

      action and {properties} are any action and associated properties that are defined in the ipsec(7P) man page.

      Note –

      The SPI that is configured previously corresponds to the MD5 protection mechanism that is required by RFC 2002. The SPI that is configured previously does not correspond to the SPI that is used by IPsec. For more information about IPsec, see Chapter 19, IPsec (Overview) and Chapter 20, Administering IPsec (Task). Also see the ipsec(7P) man page.

    • For mobile node that is identified by its NAI, use the following: 


      [Address NAI]
     Type = Node
     SPI = SPI-identifier
     Pool = Pool-identifier

    • For default mobile node, use the following: 


      [Address Node-Default]
     Type = Node
     SPI = SPI-identifier
     Pool = Pool-identifier

Address Section provides descriptions of the labels and values that are used in this section.