Address Section
The Solaris implementation of Mobile IP enables you to configure mobile nodes in one of three methods. Each method is configured in the Address section. The first method follows the traditional Mobile IP protocol, and requires that each mobile node have a home address. The second method enables a mobile node to be identified through its Network Access Identifier (NAI). The last method enables you to configure a default mobile node, which can be used by any mobile node that has the proper SPI value and related keying material.
Mobile Node
The Address section for a mobile node contains the Type and SPI labels that define the address type and SPI identifier. The Address section has the following syntax:
[Address address]
Type = node
SPI = SPI-identifier
|
You must include an Address section in a home agent's configuration file for each mobile node that is supported.
If Mobile IP message authentication is required between the foreign and home agent, you must include an Address section for each peer with which an agent needs to communicate.
The SPI value that you configure must represent an SPI section that is present in the configuration file.
You can also configure private addresses for a mobile node.
The following table describes the labels and values that you can use in the Address section for a mobile node.
Table 25–5 Address Section Labels and Values—Mobile Node|
Label |
Value |
Description |
|---|---|---|
|
Type |
node |
Specifies that the entry is for a mobile node |
|
SPI |
n |
Specifies the SPI value for the associated entry |
Mobility Agent
The Address section for a mobility agent contains the Type and SPI labels that define the address type and SPI identifier. This section also contains IPsec request, reply, and tunnel labels. The Address section has the following syntax:
[Address address]
Type = agent
SPI = SPI-identifier
IPsecRequest = action {properties} [: action {properties}]
IPsecReply = action {properties} [: action {properties}]
IPsecTunnel = action {properties} [: action {properties}]
|
You must include an Address section in a home agent's configuration file for each mobility agent that is supported.
If Mobile IP message authentication is required between the foreign and home agent, you must include an Address section for each peer with which an agent needs to communicate.
The SPI value that you configure must represent an SPI section that is present in the configuration file.
The following table describes the labels and values that you can use in the Address section for a mobility agent.
Table 25–6 Address Section Labels and Values—Mobility Agent|
Label |
Value |
Description |
|---|---|---|
|
Type |
agent |
Specifies that the entry is for a mobility agent |
|
SPI |
n |
Specifies the SPI value for the associated entry |
|
IPsecRequest |
apply or permit (see following note) |
IPsec properties to invoke for registration requests to and from this mobility agent peer |
|
IPsecReply |
apply or permit (see following note) |
IPsec properties to invoke for registration replies to and from this mobility agent peer |
|
IPsecTunnel |
apply or permit (see following note) |
IPsec properties to invoke for tunnel traffic to and from this mobility agent peer |
Note –
The apply values correspond to outbound datagrams. The permit values correspond to inbound datagrams. Therefore, IPsecRequest apply values and IPsecReply permit values are used by the foreign agent to send and receive registration datagrams. The IPsecRequest permit values and the IPsecReply apply values are used by the home agent to receive and send registration datagrams.
Mobile Node Identified by its NAI
The Address section for a mobile node that is identified by its NAI contains the Type, SPI, and Pool labels. The NAI parameter enables you to identify mobile nodes through their NAI. The Address section, using the NAI parameter, has the following syntax:
[Address NAI]
Type = Node
SPI = SPI-identifier
Pool = Pool-identifier
|
In order to use pools, you identify mobile nodes through their NAI. The Address section permits you to configure an NAI, as opposed to a home address. An NAI uses the format user@domain format. You use the Pool label to specify which address pool to use in order to allocate the home address to the mobile node.
The following table describes the labels and values that you can use in the Address section for a mobile node that is identified by its NAI.
Table 25–7 Address Section Labels and Values—Mobile Node Identified by Its NAI|
Label |
Value |
Description |
|---|---|---|
|
Type |
node |
Specifies entry for a mobile node |
|
SPI |
n |
Specifies SPI value for the associated entry |
|
Pool |
n |
Allocates the pool from which an address is assigned to a mobile node |
You must have corresponding SPI and Pool sections for the SPI and Pool labels that are defined in an Address section with a mobile node that is identified by its NAI, as shown in the following illustration.
Figure 25–1 Corresponding SPI and Pool Sections for Address Section With Mobile Node Identified by Its NAI
Default Mobile Node
The Address section for a default mobile node contains the Type, SPI, and Pool labels. The Node-Default parameter enables you to permit all mobile nodes to get service if they have the correct SPI (defined in this section). The Address section, using the Node-Default parameter, has the following syntax:
[Address Node-Default]
Type = Node
SPI = SPI-identifier
Pool = Pool-identifier
|
The Node-Default enables you to reduce the size of the configuration file. Otherwise, each mobile node requires its own section. However, the Node-Default does pose a security risk. If a mobile node is no longer trusted for any reason, you need to update the security information on all trusted mobile nodes. This task can be very tedious. However, you can use the Node-Default in networks that consider security risks unimportant.
The following table describes the labels and values that you can use in the Address section for a default mobile node.
Table 25–8 Address Section Labels and Values—Default Mobile Node|
Label |
Value |
Description |
|---|---|---|
|
Type |
node |
Specifies entry for a mobile node |
|
SPI |
n |
Specifies SPI value for the associated entry |
|
Pool |
n |
Allocates the pool from which an address is assigned to a mobile node |
You must have corresponding SPI and Pool sections for the SPI and Pool labels that are defined in the Address section with a default mobile node, as shown in the following illustration.
Figure 25–2 Corresponding SPI and Pool Sections for Address Section With a Default Mobile Node
- © 2010, Oracle Corporation and/or its affiliates