This chapter provides procedures for modifying, adding, deleting, and displaying parameters in the Mobile IP configuration file. This chapter also shows you how to display mobility agent status.
When you configure the mipagent.conf file for the first time, you need to perform the following tasks:
Depending on your organization's host's requirements, determine what functionality your Mobile IP agent will provide:
Create the /etc/inet/mipagent.conf file and enter the settings you require using the procedures described in this section. You can also copy one of the following files to /etc/inet/mipagent.conf and modify it according to your requirements:
For foreign agent functionality, copy /etc/inet/mipagent.conf.fa-sample.
For home agent functionality , copy /etc/inet/mipagent.conf.ha-sample.
For both foreign agent and home agent functionality, copy /etc/inet/mipagent.conf-sample.
You can reboot your system to invoke the boot script that starts the mipagent daemon. You can also start mipagent by typing the following command on a command line:
# /etc/inet.d/mipagent start |
The following table provides a brief description of the tasks described in this section.
Table 3–1 Configuring the Mobile IP Configuration File Task Map
Task |
Description |
For Instructions, Go to ... |
---|---|---|
Creating the Mobile IP configuration file |
Involves creating the /etc/inet/mipagent.conf file or copying one of the sample files | |
Configuring the General section |
Involves entering the version number into the General section of the Mobile IP configuration file | |
Configuring the Advertisements section |
Involves adding labels and values or changing them in the Advertisements section of the Mobile IP configuration file | |
Configuring the GlobalSecurityParameters section |
Involves adding labels and values or changing them in the GlobalSecurityParameters section of the Mobile IP configuration file | |
Configuring the Pool section |
Involves adding labels and values or changing them in the Pool section of the Mobile IP configuration file | |
Configuring the SPI section |
Involves adding labels and values or changing them in the SPI section of the Mobile IP configuration file | |
Configuring the Address section |
Involves adding labels and values or changing them in the Address section of the Mobile IP configuration file |
Become superuser on the system where you want to enable Mobile IP.
Depending on your preference, do one of the following substeps.
Add or change configuration parameters in the /etc/inet/mipagent.conf file according to your configuration requirements. The remaining procedures in this section describe the steps that you perform.
If you copied one of the sample files, you can omit this procedure because the sample file contains this entry.
Edit the /etc/inet/mipagent.conf file and add the following lines.
[General] Version = 1.0 |
The /etc/inet/mipagent.conf file must contain the preceding entry.
General Section provides descriptions of the labels and values used in this section.
Edit the /etc/inet/mipagent.conf file and add or change the following lines using the values required for your configuration.
[Advertisements Interface-name] HomeAgent = <yes/no> ForeignAgent = <yes/no> PrefixFlags = <yes/no> AdvertiseOnBcast = <yes/no> RegLifetime = n AdvLifetime = n AdvFrequency = n ReverseTunnel = <yes/no/FA/HA> ReverseTunnelRequired = <yes/no/FA/HA> |
You must include a different Advertisements section for each interface on the local host that provides Mobile IP services.
Advertisements Section provides descriptions of the labels and values used in this section.
Edit the /etc/inet/mipagent.conf file and add or change the following lines using the values required for your configuration.
[GlobalSecurityParameters] MaxClockSkew = n HA-FAauth = <yes/no> MN-FAauth = <yes/no> Challenge = <yes/no> KeyDistribution = files |
GlobalSecurityParameters Section provides descriptions of the labels and values used in this section.
Edit the /etc/inet/mipagent.conf file and add or change the following lines using the values required for your configuration.
[Pool Pool-identifier] BaseAddress = IP-address Size = size |
Pool Section provides descriptions of the labels and values used in this section.
Edit the /etc/inet/mipagent.conf file and add or change the following lines using the values required for your configuration.
[SPI SPI-identifier] ReplayMethod = <none/timestamps> Key = key |
You must include a different SPI section for each security context deployed.
SPI Section provides descriptions of the labels and values used in this section.
Edit the /etc/inet/mipagent.conf file and add or change the following lines using the values required for your configuration.
For mobile node with a home address or for an agent
[Address address] Type = <agent/node> SPI = SPI-identifier |
For mobile node identified by its NAI
[Address NAI] Type = Node SPI = SPI-identifier Pool = Pool-identifier |
For default mobile node
[Address Node-Default] Type = Node SPI = SPI-identifier Pool = Pool-identifier |
Address Section provides descriptions of the labels and values used in this section.
This section shows you how to modify the Mobile IP configuration file using the mipagentconfig(1M) command. It also shows you how to display the current settings of parameter destinations.
Configuring the Mobility IP Agent provides a conceptual description of the mipagentconfig(1M) command's usage. You can also review the mipagentconfig(1M) man page.
Task |
Description |
For Instructions, Go to ... |
---|---|---|
Modifying the General section |
Uses the mipagentconfig change command to change the value of a label in the General section of the Mobile IP configuration file | |
Modifying the Advertisements section |
Uses the mipagentconfig change command to change the value of a label in the Advertisements section of the Mobile IP configuration file | |
Modifying the GlobalSecurityParameters section |
Uses the mipagentconfig change command to change the value of a label in the GlobalSecurityParameters section of the Mobile IP configuration file | |
Modifying the Pool section |
Uses the mipagentconfig change command to change the value of a label in the Pool section of the Mobile IP configuration file | |
Modifying the SPI section |
Uses the mipagentconfig change command to change the value of a label in the SPI section of the Mobile IP configuration file | |
Modifying the Address section |
Uses the mipagentconfig change command to change the value of a label in the Address section of the Mobile IP configuration file | |
Adding or deleting parameters |
Uses the mipagentconfig add or delete commands to add new parameters, labels, and values or delete existing ones in any of the sections of the Mobile IP configuration file | |
Displaying the current settings of parameter destinations |
Uses the mipagentconfig get command to display current settings of any section of the Mobile IP configuration file |
How to Display Current Parameter Settings in the Configuration File |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each label that you want to modify in the General section.
# mipagentconfig change <label> <value> |
The following example shows how you might change the version number (in the future) in the configuration file's General section.
# mipagentconfig change version 2 |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each label that you want to modify in the Advertisements section.
# mipagentconfig change adv device-name <label> <value> |
For example, if you wanted to change the agent's advertised lifetime to 300 seconds for device le0, use the following command to make this change.
# mipagentconfig change adv le0 AdvLifetime 300 |
The following example shows how you might change other parameters in the configuration file's Advertisements section.
# mipagentconfig change adv le0 HomeAgent yes # mipagentconfig change adv le0 ForeignAgent no # mipagentconfig change adv le0 PrefixFlags no # mipagentconfig change adv le0 RegLifetime 300 # mipagentconfig change adv le0 AdvFrequency 4 |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each label that you want to modify in the GlobalSecurityParameters section.
# mipagentconfig change <label> <value> |
For example, if you wanted to enable home agent and foreign agent authentication, use the following command to make this change.
# mipagentconfig change HA-FAauth yes |
The following example shows how you might change other parameters in the configuration file's GlobalSecurityParameters section.
# mipagentconfig change MaxClockSkew 200 # mipagentconfig change MN-FAauth yes # mipagentconfig change Challenge yes # mipagentconfig change KeyDistribution files |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each label that you want to modify in the Pool section.
# mipagentconfig change Pool Pool-identifier <label> <value> |
For example, if you wanted to change the base address to 192.168.1.1 and size to 100 of Pool 10, use the following commands to make this change.
# mipagentconfig change Pool 10 BaseAddress 192.168.1.1 # mipagentconfig change Pool 10 Size 100 |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each label that you want to modify in the SPI section.
# mipagentconfig change SPI SPI-identifier <label> <value> |
For example, if you wanted to change the key for SPI 257 to 5af2aee39ff0b332, use the following command to make this change.
# mipagentconfig change SPI 257 Key 5af2aee39ff0b332 |
The following example shows how you might change the ReplayMethod label in the configuration file's SPI section.
# mipagentconfig change SPI 257 ReplayMethod timestamps |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each label that you want to modify in the Address section.
# mipagentconfig change addr [NAI | IPaddr | node-default] <label> <value> |
See Address Section for a description of the three configuration methods (NAI, IP address, and node-default).
For example, if you wanted to change the SPI of IP address 10.1.1.1 to 258, use the following command to make this change.
# mipagentconfig change addr 10.1.1.1 SPI 258 |
The following example shows how you might change other parameters provided in the sample configuration file's Address section.
# mipagentconfig change addr 10.1.1.1 Type agent # mipagentconfig change addr 10.1.1.1 SPI 259 # mipagentconfig change addr mobilenode@abc.com Type node # mipagentconfig change addr mobilenode@abc.com SPI 258 # mipagentconfig change addr mobilenode@abc.com Pool 2 # mipagentconfig change addr node-default SPI 259 # mipagentconfig change addr node-default Pool 3 # mipagentconfig change addr 10.68.30.36 Type agent # mipagentconfig change addr 10.68.30.36 SPI 260 |
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the appropriate command for each label that you want to add or delete for the designated section.
For the General section use:
# mipagentconfig [add | delete] <label> <value> |
For the Advertisements section use:
# mipagentconfig [add | delete] adv device-name <label> <value> |
You can add an interface by typing:
# mipagentconfig add adv device-name |
In this case, default values are assigned to the interface (for both foreign agent and home agent).
For the GlobalSecurityParameters section use:
# mipagentconfig [add | delete] <label> <value> |
For the Pool section use:
# mipagentconfig [add | delete] Pool Pool-identifier <label> <value> |
For the SPI section use:
# mipagentconfig [add | delete] SPI SPI-identifier <label> <value> |
For the Address section use:
# mipagentconfig [add | delete] addr [NAI | IPaddr | node-default] \ <label> <value> |
Be careful that you do not create identical Advertisements, Pool, SPI, and Address sections.
For example, if you wanted to create a new address pool, say Pool 11, that has a base address of 192.167.1.1 and a size of 100, use the following commands.
# mipagentconfig add Pool 11 BaseAddress 192.167.1.1 # mipagentconfig add Pool 11 size 100 |
Or you might want to delete a particular security parameter. The following example shows you how to delete SPI 257.
# mipagentconfig delete SPI 257 |
You can use the mipagentconfig get command to display current settings associated with parameter destinations.
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command for each parameter for which you want to display settings.
# mipagentconfig get [<parameter> | <label>] |
For example, if you wanted to display the advertisement settings for the le0 device, use the following command.
# mipagentconfig get adv le0 |
This causes the following results to display (for example).
[Advertisements le0] HomeAgent = yes ForeignAgent = yes |
The following example shows the results of using the mipagentconfig get command with other parameter destinations.
# mipagentconfig get MaxClockSkew [GlobalSecurityParameters] MaxClockSkew=300 # mipagentconfig get HA-FAauth [GlobalSecurityParameters] HA-FAauth=no # mipagentconfig get MN-FAauth [GlobalSecurityParameters] MN-FAauth=no # mipagentconfig get Challenge [GlobalSecurityParameters] Challenge=no # mipagentconfig get Pool 10 [Pool 10] BaseAddress=192.168.1.1 Size=100 # mipagentconfig get SPI 257 [SPI 257] Key=11111111111111111111111111111111 ReplayMethod=none # mipagentconfig get SPI 258 [SPI 258] Key=15111111111111111111111111111111 ReplayMethod=none # mipagentconfig get addr 10.1.1.1 [Address 10.1.1.1] SPI=258 Type=agent # mipagentconfig get addr 192.168.1.200 [Address 192.168.1.200] SPI=257 Type=node |
You can use the mipagentstat command to display a foreign agent's visitors list and a home agent's binding table. Mobile IP Mobility Agent Status provides a conceptual description of the mipagentstat command. You can also review the mipagentstat(1M) man page.
Become superuser on the system where you want to enable Mobile IP.
On a command line, type the following command.
# mipagentstat <option> |
You can use the following options:
-f |
Shows the list of active mobile nodes in the foreign agent's visitor list. |
-h |
Shows the list of active mobile nodes in the home agent's binding table. |
For example, to show the visitor list for all mobile nodes registered with the foreign agent, use the following command.
# mipagentstat -f |
This causes the following results to display (for example).
Mobile Node Home Agent Time (s) Time (s) Flags Granted Remaining --------------- -------------- ------------ --------- ----- foobar.xyz.com ha1.xyz.com 600 125 R 10.1.5.23 10.1.5.1 1000 10 R |