TCP0011: THE PROBLEM MOBILE IP SOLVES

I. Conventional IP Assumption

The conventional assumption is that a host's IP address is tied to its network prefix. In other words, the same host can only communicate with other hosts on the same sub-network (e.g., /24).

Routers forward packets based on this shared prefix. This means that if a host moves to another network, its IP address might no longer match the local prefix. Packets sent to its home IP won't reach it, and existing TCP/UDP connections will break.

II. The Problem with Traditional Routers

In traditional router configurations, when a host moves to a different network, its IP address becomes disconnected from the previously configured routing table. This means that:

The new host's IP addresses no longer match the local prefix.
Packets sent to the old host's IP address won't reach it.
Existing TCP/UDP connections will break because routers don't know where to forward packets.

III. Mobile IP Solution

To solve these problems, Mobile IP introduces a new routing protocol called Mobility Support in IP (MSINIP).

The key idea is for the mobile host to maintain its own routing table and use special routing tricks to route packets back to itself wherever it is located.

IV. How Mobile IP works:

The mobile host maintains its original routing table, which contains information about the local network prefix.
When the mobile host moves to a new network, it recalculates its routing table using the new network's prefix.
Special routing mechanisms are employed to route packets back to the mobile host based on its current location.

V. Key Features of Mobile IP

Some key features of Mobile IP include:

Mobile Host's Routing Table: The mobile host maintains a separate routing table that contains information about the local network prefix and how to forward packets.
Temporary IP Address: When the mobile host moves, it obtains a temporary IP address on the new network. This temporary address is used until the mobile host can establish a new permanent IP address.
Neighbor Discovery: The mobile host initiates neighbor discovery by sending periodic probe messages to the neighboring routers. These messages help discover the new routing table and ensure that the mobile host's routing information is correct.

Mobile IP allows hosts to maintain their own routing tables while roaming between networks.

Using special routing tricks and temporary IP addresses means that Mobile IP enables hosts to continue communicating with other hosts even when they're not physically present on the same network.

VI. Key Concepts & Terminology in MIPv6

HOW MIPV6 WORKS CONCEPTUALLY

MIPv6 (Mobile IPv6) operates on a fundamentally different model than traditional IPv4, utilizing a mobile node’s location to establish and maintain connections.

The core idea is to create a dynamic and efficient routing system that allows mobile devices to seamlessly connect and communicate without relying heavily on complex routing protocols. Here’s the breakdown:

Step 1: Mobile Node Away From Home - Establishing the Connection

When a mobile node (MN) departs its home network, it needs to establish a new connection with its home agent (HA). This is the starting point for the MIPv6 process.

The MN acquires a care-of address (CoA) – essentially a unique identifier for the MN within the network – using standard IPv6 mechanisms like SLAAC or DHCPv6. Think of the HA as a postal forwarding service for your packets.

Key Analogy: The MN acts as a messenger – it’s sending information, and the HA acts as the delivery service.

Step 2: Packet Forwarding via Home Agent – Encapsulation & Routing

Once the packet is routed to the HA, it's encapsulated using IPv6 tunneling, just like any other packet. This encapsulation ensures the packet remains valid and reliably delivered.

The HA then sends the packet to the MN's CoA (Care-of Address). This is the crucial step of transferring the packet’s destination information.

At the MN's CoA, the encapsulated packet is decapsulated by the HA, utilizing the same IPv6 tunneling mechanism. This allows the MN to receive the original packet and continues with its communication with the CN.

Purpose: This process establishes a secure and reliable path for the packet to reach its final destination.

Step 3: Tunnel Header → CoA – Security & Validity

The tunnel header is created by concatenating the original packet’s header with a crucial encrypted tunnel header.

This encapsulation ensures the packet remains valid and can be delivered reliably, even if the network routes change.

Step 4: Encapsulation (Tunneling): Original Packet → MN

When the CN sends a new packet to the MN, this packet is first routed through the Home Agent (HA).

The HA then encapsulates the original packet using the tunnel header generated in Step 2.

This ensures that the packet remains valid and can be delivered reliably.

Step 5: Optional Route Optimization: Learning CoA via Secure Binding Updates

Sending all packets via the home agent can be inefficient, especially when routing triangles arise - situations where a node has two or more routes to reach a destination. This is the key to MIPv6’s efficiency.

To avoid this, MIPv6 allows the CN to learn the MN’s CoA through secure Binding Update messages. This establishes a dynamic connection.

Step 6: Learning CoA via Secure Binding Updates – Establishing the Connection

The CN sends packets to the Home Agent with the MN’s Care-of Address (CoA) embedded within them.

The Home Agent then encapsulates these packets using tunneling and forwards them to the MN’s CoA.

This process allows the CN to learn the MN's CoA without relying on traditional routing mechanisms.

In essence, MIPv6 leverages a dynamic, peer-to-peer connection model, enhancing mobile network performance and adaptability.

Security Concerns

Sending all packets via the HA can also pose security risks if an attacker intercepts or modifies these packets.

To mitigate this, MIPv6 provides secure Binding Update messages that ensure the integrity and authenticity of the CoA information exchanged between the CN and Home Agent.

MIPv6 Control Messages (Mobility Header)

MIPv6 defines Mobility Extension Header (MEH) – Next Header = 135 – to establish communication between Mobile Nodes (MNs), Home Agents (HAs), and Communication Nodes (CNs).

These messages are crucial for binding updates, ensuring registration, and facilitating seamless handover transitions.

Purpose: The MEH acts as a signaling layer, providing the necessary information to allow for dynamic and secure connections between these nodes. It's the cornerstone of the MIPv6 architecture.

The Complexity of the MEH:

The MEH’s design presents challenges in ensuring message security, authentication, and prevention of spoofing. Protecting this critical data is paramount to the MIPv6’s integrity and reliability.

KEY PRINCIPLES

Transparency to Upper Layers:
TCP/UDP sees the HoA (Home Agent) connections.
Connections remain alive despite network mobility, providing a robust and consistent routing experience.

Triangular Routing vs. Optimized Routing

Triangle Routing: CN → HA → MN
Optimized Routing: CN → MN directly. This approach prioritizes direct communication, potentially reducing network congestion.

Security

MN → HA registration is authenticated.
Optional MN → CN binding requires cryptographic verification.

VISUAL OVERVIEW

[Correspondent Node] ---> [Home Agent] ---> [Mobile Node (CoA)]

Home Agent as Anchor Point: The Home Agent is the primary point of control and registration for MIPv6 communication.
Care-of Address (CoA) Temporary & Dynamic: The CoA is a unique identifier for the MN and is established during the initial connection. It is not permanent and can be updated dynamically.
Mobility Header for Control: The Mobility Header carries crucial control information to update bindings securely.

EXAMPLE FLOW

MN Leaves Home Network: The Mobile Node departs its home network.
Receives CoA: The MN initiates the process by receiving a CoA from the Home Agent.
Binding Update: The MN sends a Binding Update to the Home Agent, notifying it of the CoA's existence and registration.
CN Sends Packet to HoA: The CN initiates a packet transmission to the Home Agent, providing the CoA.
HA Intercepts & Encapsulates: The Home Agent intercepts the packet, encapsulates it using the MEH, and forwards it to the MN.
MN Decapsulates & Receives: The MN receives the packet and decapsulates it, extracting the original information.
Optional Direct Path: The MN can optionally send packets directly to the CN, bypassing the Home Agent.

📊 How It Works (MIPv6 Basics Repeat Summary)

At Home:

Normal routing, no special handling.

Away from Home:

Mobile node keeps its home IP address.

Home Agent intercepts packets destined for the mobile node.

HA tunnels them to the mobile node’s current location (using a care-of address).

Mobile node can also send packets directly to peers, but may use tunneling for return traffic.

Mobility Header:

Special IPv6 extension header (Next Header = 135).

Used for signaling between mobile node, home agent, and correspondent nodes.

IANA maintains a registry of mobility header types (17 reserved currently).

⚖️ Complexity

Signaling & Security:

Binding updates (to tell HA or peers where the mobile node is).

Authentication to prevent hijacking.

🟢 Extensions:

Fast handovers ([RFC 5568]).

Changing home agents ([RFC 5142]).

Experimental features ([RFC 5096]).

🚀 Deployment Context

MIPv4 → older, defined in [RFC 5944].
MIPv6 → newer, more flexible, defined in [RFC 6275].
More relevant today due to smartphones and mobile broadband.
Still complex enough that entire books are dedicated to it.

Key Takeaway: Mobile IP allows a host to move between networks while keeping its home IP address, preserving ongoing connections. MIPv6 achieves this using a home agent, tunneling, and mobility headers, but requires careful signaling and security.

MOBILE IP: THE BASIC MODEL (BIDIRECTIONAL TUNNELING)

Mobile IP (MIPv6, and similarly MIPv4) is all about letting devices stay connected even when they move between networks. Let’s break down how it works.

💻 Key Players

Mobile Node (MN): The device that moves around (e.g., a laptop or phone).
Correspondent Node (CN): The device it’s talking to (e.g., a server or another host).
Home Agent (HA): A special router back in the MN’s home network that helps keep track of it.

🏠 Addresses

Home Address (HoA): The permanent IP address from the MN’s home network.

Care of Address (CoA): A temporary IP address the MN gets when it connects to a visited (foreign) network.

Binding: The association between HoA ↔ CoA, so the HA knows where to forward traffic.

🔄 How the Basic Model Works

The MN connects to a new network and receives a CoA.
It sends a Binding Update message to its HA.
The HA replies with a Binding Acknowledgment.
From then on, traffic between the MN and CN flows through the HA using bidirectional tunneling (IPv6 packet tunneling per RFC2473).

👉 This setup works even if the CN doesn’t support Mobile IP, the HA handles everything transparently.

🚐 Network Mobility (NEMO)

Sometimes, it’s not just a single device that moves — it’s an entire network (like a bus Wi Fi system).

In that case, a mobile router plays the role of the MN, and the same binding/tunneling process applies.

🔒 Security

Binding updates are protected with IPsec ESP (Encapsulating Security Payload).

This prevents attackers from tricking the HA with fake binding updates.

⚡ Route Optimization

While the HA can forward all traffic, Mobile IP also supports direct communication between MN and CN (route optimization).
This avoids detours through the HA and improves performance.

Mobile IP lets devices (or even whole networks) roam freely while keeping their connections alive. The HA acts like a traffic forwarder, ensuring packets reach the MN wherever it goes. Bidirectional tunneling is the basic mechanism, but route optimization makes things faster when both ends support it.

REAL WORLD USES OF MOBILE IP

I. Bus/school/research centers Wi-Fi (e.g., wired Gigabit Buses)

A university has buildings (labs, offices, libraries) connected by a high-speed fiber backbone

Each building has Wi-Fi

Students move between buildings

Mobile IP ensures their sessions (VPN, video calls, etc.) don't drop

II. Phone (Cellular Networks - 4G/5G)

Mobile IP is integral to cellular networks, especially for roaming:

Each mobile phone has a Mobile IP endpoint.

When a call is made, the phone changes its location (roams) and uses Mobile IP to establish a session with the nearest cell tower.

The cell tower then forwards the call to the destination network, making it possible for users to move around a city or country.

Real-World Application:

Almost all modern 4G/5G networks rely on Mobile IP for seamless roaming and call bridging.

III. Mifi (Mobile Fidelity Devices):

Mifi devices (like portable microphones, voice recorders, etc.) use Mobile IP to connect to networks even when away from a fixed base station.

They are often used in events, workshops, or remote locations where a constant connection isn’t always possible.

Real-World Application:

Podcasters, presenters, or researchers can use Mifi devices to record audio from different locations or even remotely, ensuring stable communication.

IV. IoT (Internet of Things):

IoT devices (sensors, smart meters, etc.) often move around, so Mobile IP helps them stay connected as they change locations.

IoT devices can use Mobile IP to update their network address dynamically.

Real-World Application:

Smart cities, industrial automation, and agriculture use Mobile IP to support IoT devices that move frequently.

V. Cloud Computing:

Cloud platforms can use Mobile IP to allow virtual machines (VMs) to move between data centers or locations without disrupting services.

VMs can change their IP address via Mobile IP, making it easy for them to migrate.

VI. Data Centers:

Data centers with multiple servers or storage nodes use Mobile IP to ensure that devices can move between locations and still maintain network connections. For scalability.

VII. Bus WiFi – When Moving a Transportation Bus

A bus (transportation vehicle) can have its own Wi-Fi or Mifi device (like a mobile hotspot) to provide internet connectivity for passengers or staff.

Mobile IP allows the bus to be treated as a mobile node in a network, enabling it to connect to various locations and users without fixed IP.

This is a creative but possible application, especially in public transport or event venues.

EG Purchase Safaricom Mi-FI. Put it inside your car. People connect while travelling. The Mi-Fi keeps changing cell towers. Does your IP change too? NO

That’s the point of Mobile IP, which is an extension of the TCP/IP protocol that allows devices to maintain their original IP address while moving between different wireless networks. It enables devices to remain connected and accessible even when they're moving from one network to another.

Let's Elaborate on the Key Aspects & Why This Matters:

Bidirectional Tunneling: You're correct. This is the core principle. It's not just about one connection; it's about establishing multiple connections to different network points. The routing algorithm handles this, making the overall process more efficient.

HA (Head-of-Line) Routing: This is crucial. The HA acts as a filter – it identifies packets that should be on the same link and ensures they go through the same path. This prevents loops and improves network performance.

Route Optimization: This is the smart part. The route optimization algorithms (like the one used by the Mobile IP network) are constantly adjusting paths to minimize latency and maximize throughput.

Key Differences Between Mobile IP & Traditional Routing

THE PROBLEM ROUTE OPTIMIZATION (RO) SOLVES

The Core Problem: Triangle Routing Inefficiency

When a Mobile Node (MN) leaves its home network, all communication must pass through its Home Agent (HA). This creates a "triangle" path:

Packets from a Correspondent Node (CN) travel first to the HA
The HA then tunnels them to the MN's current location
Return packets make the same detour back through the HA

Why this is inefficient: The physical distance between the HA and MN adds unnecessary latency and wastes bandwidth. If the CN and MN are geographically close but the HA is far away, packets still travel the long way around.

The Solution: Direct Bidirectional Tunneling (Route Optimization)

Route Optimization (RO) eliminates the detour by allowing the CN and MN to communicate directly, without involving the HA in every packet exchange.

This creates a straight, efficient path between them.

The Enabler: Return Routability Procedure (RRP)

RRP is the critical security mechanism that makes RO possible.

Before allowing direct communication, RRP verifies that the MN is reachable at both its home address and its care-of address.

This prevents attackers from impersonating the MN and hijacking the connection.

In short: RRP enables secure, direct communication by solving the security challenges that come with bypassing the trusted Home Agent.

It fundamentally tackles the challenge of ensuring reliable communication despite potential security vulnerabilities.

Here's a breakdown of the RRP's stages:

I. Establishing and Maintaining Bindings (Stage 1 - The Initial Setup)

What it does: This is the initial step where the HA and MN establish a connection – a binding. This binding isn’t just a simple connection; it’s a formalized agreement about how the MN will communicate with the HA.

Why it’s important: Without this binding, the MN and CN can't reliably exchange data. The binding is the foundation for all subsequent communication.

Key aspect: The binding establishes a key – a record of the MN's home address and care-of address that both the HA and MN can agree upon. This agreement is vital for mutual trust and predictable communication.

II. Direct Data Exchange with Special IPv6 Headers

(Stage 2 - The Actual Communication)

What it does: Once the binding is validated (meaning both the HA and MN agree on the details), special IPv6 extensions are used to directly exchange data. These extensions are different from standard IPv6 headers and enable the MN and CN to communicate openly without relying on the HA for every step.

Why it’s important: This is where the real routing optimization happens – enabling direct communication, bypassing the central HA. It’s a more efficient way to transmit data because it avoids the need for the HA to make routing decisions at each hop.

The Benefit: This reduces the attack surface – the HA isn't directly involved in every data exchange, making it much harder for attackers to hijack the binding and redirect traffic.

III. Return Routability Procedure (RRP) - The Security Shield

What it does: This is the heart of the security solution. It's a mechanism that guarantees that the MN and CN can reliably reach each other, even if the HA is compromised.

How it works (in short):

MN Reachability: The RRP actively ensures the MN's home address (HoA) and care-of address (CoA) are reachable. This is achieved through a series of steps and return routes – essentially, the RRP establishes a reliable path back to the HA, even if there are disruptions along the way.

CN Reachability: Crucially, the RRP also ensures that the MN is reachable at its care-of address (CoA). This prevents the CN from being unreachable. The RRP helps establish a 'back-up' path for the CN in case the MN gets lost.

Why it's important: This prevents attackers from hijacking the binding and redirecting traffic. It's a crucial defense against attacks that might try to intercept communication.

Analogy

Think of it like a postal route.

Triangle Routing: Is like a maze – it's confusing and inefficient.

RRP: Is like a secure, designated route – it guarantees both the sender and receiver can always reach the destination, regardless of any obstacles.

In essence, the RRP builds a robust system of trust and predictability that makes the direct tunneling possible while mitigating the security risks associated with the distance between the HA and the MN/CN.

RRP MESSAGES

RRP uses four Mobility Extension Header subtypes:

Steps 1-4: MN-CN Handshake

This part describes the steps involved in a single-hop (MN) to single-carrier network (CN) connection. Here's a breakdown of each step:

MN sends HoTI and CoTI: MN (Home Address Option Interface Tunneling) sends two cryptographic tokens, HoTI (Home Address Token) and CoTI (Carrier Token), through the HA (Home Address Authentication) tunnel to CN.
CN responds with HoT and CoT: After receiving HoTI and CoTI, CN responds by sending back HoT and CoT via HA.
MN receives HoT and CoT: MN then receives HoT and CoT from CN, which contain the same cryptographic tokens as in step 1.

These steps ensure that MN and CN have a secure connection by using cryptographic tokens to authenticate each other.

Steps 5-6: RO Establishment

This part describes how to establish a Routed Out (RO) connection between MN and CN:

MN → CN: In this step, the source IP of MN is set to CoA (Carrier Address Option), which is typically used for mobility, while the destination IP is set to HoA (Home Address Option). This allows applications to see MN as using HoA, not CoA. This setup avoids ingress filtering issues because routers see CoA as the source.
CN → MN: In this step, the destination IP of CN is set back to CoA, and a Type 2 Routing Header (RH2) is used. The RH2 replaces the destination IP with HoA for upper layers. This allows applications to see MN as using HoA, not CoA.

Security Notes

This part explains why RRP (Request Reusing Protocol) was chosen instead of IPsec:

Binding between MN and HA: IPsec is a strong authentication protocol that requires every CN to support it, which may not be feasible in all scenarios.
Binding between MN and CN: RRP is simpler and sufficient for this use case. It prevents man-in-the-middle attacks by ensuring that only trusted devices can establish the connection. Additionally, RRP avoids the need for every CN to support IPsec.

RRP design rationale

Prevents man-in-the-middle attacks: By requiring each CN to support RRP, it's more difficult for an attacker to intercept and manipulate traffic.

Prevents bogus binding updates: RRP ensures that only trusted devices can establish the connection, preventing malicious updates from being sent.

Avoids need for every CN to support IPsec: With RRP, each CN only needs to support the basic protocols (e.g., RDP), which is easier and more cost-effective than supporting additional security features like IPsec.

VISUALIZING RO

Step 1: Establish RRP

Step 2: Direct Data Flow

Routers forward based on CoA (current location).

Upper layers see HoA.

Key Insights

RO improves efficiency dramatically, especially for local communication.

RRP prevents attacks while avoiding heavy IPsec usage.

IPv6 extension headers allow transparent mobility:

Home Address Option
Type 2 Routing Header

Binding lifetime: MN must periodically refresh binding updates to CNs.

RO is optional: CNs not supporting RO still work with bidirectional tunneling.

Mobile IP Practical Issues

Before diving into host models, let’s discuss some limitations of Mobile IP:

Mobile IP is designed for mobility where the IP changes while link-layer connectivity remains stable.
This scenario is uncommon for laptops, which usually shut down or sleep when moving.
It is more relevant for smartphones and IoT devices that stay connected continuously and run real-time apps (VoIP, video streaming).

To reduce latency and improve handover speed, several extensions exist:

Host Processing of IP Datagrams

Unlike routers, which forward blindly based on destination, hosts must:

Choose the correct Source IP address when sending.
Decide whether to accept datagrams arriving at an interface.

This is especially tricky for multihomed hosts (hosts with multiple interfaces/IPs).

HOST MODELS: STRONG VS WEAK

A host model defines how a host decides whether to accept incoming packets and which source address to use when sending.

I. Strong Host Model

The Strong Host Model is a security protocol that ensures datagrams (short for datagrams, which are packets of data) can only reach their intended destination if their source IP address matches an address on the receiving interface. In other words, this model requires that the sender's network is trusted to deliver its traffic to the recipient.

Here's how it works:

When a datagram arrives at the Strong Host Model, it checks the destination IP against the address assigned to the interface where the datagram was sent.
If the destination IP matches an address on the sending interface, the datagram is accepted and delivered to the recipient.
The receiving interface can then forward the data to its final destination.

The benefits of the Strong Host Model include:

Security: Prevents IP spoofing attacks from outside networks by ensuring that only traffic intended for a specific host arrives at that network. This reduces the risk of malicious packets being accepted as legitimate traffic.
Flexibility: Allowing senders to use any local address on their interface, which can improve network flexibility in multi-path scenarios.

However, the Strong Host Model also has some drawbacks:

Drops perfectly valid packets: If a packet arrives on an unexpected interface, it may be dropped or delivered with errors, as the sender's security checks are triggered and the datagram is rejected.
Reduces network flexibility: The Strong Host Model can make it more challenging to implement load balancing and multipath routing, which are essential for modern networking architectures.

Strong Host Model prioritizes security and flexibility by ensuring datagrams only reach their intended destination if their source IP address matches an address on the receiving interface. However, it can reduce network flexibility in multi-path scenarios and has some drawbacks related to security and application correctness.

II. Weak Host Model

The Weak Host Model is an alternative security protocol that allows a host to send datagrams from any interface, regardless of the destination IP address. In other words, this model requires that the receiving network trusts the sender's traffic.

Here's how it works:

When a datagram arrives at the Strong Host Model, it checks only its own source IP address against the destination IP address.
If the source IP matches an address on the sending interface, the datagram is accepted and delivered to the recipient.
The receiving interface can then forward the data to its final destination.

The benefits of the Weak Host Model include:

Increased network flexibility: Allowing senders to use any local address on their interface, which can improve network flexibility in multi-path scenarios.
Good for environments with multiple networks per host: This model is particularly useful when a single device has multiple networks associated with it.

However, the Weak Host Model also has some drawbacks:

Weaker security: Malicious packets arriving on unexpected interfaces may be accepted and delivered to their intended destination, reducing the overall security of the network.
Applications may mistakenly trust traffic as local: If an application trusts traffic from a specific host even if it's not the intended recipient, they may incorrectly assume that the data is legitimate.

The Weak Host Model, on the other hand, increases network flexibility but weakens security and may lead to applications mistakenly trusting traffic as local.

III. Real-World Example (Figure 5-20)

Scenario: Two hosts (A and B) connected via Internet + local network.

Strong host model (Host A):

Drops packets if destination IP arrives on the wrong interface.
Ensures security but may discard valid traffic.

Weak host model (Host B):

Accepts packets arriving on any interface as long as destination IP matches.
Maximizes connectivity but opens security risks.

Observation: A weak host may send packets over a local network for efficiency, but the strong host may reject them due to its stricter rules.

IV. Security Motivation

The strong host model is primarily about mitigating IP spoofing:

Attack scenario:

Attacker sends a packet destined for 203.0.113.2 but spoofs source 203.0.113.1.
On a weak host, the application might trust the source as local traffic.
Could lead to unauthorized access or privilege escalation.

Strong host prevents this because it binds IP addresses to the interfaces.

V. Platform Defaults

Windows configuration (IPv4/IPv6):

<ifname>: interface name
X is either 4 or 6 (IPv4 or IPv6)
enabled|disabled: enable or disable weak behavior

VI. Implications for Mobile IP & Multihomed Hosts

Mobile nodes often have multiple interfaces (Wi-Fi, LTE).

Strong host model ensures security but may drop roaming packets.

Weak host model allows seamless delivery but requires application-level checks.

Routing decisions at the host layer are intertwined with:

Forwarding table entries

Address selection algorithms (RFC3484)

Mobile IP benefits from careful host model selection:

Weak hosts: smoother mobility, but security trade-offs

Strong hosts: safer, but may require additional mechanisms (RO, HA assistance) for uninterrupted sessions

✅ Key Takeaways

Host model is critical for multihomed and mobile hosts.

Strong vs Weak affects packet acceptance, source selection, and security.

In real-world networks, you balance connectivity vs security, often based on device type (e.g., smartphone vs server).

Windows allows explicit configuration; Linux defaults to weak behavior.

WHY ADDRESS SELECTION MATTERS

The fundamental reason address selection is crucial boils down to routing and communication stability.

When a host sends an IP packet, it needs to figure out where to send it to reach its intended destination.

The choice of source and destination IP addresses is the single point of failure in the network.

Here's a more detailed explanation:

Source IP Address – The Home Base

The Task: The host’s IP address is its identity. It’s the address that indicates where the host is originating from.
The Problem with a Single Point of Failure: If a host sends a packet with the wrong source IP, the entire traffic flow can be disrupted. Imagine a delivery truck where the driver is misdirected – chaos ensues.
Why it Matters: The source IP is essential for establishing the routing path. It tells the network where to send the packet towards the destination. Without it, the packet gets lost or misinterpreted.

Destination IP Address – The Final Destination

The Task: The host needs to send the packet to a specific remote host.
The Problem with a Single Point of Failure: If the host's destination IP is wrong, the packet will be dropped before it gets to its target.
Why it Matters: The destination IP is exactly what the packet is intended to reach. It’s the address to which the packet should be routed.

The Complications Introduced by Modern IPv6

Let's unpack the complexities that arise with IPv6 due to its multiple addresses per interface and the dual-stack scenario (IPv4 + IPv6):

Multiple Addresses per Interface (IPv6): In IPv6, a single physical interface (like a network card) can have multiple IP addresses. This is because IPv6 allows for addresses to be assigned to different purposes or networks simultaneously. It’s like a physical mailbox with multiple addresses for each day.
Dual-Stack (IPv4 + IPv6): This is a very important concept. IPv4 and IPv6 are designed to coexist. The network uses both protocols at the same time. The host must be able to handle both IPv4 and IPv6. This means the host will often send packets with both an IPv4 and IPv6 address.

Incorrect Selection Leads to Problems (The Chaos Chain):

Asymmetric Routing: This is the most significant challenge. Because the host can send both IPv4 and IPv6 addresses, the network's routing system might interpret the source IP as both. This creates a mismatch between the intended route and what the network sees. The packets aren’t routed correctly, causing routing loops and miscommunication.

Packet Filtering/Discard: Firewalls can be tricked into dropping packets that are meant to be forwarded to a destination that's misconfigured or doesn't match the expected IP address.

Connection Failures (TCP/Mobile IP): TCP (Transmission Control Protocol) and Mobile IP are complex protocols. If the host's source and destination IP addresses are mismatched during connection establishment or maintenance, the connection can fail. This can be particularly problematic for long-running connections where the data has to be exchanged over a sustained, stable path.

Historical Context – A Quick Glance

Early Internet (1980s): IPv4 was the dominant protocol. Each host had a single, static IP address. The selection of the source and destination was very straightforward.

Modern IPv6 (1990s - Present): IPv6 emerged to address the limitations of IPv4. The key innovation was multiple addresses/scopes per interface, and the need to support dual-stack.

Scopes in IPv6:

Addresses also have lifecycles: preferred vs deprecated.

Mobile IP introduces HoA (home address) and CoA (care-of address), which also factor into selection.

RFC 3484: DEFAULT ADDRESS SELECTION

RFC 3484, known as Default Address Selection, is a standardized algorithm for determining the appropriate address for a connection in IPv6 networks.

This crucial standard establishes a fundamental method for selecting the default address, a critical component in defining the network’s address space.

The algorithm centers around a Policy Table, which serves as the core of the selection process. This table dictates the order in which prefixes are assigned, and crucially, defines precedence relationships.

Prioritizing prefixes is essential; prefixes with higher precedence are assigned first, indicating a higher degree of importance.

The algorithm leverages Labels – distinct groupings of address types – to further refine the selection process.

Specifically, labels are used to group similar address types together.

The algorithm prioritizes matching labels for source/destination pairs – meaning that if two prefixes share the same label, the one with the higher precedence is favored.

Default host policy table:

Notes:

The loopback interface, ::1/128, has the highest priority.
The default global addresses are ::/0.
2002::/16 represents 6to4 addresses.
ffff:0:0/96 is an IPv4-mapped address, which is the least preferred.

FUNCTIONS USED IN SELECTION ALGORITHM

1. CPL(A, B) – Common Prefix Length

CPL refers to the number of leading bits that are the same between the addresses A and B.

A longer common prefix means the addresses have more identical leading bits, which makes them more preferred.

2. S(A) – Scope of Address A

S tells us how large the numeric value of address A is.

A larger numeric value means a larger scope – a larger range of addresses it can represent.

Link-local addresses are smaller scopes (like 169.254.x.x), while private addresses are larger (like 127.x.x.x).

3. M(A) – Mapping IPv4 to IPv6

M takes an IPv4 address and maps it into an IPv6 address.

It’s like translating an address from one system to another.

For example, 169.254.x.x becomes a link-local address (like a private IP).

127.x.x.x becomes a loopback address (like a private IP).

4. Λ(A) – Lifecycle of Address A

Λ describes how the address A is treated over time.

It’s important to avoid deprecated addresses (like 192.168.1.1) in the selection process.

5. H(A) / C(A) – Home/Care-of Address

H/C refers to this specific type of address, only relevant for Mobile IP networks.

It’s a special kind of address that's designed for mobile devices.

In simple terms: These notes explain how different concepts related to address selection and handling are used to ensure the correct address is chosen for a particular situation. They’re all about prioritizing and managing addresses effectively.

THE CORE IDEA: PRIORITIZING CONNECTIVITY AND EFFICIENCY

The goal of this process is to figure out the best way to send data – choosing the source and destination IP addresses that will work most effectively, minimize interference, and adhere to network policies. It’s all about making routing decisions that maximize quality of service (QoS).

I. How the Algorithm Works – A Step-by-Step Guide

The algorithm uses a combination of rules to guide its selection:

Scope Matching (Λ(A) < Λ(B)): It compares the “scope” of each address. Scope refers to the range of addresses it can represent. If two addresses have a larger common prefix, they’re considered more closely related and prioritized.

Avoid Deprecated Addresses (Λ(A) < Λ(B) →): It actively avoids using old, outdated IP addresses – these can cause problems and should be avoided. This is a crucial step for maintaining network stability.

Longest Prefix Match (H(A) / C(A)): It examines the longest common prefix (the shared part) between the source and destination addresses. The longer the prefix, the stronger the connection.

Temporary Addresses (HoA / CoA): It considers temporary addresses – these are designed for mobile devices and don’t have permanent configurations. They’re used for situations where the connection is evolving.

Global vs. Temporary: For external communication (like sending to a website), the algorithm prefers global addresses (like IPv4) because they have a wider range of options.

Label Matching (L(S) = L(D)): This ensures that if two addresses have the same label (a unique identifier), they are considered equal. This helps to maintain a consistent routing structure.

II. Dual-Stack / IPv4 vs. IPv6 Considerations

Dual-Stack Hosts: These hosts support both IPv4 and IPv6. They need to decide which protocol (IPv4 or IPv6) is best for the connection, based on factors like the destination's requirements and network policies.

IPv6 Complexity: IPv6 has more complex address ranges, so the algorithm must be more cautious to avoid issues.

Choosing the Right Protocol: The algorithm will favor IPv4 if it’s a better fit for the particular scenario.

Addressing Conflicts: If two addresses have the same global address, it’s problematic, and the algorithm will either drop the packet or use a temporary address.

III. Mobile IP Impact

Home Address (HoA): The primary address for the host's identity in the mobile network.

Care-of Address (CoA): The address that changes when a user moves to a new location.

Prioritization: The algorithm prioritizes binding updates and traffic flows by carefully considering these addresses.

Example: When sending from a CoA, the destination CN receives the global address, but the MN's HoA carries in the CoA.

IV. Key Insights

Address Selection is a Multi-Factor Process: It’s not just about choosing an IP address; it’s about a complex decision-making process involving scope, address relationships, and network policies.
Policy Tables and Precedence: The algorithm relies on "policy tables" – set of rules – which determine the decision-making process. Prioritization is key.
RFC3484: This standard ensures that all aspects of address selection are consistent and predictable, especially when dealing with IPv6 and IPv4 dual-stack environments.

In short, the algorithm is a smart way to figure out how to route traffic, balancing connectivity, stability, and network requirements.

SOURCE ADDRESS SELECTION

Imagine your computer has a bunch of IP addresses on different interfaces.

When you want to send a packet to a destination D, the system creates a candidate set CS(D) of possible source addresses.

Some quick rules about this set:

Excluded addresses: Anycast, multicast, or unspecified addresses are never candidates.

Ranking: Each address A in the candidate set gets a rank R(A). Higher rank = more preferred as the source.

Notation:

I(D) → the interface used to reach destination D.
@(i) → all addresses assigned to interface i.
T(A) → true if A is a temporary address (like for privacy).

How the algorithm picks a source address

The algorithm compares pairs of addresses A and B and applies these rules in order:

Prefer the same address: If A = D, pick A. Simple!
Prefer appropriate scope: Choose addresses whose scope (link-local, global, etc.) matches the destination.
Avoid deprecated addresses: Don’t use addresses that are flagged as outdated.
Prefer home address: If an address is your home address (like in Mobile IPv6), prefer it over care-of or temporary addresses.
Prefer outgoing interface: Pick addresses assigned to the interface that actually reaches D.
Prefer matching label: If A’s label matches D’s label, it’s preferred.
Prefer non-temporary addresses: Unless privacy is required, use permanent addresses first.
Longest matching prefix: Pick the address whose network prefix matches the destination most closely.

After applying all these rules, the highest-ranked address is selected as the source, called Q(D). If no candidate works, the algorithm returns null (no source address found).

Destination Address Selection

Now, let’s flip it around: sometimes your system has multiple potential destinations. How do we pick the best one?

We use a similar ranking system, with a set of rules for destination selection. Let SD(S) be the set of destinations available for source S.

Here’s the breakdown:

Avoid unusable destinations: Skip destinations that aren’t reachable or don’t have a valid source.
Prefer matching scope: Choose destinations with the same scope as the selected source address.
Avoid deprecated destinations: Don’t pick outdated destination addresses.
Prefer home addresses: Similar to source selection; home addresses are preferred when available.
Prefer matching label: If the destination’s label matches the source, pick it.
Prefer higher precedence: Addresses with higher precedence (priority) are chosen.
Prefer native transport: Avoid destinations that require tunnels if a native route is available.
Prefer smaller scope: Pick addresses closer to the local network if applicable.
Longest matching prefix: Choose the destination whose prefix matches the source address most closely.
Otherwise: Keep the current rank order.

Just like with source selection, after applying these rules, the highest-ranked destination is selected.

Note About IPv6 ULAs

ULAs (Unique Local Addresses) are IPv6 addresses meant only for private networks.
The updated rules (RFC 3484 revisions) handle these carefully, so ULAs don’t accidentally get chosen for global communications.

How it all works

Source selection: Pick the best source address from your available IPs based on scope, interface, label, and other preferences.
Destination selection: Pick the best destination from possible options based on reachability, scope, precedence, and matching with the chosen source.
Goal: Make sure your packet has the most logical source-destination pair without you having to manually pick IPs.

Think of it like your computer playing matchmaker: it evaluates all its addresses and potential destinations and chooses the combination most likely to work reliably.

IP PROTOCOL – ATTACKS, FORWARDING, AND HOST BEHAVIOR

ATTACKS INVOLVING IP

IP is a fundamental network protocol, and many attacks exploit header fields, options, or implementation bugs.

HISTORICAL ATTACKS

Malformed header attacks

Early routers could crash or misbehave if fields like Version, Header Length, or Total Length were invalid.

Example: IHL too short or version number invalid.

Modern routers mostly ignore or strip IP options → these attacks are less relevant today.

Fragmentation attacks

Exploit how fragmented datagrams are reassembled.

Attackers could overlap fragments, causing buffer overflows or CPU exhaustion.

Mitigation: modern OSes use safe reassembly algorithms, limits on fragments ([RFC1858], [RFC3128]).

IP Spoofing

Attacker forges the source IP address in packets.

Impact:

Bypass access controls that rely on IP addresses.
Pretend to be another host on the local network or the Internet.

Mitigation:

Ingress filtering ([RFC2827], [RFC3704]): ISPs block packets with invalid source IPs.
Limiting source address ranges reduces spoofing possibilities.

IPv6-Specific Attacks

IPv6 introduces extension headers for flexibility but also potential vulnerabilities:

Routing header type 0: allowed an attacker to force packets through chosen paths → deprecated.
Spoofing source addresses or extension headers can manipulate routing.

Firewall countermeasures: must inspect extension headers without breaking legitimate traffic (e.g., Mobile IPv6).

Key insight: security features in IPv6 are more flexible, but misconfiguration can lead to new attack vectors.

IP FORWARDING

IP forwarding is how packets are moved from source to destination across networks.

Hop-by-Hop Forwarding

Destination IP never changes, only the link-layer address and encapsulation on each hop.

Routers use forwarding tables and the longest-prefix match algorithm to select the next hop.

Default routes are often sufficient for simple networks: if no match, forward via default gateway.

Mobile IP Forwarding

Mobile IP allows a host to maintain a permanent home address while moving across networks.

Mechanism: traffic tunneled via a home agent.

Optional route optimization: direct communication between mobile node and correspondent host.

Challenge: balancing security, routing efficiency, and latency in updates.

HOST MODELS

The host model affects how IP datagrams are sent and received.

Strong Host Model

Each interface only sends/receives packets with its own assigned addresses.

Pros: stricter security, predictable routing.

Cons: some multi-homed scenarios are restricted.

Weak Host Model

Interfaces may send/receive packets not strictly assigned to them.

Pros: more flexible, supports multi-homed and mobility use cases.

Cons: can increase vulnerability to attacks (e.g., spoofed packets).

Address Selection

With multiple interfaces or multiple IPv6 addresses:

Preference for limited-scope addresses (link-local, site-local).

Preference for permanent vs temporary addresses.

Proper selection impacts routing efficiency and security.

SUMMARY OF SECURITY CONSIDERATIONS

Key insight: IP-level attacks exploit flexibility and historical weaknesses, but modern implementations combine filters, secure defaults, and ingress checks to mitigate risks.

IPv4 vs IPv6 headers

IPv6 simplifies and strengthens IP: fixed header, larger addresses, no checksum, endpoint fragmentation.

Only field in common: 4-bit Version → dual-stack translation needed.

Forwarding

IP is hop-by-hop; destination IP unchanged, link-layer changes.

Mobile IP adds tunneling and optional route optimization.

Host behavior

Strong vs weak models affect security and multi-homing/mobility.

Address selection is crucial in IPv6 for routing efficiency.

Security

Spoofing, fragmentation, and option/header abuse are primary attack vectors.

Modern networks mitigate via ingress filtering, safe reassembly, firewall rules, and careful IPv6 configuration.