Mobile IPv6 with Linux
MIPL consists of two components: a kernel-space component, in the form of a kernel patch, and a user-space component, in the form of a Mobility Dæmon (mip6d). The dæmon implements most of the functionality. It discovers location, detects movement, sends and processes BUs and maintains the BC. The MIPL patch provides the kernel support required for the dæmon to perform those functions. The MIPL patch adds, for example, support for the Mobility Header protocol (MH), which is the IPv6 extension header that transports BUs and Binding Acknowledgments (BAs) and other binding-related messages. In addition to the MIPL package, we'll need to install the Router Advertisement Dæmon (radvd), as MIPv6 relies on the auto-configuration provided by router advertisements to detect movement and configure CoA addresses among other mobility-related tasks.
To explore the basic operation of MIPv6, let's use MIPL to create a simple MIP network consisting of two MIPL-patched Linux machines: a router, called denali, and a laptop, called raven. The laptop is a typical x86 machine that has a single 802.11b wireless interface and will be our MN. The router is a fanless, headless, single-board computer (Soekris Net4521) that has two 802.11b wireless interfaces, each hosting a different wireless network (ESS/Extended Service Set) and a different subnet. One router interface will be acting as the HA, and the other will be acting as a visited (foreign) network. Figure 1 shows the two machines used, and Figure 2 shows the logical setup.
For simplicity, let's leave out advanced configurations, such as IP Security (IPsec) and Route Optimization (RO), and establish only the most basic MIP setup. We'll not use a standalone CN.
Installing the kernel part of MIPL for both the HA and the MN is exactly the same. First, download the kernel source tree against which the latest MIPL patch was taken (2.6.16, in my case), and patch it with the MIPL patch (version 2.0.2, in my case). Configure the kernel with the features needed for each machine, ensuring that the following configuration features are included (the script chkconf_kernel.sh, included in the MIPL user space tarball, can do the checking for you):
NET_KEY, NET_KEY_MIGRATE, XFRM and XFRM_USER XFRM_ENHANCEMENT: those add Internet Key Exchange (IKE) support that is needed for dynamically configuring IPsec. IPsec can be used optionally to secure MIPv6.
IPV6_MIP6: this adds support for the Mobility Header (MH) protocol and the other IPv6 protocol extension headers MIPv6 demands.
IPV6_ADVANCED_ROUTER: this enables the selection of advanced routing capabilities, such as policy routing.
IPV6_MULTIPLE_TABLES: this adds support for policy routing, an advanced routing feature that enables routing based on fields other than the destination address.
IPV6_SUBTREES: this adds source routing support, which is needed for sending traffic directly to the Mobile Node (without passing through the Home Network) when MIP is operating the Route Optimization (RO) mode.
IPV6_TUNNEL: IPv6 in IPv6 tunnel, which is needed for the HA to MN communication.
Build, install and reboot into the new kernel:
[raven]# wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.16.tar.bz2 && tar -jxf linux-2.6.16.tar.bz2 && gzip -d mipv6-2.0.2-linux-2.6.16.patch.gz && cd linux-2.6.16 && patch -p1 < ../mipv6-2.0.2-linux-2.6.16.patch && make menuconfig [raven]# make && make install
To build the Mobility Dæmon, follow the steps you would do for any autotools built package: unzip, untar, cd to the directory of the package, ./configure, make and then make install (read the included INSTALL document for the details). Follow the same procedure for building and installing the Router Advertisement Dæmon, radvd. With that finished, you should have both MIPL components (kernel and user-space) and radvd installed, and you now are ready to start configuring.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
- Considering Legacy UNIX/Linux Issues
- Cluetrain at Fifteen
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- New Products
- Getting Good Vibrations with Linux
- Memory Ordering in Modern Microprocessors, Part I
- Tech Tip: Really Simple HTTP Server with Python
- RSS Feeds
- Security Hardening with Ansible
- diff -u: What's New in Kernel Development