cc/td/doc/product/access/mar_3200
hometocprevnextglossaryfeedbacksearchhelp
PDF

Table Of Contents

Static and Dynamic Network Configuration

Static Networks

Timers

Preferred Path

Hold Down

Registration

Routing

Home Agent Component

Static Network User Interface Commands

no ip mobile router Command

Basic Configuration Examples

Maritime Configuration Example

Dynamic Networks

Mobile Access Router Operation

Home Agent Operation

Foreign Agent Operation

Related Commands

Configuration Example


Static and Dynamic Network Configuration


This chapter describes:

Static Networks

Dynamic Networks

Static Networks

The mobile access router can be part of a static network or a dynamic network. A static network supports stub routers only and allows a mobile access router to roam about, behaving like a mobile node. The home agent treats this mobile node as a mobile access router. The home agent adds the mobile access router networks to the routing table when the mobile access router is registered.

Figure 6-1 Basic Mobile Access Router Configuration

The home agent functionality consists of the following:

When the mobile access router is registered, mobile access router networks are added to the routing table and a tunnel interface between home agent and mobile access router is created

Packets destined for mobile access router networks are encapsulated by the home agent

Mobile access router functionality consists of the following:

Configuration of the home agent address and registration parameters, as well as the interfaces used for roaming

Agent solicitation, if configured

Registers to its home agent (retransmit if no reply received)

Registers when a better interface comes up

Re-registers before the lifetime expires

When the mobile access router is brought up, it is in unknown state. After it receives agent advertisements, it determines if it is at its home or away from its home. It is at home when the source of the advertisement is on its home network, and it behaves like a normal router. When the mobile access router is roaming, it does not send any routing updates on its roaming interfaces. It sends a registration request through the learned foreign agent, to its home agent.

After mobile access router sends registration request, it goes into Pending state. If the registration is accepted by the home agent, the mobile access router is registered. If registration is denied, the mobile access router tries to register through another foreign agent.

Table 6-1 Mobile Access Router States

State
Description

Home

Connected to home network.

Registered

Registered on foreign network.

Pending

Sent registration request and is waiting for the reply.

Isolated

Isolated from network.

Unknown

Can not determine its state.


Agent advertisements are ICMP Router Discovery Protocol (IRDP) messages which convey Mobile IP information. The advertisement contains the IRDP lifetime (the number of seconds that agent is considered valid). It also contains the care-of address (CoA), the point of attachment on foreign network, and supported services such as Generic Routing Encapsulation (GRE) , reverse tunnel, and so forth.

There are two modes of operation:

Periodic advertisements by agents

Periodic solicitations by mobile access router

For periodic advertisements, the mobile access router knows that the agent is up as long as it hears the advertisements from the agent. When IRDP lifetime expires, agent is considered the mobile access router disconnected (interface down, out of range, or agent down) and the mobile access router removes the agent from its agent table.

For periodic solicitations, the IRDP lifetime is 0. The mobile access router sends solicitations based on the user configured interval. If no advertisement is heard after a period of 3 times the interval, the mobile access router considers that agent to be disconnected.

When does mobile access router send out agent solicitations?

To learn about foreign agents quickly, the mobile access router sends agent solicitations when the roaming interface comes up or when the interface is configured for roaming. Otherwise, the mobile access router only sends agent solicitations when it is configured for periodic solicitation.

What does mobile access router do when it hears an agent advertisement?

It gathers two pieces of information: agent availability and registration service. The mobile access router maintains an agent table containing a list of active agents. This is used to decide which agent with which to register. When the mobile access router registers, it fills in the request with CoA, lifetime, and service flags based on the received advertisement. If there are multiple CoAs, the mobile access router uses the first one in the advertisement.


Note The agent advertisement includes the IRDP lifetime and the registration lifetime. The IRDP lifetime indicates to the mobile access router how long the advertisement is valid. The registration lifetime specifies the duration of a registration for which mobile access router can attempt to register.


How does mobile access router decide which agent to use?

The mobile access router maintains an agent table based on received advertisements. Since only one agent is active, either the mobile access router is registered through a foreign agent or it is at home, connected to its home agent. The mobile access router chooses the agent by using the following criteria:

Agents heard on same interface, the mobile access router selects most recently heard agent

Agents heard on different interfaces, the mobile access router selects agent on preferred interface

When does mobile access router send registration request?

The mobile access router sends registration requests to the active foreign agent. The following events trigger a request:

When movement from one foreign agent to another is detected

A foreign agent reboot is detected

The mobile access router is isolated and hears a foreign agent

A better foreign agent is learned

Active foreign agent ages out and other foreign agents exist

Re-registration of an active session

Recovery from denials due to mismatched ID (133) or lifetime too long (68)

The hold down period for a foreign agent expires

The interface connected to an active foreign agent goes down while other foreign agents exist

The mobile access router configuration (registration lifetime, home agent address) changes

When does mobile access router delete agent from table?

The mobile access router removes the learned agent from the table when:

An agent advertisement ages out

An active foreign agent does not respond to a registration request

A denied registration reply which is not mismatched ID (133) nor lifetime too long (68) is received

The interface where the agent was learned goes down

Roaming on an interface where the agent was learned is deconfigured

A user deconfigures the mobile access router

A user manually clears an agent by using the command line interface

Timers

There are 5 timers: agent solicitation, agent advertisement, registration, lifetime, and hold down.

The agent solicitation timer is for the periodic transmission of solicitations. By default, the timer is off. But if an interface is configured for solicitation, the mobile access router solicits advertisements until an advertisement is received. Then the mobile access router sends solicitations at regular intervals.

The agent advertisement timer is for aging out received advertisements. When advertisement is received, the timer is started based on the IRDP lifetime. As subsequent advertisements arrive, the mobile access router restarts the timer. When the timer expires, it means agent has not been heard for awhile, and the agent is removed from the table.

The registration timer sets the periodic transmission of registration requests. The mobile access router registers when this timer expires. It attempts to register until a reply is received. Then the mobile access router sends a request before the registration lifetime expires.

The registration lifetime timer is used for aging out registration when the lifetime has expired. When it is accepted, registration reply is received, and the timer is started based on granted lifetime. As subsequent replies arrive, the mobile access router restarts the timer. When the timer expires, the registration is deleted.

The hold down timer expires when an interface is no longer in hold down mode. By default, the timer is off. But if the interface is configured for hold down, the mobile access router waits for timer to expire before using agents learned on the interface.

Preferred Path

The mobile access router sets a preference for an agent based on which interface the advertisement received. If more than one interface receives agent advertisements, the one with higher roaming priority value is preferred. If multiple interfaces have the same priority, the highest bandwidth is preferred. If interfaces have same bandwidth, the highest interface IP address is preferred. The mobile access router send registration requests to the preferred foreign agent and deregistration to preferred home agent.

Hold Down

The mobile access router waits for the hold down period to expire before using an agent. This avoids prematurely registering to a better agent on a weak wireless link. The mobile access router makes sure that link is reliable for a period of time before committing to using that agent.

Registration

After agent discovery, the mobile access router registers with an foreign agent or deregisters to its home agent. When mobile access router is in a foreign network, it can register in one of the following modes:

Foreign agent CoA

Collocated CoA

The foreign agent CoA mode is when mobile access router sends a registration request (using advertised CoA) to a foreign agent, which relays a request to the home agent, which process it and sends a reply back to the foreign agent, which relays reply to mobile access router. The routing path between the home agent and the foreign agent (CoA) is set up after registration is successful.

The collocated care-of address (CCoA) mode is when mobile access router gets an address in the foreign network and sends a registration request (using the address assigned to the mobile access router as collocated CoA) directly to the home agent, which process it and sends a reply back to mobile access router. The routing path between the home agent and the mobile access router (collocated CoA) is set up after registration is successful.

When the mobile access router detects that it is at home, it sends a deregistration request to its home agent.

The following events trigger a registration:

A foreign agent advertisement is received, and the mobile access router has a reason to register

An active foreign agent advertisement (IRDP lifetime) expired, and the mobile access router chooses another learned foreign agent to register

The registration timer expired due to the retransmission or lifetime aging

Recovery from the home agent, which replied with a denial due to a mismatched ID

Recovery from a foreign agent, which replied with a denial due to lower lifetime

After mobile access router configuration, the mobile access router has enough information and reason to register with the most reliable foreign agent

The reasons registration is needed are as follows:

Movement is detected

A foreign agent reboot detected

The mobile access router is isolated

A better interface has a reliable foreign agent

The mobile access router is on foreign network without an active foreign agent

The mobile access router is on home network when it has active foreign agent

When a registration reply is received, the mobile access router processes it if the home address field equals its own home address. The mobile access router finds the request in the registration table that corresponds to the reply. It authenticates the reply and sets up a routing path between the home agent and the mobile access router. Also, it creates a default route through the foreign agent.

Routing

There is a tunnel between the home agent and the CoA, and another tunnel between the home agent and the mobile access router.

How do packets reach devices on mobile networks?

On the mobile access router, there is one tunnel between the home agent and the mobile access router. Packets from the home agent that arrive at the mobile access router through the tunnel are decapsulated and forwarded to the destination device on the mobile access router mobile network.

How are packets from devices on mobile networks routed?

By default, the mobile access router creates a default route through the foreign agent. So packets from devices arrive at the mobile access router, and it forwards the packets to the foreign agent by default, based on a routing decision. Routing fails if networks between the endpoints have ingress filtering that drops topologically incorrect packets or the mobile network uses private addresses.

Using a reverse tunnel, the mobile access router creates a default route through the tunnel, between the home agent and the mobile access router and a host route to the home agent through the foreign agent. So packets from devices arrive at the mobile access router, that encapsulates the packets before sending them to the foreign agent. Reverse tunnel using direct delivery style is supported. This results in packets going back to mobile access router home network, though ingress filtering is avoided and a private mobile network can be supported.

How are routing protocols affected?

When the mobile access router is at home, all routing protocols behave normally. When mobile access router is roaming, it does not propagate any routes out interfaces that are configured for roaming.

Can mobile network be split?

First, we advised that the mobile network exist on one non-roaming interface of the mobile access router. In the unavoidable case where mobile network is on a roaming interface, it is mandatory that all nodes exist on the mobile network of the mobile access router and that none exist on the home agent. Otherwise, the routing table on the mobile access router prevents communications between nodes, that are disjointed (one on the home agent and one on the mobile access router) while roaming. The mobile access router has a connected route to the mobile network and forwards packets out of its interface.

Home Agent Component

The additional information a home agent needs for a mobile host that supports mobile networks is which networks should be injected into the routing table when registered.

The following data structures are needed:

Mobile network group

Mobile network

Registration

The home agent processes the registration request from a mobile access router the same way as a mobile node. The only difference is that an additional tunnel to the mobile access router is created and mobile networks are added to the routing table with next hop being the mobile access router. Packets to mobile networks are encapsulated twice.

How do packets reach devices on mobile networks?

On the home agent there are two tunnels. One tunnel is between the home agent and CoA. The other tunnel is between the home agent and the mobile access router. When a central office node sends a packet to a node on the mobile network, it arrives on the home agent.

The packet destined for mobile access router network is encapsulated with the home agent/mobile access router tunnel header, then encapsulated with the home agent/CoA tunnel header. The packet arrives on the foreign agent, which decapsulates the outer home agent/CoA tunnel header and forwards the packet to the mobile access router, which performs another decapsulation to deliver the packet to the destination.

How are packets from devices on mobile networks routed?

By default, packets from devices arrive at the mobile access router, which forwards them to the foreign agent, which routes them normally.

In the case of a reverse tunnel, packets from devices arrive at the mobile access router, which encapsulates them before sending them to the foreign agent, which encapsulates the packets and sends them to the home agent. The home agent decapsulates packets and routes them to its networks.End User Interface

Static Network User Interface Commands

The mobile access router is a router that operates as a mobile node defined in Mobile IP specification, which allows a router to roam away from its home network and still provide connectivity for devices on its networks. For static network support, these mobile networks are locally attached to the router.

no ip mobile router Command

To enable the mobile access router and enter mobile access router configuration mode, use the ip mobile router command in global configuration mode. To disable the mobile access router, use the no form of this command.

The address subcommand configures the mobile access router home IP address and subnet mask. The address is used to register the mobile access router with the home agent. The address and subnet mask identifies home network and is used to discover when mobile access router is at home.

The home-agent subcommand tells the mobile access router which home agent to use during registration and detect when it is home. The priority level determines which is the home agent address to register with—although all addresses are on the same home agent. The home agent address list is used to detect when mobile access router is home; when the mobile access router receives an agent advertisement with IP source address on the list.

The redundancy subcommand provides fault tolerance by selecting one mobile access router in the group name to provide connectivity for the mobile networks. This is the active mobile access router. The passive mobile access routers wait until the active mobile access router fails before a previously passive mobile access router is changed to active mode. Only the active mobile access router registers and sets up the routing for the mobile networks. The redundancy state is either active or passive.

The registration subcommand controls the following mobile access router registration parameters:

The registration extend command re-registers the mobile access router before the lifetime expires. The expire parameter is number of seconds to send registration request before expiration. The default is 120 seconds. The range is 1 to 3600. If no reply is received, mobile access router sends another registration request after the interval expires. The default is 10 seconds. The range is 1 to 3600. The mobile access router stops after the maximum number of retries are attempted. The default number of retries is 3. The range is 0 to 10. Zero means no retry.

The registration lifetime command specifies the requested lifetime of each registration. The smallest value between the configured lifetime and the foreign agent advertised registration lifetime is used. The default is 65534 to ensure that the advertised lifetime is used, excluding infinite. The range is between 3 and 65535 seconds (which represents infinite). It is possible for the home agent to grant a lifetime that is shorter than the lifetime requested by the mobile access router.

The registration retransmit command determines how to respond to retransmissions when no reply received and the mobile access router is not registered with the foreign agent. The initial parameter specifies how long to wait the first time before retrying when no reply is received. The default is 1000 milliseconds (1 second). The range is 10 to 10000 milliseconds (10 seconds). Each successive retransmission timeout period is double the previous period. This continues until the period reaches the the maximum value. The default is 5000 milliseconds (5 seconds). The range is 10 to 10000 milliseconds (10 seconds). Retransmission stops after the maximum number of retries attempted. The default retry is 3. the range is 0 to 10 retries. Zero means no retransmission.

The reverse-tunnel subcommand enables reverse tunnel function. Only foreign agents that advertise reverse tunnel service, the mobile access router registers with a reverse tunnel request set. Once mobile access router is registered, it encapsulates packets from mobile networks using its tunnel to the home agent before sending packets to the foreign agent. The foreign agent sees packets sourced by mobile access router, and reverse tunnels them to home agent. This is necessary if the mobile networks are private addresses.

A mobile access router must be configured with a home address, subnet mask, home agent, and the mobility security association with the home agent. The mobility security association between home agent and mobile access router is defined by the ip mobile secure host and ip mobile secure home-agent parameters for home agent and mobile access router, respectively.

When mobile access router detects a foreign agent on a foreign network, it registers back to its home agent. The home agent authenticates the registration and binds the mobile access router to the foreign agent. In addition, home agent injects the mobile networks associated with the mobile access router into the routing table. These networks are reachable through the tunnel interface to mobile access router. When packets arrive at the home agent destined to the mobile networks, the home agent encapsulates them using the tunnel to the mobile access router, and encapsulates them again using the tunnel to the foreign agent. The foreign agent decapsulates the outer tunnel header and forward the packet to the mobile access router, which decapsulates tunnel header and forward original packet to destination.

The home agent must be configured with the ip mobile host addr mobile-network name and ip mobile mobile-network name net mask commands so the home agent can inject the networks into its routing table when mobile access router registers. This provides reachability and mobility for networks on the mobile access router.

For example, a mobile access router with an IP address of 10.1.1.10 is supported by a home agent for mobile network 10.1.1.0/24. When mobile access router registers back to its home agent, the home agent adds network 10.1.1.0/24 into the home agent routing table. The network can be summarized by routing protocols that redistribute Mobile IP routes.

The show ip mobile registration command displays the mobile access router registration table and the show ip mobile router command displays mobile access router information such as learned foreign agents, currently registered foreign agent, configured home agent, registration parameters, interface used for roaming, and so forth.

Mobile Router Configuration

ip mobile router
address 10.1.1.10 255.255.255.0
home-agent 10.1.1.20
ip mobile secure home-agent 10.1.1.20 spi 100 key hex 12345678123456781234567812345678

Home Agent Configuration

ip mobile host 10.1.1.10 mobile-network MyJet virtual-network 10.0.0.0 255.0.0.0
ip mobile mobile-network MyJet 10.1.1.0 255.255.255.0
ip mobile secure host 10.1.1.10 spi 100 key hex 12345678123456781234567812345678

Related Commands

show ip mobile router
show ip mobile mobile-network
ip mobile host

Basic Configuration Examples

Setting up a mobile access router consists of configuring the home agent and the mobile access router. The networks on the mobile access router, known as mobile networks, appears on the home agent while mobile access router roams around by using foreign agent

Home Agent Example Configuration

The home agent configuration consists of:

Enabling Mobile IP

Setting the mobile access router home network

Setting the mobile access router IP address

Setting the mobile networks on the mobile access router

Setting the security association with mobile access router

Setting the roaming interface

Enable Mobile IP by using the router mobile command.

Configure the home network by using the ip mobile virtual-network home-net home-mask command. This specifies that the home network is a virtual network, which means that the mobile access router is not physically attached to home agent.

Configure mobile access router by using the ip mobile host address mobile-network network-tag virtual-network home-net home-mask command. The IP address is in the home network.

Configure mobile networks on mobile access router by using the ip mobile mobile-network network-tag net mask command. The network may be individual subnets on interfaces of the mobile access router or summarized.

Configure security association with mobile access router by using the ip mobile secure host address spi number key hex value command. The SPI and key between home agent and mobile access router are known. The address is the mobile access router home IP address.

Verify the configuration by displaying mobile networks, mobile access router, and security association by using the following show commands:

show ip mobile mobile-network

show ip mobile host address

show ip mobile secure host address

Foreign Agent Example Configuration

Enabling Mobile IP

Enabling IRDP

Enabling foreign agent service on an interface

Setting a care-of address

Enabling the visitor interface

Enable Mobile IP by using the router mobile command.

Enable IRDP advertisement as follows. This will send out periodic advertisements or only when solicitation received.

interface name
ip irdp
ip irdp max value

Configure foreign agent service on an interface by using the following commands. For example, the maximum IRDP advertisement can be 10 seconds.

interface name
ip address address mask
ip mobile foreign-service
ip irdp
ip irdp max number

show ip mobile global
show ip mobile interface

Maritime Configuration Example

A home agent provides routing for two mobile access routers Royal Caribbean and Carnival. Each mobile access router has a satellite link and wireless LAN link when docking. Each is allocated a network that can be partitioned further.

· Enabling the mobile access router
· Setting the home IP address and home network mask
· Setting home agent IP address
· Setting security association with home agent
· Enabling a roaming interface

Enable mobile access router configuration submode, which enables the mobile access router, by using the ip mobile router command.

Configure mobile access router home IP address and home network mask by using the address home-address mask command. This address is same as what is configured on home agent for ip mobile host and ip mobile secure host.

Configure home agent IP address, which can be received by the home agent (physical or loopback interface, HSRP group address) by using the home-agent address command.

Configure security association with home agent by using the ip mobile secure home-agent address spi number key hex value command. The SPI and key between home agent and mobile access router are known. The address is the home agent IP address.

Configure roaming interface as follows. The IP address is an address on this subnet.

interface name
ip address address mask
ip mobile router-service

show ip mobile router
show ip mobile secure home-agent address

Home Agent Configuration

router mobile
ip mobile virtual-network 10.1.0.0 255.255.0.0
ip mobile virtual-network 10.2.0.0 255.255.0.0
ip mobile host 10.1.0.1 mobile-network RoyalCaribbean virtual-network 10.1.0.0 255.255.0.0
ip mobile mobile-network RoyalCaribbean 10.1.0.0 255.255.0.0
ip mobile host 10.2.0.1 mobile-network Carnival virtual-network 10.2.0.0 255.255.0.0
ip mobile mobile-network Carnival 10.2.1.0 255.255.255.0
ip mobile mobile-network Carnival 10.2.2.0 255.255.255.0
ip mobile secure host 10.1.0.1 spi 101 key hex 12345678123456781234567812345678
ip mobile secure host 10.2.0.1 spi 102 key hex 23456781234567812345678123456781
!
interface Loopback 0
ip address 1.1.1.1 255.255.255.255

Foreign Agent Configuration

router mobile
ip mobile foreign-agent care-of serial0
!
interface serial0
ip irdp
ip irdp maxadvertinterval 0
ip mobile foreign-service

Royal Caribbean Mobile Router Configuration

interface loopback0
ip address 10.1.0.1 255.255.255.255
router mobile
ip mobile router
address 10.1.0.1 255.255.0.0
home-agent 1.1.1.1
ip mobile secure home-agent 1.1.1.1 spi 101 key hex 12345678123456781234567812345678
!
interface serial 0
ip mobile router-service roam
ip mobile router-service solicit
interface ethernet 0
ip mobile router-service roam
interface ethernet 1
ip address 10.1.1.1 255.255.255.0
interface ethernet 2
ip address 10.1.2.1 255.255.255.0

Carnival Mobile Router Configuration

interface loopback0
ip address 10.2.0.1 255.255.255.255
router mobile
ip mobile router
address 10.2.0.1 255.255.0.0
home-agent 1.1.1.1
ip mobile secure home-agent 1.1.1.1 spi 102 key hex 23456781234567812345678123456781
!
interface serial 0
ip mobile router-service roam
ip mobile router-service solicit
interface ethernet 0
ip mobile router-service roam
interface ethernet 1
ip address 10.2.1.1 255.255.255.0
interface ethernet 2
ip address 10.2.2.1 255.255.255.0

Dynamic Networks

A static network allowed mobile networks to roam by using static configurations on the home agent. When the mobile access router registered, the home agent would look up the configured mobile networks and add them to its routing table to be redistributed by using Interior Gateway Protocol (IGP). This scheme enforces mobile networks on a mobile access router, but it requires configuration for every mobile access router and is inflexible to network changes on the mobile access router.

A static network supports stub routers only. This allows mobile access router to roam, behaving like a mobile node. The difference is that the home agent treats this mobile node as a mobile access router. The home agent either advertises the mobile access router networks during configuration, when the mobile access router is at home, or when it is registered.

A dynamic network allows a mobile access router to register its mobile networks dynamically with the home agent, which advertises the mobile network as an attached network. When the network is enabled or disabled on the mobile access router, it registers with the home agent for notification purposes. The routing of packets to the devices on the networks is the same. The registration procedure is extended to include the network, prefix, and state information.

Since the new extensions support dynamic registrations of mobile networks, vendor-specific extensions (VSE) are used. Critical Vendor/Organization Specific Extension (CVSE) RFC 3115 is used, because it is mandatory that the home agent be able to process these extensions. Otherwise, home agent rejects the registration requests.

Mobile Access Router Operation

The mobile access router is configured to register with mobile networks, and when the mobile access router registers with the home agent, it appends a CVSE containing the configured mobile networks. For reregistration, a mobile access router does not append a CVSE. If mobile network is deconfigured while registered, the mobile access router sends a registration with a CVSE for network deletion.

If a mobile network is configured while registered, mobile access router sends a registration with a CVSE to add a network. Support routes using mobile access router interfaces are configured for mobile network.

Home Agent Operation

The home agent is configured to accept mobile access router registration requests containing mobile networks CVSE. The home agent processes the CVSE and adds or deletes routes to the mobile networks through the mobile access router. If a route already exists, the home agent ignores the addition of the network. The home agent deletes routes when notification of a network deletion is received.

Foreign Agent Operation

Although there is no mobile access router specific operation needed, there is a need to support the new CVSE. The foreign agent needs to understand the CVSE to be able to parse the extensions in the registration request to relay to the home agent.

Bandwidth usage between a foreign agent and the mobile access router can be reduced if the foreign agent is configured to strip off the home agent-mobile router tunnel header and then forward the original packet to the mobile access router. By recognizing the CVSE in the request, the foreign agent identify the destination as a mobile access router with mobile networks, and the foreign agent will forward packets from the home agent destined for the registered mobile networks directly to the mobile access router.

Make sure that dynamic network support interoperates with static network support, even for the same mobile access router. This feature is integrated in the existing Mobile IP subsystems, which are in the PLUS (-s-) images.

Related Commands

ip mobile mobile-networks name register

The ip mobile router mobile-network register command specifies that mobile networks can be dynamically registered on a home agent by a mobile access router. This command is used in conjunction with the mobile-network command. When the mobile access router registers with mobile networks, the home agent looks up the mobile network configuration and verifies that register is configured before adding routing entries to the mobile networks. If the mobile access router is not configured properly, the home agent rejects the request with error code 129, administratively prohibited. It is possible for name to have both statically configured mobile networks and dynamically registered mobile networks. For example:

router mobile
ip mobile home-agent
ip mobile host 100.0.0.1 interface Ethernet 1
ip mobile mobile-networks 100.0.0.1
register
ip mobile secure host 100.0.0.1 spi 100 key hex 12345678123456781234567812345678

ip mobile router mobile-network interface

The ip mobile router mobile-network interface command specifies which interface is connected to the mobile network on the mobile access router. The interface IP network number and mask are added to the registration request that notifies the home agent. Once the home agent acknowledges the mobile network, mobile access router no longer adds the mobile network information to the requests. For example:

router mobile
ip mobile router
address 100.0.0.1 255.0.0.0
home-agent 100.0.0.3
mobile-network Ethernet3/2
register lifetime 120

show ip mobile binding

When the show ip mobile binding command is entered, the registered mobile networks are also displayed on the home agent. For example:

Router#show ip mobile binding
Mobility Binding List:
Total 1
100.0.0.1:
Care-of Addr 30.0.0.2, Src Addr 30.0.0.2
Lifetime granted 00:02:00 (120), remaining 00:01:23
Flags sbdmgvt, Identification BE8038D7.D2E15D80
Tunnel0 src 100.0.0.3 dest 30.0.0.2 reverse-allowed
MR Tunnel1 src 100.0.0.3 dest 100.0.0.1 reverse-allowed
MR mobile-network 100.0.0.1
Registered Mobile Networks 20.0.0.0/255.0.0.0 <--- NEW
Routing Options -

debug ip mobile host

When a debug ip mobile host command is configured and a mobile network is dynamically registered on the home agent, the following messages are displayed:

MobileIP: HA 126 received registration for MN 100.0.0.1 on Ethernet3/2 using COA 30.0.0.2 HA 1\
00.0.0.3 lifetime 120 options sbdmgvt
MobileIP: MN 100.0.0.1 - authenticating MN 100.0.0.1 using SPI 100
MobileIP: MN 100.0.0.1 - authenticated MN 100.0.0.1 using SPI 100
MobileIP: Mobility binding for MN 100.0.0.1 created
MobileIP: Roam timer started for MN 100.0.0.1, lifetime 120
MobileIP: MN 100.0.0.1 is now roaming
MobileIP: Gratuitous ARPs sent for MN 100.0.0.1 MAC 00d0.ff79.5c55
00:05:41:
MobileIP: Insert host route for 100.0.0.1/255.255.255.255 via gateway 30.0.0.2 on Tunnel0
MobileIP: Add mobnet for MR 100.0.0.1 20.0.0.0/255.0.0.0 <- NEW
00:05:41:
MobileIP: Insert host route for 20.0.0.0/255.0.0.0 via gateway 100.0.0.1 on Tunnel1
00:05:41:
MobileIP: HA accepts registration from MN 100.0.0.1
MobileIP: MN 100.0.0.1 - MH auth ext added (SPI 100) to MN 100.0.0.1
MobileIP: MN 100.0.0.1 - HA sent reply to 30.0.0.2

show ip mobile router

When the show ip mobile router command is entered, mobile networks that have been configured and associated with mobile access router interfaces, are displayed on the mobile access router. The pending message is shown next to the mobile network while the mobile access router attempts to register the network. Once home agent accepts the registration, the pending message disappears. For example:

Router#show ip mobile router

Mobile Router
Enabled 04/10/01 21:06:12

Configuration:
Home Address 100.0.0.1 Mask 255.0.0.0
Home Agent 100.0.0.3 Priority 100 (best)
Registration lifetime 120 sec
Retransmit Init 1000, Max 5000 msec, Limit 3
Extend Expire 120, Retry 3, Interval 10
Mobile Network Ethernet3/2 (20.0.0.0/255.0.0.0) <- NEW

Monitor:
Status -Registered-
Active foreign agent 20.0.0.2, Care-of 30.0.0.2
On interface Ethernet3/1
Tunnel0

show ip mobile router registration

The show ip mobile router registration command is entered, extensions in the registration request are displayed on the mobile access router. The Add or Delete message appears after the Mobile Network extension to specify action requested in last registration from mobile access router. For example:

Router#show ip mobile router registration

Mobile Router Registrations:

Foreign agent 20.0.0.2:
    Registration accepted 04/12/01 08:48:07, On Ethernet3/1
    Care-of addr 30.0.0.2, HA addr 100.0.0.3, Home addr 100.0.0.1
    Lifetime requested 00:02:00 (120), Granted 00:02:00 (120)
    Remaining 00:01:36
    Flags sbdmgvt, Identification BE805B64.AFE88540
    Register next time 00:00:36
    Extensions:                                    <- NEW
        Mobile Network Add 20.0.0.0/8              <- NEW
        MN-HA Authentication SPI 100               <- NEW

debug ip mobile router detail

When the debug ip mobile router detail command is configured and the mobile network is registered on the mobile access router, the following messages is displayed:

1d09h: MobRtr: New agent 20.0.0.2 coa 30.0.0.2 int Ethernet3/1 MAC 00b0.8e35.a055
1d09h: MobRtr: Register reason: left home
1d09h: MobRtrX: Extsize 18 add 1 delete 0 <- NEW
1d09h: MobRtrX: Add network 20.0.0.0/8 <- NEW
MobileIP: MH auth ext added (SPI 100) to HA 100.0.0.3
1d09h: MobRtr: Register to fa 20.0.0.2 coa 30.0.0.2 home 100.0.0.1 ha 100.0.0.3 life 120 int Ethernet3/1 flag sbdmgvt cnt 0 id BE804340.447F50A4
1d09h: MobRtr: Status Isolated -> Pending
1d09h: MobRtr: MN rcv accept (0) reply on Ethernet3/1 from 20.0.0.2 lifetime 120
MobileIP: MN 100.0.0.3 - authenticating HA 100.0.0.3 using SPI 100
MobileIP: MN 100.0.0.3 - authenticated HA 100.0.0.3 using SPI 100
1d09h: MobRtr: Status Pending -> Registered
1d09h: MobRtr: Add default gateway 20.0.0.2 (Ethernet3/1)
1d09h: MobRtr: Add default route via 20.0.0.2 (Ethernet3/1)

Configuration Example

The configuration is similar to static network support. For example:

Home Agent

router mobile
ip mobile home-agent
ip mobile host 100.0.0.1 interface Ethernet3/1
ip mobile mobile-networks 100.0.0.1
register <--- NEW
ip mobile secure host 100.0.0.1 spi 100 key hex 12345678123456781234567812345678

Mobile Router

router mobile
ip mobile router
address 100.0.0.1 255.0.0.0
home-agent 100.0.0.3
mobile-network Ethernet3/2 <- NEW
register lifetime 120

hometocprevnextglossaryfeedbacksearchhelp

Posted: Wed Nov 1 10:33:38 PST 2006
All contents are Copyright © 1992--2006 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.