Руководство По Проектированию для Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter
12-7
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 12 Cisco Unified Wireless and Mobile IP
Roaming on a Mobile IP-enabled Network
Only two of the three components (MN and HA) are actually required for a mobility solution. The third
component, FA, is optional because the MN can act as its own FA by using DHCP for a local IP address.
In this case, the tunnel ends at the MN. In HA and FA Tunneling5, the MN is given an IP address
(10.1.69.10) local to the HA. To the rest of the network, the MN looks like it is directly attached to the
HA. The HA then uses its mobility binding table to forward packets to wherever the MN is currently
located. It is the responsibility of the MN to update its location with the HA. The FA decapsulates the
packets destined for the MN and forwards them out its interface. It gleans the information it needs by
being an active party in the registration process with the HA. The MN actually sends its packets to the
FA, and the FA checks the packets and generates new IP headers to forward the information onward to
the HA. The FA can also provide reverse tunneling for the MN originated packets back to the HA, instead
of simply forwarding through the normal switching process. Reverse tunneling allows packets from the
MN to always exit the HA and pass any reverse path forwarding (RPF) checks.
component, FA, is optional because the MN can act as its own FA by using DHCP for a local IP address.
In this case, the tunnel ends at the MN. In HA and FA Tunneling5, the MN is given an IP address
(10.1.69.10) local to the HA. To the rest of the network, the MN looks like it is directly attached to the
HA. The HA then uses its mobility binding table to forward packets to wherever the MN is currently
located. It is the responsibility of the MN to update its location with the HA. The FA decapsulates the
packets destined for the MN and forwards them out its interface. It gleans the information it needs by
being an active party in the registration process with the HA. The MN actually sends its packets to the
FA, and the FA checks the packets and generates new IP headers to forward the information onward to
the HA. The FA can also provide reverse tunneling for the MN originated packets back to the HA, instead
of simply forwarding through the normal switching process. Reverse tunneling allows packets from the
MN to always exit the HA and pass any reverse path forwarding (RPF) checks.
Figure 12-5
HA and FA Tunneling
Unlike the Cisco Unified Wireless Network where the network proxies or provides the wireless client
with seamless mobility, the Mobile IP Client (or MN) needs to know three pieces of information to
function:
with seamless mobility, the Mobile IP Client (or MN) needs to know three pieces of information to
function:
•
• Its home address (on a locally connected subnet on the HA)
•
• Its HA address (so it can update the HA with its current location)
•
• Its shared secret key (used to authenticate packets between the MN and HA)
Both the mobile node’s home address and HA address can be dynamically discovered or generated but
are typically manually configured on the MN. DHCP can be used to convey the HA address to the MN
via option 68. The HA can dynamic assign an IP address to the MN to be used as its home address when
it registers for the first time. Depending on your mobile IP client software and its capabilities, the shared
secret key most likely needs to be manually configured.
are typically manually configured on the MN. DHCP can be used to convey the HA address to the MN
via option 68. The HA can dynamic assign an IP address to the MN to be used as its home address when
it registers for the first time. Depending on your mobile IP client software and its capabilities, the shared
secret key most likely needs to be manually configured.
When a Mobile IP Client is loaded on a Windows host, the Mobile IP Client function rests between the
physical interfaces and TCP/IP stack (see
physical interfaces and TCP/IP stack (see
). The Mobile IP Client function sends its home
address up the TCP/IP stack so that the host applications, including a VPN client, see a constant IP
address as the MN roams across the different network locations or different networks. The physical
interfaces might or might not have IP addresses during roaming depending on whether an FA is present
on the subnet.
address as the MN roams across the different network locations or different networks. The physical
interfaces might or might not have IP addresses during roaming depending on whether an FA is present
on the subnet.
Mobility Client:
0.1.69.10
DHCP IP Address Not Required
Mobility Binding Table
Mobile Node
CoA
10.1.69.10
209.165.201.1
FA CoA:
209.165.201.1
Visitor Table:
Mobile Client
Layer 2 Info
10.1.69.10
Eth0/0 <MAC addr>
153858
HA
FA