Cisco 7600 Mobile Wireless Home Agent

Enabling Easy Roaming Across Different Radio Access Technologies

  • Viewing Options

  • PDF (324.6 KB)
  • Feedback



A variety of different mobile data services are being deployed today. Wi-Fi has become popular for public wireless LAN (WLAN) services, 2.5G data services like General Packet Radio Service (GPRS) have a ubiquitous footprint, and now third-generation (3G) mobile data services are starting to roll out, such as CDMA2000 and UMTS. Each service has its advantages and disadvantages: Public WLAN offers high performance in a limited area, 2.5G offers modest performance in a broad area, and 3G offers better performance than 2.5G but without the broad coverage. The challenge is how to blend these mobile services together into a single offering.
This white paper presents a case study of a carrier (to be called Carrier X) that has created such a blended service offering that allows users to seamlessly roam across radio technologies as they move through the service area. Note that although this particular study is focused on Global System for Mobile Communications (GSM) operators, it is equally applicable in the CDMA world.


In addition to regular voice services, Carrier X offers the following mobile data services:

• High-Speed Circuit-Switched Data (HSCSD) - Up to 57.6 kbps

• GPRS - Up to 48 kbps

• Enhanced Data Rates for Global Evolution (EDGE) - Up to 200 kbps

• Universal Mobile Telecommunication System (UMTS) - Up to 384 kbps (practical) and 2 Mbps (theoretical)

• Public WLAN (PWLAN) - IP data traffic up to 2 Mbps

Carrier X has built more than 900 Public WLAN hotspots throughout the country based on Cisco Systems ® public WLAN technology and the Cisco ® Mobile Exchange framework. Carrier X is now deploying EDGE data services to complement its UMTS service coverage, which is already available in more than 70 percent of the country's densely populated areas.

Motivation for Change

Even though Carrier X is the market leader, it is always looking for new technologies and services that will meet the needs of its subscriber base. This is especially important as basic mobile voice becomes a commodity. Carrier X chose to look at new data services for the enterprise.
Studies have shown that mobile data services are hindered by too much complexity and too many different tariff models. The challenge was to simplify the service while at the same time increasing its flexibility. A successful service must be something that anyone can use without having to install complex dialup utilities, use different mobile radio cards, or struggle with difficult configurations. In sum, the operator wanted to offer the fastest and most user-friendly mobile service, bundled with a transparent tariff model. A new service package was born.


• Corporate User Service Offering

• Single PCMCIA card with support for multiple radio technologies

• User-friendly Desktop Service Manager

• Mobile IP (MIP) support in Collocated Care of Address (CcoA) behind NAT device

• Private home addressing support

• Carrier-class MIP home agent

• Extensible Authentication Protocol - Subscriber Information Module (EAP-SIM) authentication support

• Simple Billing Plan



Carrier X has deployed a corporate user service that consists of a laptop with a PCMCIA card that supports GPRS, UMTS, and Wi-Fi. The subscriber receives a laptop Service Manager application from Carrier X that manages the different radio access technologies and supports Mobile IP and IPSec for corporate connectivity. Corporate network access and basic Internet access would be provided by intelligent Layer 3 Service Selection Gateways once the subscriber is authenticated.
Carrier X will utilize their existing SIM-based method of access authentication for their PWLAN service. This is accomplished by using EAP-SIM. Carrier X would deploy a PWLAN hotspot infrastructure to support this new corporate user service.
A key requirement is to enable PWLAN service with seamless roaming onto their existing GPRS/UMTS network. This would require a highly available Mobile IP home aagent that would be the anchor point for all network connections.
The following sections provide additional details describing the technologies used in addressing the requirements.

Figure 1. Seamless Roaming Across Different Radio Access Technologies and Anchored by Mobile IP

The corporate offering would consist of network access across both the PWLAN infrastructure and the existing GPRS/UMTS mobile network. The user would be able to maintain the connection when moving between these access networks without impacting their existing sessions (see Figure 1). The corporate user would have access to both the Internet and to corporate applications by enabling a secure IPSec VPN connection. This corporate service would be considered a premium value-add service and would, therefore, have to be simple to use, reliable, support a variety of billing options, and enable corporate applications when on the move.

Single PCMCIA Access Card

Carrier X's requirements consisted of providing the corporate user with network access when on the move. This translated into providing easy access to corporate data over the PWLAN or GPRS/UMTS networks via a tri-mode PCMCIA module.

Desktop Service Manager

Carrier X provides the PCMCIA module and PC laptop Service Manager application that enables easy use of the service. The laptop Service Manager would normally install with minimum input needed from the end user. Carrier X would optimize the default configurations to ensure that the subscriber has consistent features and functions. However, the laptop Service Manager provides the capability to modify default settings for several important functions. PCMCIA module configurations can also be modified to set thresholds on when the access should move from one radio technology to the other. The laptop Service Manager also provides a secure IPSec VPN client that will provide connectivity when accessing corporate applications.
Laptop Service Manager applications are available in different implementations. The most common implementation is developed as a mobile-operator-specific application that provides the features and functions described above plus the added benefit of presenting Carrier X branding image.

Mobile IP Support

Carrier X supports seamless mobility across different radio access technologies by supporting Mobile IP in the PC and in the network. Mobile IP provides the capability for a laptop to establish a data connection over any radio access technology and roam onto a different radio access technology without dropping the data session. Once the laptop authenticates to the network, it is assigned an IP address that serves as the CCoA. Then it performs a Mobile IP registration to the home agent. The home IP address assigned to the mobile device is owned by the home agent from the routing perspective. This address is used as the source address for all application access requests. The mobile requests will be forwarded through the home agent and server responses will return via the home agent. As the laptop moves from one network to the other, the CCoA will be different and a new Mobile IP registration will take place identifying a move, and the binding table on the home agent will be updated to reflect the change and the new forwarding address. Server returned packets will be forwarded to the mobile over the new access network.

Figure 2. The Elements of Mobile IP

Private Addressing Support in Access Network

As the number of mobile devices grows so does the number of IP addresses required. Public IP address space is becoming very scarce and, therefore, there is a need to support other mechanisms to address the growing number of mobile devices.
Mobile IP does not support Network Address Translation (NAT), a widely used mechanism to share a public IP address among multiple mobile devices that are using private addresses. This problem has been addressed by making use of "NAT Traversal for Mobile IP." NAT Traversal for Mobile IP introduces UDP as an alternative to the Mobile IP tunneling mechanism. UDP tunneling provides the appropriate parameters such that NAT can take place. This also means that NAT Traversal would have to be supported in the Mobile IP client and home agent.

Highly Available Home Agent

Cisco Mobile Wireless Home Agent application running on the Multiprocessor WAN Application Module (MWAM) on the Cisco 7600 and Cisco Catalyst ® 6500 series switches was the only product that met Carrier X's requirements for availability and scalability. The home agent acts as the anchor point for all mobile devices connecting to the network. The IP address assigned to the Mobile Nodes is owned by the home agent resulting in all traffic to and from the Mobile Node passing through the home agent.
High availability is provided by using a standby home agent that can take over the mobile sessions when the primary home agent becomes unavailable. As a Mobile Node joins the network, the home agent will populate the binding table. This binding information will be propagated to the standby home agent, allowing it to take over a session if required. The standby home agent uses Hot Standby Routing Protocol (HSRP) as the mechanism to select its role as primary or standby home agent.

EAP-SIM Authentication

Carrier X deployed EAP-SIM authentication in the network by using redundant Cisco Service Selection Gateway (SSG), Cisco Subscriber Edge Services Manager (SESM), and Cisco Access Registrar RADIUS servers for authentication, authorization, and accounting (AAA). The Cisco IP Transfer Point solution provides the interconnection with the traditional Home Location Register (HLR) for user authentication and service authorization.
EAP-SIM uses SIM-based authentication, which is already the standard method of authentication for GSM-based mobile operators worldwide. It requires that the client device be equipped with a SIM card and SIM card reader, and a network that is enabled for this capability.
As the Mobile Node accesses the network through the SSG, the access request is forwarded to Cisco Access Registrar (AR) RADIUS server. AR will perform HLR proxy services to support the authentication request by the HLR in the radio network. The request to the HLR is forwarded through the IP Transfer Point ITP MAP Gateway which transports the SS7 request over an IP network. The Cisco ITP acts as a gateway taking the SIM authentication credentials from EAP-SIM and translating them into standard SS7 MAP messages which are then processed by the HLR.

Simple Billing

One clear objective for Carrier X was to make this service simple and transparent for the mobile subscriber from a billing perspective. Carrier X elected to limit the billing to an initial charge for the PC access card, desktop service manager, and the SIM card. The Mobile Node user would then be charged based on different volume data usage costs.


For the MIP part of the solution, the Cisco mobile wireless home agent application running on the (MWAM) on the Cisco 7600 and Cisco Catalyst 6500 Series switches was the only product that met Carrier X's requirements for availability and scalability.

Figure 3. Mobile IP in the Carrier X Environment

The home agents are the anchor points for MIP and are running in active/standby mode, whereby they exchange their MIP binding tables using an extension of the HSRP. This capability allows for a stateful redundancy.
No Mobile IP foreign agents are used in the solution today. This implies that the MIP client stack running on the subscriber's laptop uses the CCoA, and that the client gets an IP address from the access network to which it is attached. For example, one IP address might be from a PWLAN service and another one might be acquired through the GPRS/UMTS access network (neither of which uses foreign agents). The client, depending on the priority of the access network, could use either address as its MIP tunnel source IP address.
To fulfill the requirement to go through the NAT/PAT aggregation point in the access network, the system must comply with IETF RFC 3519 for NAT traversal.
The home address that the client uses to address its traffic is assigned during the MIP control phase through the AAA server assignment. Because a private address is used, the home agent performs NAT-PAT to route the traffic to the Internet. At the same time, through Cisco IOS ® Software features such as NAT Services and per-user access lists, the home agent allows certain applications that would otherwise fail to work properly and provides access filtering with the well-known access control lists (ACLs).


The Cisco mobile wireless home agent offers additional built-in redundancy. Because the home agent specification has no "keepalive" mechanism between the home agent and registered Mobile Nodes, the failure of a home agent could interrupt data flow to the Mobile Node and the Mobile Node has no way of knowing the cause. To avoid this situation, Cisco IOS Software implements home agent redundancy through HSRP. This feature enables home agents to backup each other in the event of a failure. The active home agent sends binding updates to the backup home agent every time a new registration is entered into the binding table, which keeps the binding tables synchronized. When a new home agent boots up on the LAN, it can have the entire binding table loaded into its memory and be ready in the event of any network failure.

Figure 4. High Availability with HSRP Group for Home Agent

Solution Highlights

• Based on Cisco HSRP

• Enables backup in case of a failure

• Helps ensure that mobility bindings stay in sync

• Balances load

Generic Call Flow

Cisco home agents can be configured to provide 1:1 redundancy. Two home agents are configured in hot-standby mode with HSRP. This enables the active home agent to continually copy mobile session information to the standby home agent, synchronizing state information at both devices. If the active home agent fails, the standby home agent can take over without service disruption. (See Figure 5.)

Figure 5. Generic MIP Registration with HSRP Group Flow Mechanism for Home Agents

The synchronization process goes as follows (see Figure 5):

• Mobile Node discovers a foreign agent and they agree on services or in absence of a foreign agent default in CCoA mode.

• Mobile Node obtains Care-of Address (CoA) or default in CcoA.

• Mobile Node registers with active home agent.

• Active home agent duplicates each mobility binding to the standby home agent.

• Mobile Node connects to a destination IP host (corresponding node).

• Corresponding node sends packets to the Mobile Node.

• Home agent tunnels packets from corresponding node to Mobile Node.

• Layer 3 tunnel using generic routing encapsulation (GRE) or IP-in-IP.

Redundancy Mechanisms

During the MIP registration process, a home agent creates a mobility binding table that maps the home IP address of a Mobile Node to its current CoA. If the home agent fails, the mobility binding table is lost and all Mobile Nodes registered with the home agent lose their connectivity. To reduce the impact of a home agent failure, Cisco IOS Software supports the Home Agent Redundancy feature.
Home Agent Redundancy runs on top of HSRP, a protocol developed by Cisco that provides network redundancy. An HSRP group is composed of two or more routers that share an IP address and act as a single virtual router. For example, an MIP topology can include one active home agent and one or more standby home agents that the rest of the topology view as a single virtual home agent.
Solution Highlights

• A second home agent in standby mode is installed on the same LAN.

• Standby home agent has configuration identical to primary (active) home agent.

• Agents share a common group IP address used by obile nodes to send registration requests.

• Agents advertise their respective states and the configured priority.

NAT Traversal

Support for the RFC 3519 NAT Traversal feature introduces a method for tunneling MIP data traffic. New extensions in the MIP registration request and reply messages have been added for establishing User Datagram Protocol (UDP) tunneling.
The benefit of this feature is that mobile devices in collocated mode that use a private IP address (RFC 1918) or foreign agents that use a private IP address for the CoA are now able to establish a tunnel and traverse a NAT-enabled router with Mobile Node data traffic from the home agent.
Because of the depletion of globally routable addresses, service providers are using private addresses and NAT for connection to the Internet. Private IP addresses allow service providers to reuse addresses as long as they are not connected to the Internet.
NAT allows for the translation of a private IP address to a public IP address. NAT uses the port number in the second header to organize the translations and determine which translation to use when it sees a returning packet.
When the Mobile Node registration packet traverses a NAT-enabled router, the home agent detects the traversal by comparing the source IP address with the CoA and establishes UDP tunneling if the Mobile Node indicates, by including the UDP tunneling extension in the registration request, that it is capable of UDP tunneling.
The NAT-enabled router allows the UDP registration packet to proceed through. UDP tunneling allows data packets from the home agent to use the NAT translation set up by the registration packet. The UDP tunnel header uses the same UDP source and destination port as the original registration packet, enabling it to use the NAT translation created for and by the registration packet traversing the NAT-enabled router. This allows the Mobile Node to receive data packets from the home agent when it normally would not with the default IP-in-IP tunneling.

Network Address Translation Devices

NAT devices rely on IP addresses and port numbers for demultiplexing data to peers behind a NAT network.
When a message is initiated from a private address host to a public address host, NAT modifies the source IP address in the packet to a globally routable source address and the source port number to a unique source port number that it can use for identifying the peer that initiates the message. NAT then preserves the private address, port-to-public address, and port mapping in its translation table and uses the NAT-translation entry to route the return traffic.

UDP Tunneling

There are two directions for UDP tunneling: forward and reverse. Forward tunneling is done by a home agent that forwards packets toward the Mobile Node, and reverse tunneling starts at the Mobile Node's CoA and terminates at the home agent.

Note: UDP tunneling is for MIP data traffic only. Registration requests and replies do not use UDP tunneling.

Keepalive Management

Keepalives are the active timers on the NAT translation in the NAT-enabled router. They maintain the NAT translation for use by the home agent even when the Mobile Node is silent. The keepalive timer interval is configurable on both the home agent and the foreign agent (if one is used), but is controlled by the home agent keepalive interval value sent in the registration reply. When the home agent sends a keepalive value in the registration reply, the Mobile Node or foreign agent must use that value as its keepalive timer interval. The keepalive interval configured on the foreign agent is only used if the home agent returns a keepalive interval of zero.

NAT-PAT for Home Address, NAT Services, and Access Lists

Carrier X had other needs for its MIP service. The home agent assigns private home addresses and provides northbound access to the Internet. It is thus necessary to use NAT as well for the home address. To allow access for certain types of applications, particular care needs to be given to embedded addresses and ports. Carrier X also wished to block traffic between Mobile Nodes. These additional services were all available in Cisco mobile wireless home agent, and well-known features in Cisco IOS Software - NAT-PAT, NAT services, and ACLs - could easily be used to meet the desired goals.
As an example, Real Time Streaming Protocol (RTSP) supports delivery of multimedia applications including Microsoft Windows Media Services, Apple QuickTime, and RealSystem G2 by RealNetworks. When RTSP traffic passes through a NAT router, the embedded address and port must be translated for the connection to be successful. NAT uses Network-Based Application Recognition (NBAR) architecture to parse and translate the embedded information in the RTSP payload.


Carrier X was looking for a way to offer customers flexible and user-friendly mobile data services that did not feature multiple radio cards, complicated dialup commands and login managers, or complex billing plans. The solution was a PCMCIA module that provides access to GPRS, UMTS, and PWLAN services, along with an MIP client stack, that is integrated in a user-friendly service dashboard. The solution allows Carrier X subscribers to roam easily among access networks, always enjoying the highest access speed available and never losing Layer 3 connectivity.
Cisco home agent was the only home agent available meeting all the necessary requirements and was the cornerstone of this solution. Other elements included the Cisco family of 802.11 access points and Cisco Mobile Exchange, both of which were able to help Carrier X meet its time-to-market goals.