Foreign Agent Route Optimization
The Mobile IP v4 protocol does not allow direct routing from one mobile node to another mobile node or to a mobile network behind a mobile router. The protocol requires the traffic to go through the home agent, creating the problem of triangular routing.
Foreign Agent Route Optimization injects mobile network routes into a foreign agent routing table, enabling routing directly from one mobile network to another mobile network. This route optimization improves deployments that are running latency-sensitive applications.
Understanding Foreign Agent Route Optimization
After accepting a registration request from a mobile router with static and/or dynamic mobile networks, a home agent creates routing table entries for the mobile networks and advertises the reachability to these networks through the home agent-to-foreign agent and home agent-to-mobile router logical tunnel.
This network state is propagated to the network by using the Interior Gateway Protocol (IGP) and enables corresponding nodes to reach the mobile networks through the home agent. If Foreign Agent Route Optimization is not enabled, the traffic from corresponding nodes on networks directly connected to foreign agent interfaces are forced to take the path to the home agent. If Foreign Agent Route Optimization is enabled, traffic is passed from the directly connected interface to the mobile router.
Home Agent Processing of the Registration Request
After authenticating the user, if the home agent receives a Mobile IP registration request from any mobile router, the home agent looks up the configuration for all the static networks associated with that mobile router. It also learns the dynamic mobile networks associated with the mobile router from the Dynamic Network Extension in the registration request.
The home agent constructs the Static and Dynamic Mobile Network extensions and sends them back to the mobile router as part of the registration reply. These extensions are protected by the Mobile-Home authentication extension.
The home agent does not send the static or dynamic mobile networks in a deregistration request reply message. However, for backward compatibility, the home agent does include a Dynamic Mobile Network Extension with a single dynamic mobile network prefix.
Foreign Agent Considerations
A foreign agent learns the configured static mobile networks and the registered dynamic mobile networks that are linked to a mobile router by parsing the Dynamic Mobile Network and the Static Mobile Network Normal Vendor/Organization Specific Extensions (NVSEs) from the successful registration reply from the home agent. (It is mandatory to have a security association between the home agent and the foreign agent.) If the foreign agent receives a successful registration reply from the home agent and if that message has no Foreign-Home Authentication extension in it, the foreign agent skips the route injection step.
Foreign Agent Processing of the Registration Request
A foreign agent processes a registration request the same way for all devices. On receiving a registration reply from a home agent, the foreign agent checks for the following:
•Static and Dynamic Mobile Network Extensions
•Foreign-Home Authentication Extension
•Route injection enabled
The foreign agent injects the routes into the routing table and redistributes the routes by using IGP. The injected routes are stored in the local data structure and associated with a visitor entry.
The foreign agent, upon receiving a deregistration message with a zero lifetime, removes the routes from the routing table and deletes them from the local data structures.
Upon receiving a reregistration message with a new lifetime, the foreign agent injects the routes into the local data structure and associates them with the visitor entry.
Configuring Foreign Agent Route Optimization
The configuration command described in this section has been added to the Mobile IP subsystem.
ip mobile foreign-agent inject-mobile-networks
Use the ip mobile foreign-agent inject-mobile-networks command to enable foreign agent route optimization for mobile networks at the foreign agent.
ip mobile foreign-agent inject-mobile-networks [mobnetacl <ACL>]
The no form of the command disables foreign agent optimization:
no ip mobile foreign-agent inject-mobile-networks, disables the feature.
(Optional) mobnetacl specifies a simple named or numbered access control list for controlling the mobile networks for which the foreign agent can provide route optimization.
This command was introduced.
The following is sample output for the show ip mobile globals command.
Router#show ip mobile globals
IP Mobility global information:
Home Agent is not enabled
Pending registrations expire after 120 secs
Care-of addresses advertised
Mobile network route injection enabled
Mobile network route redistribution disabled
Mobile network route injection access list test
FastEthernet0/0 (220.127.116.11) - up
1 interface providing service
Encapsulations supported: IPIP and GRE
Tunnel fast switching enabled, cef switching enabled
Tunnel path MTU discovery aged out after 10 min
NAT UDP Tunneling support enabled
Forced UDP Tunneling disabled
The following are Foreign Agent Route Optimization caveats:
•After mobile router registration, any static mobile network configuration changes on the home agent are not reflected in the foreign agent routing table. There is no home agent-foreign agent signaling the removal of the mobile network routes. The route is removed when the router is deregistered.
•Explicit clearing of the mobile router bindings at the home agent does not remove the mobile network routes at the foreign agent.
This section shows a configuration example for the foreign agent.
ip address 10.0.19.102 255.255.255.240
ip address 18.104.22.168 255.255.255.0
ip address 22.214.171.124 255.255.255.0
ip irdp maxadvertinterval 20
ip irdp minadvertinterval 10
ip mobile foreign-service registration-required reverse-tunnel
ip mobile registration-lifetime 65535
ip address 126.96.36.199 255.255.255.0
redistribute mobile subnets
network 10.10.10.0 0.0.0.255 area 0
network 188.8.131.52 0.0.0.255 area 0
network 184.108.40.206 0.0.0.255 area 0
network 220.127.116.11 0.0.0.255 area 0
ip mobile foreign-agent care-of Ethernet2/2
ip mobile foreign-agent reg-wait 120
ip mobile foreign-agent inject-mobile-networks mobnetacl mob-net-list
ip mobile secure home-agent 18.104.22.168 spi 1400 key ascii cisco algorithm md5 mode
ip access-list standard mobile-net-list