Downloads |
Table Of Contents
Mobile IP Home Agent Redundancy
Supported Standards, MIBs, and RFCs
Configuring HSRP Group Attributes
Enabling HA Redundancy for a Physical Network
Enabling HA Redundancy for a Virtual Network Using One Physical Network
Enabling HA Redundancy for a Virtual Network Using Multiple Physical Networks
Enabling HA Redundancy for Multiple Virtual Networks Using One Physical Network
Enabling HA Redundancy for Multiple Virtual Networks Using Multiple Physical Networks
Verifying Home Agent Redundancy
Monitoring and Maintaining Home Agent Redundancy
HA Redundancy for Physical Networks
HA Redundancy for a Virtual Network Using One Physical Network
HA Redundancy for a Virtual Network Using Multiple Physical Networks
HA Redundancy for Multiple Virtual Networks Using One Physical Network
HA Redundancy for Multiple Virtual Networks Using Multiple Physical Networks
standby priority, standby preempt
Mobile IP Home Agent Redundancy
This document describes the Mobile IP Home Agent Redundancy feature in the following sections:
•
Supported Standards, MIBs, and RFCs
•
Feature Overview
Mobile IP provides a mechanism for routing IP packets to mobile nodes that can be connected to any network while using their permanent IP address. With Mobile IP, you can identify a host by a single IP address even while the device physically moves its point of attachment from one network to another as in the case of a mobile user.
Mobile IP works because the mobile node is able to discover whether it is at home or away from home. Routers acting as home agents (HAs) or foreign agents (FAs) will advertise their existence. HAs are routers located on the mobile node's home network that are capable of tunneling the mobile node's packets to it while it is away. FAs are routers on a foreign network that can detunnel these packets from the HA.
Mobile nodes on foreign networks need to register with their HA to convey their location. This location is called "care-of address." The HA creates a mobility binding table that tracks the association of a home address with the current care-of address of the mobile node. However, if the HA fails, the mobility binding table will be lost and all mobile nodes registered with the HA will lose connectivity unless a redundancy mechanism is employed.
Thus, the Mobile IP Home Agent Redundancy feature was developed. This functionality runs on top of the Hot Standby Router Protocol (HSRP) and designates one active HA and another HA as a standby HA. HSRP is a protocol developed by Cisco that provides network redundancy in a way that ensures that user traffic will immediately and transparently recover from "first hop" failures in network edge devices and access circuits. By sharing an IP address and a MAC (Layer 2) address, two or more routers can act as a single virtual router or default gateway to the hosts on a LAN. The members of the router group continually exchange status messages by detecting when a router goes down. This router group is referred to as the "HSRP group."
The Mobile IP HA redundancy functionality allows standby HAs and active HAs to exchange mobility binding updates. Also, when a router first becomes the standby HA, the active HA downloads the entire mobility binding table to the standby HA.
The following sections give an overview of how redundancy is implemented when a mobile node travels to a foreign network.
Agent Discovery
Agent Discovery determines whether the mobile node is currently connected to its home network or foreign network. Agent Discovery works through advertisements and solicitations to detect whether the mobile node has moved and the way it has moved. When the mobile node is on a foreign network, it acquires a temporary care-of address, which is the exit point of the tunnel from the HA.
Registration and Mobility Binding Tables
Next, the mobile nodes need to register with their HA to communicate their location. This registration process occurs whenever a mobile node detects that its point-of-attachment to a network has changed. The mobile node reports its current care-of address to the HA. Now the HA can tunnel packets to the mobile node using this care-of address.
The HA creates a mobility binding table that maps a mobile node's current home address into the mobile node's current care-of address. An entry in this table is called a binding entry. The main purpose of registration is to create, modify, or delete a mobile node's binding entry at its HA.
Home Agent Redundancy Operation
Without home agent redundancy, the mobility binding table entries are not communicated to the standby HA. If the active HA fails, the mobility binding table is lost and all mobile nodes registered to the HA lose connectivity.
Home agent functionality is a service provided by the router and is not interface specific. The main concern is on which interface of the HA should a mobile node use to send its registration requests, or alternatively, on which interface of the HA should the HA receive registration requests. There are two scenarios to consider: (1) a mobile node that has an HA interface (HA IP address) that is not on the same subnet as the mobile node, and (2) a mobile node that requires the HA interface to be on the same subnet as the mobile node, that is, the HA and mobile node must be on the same home network. Note that the choice of which HA IP address to use is an agreement between the HA and mobile node.
For mobile nodes on physical networks, an active HA accepts registration requests from the mobile node and sends the binding updates to the standby HA. This process keeps the mobility binding table synchronized between the standby HA and active HA. See Figure 1(a) for an example of this process.
Virtual networks are logical circuits that are programmed and share a common physical infrastructure. For this type of network, the active and standby home agents are peers—either can handle registration requests and update the peer home agent.
When a standby HA comes up, it must request all mobility binding information from the active HA. The active HA responds by downloading the mobility binding table to the standby HA. The standby HA acknowledges that it has received the requested binding information. See Figure 1(b) for an example of an active HA downloading the mobility bindings to a standby HA. A main concern in this scenario is which HA IP address should the standby HA use to retrieve the appropriate mobility binding table and on which interface of the standby HA should the binding request be sent.
Figure 1 Mobility Binding Process
Benefits
•
•
Related Documents
•
•
Supported Platforms
•
•
•
•
•
•
•
•
•
Supported Standards, MIBs, and RFCs
Standards
No new or modified standards are supported by this feature.
MIBs
No new or modified MIBs are supported by this feature.
For descriptions of supported MIBs and how to use MIBs, see the Cisco MIB web site on CCO at http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.
RFCs
•
•
Configuration Tasks
Perform the following tasks to configure your routers for Mobile IP HA redundancy:
•
•
•
Perform one of the following tasks depending on your network configuration:
•
•
•
•
•
For diagrams and examples of the various network configurations see the "Configuration Examples" section.
Enabling Mobile IP
Enabling HSRP
To enable HSRP on an interface, use the following command in interface configuration mode.
Configuring HSRP Group Attributes
To configure HSRP group attributes that affect how the local router participates in HSRP, perform the following task in interface configuration mode:
Enabling HA Redundancy for a Physical Network
Enabling HA Redundancy for a Virtual Network Using One Physical Network
Enabling HA Redundancy for a Virtual Network Using Multiple Physical Networks
Enabling HA Redundancy for Multiple Virtual Networks Using One Physical Network
Enabling HA Redundancy for Multiple Virtual Networks Using Multiple Physical Networks
Verifying Home Agent Redundancy
To verify that the Mobile IP Home Agent Redundancy feature is configured correctly on the router, use the following commands in EXEC mode:
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Monitoring and Maintaining Home Agent Redundancy
Configuration Examples
Table 1 summarizes the Mobile IP HA redundancy configuration required to support mobile nodes on physical and virtual home networks. Refer to this table for clarification as you read the examples in this section.
This section provides the following configuration examples:
•
•
•
•
•
HA Redundancy for Physical Networks
Figure 2 shows an example network topology for physical networks. The configuration example supports home agents that are on the same or a different physical network as the mobile node.
Figure 2 Topology Showing HA Redundancy on a Physical Network
HA1 is favored to provide home agent service for mobile nodes on physical network e0 because the priority is set to 110, which is above the default of 100. HA1 will preempt any active home agent when it comes up. During preemption, it does not become the active home agent until it retrieves the mobility binding table from the current active home agent or until 100 seconds expire for home agent synchronization.
Note
The standby HSRP group name is SanJoseHA and HSRP group address is 1.0.0.10. The standby HA uses this HSRP group address to retrieve mobility bindings for mobile nodes on the physical network. Mobile IP is configured to use the SanJoseHA standby group to provide home agent redundancy.
Mobile nodes are configured with HA address 1.0.0.10. When registrations come in, only the active home agent processes them. The active home agent sends a mobility binding update to the standby home agent, which also sets up a tunnel with the same source and destination endpoints. Updates and table retrievals are authenticated using the security associations configured on the home agent for its peer home agent. When packets destined for mobile nodes are received, either of the home agents tunnel them. If HA1 goes down, HA2 becomes active through HSRP and will process packets sent to home agent address 1.0.0.10.
HA1:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAstandby preempt delay sync 100standby priority 110ip mobile home-agent standby SanJoseHAip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455HA2:
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAip mobile home-agent standby SanJoseHAip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455HA Redundancy for a Virtual Network Using One Physical Network
This section presents two configuration examples: (i) the mobile node and home agent are on different subnets, and (ii) the mobile node and home agent are on the same subnet.
(i) Different Subnets
HA1 and HA2 share responsibility for providing home agent service for mobile nodes on virtual network 20.0.0.0. The home agents are connected on only one physical network.
The standby group name is SanJoseHA and HSRP group address is 1.0.0.10. Mobile IP is configured to use the SanJoseHA standby group to provide home agent redundancy. Thus, HSRP allows the home agent to receive packets destined to 1.0.0.10.
This configuration differs from the physical network example in that a global HA address must be specified to support virtual networks. This address is returned in registration replies to the mobile node.
HA1:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! specifies global HA address=HSRP group address to be used by all mobile nodesip mobile home-agent address 1.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0! used to map to the HSRP group SanJoseHAip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455
HA2:
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! specifies global HA address=HSRP group address to be used by all mobile nodesip mobile home-agent address 1.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0! used to map to the HSRP group SanJoseHAip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455(ii) Same Subnet
In this example, a loopback address is configured on the HA to be on the same subnet as the virtual network. A mobile node on a virtual network uses the HA IP address=loopback address configured for the virtual network. When a standby HA comes up, it uses this HA IP address to retrieve mobility bindings for mobile nodes on the virtual network.
HA1
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! loopback to receive registration from MN on virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip mobile home-agent! address used by Standby HA for redundancy (update and download)ip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 hex 00112233445566778899001122334455HA2
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! loopback to receive registration from MN on virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip mobile home-agent! address used by Standby HA for redundancy (update and download)ip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455HA Redundancy for a Virtual Network Using Multiple Physical Networks
This section presents two configuration examples: (i) the mobile node and home agent are on different subnets, and (ii) the mobile node and home agent are on the same subnet.
(i) Different Subnets
HA1 and HA2 share responsibility in providing home agent service for mobile nodes on virtual network 20.0.0.0. Both home agents are configured with a global home agent address of 10.0.0.10, which is the address of their loopback interface. This configuration allows home agents to receive registration requests and packets destined to 10.0.0.10.
The loopback address is used as the global HA address instead of the HSRP group addresses 1.0.0.10 and 2.0.0.10 to allow the HAs to continue serving the virtual network even if either physical network goes down.
Mobile nodes are configured with home agent address 10.0.0.10. When registrations come in, either home agent processes them (depending on routing protocols) and updates the peer home agent. The home agent that receives the registration finds the first HSRP group that is mapped to 10.0.0.10 with a peer in the group and sends the update out that interface. If there is a network problem (for example, the home agent network adapter fails or cable disconnects), HSRP notices the peer's absence. The home agent does not use that HSRP group and finds another HSRP group to use.
Note
When the peer home agent receives the registration update, both home agents tunnel the packets to the mobile nodes.
HA1:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHANet1int e1ip addr 2.0.0.1 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2int lo0ip addr 10.0.0.10 255.255.255.255!Specifies global HA address=loopback address to be used by all mobile nodesip mobile home-agent address 10.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0! Used to map to the HSRP group SanJoseHANet1ip mobile home-agent standby SanJoseHANet1 virtual-network! Used to map to the HSRP group SanJoseHANet2ip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.2 spi 100 key hex 00112233445566778899001122334455HA2:
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHANet1int e1ip addr 2.0.0.2 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2int lo0ip addr 10.0.0.10 255.255.255.255!Specifies global HA address=loopback address to be used by all mobile nodesip mobile home-agent address 10.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0! Used to map to the HSRP group SanJoseHANet1ip mobile home-agent standby SanJoseHANet1 virtual-network! Used to map to the HSRP group SanJoseHANet2ip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.1 spi 100 key hex 00112233445566778899001122334455(ii) Same Subnet
In this example, a loopback address is configured on the HA to be on the same subnet as the virtual networks. A mobile node on a virtual network uses the HA IP address=loopback address configured for the virtual network. When a standby HA comes up, it uses this HA IP address to retrieve mobility bindings for mobile nodes on the virtual networks.
HA1
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHANet1int e1ip addr 2.0.0.1 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2! loopback to receive registration from MN on virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip mobile home-agent! address used by Standby HA for redundancy (update and download)ip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile home-agent standby SanJoseHANet1 virtual-networkip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.2 spi 100 key hex 00112233445566778899001122334455HA2
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAint e1ip addr 2.0.0.2 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2! loopback to receive registration from MN on virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip mobile home-agent! address used by Standby HA for redundancy (update and download)ip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile home-agent standby SanJoseHANet1 virtual-networkip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.1 spi 100 key hex 00112233445566778899001122334455HA Redundancy for Multiple Virtual Networks Using One Physical Network
This section presents two configuration examples: (i) the mobile node and home agent are on different subnets, and (ii) the mobile node and home agent are on the same subnet. Figure 3 shows an example network topology for example (i). Figure 4 shows an example network topology for example (ii).
Figure 3 Topology Showing HA Redundancy on Multiple Virtual Networks Using One Physical Network (Different Subnets)
Figure 4 Topology Showing HA Redundancy on Multiple Virtual Networks Using One Physical Network (Same Subnet)
(i) Different Subnets
HA1 and HA2 share responsibility for providing home agent service for mobile nodes on virtual networks 20.0.0.0 and 30.0.0.0. The home agents are connected on only one physical network.
The standby group name is SanJoseHA and HSRP group address is 1.0.0.10. Mobile IP is configured to use the SanJoseHA standby group to provide home agent redundancy. Thus, HSRP allows the home agent to receive packets destined to 1.0.0.10.
This configuration differs from the physical network example in that a global HA address must be specified to support virtual networks. This address is returned in registration replies to the mobile node.
HA1:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! specifies global HA address=HSRP group address to be used by all mobile nodesip mobile home-agent address 1.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0ip mobile virtual-network 30.0.0.0 255.0.0.0! used to map to the HSRP group SanJoseHAip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455
HA2:
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! specifies global HA address=HSRP group address to be used by all mobile nodesip mobile home-agent address 1.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0ip mobile virtual-network 30.0.0.0 255.0.0.0! used to map to the HSRP group SanJoseHAip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455(ii) Same Subnet
For each virtual network, a loopback address is configured on the HA to be on the same subnet as the virtual network. It is only necessary to configure one loopback interface, and assign different IP addresses to the loopback interface for each virtual network, that is, using the ip address ip-address mask [secondary] command. A mobile node on a particular virtual network will use HA IP address =loopback address configured for that virtual network. When a standby HA comes up, it will also use this HA IP address to retrieve mobility bindings for mobile nodes on a particular virtual network.
HA1
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! loopback to receive registration from MN on each virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip addr 30.0.0.1 255.255.255.255 secondaryip mobile home-agent! address used by Standby HA for redundancy (update and download) for! each virtual-networkip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile virtual-network 30.0.0.0 255.0.0.0 address 30.0.0.1! used to map to the HSRP group SanJoseHAip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455HA2
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHA! loopback to receive registration from MN on each virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip addr 30.0.0.1 255.255.255.255 secondaryip mobile home-agent! address used by Standby HA for redundancy (update and download) for! each virtual-networkip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile virtual-network 30.0.0.0 255.0.0.0 address 30.0.0.1! used to map to the HSRP group SanJoseHAip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455HA Redundancy for Multiple Virtual Networks Using Multiple Physical Networks
Figure 5 shows an example network topology for this configuration type. This section presents two configuration examples: (i) the mobile node and home agent are on different subnets, and (ii) the mobile node and home agent are on the same subnet.
Figure 5 Topology Showing HA Redundancy on Virtual Networks Using Multiple Physical Networks
(i) Different Subnets
HA1 and HA2 share responsibility in providing home agent service for mobile nodes on virtual networks 20.0.0.0, 30.0.0.0, and 40.0.0.0. Both home agents are configured with a global home agent address of 10.0.0.10, which is the address of their loopback interface. This configuration allows home agents to receive registration requests and packets destined to 10.0.0.10.
The loopback address is used as the global HA address instead of the HSRP group addresses 1.0.0.10 and 2.0.0.10 to allow the HAs to continue serving the virtual networks even if either physical network goes down.
Mobile nodes are configured with home agent address 10.0.0.10. When registrations come in, either home agent processes them (depending on routing protocols) and updates the peer home agent. The home agent that receives the registration finds the first HSRP group that is mapped to 10.0.0.10 with a peer in the group and sends the update out that interface. If there is a network problem (for example, the home agent network adapter fails or cable disconnects), HSRP notices the peer's absence. The home agent does not use that HSRP group and finds another HSRP group to use.
Note
When the peer home agent receives the registration update, both home agents tunnel the packets to the mobile nodes.
HA1:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHANet1int e1ip addr 2.0.0.1 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2int lo0ip addr 10.0.0.10 255.255.255.255!Specifies global HA address=loopback address to be used by all mobile nodesip mobile home-agent address 10.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0ip mobile virtual-network 30.0.0.0 255.0.0.0ip mobile virtual-network 40.0.0.0 255.0.0.0! Used to map to the HSRP group SanJoseHANet1ip mobile home-agent standby SanJoseHANet1 virtual-network! Used to map to the HSRP group SanJoseHANet2ip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.2 spi 100 key hex 00112233445566778899001122334455HA2:
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHANet1int e1ip addr 2.0.0.2 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2int lo0ip addr 10.0.0.10 255.255.255.255!Specifies global HA address=loopback address to be used by all mobile nodesip mobile home-agent address 10.0.0.10ip mobile virtual-network 20.0.0.0 255.0.0.0ip mobile virtual-network 30.0.0.0 255.0.0.0ip mobile virtual-network 40.0.0.0 255.0.0.0! Used to map to the HSRP group SanJoseHANet1ip mobile home-agent standby SanJoseHANet1 virtual-network! Used to map to the HSRP group SanJoseHANet2ip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.1 spi 100 key hex 00112233445566778899001122334455(ii) Same Subnet
For each virtual network, a loopback address is configured on the HA to be on the same subnet as the virtual network. It is only necessary to configure one loopback interface, and assign different IP addresses to the loopback interface for each virtual network, that is, using the ip address ip-address mask [secondary] command. A mobile node on a particular virtual network will use HA IP address =loopback address configured for that virtual network. When a standby HA comes up, it will also use this HA IP address to retrieve mobility bindings for mobile nodes on a particular virtual network.
HA1
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHANet1int e1ip addr 2.0.0.1 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2! loopback to receive registration from MN on each virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip addr 30.0.0.1 255.255.255.255 secondaryip addr 40.0.0.1 255.255.255.255 secondaryip mobile home-agent! address used by Standby HA for redundancy (update and download) for! each virtual-networkip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile virtual-network 30.0.0.0 255.0.0.0 address 30.0.0.1ip mobile virtual-network 40.0.0.0 255.0.0.0 address 40.0.0.1! used to map to the HSRP groups SanJoseHANet1 and SanJoseHANet2ip mobile home-agent standby SanJoseHANet1 virtual-networkip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.2 spi 100 key hex 00112233445566778899001122334455HA2
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAint e1ip addr 2.0.0.2 255.0.0.0standby ip 2.0.0.10standby name SanJoseHANet2! loopback to receive registration from MN on each virtual-networkint lo0ip addr 20.0.0.1 255.255.255.255ip addr 30.0.0.1 255.255.255.255 secondaryip addr 40.0.0.1 255.255.255.255 secondaryip mobile home-agent! address used by Standby HA for redundancy (update and download) for! each virtual-networkip mobile virtual-network 20.0.0.0 255.0.0.0 address 20.0.0.1ip mobile virtual-network 30.0.0.0 255.0.0.0 address 30.0.0.1ip mobile virtual-network 40.0.0.0 255.0.0.0 address 40.0.0.1! used to map to the HSRP groups SanJoseHANet1 and SanJoseHANet2ip mobile home-agent standby SanJoseHANet1 virtual-networkip mobile home-agent standby SanJoseHANet2 virtual-networkip mobile secure home-agent 1.0.0.1 spi 100 key hex 00112233445566778899001122334455ip mobile secure home-agent 2.0.0.1 spi 100 key hex 00112233445566778899001122334455Command Reference
This section documents new or modified commands that configure the Mobile IP HA Redundancy feature on a network.
•
•
•
•
•
•
•
ip mobile home-agent address
To define a global home agent address on a different subnet for virtual networks, use the ip mobile home-agent address global configuration command. To remove the address, use the no form of this command.
ip mobile home-agent address addr
no ip mobile home-agent address addr
Syntax Description
Defaults
No global home agent addresses are specified.
Command Modes
Global configuration
Command History
Usage Guidelines
Mobile IP uses this home agent address to find the appropriate standby group to send binding updates or request binding tables.
The address will be the HSRP group address or the loopback interface address depending on the configuration.
Examples
The following example specifies a global home agent address of 1.0.0.10:
ip mobile home-agent address 1.0.0.10Related Commands
ip mobile home-agent standby
To configure the home agent for redundancy by using the Hot Standby Router Protocol (HSRP) group name, use the ip mobile home-agent standby global configuration command. To remove the address, use the no form of this command.
ip mobile home-agent standby hsrp-group-name [[virtual-network] address addr]
no ip mobile home-agent standby hsrp-group-name [[virtual-network] address addr]
Syntax Description
hsrp-group-name
Specifies HSRP group name.
virtual-network
(Optional) Specifies that the HSRP group is used to support virtual networks.
address addr
(Optional) Home agent address.
Defaults
No global home agent addresses are specified.
Command Modes
Global configuration
Command History
Usage Guidelines
The virtual-network keyword specifies that the HSRP group supports virtual networks.
Note
When Mobile IP standby is configured, the home agent can request mobility bindings from the peer home agent. When the command is deconfigured, the home agent can remove mobility bindings. The following describes how home agent redundancy operates on physical and virtual networks.
Physical network:
Only the active home agent will receive registrations. It updates the standby home agent. The standby home agent requests the mobility binding table from the active home agent. When Mobile IP standby is deconfigured, the standby home agent removes all bindings, but the active home agent keeps all bindings.
Virtual network:
Both active and standby home agents receive registrations if the loopback interface is used; each will update the peer after accepting a registration. Otherwise, the active home agent receives registrations. Both active and standby home agents request mobility binding tables from each other. When Mobile IP standby is deconfigured, the standby or active home agent removes all bindings.
Examples
The following example specifies an HSRP group name of SanJoseHA:
ip mobile home-agent standby SanJoseHARelated Commands
ip mobile virtual-network
To define a virtual network, use the ip mobile virtual-network global configuration command. To remove the virtual network, use the no form of this command.
ip mobile virtual-network net mask [address addr]
no ip mobile virtual-network net mask [address addr]
Syntax Description
Defaults
No home agent addresses are specified.
Command Modes
Global configuration
Command History
Usage Guidelines
This command inserts the virtual network into the routing table to allow mobile nodes to use the virtual network as their home network. The network is propagated when redistributed to other routing protocols.
Note
Examples
The following example adds the virtual network 20.0.0.0 to the routing table and specifies that the HA IP address is configured on the loopback interface for that virtual network:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAint lo0ip addr 20.0.0.1 255.255.255.255ip mobile home-agentip mobile virtual-network 20.0.0.0 255.255.0.0 20.0.0.1ip mobile home-agent standby SanJoseHA virtual-networkip mobile secure home-agent 1.0.0.2 spi 100 hex 00112233445566778899001122334455Related Commands
ip mobile host
Configures the mobile host or mobile node group.
redistribute mobile
Redistributes routes from one routing domain into another routing domain.
show ip mobile binding
To display the mobility binding table associated with a home agent address, use the show ip mobile binding EXEC command.
show ip mobile binding [home-agent addr | summary]
Syntax Description
home-agent addr
(Optional) IP address of home agent.
summary
(Optional) Total number of bindings in the table.
Command Modes
EXEC
Command History
12.0(1)T
This command was introduced.
12.0(2)T
The home-agent keyword was added.
12.1(2)T
The summary keyword was added.
Examples
The following is sample output from the show ip mobile binding command:
IRouter# show ip mobile bindingMobility Binding List:Total 120.0.0.1:Care-of Addr 68.0.0.31, Src Addr 68.0.0.31,Lifetime granted 02:46:40 (10000), remaining 02:46:32Flags SbdmGvt, Identification B750FAC4.C28F56A8,Tunnel100 src 66.0.0.5 dest 68.0.0.31 reverse-allowedRouting Options - (G)GRETable 2 describes significant fields shown in the display.
Related Commands
standby name
To configure the name of the standby group, use the standby name interface configuration command. To disable the name, use the no form of this command.
standby name string
no standby name string
Syntax Description
Defaults
HSRP is disabled.
Command Modes
Interface configuration.
Command History
Usage Guidelines
The name specifies the HSRP group used.
Examples
The following example specifies the standby name as SanJoseHA:
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAstandby preempt delay sync 100standby priority 110Related Commands
standby priority, standby preempt
To configure a delay period before preempting, use the standby interface configuration command. To restore the default values, use the no form of this command.
standby [group-number] priority priority [preempt [delay [minimum | sync] delay] ]
standby [group-number] [priority priority] preempt [delay [minimum | sync] delay]
no standby [group-number] priority priority [preempt [delay [minimum | sync] delay] ]
no standby [group-number] [priority priority] preempt [delay [minimum | sync] delay]
Syntax Description
Defaults
group-number: 0
priority: 100
delay: 0 seconds; if the router wants to preempt, it will do so immediately.
By default, the router that comes up later becomes the standby.
Command Modes
Interface configuration
Command History
11.3
This command was introduced.
12.0(2)T
The following keywords were added:
•
•
Usage Guidelines
When using this command, you must specify at least one keyword (priority or preempt), or you can specify both.
When group number 0 is used, no group number is written to NVRAM, providing backward compatibility.
The assigned priority is used to help select the active and standby routers. Assuming preemption is enabled, the router with the highest priority becomes the designated active router. In case of ties, the primary IP addresses are compared, and the higher IP address has priority.
Note that the device's priority can change dynamically if an interface is configured with the standby track command and another interface on the router goes down.
When a router first comes up, it does not have a complete routing table. If it is configured to preempt, it will become the active router, yet it is unable to provide adequate routing services. This problem is solved by configuring a delay before the preempting router actually preempts the currently active router.
If the standby preempt command is used, the preempt synchronization delay must be set or mobility bindings can not be retrieved before the home agent preempts to become active.
In the case where one router is designated as the active home agent, the priority is set highest in the HSRP group and preempt is set. Also, the preempt delay sync command is configured so that all bindings are downloaded to the router before it takes the active role. When all bindings are downloaded or when the timer expires, whichever is first, the router becomes active.
Examples
The following example shows that HA1 is favored to provide home agent service for mobile nodes on physical network e0 because the priority is set to 110, which is above the default of 100. During preemption, it does not become the active home agent until it retrieves the mobility binding table from the current active home agent or until 100 seconds expire for home agent synchronization.
HA1
int e0ip addr 1.0.0.1 255.0.0.0standby ip 1.0.0.10standby name SanJoseHAstandby preemptstandby preempt delay sync 100standby priority 110HA2
int e0ip addr 1.0.0.2 255.0.0.0standby ip 1.0.0.10standby name SanJoseHARelated Commands
standby track
Configures an interface so that the Hot Standby priority changes based on the availability of other interfaces.
Debug Commands
This section documents the new debug command related to the Mobile IP Home Agent Redundancy feature.
debug ip mobile
To display Mobile IP redundancy activities, use the debug ip mobile command.
debug ip mobile [advertise | host [access-list-number] | local-area | standby]
Syntax Description
Command History
Usage Guidelines
Use the debug ip mobile command to troubleshoot redundancy problems.
Examples
The following is sample output from the debug ip mobile standby command. In this example, the active HA receives a registration request from MN 20.0.0.2 and sends a binding update to peer HA 1.0.0.2:
MobileIP:MN 20.0.0.2 - sent BindUpd to HA 1.0.0.2 HAA 20.0.0.1MobileIP:HA standby maint started - cnt 1MobileIP:MN 20.0.0.2 - sent BindUpd id 3780410816 cnt 0 elapsed 0adjust -0 to HA 1.0.0.2 in grp 1.0.0.10 HAA 20.0.0.1In this example, the standby HA receives a binding update for MN 20.0.0.2 sent by active HA:
MobileIP:MN 20.0.0.2 - HA rcv BindUpd from 1.0.0.3 HAA 20.0.0.1Glossary
agent discovery—The method by which a mobile node determines whether it is currently connected to its home network or a foreign network and detects whether it has moved and the way it has moved. It is the mechanism by which mobile nodes query and discover mobility agents. This is done is through an extension of the ICMP router discovery protocol, IRDP (RFC 1256),which includes a mechanism to advertise mobility services to potential users.
binding information—Binding information contains the entries in the mobility binding table.
binding information reply—Active HA replies with all binding information to standby HA when request received.
binding information reply acknowledgement—The peer home agent acknowledges that it has received the requested binding information.
binding information request—The HA sends a binding information request to its peer to retrieve all mobility bindings for a specified HA address.
binding update—A binding update contains the information in a mobile node's registration request. The HA sends the update to its peer after accepting a registration.
foreign agent—A router on a mobile node's visited network that provides routing services to the mobile node while registered. The foreign agent detunnels and delivers datagrams to the mobile node that were tunneled by the mobile node's home agent. For datagrams sent by a mobile node, the foreign agent may serve as a default router for registered mobile nodes.
home agent—A router on a mobile node's home network that tunnels packets to the mobile node while it is away from home. It keeps current location information for registered mobile nodes called a mobility binding.
HSRP group address—The virtual IP address of the HSRP group.
loopback address—A special IP number that is designated for the software loopback interface of a machine. The loopback interface has no hardware associated with it, and it is not physically connected to a network. This allows testing of software even if a physical device goes down.
loopback interface—A software function that emulates many of the functions of a real interface.The loopback interface has no hardware associated with it, and it is not physically connected to a network.
mobile node—A host or router that changes it point of attachment from one network or subnet to another. A mobile node can change its location without changing its IP address; it may continue to communicate with other Internet nodes at any location using its home IP address, assuming link-layer connectivity to a point of attachment is available.
mobility binding—The association of a home address with a care-of address and the remaining lifetime.
peer HA—Active HA and standby HA are peers to each other.
physical network—Physical infrastructure of a network, for example, cables and wires.
tunnel—The path followed by a first packet while it is encapsulated with the payload portion of a second packet.
virtual network—Logical circuits that share a common physical infrastructure. A network that is programmed, not hardwired, to meet specifications.
