Downloads |
Table Of Contents
Primary Components of Cisco Mobile Networks
Cisco Mobile Networks Redundancy
Related Features and Technologies
Supported Standards, MIBs, and RFCs
Enabling Foreign Agent Services
Enabling Mobile Router Services
Enabling Mobile Router Redundancy
Verifying Home Agent Configuration
Verifying Foreign Agent Configuration
Verifying Mobile Router Configuration
Verifying Mobile Router Redundancy
Monitoring and Maintaining the Mobile Router
Cisco Mobile Network Redundancy Example
clear ip mobile router registration
clear ip mobile router traffic
show ip mobile mobile-networks
show ip mobile router interface
show ip mobile router registration
Cisco Mobile Networks
Feature History
12.2(4)T
This feature was introduced.
12.2(4)T3
Support for this feature was introduced for the Cisco 7500 series.
12.2(13)T
Support for dynamic networks was introduced.
This feature module describes the Cisco Mobile Networks feature. It includes the following sections:
•
Supported Standards, MIBs, and RFCs
•
Feature Overview
The Cisco Mobile Networks feature enables a mobile router and its subnets to be mobile and maintain all IP connectivity, transparent to the IP hosts connecting through this mobile router.
Mobile IP, as defined in standard RFC 3344, provides the architecture that enables the mobile router to connect back to its home network. Mobile IP allows a device to roam while appearing to a user to be at its home network. Such a device is called a mobile node. A mobile node is a node—for example, a personal digital assistant, a laptop computer, or a data-ready cellular phone—that can change its point of attachment from one network or subnet to another. This mobile node can travel from link to link and maintain ongoing communications while using the same IP address. There is no need for any changes to applications because the solution is at the network layer, which provides the transparent network mobility.
The Cisco Mobile Networks feature comprises three components—the mobile router (MR), home agent (HA), and foreign agent (FA). Figure 1 shows the three components and their relationships within the mobile network.
Figure 1 Cisco Mobile Network Components and Relationships
The mobile router functions similarly to the mobile node with one key difference—the mobile router allows entire networks to roam. For example, an airplane with a mobile router can fly around the world while passengers stay connected to the Internet. This communication is accomplished by Mobile IP aware routers tunneling packets, which are destined to hosts on the mobile networks, to the location where the mobile router is visiting. The mobile router then forwards the packets to the destination device.
These destination devices can be mobile nodes running mobile IP client software or nodes without the software. The mobile router eliminates the need for a mobile IP client. In fact, the nodes on the mobile network are not aware of any IP mobility at all. The mobile router "hides" the IP roaming from the local IP nodes so that the local nodes appear to be directly attached to the home network. See the "Mobile Router" section later in this document for more details on how the mobile router operates.
A home agent is a router on the home network of the mobile router that provides the anchoring point for the mobile networks. The home agent maintains an association between the home IP address of the mobile router and its care-of address, which is the current location of the mobile router on a foreign or visited network. The home agent is responsible for keeping track of where the mobile router roams and tunneling packets to the current location of the mobile network. The home agent also injects the mobile networks into its forwarding table. See the "Home Agent" section later in this document for more details on how the home agent operates.
A foreign agent is a router on a foreign network that assists the mobile router in informing its home agent of its current care-of address. It functions as the point of attachment to the mobile router, delivering packets from the home agent to the mobile router. The foreign agent is a fixed router with a direct logical connection to the mobile router. The mobile router and foreign agent need not be connected directly by a physical wireless link. For example, if the mobile router is roaming, the connection between the foreign agent and mobile router occurs on interfaces that are not on the same subnet. This feature does not add any new functionality to the foreign agent component.
Previously, this feature was a static network implementation that supported stub routers only. Cisco IOS Release 12.2(13)T introduces dynamic network support, which means that the mobile router dynamically registers its mobile networks to the home agent, which reduces the amount of configuration required at the home agent. For example, if a home agent supports 2000 mobile routers, the home agent does not need 2000 configurations but only a range of home IP addresses to use for the mobile routers.
This feature implements additional features in the Mobile IP MIB (RFC2006-MIB) to support Cisco Mobile Networks. Prior to this release, mobile node groups in the RFC2006-MIB were not supported.
Cisco IOS Release 12.2(4)T implements mobile node MIB groups from the RFC2006-MIB for the monitoring and management of Cisco Mobile Network activity. Data from managed objects is returned through the use of the show commands described in this document, or can be retrieved from a Network Management System using SNMP.
Primary Components of Cisco Mobile Networks
The Cisco Mobile Networks feature introduces the mobile router and adds new functionality to the home agent component as described in the following sections:
Figure 2 shows how packets are routed within the mobile network. The following sections provide more detail on how this routing is accomplished.
Figure 2 Routing Within the Cisco Mobile Network
Mobile Router
Deployed on a mobile platform (such as a car, plane, train, or emergency medical services vehicle), the mobile router functions as a roaming router that provides connectivity for its mobile network. A device connected to the mobile router need not be a mobile node because the mobile router is providing the roaming capabilities.
The mobile router process has three main phases described in the following sections:
Agent Discovery
During the agent discovery phase, home agents and foreign agents advertise their presence on their attached links by periodically multicasting or broadcasting messages called agent advertisements. Agent advertisements are ICMP Router Discovery Protocol (IRDP) messages that convey Mobile IP information. The advertisement contains the IRDP lifetime, which is the number of seconds the agent is considered valid. The advertisement also contains the care-of address, the point of attachment on the foreign network, as well as registration lifetime allowed and supported services such as generic routing encapsulation (GRE), and reverse tunnel.
Agent discovery occurs through periodic advertisements by agents or solicitations by the mobile router.
For periodic advertisements, the mobile router knows that the agent is up as long as it hears the advertisements from the agent. When the mobile router hears the agent advertisements, it keeps track of the agent in an agent table. When the IRDP lifetime expires, the agent is considered disconnected (for example, interface down, out of range, or agent down) and the mobile router removes the agent from its agent table.
Rather than wait for agent advertisements, a mobile router can send an agent solicitation. This solicitation forces any agents on the link to immediately send an agent advertisement.
The mobile router receives these advertisements on its interfaces that are configured for roaming and determines if it is connected to its home network or a foreign network. When the mobile router hears an agent advertisement and detects that it has moved outside of its home network, it begins registration, which is the second phase of the process.
Registration
The mobile router is configured with its home address, the IP address or addresses of its home agents, and the mobility security association of its home agent. There is a shared key between the mobile router and the home agent for authentication, as discussed in the "Security for Mobile Networks" section later in this document. The mobile router uses this information along with the information that it learns from the foreign agent advertisements to form a registration request.
The mobile router prefers to register with a particular agent based on the received interface. If more than one interface receives agent advertisements, the one with the highest roaming priority value is preferred. In the case that multiple interfaces have the same priority, the highest bandwidth is preferred. If interfaces have the same bandwidth, the highest interface IP address is preferred.
After determining this preferred path, the mobile router informs the home agent of its current care-of address by sending a registration request. Because the mobile router is attached to a foreign network, the registration request is sent first to the foreign agent.
When the mobile router powers down or determines that it is reconnected to its home link, it deregisters by sending a deregistration request to the home agent.
A successful registration sets up the routing mechanism for transporting packets to and from the mobile networks as the mobile router roams, which is the third phase of the process.
Routing
During the routing or tunneling phase, packets arrive at the home agent. The home agent performs two encapsulations of the packets and tunnels them to the foreign agent. The foreign agent performs one decapsulation and forwards the packets to the mobile router, which performs another decapsulation. The mobile router then forwards the original packets to the IP devices on the mobile networks.
By default, packets from devices on the mobile network arrive at the mobile router, which forwards them to the foreign agent, which routes them normally.
The mobile networks can be statically configured or dynamically registered on the home agent. As the mobile router moves from one foreign agent to another, the mobile router continuously reconfigures the default gateway definition to point to its new path. Although the mobile router can register through different foreign agents, the most recently contacted foreign agent provides the active connection.
A reverse tunnel is when the mobile router tunnels packets to the foreign agent and home agent. In this case, packets from devices arrive at the mobile router, which encapsulates them and then sends them to the foreign agent, which encapsulates the packets and forwards them to the home agent. The home agent decapsulates both encapsulations and routes the original packets.
Home Agent
The home agent provides the anchoring point for the mobile networks. The home agent process has two main phases described in the following sections:
Registration
After receiving the registration request originated from the mobile router, the home agent checks the validity of the registration request, which includes authentication of the mobile router. If the registration request is valid, the home agent sends a registration reply to the mobile router through the foreign agent.
The home agent also creates a mobility binding table that maps the home IP address of the mobile router to the current care-of address of the mobile router. An entry in this table is called a mobility binding. The main purpose of registration is to create, modify, or delete the mobility binding of a mobile router (or mobile node) at its home agent.
The home agent processes registration requests from the mobile router in the same way that it does with the mobile node. The only difference is that an additional tunnel is created to the mobile router. Thus, packets destined to the mobile networks are encapsulated twice, as discussed in the "Routing" section that follows. The home agent injects the mobile networks, which are statically defined or dynamically registered, into its forwarding table. This allows routing protocols configured on the home agent to redistribute these mobile routes.
Routing
The home agent advertises reachability to the mobile networks on the mobile router, thereby attracting packets that are destined for them. When a device on the Internet, called a correspondent node, sends a packet to the node on the mobile network, the packet is routed to the home agent. The home agent creates tunnels in the following two areas:
•
•
The home agent encapsulates the original packet from the correspondent node twice. The packet arrives at the foreign agent, which decapsulates the HA and FA care-of address tunnel header and forwards the packet to the mobile router, which performs another decapsulation (HA and MR tunnel header) to deliver the packet to the destination node on the mobile network. To the rest of the network, the destination node appears to be located at the home agent; however, it exists physically on the mobile network of the mobile router. See Figure 2 for a graphical representation of how these packets are routed.
Security for Mobile Networks
The home agent of the mobile router is configured with the home IP address of the mobile router and the mobile networks of the mobile router. The message digest algorithm 5 (MD5) hex key is a 128-bit key also defined here. MD5 is an algorithm that takes the registration message and a key to compute the smaller chunk of data called a message digest. The mobile router and home agent both have a copy of the key, called a symmetric key, and authenticate each other by comparing the results of the computation. If both keys yield the same result, nothing in the packet has changed during transit.
Mobile IP also supports the hash-based message authentication code (HMAC-MD5), which is the default authentication algorithm as of Cisco IOS Release 12.2(13)T.
Replay protection uses the identification field in the registration messages as a timestamp and sequence number. The home agent returns its time stamp to synchronize the mobile router for registration.
Cisco IOS software allows the mobility keys to be stored on an authentication, authorization, and accounting (AAA) server that can be accessed using TACACS+ or RADIUS protocols. Mobile IP in Cisco IOS software also contains registration filters, enabling companies to restrict who is allowed to register.
For more information on security in a Mobile IP environment, refer to the "Configuring Mobile IP" chapter of the Cisco IOS IP Configuration Guide, Release 12.2.
Cisco Mobile Networks Redundancy
The Cisco Mobile Networks feature uses the Hot Standby Router Protocol (HSRP) to provide a full redundancy capability for the mobile router.
HSRP is a protocol developed by Cisco that provides network redundancy in a way that ensures that user traffic will immediately and transparently recover from failures. An HSRP group comprises two or more routers that share an IP address and a MAC (Layer 2) address and act as a single virtual router. For example, your Mobile IP topology can include one or more standby home agents that the rest of the topology views as a single virtual home agent.
You must define certain HSRP group attributes on the interfaces of the mobile routers so that Mobile IP can implement the redundancy. The mobile routers are aware of the HSRP states and assume the active or standby role as needed. For more information on mobile router redundancy, see the "Enabling Mobile Router Redundancy" task later in this document. For more information on home agent redundancy, which is a Cisco proprietary feature that runs on top of HSRP, refer to the "Configuring Mobile IP" chapter of the Cisco IOS IP Configuration Guide, Release 12.2.
HSRP need not be configured on the foreign agent. Foreign agent redundancy is achieved by overlapping wireless coverage.
Benefits
Mobility Solution at the Network Layer
With the mobile router deployed in a moving vehicle, repeated reconfiguration of the various devices attached to that router as the vehicle travels is no longer necessary. Because the mobile router operates at the network layer and is independent of the physical layer, it operates transparently over cellular, satellite, and other wireless or fixed media.
Always-On Connection to the Internet
This feature supports an always-on connection to the Internet, providing access to current and changing information. For example, aircraft pilots can access the latest weather updates while flying and EMS vehicles can be in communication with emergency room technicians while on the way to the hospital.
Versatile
Any IP-enabled device can be connected to the mobile router LAN ports and achieve mobility. Applications that are not specifically designed for mobility can be accessed and deployed.
Dynamic Mobile Networks
The dynamic network enables dynamic registration of mobile networks, which results in minimal configuration on the home agent making administration and set up easier. When configured for dynamic registration, the mobile router tells the home agent which networks are configured in each registration request. The home agent dynamically adds these networks to the forwarding table and there is no need to statically define the networks on the home agent.
Preferred Path
By using the preferred path, a network designer can specify the primary link, based upon bandwidth or priority, to reduce costs or to use a specific carrier.
Standards-Based Solution
Mobile IP complies with official protocol standards of the Internet.
Mobile IP MIB Support
Support for mobile node MIB groups in the Mobile IP MIB allows the monitoring of Mobile Network activity using the Cisco IOS command line interface or SNMP. For further details, refer to the RFC2006-MIB.my file, available through Cisco.com at ftp://ftp.cisco.com/pub/mibs/v2/, and RFC 2006, The Definitions of Managed Objects for IP Mobility Support using SMIv2.
Related Features and Technologies
Mobile IP is documented in the Cisco IOS IP Configuration Guide. Mobile IP configuration commands are documented in the Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services.
Related Documents
•
•
•
Supported Platforms
•
•
•
•
•
•
•
Determining Platform Support Through Cisco Feature Navigator
Cisco IOS software is packaged in feature sets that are supported on specific platforms. To get updated information regarding platform support for this feature, access Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.
Cisco Feature Navigator is a web-based tool that enables you to quickly determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. Under the release section, you can compare releases side by side to display both the features unique to each software release and the features in common.
To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:
Availability of Cisco IOS Software Images
Platform support for particular Cisco IOS software releases is dependent on the availability of the software images for those platforms. Software images for some platforms may be deferred, delayed, or changed without prior notice. For updated information about platform support and availability of software images for each Cisco IOS software release, refer to the online release notes or, if supported, Cisco Feature Navigator.
Supported Standards, MIBs, and RFCs
Standards
No new or modified standards are supported by this feature.
MIBs
•
•
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
http://tools.cisco.com/ITDIT/MIBS/servlet/index
If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
RFCs
•
•
•
•
•
Prerequisites
To configure home agent functionality on your router, you need to determine IP addresses or subnets for which you want to allow roaming service. If you intend to support roaming on virtual networks, you need to identify the subnets for which you will allow this service and place these virtual networks appropriately on the home agent. It is possible to enable home agent functionality for a physical or virtual subnet. In the case of virtual subnets, you must define the virtual networks on the router using the ip mobile virtual-network global configuration command.
Configuration Tasks
See the following sections for configuration tasks for the Cisco Mobile Networks feature. Each task in the list is identified as either required or optional.
•
•
•
•
•
•
•
•
Enabling Home Agent Services
You can configure a home agent with both dynamically registered and statically configured mobile networks. However, a statically configured mobile network will always take precedence over dynamic registrations of the same network.
To enable home agent services on the router, use the following commands beginning in global configuration mode:
Enabling Foreign Agent Services
There are no changes to the foreign agent configuration with the introduction of dynamic network support.
To start a foreign agent providing default services, use the following commands beginning in global configuration mode:
Enabling Mobile Router Services
To enable mobile router services, use the following commands beginning in global configuration mode:
Enabling Mobile Router Redundancy
To enable mobile router redundancy, use the following commands beginning in interface configuration mode:
You need not configure HSRP on both the mobile router's roaming interface and the interface attached to the physical mobile networks. If one of the interfaces is configured with HSRP, and the standby track command is configured on the other interface, the redundancy mechanism will work. See the "Cisco Mobile Network Redundancy Example" section for a configuration example.
Verifying Home Agent Configuration
To verify the home agent configuration, use the following commands in privileged EXEC mode, as needed:
Verifying Foreign Agent Configuration
To verify the foreign agent configuration, use the following commands in privileged EXEC mode, as needed:
Verifying Mobile Router Configuration
To verify the mobile router configuration, use the following commands in privileged EXEC mode as needed:
Verifying Mobile Router Redundancy
To verify that mobile router redundancy is configured correctly on the router, use the following commands in privileged EXEC mode, as needed:
Troubleshooting Tips
•
•
•
•
•
•
•
•
Monitoring and Maintaining the Mobile Router
To monitor and maintain the mobile router, use the following commands in privileged EXEC mode, as needed:
Configuration Examples
This section provides the following configuration examples:
•
In the following examples, a home agent provides service for three mobile routers. Each mobile router has a satellite link and wireless LAN link when roaming. Each is allocated a network that can be partitioned further.
The mobile networks on the mobile routers are both statically configured and dynamically registered on the home agent while the mobile routers roam via foreign agents.
See Figure 3 for an example topology.
Figure 3 Topology Showing Home Agent Supporting Three Mobile Routers
Home Agent Example
In the following example, a home agent provides service for three mobile routers. Note that the home agent will advertise reachability to the virtual networks.
interface Loopback 0ip address 1.1.1.1 255.255.255.255router mobile!! Virtual network advertised by HA is the home network of the MRip mobile virtual-network 10.1.0.0 255.255.0.0ip mobile host 10.1.0.1 virtual-network 10.1.0.0 255.255.0.0ip mobile host 10.1.0.2 virtual-network 10.1.0.0 255.255.0.0ip mobile host 10.1.0.3 10.1.0.10 virtual-network 10.1.0.0 255.255.0.0 aaa load-sa!! Associated host address that informs HA that 10.1.0.1 is actually an MRip mobile mobile-networks 10.1.0.1! Static config of MR's mobile networksdescription jetnetwork 172.6.1.0 255.255.255.0network 172.6.2.0 255.255.255.0!! Associated host address that informs HA that 10.1.0.2 is actually an MRip mobile mobile-networks 10.1.0.2! One static mobile network; MR may also dynamically register mobile netsdescription shipnetwork 172.7.1.0 255.255.255.0register!! Range of hosts that are MRsip mobile mobile-networks 10.1.0.3 10.1.0.10! All can dynamically register their mobile networksregister!ip mobile secure host 10.1.0.1 spi 101 key hex 12345678123456781234567812345678ip mobile secure host 10.1.0.2 spi 102 key hex 23456781234567812345678123456781Foreign Agent Example
In the following example, the foreign agent is providing service on serial interface 0:
router mobileip mobile foreign-agent care-of serial0!interface serial0ip irdpip irdp maxadvertinterval 4ip irdp minadvertinterval 3ip irdp holdtime 12ip mobile foreign-serviceMobile Router Example
In the following example, three mobile routers provide services for the mobile networks:
Mobile Router 1
interface loopback0! MR home addressip address 10.1.0.1 255.255.255.255!interface serial 0! MR roaming interfaceip address 172.21.58.253 255.255.255.252ip mobile router-service roaminterface ethernet 0! MR roaming interfaceip address 172.21.58.249 255.255.255.252ip mobile router-service roaminterface ethernet 1ip address 172.6.1.1 255.255.255.0interface ethernet 2ip address 172.6.2.1 255.255.255.0!!router mobileip mobile routeraddress 10.1.0.1 255.255.0.0home-agent 1.1.1.1ip mobile secure home-agent 1.1.1.1 spi 101 key hex 12345678123456781234567812345678Mobile Router 2
interface loopback0! MR home addressip address 10.1.0.2 255.255.255.255!interface serial 0! MR roaming interfaceip address 172.21.58.245 255.255.255.252ip mobile router-service roaminterface ethernet 0! MR roaming interfaceip address 172.21.58.241 255.255.255.252ip mobile router-service roaminterface ethernet 1ip address 172.7.1.1 255.255.255.0interface ethernet 2ip address 172.7.2.1 255.255.255.0!!router mobileip mobile routeraddress 10.1.0.2 255.255.0.0home-agent 1.1.1.1mobile-network ethernet 2ip mobile secure home-agent 1.1.1.1 spi 102 key hex 23456781234567812345678123456781Mobile Router 3
interface loopback0! MR home addressip address 10.1.0.3 255.255.255.255!interface serial 0! MR roaming interfaceip address 172.21.58.237 255.255.255.252ip mobile router-service roaminterface ethernet 0! MR roaming interfaceip address 172.21.58.233 255.255.255.252ip mobile router-service roaminterface ethernet 1ip address 172.8.1.1 255.255.255.0interface ethernet 2ip address 172.8.2.1 255.255.255.0!!router mobileip mobile routeraddress 10.1.0.3 255.255.0.0home-agent 1.1.1.1mobile-network ethernet 1mobile-network ethernet 2ip mobile secure home-agent 1.1.1.1 spi 103 key hex 45678234567812312345678123456781!Cisco Mobile Network Redundancy Example
There can be three levels of redundancy for the Cisco Mobile Network: home agent redundancy, foreign agent redundancy, and mobile router redundancy.
In the home agent example, two home agents provide redundancy for the home agent component. If one home agent fails, the standby home agent immediately becomes active so that no packets are lost. HSRP is configured on the home agents, along with HSRP attributes such as the HSRP group name. Thus, the rest of the topology treats the home agents as a single virtual home agent and any fail-over is transparent.
The mobile networks also are defined on the home agent so that the home agent knows to inject these networks into the routing table when the mobile router is registered.
In the foreign agent example, two routers provide foreign agent services. No specific redundancy feature needs to be configured on foreign agents; overlapping wireless coverage provides the redundancy.
The mobile routers use HSRP to provide redundancy, and their group name is associated to the HSRP group name. The mobile routers are aware of the HSRP states. When HSRP is in the active state, the mobile router is active. If HSRP is in the nonactive state, the mobile router is passive. When an active mobile router fails, the standby mobile router becomes active and sends out solicitations out its roaming interfaces to learn about foreign agents and register.
See Figure 4 for an example topology of a redundant network where two mobile routers are connected to each other on a LAN with HSRP enabled.
Figure 4 Topology Showing Cisco Mobile Networks Redundancy
Home Agent 1 (HA1) Configuration
interface Ethernet1/1ip address 100.100.100.3 255.255.255.0ip irdpip irdp maxadvertinterval 10ip irdp minadvertinterval 7ip irdp holdtime 30duplex halfstandby ip 100.100.100.1standby priority 100standby preempt delay sync 60!HSRP group namestandby name HA_HSRP2!router mobile!router ripversion 2redistribute mobilenetwork 100.0.0.0default-metric 1!ip classlessip mobile home-agent! Maps to HSRP group nameip mobile home-agent redundancy HA_HSRP2 virtual-network address 100.100.100.1ip mobile virtual-network 70.70.70.0 255.255.255.0ip mobile host 70.70.70.70 virtual-network 70.70.70.0 255.255.255.0ip mobile mobile-networks 70.70.70.70description san jose jet! Mobile Networksnetwork 20.20.20.0 255.255.255.0network 10.10.10.0 255.255.255.0ip mobile secure host 70.70.70.70 spi 100 key hex 12345678123456781234567812345678ip mobile secure home-agent 100.100.100.2 spi 300 key hex 12345678123496781234567812345678Home Agent 2 (HA2) Configuration
interface Ethernet1/1ip address 100.100.100.2 255.255.255.0ip irdpip irdp maxadvertinterval 10ip irdp minadvertinterval 7ip irdp holdtime 30standby ip 100.100.100.1standby priority 95standby preempt delay sync 60! HSRP group namestandby name HA_HSRP2!router mobile!router ripversion 2redistribute mobilenetwork 100.0.0.0default-metric 1!ip classlessip mobile home-agent!Maps to HSRP group nameip mobile home-agent redundancy HA_HSRP2 virtual-network address 100.100.100.1ip mobile virtual-network 70.70.70.0 255.255.255.0ip mobile host 70.70.70.70 virtual-network 70.70.70.0 255.255.255.0ip mobile mobile-networks 70.70.70.70description san jose jet!Mobile Networksnetwork 20.20.20.0 255.255.255.0network 10.10.10.0 255.255.255.0ip mobile secure host 70.70.70.70 spi 100 key hex 12345678123456781234567812345678ip mobile secure home-agent 100.100.100.1 spi 300 key hex 12345978123456781234567812345678Foreign Agent 1 (FA1) Configuration
interface Ethernet0ip address 171.69.68.2 255.255.255.0media-type 10BaseT!interface Ethernet1ip address 80.80.80.1 255.255.255.0ip irdpip irdp maxadvertinterval 10ip irdp minadvertinterval 7ip irdp holdtime 30ip mobile foreign-servicemedia-type 10BaseT!router mobile!router ripversion 2network 80.0.0.0network 100.0.0.0!ip classlessno ip http serverip mobile foreign-agent care-of Ethernet1Foreign Agent 2 (FA2) Configuration
interface Ethernet1ip address 171.69.68.1 255.255.255.0media-type 10BaseT!interface Ethernet2ip address 80.80.80.2 255.255.255.0ip irdpip irdp maxadvertinterval 10ip irdp minadvertinterval 7ip irdp holdtime 30ip mobile foreign-servicemedia-type 10BaseT!router mobile!router ripversion 2network 80.0.0.0network 100.0.0.0!ip classlessno ip http serverip mobile foreign-agent care-of Ethernet2Mobile Router 1 Configuration
interface Ethernet5/2! MR roaming interfaceip address 70.70.70.4 255.255.255.0ip mobile router-service roam! Configure redundancy for mobile router using HSRPstandby ip 70.70.70.70standby priority 105standby preemptstandby name MR_HSRP2standby track Ethernet5/4!interface Ethernet5/4! Interface to Mobile Networkip address 20.20.20.2 255.255.255.0!router mobile!router ripversion 2passive-interface Ethernet5/2network 20.0.0.0network 70.0.0.0!ip classlessno ip http serverip mobile secure home-agent 100.100.100.100 spi 100 key hex 12345678123456781234567812345678ip mobile router! Maps to HSRP group nameredundancy group MR_HSRP2! Using roaming interface hot address as MR addressaddress 70.70.70.70 255.255.255.0home-agent 100.100.100.1Mobile Router 2 Configuration
interface Ethernet1/2! MR roaming interfaceip address 70.70.70.3 255.255.255.0ip mobile router-service roam! Configure redundancy for mobile router using HSRPstandby ip 70.70.70.70standby priority 100standby preemptstandby name MR_HSRP2standby track Ethernet1/4!interface Ethernet1/4! Interface to Mobile Networkip address 20.20.20.1 255.255.255.0!router mobile!router ripversion 2passive-interface Ethernet1/2network 20.0.0.0network 70.0.0.0!ip classlessno ip http serverip mobile secure home-agent 100.100.100.100 spi 100 key hex 12345678123456781234567812345678ip mobile router! Maps to HSRP group nameredundancy group MR_HSRP2! Using roaming interface hot address as MR addressaddress 70.70.70.70 255.255.255.0home-agent 100.100.100.1Command Reference
This section documents new and modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications.
•
•
•
•
•
•
•
address (mobile router)
To set the home IP address of the mobile router, use the address command in mobile router configuration mode. To remove the address, use the no form of this command.
address address mask
no address address mask
Syntax Description
Defaults
No default behavior or values.
Command Modes
Mobile router configuration
Command History
Usage Guidelines
The address command configures the home IP address and subnet mask of the mobile router. The address and subnet mask identify the home network of the mobile router and are used to discover when the mobile router is at home.
Examples
The following example sets the home IP address and subnet mask of the mobile router:
ip mobile routeraddress 10.1.0.1 255.255.0.0Related Commands
Displays configuration information and monitoring information about the mobile router.
clear ip mobile router agent
To delete learned agents and the corresponding care-of address of the foreign agent from the mobile router agent table, use the clear ip mobile router agent command in privileged EXEC mode.
clear ip mobile router agent [ip-address]
Syntax Description
ip-address
(Optional) IP address of an agent. If not specified, all agents are deleted from the agent table.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The mobile router maintains an agent table listing active agents and the corresponding care-of address of the foreign agent. The mobile router uses this agent table to decide which foreign agent to register with. The mobile router updates the table when it receives advertisements. If an advertisement expires, its entry is automatically deleted from the table.
The clear ip mobile router agent ip-address option allows you to remove a specific agent. If no address is specified, all agents are cleared.
Examples
The following example removes all agents from the mobile router agent table:
Router# clear ip mobile router agentRelated Commands
clear ip mobile router registration
To delete registration entries from the mobile router registration table, use the clear ip mobile router registration command in privileged EXEC mode.
clear ip mobile router registration [ip-address]
Syntax Description
ip-address
(Optional) IP address of a specific agent. If not specified, all registration entries are deleted.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The mobile router maintains a registration table listing registration entries that are used for retransmissions. For example, a registration request is sent when no reply is received or the lifetime is about to expire.
A registration request can be removed from the table to prevent further registration requests from being sent to the agent. The clear ip mobile router registration ip-address option allows you to remove a registration to a specific agent.
Clearing an active registration will cause the mobile router to attempt to deregister.
Examples
The following example removes all registration entries from the mobile router registration table:
Router# clear ip mobile router registrationRelated Commands
clear ip mobile router traffic
To clear the counters that the mobile router maintains, use the clear ip mobile router traffic command in privileged EXEC mode.
clear ip mobile router traffic
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Mobile router counters are accumulated during operation. They are useful for debugging and monitoring.
Examples
The following example shows how the mobile router counters can be used for debugging:
Router# show ip mobile router trafficMobile Router Counters:Agent Discovery:Solicitations sent 90, advertisements received 17Agent reboots detected 0Registrations:Register 70, Deregister 0 requests sentRegister 70, Deregister 0 replies receivedRequests accepted 68, denied 1 by HA 1 /FA 0Denied due to mismatched ID 1...Router# clear ip mobile router trafficRouter# show ip mobile router trafficMobile Router Counters:Agent Discovery:Solicitations sent 0, advertisements received 0Agent reboots detected 0Registrations:Register 0, Deregister 0 requests sentRegister 0, Deregister 0 replies receivedRequests accepted 0, denied 0 by HA 0 /FA 0Denied due to mismatched ID 0...Related Commands
debug ip mobile
To display IP mobility activities, use the debug ip mobile command.
debug ip mobile [advertise | host [access-list-number] | local-area | standby]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use the debug ip mobile standby command to troubleshoot redundancy problems.
Examples
The following is sample output from the debug ip mobile standby command. In this example, the active home agent receives a registration request from MN 20.0.0.2 and sends a binding update to peer home agent 1.0.0.2:
Router# debug ip mobile standbyMobileIP:MN 20.0.0.2 - sent BindUpd to HA 1.0.0.2 HAA 20.0.0.1MobileIP:HA standby maint started - cnt 1MobileIP:MN 20.0.0.2 - sent BindUpd id 3780410816 cnt 0 elapsed 0adjust -0 to HA 1.0.0.2 in grp 1.0.0.10 HAA 20.0.0.1In this example, the standby home agent receives a binding update for mobile node 20.0.0.2 sent by the active home agent:
MobileIP:MN 20.0.0.2 - HA rcv BindUpd from 1.0.0.3 HAA 20.0.0.1The following is sample output from the debug ip mobile host command. In the following example, a mobile network is dynamically registered on the home agent:
Router# debug ip mobile hostMobileIP: HA 126 received registration for MN 100.0.0.1 on Ethernet3/2 using COA 30.0.0.2 HA 1\00.0.0.3 lifetime 120 options sbdmgvtMobileIP: MN 100.0.0.1 - authenticating MN 100.0.0.1 using SPI 100MobileIP: MN 100.0.0.1 - authenticated MN 100.0.0.1 using SPI 100MobileIP: Mobility binding for MN 100.0.0.1 createdMobileIP: Roam timer started for MN 100.0.0.1, lifetime 120MobileIP: MN 100.0.0.1 is now roamingMobileIP: Gratuitous ARPs sent for MN 100.0.0.1 MAC 00d0.ff79.5c5500:05:41:MobileIP: Insert host route for 100.0.0.1/255.255.255.255 via gateway 30.0.0.2 on Tunnel0MobileIP: Add mobnet for MR 100.0.0.1 20.0.0.0/255.0.0.000:05:41:MobileIP: Insert host route for 20.0.0.0/255.0.0.0 via gateway 100.0.0.1 on Tunnel100:05:41:MobileIP: HA accepts registration from MN 100.0.0.1MobileIP: MN 100.0.0.1 - MH auth ext added (SPI 100) to MN 100.0.0.1MobileIP: MN 100.0.0.1 - HA sent reply to 30.0.0.2debug ip mobile router
To display debug messages for the mobile router, use the debug ip mobile router command in privileged EXEC mode. To disable debugging output, use the no form of this command.
debug ip mobile router [detail]
no debug ip mobile router [detail]
Syntax Description
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
12.2(4)T
This command was introduced.
12.2(13)T
This command was enhanced to display information about the addition and deletion of mobile networks.
Usage Guidelines
The mobile router operations can be debugged. The following conditions trigger debugging messages:
•
•
•
•
•
Debugging messages are prefixed with MobRtr and detail messages are prefixed with MobRtrX.
Examples
The following example provides output from the debug ip mobile router command:
Router# debug ip mobile routerMobileRouter: New FA 27.0.0.12 coa 27.0.0.12 int Ethernet0/1 MAC 0050.50c1.c8552w2d: MobileRouter: Register reason: isolated2w2d: MobileRouter: Snd reg request agent 27.0.0.12 coa 27.0.0.12 home 9.0.0.1 ha 29.0.0.4 lifetime 36000 int Ethernet0/1 flag sbdmgvt cnt 0 id B496B69C.55E779742w2d: MobileRouter: Status Isolated -> PendingThe following example provides output from the debug ip mobile router detail command.
Router# debug ip mobile router detail1d09h: MobRtr: New agent 20.0.0.2 coa 30.0.0.2 int Ethernet3/1 MAC 00b0.8e35.a0551d09h: MobRtr: Register reason: left home1d09h: MobRtrX: Extsize 18 add 1 delete 01d09h: MobRtrX: Add network 20.0.0.0/8MobileIP: MH auth ext added (SPI 100) to HA 100.0.0.31d09h: MobRtr: Register to fa 20.0.0.2 coa 30.0.0.2 home 100.0.0.1 ha 100.0.0.3 life 120 int Ethernet3/1 flag sbdmgvt cnt 0 id BE804340.447F50A41d09h: MobRtr: Status Isolated -> Pending1d09h: MobRtr: MN rcv accept (0) reply on Ethernet3/1 from 20.0.0.2 lifetime 120MobileIP: MN 100.0.0.3 - authenticating HA 100.0.0.3 using SPI 100MobileIP: MN 100.0.0.3 - authenticated HA 100.0.0.3 using SPI 1001d09h: MobRtr: Status Pending -> Registered1d09h: MobRtr: Add default gateway 20.0.0.2 (Ethernet3/1)1d09h: MobRtr: Add default route via 20.0.0.2 (Ethernet3/1)Related Commands
debug ip mobile advertise
Displays Mobile IP advertisement information.
debug ip mobile host
Displays IP mobility events.
description (mobile networks)
To add a description to a mobile router configuration, use the description command in mobile networks configuration mode. To remove the description, use the no form of this command.
description string
no description
Syntax Description
Defaults
No default behavior or values.
Command Modes
Mobile networks configuration
Command History
Usage Guidelines
The description command is meant solely as a comment to be put in the configuration to help you remember information about the configured mobile router or its mobile networks.
Examples
The following example shows how to add a description for the mobile router:
ip mobile mobile-networks 10.1.0.2description san jose jetnetwork 172.6.1.0 255.255.255.0network 172.6.2.0 255.255.255.0Related Commands
home-agent
To specify the home agent that the mobile router uses during registration, use the home-agent command in mobile router configuration mode. To disable the home agent, use the no form of this command.
home-agent ip-address [priority level]
no home-agent ip-address [priority level]
Syntax Description
Defaults
The default priority level is 100.
Command Modes
Mobile router configuration
Command History
Usage Guidelines
The home-agent command specifies which home agent the mobile router uses for registration and to detect when it is home. The priority level determines which home agent address to register with. The mobile router registers with the home agent with the highest priority level. If the registration is rejected, it tries the next highest priority agent.
The home agent address list is used to detect when the mobile router is home. The mobile router knows that it is at home when the source of the agent advertisements is an IP source address that exists on the home agent address list.
Examples
The following example shows that the mobile router will use the home agent address 1.1.1.1 during registration and will detect when it is at home after receiving agent advertisements from either address 1.1.1.1 or 2.2.2.2:
router mobileip mobile routeraddress 10.1.0.1 255.255.0.0home-agent 1.1.1.1 priority 101home-agent 2.2.2.2 priority 100Related Commands
Displays configuration information and monitoring statistics about the mobile router.
ip mobile mobile-networks
To associate one or more networks with a mobile router configured as a mobile host and enter mobile networks configuration mode, use the ip mobile mobile-networks command in global configuration mode. To disassociate the networks from the mobile router, use the no form of this command.
ip mobile mobile-networks lower [upper]
no ip mobile mobile-networks lower [upper]
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
12.2(4)T
This command was introduced.
12.2(13)T
The upper argument was added to allow a range of mobile host or mobile node group addresses.
Usage Guidelines
The home agent supports mobile routers configured with the mobile networks that are roaming with the mobile routers.
The lower [upper] arguments associate the mobile networks with the IP address of the mobile router, which was configured using the ip mobile host command. You can use the upper range only with dynamic mobile network registration. Static mobile network configurations are not permitted for a range of hosts.
You can configure the home agent to dynamically learn of the mobile networks during registration as shown in the following example:
ip mobile host 10.0.0.1 10.0.0.10 virtual-networks 10.0.0.0 255.0.0.0ip mobile mobile-networks 10.0.0.1 10.0.0.10!dynamic registrationregisterYou can configure the home agent to learn of the mobile networks through static configuration as shown in the following example:
ip mobile host 10.0.0.1 virtual-networks 10.0.0.0 255.0.0.0ip mobile host 10.0.0.2 virtual-networks 10.0.0.0 255.0.0.0!ip mobile mobile-networks 10.0.0.1!static configurationnetwork 172.16.1.0 255.255.255.0ip mobile mobile-networks 10.0.0.2!static configurationnetwork 172.16.2.0 255.255.255.0You cannot configure the range as shown in the following static configuration:
!static configuration not permitted for range of hostsip mobile mobile-networks 10.0.0.1 10.0.0.10network 172.16.2.0The mobile router configuration is only allowed for one mobile router or an entire range of mobile routers in the mobile host group, exclusively. You cannot configure a partial range of mobile routers as shown in the following example:
ip mobile host 10.0.0.1 10.0.0.10 virtual-network 10.0.0.0 255.0.0.0!Partial range shown below is prohibitedip mobile mobile-networks 10.0.0.1 10.0.0.3registerYou cannot combine full ranges and partial ranges of IP addresses in a configuration as shown in the following example:
ip mobile host 10.0.0.1 10.0.0.10 virtual-network 10.0.0.0 255.0.0.0ip mobile mobile-networks 10.0.0.1 10.0.0.10registerip mobile mobile-networks 10.0.0.2network 172.16.2.0 255.255.255.0Examples
The following example configures the mobile host, which is a mobile router at 10.1.1.10, and associates it with the mobile networks that it is supporting:
ip mobile host 10.1.1.10 virtual-network 10.0.0.0 255.0.0.0ip mobile mobile-networks 10.1.1.10network 172.6.2.0 255.255.255.0ip mobile secure host 10.1.1.10 spi 100 key hex 12345678123456781234567812345678The following example shows the mobile router configured for both static and dynamic mobile networks.
ip mobile host 10.1.1.10 virtual-network 10.0.0.0 255.0.0.0ip mobile mobile-networks 10.1.1.10network 172.16.1.0 255.255.255.0registerRelated Commands
ip mobile router
To enable the mobile router and enter mobile router configuration mode, use the ip mobile router command in global configuration mode. To disable the mobile router, use the no form of this command.
ip mobile router
no ip mobile router
Syntax Description
This command has no arguments or keywords.
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
The mobile router is a router that operates as a mobile node. The mobile router can roam from its home network and still provide connectivity for devices on its networks. The mobile networks are locally attached to the router.
Examples
The following example enables the mobile router:
ip mobile routerRelated Commands
Displays configuration information and monitoring statistics about the mobile router.
ip mobile router-service
To enable mobile router service on an interface, use the ip mobile router-service command in interface configuration mode. To disable this service, use the no form of this command.
ip mobile router-service {hold-down seconds | roam [priority value] | solicit [interval seconds] [retransmit initial minimum-seconds maximum seconds retry number]}
no ip mobile router-service {hold-down seconds | roam [priority value] | solicit [interval seconds] [retransmit initial minimum-seconds maximum seconds retry number]}
Syntax Description
Defaults
Mobile router service is disabled.
Command Modes
Interface configuration
Command History
Usage Guidelines
The mobile router discovers home agents (HAs) and foreign agents (FAs) by receiving agent advertisements.
When a wireless link connected to an interface is lossy, the mobile router must not register with the FA even when heard on a preferred interface. The ip mobile router-service hold-down seconds command allows communications to continue with mobile networks while the mobile router gauges the quality of the link to the new FA.
The ip mobile router-service solicit command instructs the mobile router to send agent solicitation messages periodically. Some networks send out agent advertisements only periodically or when solicited. For networks on which agents do not advertise periodically, this function must be enabled to detect agents. The mobile router always sends solicitation messages when roaming interfaces come up.
Note
If a mobile router interface is configured for solicitations, you should set both ip irdp maxadvertinterval seconds and ip irdp holdtime seconds to 0 seconds on the FA. These settings ensure that the FA will not send out any ICMP Router Discovery Protocol (IRDP) advertisements unless solicited. If a FA or HA is sending IRDP advertisements periodically, then a solicitation will trigger the agent to send an advertisement immediately instead of at the next-time interval.
Use the show ip mobile router agent command to display agents learned from advertisements. Use the show ip mobile router interface command to display the configuration of the interfaces used for roaming.
Examples
The following example configures roaming interfaces, solicitation services, and hold-down timers on serial interface 0 and roaming interfaces and hold-down timers on Ethernet interface 0 of the mobile router:
interface serial0ip mobile router-service roam! Serial interface 0 solicits every 5 seconds.ip mobile router-service solicit interval 5ip mobile router-service hold-down 20interface ethernet0ip mobile router-service roam priority 101ip mobile router-service hold-down 20In this example, the mobile router has two interfaces. The serial interface is connected to a serial interface of a FA and the Ethernet interface is connected to an Ethernet interface of a FA. If the mobile router does not receive any agent advertisements on the Ethernet interface, it will use the serial interface to solicit FAs.
If the Ethernet interface hears a new FA advertisement after the mobile router has already registered using the serial interface, it will wait the duration of the hold-down timer (20 seconds) before registering with the FA on the Ethernet interface.
The ip mobile router-service hold-down seconds command allows communications to continue with mobile networks while the mobile router gauges the quality of the link to the new FA. The Ethernet interface is configured with a higher priority so the mobile router prefers to register with this interface. Once it receives an agent advertisement on the Ethernet interface, it will use the Ethernet interface to register to its HA.
Related Commands
mobile-network
To specify the mobile router interface that is connected to the dynamic mobile network, use the mobile-network command in mobile router configuration mode. To disassociate the networks from the mobile router, use the no form of this command.
mobile-network interface
no mobile-network interface
Syntax Description
Defaults
No default behavior or values.
Command Modes
Mobile router configuration
Command History
Usage Guidelines
The IP address and mask of the interface are added to the registration request to notify the home agent of the mobile networks. Once the home agent acknowledges the mobile network, the mobile router will no longer add the mobile network information in subsequent requests.
Examples
The following example shows how to enable mobile router services. In this example, the mobile router located at 100.0.0.3 is dynamically registering the primary interface address on interface Ethernet3/2:
router mobileip mobile routeraddress 100.0.0.3 255.0.0.0home-agent 100.0.0.1!specifies the Mobile Router interface connected to the mobile networkmobile-network Ethernet3/2register lifetime 120Related Commands
network (mobile networks)
To specify a list of mobile networks for a mobile router, use the network command in mobile networks configuration mode. To remove an entry, use the no form of this command.
network net mask
no network net mask
Syntax Description
Defaults
No networks are specified.
Command Modes
Mobile networks configuration
Command History
Usage Guidelines
When the mobile router is registered, the home agent injects the mobile networks into its forwarding table.
Examples
The following configuration example shows how to associate the mobile router address, 10.1.1.10, with the mobile networks:
Mobile Router Configuration:
ip mobile routeraddress 10.1.1.10 255.255.255.0home-agent 171.68.69.1ip mobile secure home-agent 171.68.69.1 spi 100 key hex 12345678123456781234567812345678Home Agent Configuration:
! mobile host is mobile router addressip mobile host 10.1.1.10 virtual-network 10.0.0.0 255.0.0.0! associates mobile router address with mobile networksip mobile mobile-networks 10.1.1.10description jetnetwork 172.6.1.0 255.255.255.0ip mobile secure host 10.1.1.10 spi 100 key hex 12345678123456781234567812345678Related Commands
redundancy group
To configure fault tolerance for the mobile router, use the redundancy group command in mobile router configuration mode. To disable this functionality, use the no form of this command.
redundancy group name
no redundancy group name
Syntax Description
Defaults
No default behavior or values.
Command Modes
Mobile router configuration
Command History
Usage Guidelines
The redundancy group command provides fault tolerance by selecting one mobile router in the redundancy group name argument to provide connectivity for the mobile networks. This mobile router is in the active state. The other mobile routers are passive and wait until the active mobile router fails before a new active mobile router is selected. Only the active mobile router registers and sets up proper routing for the mobile networks. The redundancy state is either active or passive.
Examples
The following example selects the mobile router in the sanjose group, to provide fault tolerance:
ip mobile routerredundancy group sanjoseaddress 10.1.1.10 255.255.255.0home-agent 10.1.1.20register lifetime 600Related Commands
standby name
Configures the name of the standby group, which is associated with the mobile router.
register (mobile networks)
To dynamically register the mobile networks with the home agent, use the register command in mobile networks configuration mode. To disable the registration, use the no form of this command.
register
no register
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Mobile networks configuration
Command History
Usage Guidelines
When the mobile router registers its mobile networks on the home agent, the home agent looks up the mobile network configuration and verifies that the register command is configured before adding forwarding entries into the home agent forwarding table for the mobile router. If the mobile router is not configured properly, the home agent will reject the request with error code 129.
It is possible to have both statically configured mobile networks and dynamically registered mobile networks. However, static mobile network configurations take precedence over dynamic mobile network registrations. For example, if a mobile router tries to dynamically add (or delete) a mobile network and that network is already statically configured for that mobile router or any other mobile router, then the dynamic mobile network is ignored and an error message is generated.
Similarly, if a mobile router has dynamically added a mobile network, an attempt by another mobile router to dynamically add or delete the same mobile network is ignored and an error message is generated.
Examples
In the following example, the mobile router is configured to dynamically register its mobile networks with the home agent:
router mobileip mobile home-agentip mobile host 10.20.30.4 interface Ethernet 1!Associated host address that informs HA that 10.20.30.4 is actually an MRip mobile mobile-networks 10.20.30.4registerip mobile secure host 10.20.30.4 spi 100 key hex 12345678123456781234567812345678Related Commands
ip mobile host
Configures the mobile host or mobile node group.
Specifies the mobile router interface that is connected to the dynamic mobile network.
register (mobile router)
To control the registration parameters of the mobile router, use the register command in mobile router configuration mode. To return the registration parameters to their default settings, use the no form of this command.
register {extend expire seconds retry number interval seconds | lifetime seconds | retransmit initial milliseconds maximum milliseconds retry number}
no register {extend expire seconds retry number interval seconds | lifetime seconds | retransmit initial milliseconds maximum milliseconds retry number}
Syntax Description
Defaults
expire seconds: 120 seconds
retry number: Three retries
interval seconds: 10 seconds
lifetime seconds: 65534 seconds
retransmit initial milliseconds: 1000 milliseconds (1 second)
maximum milliseconds: 5000 milliseconds (5 seconds)Command Modes
Mobile router configuration
Command History
Usage Guidelines
The register lifetime seconds command configures the lifetime that the mobile router requests in a registration request. The home agent also has lifetimes that are set. If the registration request from a mobile router has a greater lifetime than the registration reply from the home agent, the lifetime set on the home agent will be used for the registration. If the registration request lifetime from the mobile router is less than the registration reply from the home agent, the lifetime set on the mobile router will be used. Thus, the smaller lifetime between the home agent and mobile router is used for registration.
Examples
The following example specifies a registration lifetime of 600 seconds:
ip mobile routeraddress 10.1.1.10 255.255.255.0home-agent 10.1.1.20register lifetime 600Related Commands
Displays configuration information and monitoring statistics about the mobile router.
Displays the pending and accepted registrations of the mobile router.
reverse-tunnel
To enable the reverse tunnel function on the mobile router, use the reverse-tunnel command in mobile router configuration mode. To disable the reverse tunnel function, use the no form of this command.
reverse-tunnel
no reverse-tunnel
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Mobile router configuration
Command History
Usage Guidelines
The mobile router supports the reverse tunnel function. The home agent supports reverse tunnel by default. The foreign agent supports reverse tunnel if configured.
Examples
The following example configures reverse tunneling on the mobile router:
ip mobile router address 10.1.1.2 255.0.0.0home-agent 10.1.1.1register extend expire 10 retry 2 interval 2reverse-tunnelRelated Commands
show ip mobile binding
To display the mobility binding table, use the show ip mobile binding command in privileged EXEC mode.
show ip mobile binding [home-agent address | summary]
Syntax Description
home-agent address
(Optional) IP address of mobile node.
summary
(Optional) Total number of bindings in the table.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The home agent updates the mobility binding table in response to registration events from mobile nodes. If the address argument is specified, bindings are shown for only that mobile node.
The home agent also creates an additional tunnel interface directly to the mobile routers to provide connectivity for mobile networks.
All bindings are displayed if
Examples
The following is sample output from the show ip mobile binding command:
Router# show ip mobile bindingMobility Binding List:Total 120.0.4.1:Care-of Addr 45.0.0.5, Src Addr 45.0.0.5Lifetime granted 00:02:00 (120), remaining 00:01:56Flags sbDmgvT, Identification B7A262C5.DE43E6F4Tunnel0 src 46.0.0.3 dest 45.0.0.5 reverse-allowedMR Tunnel1 src 46.0.0.3 dest 20.0.4.1 reverse-allowedRouting Options - (D)Direct-to-MN (T)Reverse-tunnelMobile Networks: 54.0.0.0/255.255.255.0(S)44.0.0.0/255.255.255.0 (D)46.0.0.0/255.0.0.0(D)12.0.0.0/255.255.255.0(D)Table 1 describes the significant fields shown in the display.
show ip mobile host
To display mobile node or mobile network information, use the show ip mobile host command in privileged EXEC mode.
show ip mobile host [address | interface interface | network address | group | summary]
Syntax Description
Command Modes
Privileged EXEC
Command History
12.0(1)T
This command was introduced.
12.2(4)T
This command was expanded to include information about mobile networks.
Usage Guidelines
The mobile host can be a mobile node or mobile router.
Examples
The following is sample output from the show ip mobile host command:
Router# show ip mobile host20.0.0.1:Allowed lifetime 10:00:00 (36000/default)Roaming status -Unregistered-, Home link on virtual network 20.0.0.0/8Accepted 0, Last time -never-Overall service time -never-Denied 0, Last time -never-Last code `-never- (0)'Total violations 0Tunnel to MN - pkts 0, bytes 0Reverse tunnel from MN - pkts 0, bytes 0Mobile networks supportedTable 2 describes the significant fields shown in the display.
Related Commands
Displays the mobility binding table.
Displays a list of mobile networks associated with the mobile router.
show ip mobile mobile-networks
To display a list of mobile networks associated with the mobile router, use the show ip mobile mobile-networks command in EXEC mode.
show ip mobile mobile-networks [address]
Syntax Description
address
(Optional) Address of a specific mobile router. If not specified, information for all mobile networks is displayed.
Defaults
No default behavior or values.
Command Modes
EXEC
Command History
12.2(4)T
This command was introduced.
12.2(13)T
This command was enhanced to display information about the dynamically registered mobile networks.
Usage Guidelines
The home agent maintains a list of static and dynamic mobile networks associated with mobile routers.
Examples
The following is sample output from the show ip mobile mobile-networks command:
Router# show ip mobile mobile-networksMobile Networks:MR 20.0.4.1:Dynamic registrationConfigured:54.0.0.0/255.255.255.0Registered:44.0.0.0/255.255.255.046.0.0.0/255.0.0.012.0.0.0/255.255.255.0Table 3 shows the significant fields in the display.
Related Commands
Associates one or more networks with a mobile router configured as a mobile host and enters mobile networks configuration mode.
show ip mobile router
To display configuration information and monitoring statistics about the mobile router, use the show ip mobile router command in privileged EXEC mode.
show ip mobile router
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
12.2(4)T
This command was introduced.
12.2(13)T
This command was enhanced to display information about the mobile network interfaces.
Usage Guidelines
The display includes the mobile router configuration information such as the home address and network mask, home agent, and registration settings, and operational information such as status, tunnel interface, active foreign agent, and care-of address.
Examples
The following is sample output from the show ip mobile router command:
Router# show ip mobile routerMobile RouterEnabled 05/30/02 11:16:03Last redundancy state transition 05/30/02 11:15:01Configuration:Home Address 20.0.4.1 Mask 255.255.255.0Home Agent 46.0.0.3 Priority 100 (best)Registration lifetime 120 secRetransmit Init 1000, Max 5000 msec, Limit 3Extend Expire 120, Retry 3, Interval 10Redundancy group AlwaysUp (active)Mobile Networks:Ethernet5 (200.0.0.0/255.255.255.248)Ethernet2 (46.0.0.0/255.0.0.0)Ethernet3 (44.0.0.0/255.255.255.0)Monitor:Status -Registered-Active foreign agent 11.0.0.2, Care-of 11.0.0.2On interface Serial0Tunnel0Table 4 describes the significant fields shown in the display.
Related Commands
show ip mobile router agent
To display information about the agents for the mobile router, use the show ip mobile router agent command in privileged EXEC mode.
show ip mobile router agent
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The mobile router learns about home agents and foreign agents from agent advertisements. Registrations are sent to the foreign agent to notify the mobile router's home agent of its locality. The mobile router deregisters when it hears an advertisement from its home agent.
Examples
The following is sample output from the show ip mobile router agent command:
Router# show ip mobile router agentMobile Router Agents:Foreign Agent 44.0.0.1:Care-of address 41.0.0.1Interface Ethernet2/2, MAC 0002.4a19.b83aAgent advertisement seq 53271, Flags rbhFmGvt, Lifetime 36000IRDP advertisement lifetime 60, Remaining 48Last received 01/15/01 09:51:26First heard 01/12/01 13:26:50Table 5 describes the significant fields shown in the display.
Related Commands
Deletes learned agents and the corresponding care-of address of the foreign agent from the mobile router agent table.
show ip mobile router interface
To display information about the interface that the mobile router is using for roaming, use the show ip mobile router interface command in privileged EXEC mode.
show ip mobile router interface
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The mobile router uses the interfaces for roaming, discovering foreign agents, and registering its location on the foreign network.
Examples
The following example is sample output from the show ip mobile router interface command:
Router# show ip mobile router interfaceMobile Router Interfaces:Listed in order of preference.Ethernet2/2:Priority 101, Bandwidth 10000, Address 46.0.0.5Periodic solicitation disabled, Interval 600 secRetransmit Init 1000, Max 5000 msec, Limit 3Current 5000, Remaining 0 msec, Count 6Hold down 70 secRouting disallowedTable 6 describes the significant fields shown in the display.
Related Commands
show ip mobile router registration
To display the pending and accepted registrations of the mobile router, use the show ip mobile router registration command in privileged EXEC mode.
show ip mobile router registration
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC
Command History
12.2(4)T
This command was introduced.
12.2(13)T
This command was enhanced to display new extensions in the registration request.
Examples
The following is sample output from the show ip mobile router registration command:
Router# show ip mobile router registrationMobile Router Registrations:Foreign Agent 44.0.0.1:Registration accepted 01/15/01 10:04:01, On Ethernet2/2Care-of addr 41.0.0.1, HA addr 49.0.0.3, Home addr 49.0.0.5Lifetime requested 01:00:00 (3600), Granted 00:30:00 (1800)Remaining 00:20:13Flags sbdmgvt, Identification BE0D49E5.5E1C56E4Register next time 00:18:13ExtensionsMobile Network Add 44.0.0.0/8MN-HA Authentication SPI 100Table 7 describes the significant fields shown in the display.
Related Commands
show ip mobile router traffic
To display the counters that the mobile router maintains, use the show ip mobile router traffic command in privileged EXEC mode.
show ip mobile router traffic [since bootup]
Syntax Description
since bootup
(Optional) Displays counters since the mobile router process started, regardless of how many times the counters were cleared.
Defaults
Displays counters since the counters were last cleared.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The mobile router maintains counters for agent discovery, registration, movement, and services.
Examples
The following is sample output from the show ip mobile router traffic command:
Router# show ip mobile router trafficMobile Router Counters:Agent Discovery:Solicitations sent 90, advertisements received 17Agent reboots detected 0Registrations:Register 70, Deregister 0 requests sentRegister 70, Deregister 0 replies receivedRequests accepted 68, denied 1 by HA 1 /FA 0Denied due to mismatched ID 1Authentication failed for HA 0/FA 0Invalid extensions 0, ignored 0Invalid home address 0, ID 0Unknown HA 0/FA 0Gratuitous ARPs sent 0Movement:Came up on HA 0, on FA 1Moved HA to FA 0, FA to FA 0, FA to HA 0Better interface detected 0 source 46.0.0.5 dest 49.0.0.3Tunnel Traffic:Packets received 188105, sent 0Bytes received 142691351, sent 0Services:Redundancy state active 2, passive 1Table 8 describes the significant fields shown in the display.
Related Commands
Glossary
agent advertisement—An advertisement message constructed by an attachment of a special extension to a ICMP Router Discovery Protocol (IRDP).
agent discovery—The method by which a mobile node or mobile router determines whether it is currently connected to its home network or a foreign network and detects whether it has moved and the way it has moved. It is the mechanism by which mobile nodes or mobile routers query and discover mobility agents. Agent discovery is an extension to ICMP Router Discovery Protocol (IRDP) (RFC 1256), which includes a mechanism to advertise mobility services to potential users.
agent solicitation—A request for an agent advertisement sent by the mobile node or mobile router.
care-of address—The termination point of the tunnel to a mobile node or mobile router. This can be a collocated care-of address, by which the mobile node or mobile router acquires a local address and detunnels its own packets, or a foreign agent care-of address, by which a foreign agent detunnels packets and forwards them to the mobile node or mobile router.
correspondent node—A peer with which a mobile node is communicating. A correspondent node may be either stationary or mobile.
foreign agent—A router on the visited network of a foreign network that provides routing services to the mobile node while registered. The foreign agent detunnels and delivers packets to the mobile node or mobile router that were tunneled by the home agent of the mobile node. For packets sent by a mobile node, the foreign agent may serve as a default router for registered mobile nodes.
foreign network—Any network other than the home network of the mobile node.
home address—An IP address that is assigned for an extended time to a mobile node. It remains unchanged regardless of where the node is attached to the Internet.
home agent—A router on a home network of the mobile node or that tunnels packets to the mobile node or mobile router while they are away from home. It keeps current location information for registered mobile nodes called a mobility binding.
home network—The network, possibly virtual, whose network prefix equals the network prefix of the home address of a mobile node.
link—A facility or medium over which nodes communicate at the link layer. A link underlies the network layer.
link-layer address—The address used to identify an endpoint of some communication over a physical link. Typically, the link-layer address is a MAC address of an interface.
mobility agent—A home agent or a foreign agent.
mobility binding—The association of a home address with a care-of address and the remaining lifetime.
mobile network—A network that moves with the mobile router. A mobile network is a collection of hosts and routes that are fixed with respect to each other but are mobile, as a unit, with respect to the rest of the Internet.
mobile node—A host or router that changes its point of attachment from one network or subnet to another. A mobile node may change its location without changing its IP address; it may continue to communicate with other Internet nodes at any location using its home IP address, assuming that link-layer connectivity to a point of attachment is available.
mobile router—A mobile node that is a router. It provides for the mobility of one or more entire networks moving together, perhaps on an airplane, a ship, a train, an automobile, a bicycle, or a kayak. The nodes connected to a network served by the mobile router may themselves be fixed nodes or mobile nodes or routers.
mobility security association—A collection of security contexts between a pair of nodes that may be applied to Mobile IP protocol messages exchanged between them. Each context indicates an authentication algorithm and mode, a secret (a shared key or appropriate public/private key pair), and a style of replay protection in use.
MTU—maximum transmission unit. Maximum packet size, in bytes, that a particular interface can handle.
node—A host or router.
registration—The process by which the mobile node is associated with a care-of address on the home agent while it is away from home. Registration may happen directly from the mobile node to the home agent or through a foreign agent.
roaming interface—An interface used by the mobile router to detect foreign agents and home agents while roaming. Registration and traffic occur on the interface.
SPI—security parameter index. The index identifying a security context between a pair of nodes. On the home agent, the SPI identifies which shared secret to use to compute the md5 hash value.
tunnel—The path followed by a packet while it is encapsulated from the home agent to the mobile node. The model is that, while it is encapsulated, a packet is routed to a knowledgeable decapsulating agent, which decapsulates the datagram and then correctly delivers it to its ultimate destination.
virtual network—A network with no physical instantiation beyond a router (with a physical network interface on another network). The router (a home agent, for example) generally advertises reachability to the virtual network using conventional routing protocols.
visited network—A network other than the home network of a mobile node, to which the mobile node is currently connected.
visitor list—The list of mobile nodes visiting a foreign agent.
