Table Of Contents
Mobile IP: Policy and Application-Based Routing for MR Multipath
Prerequisites for Mobile IP: Policy and Application-Based Routing for MR Multipath
Restrictions for Mobile IP: Policy and Application-Based Routing for MR Multipath
Information About Mobile IP: Policy and Application-Based Routing for MR Multipath
Mobile Router Multipath Support Feature Design
Mobile Router Multipath Load-Balancing Behavior
Setting Priority Levels and MR Registration
Benefits of Mobile Router Multipath Support
How to Configure Mobile Router Multipath Support
Configuring the Mobile Router for Multipath Support
Routing Based on Policies and Selecting Roaming Interfaces
Enabling the Roaming Interfaces
Configuring the Home Agent for Multipath Support
Clearing the Mobility Binding on the Home Agent
Verifying Mobile Router Multipath Support
Configuration Examples for Mobile Router Multipath Support
Multipath Support on the Mobile Router: Example
Multipath Support on the Home Agent: Example
Registering the MR Based on the Roaming Priority: Example
Using mobile-map Mobile Policy Templates: Example
Generating Dynamic Route Maps in an HA: Example
Feature Information for Mobile IP - Policy and Application-Based Routing for MR Multipath
Mobile IP: Policy and Application-Based Routing for MR Multipath
First Published: June 19, 2006Last Updated: March 11, 2009Mobile IP has increasingly become important because the public safety and public transportation are likely to adopt multiple wireless technologies to support their mission-critical applications and new services. Before the introduction of the Mobile IP—Mobile Router Multipath Support feature, the Cisco implementation of Mobile IP supported only one tunnel between the mobile router (MR) and the home agent (HA). You must use only one tunnel and one wireless technology at a given time. This feature provides support for multiple paths, and thus multiple wireless technologies, between the mobile router and the home agent and allows user traffic to be load-balanced over all available interfaces.
Finding Feature Information
Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for Mobile IP - Policy and Application-Based Routing for MR Multipath" section.
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/fn. An account on Cisco.com is not required.
Contents
•
Prerequisites for Mobile IP: Policy and Application-Based Routing for MR Multipath
•
•
•
•
•
Prerequisites for Mobile IP: Policy and Application-Based Routing for MR Multipath
•
•
Restrictions for Mobile IP: Policy and Application-Based Routing for MR Multipath
Policy-based application routing has the following restrictions:
•
•
•
•
Only one "match" clause is permited in each mobile-map entry.•
Information About Mobile IP: Policy and Application-Based Routing for MR Multipath
Before you configure the Mobile Router Multipath Support feature and policy-based application routing, you should understand the following concepts:
•
•
•
•
Mobile Router Multipath Support Feature Design
The Mobile Router Multipath Support feature extends the MR functionality to multiple interfaces. Before the introduction of this feature, the MR received agent advertisements or a collocated care-of address (CCoA) on multiple roaming interfaces. However, it would register through only one interface and set up the tunnel and routes based on that registration. During the routing or tunneling phase, packets arrived at the HA. The HA performed two encapsulations of the packets and tunneled them to the foreign agent or CCoA. The foreign agent or CCoA performed one de-encapsulation and sent the packets to the MR, which performed another de-encapsulation. The MR then sent the original packets to the IP devices on the mobile networks. See Figure 1 for an illustration of routing within a mobile network using a single tunnel.
Figure 1 Routing Within the Mobile Network Using a Single Tunnel
With the introduction of the Mobile Router Multipath support feature, the MR can register to the HA through all of its available roaming interfaces. Each registration is independent of the other registrations that occur on the other roaming interfaces. Once registered through more than one roaming interface, the MR has multiple routes to the HA. If a reverse tunnel is configured, the MR will have multiple paths—each tunnel going out its respective interface. Because the MR is registering independently on each of its roaming interfaces, it can use a foreign agent to register on one interface or a CCoA to register with another interface.
See Figure 2 for an illustration of the mobile router registering through multiple interfaces.
Figure 2 Mobile Router Registering Through Multiple Interfaces to the Home Agent
Upon successful registration, the HA maintains multiple care-of addresses, mobility bindings, tunnels, and routes to the same MR. Multiple bindings are not the same as simultaneous bindings. With multiple bindings, the traffic is not replicated on all tunnels but rather load-balanced across them, which means that the packets are sent through only one path.
Mobile Router Multipath Load-Balancing Behavior
When there are multiple paths between the MR and the HA, the traffic from the mobile networks that goes toward the HA is generally load-balanced. Per-destination load balancing is the default behavior. But you can also make use of an advanced behavior, policy-based application routing. Policy-based application routing allows you to identify a particular type of traffic from the mobile networks and then select the tunnel for routing this traffic.
Policy-based application routing allows you to control the roaming interface that is used by an application to route its traffic to the other end of a Mobile IP tunnel. This provides flexibility to control how the applications are routed over different mobile wireless networks based on a defined policy. The applications are policy-routed based on the roaming interface type. See the "Routing Based on Policies and Selecting Roaming Interfaces" section for more information on policy-based application routing.
Setting Priority Levels and MR Registration
You can configure policy-based application routing and the MR roaming interfaces. You should set the priority levels when you enable the roaming interface. The MR registers on multiple roaming interfaces based on the roaming interface configuration. The MR registers only through the highest priority interface. If there is more than one interface with the same highest priority, then both interfaces are used by the MR during registration. If all highest priority interfaces are unavailable, then the MR switches to the next available highest priority interface. The interfaces have link-type labels configured on them. See "Registering the MR Based on the Roaming Priority: Example" section for an example.
A label is used to describe a link-type associated with a roaming interface. The label indicates the path such as, link type, actual bandwidth, or stability. You need to manually configure the label on a roaming interface using the ip mobile router-service link-type command.
Benefits of Mobile Router Multipath Support
Because multiple access technologies can be deployed in mobile networks, the Mobile Router Multipath support feature offers the ability to leverage all available links when Mobile IP is used. This multiple path support offers good investment protection for existing legacy wireless connections or any newly purchased or deployed wireless technologies.
How to Configure Mobile Router Multipath Support
The Mobile Router Multipath support feature is enabled by default on the MR but is disabled by default on the HA. For this feature to work, both the HA and the MR must be configured for multipath support. Because this feature is enabled by default on the MR, the MR will try for multiple registrations. However, if the MR determines that the HA is not configured for multipath support by receiving registration replies without multiple path support, the MR will switch to single-path mode. This feature is disabled by default on the HA so that during deployments, upgrading the software does not surprise the deployment engineer with multiple registrations.
After configuring the MR, you can configure the policy-based application routing and the MR roaming interfaces. You then need to enable the roaming interfaces and define the traffic policies. This allows you to identify a particular type of traffic from the mobile networks and then select the tunnel for routing the traffic. This provides flexibility to control how the applications are routed over different mobile wireless networks based on a policy.
This section contains the following tasks:
•
•
•
•
•
Configuring the Mobile Router for Multipath Support
This task shows how to configure the mobile router for multipath support.
Prerequisites
The security association between the MR and the HA should be established in order for registrations to succeed.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
DETAILED STEPSRouting Based on Policies and Selecting Roaming Interfaces
This section contains the following topics:
•
•
Prerequisites
Policy-based application routing occurs only when an ingress interface is configured for a mobile policy.
Example:
interface ethernet 1/0ip mobile router-service roamip mobile router-service link-type 802.11gSUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
Enabling the Roaming Interfaces
You can enable the roaming interfaces after setting the roaming priority level. The MR registers on multiple roaming interfaces based on the roaming-interface configuration.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
DETAILED STEPS
Defining the Traffic Policies
You can define the traffic policies by identifying the application traffic and selecting the path for routing based on policies. This section contains the following tasks:
•
Identifying the Application Traffic
You can use one or more extended named ACLs on both the MR and the HA to identify the application traffic. MR and HA named ACLs are used as templates at registration time to generate dynamic ACLs that are used in the dynamic route maps.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
Selecting the Routing Path
You can use one or more mobile-map mobile policy templates on the MR and HA to select the routing path.
Multiple mobile policies can be configured on either the MR or the HA. On the MR, a separate dynamic route map is generated for each configured mobile policy. More than one MR ingress interface (mobile network interface) has a mobile policy and each interface has a different policy. On the HA there is only one dynamic route map generated, but it is applied on up to three ingress interfaces. If more than one mobile policy is configured on the HA, only one route map is dynamically generated and applied to the ingress interface(s).
You need to apply the mobile map to access interfaces. The mobile map is associated with a mobile network interface on the MR in the "mobile-network" configuration. The mobile-map configuration on the HA can specify up to three "ingress" interfaces.
When traffic from a mobile network is received by the MR, the traffic is compared against one of the ACLs. If there is a match, the MR finds the corresponding mobile-map entry that specifies the roaming interface on which to send the traffic. Similarly, on the HA when traffic for a mobile network is received on one of the specified ingress interfaces, it is matched against one of the ACLs and then against the corresponding mobile-map entry, which in turn decides the tunnel to send the traffic to.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
DETAILED STEPSConfiguring the Home Agent for Multipath Support
This task shows how to configure the HA for multipath support.
You can configure and unconfigure multipath support globally on the HA. Unconfiguring multiple paths takes the mobile router back to the existing single-path mode.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
DETAILED STEPSWhat to Do Next
After you configure the HA you can define the traffic policies. This enables you to identify a particular traffic from the mobile networks and then select the tunnel for routing the traffic. This provides flexibility to control how the applications are routed over different mobile wireless networks based on a policy. See the ""Defining the Traffic Policies" section" for more information on how to define the traffic policies.
Clearing the Mobility Binding on the Home Agent
Perform this task to manually clear the mobility binding that is associated with the MR IP address and its care-of address.
Restrictions
Use this clear command with care, because it will disrupt any sessions that are being used by the MR. After you use this command, the mobile router will need to re-register to continue roaming.
SUMMARY STEPS
1.
2.
DETAILED STEPS
Verifying Mobile Router Multipath Support
Perform this task to verify MR multipath support.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Configuration Examples for Mobile Router Multipath Support
This section provides the following configuration examples:
•
•
•
•
•
Multipath Support on the Mobile Router: Example
The following example shows how to configure multipath support on the mobile router:
interface Loopback0! MR home addressip address 209.165.200.225 255.255.255.224interface Tunnel101keep 5 3interface Ethernet1/0! MR roaming interfaceip address 209.165.200.239 255.255.255.224ip mobile router-service roaminterface Ethernet2/0! MR roaming interfaceip address 209.165.200.246 255.255.255.224ip mobile router-service roaminterface Ethernet3/0ip address 209.165.200.247 255.255.255.224router mobileip mobile routeraddress 209.165.200.251 255.255.255.224home-agent 192.0.2.12mobile-network Ethernet3/0tunnel mode gremulti-pathtemplate Tunnel101ip mobile secure home-agent 192.0.2.16 spi 101 key hex 12345678901234567890123456789012Multipath Support on the Home Agent: Example
The following example shows how to configure multipath support on the home agent:
interface Ethernet 0/0ip address 209.165.200.251 255.255.255.224!router mobileexitip mobile home-agent multi-pathip mobile virtual-network 209.165.200.252 255.255.255.224ip mobile host 192.0.2.10 192.0.2.15 virtual-network 209.165.200.254 255.255.255.224ip mobile secure host 192.0.2.20 192.0.2.25 spi 101 key hex 12345678901234567890123456789012ip mobile mobile-networks 192.0.2.40 192.0.2.44registerip mobile mobile-networks 192.0.2.57registerno multi-pathRegistering the MR Based on the Roaming Priority: Example
The following example shows how roaming priority levels are selected during MR registration:
Consider the following four interfaces:
interface Fastethernet 1/0ip mobile router-service roam priority 200ip mobile router-service link-type 802.11ginterface Fastethernet 1/1ip mobile router-service roam priority 200ip mobile router-service link-type 802.11ginterface Fastethernet 2/0ip mobile router-service roam priority 100ip mobile router-service link-type 802.11ginterface Fastethernet 2/1ip mobile router-service roam priority 100ip mobile router-service link-type 802.11gFast Ethernet interfaces 1/0 and 1/1 have priority 200. Fast Ethernet interfaces 2/0 and 2/1 have priority 100. When you try enabling these four interfaces, the MR registers on both the Fast Ethernet interfaces 1/0 and 1/1 because they have the highest roaming priority. But when the interfaces Fastethernet 1/0 and 1/1 are not available, the MR registers on Fastethernet 2/0 and 2/1, the next available highest priority group.Using mobile-map Mobile Policy Templates: Example
The following example shows to use the mobile-map mobile policy templates on the MR and the HA to select the routing path.
ip mobile mobile-map MPATH_1 10match access-list WEBset link-type 802.11g UMTSset interface null0Generating Dynamic Route Maps in an HA: Example
The following example shows how the dynamic route maps are generated in an HA:
Router# show route-map dynamicroute-map MIP-10/24/06-04:18:15.243-1-MP-HA, permit, sequence 0, identifier 53856096Match clauses:ip address (access-lists): VOICE-to-192.0.2.0/24Set clauses:interface Tunnel0Policy routing matches: 0 packets, 0 bytesCurrent active dynamic routemaps = 1Router# show ip access-lists dynamicExtended IP access list VOICE-to-192.0.2.0/2410 permit icmp any 209.165.200.225 255.255.255.224 tos max-reliabilityAdditional References
The following sections provide references related to the Mobile IP— Policy and Application-Based Routing for MR Multipath Support feature.
Related Documents
Mobile IP commands: complete command syntax, command mode, command history, defaults, usage guidelines, and examples
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
RFCs
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
—
Technical Assistance
Command Reference
The following commands are introduced or modified in the feature or features documented in this module. For information about these commands, see the Cisco IOS IP Mobility Command Reference at http://www.cisco.com/en/US/docs/ios/ipmobility/command/reference/imo_book.html. For information about all Cisco IOS commands, use the Command Lookup Tool at http://tools.cisco.com/Support/CLILookup or to the Cisco IOS Master Commands List, All Releases, at http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html.
•
•
•
•
•
•
•
•
•
•
•
•
•
Feature Information for Mobile IP - Policy and Application-Based Routing for MR Multipath
Table 1 lists the release history for this feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/fn. An account on Cisco.com is not required.
Note
Glossary
agent advertisement—An advertisement message constructed by an attachment of a special extension to an ICMP Router Discovery Protocol (IRDP).
care-of address—The termination point of the tunnel to a mobile node or mobile router. This can be a collocated care-of address, by which the mobile node or mobile router acquires a local address and detunnels its own packets, or a foreign agent care-of address, by which a foreign agent detunnels packets and forwards them to the mobile node or mobile router.
foreign agent—A router on the visited network of a foreign network that provides routing services to the mobile node while registered. The foreign agent detunnels and delivers packets to the mobile node or mobile router that were tunneled by the home agent of the mobile node. For packets sent by a mobile node, the foreign agent may serve as a default router for registered mobile nodes.
home agent—A router on a home network of the mobile node or a router that tunnels packets to the mobile node or mobile router while they are away from home. The home agent keeps current location information for registered mobile nodes called a mobility binding.
home network—The network, possibly virtual, whose network prefix equals the network prefix of the home address of a mobile node.
mobile network—A network that moves with the mobile router. A mobile network is a collection of hosts and routes that are fixed with respect to each other but are mobile, as a unit, with respect to the rest of the Internet.
mobile node—A host or router that changes its point of attachment from one network or subnet to another. A mobile node may change its location without changing its IP address; it may continue to communicate with other Internet nodes at any location using its home IP address, assuming that link-layer connectivity to a point of attachment is available.
mobile router—A mobile node that is a router. It provides for the mobility of one or more entire networks moving together, perhaps on an airplane, a ship, a train, an automobile, a bicycle, or a kayak. The nodes connected to a network served by the mobile router may themselves be fixed nodes or mobile nodes or routers.
mobility binding—The association of a home address with a care-of address and the remaining lifetime.
registration—The process by which the mobile node is associated with a care-of address on the home agent while it is away from home. Registration may happen directly from the mobile node to the home agent or through a foreign agent.
roaming interface—An interface used by the mobile router to detect foreign agents and home agents while roaming. Registration and traffic occur on the interface.
tunnel—The path followed by a packet while it is encapsulated from the home agent to the mobile node. The model is that, while it is encapsulated, a packet is routed to a knowledgeable decapsulating agent, which de-encapsulates the datagram and then correctly delivers it to its ultimate destination.
CCDE, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0812R).
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2006-2009 Cisco Systems, Inc. All rights reserved.
