Mobile-IP (MIP) is well known in the industry. As a general matter, a mobile node may establish a data link layer connection with a MIP foreign agent, and the mobile node may then register with a MIP home agent to obtain a home IP address (home address or HoA), which the home agent would correlate with the foreign agent's IP address (care-of address or CoA). In practice, the mobile node would then send outbound communications from its HoA (i.e., using its HoA as the source IP address in its communications). Response communications destined to that HoA would be routed to the home agent, and the home agent would in turn forward those communications to the corresponding CoA. The foreign agent would then pass the communications via the data link layer connection to the mobile node.
The data link layer connection between the mobile node and the foreign agent can take various forms, compliant with various protocols, examples of which include without limitation the well known Point to Point Protocol (PPP) and IP Security (IPsec) protocol. In CDMA communications, PPP data link connections are typically used between mobile nodes and foreign agents in packet data serving nodes (PDSNs) that provide packet-network connectivity. In WiFi communications (e.g., using 802.11), on the other hand, IPsec is typically used between mobile nodes and foreign agents and is currently proposed to be used for communication between mobile nodes and foreign agents in packet data interworking functions (PDIFs) that provide packet-network connectivity.
An IPsec data link defines a secure tunnel of communication between two endpoints such as between the mobile node and a PDIF. In particular, when the mobile node has bearer packets to transmit (typically with the mobile node's HoA as source address), the mobile node would encrypt the packets in an agreed manner and encapsulate the encrypted packets in an IPsec outer packet header destined to the PDIF. The source IP address of the underlying packets, known as the “tunnel inner address” (TiA) would be the mobile node's IP address (e.g., its HoA), which would be routable to the PDIF, and the destination IP address of the underlying packets would be the destination to which the mobile node wishes to send the packets. The source IP address in the IPsec encapsulation header (the outer packet header), on the other hand, known as the “tunnel outer address” (ToA), will be one agreed between the mobile node and the PDIF, and the destination IP address in the IPsec encapsulation header will be the IP address of the PDIF. As the PDIF receives those packets, the PDIF would then strip the IPsec encapsulation headers, decrypt the underlying packets, and send the packets along their way to their specified destination. Similar communication can occur through the IPsec tunnel in the reverse direction as well.
When a mobile node that is already registered with a MIP home agent via a particular foreign agent (“source foreign agent”) moves to a network having a new foreign agent (“target foreign agent”) and establishes a data link layer connection with the target foreign agent, the mobile node generally engages in a new MIP registration (re-registration) process, to correlate the target foreign agent's CoA with the mobile node's HoA.
In particular, the target foreign agent would transmit an agent advertisement message (ICMP Type 9 message) that would specify the target foreign agent's IP address (CoA). Conventionally, the mobile node would receive that message and responsively send a new MIP registration request (RRQ) to the indicated CoA (e.g., the MIP RRQ would have as a source address the mobile node's HoA and a destination address the target foreign agent's indicated CoA), specifying in the MIP RRQ (i) the mobile node's home agent's IP address, (ii) the mobile node's HoA, and (iii) the CoA of the target foreign agent. The target foreign agent would then authenticate the mobile node, typically through signaling with an authentication, authorization, and accounting (AAA) server and, assuming successful authentication, transmit the MIP RRQ along to the indicated home agent IP address (after possibly changing the source address to be the IP address of the target foreign agent). The home agent would then update the registration of the mobile node to correlate the mobile node's HoA with the CoA of the target foreign agent. And the home agent would send an MIP registration reply (RRP) message to the target foreign agent, which the target foreign agent would send along to the mobile node.
When a mobile node moves between PDSNs in a CDMA system for instance, the mobile node would first establish a PPP link with the target PDSN. Upon receipt of an agent advertisement from the target PDSN, the mobile node would then send an MIP RRQ to the target PDSN, specifying the mobile node's home agent's IP address, the mobile node's HoA, and the target PDSN's CoA, which the target PDSN would pass along to the home agent after authenticating the mobile node. The home agent would then update the mobile node's registration and send an MIP RRP to the target PDSN, which the target PDSN would send along to the mobile node.
When a mobile node moves between a PDIFs in a WiFi system, the mobile node would first establish an IPsec tunnel with the target PDIF. To do so, the mobile node would first obtain a ToA, through Dynamic Host Control Protocol (DHCP) signaling for instance, for use in communicating with the PDIF. In turn, the mobile node and PDIF would engage in an internet key exchange (IKE) to agree on encryption parameters, and the PDIF would assign a TiA for use by the mobile node, possibly with a PANA (protocol for carrying authentication for network access) message to the mobile node. Under IPsec, the TiA can be any non-zero IP address preferably routable to the PDIF, possibly the mobile node's existing HoA if the mobile node has one, and is used as a security parameter so that the other IPsec endpoint (e.g., PDIF) can validate packet transmissions in the tunnel by ensuring that the TiA is what the endpoint expected the TiA to be.
Once the mobile node has the established IPsec tunnel with a target PDIF, the target PDIF sends an agent advertisement message to the mobile node, providing the mobile node with the target PDIF's CoA. Upon receipt of that agent advertisement message, the mobile node would then send an MIP RRQ to the target PDIF, specifying the mobile node's home agent's IP address, the mobile node's HoA, and the target PDIF's CoA, which the target PDIF would pass along to the home agent after authenticating the mobile node. The home agent would then update the mobile node's registration and send an MIP RRP to the target PDIF, which the target PDIF would send along to the mobile node.
Further, at that point, the target PDIF may then reassign the mobile node's TiA to be the mobile node's HoA (if it was not the mobile node's HoA already). That way, the mobile node can then send communications via the IPsec tunnel from the mobile node's HoA, so that response communications will be properly routed via the home agent back to the PDIF for transmission to the mobile node. In particular, from that point forward (if not already), the mobile node would use as the TiA its HoA.