1. Field of the Invention
The present invention relates generally to Mobile Internet Protocol (MIP), and more specifically to providing IP connectivity for roaming mobile IP devices belonging to a private network.
2. Discussion of the Related Art
Mobile Internet Protocol (MIP) provides the ability to maintain IP connectivity as a mobile IP device or Mobile Node (MN) changes its network connectivity points. The basic MIP operation relies on a MIP Home Agent (HA), a MIP client residing within the MN and optionally a MIP Foreign Agent (FA). The Home Agent resides on a Home Network, i.e., on the network that is topologically consistent with the address assigned to the MN. The FA resides in a network that the MN may roam into.
When the MN roams into a new network it will try to locate a FA. If an FA is present, the MN registers with the HA using the FA as a Care-of Address (COA). On successful registration, a tunnel is set up between the HA and FA. If an FA is not present in the roamed network, the MN acquires a local address (through dynamic host configuration protocol (DHCP), for example) and registers directly with the HA using the local address as the Care-of address. On successful registration, a tunnel is set up between the HA and the MN. Once registered, packets destined to the MN are intercepted by the Home Agent and tunneled to the MN. Packets from the MN to a correspondent node (CN) may be tunneled to the Home Agent or sent directly to the CN depending on whether reverse tunneling is activated or not.
The MIP operation described thus far assumes that the MN is able to register with the Home Agent when it is in a Roamed Network. The registration packet is an IP packet with the destination address being the Home Agent's IP address. A successful registration requires that the registration packet be routable to the Home Agent. However, a problem occurs when the Home Agent is located in a private network in which all IP addresses are private addresses. In other words, IP packets cannot be routed to these private addresses from outside the private network. In such a scenario, when the MN is in the same private network, the registration packet may be easily routed to the private Home Agent. However, when the MN has roamed outside of the private network into a public network, the registration packet is not routable to the private Home Agent. For example, a private cellular network supporting MIP, such as code division multiple access (CDMA 1x) systems or iDEN networks, maybe configured such that the Home Agent has a private address within the private cellular network and the MN roams into a public network outside of the private network, such as a wireless local area network (WLAN) or “hotspot”. In this situation, the MN is unable to register with the Home Agent since it is in the private network and Mobile IP service outside of the private network is effectively eliminated.
One solution to this problem uses an MIP proxy device in the path between the MN outside of the private network and the Home Agent within the private network. Such an MIP proxy device is located in a separate policy control region (also sometimes referred to in the art as a demilitarized zone (DMZ)) between an edge router and a private firewall of the private network. The MIP proxy device serves as a surrogate MN and as a surrogate Home Agent to essentially stitch an end-to-end connection between the MN and its actual Home Agent. When the MN registers from the public network, it sends its registration packet to the MIP proxy device, not its Home Agent. This solution requires an additional device for MIP operation, i.e., the MIP proxy device. Furthermore, multiple MIP tunnels have to be established between the MN and the HA, i.e., the MIP tunnel between the MN and the MIP proxy device and the MIP tunnel between the MIP proxy device and the HA. Additionally, this solution also requires a change in MIP operation when the MN in within the private network since it will still register with the MIP proxy, i.e., when the MN is in the private network, it addresses the registration request to the MIP proxy device.