bai tap nhom9.1
DESCRIPTION
1TRANSCRIPT
Mobile IP version 6
Mobile IP version 6
Ni Dung
Ti liu ch nhc n MIPV6, l mt phin bn vn cha c ph bin rng ri, nu c nhng kin thc c bn v MIP(giao thc s dng cho IP di ng) hay MIPV4(phin bn c), th bn c th tip cn vn c cp ti d dng hn.Ti liu ch c nhc ti MIPV6, khng a ra cc ni dung v MIPV4, nu mun so snh 2 phin bn ny i hi phi c thm thng tin v MIPV4. Phn I: Tng quan v IP di ng
1.1.Gii thiu chung1.2. Gii thiu MIPV6
Phn II: Kin trc v hot ng ca MIPV6 (L c Anh)2.1.Ti sao MIPV6 ra i v n p ng nhng yu cu g....2.2. MIPV6 khng hng ti gii quyt nhng vn no2.3. Kin trc MIPV6..2.4. C th hn v CoA
2.5. Hot ng ca MIPV6..
Phn III:Tng quan v an ninh Mobile IPv6 (Khut Duy Duy)3.1: Cp nht kt ni ti i l home
3.2: Cp nht kt ni ti nt tng ng..
3.3: Dynamic Home Agent Address Discovery(Tham kho)3.4: Mobile Prefix Discovery(Tham kho).3.5: Payload Packets.3.6: Dng IPsec bo v truyn tn hiu Mobile IPv6 gia Mobile Nodes v Home Agents
Phn IV: (Cao Thi ng)Ph lc: Ti liu tham khoPhn I: Tng quan v IP di ng 1.1.Gii thiu chung:
Mobile IP la mt b khuyn nghi va c ch cua IP do t cng tc IETF xut. giai quyt tinh di ng cua im nut Internet, da vao cac giao thc theo lp OSI. Hay c th hiu h tr kh nng di ng u cui khi vn trong khi s dng dich v mng IP c nh. VD: s dng laptop c kt ni internet trn t
V tr: giao thc nm tng Internet layer trong m hnh TCP/IP
Mc tiu: Hon thin h tng IP v mt mi trng truyn dn khng dy
Tch hp tt c dch v bng hp v bng rng
p ng nhu cu kt ni di chuyn trong IPV4 hoc IPV6, gii quyt vn di ng thu bao internet
Hng ti internet di ng
C s: pht trin da trn giao thc IP
Chun IETF1.2.Gii thiu MIPV6MIPV6 Mobile Internet Protocol version 6
C th hiu MIPV6 nh mt giao thc gip nt mng duy tr kt ni khi ra ngoi IPv6 Internet.Mt nt di ng di chuyn t ni ny n ni khc m khng cn thay i "home address". Cc gi tin s c hng ti nt di ng bt chp v tr hin ti ca n min l c kt ni vi Internet. Nt di ng cng c th tip tc kt ni vi cc nt khc (c nh hoc di ng) ngay c khi di chuyn ti mt v tr mi. S di chuyn ca nt ra khi v tr home s khng nh hng nhiu ti vic chuyn i thng tin , giao thc cp cao v cc ng dng .
Giao thc Mobile IPv6 thch hp cho di ng trong truyn thng ng nht v c truyn thng hn tp . V d nh , Mobile IPv6 gip nt di chuyn t mt mng Ethernet n mt mng khc cng nh t mt mng Ethernet segment ti mt LAN cell khng dy , vi a ch mng vn khng i khi di chuyn .
Phn II: Kin trc v nhng nt chnh trong hot ng ca MIPV6 2.1.Ti sao MIPV6 ra i v n p ng nhng yu cu g? Phin bn IPv4 khng cp tnh nng cn thit cho cc dch vu thn gtin v tuyn di ng. Nhc im u tin l s gii hn v i ch do di a ch hp khng th p ng nhu cu ca ngi s dng. n 3/2 nm 2011 block IPv4 cui cng c cp pht. ngun cung a ch Internet IPv4 chnh thc cn kit, sau 30 nm s dng. Trong bui hp c bit t chc ti Miami cng ngy, t chc qun l kho a ch Internet ton cu phn b nhng gi a ch IPv4 cui cng, ng thi h cng nhn mnh v tm quan trng khng th thiu ca website trong cuc sng hin i ngy nay. Gim c iu hnh John Curan ca American Registry for Internet Numbers, 1 trong 5 t chc phi li nhun qun l a ch Internet cho nhng vng c bit trn th gii, by t: "Nu so snh kch c ca kho a ch IPv4 ging nh mt qu bng golf, th kho IPv6 c kch c tng ng vi... Mt Tri." Bi v IPv6 s dng a ch 128 bit thay cho da ch 32 bit ca IPv4. Hu ht cc laptop, smartphone v nhng thit b truy cp web khc u h tr giao thc IPv6.Tuy nhin khng c h tr di ng c th trong IPv6, gi tin cn gi cho nt mng khng th gi n nu nh nt ra ngoi ng dn home. tip tc kt ni trong khi di chuyn, mt nt di ng phi thay i a ch IP mi ln khi di chuyn n mt ni mi, nhng n khng th trao i v thc hin nhng kt ni cp cao khi thay i v tr. Mt a ch IP gm 2 phn NetID( nhn dng Subnet), SubnetID( nhn dng node trong Subnet). Router s dng bng nh tuyn truyn gi tin theo a ch ch. Router ch lu d phn nhn dng Subnet trong bng nh tuyn. cp pht a ch IP mi cho nt di ng i hi h thng tn min DNS cn cp nhp lin tc cho vic gn tn logic n 1 a ch IP. 1nt di ng di chuyn thng xuyn s kh thc hin vic ny do thit lp 1 kt ni TCP tin cy cn xc nh
+ a ch IP client
+Cng TCP client +a ch IP server
+a ch TCP server
Cc gi tr trn thay i trong qu trnh trao i thng tin nn kt ni TCP s khn gh tn ti trong qu trnh di chuyn ia ch ch. Di ng h tr trong IPv6 rt quan trng , v my tnh di ng gn nh l s ng vai tr rt ln trong s dng Internet sut thi k ca IPv6. MIPV6 gii quyt vn ny. Vy giao thc Mobile IPv6 s phi p ng nhng yu cu :
+ Tch hp vo trong h tng mng hin c + m bo tnh tng thch vi cc lp di khng s dng Mobile IP
+ m bo che giu cc ng dng v giao thc lp trn
+ Phi s dng cng giao tip v c ch truy nhp vi cc lp di nh IP thc hin
+ Cc h thng Mobile IPv6 phi m bo kt ni ti cc h thng c nh khng
Mobile IPv6, cc lp trn vn tip tc hot ng khi u cui di chuyn, thay i vng truy cp mng
+ Ngi s dng vn c th truy nhp ti mi h thng trn Internet theo cch h
thng dng + Thng bo v s gin on dch v
2. 2. MIPV6 khng hng ti gii quyt nhng vn no? iu ny ta c th nm r hn chc nng ca MIPV6
- Khng x l khi ng dn nhng kt ni khng trc tip hoc kt ni mt phn b treo
VD: u cui c giu ging nh mt my ch c giu khi cc router trn ng dn .
- Khng iu khin quyn ng nhp ca nt mng
- Khng hng ti gii quyt cc dng phn cp ca mt qun l di ng (ging nh nhiu bin php qun l di ng cp ng dn hin nay ). - Khng hng ti gii quyt tr gip cho cc ng dng
- Khng x l phn bit nhng gi tin b mt v nhng li sai v v nghn mng
- Khng h tr hot ng ca mobile router.2.3. Kin trc MIPV6
MIPv6 gii thiu 4 khi nim gip h tr tnh ton di ng gm: Home addres, CoA, Binding, HAMN (Mobile node): thit b u cui c th thay i v tr im truy nhp t 1 mng ny n 1 mng khc m khng thay i a ch IP trong khi vn kt ni internet.
HA (Home Agent): l i din thng tr ca MN, l 1 b nh tuyn mng ch ca nt di ng. Nhim v truyn cc gi s liu n cc nt di ng bng ng hm (tunel) khi nt ra khi mng ch v duy tr thng tin cho nt. FN (Foregin Network): Mng khch-l mng m khng phi l mng nh.
AAA: dng nh danh, ng k.
CN (Correspontdent node): nt thng tin hay nt ngang hng vi nt MN (peer-to-peer) l nt m MN mun connect n c th l nt tnh hoc di ng.
CoA (Care of address) : a ch tm tr ca MN nm mng khch, gip HA bit a im hin hu ca MN. MN c gn cho a ch CoA trn mng khch(ti thi im a ch ny lng l duy nht trn mng internet ton cu). Mi ln qua mng khch khc nhau MN c th c cp cc CoA khc nhau. MN s dng CoA lm a ch ngun trong tiu cc gi gi i. Khi mt my di ng thay i t mt subnet ny sang subnet khc; n phi c mt CoA qua mt qu trnh t cu hnh.
Home Link: Lin kt c gn t mng di ti home, t nt di ng ly c a ch home address t nh cung cp pha trn kt ni home.
HoA (Home Adress): 1 MN lun c 1 a ch IP l HoA - c home link cung cp
+Nu trong phm vi home address th mobile node bnh thng khng c g xy ra.+Nu mobile node i ra khi phm vi home address th n vn gi 1 ip home-address ca n trong my [virtual mobile node]
RR (Return Routability): nh tuyn c phn hi.Binding Update: cc tin bo cp nht lin quan ti vic nh tuyn.
Mc ch thit k ca MIPv6 hng ti: l thng bo kp thi nhng s khc bit gia cc nt mt cch chn thc v khng lm gim st s an ton. S di ng hon ton trong sut i vi cc ng dng bn trn tng IP.V d v mt m hnh MIPV6:
Trong m hnh trn:
HA l cc router ca Cisco c h tr IPV6 trong phin bn RFC3775
MN l IPAQ ca HP c h tr linux MIPV6 hoc c th l PDA ca O2
CN l my ch HP UNIXng dng ang chy gia MN v CN l MP3 trc tuyn
AP l access point h tr truy cp Wifi ca Cisco2.6.C th hn v CoA
im khc bit ca MIPV6 so vi phin bn c ca MIP phn ln u xoay quanh CoA.-Thc ra CoA trong MIPV6 vit y l CcoA(Colocated CoA) c yu cu bi MN nh mt a ch IP cc b thng qua phng tin ngoi (Foreign Link). MN lin kt vi phng tin ny nh mt trong nhng giao tip mng ring ca n. a ch ny c th c cp pht ng DHCP tm thi ca MN hoc c th s hu di hn, s dng khi ang tm tr mng khch.
V d: Khi nm trong mng ph spngs 3G, MN c th dng a ch IP m n c cp pht cho phin truyn lm CoA.-Khi s dng CoA, MN ng vai tr l im cui ca tunnel v thc hin m gi s liu c gi theo tunnel n n.
-CoA trong MIPV6 c th s dng cho cc kt ni tm thi v khng cn dch v no ca HA.
-Khi cc gi tin c gi vi a ch ng CoA nh l a ch ngun, s gii quyt c vn b l u vo (ko cn s dng tng la chn cc gi tin gi ti t mng khc na).-CoA cho php MN lm vic khng cn FA(Foreign Agent-cng nh HA nhng mng khch) v i hi phi c vng a ch mng ngoi dnh cho cc MN khch, iu ny gy kh khn cho khng gian a ch IPV4 song khng phi l vn ca IPV6.2.5. Hot ng ca MIPV6
Tm tt:
Mi MN lun lun c xc nh bi HoA ca n , m khng cn kt ni ca n ti Internet. Khi ra khi Home Netwok, mt MN c ph thc cho mt a ch khc (chnh l CoA), cung cp thng tin v v tr hin ti ca n. Nhng gi tin IPv6 c a ti HoA ri hng thng ti ni CoA ca MN . Giao thc MIPV6 gip nhng nt mng IPv6 kt ni HoA ca n n CoA, v ri gi gi tin thng ti CoA . Nhm h tr thao tc ny.Tt c nt mng IPv6 , hoc di ng hoc c nh u c th lin lc vi nhng nt di ng (MN). Nh hnh di: MIPv6 nhm gii quyt ng thi hai vn . Th nht, n cho php chuyn giao lin tc mc d my ch (MN) chuyn ng v thay i a ch IP. Th hai, n cho php gi tin tm n mt nt thng qua a ch IP tnh ti a ch thng tr gc (HA). Ni mt cch khc, MIPv6 ch trng ti bn cht nhn dng ca cc a ch IP. Ta c th nhc li tng ca MIP (c MIPv4 v MIPv6) l cho php HA lm vic vi nt di ng MN ta nh ang tnh ti. Bt c lc no MN i khi mng thng tr gc th HA nhn cc gi tin gi n nt ny v chuyn tip gi ny ti CoA. Lp vn chuyn s dng a ch thng tr gc (HoA) nh nhn dng "tnh" ca nt di ng MN. Hnh 2 phc ha c ch hot ng ca tng c bn ny.
Hnh 2Khi MN thc hin truy cp n mng khc, mun thc hin gi 1 gi tin t 1 nt no n MN:Nt gi trong hnh chnh l CN (correspondent node) c th l tnh hoc di ng.Theo s hnh 2 nu mt gi tin c gi t nt gi m i theo ng Tunnel thng qua i din HA, th ng i s di hn gy gim cht lng.
khc phc nhc im trn MIPv6 a ra vic ti u ha nh tuyn (Route Optimization). Khi dng truyn ti u, MN gi CoA n nt gi bng cc tin bo cp nht lin quan ti vic nh tuyn (Binding Update). Lc ny MIPv6 dng ti u ha nh tuyn(RO), tc l nt gi s c 2 nhim v: +Th nht, n l ngun ca gi tin gi.
+Th hai, n hot ng nh b router u tin cho cc gi thng bo nh tuyn. Cc gi thng bo nh tuyn ri khi nt gi i n cc a ch va nhn t MN (tc l CoA). Mi gi u c mt mo u nh tuyn (routing header), routing header ny cha a ch thng tr gc HoA ca MN. V l thuyt, gi tin s c nh tuyn n CoA, ri sau gi tin c chuyn t CoA n HoA qua knh o(ch HoA by gi cng ch l 1vitual mobile node c lu trong b nh ca Home link).
m bo an ton v ti u ha nh tuyn, c ch hot ng ca MIPv6 da theo cch nh tuyn c phn hi RR (Return Routability). N phi a ra 2 la chn: + Chn a ch thng tr gc HoA + Chn a ch tm tr(CoA).
T=try: th; I=initialize:khi to Hnh 3Lung vn chuyn ca gi tin nh trn hnh 3.Vic la chn nh tuyn RR thc hin bng 2 cp tin bo v . Cc gi th khi to a ch thng tr-HoTI v th khi to a ch tm tr-CoTI ch cn dng kch thch cc gi th. Gi cp nht a ch BU tr li cho c hai php th.Qu trnh th a ch HoA nh sau:Vic la chn a ch gm c th a ch HoT v cp nht BU. HoT c chuyn qua tunnel t i din HA n nt di ng MN. Ni dung ca HoT l mt hm s ln xn gm a ch gc ca HoTI c km theo kha bo mt Kcn (ch c nt gi bit mt kha Kcn). Gi HoT c gi theo 2 ng ca Internet. ng th nht, t im gi n i din HA. Trn bc ny, gi khng c bo v, bt k hacker no cng bit ni dung. Tip theo HA gi tip gi n nt di ng MN. Trn ng, gi c truyn trong tunnel c bo v khng ngi ngoi no c c ni dung ca gi.
Qu trnh th a ch CoA cng tng t. Ch c khc l by gi gi c gi trc tip t a ch CoA ca nt di ng MN. Ni dung ca CoT l mt hm s c km theo h s bo mt Kcn. Gi CoT chuyn trc tip t nt gi n nt di ng MN. Trn ng gi khng c bo v. Khi nt di ng MN nhn c c hai tin HoT v CoT, n to ra kha rng buc Kbm. Kha Kbm c dng bo v tin cp nht BU, cho n khi MN di ng v cn c mt CoA mi. Khi nhn c tin BU u tin, nt gi i qua mt qu trnh phc tp. l m bo cho nt MN va nhn c HoT v CoT l do HoA v CoA yu cu.
Gi thit c mt tin tc c th n cp tin HoT, ti thi im no v tip theo. Nu HoT ko di mi th tin tc c th tip tc n cp. hn ch nguy hi ny ta truyn HoT trong thi gian ngn. Sau chu k vi pht, cp tin bo HoTI/HoT li thay i. iu ny s c trnh by r hn trong phn bo mt. Rt ra c 1vi kt lun t s hot ng ca MIPV6 nh sau:
-MN phi c kh nng lin lc vi cc node khc (k c cc node khng h tr MIPV6) khi thay im truy nhp tng lin kt-Tt c cc bn tin v tr ca node di ng phi c chng thc.
-Lin kt v tuyn s c rng bng thng nh hn v t l li cao hn cc mng hu tuyn thng thng.
-Cng nh MIP, MIPV6 khng hn ch b sung a ch IP. Ngha l t chc s hu MN c th n nh a ch IP bng giao thc khc c qun l bi t chc . *Ngun tham kho:
Ti liu : Gio trnh mng my tnh -HVCNBCVT
Bo co tiu lun MIPV6 -chng trnh o to k s clc Vit Php Website: http://www.tapchibcvt.gov.vn/ http://www.deeforum.net/forum/index.php?topic=1219.0 http://vntelecom.org/diendan/showthread.php?t=149&page=2 http://www.tebyan.net/
http://vnpro.org/forum/showthread.php/18915-mobile-ipv6
Phn III Tng quan v an ninh Mobile IPv6
Thc t cung cp nhiu cng c an ninh , bao gm cung cp vic bo v cho cp nht kt ni ca home v nt tng ng (dng header m rng IPsec , hoc dng ty chn d liu qun k kt ni , ty chn ny dng kha qun l kt ni , kbm , thit lp thng qua th tc ng dn phn hi ), bo v khi phc tin t di ng (dng header m rng Ipsec ), v bo v h thng Mobile IPv6 trao i gi tin d liu (ty chn im ch a ch home v header ng dn loi 2)
3.1 Cp nht kt ni ti i l home Nt di ng v i l home phi dng kt hp an ninh IPsec thng nht v qun l cp nht v xc nhn kt ni . C nt di ng v i l home phi h tr v nn dng header gi ti an ninh (Encapsulating Security Payload) (ESP) [6] trong truyn dn v phi dng thut ton xc thc ti khng rng cung cp quyn xc nhn d liu gc ,ton vn kt ni v bo v chng li ti din ty chn . Ch rng header xc thc ( Authentication Header )(AH) [5] l kh thi nhng khng c th v qu di dng .
bo v nhng thng tin trao i gia nt di ng v i l home dng IPsec, nhng entry c s d liu an ninh thch hp cn phi c to ra . Mt nt di ng cn ngn cn vic nt khc dng kt hp an ninh gi cp nht kt ni dng i l home ca mnh . Vn ny c gii quyt bng cch ku i l home kim tra xem a ch nh c cho c dng kt hp an ninh tng thch khng . Mt kim tra nh th s c thc hin bng qu trnh IPsec , bng cch c nhng entry CSDL an ninh xc nhn r rng kt hp an ninh bo v cp nht kt ni gia a ch home c cho v i l home . phng an kh thi th a ch home phi c trong cp nht v xc nhn kt ni . a ch home c dng trong gi tin ny nh mt ngun ch , hoc trong ty chn im ch a ch home v header ng dn loi 2 .
V vi tt c kt hp an ninh IPsec trong thc t , nn phn t nh dng ca kt hp an ninh l phi c h tr . Nhng b mt chia s phi ngu nhin v n lp gia nhng nt khc nhau ,v phi c phn phi offline cho nhng nt di ng .
Qun l kha t ng IKE [9] c l c h tr . Khi IKE c dng, hoc nhng entry CSDL an ninh hoc nhng qu trnh Mobile IPv6 phi xc nhn r rng chu k IKE mt li y nhim dng qun l to kt hp an ninh bo v cp nht kt ni cho mt a ch home .
3.2 Cp nht kt ni ti nt tng ng
S dng th tc ng dn phn hi , n khng th ngn cn mt tn cng vo ng dn , nhng n c th gii hn hacker xc nh ng dn c th hoc gi mo cp nht kt ni trn Internet. Bo mt thng tin s dng thut ton hash . Kha qun l kt ni , Kbm, c dng gii m .
3.2.1 Kha nt Mi nt tng ng c mt kha b mt , Kcn, gi l "kha nt", c dng lm bng chng m gi n nt di ng .L mt s ngu nhin v di 20 byte . Kha ny gip nt tng ng xc nhn ng kt ni .
Nt tng ng s thay i kha nt ny lin tc v vn an ninh
3.2.2 Nonces
Nonce c dng bi nt tng ng xc nhn kt ni cng vi kha nt . Nonce c mt ch s nonce thay i theo chu k . N gip nt tng ng phn bit tin nhn cho tng chu k . Thng tin ca nonce ht hn cng s b xa
3.2.3 Mt nonce l mt chui byte khong chng 64 bits.
3.2.4 Cookies and Tokens
Th tc kim tra a ch ng dn phn hi dng cookies v tokens m lm nhng gi tr b mt trong thng tin kim tra v xc nhn kim tra .
Cookie v token ng vai tr xc nhn kt ni ng gia nt i ng v nt tng ng cng nh xa nhng timer ht hn .
3.2.5 Hm mt m Dng tnh ton gi tr hash .3.2.6 Th tc ng dn phn hi Th tc ng dn phn hi gip nt tng ng chc rng a ch ca nt di ng v c a ch home ln a ch ph thc . Sau nt tng ng mi thc hin kt ni v gi d liu . Nt di ng s xc minh mnh bng cch gi li d liu xc nhn m token . Kha d liu kt ni , Kbm, l ca nt di ng xc minh .
Mobile node Home agent Correspondent node | |
| Home Test Init (HoTI) | |
|------------------------------>|------------------------------->|
| | |
| Care-of Test Init (CoTI) |
|--------------------------------------------------------------->|
| |
| | Home Test (HoT) |
|