Accessibility wherever you are with Mobile IPv6

Freedom to Travel

Where Am I?

The mobile node must detect as quickly as possible that it is no longer on its own network in order to initiate a new link. A process called neighbor unreachability detection supports this operation, known as movement detection. This process also exists in the normal IPv6 standard in the scope of neighbor discovery. It involves having the mobile node check the accessibility of its default gateway. If the default is no longer accessible, the mobile node tries to discover a new default router, which is communicated to it by router advertisement. In this context, the prefix, and thus the current care-of address, are set.

When the mobile node reaches its home link again, home registration takes place. Among other things, this involves setting the H bit (home registration) and setting the lifetime to  0. The home agent then knows that it no longer needs to send the packets through the tunnel.

What About Security?

Communication between the mobile node and the correspondent node is vulnerable to various attacks, such as man-in-the-middle, session hijacking, denial of service, and so on. An essential safety measure is to protect the connection between the MN and the HA through an IPsec tunnel with ESP. This ensures that all messages between the mobile node and home agent are protected, including binding updates and acks, home test messages, and ICMPv6 messages. The binding updates between the mobile node and correspondent node are not protected by IPsec, but by the return routability process. However, certain extensions exist here, such as the binding authorization data option, to protect communication.

Because slightly different rules apply to Mobile IPv6, different RFCs describe modifications to IPsec for use with MIPv6. They include RFCs 4555 and 4621, which deal with the use of IKEv2 in these scenarios, and RFC 3776, "Using IPsec to Protect Mobile IPv6 Signaling Between Mobile Nodes and Home Agents." Safeguards also exist for special networks in the form of RFCs. However, a complete discussion of all these security areas is beyond the scope of this article.


Mobile IPv6 is a forward-looking technology that could become part of everyday life in the IT networking world. Providers will offer various service packages to customers to ensure smooth connections across various networks – roaming without even temporary drops on the network connection. Because of a general trend toward mobile devices – amplified by the tablet boom – the use of such technologies is a logical development.

Support for MIPv6 has been limited thus far. Microsoft's operating systems, including Windows 8 and Windows Server 2012, do not provide full support. Linux can be extended to accommodate MIPv6 with the UMIP daemon [3], and Android systems currently rely on hacks to support MIPv6. Additionally, Apple's iOS does not support MIPv6.

At the end of the day, IPv6 will need to be widely available to enable use of Mobile IPv6 without migration technologies such as 6to4 tunnels. The Mobile IPv6 standard will continue to develop and will probably include even more interesting extensions in the future. In fact, many additions and enhancements to Mobile IPv6 already exist, including NEMO [4] and Hierarchical Mobile IPv6 [5].

The Author

Eric Amberg has many years of project experience in IT infrastructure and freelances as a trainer and consultant. His main focus is on networking topics. In his seminars and video courses, he emphasizes hands-on training.

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Access Anywhere with Mobile IPv6

    IPv6 includes Mobile IPv6, a new standard for communication with mobile devices, which ensures permanent accessibility regardless of your current location. In this article, we provide an overview of Mobile IPv6 functionality.

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.