1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
|
Internet Engineering Task Force (IETF) H. Deng
Request for Comments: 6098 China Mobile
Category: Standards Track H. Levkowetz
ISSN: 2070-1721 Netnod
V. Devarapalli
Vasona Networks
S. Gundavelli
Cisco
B. Haley
Hewlett-Packard Company
April 2012
Generic Notification Message for Mobile IPv4
Abstract
This document specifies protocol enhancements that allow Mobile IPv4
entities to send and receive explicit notification messages using a
Mobile IPv4 message type designed for this purpose.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc6098.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Deng, et al. Standards Track [Page 1]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents
1. Introduction ....................................................3
2. Terminology .....................................................4
3. Notification Message - Usage Scenarios ..........................4
3.1. Notification Message - Examples ............................4
3.2. Notification Message - Topology ............................5
3.2.1. Notification Message between a Home Agent
and a Mobile Node ...................................6
3.2.2. Notification Message between a Foreign Agent
and a Mobile Node ...................................6
3.2.3. Notification Message between a Home Agent
and a Foreign Agent .................................7
4. Generic Notification Message and Considerations .................7
4.1. Generic Notification Message ...............................7
4.2. Generic Notification Acknowledgement Message ..............11
4.3. Notification Retransmission ...............................14
4.4. General Implementation Considerations .....................15
4.5. Mobile Node Considerations ................................15
4.5.1. Receiving Generic Notification Messages ............15
4.5.2. Sending Generic Notification
Acknowledgement Messages ...........................16
4.5.3. Sending Generic Notification Messages ..............17
4.5.4. Receiving Generic Notification
Acknowledgement Messages ...........................18
4.6. Foreign Agent Consideration ...............................18
4.6.1. Receiving Generic Notification Messages ............19
4.6.2. Sending Generic Notification
Acknowledgement Messages ...........................21
4.6.3. Sending Generic Notification Messages ..............21
4.6.4. Receiving Generic Notification
Acknowledgement Messages ...........................22
Deng, et al. Standards Track [Page 2]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
4.7. Home Agent Consideration ..................................23
4.7.1. Sending Generic Notification Messages ..............23
4.7.2. Receiving Generic Notification
Acknowledgement Messages ...........................24
4.7.3. Receiving Generic Notification Messages ............24
4.7.4. Sending Generic Notification
Acknowledgement Messages ...........................26
5. Future Extensibility ...........................................26
5.1. Examples of Possible Extensions ...........................26
5.2. Extension Specification ...................................27
6. IANA Considerations ............................................28
7. Security Considerations ........................................28
7.1. Replay Protection for GNMs and GNAMs ......................29
7.1.1. Replay Protection Using Timestamps .................29
7.1.2. Replay Protection Using Nonces .....................30
7.2. Non-Authentication Extensions Handling in the
Foreign Agent .............................................31
8. Acknowledgements ...............................................31
9. References .....................................................32
9.1. Normative References ......................................32
9.2. Informative References ....................................32
1. Introduction
In some situations, there is a need for Mobile IPv4 entities, such as
the home agent (HA), foreign agent (FA) and mobile node (MN) to send
and receive asynchronous notification messages during a mobility
session. In this context, 'Asynchronous messages' is used to mean
messages that are not synchronous with the Registration Request and
Registration Reply messages of the base Mobile IP (MIP) specification
[RFC5944]. The base Mobile IP specification does not have a
provision for this.
In order to rectify that, this document defines a generic
notification message and a notification model that can be used by
Mobile IPv4 entities to send various notifications. It also defines
a corresponding acknowledgement message to make it possible to ensure
reliable delivery of notifications. Only the following extensions
may be present in these new messages, as defined by this document:
- MN-HA Authentication Extension
- MN-FA Authentication Extension
- FA-HA Authentication Extension
- Message String Extension
Deng, et al. Standards Track [Page 3]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
The semantics of receiving a generic notification message with a
Message String Extension are null; i.e., it has no effect on the
state of a mobile node's existing registration. See Section 3.1 for
some application examples that motivate the new messages defined in
this document.
2. Terminology
It is assumed that the reader is familiar with the terminology used
in [RFC4917] and [RFC5944]. In addition, this document frequently
uses the following terms:
Notification Message
A message from a mobility agent to a an MN or other mobility
agent, or from an MN to a mobility agent, to asynchronously notify
it about an event that is relevant to the mobility service it is
currently providing.
Generic Notification Message
A Notification Message in the context of Mobile IPv4 with a
well-defined envelope format and extensibility, and with certain
limitations on how extensions may be defined and used, but
otherwise generally available for notification purposes within the
Mobile IPv4 protocol. Abbreviated 'GNM' in this document.
Generic Notification Acknowledgement Message
An acknowledgement of a received Generic Notification Message.
Abbreviated 'GNAM' in this document.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
3. Notification Message - Usage Scenarios
3.1. Notification Message - Examples
The simplest usage scenario for a notification message is one where
the notification has no semantic meaning within the protocol; it is
only carrying a message that can be displayed to a user or an
operator (depending on which is the receiving entity -- see more on
this below, in Section 3.2). Examples of such usage are messages
from operator to user about billing- or service-related events ("You
have used nearly all of your prepaid quota; there are only XX MB left
-- please purchase further service if you are going to need it."; or
Deng, et al. Standards Track [Page 4]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
"You have now used data transfer services for the amount of $XXX
since your last bill; this is above the notification threshold for
your account.") or messages about service interruptions, and more.
These examples are all supported by the use of the Mobile IPv4
Generic Notification Message together with the Message String
Extension, as defined in this document.
There are also other examples, which cannot be implemented solely
using the messages and extensions defined in this document. Some of
these are described briefly below, and covered slightly more
extensively in Section 5.
One example of an application of an extended Generic Notification
Message is that during handover between CDMA 2000 1x EV-DO and
Wireless LAN, the PPP resource on the CDMA side has to be removed on
the FA (Packet Data Serving Node) to avoid over-charging subscribers.
To address this, the Registration Revocation Message was defined in
[RFC3543], but it would have been preferable to have had it defined
as a separate message (i.e., the Generic Notification Message) with a
Registration Revocation extension.
Other applications are:
o HA switch-over (before the HA decides to go off-line, it would
like to notify the MNs to register with another candidate HA),
o Network Mobility (NEMO) prefix changes (an MN is notified by the
HA about NEMO prefix changes and service- or billing-related
events; this is an operational requirement),
o load balancing (the HA wants to move some of the registered MNs to
other HAs),
o service termination (due to end of prepaid time), and
o service interruption (due to system maintenance).
3.2. Notification Message - Topology
There are several scenarios where a mobility agent could initiate
notification events. Some of these are described in the following
sections.
Deng, et al. Standards Track [Page 5]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
3.2.1. Notification Message between a Home Agent and a Mobile Node
3.2.1.1. Mobile Registered Using a Foreign Agent Care-of Address
In this case, the HA cannot directly notify the MN, but must send the
notification via the FA, and vice versa.
+----+ notification +----+ notification +----+
| MN |<================>| FA |<=============>| HA |
+----+ +----+ +----+
Figure 1: HA notifies MN or MN notifies HA through FA
3.2.1.2. Mobile Registered Using a Co-Located Care-of Address
In this case, the MN has registered with the home agent directly, so
the notification message can go directly to the MN.
The notification mechanism as specified here does not support the
case of co-located Care-of Address (CoA) mode with registration
through an FA (due to the 'R' bit being set in the FA's advertisement
messages).
+----+ notification +----+
| MN |<===================================>| HA |
+----+ +----+
Figure 2: HA directly notifies MN or MN directly notifies HA
3.2.2. Notification Message between a Foreign Agent and a Mobile Node
There are two cases where an FA may send notification messages to an
MN -- one where it is relaying a message, the other where the
notification is triggered by a message from another network entity,
for example, an Authentication, Authorization, and Accounting (AAA)
node. (Notification messages between a AAA entity and the FA could
be based on RADIUS or Diameter, but this is out of scope for this
document.) If the notification is initiated by an FA, the FA may
also need to notify the HA about the event.
Deng, et al. Standards Track [Page 6]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
+----+ notification +----+ trigger +--------+
| MN |<================>| FA |<=============| AAA |
+----+ +----+ +--------+
|| notification +----+
================>| HA |
+----+
Figure 3: FA notifies MN
3.2.3. Notification Message between a Home Agent and a Foreign Agent
The HA may also need to send a notification to the FA, but not to the
MN. The FA may also need to send a notification to the HA, as
illustrated below:
+----+ notification +----+
| FA |<=============>| HA |
+----+ +----+
Figure 4: HA notifies FA or FA notifies HA
4. Generic Notification Message and Considerations
This section describes in detail the Generic Notification Message
(GNM), Generic Notification Acknowledgement Message (GNAM), and some
considerations related to the handling of these messages in the MN,
FA, and HA.
The MN and HA MUST maintain the following information:
- the IP source address of the Registration Request/Reply
- the IP destination address of the Registration Request/Reply
- the UDP source port of the Registration Request/Reply
- the UDP destination port of the Registration Request/Reply
The sending node always sends the GNM following the same procedure
for sending a Registration Request as in Section 3.3 of [RFC5944],
and the receiving node follows the same procedure for Registration
Reply as in Section 3.4 of [RFC5944] when sending GNAM.
4.1. Generic Notification Message
A GNM is sent by a mobility agent to inform another mobility agent,
or an MN, of MIP-related information in the form of a Message String
Extension [RFC4917]. These messages MUST use the same IP and UDP
Deng, et al. Standards Track [Page 7]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
headers as any previous Registration Request (RRQ) or Reply (RRP)
message to the same entity. This would support NAT traversal and
ensure the same security association used for GNM/GNAM and RRQ/RRP.
The GNM is defined as follows:
IP Fields:
Source Address
Typically, copied from the destination address of the last
Registration Reply/ Request message that the agent received from
the agent to which it is sending the GNM.
Destination Address
Copied from the source address of the last Registration
Reply/Request message that the agent received from the agent to
which it is sending the GNM.
UDP Fields:
Source Port
Typically, copied from the destination port of the last
Registration Reply/Request message that the agent received from
the agent to which it is sending the GNM.
Destination Port
Copied from the source port of the last Registration Reply/Request
message that the agent received from the agent to which it is
sending the GNM.
Deng, et al. Standards Track [Page 8]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
The UDP header is followed by the Mobile IP fields shown below:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | MD |A| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Agent Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Care-of Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Identification +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Extensions...
+-+-+-+-+-+-+-+-+-+-+-+-+-
Type 22
MD: Message Direction
This memo defines the semantics of the following MD field value:
0 -- Message sent by the HA to the MN
1 -- Message sent by the HA to the FA
2 -- Message sent by the MN to the HA
3 -- Message sent by the MN to the FA
4 -- Message sent by the FA to the MN
5 -- Message sent by the FA to the HA
A
This bit indicates whether the notification message MUST be
acknowledged by the recipient. If the "A" bit has been set during
the message, but the sender doesn't receive any acknowledgement
message, then the sender will have to re-send the notification
message again.
Set to "1" to indicate that acknowledgement is REQUIRED.
Deng, et al. Standards Track [Page 9]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
Set to "0" to indicate that acknowledgement is OPTIONAL.
Reserved
MUST be sent as 0, and ignored when received.
Home Address
The home address of the mobile node.
Home Agent Address
The IP address of the mobile node's HA.
Care-of Address
The mobile node's care-of address, either the co-located care-of
address or the foreign agent care-of address.
Identification
A 64-bit number, constructed by the sender, used for matching GNM
with GNAM and for protecting against replay attacks of
notification messages. See Sections 7.1.1 and 7.1.2 for more on
the use of timestamps and nonces in this field. Support for the
use of timestamps is REQUIRED, and support for nonces is OPTIONAL.
Extensions
The fixed portion of the GNM is followed by one or more extensions
that may be used with this message, and by one or more
authentication extensions as defined in Section 3.5 of [RFC5944].
Apart from the Authentication Extensions mentioned below, only one
extension is defined in this document as permitted for use with
the GNM: the Message String Extension defined in [RFC4917].
This document requires the MN-HA Authentication Extension (AE) to
be used when this message is sent between the MN and the HA; MN-FA
AE and FA-HA AE are OPTIONAL. This document also requires the use
of the MN-FA AE when this message is sent between the MN and the
FA, where the MN-HA AE and FA-HA AE are not needed. This document
finally requires the use of the FA-HA AE when this message is sent
between the FA and the HA, and the MN-HA AE and MN-FA AE are not
needed. This could be determined based on the "MD" value.
See Sections 3.6.1.3 and 3.8.3.3 of [RFC5944] for the rules on the
order of these extensions as they appear in Mobile IPv4 RRQ and
RRP messages. The same rules are applicable to GNM and GNAM.
Deng, et al. Standards Track [Page 10]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
4.2. Generic Notification Acknowledgement Message
A GNAM is sent by mobility agents or MNs to indicate the successful
receipt of a GNM.
IP Fields:
Source Address
Typically, copied from the destination address of the GNM to which
the agent is replying.
Destination Address
Copied from the source address of the GNM to which the agent is
replying.
UDP Fields:
Source Port
Copied from the destination port of the corresponding GNM.
Destination Port
Copied from the source port of the corresponding GNM.
The UDP header is followed by the Mobile IP fields shown below:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | MD | Code | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Home Agent Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Care-of Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Identification +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Extensions...
+-+-+-+-+-+-+-+-+-+-+-+-+-
Deng, et al. Standards Track [Page 11]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
Type 23
MD: Message Direction
This memo defines the semantics of the following MD field value:
0 -- Message sent by the HA to the MN
1 -- Message sent by the HA to the FA
2 -- Message sent by the MN to the HA
3 -- Message sent by the MN to the FA
4 -- Message sent by the FA to the MN
5 -- Message sent by the FA to the HA
Code
A value indicating the result of the GNM. See below for a list of
currently defined Code values.
Notification successful
0 -- notification accepted
Notification denied by the HA
128 -- reason unspecified
129 -- administratively prohibited
130 -- insufficient resources
131 -- mobile node failed authentication
132 -- foreign agent failed authentication
133 -- notification Identification mismatch
Notification denied by the FA
64 -- reason unspecified
65 -- administratively prohibited
66 -- insufficient resources
Deng, et al. Standards Track [Page 12]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
67 -- mobile node failed authentication
68 -- home agent failed authentication
69 -- notification Identification mismatch
Notification denied by the mobile node
192 -- reason unspecified
193 -- administratively prohibited
194 -- insufficient resources
195 -- foreign agent failed authentication
196 -- home agent failed authentication
197 -- notification Identification mismatch
Home Address
The home address of the mobile node.
Home Agent Address
The IP address of the sender's home agent.
Care-of Address
The mobile node's care-of address, either the co-located care-of
address or the foreign agent care-of address.
Identification
A 64-bit number used for matching the GNM with the GNAM and for
protecting against replay attacks of notification messages. See
Sections 7.1.1 and 7.1.2 for more on the use of timestamps and
nonces in this field. Support for the use of timestamps is
REQUIRED, and support for nonces is OPTIONAL. The value is based
on the Identification field from the GNM from the sender, and on
the style of replay protection used in the security context
between the sender and its receiver (defined by the mobility
security association between them, and the Security Parameter
Index (SPI) value in the authorization-enabling extension).
Deng, et al. Standards Track [Page 13]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
Extensions
The fixed portion of the GNAM is followed by one or more
extensions that may be used with this message, and by one or more
authentication extensions as defined in Section 3.5 of [RFC5944].
This document REQUIRES the MN-HA Authentication Extension (AE) to
be used when this message is sent between the MN and the HA; MN-FA
AE and FA-HA AE are OPTIONAL. This document also requires the use
of the MN-FA AE when this message is sent between the MN and the
FA, where the MN-HA AE and FA-HA AE are not needed. This document
finally requires the use of the FA-HA AE when this message is sent
between the FA and the HA, and the MN-HA AE and MN-FA AE are not
needed. This could be determined based on the "MD" value.
See Sections 3.6.1.3 and 3.8.3.3 of [RFC5944] for the rules on the
order of these extensions as they appear in Mobile IPv4 RRQ and
RRP messages. The same rules are applicable to GNM and GNAM.
4.3. Notification Retransmission
If the "A" flag has been set during the GNM, but the sender doesn't
receive any GNAM within a reasonable time, then the GNM SHOULD be
retransmitted. When timestamps are used, a new notification
Identification is chosen for each retransmission; thus, it counts as
a new GNM. When nonces are used, the unanswered GNM is retransmitted
unchanged; thus, the retransmission does not count as a new GNM
(Section 7.1). In this way, a retransmission will not require the
receiver to re-synchronize with the sender by issuing another nonce
in the case in which the original GNM (rather than its GNAM) was lost
by the network.
The maximum time until a new GNM is sent SHOULD be no greater than
the requested Lifetime of the last GNM. The minimum value SHOULD be
large enough to account for the size of the messages, twice the
round-trip time for transmission to the receiver, and at least an
additional 100 milliseconds to allow for processing the messages
before responding. The round-trip time for transmission to the
receiver will be at least as large as the time REQUIRED to transmit
the messages at the link speed of the sender's current point of
attachment. Some circuits add another 200 milliseconds of satellite
delay in the total round-trip time to the receiver. The minimum time
between GNMs MUST NOT be less than 1 second. Each successive
retransmission timeout period SHOULD be at least twice the previous
period, as long as that is less than the maximum as specified above.
Deng, et al. Standards Track [Page 14]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
4.4. General Implementation Considerations
Implementations of this specifications should provide support for
management of the various settings related to the notification
messages. In particular, it should be possible to do the following:
o List the notification messages supported.
o Show enabled/disabled status for notification message support,
overall and in detail.
o Show the value of the maximum and minimum retransmission times.
o Enable and disable notification support entirely.
o Enable and disable the individual notification messages supported.
o Set the values of the maximum and minimum retransmission times
described in Section 4.3.
4.5. Mobile Node Considerations
It is possible that the MN MAY receive a GNM from an FA or HA. Both
in the case of FA-CoA and co-located CoA, the MN MAY reply with a
GNAM based on the "A" flag in the GNM.
4.5.1. Receiving Generic Notification Messages
When the MN is using an FA-CoA and receives a notification message,
if the "MD" value is 0, it means that the notification message came
from the HA. If the "MD" value is 4, the notification came from the
FA. If the MN is using a co-located CoA and receives a notification
message, the "MD" value will be 0, indicating that the notification
message came from the HA.
The MN MUST check for the presence of an authorization-enabling
extension and perform the indicated authentication. Exactly one
authorization-enabling extension MUST be present in the GNM.
If this message came from an FA, then an MN-FA AE MUST be present.
If no MN-FA AE is found, or if more than one MN-FA AE is found, or if
the Authenticator is invalid, then the MN MUST reject the GNM and MAY
send a GNAM to the FA with Code 195, including an Identification
field computed in accordance with the rules specified in Section 7.1.
The MN MUST do no further processing with such a notification, though
it SHOULD log the error as a security exception.
Deng, et al. Standards Track [Page 15]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
If this notification message came from the HA, relayed by the FA, or
if the MN is using a co-located CoA, then the MN-HA AE MUST be
checked and the MN MUST check the Authenticator value in the
Extension. If no MN-HA AE is found, or if more than one MN-HA AE is
found, or if the Authenticator is invalid, then the MN MUST reject
the GNM and MAY send a GNAM to the initiator with Code 196, including
an Identification field computed in accordance with the rules
specified in Section 7.1. The MN MUST do no further processing with
such a notification, though it SHOULD log the error as a security
exception.
The MN MUST check that the Identification field is correct using the
context selected by the SPI within a mandatory authentication
extension like the MN-FA AE or MN-HA AE. See Section 7.1 for a
description of how this is performed. If incorrect, the MN MUST
reject the GNM and MAY send a GNAM to the initiator with Code 197,
including an Identification field computed in accordance with the
rules specified in Section 7.1. The MN MUST do no further processing
with such a notification, though it SHOULD log the error as a
security exception.
The MN MUST also check that the extensions present in the Generic
Notification Message are permitted for use with the GNM. If not, the
MN MUST silently discard the message. It MUST NOT do any further
processing with such a notification, though it SHOULD log the error.
If the MN accepts a GNM, then it will process it according to the
specific rules for the extensions. After that, the MN MAY reply to
the originator with a GNAM with Code 0 based on the "A" flag in the
GNM.
4.5.2. Sending Generic Notification Acknowledgement Messages
Both in the case of a co-located CoA and FA-CoA, the MN MAY reply
with a GNAM based on the "A" flag in the GNM as follows:
If the GNM was initiated from the FA to the MN ("MD" value is set to
4), then the MN-FA AE MUST be the last extension in order to protect
all other non-authentication extensions as defined in Section 3.5.3
of [RFC5944].
In the case of an FA-CoA, the source address is the MN's address, the
destination address is the FA's address.
The Code field of the GNAM is chosen in accordance with the rules
specified in Section 4.2. When replying to an accepted notification,
an MN SHOULD respond with Code 0.
Deng, et al. Standards Track [Page 16]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
There are a number of reasons why the MN might reject a notification,
such as for example not being permitted to receive notifications,
which could be for a number of reasons, causing the return of a GNAM
with Code value 193 (administratively prohibited); or being unable to
act on or display the notification, or otherwise being resource
constrained, causing the use of Code value 194 (insufficient
resources); or other reasons for which no other specific Code value
is available, which would cause the use of Code value 192 (reason
unspecified).
If the GNM was initiated from the HA to the MN ("MD" value is set to
0) and in the case of a co-located CoA, then the MN-HA AE MUST be the
last extension in order to protect all other non-authentication
extensions as defined in Section 3.5.2 of [RFC5944].
When replying to a GNM from an HA to an MN with an FA-CoA, the source
address is the MN's home address and the destination address is the
FA's address ("MD" value is set to 2). The ordering of the extension
is: any non-authentication Extensions intended for the HA, followed
by the MN-HA AE defined in Section 3.5.2 of [RFC5944], followed by
any non-authentication Extensions intended for the FA, followed by
the MN-FA AE defined in Section 3.5.3 of [RFC5944].
4.5.3. Sending Generic Notification Messages
The MN may send a GNM to notify either the FA or HA.
If the message is sent to the FA, then the source address is the MN's
address, and the destination address is the FA's address
If the FA is the target of this notification message, then the "MD"
value is set to 3, and the MN-FA AE MUST be the last extension in
order to protect all other non-authentication extensions. Computing
the Authentication Extension Values is done in the same manner as in
Section 3.5.1 of [RFC5944].
If the FA is working only as a relay agent, then the "MD" value is
set to 2, and the ordering of the extension is: the notification
extension, followed by any non-authentication extension expected to
be used by HA, followed by the MN-HA AE defined in Section 3.5.2 of
[RFC5944], followed by any non-authentication Extensions intended for
the FA, followed by the MN-FA AE defined in Section 3.5.3 of
[RFC5944]. Computing the Authentication Extension Values is done in
the same manner as in Section 3.5.1 of [RFC5944].
In the case of a co-located CoA, the MN MAY send a notification
message directly to the HA if it needs to be notified. The "MD"
value is set to 2, and the ordering of the extension is: the
Deng, et al. Standards Track [Page 17]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
notification extension, followed by any non-authentication extension
expected to be used by HA, followed by the MN-HA AE defined in
Section 3.5.2 of [RFC5944].
The MN chooses the Identification field in accordance with the style
of replay protection it uses with its HA. This is part of the
mobility security association the MN shares with its HA. See
Section 7.1 for the method by which the MN computes the
Identification field.
4.5.4. Receiving Generic Notification Acknowledgement Messages
In the case of an FA-CoA, if the MN receives this message, and the
"MD" value is set to 0, it means that the GNAM came from the HA.
If the "MD" value is set to 4, then the MN-FA AE MUST be checked, and
the MN MUST check the Authenticator value in the Extension. If no
MN-FA AE is found, or if more than one MN-FA AE is found, or if the
Authenticator is invalid, then the MN MUST silently discard the GNAM.
In addition, the low-order 32 bits of the Identification field in the
GNAM MUST be compared to the low-order 32 bits of the Identification
field in the most recent GNM sent to the replying agent. If they do
not match, then the GNAM MUST be silently discarded.
If the "MD" value is set to 0, then the MN-HA AE MUST be checked, and
the MN MUST check the Authenticator value in the Extension. If no
MN-HA AE is found, or if more than one MN-HA AE is found, or if the
Authenticator is invalid, then the MN MUST silently discard the GNAM.
If the MN accepted this message, then the MN MAY also process it
based on the notification event.
In the case of a co-located CoA, if the MN received this message,
then the MN-HA AE MUST be checked, and the MN MUST check the
Authenticator value in the Extension. If no MN-HA AE is found, or if
more than one MN-HA AE is found, or if the Authenticator is invalid,
then the MN MUST silently discard the Notification Acknowledgement
message.
4.6. Foreign Agent Consideration
The FA may initiate a GNM to the MN or the HA. Additionally, the FA
also relays GNMs and GNAMs between the MN and its HA as long as there
is an active binding for the MN at the FA.
Deng, et al. Standards Track [Page 18]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
4.6.1. Receiving Generic Notification Messages
If the FA receives a GNM, and the "MD" value is set to 0, then it
means that the HA is asking the FA to relay the message to the MN.
If the "MD" value is set to 1, then it means that the target of the
notification is the FA. If the "MD" value is set to 2, then it means
that the MN is asking the FA to relay the message to the HA. If the
"MD" value is set to 3, then it means that the notification came from
the MN to the FA.
If the "MD" value is set to 0, then the FA MAY validate the FA-HA AE
if present. If the FA-HA AE is invalid, then all extensions between
the HA-MN AE and the HA-FA AE MUST be removed, the FA SHOULD relay
the GNM to the MN's home address as specified in the Home Address
field of the GNM, and the MN will eventually validate the MN-HA AE to
ensure that all information sent to the MN is integrity protected.
If the FA-HA AE is valid, the FA MUST relay the GNM to the MN's home
address as specified in the Home Address field of the GNM. The FA
MUST NOT modify any of the fields beginning with the fixed portion of
the GNM through the MN-HA AE or other authentication extension
supplied by the HA as an authorization-enabling extension for the MN.
Furthermore, the FA MUST process and remove any extensions following
the MN-HA AE. If the FA shares a mobility security association with
the MN, the FA MAY append any of its own non-authentication
extensions that are relevant to the MN. In this case, the FA MUST
append the MN-FA AE after these non-authentication extensions.
If the "MD" value is set to 1, the FA-HA AE MUST be checked, and the
FA MUST check the Authenticator value in the Extension. If no FA-HA
AE is found, or if more than one FA-HA AE is found, or if the
Authenticator is invalid, the FA MUST reject the GNM and MAY send a
GNAM to the HA with Code 68, including an Identification field
computed in accordance with the rules specified in Section 7.1. The
FA MUST do no further processing with such a notification, though it
SHOULD log the error as a security exception.
The FA MUST check that the Identification field is correct using the
context selected by the SPI within the mandatory FA-HA AE. See
Section 7.1 for a description of how this is performed. If
incorrect, the FA MUST reject the GNM and MAY send a GNAM to the
initiator with Code 69, including an Identification field computed in
accordance with the rules specified in Section 7.1. The FA MUST do
no further processing with such a notification, though it SHOULD log
the error as a security exception.
Deng, et al. Standards Track [Page 19]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
The FA MUST also check that the extensions present in the Generic
Notification Message are permitted for use with the GNM. If not, the
FA MUST silently discard the message. It MUST NOT do any further
processing with such a notification, though it SHOULD log the error.
If the FA accepts the HA's GNM, it will process it based on the
specific rules for the extensions it contains. The FA MAY then reply
to the HA with a GNAM with Code 0 based on the "A" flag in the GNM.
In the case of an FA-CoA and if the "MD" value is set to 2, if the FA
received this message, and if the MN-FA AE is present, the MN-FA AE
MUST be checked, and the FA MUST check the Authenticator value in the
Extension. If no MN-FA AE is found, or if more than one MN-FA AE is
found, or if the Authenticator is invalid, the FA MUST silently
discard the GNM. If the MN-FA is valid, the FA MUST relay the GNM to
the HA's address as specified in the Home Agent Address field of the
GNM. The HA will eventually validate the MN-HA AE to ensure that all
information sent to the HA is integrity protected. The FA MUST NOT
modify any of the fields beginning with the fixed portion of the GNM
through the MN-HA AE or other authentication extension supplied by
the MN as an authorization-enabling extension for the HA.
Furthermore, the FA MUST process and remove any extensions following
the MN-HA AE, and MAY append any of its own non-authentication
extensions of relevance to the HA, if applicable. Also, it MUST
append the FA-HA AE if the FA shares a mobility security association
with the HA.
If the "MD" value is set to 3, the MN-FA AE MUST be checked, and the
FA MUST check the Authenticator value in the Extension, as described
in Section 3.7.2.1 of [RFC5944]. If no MN-FA AE is found, or if more
than one MN-FA AE is found, or if the Authenticator is invalid, the
FA MUST reject the GNM and MAY send a GNAM to the MN with Code 67,
including an Identification field computed in accordance with the
rules specified in Section 7.1. The FA MUST do no further processing
with such a notification, though it SHOULD log the error as a
security exception.
The FA MUST check that the Identification field is correct using the
context selected by the SPI within mandatory MN-FA AE. See
Section 7.1 for a description of how this is performed. If
incorrect, the FA MUST reject the GNM and MAY send a GNAM to the
initiator with Code 69, including an Identification field computed in
accordance with the rules specified in Section 7.1. The FA MUST do
no further processing with such a notification, though it SHOULD log
the error as a security exception.
Deng, et al. Standards Track [Page 20]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
If the FA accepts the MN's GNM, it will process it based on the
specific rules for the extensions it contains. The FA MAY then reply
to the MN with a GNAM with Code 0 based on the "A" flag in the GNM.
4.6.2. Sending Generic Notification Acknowledgement Messages
The FA may need either to relay a GNAM between the MN and the HA or
to send one as a response to a GNM that was sent to it. In both
cases, the GNAM is defined as follows.
The source address is the FA address, and the destination address is
the HA's or MN's home address.
The Code field of the GNAM is chosen in accordance with the rules
specified in Section 4.2. When replying to an accepted notification,
an FA SHOULD respond with Code 0.
The FA might reject a notification by returning a GNAM with the Code
value 65 (administratively prohibited), which could be for a number
of reasons; 64 (reason unspecified); or 66 (insufficient resources).
If the FA is relaying this message to only the HA, the FA MUST NOT
modify any of the fields beginning with the fixed portion of the GNAM
up through and including the MN-HA AE or other authentication
extension supplied by the MN as an authorization-enabling extension
for the MN. Furthermore, the foreign agent MUST process and remove
any extensions following the MN-HA AE. If the FA shares a mobility
security association with the HA, the FA MAY append any of its own
non-authentication extensions that are relevant to the HA. In this
case, the FA MUST append the FA-HA AE after these non-authentication
extensions.
If the notification message is from the HA to the FA, then the "MD"
value is set to 5 and the ordering of the extension is: any non-
authentication Extensions intended for the FA, followed by the FA-HA
AE defined in Section 3.5.4 of [RFC5944].
If the notification message is from the MN to the FA, then the "MD"
value is set to 4 and the ordering of the extension is: any non-
authentication Extensions intended for the FA, followed by the MN-FA
AE defined in Section 3.5.3 of [RFC5944].
4.6.3. Sending Generic Notification Messages
If the FA is initiating a notification to the MN using the GNM, it
MAY also notify the HA.
Deng, et al. Standards Track [Page 21]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
In the message to the MN, the source address is the FA address, the
destination address is the MN's address, the "MD" value is set to 4,
and the ordering of the extension is: the notification extension,
followed by any non-authentication extensions intended for the MN,
followed by the MN-FA AE defined in Section 3.5.3 of [RFC5944].
Computing the Authentication Extension Values is done in the same
manner as in Section 3.5.1 of [RFC5944] except the payload is the
notification rather than the registration.
In the message to the HA, the source address is the FA's address, the
destination address is the HA's address (the "MD" value is set to 5),
and the ordering of the extension is: notification extension,
followed by any non-authentication Extensions intended for the HA,
followed by the FA-HA AE defined in Section 3.5.4 of [RFC5944].
Computing the Authentication Extension Value is done in the same
manner as described in Section 3.5.1 of [RFC5944], except that the
payload is the notification instead of the registration.
4.6.4. Receiving Generic Notification Acknowledgement Messages
In the case of an FA-CoA, if the FA receives this message, and the
"MD" value is set to 2, it means that the notification
acknowledgement message is from the MN to the HA; if the "MD" value
is set to 3, the message is from the MN to the FA; otherwise, it came
from the HA.
If the "MD" value is set to 1, the FA-HA AE MUST be checked, and the
FA MUST check the Authenticator value in the Extension. If no FA-HA
AE is found, or if more than one FA-HA AE is found, or if the
Authenticator is invalid, the FA MUST silently discard the
Notification Acknowledgement message. If the FA accepted this
message, the FA MAY also process it based on the notification event.
If the "MD" value is set to 3, and if the MN-FA AE is present, the AE
MUST be checked, and the FA MUST check the Authenticator value in the
extension. If no MN-FA AE is found, or if more than one MN-FA AE is
found, or if the Authenticator is invalid, the FA MUST silently
discard the GNAM. If the FA accepted this message, the FA MAY also
process it based on the notification event.
In the case of an FA-CoA and if the "MD" value is set to 2, if the FA
received this message, and if the MN-FA AE is present, the MN-FA AE
MUST be checked, and the FA MUST check the Authenticator value in the
Extension. If no MN-FA AE is found, or if more than one MN-FA AE is
found, or if the Authenticator is invalid, the FA MUST silently
discard the GNAM. If the FA accepted the MN's GNAM, it MUST relay
this message to the HA. The FA MUST NOT modify any of the fields
beginning with the fixed portion of the GNAM up through and including
Deng, et al. Standards Track [Page 22]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
the MN-HA AE or other authentication extension supplied by the HA as
an authorization-enabling extension for the MN. Furthermore, the FA
MUST process and remove any extensions following the MN-HA AE and MAY
append any of its own non-authentication extensions of relevance to
the HA, if applicable. Also, it MUST append the FA-HA AE, if the FA
shares a mobility security association with the HA.
4.7. Home Agent Consideration
The HA MAY initiate a GNM to both the mobile node and FA, and it also
MAY receive a GNAM from both the FA and MN. The HA also MAY receive
a GNM from the FA, but only when there is a binding for an MN. If
the HA receives a GNM from an FA and there is no corresponding MN
registration, the HA SHOULD drop the GNM.
4.7.1. Sending Generic Notification Messages
In the case of an FA-CoA, the HA may either send a GNM to notify the
FA, or have the FA relay the GNM to the MN if the MN needs to be
notified.
If the message is from the HA to the FA, the source address is the
HA's address, and the destination address is the FA's address
If the FA is working only as a relay agent, the "MD" value is set to
0, and the ordering of the extension is: the notification extension,
followed by any non-authentication extension expected to be used by
MN, followed by the MN-HA AE defined in Section 3.5.2 of [RFC5944],
followed by any non-authentication extensions intended for the FA,
followed by the FA-HA AE defined in Section 3.5.4 of [RFC5944].
Computing the Authentication Extension Value is done in the same
manner as in Section 3.5.1 of [RFC5944].
If the FA is the target of this notification message, then the "MD"
value is set to 1, and the ordering of the extension is: the
notification extension, followed by any non-authentication Extensions
intended for the FA, followed by the FA-HA AE defined in Section
3.5.4 of [RFC5944]. Computing the Authentication Extension Values is
done in the same manner as in Section 3.5.1 of [RFC5944].
In the case of a co-located CoA, the HA MAY send a notification
message directly to the MN if it needs to be notified. The "MD"
value is set to 0, and the ordering of the extension is: the
notification extension, followed by any non-authentication extension
expected to be used by the MN, followed by the MN-HA AE defined in
Section 3.5.2 of [RFC5944].
Deng, et al. Standards Track [Page 23]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
4.7.2. Receiving Generic Notification Acknowledgement Messages
In the case of an FA-CoA, if the HA receives this message, and the
"MD" value is set to 2, it means that the GNAM came from the MN.
If the "MD" value is set to 5, and the HA accepted this message, the
HA MAY also process it based on the notification event. The FA-HA AE
MUST be checked, and the HA MUST check the Authenticator value in the
extension. If no FA-HA AE is found, or if more than one FA-HA AE is
found, or if the Authenticator is invalid, the HA MUST silently
discard the GNAM.
If the "MD" value is set to 2, in the case of an FA-CoA, and if the
FA-HA AE is present, the FA-HA AE MUST be checked, and the HA MUST
check the Authenticator value in the Extension. If more than one
FA-HA AE is found, or if the Authenticator is invalid, the HA MUST
silently discard the GNAM. No matter what, the MN-HA AE MUST be
checked, and the HA MUST check the Authenticator value in the
Extension. If no MN-HA AE is found, or if more than one MN-HA AE is
found, or if the Authenticator is invalid, the HA MUST silently
discard the GNAM. If the HA accepted this message, the HA MAY also
process it based on the notification event.
If the "MD" value is set to 2, in the case of a co-located CoA, the
MN-HA AE MUST be checked, and the HA MUST check the Authenticator
value in the Extension. If no MN-HA AE is found, or if more than one
MN-HA AE is found, or if the Authenticator is invalid, the HA MUST
silently discard the GNAM. If the HA accepted this message, the HA
MAY also process it based on the notification event.
4.7.3. Receiving Generic Notification Messages
The HA MAY receive a GNM sent from the FA. When the HA receives this
message, if the "MD" value is set to 5, this message came from FA.
The FA-HA AE MUST be checked, and the HA MUST check the Authenticator
value in the extension. If no FA-HA AE is found, or if more than one
FA-HA AE is found, or if the Authenticator is invalid, the HA MUST
reject the GNM and MAY send a GNAM to the FA with Code 132, including
an Identification field computed in accordance with the rules
specified in Section 7.1. The HA MUST do no further processing with
such a notification, though it SHOULD log the error as a security
exception.
The HA MUST check that the Identification field is correct using the
context selected by the SPI within a mandatory authentication
extension like MN-HA AE or FA-HA AE. See Section 7.1 for a
description of how this is performed. If incorrect, the HA MUST
reject the GNM and MAY send a GNAM to the initiator with Code 133,
Deng, et al. Standards Track [Page 24]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
including an Identification field computed in accordance with the
rules specified in Section 7.1. The HA MUST do no further processing
with such a notification, though it SHOULD log the error as a
security exception. If the HA accepts the FA's GNM, it will process
it based on the notification extension. Furthermore, the HA MAY
reply to the FA with a GNAM with Code 0 based on the "A" flag in the
GNM.
If the "MD" value is set to 2, this message comes from the MN. In
the case of FA-CoA, if FA-HA AE is present, it MUST be checked, and
the HA MUST check the Authenticator value in the Extension. If more
than one FA-HA AE Extension is found, or if the Authenticator is
invalid, the HA MUST reject the GNM and MAY send a GNAM to the FA
with Code 132, including an Identification field computed in
accordance with the rules specified in Section 7.1. The HA MUST do
no further processing with such a notification, though it SHOULD log
the error as a security exception. Also, the MN-HA AE MUST be
checked, and the HA MUST check the Authenticator value in the
Extension. If no MN-HA AE is found, or if more than one MN-HA AE is
found, or if the Authenticator is invalid, the HA MUST reject the GNM
and MAY send a GNAM to the MN with Code 131, including an
Identification field computed in accordance with the rules specified
in Section 7.1. The HA MUST do no further processing with such a
notification, though it SHOULD log the error as a security exception.
If the HA accepts the MN's GNM, it will process it based on the
notification extension. Furthermore, the HA MAY reply to the MN with
a GNAM back with Code 0 based on the "A" flag in the GNM.
If the "MD" value is set to 2, in the case of a co-located CoA, the
MN-HA AE MUST be checked, and the HA MUST check the Authenticator
value in the Extension. If no MN-HA AE is found, or if more than one
MN-HA AE is found, or if the Authenticator is invalid, the HA MUST
reject the GNM and MAY send a GNAM to the MN with Code 131, including
an Identification field computed in accordance with the rules
specified in Section 7.1. The HA MUST do no further processing with
such a notification, though it SHOULD log the error as a security
exception. If the HA accepts the MN's GNM, it will process it based
on the notification extension. Furthermore, the HA MAY reply to the
MN with a GNAM with Code 0 based on the "A" flag in the GNM.
The HA MUST also check that the extensions present in the Generic
Notification Message are permitted for use with the GNM. If not, the
HA MUST silently discard the message. It MUST NOT do any further
processing with such a notification, though it SHOULD log the error.
Deng, et al. Standards Track [Page 25]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
4.7.4. Sending Generic Notification Acknowledgement Messages
If the GNM came from the FA only, and if the "A" flag is set in the
GNM, then the HA MUST send a GNAM. The message is as follows: The
source address is the HA's address, the destination address is the
FA's address, and the "MD" value is set to 1. The ordering of the
extension is: any non-authentication Extensions intended for the FA,
followed by the Foreign-Home Authentication extension defined in
Section 3.5.4 of [RFC5944].
The Code field of the GNAM is chosen in accordance with the rules
specified in Section 4.2. When replying to an accepted GNM, an MN
SHOULD respond with Code 0.
If the GNM came from the MN, and if the "A" flag is set in the GNM,
then the HA MUST send a GNAM. The message is as follows: The source
address is the HA's address, the destination address is the FA's
address, and the "MD" value is set to 0. The ordering of the
extension is: any non-authentication extensions intended for the MN,
followed by the MN-HA AE defined in Section 3.5.2 of [RFC5944],
optionally followed by any non-authentication extensions intended for
the FA, optionally followed by the MN-FA AE defined in Section 3.5.3
of [RFC5944].
5. Future Extensibility
This document defines the Generic Notification Message used with the
Message String Extension [RFC4917].
However, it is possible to define new notification-related extensions
for use with the Generic Notification Message, for cases where the
notification is intended to have a semantic content and is intended
for the HA, FA, or MN, rather than for the user.
5.1. Examples of Possible Extensions
One example of such usage, which would have been defined in this
document if it hadn't already been defined as a separate message, is
the Registration Revocation Message [RFC3543]. This is a message
sent from the HA to the FA(s) or MN to notify the receiving node that
a currently active registration is being revoked. The use case for
this is clearly laid out in [RFC3543].
Another example would be managed maintenance switch-over between HA
instances, where an HA due to go down for maintenance could direct
the MNs registered with it to re-register with another specified HA.
Deng, et al. Standards Track [Page 26]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
Such a message could also be used for managed load balancing. There
is currently no support for such forced switch-over in the Mobile
IPv4 protocol.
Yet another example is when the prefix set handled by an MIPv4 NEMO
[RFC5177] HA changes; to ensure proper routing, the mobile router
needs to be notified about the change so that its internal routing
rules may be updated.
One final example is home network changes that require host
configuration changes, for instance, a change of address for the DNS
server or another network server. Again, this is a case where the HA
would want to notify the MN of the change, so that service
interruptions can be avoided.
5.2. Extension Specification
In order to avoid making the MIPv4 Generic Notification Message a
generic protocol extension mechanism by which new protocol mechanisms
could be implemented without appropriate discussion and approval, any
new extensions that are to be used with the Generic Notification
Message must be registered with IANA, where registration is limited
by the 'RFC Required' policy defined in [RFC5226].
If additional extensions are specified for use with the Generic
Notification Message, the practice exemplified in [RFC5944] and
related specifications should be followed. Generally, it has not
been necessary so far to provide versioning support within individual
extensions; in a few cases, it has been necessary to define new
extensions with new extension numbers where a generalization of a
pre-existing extension has been needed. With the current rate of
extension number consumption, that seems to be an acceptable
approach.
If at some point extensions are specified for use with the Generic
Notification Message that overlap with pre-existing notification
messages, the authors of the specification should consider providing
a method to flag which notification messages are supported, and which
notification message usage is requested, in a manner similar to the
way tunneling method capabilities and usage requests are flagged in
the Mobile IPv4 base specification [RFC5944].
Encoded in the extension number of Mobile IPv4 extensions is the
notion of 'skippable' and 'not skippable' extensions; see Section 1.8
of [RFC5944]. This notion is also applicable when extensions are
used with the Generic Notification Message: It is not required that a
receiver understand a skippable extension, but a non-skippable
extension needs to be handled according to Section 1.8 of [RFC5944]
Deng, et al. Standards Track [Page 27]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
(i.e., the message must be silently discarded if the extension is not
recognized). This document does not specify any change from the
Mobile IPv4 base specification [RFC5944] in this respect.
6. IANA Considerations
This document defines two new messages, the Generic Notification
Message described in Section 4.1, and the Generic Notification
Acknowledgement Message described in Section 4.2. The message
numbers for these two messages have been allocated from the same
number space used by the Registration Request and Registration Reply
messages in [RFC5944].
The Generic Notification Message may only carry extensions that are
explicitly permitted for use with this message. Section 4.1 of this
document defines 4 extensions that are permitted. IANA has added a
column to the registry of Mobile IPv4 extensions, which will indicate
for each extension if it is permitted for use with the Generic
Notification Message. Approval of new extensions that are permitted
for use with the Generic Notification Message requires that they be
defined in an RFC according to the 'RFC Required' policy described in
[RFC5226].
The Generic Notification Acknowledgement Message, specified in
Section 4.2, has a Code field. The number space for the Code field
values is new and also specified in Section 4.2. The Code number
space is structured according to whether the notification was
successful, the HA denied the notification, the FA denied the
notification, or the MN denied the notification, as follows:
0 Success Code
64-69 Error Codes from the FA
128-133 Error Codes from the HA
192-197 Error Codes from the MN
Approval of new Code values requires expert review.
7. Security Considerations
This specification operates with the security constraints and
requirements of [RFC5944]. This means that when this message is
transmitted between the MN and the HA, the MN-HA AE is REQUIRED; when
this message is transmitted between the MN and the FA, the MN-FA AE
is REQUIRED; when this message is transmitted between the FA and the
HA, the FA-HA AE is REQUIRED. It extends the operations of the MN,
HA, and FA defined in [RFC5944] to notify each other about some
events. The GNM defined in this specification could carry
Deng, et al. Standards Track [Page 28]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
information that modifies the mobility bindings. Therefore, the
message MUST be integrity protected. Replay protection MUST also be
guaranteed.
RFC 5944 provides replay protection only for Registration Requests
sent by the MN. There is no mechanism for replay protection for
messages initiated by an FA or HA. The 64-bit Identification field
specified in this document (Sections 4.1 and 4.2) for the GNM is used
to provide replay protection for the notification messages initiated
by the FA or HA.
7.1. Replay Protection for GNMs and GNAMs
The Identification field is used to let the receiving node verify
that a GNM has been freshly generated by the sending node, not
replayed by an attacker from some previous notification. Two methods
are described in this section: timestamps (REQUIRED) and "nonces"
(OPTIONAL). All senders and receivers MUST implement timestamp-based
replay protection. These nodes MAY also implement nonce-based replay
protection
The style of replay protection in effect between any two peer nodes
among the MN, FA, and HA is part of the mobile security association.
A sending node and its receiving node MUST agree on which method of
replay protection will be used. The interpretation of the
Identification field depends on the method of replay protection as
described in the subsequent subsections.
Whatever method is used, the low-order 32 bits of the Identification
field MUST be copied unchanged from the GNM to the GNAM. The
receiver uses those bits (and the sender's source address) to match
the GNAM with corresponding replies. The receiver MUST verify that
the low-order 32 bits of any GNAM Identification field are identical
to the bits it sent in the GNM.
The Identification in a new GNM MUST NOT be the same as in an
immediately preceding GNM, and SHOULD NOT repeat while the same
security context is being used between the MN and the HA.
7.1.1. Replay Protection Using Timestamps
The basic principle of timestamp replay protection is that the node
generating a message inserts the current time of day, and the node
receiving the message checks that this timestamp is sufficiently
close to its own time of day. Unless specified differently in the
security association between the nodes, a default value of 7 seconds
MAY be used to limit the time difference. This value SHOULD be
greater than 3 seconds. Obviously, the two nodes must have
Deng, et al. Standards Track [Page 29]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
adequately synchronized time-of-day clocks. As with any messages,
time synchronization messages may be protected against tampering by
an authentication mechanism determined by the security context
between the two nodes.
In this document, the timestamps are used, and the sender MUST set
the Identification field to a 64-bit value formatted as specified by
the Network Time Protocol (NTP) [RFC5905]. The low-order 32 bits of
the NTP format represent fractional seconds. Note, however, that
when using timestamps, the 64-bit Identification used in a GNM from
the sender MUST be greater than that used in any previous GNM, as the
receiver uses this field also as a sequence number. Without such a
sequence number, it would be possible for a delayed duplicate of an
earlier GNM to arrive at the receiver (within the clock
synchronization required by the receiver), and thus be applied out of
order, mistakenly altering the sender's current status.
Upon receipt of a GNM with an authorization-enabling extension, the
receiver MUST check the Identification field for validity. In order
to be valid, the timestamp contained in the Identification field MUST
be close enough to the receiver's time-of-day clock and the timestamp
MUST be greater than all previously accepted timestamps for the
requesting sender. Time tolerances and re-synchronization details
are specific to a particular mobility security association.
If the timestamp is valid, the receiver copies the entire
Identification field into the GNAM, and it returns the GNAM to the
sender. If the timestamp is not valid, the receiver copies only the
low-order 32 bits into the GNAM, and supplies the high-order 32 bits
from its own time of day. In this latter case, the receiver MUST
reject the notification by returning Code 69, 133, or 197
(notification Identification mismatch) in the GNAM.
Furthermore, the receiver MUST verify that the low-order 32 bits of
the Identification in the GNAM are identical to those in the rejected
GNM attempt, before using the high-order bits for clock re-
synchronization.
7.1.2. Replay Protection Using Nonces
The basic principle of nonce replay protection is that node A
includes a new random number in every message to node B, and checks
that node B returns that same number in its next message to node A.
Both messages use an authentication code to protect against
alteration by an attacker. At the same time, node B can send its own
nonces in all messages to node A (to be echoed by node A), so that it
too can verify that it is receiving fresh messages.
Deng, et al. Standards Track [Page 30]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
The receiver may be expected to have resources for computing pseudo-
random numbers useful as nonces, according to [RFC4086]. It inserts
a new nonce as the high-order 32 bits of the Identification field of
every GNAM. The receiver copies the low-order 32 bits of the
Identification field from the GNM into the low-order 32 bits of the
Identification field in the GNAM. When the sender receives an
authenticated GNAM from the receiver, it saves the high-order 32 bits
of the Identification field for use as the high-order 32 bits of its
next GNM.
The sender is responsible for generating the low-order 32 bits of the
Identification field in each GNM. Ideally, it should generate its
own random nonces. However, it may use any expedient method,
including duplication of the random value sent by the receiver. The
method chosen is of concern only to the sender because it is the node
that checks for valid values in the GNAM. The high-order and low-
order 32 bits of the Identification chosen SHOULD both differ from
their previous values. For each notification message, the receiver
uses a new high-order value and the sender uses a new low-order
value.
If a GNM is rejected because of an invalid nonce, the GNAM always
provides the sender with a new nonce to be used in the next message.
Thus, the nonce protocol is self-synchronizing.
7.2. Non-Authentication Extensions Handling in the Foreign Agent
When the FA is relaying a GNM between the MN and the HA, and if the
FA does not share a mobility security association with the MN or HA,
all non-authentication extensions between the MN and FA, or FA and
HA, are not protected. In this case, all non-authentication
extensions should be silently discarded.
8. Acknowledgements
The authors appreciate the efforts of Ahmad Muhanna for his detailed
review of and his many contributions to the text of this document.
The author also wants to thank Kent Leung, Peng Yang, Peter McCann,
et al., for their helping developing this document. Thanks to Alexey
Melnikov, Sean Turner, Ralph Droms, Charles E. Perkins, Russ Housley,
Magnus Westerlund, Lars Eggert, Dan Romascanu, Tim Polk, Amanda
Baber, Sebastian Thalanany, and Joseph Salowey for their discussion
and comments. Thanks to Jari Arkko for help at each step of this
document's development.
Deng, et al. Standards Track [Page 31]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3543] Glass, S. and M. Chandra, "Registration Revocation in
Mobile IPv4", RFC 3543, August 2003.
[RFC4086] Eastlake, D., Schiller, J., and S. Crocker, "Randomness
Requirements for Security", BCP 106, RFC 4086, June 2005.
[RFC4917] Sastry, V., Leung, K., and A. Patel, "Mobile IPv4 Message
String Extension", RFC 4917, June 2007.
[RFC5905] Mills, D., Martin, J., Burbank, J., and W. Kasch, "Network
Time Protocol Version 4: Protocol and Algorithms
Specification", RFC 5905, June 2010.
[RFC5944] Perkins, C., "IP Mobility Support for IPv4, Revised",
RFC 5944, November 2010.
9.2. Informative References
[RFC5177] Leung, K., Dommety, G., Narayanan, V., and A. Petrescu,
"Network Mobility (NEMO) Extensions for Mobile IPv4",
RFC 5177, April 2008.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
Deng, et al. Standards Track [Page 32]
^L
RFC 6098 MIP4 Generic Notification Message April 2012
Authors' Addresses
Hui Deng
China Mobile
53A, Xibianmennei Ave.,
Xuanwu District,
Beijing 100053
China
EMail: denghui02@gmail.com
Henrik Levkowetz
Netnod
Franzengatan 5
S-104 25, Stockholm
SWEDEN
EMail: henrik@levkowetz.com
Vijay Devarapalli
Vasona Networks
2900 Lakeside Drive
Santa Clara, CA 95054
USA
EMail: dvijay@gmail.com
Sri Gundavelli
Cisco
170 W.Tasman Drive
San Jose, CA 95134
USA
EMail: sgundave@cisco.com
Brian Haley
Hewlett-Packard Company
165 Dascomb Road
Andover, MA 01810
USA
EMail: brian.haley@hp.com
Deng, et al. Standards Track [Page 33]
^L
|
