TP ITSSv6

De Le wiki des TPs RSM


Objectives for this lab

Objectives:

  • Implement an environment where the concepts related to Mobile IPv6 could be observed.
  • Verify and analyze the operation of RFC 6275 (Mobility Support in IPv6) and RFC 3963 (Network Mobility Basic Support Protocol).
  • Understand the implications of Multiple Care-of Addresses (MCoA)
  • Configure IPsec and IKE (Internet Key Exchange) in a NEMO arcchitecture

Lab Requirements

To implement this lab, the following equipments are required :

  • 1 router with Ethernet connection
  • 3 ITSSv6 plateform (Commsigna Laguna)
  • 1 PC with ethernet connectivity

In addition to these equipments, you also need to implement the addressing plan an IPv6 prefix at least /62 (i.e. with the ability to specify at least 4 /64 subnets).

Description of the lab architecture

Context

This lab is based on a common network architecture for ITS. First the car deploy an internal network called the Mobile Network where hosts (named Mobile Network Nodes or MNN) are connected. This network is connected through a special router called the On-Board Unit (OBU) or Mobile Router (MR). This router connects the car network through different available wireless networks, provided by road infrastructure or Wireless Broadband.

To ensure the continuity of service across the different connection of the router to wireless networks, Mobile IPv6 is deployed, using the Home Agent as an anchor for the MR, responsible to keep it always reachable. NEMO is an evolution of Mobile IPv6 that allows continuity of service not only for the Mobile Router, but also for the Mobile Network. This technology is therefore adapted in the ITS context.

Under particular conditions, the MR could be connected to more than a single wireless network. The router (and subsequently the Mobile Network) is then reachable through different paths. This case is handle by the Multiple Care-of Addresses (MCoA) mechanism, taking care of choosing the right path depending of the traffic.

The picture below show the different mechanism deployed in the context of ITS.

Scenario TP NEMO v2.1.png

Lab architecture

The picture below describes the architecture used for this lab.

ITSSv6 Lab Setup.png

In this architecture, an Ethernet backbone interconnects the different components of the lab. This backbone is managed by a router that will route traffic between the subnets of this lab. The router may optionally provide the connectivity with the Internet.

The lab will use 3 Laguna Box as different components of the architecture.

The first box will be used as the Home Agent (HA). It only requires to be connected to the backbone through an Ethernet connection.

The second box will be used as a Road Side Unit (RSU) that will provide a Wireless Network for the Mobile Router to connect to. The RSU will be connected to the backbone and will use its wireless interface in Access Point mode. The RSU will be configured as a router between these two networks.

The third box will be used as the Mobile Router representing the On-board Unit of the vehicle. The box will use one of its Ethernet interfaces to connect the PC representing the Mobile Network Node. This will represent the Mobile Network. The MR will then use either the second Ethernet interface or its wireless interface to connect to the network. The MR will then be connected directly to the backbone (through Ethernet) or to the RSU (through WiFi).

Step 1: Setting up the infrastructure

Cabling the network

Red arrow.png Do the following connections:

  • Home Agent:
    • Connected to the backbone from its interface eth0.
  • Road Side Unit:
    • Connected to the backbone from its interface eth0.
  • Mobile Router:
    • Connected to the PC MNN Ethernet interface from its interface eth0.

Addressing plan

The architecture of the lab requires 4 subnets :

  • 1 for the backbone
  • 1 for the WiFi network delivered by the RSU
  • 1 for the Home Link managed by the HA
  • 1 for the Mobile Network

A 64-bit long IPv6 prefix is required for each of these subnets. Therefore the router of the lab should have at least a 62-bit long agregated IPv6 prefix to address these 4 subnets.

Question.jpg
Write down the IPv6 prefix corresponding to each of the following subnets:
  • Backbone Prefix:
  • RSU WiFi Prefix:
  • Home Link Prefix:
  • Mobile Network Prefix:

The backbone network must provide the ability for host to configure autonomously their IPv6 address (a.k.a IPv6 address auto-configuration, involving Router Advertisements). But it is useful to define a manual address for the Home Agent, because this address will be used in the configuration process.

Question.jpg
Write down the IPv6 address of the Home Agent:
  • HA IPv6:

The RSU will be configure as a router. As such, it should not use auto-configuration for its address. You should choose a fixed address for the RSU interface connected to the backbone.

Question.jpg
Write down the IPv6 address of the Home Agent:
  • RSU IPv6:


The Home Link Prefix is used for configuration of the Mobile Router Home Addresses (HoA). You should therefore choose a fixed IPv6 address in this prefix for the MR of the Lab

Question.jpg
Write down the IPv6 address of the Home Agent:
  • MR HoA:

Routing

To finish the setup of the lab architecture, you need to configure the routing table of the router of the lab to ensure traffic forwarding between the subnet.

Since the backbone network is directly connected to the router, no specific forwarding route is needed.

Concerning the RSU WiFi network, a route is needed for the RSU WiFi Prefix to the RSU address on the backbone.

Both Home Link and Mobile Network are anchored to the Home Agent. Therefore Home Link Prefix and Mobile Network prefix should be forwarded to the address of the Home Agent on the backbone.

Question.jpg
Write down the routing table entries required for the lab infrastructure.
Network Prefix Next-Hop
RSU WiFi
Home Link
Mobile Network

Lab router Configuration

Red arrow.png In the lab router, configure the interface connected to the backbone As an example, here is an excerpt from a Cisco configuration:

Router# configure terminal
Router(config)# interface FastEthernet0/X  X = interface connected to the backbone
Router(config-if)# ipv6 address <BACKBONE PREFIX>/64 eui-64
Router(config-if)# ipv6 nd prefix <BACKBONE PREFIX>/64 2592000 604800
Routeur(config-if)# ipv6 nd ra interval 30

Red arrow.png Configure the IPv6 routing table As an example, here is an excerpt from a Cisco configuration:

Router# configure terminal
Router(config)# ipv6 route <RSU WIFI PREFIX> <RSU IPv6>
Router(config)# ipv6 route <HOME LINK PREFIX> <HA IPv6>
Router(config)# ipv6 route <MOBILE NETWORK PREFIX> <HA IPv6>

RSU Configuration

This step will help you to configure the RSU box as a Ethernet/WiFi router.

WiFi interface in AP mode

The instructions listed below are taken from the Laguna User Guide.

Red arrow.png If not available, create the file /etc/config/wireless using the following command:

wifi detect > /etc/config/wireless"

In the /etc/config/wireless file, locate the configuration section beginning with:

config wifi-device radio0

Red arrow.png If present, remove from this section the following line.

option disabled 1

Locate the configuration section beginning with:

config wifi-iface
  option device radio0

Red arrow.png Modify this section with the following informations:

config wifi-iface
  option device radio0
  option network lan
  option mode ap
  option ssid ITSSv6
  option encryption none

Red arrow.png Restart the network service to validate your modifications

/etc/init.d/network restart

IPv6 forwarding

Red arrow.png Activate IPv6 forwarding

net.ipv6.conf.all.forwarding=1

Since the RSU has lost its IPv6 automatic configuration, you need to configure it manually.

Red arrow.png Configure the lan interface of the RSU in file /etc/config/network

config 'interface' 'lan' 
  option 'ifname' 'eth0'
  option 'proto' 'static'
  option 'ip6addr' <RSU IPv6>/64
  option 'ip6gw' <ROUTER IPv6> IPv6 Link local address of the router interface on the backbone

The last step is neccessary to activate Router Advertisement on the WiFi interface, so that host connecting to the WiFi Network will be able to auto-configure their IPv6 address.

Red arrow.png Create (or modify) the file /etc/radvd.conf with the following informations:

interface lan 
{
 AdvSendAdvert on;
 MinRtrAdvInterval 3;
 MaxRtrAdvInterval 7;
 prefix <RSU WiFI PREFIX>/64
 {
    AdvValidLifetime 3000;
    AdvPreferredLifetime 1000;
 };
}

Red arrow.png Activate and launch the RA daemon

/etc/init.d/radvd enable
/etc/init.d/radvd restart

Configuration tests

Once you have set up both backbone and RSU network, you can check that your local network is correctly set up by connecting the OBU box on these network and chek the connectivity with other hosts.

OBU connected to the backbone

Red arrow.png Connect the eth0 interface of the OBU to the backbone


Red arrow.png Check that your interfaces are correctly configured:

# ip -6 address show lan

Hint: it should show an IPv6 address included in the Backbone Prefix.

Red arrow.png Complete the table below by pinging the specified destinations:

ping6 <destination>

To ping the router

ping6 <Router IPv6 link-local>%lan
Source Destination Result Explanation
MR HA IPv6
MR RSU IPv6
MR Router IPv6 link-local

OBU connected to the RSU WiFi Network

You need to connect the wireless interface of the OBU to the backbone.

Red arrow.png First disconnect the OBU from the backbone

Red arrow.png Activate and configure the wireless network interface.

# ifup wifi-iface
# iw radio0 connect ITSSv6


Red arrow.png Check that your interfaces are correctly configured:

# ip -6 address show wifi-iface

Hint: it should show an IPv6 address included in the RSU WiFi Prefix.

Red arrow.png Complete the table below by pinging the specified destinations:

ping6 <destination>

To ping the router

ping6 <Router IPv6 link-local>%wifi-iface
Source Destination Result Explanation
MR HA IPv6
MR RSU IPv6
MR Router IPv6 link-local

Step 2: NEMO configuration

HA Configuration

Red arrow.png On the HA box, edit the file /etc/mip6d.conf

NodeConfig HA;
DebugLevel 10;

Interface "eth0"; 
HaAcceptMobRtr enabled; 

Interface "radio0"; 
HaAcceptMobRtr enabled; 

# Disable MPS/MPA
SendMobPfxAdvs enabled; 
SendUnsolMobPfxAdvs enabled;

# MNP configuration
HaServedPrefix <MOBILE NETWORK PREFIX>;
BindingAclPolicy <MR HoA> (<MOBILE NETWORK PREFIX>) allow;
DefaultBindingAclPolicy deny;
# IPsec configuration - NO IPSEC AT THE MOMENT 
UseMnHaIPsec disabled;
KeyMngMobCapability disabled;

Setup the mobility network on the MR

Red arrow.png Type the following command on the Mobile Router:

# ip -6 address add <MOBILE NETWORK>::1/64 dev lan2

Red arrow.png Activate IPv6 forwarding:

# sysctl -w net.ipv6.conf.all.forwarding=1

Red arrow.png Create (or modify) the file /etc/radvd.conf with the following informations:

interface lan2 
{
 AdvSendAdvert on;
 MinRtrAdvInterval 3;
 MaxRtrAdvInterval 7;
 prefix <MOBILE NETWORK PREFIX>/64
 {
    AdvValidLifetime 3000;
    AdvPreferredLifetime 1000;
 };
}

Red arrow.png Activate and launch the RA daemon

/etc/init.d/radvd enable
/etc/init.d/radvd restart

Configure NEMO

You have to configure your Mobile Router to operate as a NEMO node.

Let's detail the parts of /etc/config/mobility we need to edit. Note that we don't use IPsec yet.

config mobility mobile_router
  #HA address
  option home_agent <HA IPv6>/128

  #Mobile Router Home Adress (HoA)
  option home_address <MR HoA>/128

  #The prefix allocated to the router
  option mnp <MOBILE NETWORK PREFIX>/64

  #mn_interface is the router interface connected to the mobile network
  option mn_interface lan2

  #Boolean that notify if this whole part count (enable = 1) or not (enable = 0) 
  option enable 1


config mobility_interface
  #the interface option correspond to the router interface which is connected to the internet
  #the interface name should be its logical name
  option interface lan
 
  #Boolean that notify if this whole part count (enable = 1) or not (enable = 0) option enable 1
  option enable 1

config mobility_interface
  option interface wifi-iface
  option enable 1

Mobile Network tests

Your NEMO configuration will be tested under the following scenario:

  1. The MR connects to the backbone, NEMO activates and the Mobile Network is connected
  2. The MR disconnects from the backbone
  3. The MR connects to the RSU WiFI, NEMO activates and the Mobile Network is connected

MR connected to the backbone

Red arrow.png First disconnect the OBU from the backbone

# ifdown wifi-iface

Red arrow.png Connect the eth0 interface of the MR to the backbone


Red arrow.png Check that your interfaces are correctly configured:

# ip -6 address show

Hint: it should show :

  • Interface lan configured with an IPv6 address included in the Backbone Prefix.
  • Interface ip6tnl configured with an IPv6 address included in the Home Link Prefix

Red arrow.png Complete the table below by pinging the specified destinations:

ping6 <destination>
Source Destination Result Explanation
MR HA IPv6
MR RSU IPv6

OBU connected to the RSU WiFi Network

Red arrow.png First disconnect the OBU from the backbone and re-ativate the wireless interface

# ifup wifi-iface

Red arrow.png Check that your interfaces are correctly configured:

# ip -6 address

Hint: it should show :

  • Interface wifi-iface configured with an IPv6 address included in the RSU WiFi Prefix.
  • Interface ip6tnl configured with an IPv6 address included in the Home Link Prefix


Red arrow.png Complete the table below by pinging the specified destinations:

ping6 <destination>
Source Destination Result Explanation
MR HA IPv6
MR RSU IPv6

Step 4: MCoA configuration

Description: This section will ask you to change your NEMO MR to a MCoA-capable Mobile Node. You will have to manage traffic going out of your MR to fit to particular requirements.

Configure MCoA on HA

Red arrow.png Modify on the HA, in the file /etc/mip6d.conf, the BindingAclPolicy line

NodeConfig HA;
DebugLevel 10;

Interface "eth0"; 
HaAcceptMobRtr enabled; 

Interface "radio0"; 
HaAcceptMobRtr enabled; 

# Disable MPS/MPA
SendMobPfxAdvs enabled; 
SendUnsolMobPfxAdvs enabled;

# MNP configuration
HaServedPrefix <MOBILE NETWORK PREFIX>;
BindingAclPolicy <MR HoA> (<MOBILE NETWORK PREFIX>) MCoAReg allow;
DefaultBindingAclPolicy deny;
# IPsec configuration - NO IPSEC AT THE MOMENT 
UseMnHaIPsec disabled;
KeyMngMobCapability disabled;


Configure MCoA on the MR

Red arrow.png Modify on the MR, in the file /etc/config/mobility

config mobility mobile_router
  #HA address
  option home_agent <HA IPv6>/128

  #Mobile Router Home Adress (HoA)
  option home_address <MR HoA>/128

  #The prefix allocated to the router
  option mnp <MOBILE NETWORK PREFIX>/64

  #mn_interface is the router interface connected to the mobile network
  option mn_interface lan2

  #Boolean that notify if this whole part count (enable = 1) or not (enable = 0) 
  option enable 1


config mobility_interface
  #the interface option correspond to the router interface which is connected to the internet
  #the interface name should be its logical name
  option bid 200
  option interface lan
 
  #Boolean that notify if this whole part count (enable = 1) or not (enable = 0) option enable 1
  option enable 1

config mobility_interface
  option interface wifi-iface
  option bid 200
  option enable 1

Define routing policies

The main goal of policies is to force a specific traffic use one interface. But we are using it here to create priority between 2 internet access. For example, if we are running mip6d with MCoA(wifi + ethernet) enabled we can tell the router to use the ethernet access all the time but wifi access if it is available. This mean wifi has got a higher priority than ethernet. The policies' configuration file /etc/config/policies should be then overwritten like this:

config general
option role mr
#Remember the wifi interface bid ?
option dft_bid 100
list local_prefix 2001:660:7301:e00::14/128
list prefix 2001:660:7301:e14::/64
option remote 2001:660:7301:e00::1/128
option log 10

The same file exists on the HA as well. On the HA the "config general" block should look like this: config general

option role ha
#The default bid should be the same as on Mr
option dft_bid 100
list prefix 2001:660:7301:e14::/64
list prefix 2001:660:7301:e00::/56
option log 0

The policies init script (/etc/init.d/policies start) should be started on each side then.

Outils personnels