[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC tunnels and Mobile IP

To: Stuart Jacobs <sjj0@gte.com>
Subject: Re: IPSEC tunnels and Mobile IP
From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
Date: Fri, 27 Feb 1998 20:15:14 -0500
CC: ipsec@tis.com
In-reply-to: Your message of "Fri, 27 Feb 1998 15:49:32 EST." <3.0.3.32.19980227154932.00a2d100@pophost.gte.com>
Sender: owner-ipsec@ex.tis.com

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Stuart" == Stuart Jacobs <sjj0@gte.com> writes:
    Stuart> I would disagree on the point about not needing mobile IP in a
    Stuart> hotel room.  There is a good reason why a hotel should offer
    Stuart> support for visiting laptop, $$$.  Hotels are already providing
    Stuart> enhanced office services to their customers for a fee.  Offering
    Stuart> Mobile IP would allow them to provide enhanced network access
    Stuart> (above dial-up modem speeds) to business meeting attendees,
    Stuart> conference gatherings in adition to guests.

  The point is that, given ubiquitus IPsec (which we all agree one needs
to make mobile IP safe) mobile IP doesn't give a lot unless you move 
around a lot, and/or have some kind of long lived connections.
  IPsec with tunnel mode back to one's corporate firewall, with a private
network address on the inside is very much like mobile IP. If you don't move
too often, then DHCP or PPP address assignment (for a new site specific
address), and a new ISAKMP negotiation is enough.

  Where mobile IP wins is when you are not wired and you are moving around a
lot relative to the length of your sessions. I'm not sure that there are a
lot of real life applications for this in 1998. However, digital cell
technology is building smaller and lower power cells, and IP will go into
phones, robot vacuum cleaners and public transit vehicles and airplanes, so
the definition of "lot" will change.

  I find, without ubiquitous IPsec to give me that constant IP in the tunnel,
that my NetBSD notebook is for all intensive purposes mobile: it does DHCP on
any network I plug it into (or detects the default routers on networks that
don't have DHCP), and my TCP sessions are generally short enough (POP over
SSH, SMTP, HTTP) that I never worry about keeping the same IP address.

   :!mcr!:            |  Sandelman Software Works Corporation, Ottawa, ON  
   Michael Richardson |Network and security consulting and contract programming
 Personal: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">mcr@sandelman.ottawa.on.ca</A>. PGP key available.
 Corporate: <A HREF="http://www.sandelman.ottawa.on.ca/SSW/">sales@sandelman.ottawa.on.ca</A>. 



-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQB1AwUBNPdlINiXVu0RiA21AQHgdAL7BjZAXwbLhIr/2j8/SoPpv02hnFyZ0Nfb
ZufyW48r2AV4sFmK2SCgolUp5lMLb80P7hBxYOFvnTdmChSOcKwF+37o0i206+X0
XCFMPOtlDzZlD6tom78oJsiI0iAL+5lE
=/SO8
-----END PGP SIGNATURE-----

References:

Re: IPSEC tunnels and Mobile IP

From: Stuart Jacobs <sjj0@gte.com>

Prev by Date: Re: comments on draft-ietf-ipsec-isakmp-oakley-06.txt
Next by Date: Re: IPSEC WORKING GROUP LAST CALL
Prev by thread: Re: IPSEC tunnels and Mobile IP
Next by thread: Re: IPSEC tunnels and Mobile IP
Index(es):
- Main
- Thread