HP-UX IPSec version A.02.00 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 2: (Recommended) Securing Return Routability Messages Routed Through the Home Agent
Chapter 7214
Step 2: (Recommended) Securing Return
Routability Messages Routed Through the
Home Agent
RFC 3776 specifies that you should use IPSec to secure Return
Routability Home Test Init and Home Test messages routed through the
Home Agent.
The data paths for Home Test Init and Home Test messages is shown in
Figure 7-5. Home Test Init messages are sent from the Mobile Node to
the Correspondent Node and routed through the Home Agent, as shown
by the solid-line data paths in Figure 7-5. Home Test packets are sent
from the Correspondent Node to the Mobile Node and also routed
through the Home Agent, as shown by the dotted-line data paths in
Figure 7-5. In both cases, the data path segments between the Mobile
Node and the Home Agent are secured by an IPSec tunnel.
Figure 7-5 Mobile IPv6 Home Test Init and Home Test Packets
To secure Return Routability messages between Mobile Nodes and
Correspondent Nodes as they are forwarded through the Home Agent,
use the following procedure to configure three IPSec policies on the
Home Agent for each Mobile Node:
Home Agent
Mobile Node
Correspondent
Node
2B, 2C
2A
Home Test
Home Test Init