System Administration Guide: IP Services
Previous Next

Creating the Mobile IP Configuration File

This section explains how to plan for Mobile IP and create the /etc/inet/mipagent.conffile.

How to Plan for Mobile IP

When you configure the mipagent.conf file for the first time, you need to perform the following tasks:

  1. Depending on your organization's requirements for its hosts, determine what functionality your Mobile IP agent can provide:
    • Foreign agent functionality only

    • Home agent functionality only

    • Both foreign agent and home agent functionality

  2. Create the /etc/inet/mipagent.conf file and specify the settings you require by using the procedures that are described in this section. You can also copy one of the following files to /etc/inet/mipagent.conf and modify it according to your requirements:
    • For foreign agent functionality, copy /etc/inet/mipagent.conf.fa-sample.

    • For home agent functionality, copy /etc/inet/mipagent.conf.ha-sample.

    • For both foreign agent and home agent functionality, copy /etc/inet/mipagent.conf-sample.

  3. You can reboot your system to invoke the boot script that starts the mipagent daemon. Or, you can also start mipagent by typing the following command:
    # /etc/inet.d/mipagent start

How to Create the Mobile IP Configuration File

  1. Assume the Primary Administrator role, or become superuser, on the system where you want to enable Mobile IP.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Create the /etc/inet/mipagent.conf file by using one of the following options:
    • In the /etc/inet directory, create an empty file named mipagent.conf.

    • From the following list, copy the sample file that provides the functionality you want for the /etc/inet/mipagent.conf file.

      • /etc/inet/mipagent.conf.fa-sample

      • /etc/inet/mipagent.conf.ha-sample

      • /etc/inet/mipagent.conf-sample

  3. Add or change configuration parameters in the /etc/inet/mipagent.conf file to conform to your configuration requirements.

    The remaining procedures in this section describe the steps to modify sections in /etc/inet/mipagent.conf.

How to Configure the General Section

If you copied one of the sample files in the /etc/inet directory, you can omit this procedure because the sample file contains this entry. General Section provides descriptions of the labels and values that are used in this section.

  • Edit the /etc/inet/mipagent.conf file and add the following lines:
    [General]
         Version = 1.0

    Note - The /etc/inet/mipagent.conf file must contain this entry.


How to Configure the Advertisements Section

Advertisements Section provides descriptions of the labels and values that are used in this section.

  • Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.
    [Advertisements interface]
         HomeAgent = <yes/no>
         ForeignAgent = <yes/no>
         PrefixFlags = <yes/no>
         AdvertiseOnBcast = <yes/no>
         RegLifetime = n
         AdvLifetime = n
         AdvFrequency = n
         ReverseTunnel = <yes/no/FA/HA/both>
         ReverseTunnelRequired = <yes/no/FA/HA>

    Note - You must include a different Advertisements section for each interface on the local host that provides Mobile IP services.


How to Configure the GlobalSecurityParameters Section

GlobalSecurityParameters Section provides descriptions of the labels and values that are used in this section.

  • Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration:
    [GlobalSecurityParameters]
         MaxClockSkew = n
         HA-FAauth = <yes/no>
         MN-FAauth = <yes/no>
         Challenge = <yes/no>
         KeyDistribution = files

How to Configure the Pool Section

Pool Section provides descriptions of the labels and values that are used in this section:

  1. Edit the /etc/inet/mipagent.conf file
  2. Add or change the following lines by using the values that are required for your configuration:
    [Pool pool-identifier]
         BaseAddress = IP-address
         Size = size

How to Configure the SPI Section

SPI Section provides descriptions of the labels and values that are used in this section.

  1. Edit the /etc/inet/mipagent.conf file.
  2. Add or change the following lines by using the values that are required for your configuration:
    [SPI SPI-identifier]
         ReplayMethod = <none/timestamps>
         Key = key

    Note - You must include a different SPI section for each security context that is deployed.


How to Configure the Address Section

Address Section provides descriptions of the labels and values that are used in this section.

  1. Edit the /etc/inet/mipagent.conf file.
  2. Add or change the following lines by using the values that are required for your configuration:
    • For a mobile node, use the following:

      [Address address]
           Type = node
           SPI = SPI-identifier
    • For an agent, use the following:

      [Address address]
           Type = agent
           SPI = SPI-identifier
           IPsecRequest = action {properties} [: action {properties}]
           IPsecReply = action {properties} [: action {properties}]
           IPsecTunnel = action {properties} [: action {properties}]

      where action and {properties} are any action and associated properties that are defined in the ipsec(7P) man page.


      Note - The SPI that is configured previously corresponds to the MD5 protection mechanism that is required by RFC 2002. The SPI that is configured previously does not correspond to the SPI that is used by IPsec. For more information about IPsec, see Chapter 19, IP Security Architecture (Overview) and Chapter 20, Configuring IPsec (Tasks). Also see the ipsec(7P) man page.


    • For a mobile node that is identified by its NAI, use the following:

      [Address NAI]
           Type = Node
           SPI = SPI-identifier
           Pool = pool-identifier
    • For a default mobile node, use the following:

      [Address Node-Default]
           Type = Node
           SPI = SPI-identifier
           Pool = pool-identifier
Previous Next