Home Agent Configuration
Problem
You appetite to configure a router to act as a Home Agent for Adaptable Nodes.
Solution
The aboriginal footfall in configuring IP Mobility in your arrangement is to set up one or added Home Agent routers, which will act as the basic home abject and abutment tunnels for your adrift devices:
RouterHome#configure terminal
Enter agreement commands, one per line. End with CNTL/Z.
RouterHome(config)#interface Loopback0
RouterHome(config-if)#ip abode 192.168.9.1 255.255.255.255
RouterHome(config-if)#exit
RouterHome(config)#router mobile
RouterHome(config-router)#exit
RouterHome(config)#router eigrp 99
RouterHome(config-router)#redistribute mobile
RouterHome(config-router)#network 192.168.9.0
RouterHome(config-router)#network 192.168.10.0
RouterHome(config-router)#default-metric 10000 10 255 1 1500
RouterHome(config-router)#no auto-summary
RouterHome(config-router)#exit
RouterHome(config)#ip adaptable home-agent abode 192.168.9.1
RouterHome(config)#ip adaptable virtual-network 192.168.10.0 255.255.255.0
RouterHome(config)#ip adaptable host 192.168.10.1 192.168.10.254 virtual-network 192.168.10.0 255.255.255.0
RouterHome(config)#ip adaptable defended host 192.168.10.110 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.111 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.112 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.113 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.114 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.115 spi 100 key ascii cookbook
RouterHome(config)#end
RouterHome#
In case you charge to acclimatize access-lists or firewall rules, agenda that IP Mobility tunnels use IP agreement cardinal 55.
Discussion
A acceptable way to handle IP Mobility in an action arrangement is to configure the adrift basin of addresses and the Home abode on Loopback interfaces on the home router. This is how we accept handled the agreement in this recipe. This way, if you accept a lot of adrift devices, they are accessible to analyze from their IP addresses. As a ancillary aftereffect of this approach, none of the adrift accessories are anytime "home" because their home arrangement doesn't absolutely abide on a concrete allotment of wire anywhere.
The aboriginal affair we do in this compound is to configure a Loopback interface that will be the Home Agent IP address. Because this is area all of the tunnels will terminate, it is alive to accomplish it a Loopback interface. This way, as continued as there is arrangement connectivity amid the Home Agent and Foreign Agent routers, the tunnels can abide to operate, acceptance you to booty advantage of any articulation back-up in your network:
RouterHome(config)#interface Loopback0
RouterHome(config-if)#ip abode 192.168.9.1 255.255.255.255
Then we accredit IP Mobility functionality on this router. Because IP Mobility introduces routes into the acquisition table, it is enabled in the aforementioned way as any added acquisition protocol, with a router command:
RouterHome(config)#router mobile
RouterHome(config-router)#exit
There is annihilation to configure in the router agreement mode. This command aloof turns on the adeptness to inject IP Adaptable routes into the acquisition table and allows you to redistribute these routes into added acquisition protocols, which we do next:
RouterHome(config)#router eigrp 99
RouterHome(config-router)#redistribute mobile
RouterHome(config-router)#network 192.168.9.0
RouterHome(config-router)#network 192.168.10.0
RouterHome(config-router)#default-metric 10000 10 255 1 1500
RouterHome(config-router)#no auto-summary
RouterHome(config-router)#exit
In this example, we accept acclimated EIGRP as our acquisition protocol, but you could aloof as calmly use any added acquisition protocol. The Adaptable routes are injected into the acquisition agreement by application the redistribute adaptable command. Consequently, they will consistently arise as alien routes aback beheld abroad in the network. Please accredit to Chapters 6, 7, 8, and 9 for added advice about IP acquisition and redistribution into altered acquisition protocols.
Next we configure the IP Mobility appearance that we charge on the Home Agent router. Aboriginal we ascertain the IP abode that will serve as the Home Agent abode on all of the adrift accessories served by this Home Agent:
RouterHome(config)#ip adaptable home-agent abode 192.168.9.1
Then we use the ip adaptable virtual-network and ip adaptable host commands to ascertain the IP addresses that will be acclimated by the Adaptable Nodes:
RouterHome(config)#ip adaptable virtual-network 192.168.10.0 255.255.255.0
RouterHome(config)#ip adaptable host 192.168.10.1 192.168.10.254 virtual-network 192.168.10.0 255.255.255.0
Note that the virtual-network command is appropriate actuality because this 192.168.10.0/24 arrangement does not arise on any concrete interface on this router. If we had capital instead to accept a absolute arrangement articulation that accurate a admixture of adrift and nonroaming devices, we could accept done so by pointing the ip adaptable host command to the agnate interface as follows:
RouterHome(config)#ip adaptable host 192.168.10.10 192.168.10.254 interface FastEthernet0/1
We accept fabricated addition baby change in this command by excluding the accessories in the ambit 192.168.10.1-9. This was done to save amplitude for arrangement devices, which will apparently never roam. Also agenda that if you are application a concrete interface to abutment the adrift range, again it ability accomplish faculty to use the router's IP abode on this interface as the Home Agent address.
We stress, however, that we adopt to use basic networks for roaming. The alone acute acumen for acute a admixture of adrift and nonroaming accessories in the aforementioned abode ambit is to abutment an ad-hoc adaptable infrastructure. We feel that the ability and aliment requirements for acknowledging IP Mobility in a arrangement of any admeasurement are abundantly abundant to accreditation a added accurate arrangement architecture than this.
Finally, we accept configured a account of aegis keys to be acclimated for acceptance the Adaptable Nodes as they connect:
RouterHome(config)#ip adaptable defended host 192.168.10.110 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.111 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.112 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.113 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.114 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.115 spi 100 key ascii cookbook
We accept configured a abstracted band for anniversary Adaptable Node, allegorical its IP abode and an affidavit key. You can specify a account of altered keys for anniversary host by giving anniversary key a altered Aegis Parameter Index (SPI) value:
RouterHome(config)#ip adaptable defended host 192.168.10.112 spi 100 key ascii cookbook
RouterHome(config)#ip adaptable defended host 192.168.10.112 spi 200 key ascii oreilly
RouterHome(config)#ip adaptable defended host 192.168.10.112 spi 300 key ascii 2edition
You charge again configure the aforementioned keys with the aforementioned SPI ethics on the Adaptable Node. This allows you to calmly amend your keys after accident connectivity. Aback you appetite to change your key values, you artlessly add the new keys to your Adaptable Nodes and to the Home Agent, and again you go aback about and annul the old keys.
In this case, of course, we accept set the keys for all of the Adaptable Nodes to the aforementioned value, cookbook, which we absolutely don't acclaim accomplishing in a assembly network.
In beyond networks, it can become rather arduous to manually configure all of these keys on the Home Agent routers. So Cisco has fabricated it accessible to use AAA to access these keys from a axial TACACS+ database:
RouterHome(config)#aaa new-model
RouterHome(config)#aaa allotment ipmobile absence accumulation tacacs+
RouterHome(config)#ip adaptable defended mn-aaa spi 200 algorithm md5
Please accredit to Chapter 4 for added advice on TACACS+.
See Also