System Administration Guide: IP Services

foreign agent

A router or server on the foreign network that the mobile node visits.

foreign network

Any network other than the mobile node's home network.

forward tunnel

A tunnel that starts at the home agent and terminates at the mobile node's care-of address.

Generic Routing Encapsulation (GRE)

An optional form of tunneling that can be supported by home agents, foreign agents, and mobile nodes. GRE enables a packet of any network-layer protocol to be encapsulated within a delivery packet of any other (or the same) network-layer protocol.

hash value

A number that is generated from a string of text. Hash functions are used to ensure that transmitted messages have not been tampered with. MD5 and SHA-1 are examples of one-way hash functions.

HMAC

Keyed hashing method for message authentication. HMAC is used with an iterative cryptographic hash function, such as MD5 or SHA-1, in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function.

home address

An IP address that is assigned for an extended period to a mobile node. The address remains unchanged when the node is attached elsewhere on the Internet or an organization's network.

home agent

A router or server on the home network of a mobile node.

home network

A network that has a network prefix that matches the network prefix of a mobile node's home address.

hop

A measure that is used to identify the number of routers that separate two hosts. If three routers separate a source and destination, the hosts are four hops away from each other.

IKE

Internet Key Exchange. IKE automates the provision of authenticated keying material for IPsec security associations.

IP-in-IP encapsulation

The Internet-standard protocol for tunneling IPv4 packets within IPv4 packets.

IP link

A communication facility or medium over which nodes can communicate at the link layer. The link layer is the layer immediately below IPv4/IPv6. Examples include Ethernets (simple or bridged) or ATM networks. One or more IPv4 subnet numbers or prefixes are assigned to an IP link. A subnet number or prefix cannot be assigned to more than one IP link. In ATM LANE, an IP link is a single emulated LAN. When you use ARP, the scope of the ARP protocol is a single IP link.

IPsec

The security architecture (IPsec) that provides protection for IP datagrams.

IPv4

Internet Protocol, version 4. Sometimes referred to as IP. This version supports a 32-bit address space.

IPv6

Internet Protocol, version 6. This version supports a 128-bit address space.

key management

The way in which you manage security associations.

link-local-use address

A designation that is used for addressing on a single link for purposes such as automatic address configuration.

local-use address

A unicast address that has only local routability scope (within the subnet or within a subscriber network). This address also can have a local or global uniqueness scope.

MD5

An iterative cryptographic hash function that is used for message authentication, including digital signatures. The function was developed in 1991 by Rivest.

Minimal encapsulation

An optional form of IPv4 in IPv4 tunneling that can be supported by home agents, foreign agents, and mobile nodes. Minimal encapsulation has 8 or 12 bytes less of overhead than does IP-in-IP encapsulation.

mobile node

A host or router that can change its point of attachment from one network to another network while maintaining all existing communications by using its IP home address.

mobility agent

Either a home agent or a foreign agent.

mobility binding

The association of a home address with a care-of address, along with the remaining lifetime of that association.

mobility security association

A collection of security measures, such as an authentication algorithm, between a pair of nodes, which are applied to Mobile IP protocol messages that are exchanged between the two nodes.


	foreign agent A router or server on the foreign network that the mobile node visits. foreign network Any network other than the mobile node's home network. forward tunnel A tunnel that starts at the home agent and terminates at the mobile node's care-of address. Generic Routing Encapsulation (GRE) An optional form of tunneling that can be supported by home agents, foreign agents, and mobile nodes. GRE enables a packet of any network-layer protocol to be encapsulated within a delivery packet of any other (or the same) network-layer protocol. hash value A number that is generated from a string of text. Hash functions are used to ensure that transmitted messages have not been tampered with. MD5 and SHA-1 are examples of one-way hash functions. HMAC Keyed hashing method for message authentication. HMAC is used with an iterative cryptographic hash function, such as MD5 or SHA-1, in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. home address An IP address that is assigned for an extended period to a mobile node. The address remains unchanged when the node is attached elsewhere on the Internet or an organization's network. home agent A router or server on the home network of a mobile node. home network A network that has a network prefix that matches the network prefix of a mobile node's home address. hop A measure that is used to identify the number of routers that separate two hosts. If three routers separate a source and destination, the hosts are four hops away from each other. IKE Internet Key Exchange. IKE automates the provision of authenticated keying material for IPsec security associations. IP-in-IP encapsulation The Internet-standard protocol for tunneling IPv4 packets within IPv4 packets. IP link A communication facility or medium over which nodes can communicate at the link layer. The link layer is the layer immediately below IPv4/IPv6. Examples include Ethernets (simple or bridged) or ATM networks. One or more IPv4 subnet numbers or prefixes are assigned to an IP link. A subnet number or prefix cannot be assigned to more than one IP link. In ATM LANE, an IP link is a single emulated LAN. When you use ARP, the scope of the ARP protocol is a single IP link. IPsec The security architecture (IPsec) that provides protection for IP datagrams. IPv4 Internet Protocol, version 4. Sometimes referred to as IP. This version supports a 32-bit address space. IPv6 Internet Protocol, version 6. This version supports a 128-bit address space. key management The way in which you manage security associations. link-local-use address A designation that is used for addressing on a single link for purposes such as automatic address configuration. local-use address A unicast address that has only local routability scope (within the subnet or within a subscriber network). This address also can have a local or global uniqueness scope. MD5 An iterative cryptographic hash function that is used for message authentication, including digital signatures. The function was developed in 1991 by Rivest. Minimal encapsulation An optional form of IPv4 in IPv4 tunneling that can be supported by home agents, foreign agents, and mobile nodes. Minimal encapsulation has 8 or 12 bytes less of overhead than does IP-in-IP encapsulation. mobile node A host or router that can change its point of attachment from one network to another network while maintaining all existing communications by using its IP home address. mobility agent Either a home agent or a foreign agent. mobility binding The association of a home address with a care-of address, along with the remaining lifetime of that association. mobility security association A collection of security measures, such as an authentication algorithm, between a pair of nodes, which are applied to Mobile IP protocol messages that are exchanged between the two nodes.