Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

System Administration Guide: IP Services
Previous Next

Creating the Mobile IP Configuration File

This section explains how to plan for Mobile IP and create the /etc/inet/mipagent.conffile.

How to Plan for Mobile IP

When you configure the mipagent.conf file for the first time, you need to perform the following tasks:

  1. Depending on your organization's requirements for its hosts, determine what functionality your Mobile IP agent can provide:

    • Foreign agent functionality only

    • Home agent functionality only

    • Both foreign agent and home agent functionality

  2. Create the /etc/inet/mipagent.conf file and specify the settings you require by using the procedures that are described in this section. You can also copy one of the following files to /etc/inet/mipagent.conf and modify it according to your requirements:

    • For foreign agent functionality, copy /etc/inet/mipagent.conf.fa-sample.

    • For home agent functionality, copy /etc/inet/mipagent.conf.ha-sample.

    • For both foreign agent and home agent functionality, copy /etc/inet/mipagent.conf-sample.

  3. You can reboot your system to invoke the boot script that starts the mipagent daemon. Or, you can also start mipagent by typing the following command:
    # /etc/inet.d/mipagent start

How to Create the Mobile IP Configuration File

  1. Assume the Primary Administrator role, or become superuser, on the system where you want to enable Mobile IP.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Create the /etc/inet/mipagent.conf file by using one of the following options:

    • In the /etc/inet directory, create an empty file named mipagent.conf.

    • From the following list, copy the sample file that provides the functionality you want for the /etc/inet/mipagent.conf file.

      • /etc/inet/mipagent.conf.fa-sample

      • /etc/inet/mipagent.conf.ha-sample

      • /etc/inet/mipagent.conf-sample

  3. Add or change configuration parameters in the /etc/inet/mipagent.conf file to conform to your configuration requirements.

    The remaining procedures in this section describe the steps to modify sections in /etc/inet/mipagent.conf.

How to Configure the General Section

If you copied one of the sample files in the /etc/inet directory, you can omit this procedure because the sample file contains this entry. General Section provides descriptions of the labels and values that are used in this section.

  • Edit the /etc/inet/mipagent.conf file and add the following lines:
    [General]
     Version = 1.0

    Note - The /etc/inet/mipagent.conf file must contain this entry.

How to Configure the Advertisements Section

Advertisements Section provides descriptions of the labels and values that are used in this section.

  • Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration.
    [Advertisements interface]
     HomeAgent = <yes/no>
     ForeignAgent = <yes/no>
     PrefixFlags = <yes/no>
     AdvertiseOnBcast = <yes/no>
     RegLifetime = n
     AdvLifetime = n
     AdvFrequency = n
     ReverseTunnel = <yes/no/FA/HA/both>
     ReverseTunnelRequired = <yes/no/FA/HA>

    Note - You must include a different Advertisements section for each interface on the local host that provides Mobile IP services.

How to Configure the GlobalSecurityParameters Section

GlobalSecurityParameters Section provides descriptions of the labels and values that are used in this section.

  • Edit the /etc/inet/mipagent.conf file and add or change the following lines by using the values that are required for your configuration:
    [GlobalSecurityParameters]
     MaxClockSkew = n
     HA-FAauth = <yes/no>
     MN-FAauth = <yes/no>
     Challenge = <yes/no>
     KeyDistribution = files

How to Configure the Pool Section

Pool Section provides descriptions of the labels and values that are used in this section:

  1. Edit the /etc/inet/mipagent.conf file
  2. Add or change the following lines by using the values that are required for your configuration:
    [Pool pool-identifier]
     BaseAddress = IP-address
     Size = size

How to Configure the SPI Section

SPI Section provides descriptions of the labels and values that are used in this section.

  1. Edit the /etc/inet/mipagent.conf file.
  2. Add or change the following lines by using the values that are required for your configuration:
    [SPI SPI-identifier]
     ReplayMethod = <none/timestamps>
     Key = key

    Note - You must include a different SPI section for each security context that is deployed.

How to Configure the Address Section

Address Section provides descriptions of the labels and values that are used in this section.

  1. Edit the /etc/inet/mipagent.conf file.
  2. Add or change the following lines by using the values that are required for your configuration:

    • For a mobile node, use the following:

      [Address address]
     Type = node
     SPI = SPI-identifier

    • For an agent, use the following:

      [Address address]
     Type = agent
     SPI = SPI-identifier
     IPsecRequest = action {properties} [: action {properties}]
     IPsecReply = action {properties} [: action {properties}]
     IPsecTunnel = action {properties} [: action {properties}]

      where action and {properties} are any action and associated properties that are defined in the ipsec(7P) man page.

      Note - The SPI that is configured previously corresponds to the MD5 protection mechanism that is required by RFC 2002. The SPI that is configured previously does not correspond to the SPI that is used by IPsec. For more information about IPsec, see Chapter 19, IP Security Architecture (Overview) and Chapter 20, Configuring IPsec (Tasks). Also see the ipsec(7P) man page.

    • For a mobile node that is identified by its NAI, use the following:

      [Address NAI]
     Type = Node
     SPI = SPI-identifier
     Pool = pool-identifier

    • For a default mobile node, use the following:

      [Address Node-Default]
     Type = Node
     SPI = SPI-identifier
     Pool = pool-identifier
Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire