Mobile IPv4 (MIPv4) is an extension to the Internet Protocol (IPv4) allowing for mobile nodes to roam among MIP enabled networks while maintaining the same IP address. MIPv4 default routing scheme is called triangular routing, but it is not compatible with the widespread egress filtering policies applied by most of the currently deployed firewalls and described as network security best practices. As a result, mobile connections use the alternative reverse tunneling routing schemes, that pays its better compatibility with lower performance.
Secure triangular routing is a novel routing scheme able to deliver the same performance of triangular routing, while being compatible with all the traffic filtering and network security best practices. The underlying idea is to make the MIP infrastructure cooperate with the firewalls deployed in the MIP-enabled networks. Firewalling rules are dynamically modified to reflect the possible presence of authenticated mobile nodes within their boundaries, thus allowing their traffic to pass through the firewall.
The main strengths of the proposed idea are:
Viability and performance of the proposed solutions have been evaluated through a prototype realized with Open Source software.