Reverse tunneling is a mechanism in Mobile IP that enables packets sent by a Mobile Node (MN) to be routed through its Home Agent (HA) before reaching their final destination. This is the opposite direction of the standard tunneling process, hence the name “reverse tunneling.”
Basic Concept
In standard Mobile IP operation, packets from a Correspondent Node (CN) to a Mobile Node are tunneled from the Home Agent to the Foreign Agent, but packets from the Mobile Node to the Correspondent Node are sent directly. Reverse tunneling changes this by:
- Having the Mobile Node send packets to the Foreign Agent
- The Foreign Agent encapsulates these packets and tunnels them to the Home Agent
- The Home Agent decapsulates the packets and forwards them to their final destination
Purpose and Benefits
Reverse tunneling addresses several important issues in mobile communications:
-
Topological Correctness:
- Many routers and firewalls reject packets with source addresses that don’t match their expected network topology
- Packets encapsulated by the Foreign Agent have topologically correct addresses
- This prevents packet filtering by intermediate firewalls that check source addresses
-
TTL Problems:
- Time-to-Live (TTL) values can be incorrect when the Mobile Node is far from its home network
- Reverse tunneling ensures proper TTL values in the home network
-
Multicast Support:
- Facilitates multicast operations that depend on source address verification
-
Security and Network Access:
- Allows Mobile Nodes to access private networks with strict ingress filtering
- Maintains appearance that all traffic is originating from the home network