Preserving TCP Connections Across Host Address Changes

  • Vassilis Prevelakis
  • Sotiris Ioannidis
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4176)


The predominance of short-lived connections in today’s Internet has created the perception that it is perfectly acceptable to change a host’s IP address with little regard about established connections. Indeed, the increased mobility offered by laptops with wireless network interfaces, and the aggressive use of short DHCP leases are leading the way towards an environment where IP addresses are transient and last for short time periods. However, there is still a place for long-lived connections (typically lasting hours or even days) for remote login sessions, over the network backups, etc. There is, therefore, a real need for a system that allows such connections to survive changes in the IP addresses of the hosts at either end of the connection.

In this paper we present a kernel-based mechanism that recognizes address changes and recovers from them. Furthermore, we discuss the security implications of such a scheme, and show that our system provides an effective defense against both eavesdropping and man-in-the-middle attacks.


Overlay Network Forwarding Node Device Driver Internet Engineer Task Address Change 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    The OpenBSD Operating System,
  2. 2.
    Aghdaie, N., Tamir, Y.: Client-Transparent Fault-Tolerant Web Service. In: Proceedings of the 20th IEEE International Performance, Computing, and Communications Conference (April 2001)Google Scholar
  3. 3.
    Akyidiz, I.F.: Mobility Management in Current and Future Communications Networks. IEEE Network 12(6), 39–49 (1998)CrossRefGoogle Scholar
  4. 4.
    Bhagwat, P., Perkins, C.: A Mobile Networking System based on Internet Protocol (IP). In: Proceedings of USENIX Symposium on Mobile and Location Independent Computing, pp. 69–82 (August 1993)Google Scholar
  5. 5.
    Campbell, A.T., Gomez, J., Kim, S., Turanyi, Z., Wan, C.Y.: Comparison of IP Micromobility Protocols. In: IEEE Wireless Communications (February 2002), pp. 72–82 (2002)Google Scholar
  6. 6.
    Campbell, A.T., Gomez, J., Kim, S., Turanyi, Z., Wan, C.Y., Valko, A.G.: Design, Implementation and Evaluation of Cellular IP. In: IEEE Personal Communications, Special Issue on IP-based Mobile Telecommunications Networks (June/July 2000)Google Scholar
  7. 7.
    Dobbertin, H.: The Status of MD5 After a Recent Attack. RSA Labs’ CryptoBytes 2(2) (summer, 1996)Google Scholar
  8. 8.
    Funato, D., Yasuda, K., Tokuda, H.: TCP-R: TCP mobility support for continuous operation. In: IEEE International Conference on Network Protocols (October 1997), pp. 229–236 (1997)Google Scholar
  9. 9.
    Heffernan, A.: RFC 2385: Protection of BGP Sessions via the TCP MD5 Signature Option. Request for Comments, Internet Engineering Task Force (August 1998)Google Scholar
  10. 10.
    Ioannidis, J., Duchamp, D., Maguire Jr., G.Q.: IP-Based Protocols for Mobile Internetworking. In: Proceedings of SIGCOMM, September 1991, pp. 235–245. ACM, New York (1991)Google Scholar
  11. 11.
    Ioannidis, J.: Protocols for Mobile Internetworking. PhD thesis, Columbia University in the City of New York (1993)Google Scholar
  12. 12.
    Jonhson, D., Perkins, C.: Mobility Support in IPv6. Internet Draft, Internet Engineering Task Force, Work in progress (July 2001)Google Scholar
  13. 13.
    Perkins, C.: RFC 2002: IP Mobility Support. Request for Comments, Internet Engineering Task Force (October 1996)Google Scholar
  14. 14.
    Prevelakis, V., Keromytis, A.: Designing an Embedded Firewall/VPN Gateway. In: Proceedings of the International Network Conference (2002)Google Scholar
  15. 15.
    Prevelakis, V., Keromytis, A.: Drop-in Security for Distributed and Portable Computing Elements. Journal of Internet Research 13(2) (2003)Google Scholar
  16. 16.
    Stuckman, P.: The GSM Evolution. Wiley, Chichester (2003)Google Scholar
  17. 17.
    Su, G.: MOVE: Mobility with Persistent Network Connections. PhD thesis, Columbia University, New York (2004)Google Scholar
  18. 18.
    Zhang, R., Abdelzaher, T.F., Stankovic, J.A.: Efficient TCP Connection Failover in Web Server Clusters. In: Proceedings of IEEE InfoCom (March 2004)Google Scholar
  19. 19.
    Zhuang, S., Lai, K., Stoica, I., Katz, R., Shenker, S.: Host Mobility using an Internet Indirection Infrastructure. In: First International Conference on Mobile Systems, Applications, and Services (ACM/USENIX Mobisys) (May 2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Vassilis Prevelakis
    • 1
  • Sotiris Ioannidis
    • 2
  1. 1.Computer Science DepartmentDrexel UniversityPhiladelphiaUSA
  2. 2.Computer Science DepartmentStevens Institute of TechnologyHobokenUSA

Personalised recommendations