Question

A mobile terminal residing in a foreign network uses its home address to communicate with a correspondent node using normal routing mechanisms. The firewalls that are located at the edge of foreign or home network often discard such packets. Explain clearly what causes the firewall to discard such packets at the foreign network and at the home network. Briefly explain the solution offered by Mobile IP to address this problem.

Answer 1

The below image explains the flowchart of IP routing mechanisms. Further on the technicality that resides and why such packets sometime don't deliver are :

So in the above case which was mentioned in the question flows as:

1. Internet sends datagram to the home address.

2. Home address router routes the datagram to to the foreign agent's care-of-address.

Care-of-address : In routing terminologies care-of-address is the second split of a single home IP address. When the network of attatchment changes when you shift to a new network on internet, it is split in two parts.

a.) The Home Host IP Address where the packets are first sent.

b.) The care-of-address which identifies the foreign host. (Application : Only to identify the host and the home and foreign ip addressing is configured. Identifies the care of address through updation of location from the foreign host..)

3. When the foreign agent identifies the packet it is routed to the point of attatchment which is the device on the foreign network.

According to Internet Protocol if the address and port is correctly configured the computing power is not lost.on the foreign agent's end. Because the firewall accepts every packet directed to it with a port and discard all others which are undirected.

Above all of it, if the packet received goes through a Data Link Layer the firewall identifies it's headers and is it a threat or not. And forwards the packet. So the solution to your problem is:

Either the packet headers need to come from a trusted network which has ssl certificate or the firewall policy needs to be changed against a specific need.

The Second reason that can allow the loss of packets is the internet connectivity on foreign agent's end.This can mainly lead to delay or inaccurate broadcasting of location services by which the home agent identifies the care-of-address assigned which in turn delays the connection established. So your internet might be working but the connection being established namely the tunnel to reach home agent is improperly configured or delay in accuracy of the configuration.