--- 1/draft-ietf-6lo-rfc6775-update-13.txt 2018-02-23 11:13:18.280180735 -0800 +++ 2/draft-ietf-6lo-rfc6775-update-14.txt 2018-02-23 11:13:18.368182798 -0800 @@ -1,23 +1,23 @@ 6lo P. Thubert, Ed. Internet-Draft cisco Updates: 6775 (if approved) E. Nordmark Intended status: Standards Track Zededa -Expires: August 26, 2018 S. Chakrabarti +Expires: August 27, 2018 S. Chakrabarti Verizon C. Perkins Futurewei - February 22, 2018 + February 23, 2018 - An Update to 6LoWPAN ND - draft-ietf-6lo-rfc6775-update-13 + Registration Extensions for 6LoWPAN Neighbor Discovery + draft-ietf-6lo-rfc6775-update-14 Abstract This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to clarify the role of the protocol as a registration technique, simplify the registration operation in 6LoWPAN routers, as well as to provide enhancements to the registration capabilities and mobility detection for different network topologies including the backbone routers performing proxy Neighbor Discovery in a low power network. @@ -29,228 +29,229 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on August 26, 2018. + This Internet-Draft will expire on August 27, 2018. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 - 3. Applicability of Address Registration Options . . . . . . . . 5 + 3. Applicability of Address Registration Options . . . . . . . . 4 4. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 5 - 4.1. Extended Address Registration Option (EARO) . . . . . . . 7 + 4.1. Extended Address Registration Option (EARO) . . . . . . . 6 4.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 7 - 4.2.1. Comparing TID values . . . . . . . . . . . . . . . . 7 + 4.2.1. Comparing TID values . . . . . . . . . . . . . . . . 8 4.3. Registration Unique ID . . . . . . . . . . . . . . . . . 9 4.4. Extended Duplicate Address Messages . . . . . . . . . . . 10 4.5. Registering the Target Address . . . . . . . . . . . . . 10 4.6. Link-Local Addresses and Registration . . . . . . . . . . 11 4.7. Maintaining the Registration States . . . . . . . . . . . 12 5. Detecting Enhanced ARO Capability Support . . . . . . . . . . 14 6. Extended ND Options And Messages . . . . . . . . . . . . . . 14 6.1. Enhanced Address Registration Option (EARO) . . . . . . . 14 - 6.2. Extended Duplicate Address Message Formats . . . . . . . 16 + 6.2. Extended Duplicate Address Message Formats . . . . . . . 17 6.3. New 6LoWPAN Capability Bits in the Capability Indication - Option . . . . . . . . . . . . . . . . . . . . . . . . . 17 + Option . . . . . . . . . . . . . . . . . . . . . . . . . 18 7. Backward Compatibility . . . . . . . . . . . . . . . . . . . 18 - 7.1. Discovering the capabilities of an ND peer . . . . . . . 18 - 7.1.1. Using the "E" Flag in the 6CIO . . . . . . . . . . . 18 - 7.1.2. Using the "T" Flag in the EARO . . . . . . . . . . . 18 - 7.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 19 - 7.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 19 - 7.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 20 - 8. Security Considerations . . . . . . . . . . . . . . . . . . . 20 + 7.1. Discovering the capabilities of an ND peer . . . . . . . 19 + 7.1.1. Using the "E" Flag in the 6CIO . . . . . . . . . . . 19 + 7.1.2. Using the "T" Flag in the EARO . . . . . . . . . . . 19 + 7.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 20 + 7.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 20 + 7.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 21 + 8. Security Considerations . . . . . . . . . . . . . . . . . . . 21 9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 22 - 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 + 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 10.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . 23 - 10.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 23 - 10.3. New ARO Status values . . . . . . . . . . . . . . . . . 24 - 10.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . 24 - 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 25 - 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 - 12.1. Normative References . . . . . . . . . . . . . . . . . . 25 - 12.2. Informative References . . . . . . . . . . . . . . . . . 26 - 12.3. External Informative References . . . . . . . . . . . . 30 - Appendix A. Applicability and Requirements Served . . . . . . . 30 - Appendix B. Requirements . . . . . . . . . . . . . . . . . . . . 31 - B.1. Requirements Related to Mobility . . . . . . . . . . . . 31 - B.2. Requirements Related to Routing Protocols . . . . . . . . 32 + 10.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 24 + 10.3. New ARO Status values . . . . . . . . . . . . . . . . . 25 + 10.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . 25 + 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 26 + 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 26 + 12.1. Normative References . . . . . . . . . . . . . . . . . . 26 + 12.2. Informative References . . . . . . . . . . . . . . . . . 27 + 12.3. External Informative References . . . . . . . . . . . . 31 + Appendix A. Applicability and Requirements Served . . . . . . . 31 + Appendix B. Requirements . . . . . . . . . . . . . . . . . . . . 32 + B.1. Requirements Related to Mobility . . . . . . . . . . . . 32 + B.2. Requirements Related to Routing Protocols . . . . . . . . 33 B.3. Requirements Related to the Variety of Low-Power Link - types . . . . . . . . . . . . . . . . . . . . . . . . . . 33 - B.4. Requirements Related to Proxy Operations . . . . . . . . 34 - B.5. Requirements Related to Security . . . . . . . . . . . . 34 - B.6. Requirements Related to Scalability . . . . . . . . . . . 35 - B.7. Requirements Related to Operations and Management . . . . 36 - B.8. Matching Requirements with Specifications . . . . . . . . 36 - Appendix C. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . 38 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 + types . . . . . . . . . . . . . . . . . . . . . . . . . . 34 + B.4. Requirements Related to Proxy Operations . . . . . . . . 35 + B.5. Requirements Related to Security . . . . . . . . . . . . 35 + B.6. Requirements Related to Scalability . . . . . . . . . . . 36 + B.7. Requirements Related to Operations and Management . . . . 37 + B.8. Matching Requirements with Specifications . . . . . . . . 38 + Appendix C. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . 39 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39 1. Introduction - The scope of this draft is an IPv6 Low Power Networks including star + The scope of this draft is an IPv6 Low Power Network including star and mesh topologies. This specification modifies and extends the behavior and protocol elements of "Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND) [RFC6775] to enable additional capabilities and enhancements such as: - o Support for indicating mobility vs retry (T-bit) - o Simplify the registration flow for link-local addresses - o Enhancement to Address Registration Option (ARO) - o Permitting registration of a target address - o Clarification of support of privacy and temporary addresses - - The applicability of 6LoWPAN ND registration is discussed in - Section 3, and new extensions and updates to [RFC6775] are presented - in Section 4. Considerations on Backward Compatibility, Security and - Privacy are also elaborated upon in Section 7, Section 8 and in - Section 9, respectively. + o determining the freshest location in case of mobility (T-bit) + o Simplifying the registration flow for link-local addresses + o Support of a Leaf node in a route-over network + o Proxy registration in a route-over network + o Registration to a IPv6 ND proxy over a Backbone Link + o Clarification of support for privacy and temporary addresses 2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. The Terminology used in this document is consistent with and incorporates that described in Terms Used in Routing for Low-Power and Lossy Networks (LLNs). [RFC7102]. Other terms in use in LLNs are found in Terminology for Constrained- Node Networks [RFC7228]. + A glossary of some classical 6LoWPAN acronyms such as ARO, 6LN, 6LBR + and 6CIO is given in Appendix C. + Readers are expected to be familiar with all the terms and concepts that are discussed in + o "Neighbor Discovery for IP version 6" [RFC4861], o "IPv6 Stateless Address Autoconfiguration" [RFC4862], o "Problem Statement and Requirements for IPv6 over Low-Power Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): - Overview, Assumptions, Problem Statement, and Goals" [RFC4919], + Overview, Assumptions, Problem Statement, and Goals" [RFC4919] and o "Neighbor Discovery Optimization for Low-power and Lossy Networks" - [RFC6775] and - o "Multi-link Subnet Support in IPv6" - [I-D.ietf-ipv6-multilink-subnets], + [RFC6775]. as well as the following terminology: Backbone Link: An IPv6 transit link that interconnects two or more Backbone Routers. It is expected to be of high speed compared to the LLN in order to carry the traffic that is required to federate multiple segments of the potentially large LLN into a single IPv6 subnet. Backbone Router: A logical network function in an IPv6 router that federates a LLN over a Backbone Link. In order to do so, the Backbone Router (6BBR) proxies the 6LoWPAN ND operations - detailed in the document onto the matching operations that run + detailed in this document onto the matching operations that run over the backbone, typically IPv6 ND. Note that 6BBR is a - logical function, just like 6LR and 6LBR, and that a same + logical function, just like 6LR and 6LBR, and that the same physical router may operate all three. Extended LLN: The aggregation of multiple LLNs as defined in [RFC4919], interconnected by a Backbone Link via Backbone Routers, and forming a single IPv6 MultiLink Subnet. Registration: The process during which a 6LN registers its address(es) with the Border Router so the 6BBR can serve as proxy for ND operations over the Backbone. - Binding: The association between an IP address with a MAC address, a + Binding: The association between an IP address and a MAC address, a port and/or other information about the node that owns the IP address. Registered Node: The node for which the registration is performed, - and which owns the fields in the EARO option. + and which owns the fields in the Extended ARO option. Registering Node: The node that performs the registration to the 6BBR, which may proxy for the registered node. - Registered Address: An address owned by the Registered Node node - that was or is being registered. + Registered Address: An address owned by the Registered Node that was + or is being registered. RFC6775-only: Applied to a type of node or a type of message, this adjective indicates a behavior that is strictly as specified by [RFC6775] as opposed to updated with this specification. - updated: a 6LN, a 6LR or a 6LBR that supports this specification. + updated: Qualifies a 6LN, a 6LR or a 6LBR that supports this + specification. 3. Applicability of Address Registration Options The purpose of the Address Registration Option (ARO) in [RFC6775] is to facilitate duplicate address detection (DAD) for hosts as well as - populate Neighbor Cache Entries (NCE) [RFC4861] in the routers. This - reduces the reliance on multicast operations, which are often as + to populate Neighbor Cache Entries (NCEs) [RFC4861] in the routers. + + This reduces the reliance on multicast operations, which are often as intrusive as broadcast, in IPv6 ND operations. With this specification, a failed or useless registration can be detected by a 6LR or a 6LBR for reasons other than address duplication. Examples include: the router having run out of space; a registration bearing a stale sequence number perhaps denoting a movement of the host after the registration was placed; a host misbehaving and attempting to register an invalid address such as the - unspecified address [RFC4291]; or a host using an address which is - not topologically correct on that link. + unspecified address [RFC4291]; or a host using an address that is not + topologically correct on that link. In such cases the host will receive an error to help diagnose the issue and may retry, possibly with a different address, and possibly registering to a different router, depending on the returned error. The ability to return errors to address registrations is not intended to be used to restrict the ability of hosts to form and use multiple - addresses, as recommended in "Host Address Availability - Recommendations" [RFC7934]. + addresses. Rather, the intention is to conform to "Host Address + Availability Recommendations" [RFC7934]. In particular, the freedom to form and register addresses is needed for enhanced privacy; each host may register a number of addresses using mechanisms such as "Privacy Extensions for Stateless Address Autoconfiguration (SLAAC) in IPv6" [RFC4941]. - In IPv6 ND [RFC4861], a router must have enough storage to hold - neighbor cache entries for all the addresses to which it may forward. - A router using the Address Registration mechanism also needs enough + In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for + all the addresses to which it can currently forward packets. A + router using the Address Registration mechanism also needs enough storage to hold NCEs for all the addresses that may be registered to it, regardless of whether or not they are actively communicating. The number of registrations supported by a 6LoWPAN Router (6LR) or - 6LoWPAN Border Router (6LBR) must be clearly documented. + 6LoWPAN Border Router (6LBR) MUST be clearly documented by the vendor + and the dynamic use of associated resources SHOULD be made available + to the network operator, e.g. to a management console. - A network administrator should deploy updated 6LR/6LBRs to support - the number and type of devices in their network, based on the number - of IPv6 addresses that those devices require and their address - renewal rate and behavior. + A network administrator MUST deploy updated 6LR/6LBRs to support the + number and type of devices in their network, based on the number of + IPv6 addresses that those devices require and their address renewal + rate and behavior. 4. Updating RFC 6775 This specification introduces the Extended Address Registration Option (EARO) based on the ARO as defined [RFC6775]; in particular a "T" flag is added that MUST be set in NS messages when this specification is used, and echoed in NA messages to confirm that the protocol is supported. The extensions to the ARO option are used in the Duplicate Address Request (DAR) and Duplicate Address Confirmation (DAC) messages, so as to convey the additional information all the way to the 6LBR. In turn the 6LBR may proxy the registration using IPv6 ND over a Backbone Link as illustrated in Figure 1. Note that this specification avoids the extended DAR flow for Link Local Addresses - in a Route-Over [RFC6606] mesh. + in a Route-Over [RFC6606] topology. 6LN 6LR 6LBR 6BBR | | | | | NS(EARO) | | | |--------------->| | | | | Extended DAR | | | |-------------->| | | | | | | | | proxy NS(EARO) | | | |--------------->| @@ -263,67 +264,79 @@ | | Extended DAC | | | |<--------------| | | NA(EARO) | | | |<---------------| | | | | | | Figure 1: (Re-)Registration Flow In order to support various types of link layers, it is RECOMMENDED to allow multiple registrations, including for privacy / temporary - addresses, and provide new mechanisms to help clean up stale - registration states as soon as possible. + addresses. It is also RECOMMENDED to provide new mechanisms to help + clean up stale registration state as soon as possible. Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface and locates available 6LRs; a Registering Node SHOULD prefer registering to a 6LR that is found to support this specification, as - discussed in Section 7.1, over a RFC6775-only one. + discussed in Section 7.1, over an RFC6775-only one. 4.1. Extended Address Registration Option (EARO) - The Extended ARO (EARO) deprecates the ARO and is backward compatible + The Extended ARO (EARO) replaces the ARO and is backward compatible with it. More details on backward compatibility can be found in Section 7. The semantics of the ARO are modified as follows: o The address that is being registered with a Neighbor Solicitation (NS) with an EARO is now the Target Address, as opposed to the Source Address as specified in [RFC6775] (see Section 4.5). This change enables a 6LBR to use one of its addresses as source to the proxy-registration of an address that belongs to a LLN Node to a 6BBR. This also limits the use of an address as source address before it is registered and the associated DAD process is complete. o The Unique ID in the EARO Option is not required to be a MAC address (see Section 4.3). + o This document specifies a new flag in the EARO option, the 'R' + flag, used by a 6LN, when registering, to indicate that this 6LN + is not a router and that it will not handle its own reachability. + If the 'R' flag is set, the registering node expects that the 6LR + ensures reachability for the registered address by means of + routing or proxying ND. A host SHOULD set the 'R' flag. When not + set, the 'R' flag indicates that the Registering Node is a router, + which for instance participates to a route-over routing protocol + such as RPL [RFC6550], and which will take care of injecting the + address over the routing protocol by itself. A router SHOULD NOT + set the 'R' flag. o The specification introduces a Transaction ID (TID) field in the EARO (see Section 4.2). The TID MUST be provided by a node that supports this specification and a new "T" flag MUST be set to indicate so. o Finally, this specification introduces new status codes to help diagnose the cause of a registration failure (see Table 1). 4.2. Transaction ID The Transaction ID (TID) is a sequence number that is incremented with each re-registration. The TID is used to detect the freshness - of the registration request and useful to detect one single - registration by multiple 6LoWPAN border routers (e.g., 6LBRs and - 6BBRs) supporting the same 6LoWPAN. The TID may also be used by the - network to track the sequence of movements of a node in order to - route to the current (freshest known) location of a moving node. + of the registration request and to detect one single registration by + multiple 6LoWPAN border routers (e.g., 6LBRs and 6BBRs) supporting + the same 6LoWPAN. The TID may also be used by the network to track + the sequence of movements of a node in order to route to the current + (freshest known) location of a moving node. When a Registered Node is registered with multiple 6BBRs in parallel, - the same TID SHOULD be used, to enable the 6BBRs to determine that - the registrations are the same, and distinguish that situation from a - movement. + the same TID SHOULD be used. This enables the 6BBRs to determine + that the registrations are the same, and distinguish that situation + from a movement (see section 4 of [I-D.ietf-6lo-backbone-router] and + Section 4.7 below). 4.2.1. Comparing TID values The TID is a sequence counter and its operation is the exact match of the path sequence specified in RPL, the IPv6 Routing Protocol for Low-Power and Lossy Networks [RFC6550] specification. In order to keep this document self-contained and yet compatible, the text below is an exact copy from section 7.2. "Sequence Counter Operation" of [RFC6550]. @@ -389,31 +403,25 @@ numbers are not comparable. 4. If two sequence numbers are determined to be not comparable, i.e. the results of the comparison are not defined, then a node should give precedence to the sequence number that was most recently incremented. Failing this, the node should select the sequence number in order to minimize the resulting changes to its own state. 4.3. Registration Unique ID - The Registration Unique ID (RUID) enables a duplicate address - registration to be distinguished from a double registration or a - movement. An ND message from the 6BBR over the Backbone Link that is - proxied on behalf of a Registered Node must carry the most recent - EARO option seen for that node. A NS/NA with an EARO and a NS/NA - without a EARO thus represent different nodes; if they relate to a - same target then an address duplication is likely. - - The Registration Unique ID in [RFC6775] is a EUI-64 globally unique - address configured at a Lower Layer, under the assumption that - duplicate EUI-64 addresses are avoided. + The Registration Unique ID (RUID) generalizes the EUI-64 field of the + ARO in [RFC6775]. It is unique to a registration and enables to + identify the tentative to register a duplicate address, which is + characterized by a different RUID in the conflicting registrations + (more in Section 4.6) With this specification, the Registration Unique ID is allowed to be extended to different types of identifier, as long as the type is clearly indicated. For instance, the type can be a cryptographic string and used to prove the ownership of the registration as discussed in "Address Protected Neighbor Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to support the flows related to the proof of ownership, this specification introduces new status codes "Validation Requested" and "Validation Failed" in the EARO. @@ -425,40 +433,40 @@ 4.4. Extended Duplicate Address Messages In order to map the new EARO content in the DAR/DAC messages, a new TID field is added to the Extended DAR (EDAR) and the Extended DAC (EDAC) messages as a replacement to a Reserved field, and an odd value of the ICMP Code indicates support for the TID, to transport the "T" flag. In order to prepare for future extensions, and though no option has - been defined for the Duplicate Address messages, implementations - SHOULD expect ND options after the main body, and SHOULD ignore them. + been defined for the Duplicate Address messages, implementations MUST + expect ND options after the main body, and MUST ignore them. As for the EARO, the Extended Duplicate Address messages are backward compatible with the RFC6775-only versions, and remarks concerning backwards compatibility for the protocol between the 6LN and the 6LR apply similarly between a 6LR and a 6LBR. 4.5. Registering the Target Address The Registering Node is the node that performs the registration to the 6BBR. As in [RFC6775], it may be the Registered Node as well, in which case it registers one of its own addresses, and indicates its own MAC Address as Source Link Layer Address (SLLA) in the NS(EARO). This specification adds the capability to proxy the registration operation on behalf of a Registered Node that is reachable over a LLN mesh. In that case, if the Registered Node is reachable from the 6BBR over a Mesh-Under mesh, the Registering Node indicates the MAC - Address of the Registered Node as SLLA in the NS(EARO). If the + Address of the Registered Node as the SLLA in the NS(EARO). If the Registered Node is reachable over a Route-Over mesh from the Registering Node, the SLLA in the NS(ARO) is that of the Registering Node. This enables the Registering Node to attract the packets from the 6BBR and route them over the LLN to the Registered Node. In order to enable the latter operation, this specification changes the behavior of the 6LN and the 6LR so that the Registered Address is found in the Target Address field of the NS and NA messages as opposed to the Source Address. With this convention, a TLLA option indicates the link-layer address of the 6LN that owns the address, @@ -472,46 +480,46 @@ RFC6775-only 6LoWPAN ND [RFC6775]. 4.6. Link-Local Addresses and Registration Considering that LLN nodes are often not wired and may move, there is no guarantee that a Link-Local address stays unique between a potentially variable and unbounded set of neighboring nodes. Compared to [RFC6775], this specification only requires that a Link- Local address is unique from the perspective of the two nodes that - use it to communicate (e.g. the 6LN and the 6LR in an NS/NA - exchange). This simplifies the DAD process in Route-Over Mode for - Link-Local addresses, and there is no exchange of Duplicate Address - messages between the 6LR and a 6LBR for Link-Local addresses. + use it to communicate (e.g., the 6LN and the 6LR in an NS/NA + exchange). This simplifies the DAD process in a Route-Over topology + for Link-Local addresses, by avoiding an exchange of Duplicate + Address messages between the 6LR and a 6LBR for those addresses. In more details: An exchange between two nodes using Link-Local addresses implies that they are reachable over one hop and that at least one of the 2 nodes acts as a 6LR. A node MUST register a Link-Local address to a 6LR in order to obtain reachability from that 6LR beyond the current exchange, and in particular to use the Link-Local address as source - address to register other addresses, e.g. global addresses. + address to register other addresses, e.g., global addresses. If there is no collision with an address previously registered to this 6LR by another 6LN, then the Link-Local address is unique from the standpoint of this 6LR and the registration is acceptable. Alternatively, two different 6LRs might expose the same Link-Local address but different link-layer addresses. In that case, a 6LN MUST only interact with at most one of the 6LRs. The DAD process between the 6LR and a 6LBR, which is based on an exchange of Duplicate Address messages, does not need to take place for Link-Local addresses. - When registering to a 6LR that conforms this specification, a node + When registering to a 6LR that conforms to this specification, a node MUST use a Link-Local address as the source address of the registration, whatever the type of IPv6 address that is being registered. That Link-Local Address MUST be either an address that is already registered to the 6LR, or the address that is being registered. When a Registering Node does not have an already-Registered Address, it MUST register a Link-Local address, using it as both the Source and the Target Address of an NS(EARO) message. In that case, it is RECOMMENDED to use a Link-Local address that is (expected to be) @@ -521,94 +529,107 @@ Since there is no Duplicate Address exchange for Link-Local addresses, the 6LR may answer immediately to the registration of a Link-Local address, based solely on its existing state and the Source Link-Layer Option that MUST be placed in the NS(EARO) message as required in [RFC6775]. A node needs to register its IPv6 Global Unicast IPv6 Addresses (GUAs) to a 6LR in order to establish global reachability for these addresses via that 6LR. When registering with an updated 6LR, a - Registering Node does not use its GUA as Source Address, in contrast - to a node that complies to [RFC6775]. For non-Link-Local addresses, - the Duplicate Address exchange MUST conform to [RFC6775], but the + Registering Node does not use a GUA as Source Address, in contrast to + a node that complies to [RFC6775]. For non-Link-Local addresses, the + Duplicate Address exchange MUST conform to [RFC6775], but the extended formats described in this specification for the DAR and the DAC are used to relay the extended information in the case of an EARO. + An ND message from the 6BBR over the Backbone Link that is proxied on + behalf of a Registered Node MUST carry the most recent EARO option + seen for that node. A NS/NA with an EARO and a NS/NA without a EARO + thus represent different nodes; this is considered as an address + duplication and the first owner wins. If the first owner is the + registration (i.e. with an NS(EARO)) then the 6BBR defends the + address over the Backbone Link as prescribed by [RFC4862]. If the + first owner is a node over the Backbone Link (no ARO), then the 6BBR + rejects the proxy-registration with a Status of "Duplicate Address". + 4.7. Maintaining the Registration States This section discusses protocol actions that involve the Registering Node, the 6LR and the 6LBR. It must be noted that the portion that deals with a 6LBR only applies to those addresses that are registered to it; as discussed in Section 4.6, this is not the case for Link- Local addresses. The registration state includes all data that is stored in the router relative to that registration, in particular, but not limited to, an NCE in a 6LR. 6LBRs and 6BBRs may store additional registration information in more complex data structures and use protocols that are out of scope of this document to keep them synchronized when they are distributed. - When its Neighbor Cache is full, a 6LR cannot accept a new - registration. In that situation, the EARO is returned in a NA - message with a Status of 2, and the Registering Node may attempt to - register to another 6LR. + When its resource available for Neighbor Cache Entries are exhausted, + a 6LR cannot accept a new registration. In that situation, the EARO + is returned in a NA message with a Status Code of "Neighbor Cache + Full", and the Registering Node may attempt to register to another + 6LR. If the registry in the 6LBR is saturated, then the LBR cannot decide whether a new address is a duplicate. In that case, the 6LBR replies - to a EDAR message with a EDAC message that carries a new Status Code + to a EDAR message with an EDAC message that carries a new Status Code indicating "6LBR Registry saturated" Table 1. Note: this code is - used by 6LBRs instead of Status 2 when responding to a Duplicate - Address message exchange and passed on to the Registering Node by the - 6LR. There is no point for the node to retry this registration - immediately via another 6LR, since the problem is global to the - network. The node may either abandon that address, de-register other - addresses first to make room, or keep the address in TENTATIVE state - and retry later. + used by 6LBRs instead of "Neighbor Cache Full" when responding to a + Duplicate Address message exchange and is passed on to the + Registering Node by the 6LR. There is no point for the node to retry + this registration immediately via another 6LR, since the problem is + global to the network. The node may either abandon that address, de- + register other addresses first to make room, or keep the address in + TENTATIVE state and retry later. A node renews an existing registration by sending a new NS(EARO) message for the Registered Address. In order to refresh the registration state in the 6LBR, the registration MUST be reported to the 6LBR. A node that ceases to use an address SHOULD attempt to de-register that address from all the 6LRs to which it has registered the address, which is achieved using an NS(EARO) message with a Registration Lifetime of 0. A node that moves away from a particular 6LR SHOULD attempt to de- register all of its addresses registered to that 6LR and register to a new 6LR with an incremented TID. When/if the node shows up - elsewhere, an asynchronous NA(EARO) or EDAC message with a status of - 3 "Moved" SHOULD be used to clean up the state in the previous + elsewhere, an asynchronous NA(EARO) or EDAC message with a Status + Code of "Moved" SHOULD be used to clean up the state in the previous location. For instance, as described in [I-D.ietf-6lo-backbone-router], the "Moved" status can be used by a - 6BBR in a NA(EARO) message to indicate that the ownership of the + 6BBR in an NA(EARO) message to indicate that the ownership of the proxy state on the Backbone Link was transferred to another 6BBR, as - the consequence of a movement of the device. The receiver of the - message SHOULD propagate the status down the chain towards the - Registered node (e.g. reversing an existing RPL [RFC6550] path) and - then clean up its state. + the consequence of a movement of the device. If the receiver of the + message has a state corresponding to the related address, it SHOULD + propagate the status down the forwarding path to the Registered node + (e.g. reversing an existing RPL [RFC6550] path as prescribed in + [I-D.ietf-roll-efficient-npdao]) and whether it could or not do so, + the receiver MUST clean up the said state. - Upon receiving a NS(EARO) message with a Registration Lifetime of 0 + Upon receiving an NS(EARO) message with a Registration Lifetime of 0 and determining that this EARO is the freshest for a given NCE (see Section 4.2), a 6LR cleans up its NCE. If the address was registered to the 6LBR, then the 6LR MUST report to the 6LBR, through a Duplicate Address exchange with the 6LBR, indicating the null Registration Lifetime and the latest TID that this 6LR is aware of. Upon receiving the Extended DAR message, the 6LBR evaluates if this is the most recent TID it has received for that particular registry entry. If so, then the entry is scheduled to be removed, and the - EDAR is answered with a EDAC message bearing a Status of 0 - ("Success"). Otherwise, a Status 3 ("Moved") is returned instead, - and the existing entry is maintained. + EDAR is answered with an EDAC message bearing a Status of "Success". + Otherwise, a Status Code of "Moved" is returned instead, and the + existing entry is maintained. When an address is scheduled to be removed, the 6LBR SHOULD keep its entry in a DELAY state for a configurable period of time, so as to protect a mobile node that de-registered from one 6LR and did not register yet to a new one, or the new registration did not reach yet the 6LBR due to propagation delays in the network. Once the DELAY time is passed, the 6LBR silently removes its entry. 5. Detecting Enhanced ARO Capability Support @@ -628,21 +649,21 @@ Advertisement (NA) messages. 6. Extended ND Options And Messages This specification does not introduce new options, but it modifies existing ones and updates the associated behaviors as specified in the following subsections. 6.1. Enhanced Address Registration Option (EARO) - The Address Registration Option (ARO) is defined in section 4.1. of + The Address Registration Option (ARO) is defined in section 4.1 of [RFC6775]. The Enhanced Address Registration Option (EARO) updates the ARO option within Neighbor Discovery NS and NA messages between a 6LN and its 6LR. On the other hand, the Extended Duplicate Address messages, EDAR and EDAC, replace the DAR and DAC messages so as to transport the new information between 6LRs and 6LBRs across LLN meshes such as 6TiSCH networks. An NS message with an EARO option is a registration if and only if it @@ -656,21 +677,21 @@ the Target Address field of the NS and NA messages. The EARO extends the ARO and is indicated by the "T" flag set. The format of the EARO option is as follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length = 2 | Status | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | Reserved |T| TID | Registration Lifetime | + | Reserved |R|T| TID | Registration Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + Registration Unique ID (EUI-64 or equivalent) + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: EARO Option Fields @@ -709,39 +730,45 @@ | | removed, for instance due to a movement of the device. | | | | | 6 | Duplicate Source Address: The address used as source of | | | the NS(ARO) conflicts with an existing registration. | | | | | 7 | Invalid Source Address: The address used as source of the | | | NS(ARO) is not a Link-Local address as prescribed by this | | | document. | | | | | 8 | Registered Address topologically incorrect: The address | - | | being registered is not usable on this link, e.g. it is | + | | being registered is not usable on this link, e.g., it is | | | not topologically correct | | | | | 9 | 6LBR Registry saturated: A new registration cannot be | | | accepted because the 6LBR Registry is saturated. Note: | | | this code is used by 6LBRs instead of Status 2 when | - | | responding to a Duplicate Address message exchange and | + | | responding to a Duplicate Address message exchange and is | | | passed on to the Registering Node by the 6LR. | | | | | 10 | Validation Failed: The proof of ownership of the | | | registered address is not correct. | +-------+-----------------------------------------------------------+ Table 1: EARO Status Reserved: This field is unused. It MUST be initialized to zero by the sender and MUST be ignored by the receiver. + R: If the 'R' flag is set, the registering node expects + that the 6LR ensures reachability for the registered + address, e.g. by injecting the address in a route- + over routing protocol or proxying ND over a Backbone + Link. T: One bit flag. Set if the next octet is used as a TID. + TID: 1-byte integer; a transaction id that is maintained by the node and incremented with each transaction. The node SHOULD maintain the TID in a persistent storage. Registration Lifetime: 16-bit integer; expressed in minutes. 0 means that the registration has ended and the associated state should be removed. Registration Unique IDentifier (RUID): A globally unique identifier for the node associated. This can be the EUI-64 derived IID of an interface, or some provable ID @@ -838,159 +863,159 @@ If the Registering Node receives a 6CIO in a Router Advertisement message, then the setting of the "E" Flag indicates whether or not this specification is supported. 7.1.2. Using the "T" Flag in the EARO One alternate way for a 6LN to discover the router's capabilities is to start by registering a Link Local address, placing the same address in the Source and Target Address fields of the NS message, and setting the "T" Flag. The node may for instance register an - address that is based on EUI-64. For such an address, DAD is not + address that is based on an EUI-64. For such an address, DAD is not required and using the SLLAO option in the NS is actually more consistent with existing ND specifications such as the "Optimistic Duplicate Address Detection (ODAD) for IPv6" [RFC4429]. Once its first registration is complete, the node knows from the setting of the "T" Flag in the response whether the router supports this specification. If support is verified, the node may register other addresses that it owns, or proxy-register addresses on behalf - some another node, indicating those addresses being registered in the - Target Address field of the NS messages, while using one of its own - previously registered addresses as source. + of some another node, indicating those addresses being registered in + the Target Address field of the NS messages, while using one of its + own previously registered addresses as source. A node that supports this specification MUST always use an EARO as a replacement to an ARO in its registration to a router. This is harmless since the "T" flag and TID field are reserved in [RFC6775], - and are ignored by a RFC6775-only router. A router that supports + and are ignored by an RFC6775-only router. A router that supports this specification answers an ARO with an ARO and answers an EARO with an EARO. This specification changes the behavior of the peers in a registration flow. To enable backward compatibility, a 6LN that registers to a 6LR that is not known to support this specification MUST behave in a manner that is compatible with [RFC6775]. A 6LN can achieve that by sending a NS(EARO) message with a Link-Local Address used as both Source and Target Address, as described in Section 4.6. Once the 6LR is known to support this specification, the 6LN MUST obey this specification. 7.2. RFC6775-only 6LoWPAN Node - A RFC6775-only 6LN will use the Registered Address as source and will - not use an EARO option. An updated 6LR MUST accept that registration - if it is valid per [RFC6775], and it MUST manage the binding cache - accordingly. The updated 6LR MUST then use the RFC6775-only - Duplicate Address messages as specified in [RFC6775] to indicate to - the 6LBR that the TID is not present in the messages. + an RFC6775-only 6LN will use the Registered Address as source and + will not use an EARO option. An updated 6LR MUST accept that + registration if it is valid per [RFC6775], and it MUST manage the + binding cache accordingly. The updated 6LR MUST then use the + RFC6775-only Duplicate Address messages as specified in [RFC6775] to + indicate to the 6LBR that the TID is not present in the messages. - The main difference with [RFC6775] is that Duplicate Address exchange - for DAD is avoided for Link-Local addresses. In any case, the 6LR - SHOULD use an EARO in the reply, and may use any of the Status codes - defined in this specification. + The main difference from [RFC6775] is that the Duplicate Address + exchange for DAD is avoided for Link-Local addresses. In any case, + the 6LR SHOULD use an EARO in the reply, and can use any of the + Status codes defined in this specification. 7.3. RFC6775-only 6LoWPAN Router The first registration by an updated 6LN MUST be for a Link-Local - address, using that Link-Local address as source. A RFC6775-only 6LR - will not make a difference and treat that registration as if the 6LN - was a RFC6775-only node. + address, using that Link-Local address as source. an RFC6775-only 6LR + will treat that registration as if the 6LN was an RFC6775-only node. An updated 6LN will always use an EARO option in the registration NS - message, whereas a RFC6775-only 6LR will always reply with an ARO + message, whereas an RFC6775-only 6LR will always reply with an ARO option in the NA message. From that first registration, the updated 6LN can determine whether or not the 6LR supports this specification. - After detecting a RFC6775-only 6LR, an updated 6LN SHOULD attempt to + After detecting an RFC6775-only 6LR, an updated 6LN SHOULD attempt to find an alternate 6LR that is updated for a reasonable time that depends on the type of device and the expected deployment. An updated 6LN SHOULD use an EARO in the request regardless of the type of 6LR, RFC6775-only or updated, which implies that the "T" flag is set. - If an updated 6LN moves from an updated 6LR to a RFC6775-only 6LR, - the RFC6775-only 6LR will send a RFC6775-only DAR message, which can + If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR, + the RFC6775-only 6LR will send an RFC6775-only DAR message, which can not be compared with an updated one for freshness. Allowing RFC6775-only DAR messages to replace a state established by the updated protocol in the 6LBR would be an attack vector and that cannot be the default behavior. But if RFC6775-only and updated 6LRs coexist temporarily in a network, then it makes sense for an administrator to install a policy that allows so, and the capability to install such a policy should be configurable in a 6LBR though it is out of scope for this document. 7.4. RFC6775-only 6LoWPAN Border Router With this specification, the Duplicate Address messages are extended to transport the EARO information. Similarly to the NS/NA exchange, updated 6LBR devices always use the Extended Duplicate Address messages and all the associated behavior so they can always be differentiated from RFC6775-only ones. - Note that a RFC6775-only 6LBR will accept and process an EDAR message - as if it was a RFC6775-only DAR, so the support of DAD is preserved. + Note that an RFC6775-only 6LBR will accept and process an EDAR + message as if it were an RFC6775-only DAR, so the support of DAD is + preserved. 8. Security Considerations This specification extends [RFC6775], and the security section of that standard also applies to this as well. In particular, it is expected that the link layer is sufficiently protected to prevent a rogue access, either by means of physical or IP security on the Backbone Link and link layer cryptography on the LLN. This specification also expects that the LLN MAC provides secure - unicast to/from the Backbone Router and secure Broadcast from the - Backbone Router in a way that prevents tampering with or replaying - the RA messages. + unicast to/from the Backbone Router and secure Broadcast or Multicast + from the Backbone Router in a way that prevents tampering with or + replaying the RA messages. This specification recommends using privacy techniques (see Section 9), and protection against address theft such as provided by "Address Protected Neighbor Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the Registered Address using a cryptographic RUID. The registration mechanism may be used by a rogue node to attack the 6LR or the 6LBR with a Denial-of-Service attack against the registry. It may also happen that the registry of a 6LR or a 6LBR is saturated - and cannot take any more registration, which effectively denies the + and cannot take any more registrations, which effectively denies the requesting node the capability to use a new address. In order to alleviate those concerns, Section 4.7 provides a number of recommendations that ensure that a stale registration is removed as soon as possible from the 6LR and 6LBR. In particular, this specification recommends that: o A node that ceases to use an address SHOULD attempt to de-register that address from all the 6LRs to which it is registered. See Section 4.2 for the mechanism to avoid replay attacks and avoiding the use of stale registration information. o The Registration lifetimes SHOULD be individually configurable for each address or group of addresses. The nodes SHOULD be configured with a Registration Lifetime that reflects their expectation of how long they will use the address with the 6LR to which it is registered. In particular, use cases that involve mobility or rapid address changes SHOULD use lifetimes that are larger yet of a same order as the duration of the expectation of presence. o The router (6LR or 6LBR) SHOULD be configurable so as to limit the - number of addresses that can be registered by a single node, as - identified at least by MAC address and preferably by security - credentials. When that maximum is reached, the router should use - a Least-Recently-Used (LRU) algorithm to clean up the addresses, - keeping at least one Link-Local address. The router SHOULD - attempt to keep one or more stable addresses if stability can be - determined, e.g. from the way the IID is formed or because they - are used over a much longer time span than other (privacy, - shorter-lived) addresses. Address lifetimes SHOULD be - individually configurable. + number of addresses that can be registered by a single node, but + as a protective measure only. A node may be identified by MAC + address, but a stringer identification (e.g., by security + credentials) is RECOMMENDED. When that maximum is reached, the + router should use a Least-Recently-Used (LRU) algorithm to clean + up the addresses, keeping at least one Link-Local address. The + router SHOULD attempt to keep one or more stable addresses if + stability can be determined, e.g., because they are used over a + much longer time span than other (privacy, shorter-lived) + addresses. Address lifetimes SHOULD be individually configurable. o In order to avoid denial of registration for the lack of resources, administrators should take great care to deploy adequate numbers of 6LRs to cover the needs of the nodes in their range, so as to avoid a situation of starving nodes. It is expected that the 6LBR that serves a LLN is a more capable node then the average 6LR, but in a network condition where it may become saturated, a particular deployment should distribute the 6LBR functionality, for instance by leveraging a high speed Backbone Link and Backbone Routers to aggregate multiple LLNs into a larger subnet. @@ -999,44 +1024,46 @@ trust model must be put in place to ensure that the right devices are acting in these roles, so as to avoid threats such as black-holing, or bombing attack whereby an impersonated 6LBR would destroy state in the network by using the "Removed" Status code. This trust model could be at a minimum based on a Layer-2 access control, or could provide role validation as well (see Req5.1 in Appendix B.5). 9. Privacy Considerations As indicated in Section 3, this protocol does not aim at limiting the - number of IPv6 addresses that a device can form. A host should be - able to form and register any address that is topologically correct - in the subnet(s) advertised by the 6LR/6LBR. + number of IPv6 addresses that a device can form and if placed, a + limit should be a protective measure only, that is high enough not to + interfere with the normal behavior of devices in the network. A host + should be able to form and register any address that is topologically + correct in the subnet(s) advertised by the 6LR/6LBR. This specification does not mandate any particular way for forming IPv6 addresses, but it discourages using EUI-64 for forming the Interface ID in the Link-Local address because this method prevents the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971] and "Cryptographically Generated Addresses (CGA)" [RFC3972], and that of address privacy techniques. "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" [RFC8065] explains why privacy is important and how to form privacy- aware addresses. All implementations and deployment must consider the option of privacy addresses in their own environment. The IPv6 address of the 6LN in the IPv6 header can be compressed statelessly when the Interface Identifier in the IPv6 address can be derived from the Lower Layer address. When it is not critical to benefit from that compression, e.g. the address can be compressed statefully, or it is rarely used and/or it is used only over one hop, then privacy concerns should be considered. In particular, new implementations should follow the IETF "Recommendation on Stable IPv6 - Interface Identifiers" [RFC8064] This RFC recommends the use of "A + Interface Identifiers" [RFC8064] [RFC8064] recommends the use of "A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for generating Interface Identifiers to be used in SLAAC. 10. IANA Considerations Note to RFC Editor: please replace "This RFC" throughout this document by the RFC number for this specification once it is attributed. @@ -1218,26 +1245,26 @@ 6man-efficient-nd-07 (work in progress), February 2015. [I-D.delcarpio-6lo-wlanah] Vega, L., Robles, I., and R. Morabito, "IPv6 over 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in progress), October 2015. [I-D.ietf-6lo-ap-nd] Thubert, P., Sarikaya, B., and M. Sethi, "Address Protected Neighbor Discovery for Low-power and Lossy - Networks", draft-ietf-6lo-ap-nd-05 (work in progress), - January 2018. + Networks", draft-ietf-6lo-ap-nd-06 (work in progress), + February 2018. [I-D.ietf-6lo-backbone-router] Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- - backbone-router-05 (work in progress), January 2018. + backbone-router-06 (work in progress), February 2018. [I-D.ietf-6lo-nfc] Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, "Transmission of IPv6 Packets over Near Field Communication", draft-ietf-6lo-nfc-09 (work in progress), January 2018. [I-D.ietf-6tisch-architecture] Thubert, P., "An Architecture for IPv6 over the TSCH mode of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work @@ -1247,40 +1274,45 @@ Thaler, D. and C. Huitema, "Multi-link Subnet Support in IPv6", draft-ietf-ipv6-multilink-subnets-00 (work in progress), July 2002. [I-D.ietf-mboned-ieee802-mcast-problems] Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. Zuniga, "Multicast Considerations over IEEE 802 Wireless Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work in progress), February 2018. + [I-D.ietf-roll-efficient-npdao] + Jadhav, R., Sahoo, R., and Z. Cao, "No-Path DAO + modifications", draft-ietf-roll-efficient-npdao-01 (work + in progress), October 2017. + [I-D.perkins-intarea-multicast-ieee802] Perkins, C., Stanley, D., Kumari, W., and J. Zuniga, "Multicast Considerations over IEEE 802 Wireless Media", draft-perkins-intarea-multicast-ieee802-03 (work in progress), July 2017. [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] Popa, D. and J. Hui, "6LoPLC: Transmission of IPv6 Packets over IEEE 1901.2 Narrowband Powerline Communication Networks", draft-popa-6lo-6loplc-ipv6-over- ieee19012-networks-00 (work in progress), March 2014. [I-D.struik-lwip-curve-representations] Struik, R., "Alternative Elliptic Curve Representations", draft-struik-lwip-curve-representations-00 (work in progress), October 2017. - [RFC1558] Howes, T., "A String Representation of LDAP Search - Filters", RFC 1558, DOI 10.17487/RFC1558, December 1993, - . + [RFC1958] Carpenter, B., Ed., "Architectural Principles of the + Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996, + . [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, DOI 10.17487/RFC1982, August 1996, . [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 2003, . [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener @@ -1391,27 +1423,27 @@ [Perlman83] Perlman, R., "Fault-Tolerant Broadcast of Routing Information", North-Holland Computer Networks 7: 395-405, 1983, . Appendix A. Applicability and Requirements Served This specification extends 6LoWPAN ND to provide a sequence number to - the registration and serves the requirements expressed Appendix B.1 - by enabling the mobility of devices from one LLN to the next based on - the complementary work in the "IPv6 Backbone Router" + the registration and serves the requirements expressed in + Appendix B.1 by enabling the mobility of devices from one LLN to the + next based on the complementary work in the "IPv6 Backbone Router" [I-D.ietf-6lo-backbone-router] specification. - In the context of the the TimeSlotted Channel Hopping (TSCH) mode of - IEEE Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" + In the context of the TimeSlotted Channel Hopping (TSCH) mode of IEEE + Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" [I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could connect to the Internet via a RPL mesh Network, but this requires additions to the 6LoWPAN ND protocol to support mobility and reachability in a secured and manageable environment. This specification details the new operations that are required to implement the 6TiSCH architecture and serves the requirements listed in Appendix B.2. The term LLN is used loosely in this specification to cover multiple types of WLANs and WPANs, including Low-Power Wi-Fi, BLUETOOTH(R) Low @@ -1437,72 +1469,68 @@ packets is not sufficiently efficient in terms of delivery ratio or energy consumption in the end devices, in particular to enable energy-constrained sleeping nodes. The value of such extension is especially apparent in the case of mobile wireless nodes, to reduce the multicast operations that are related to IPv6 ND ([RFC4861], [RFC4862]) and affect the operation of the wireless medium [I-D.ietf-mboned-ieee802-mcast-problems] [I-D.perkins-intarea-multicast-ieee802]. This serves the scalability requirements listed in Appendix B.6. - Finally Appendix B.8 provides a matching of requirements with the - specifications that serves them. - Appendix B. Requirements This section lists requirements that were discussed at 6lo for an - update to 6LoWPAN ND. This specification meets most of them, but - those listed in Appendix B.5 which are deferred to a different - specification such as [I-D.ietf-6lo-ap-nd], and those related to - multicast. + update to 6LoWPAN ND. How those requirements are matched with + existing specifications at the time of this writing is shown in + Appendix B.8 . B.1. Requirements Related to Mobility Due to the unstable nature of LLN links, even in a LLN of immobile nodes a 6LN may change its point of attachment to a 6LR, say 6LR-a, and may not be able to notify 6LR-a. Consequently, 6LR-a may still attract traffic that it cannot deliver any more. When links to a 6LR change state, there is thus a need to identify stale states in a 6LR and restore reachability in a timely fashion. Req1.1: Upon a change of point of attachment, connectivity via a new 6LR MUST be restored in a timely fashion without the need to de- register from the previous 6LR. - Req1.2: For that purpose, the protocol MUST enable to differentiate + Req1.2: For that purpose, the protocol MUST enable differentiating between multiple registrations from one 6LoWPAN Node and registrations from different 6LoWPAN Nodes claiming the same address. Req1.3: Stale states MUST be cleaned up in 6LRs. - Req1.4: A 6LoWPAN Node SHOULD also be capable to register its Address + Req1.4: A 6LoWPAN Node SHOULD also be able to register its Address concurrently to multiple 6LRs. B.2. Requirements Related to Routing Protocols The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 routing in a LLN can be based on RPL, which is the routing protocol that was defined at the IETF for this particular purpose. Other - routing protocols than RPL are also considered by Standard Defining + routing protocols are also considered by Standard Development Organizations (SDO) on the basis of the expected network characteristics. It is required that a 6LoWPAN Node attached via ND to a 6LR would need to participate in the selected routing protocol to obtain reachability via the 6LR. Next to the 6LBR unicast address registered by ND, other addresses including multicast addresses are needed as well. For example a routing protocol often uses a multicast address to register changes to established paths. ND needs to register such a multicast address to enable routing concurrently with discovery. Multicast is needed for groups. Groups may be formed by device type - (e.g. routers, street lamps), location (Geography, RPL sub-tree), or + (e.g., routers, street lamps), location (Geography, RPL sub-tree), or both. The Bit Index Explicit Replication (BIER) Architecture [RFC8279] proposes an optimized technique to enable multicast in a LLN with a very limited requirement for routing state in the nodes. Related requirements are: Req2.1: The ND registration method SHOULD be extended so that the 6LR is able to advertise the Address of a 6LoWPAN Node over the selected @@ -1518,21 +1546,21 @@ Req2.3: Multicast operations SHOULD be supported and optimized, for instance using BIER or MPL. Whether ND is appropriate for the registration to the 6BBR is to be defined, considering the additional burden of supporting the Multicast Listener Discovery Version 2 [RFC3810] (MLDv2) for IPv6. B.3. Requirements Related to the Variety of Low-Power Link types 6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4 and in particular the capability to derive a unique Identifier from a - globally unique MAC-64 address. At this point, the 6lo Working Group + globally unique EUI-64 address. At this point, the 6lo Working Group is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique to other link types ITU-T G.9959 [RFC7428], Master-Slave/Token- Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah [I-D.delcarpio-6lo-wlanah], as well as IEEE1901.2 Narrowband Powerline Communication Networks [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] and BLUETOOTH(R) Low Energy [RFC7668]. Related requirements are: @@ -1543,21 +1571,21 @@ Low-Power Wi-Fi. Req3.2: As part of this extension, a mechanism to compute a unique Identifier should be provided, with the capability to form a Link- Local Address that SHOULD be unique at least within the LLN connected to a 6LBR discovered by ND in each node within the LLN. Req3.3: The Address Registration Option used in the ND registration SHOULD be extended to carry the relevant forms of unique Identifier. - Req3.4: The Neighbour Discovery should specify the formation of a + Req3.4: The Neighbor Discovery should specify the formation of a site-local address that follows the security recommendations from [RFC7217]. B.4. Requirements Related to Proxy Operations Duty-cycled devices may not be able to answer themselves to a lookup from a node that uses IPv6 ND on a Backbone Link and may need a proxy. Additionally, the duty-cycled device may need to rely on the 6LBR to perform registration to the 6BBR. @@ -1583,27 +1611,28 @@ In order to guarantee the operations of the 6LoWPAN ND flows, the spoofing of the 6LR, 6LBR and 6BBRs roles should be avoided. Once a node successfully registers an address, 6LoWPAN ND should provide energy-efficient means for the 6LBR to protect that ownership even when the node that registered the address is sleeping. In particular, the 6LR and the 6LBR then should be able to verify whether a subsequent registration for a given address comes from the original node. - In a LLN it makes sense to base security on layer-2 security. During - bootstrap of the LLN, nodes join the network after authorization by a - Joining Assistant (JA) or a Commissioning Tool (CT). After joining - nodes communicate with each other via secured links. The keys for - the layer-2 security are distributed by the JA/CT. The JA/CT can be - part of the LLN or be outside the LLN. In both cases it is needed - that packets are routed between JA/CT and the joining node. + In an LLN it makes sense to base security on layer-2 security. + During bootstrap of the LLN, nodes join the network after + authorization by a Joining Assistant (JA) or a Commissioning Tool + (CT). After joining nodes communicate with each other via secured + links. The keys for the layer-2 security are distributed by the JA/ + CT. The JA/CT can be part of the LLN or be outside the LLN. In both + cases it is needed that packets are routed between JA/CT and the + joining node. Related requirements are: Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for the 6LR, 6LBR and 6BBR to authenticate and authorize one another for their respective roles, as well as with the 6LoWPAN Node for the role of 6LR. Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for the 6LR and the 6LBR to validate new registration of authorized @@ -1632,41 +1661,41 @@ for multiple types of applications with various degrees of criticality. Req5.8: Routing of packets should continue when links pass from the unsecured to the secured state. Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for the 6LR and the 6LBR to validate whether a new registration for a given address corresponds to the same 6LoWPAN Node that registered it initially, and, if not, determine the rightful owner, and deny or - clean-up the registration that is duplicate. + clean up the registration that is duplicate. B.6. Requirements Related to Scalability Use cases from Automatic Meter Reading (AMR, collection tree operations) and Advanced Metering Infrastructure (AMI, bi-directional communication to the meters) indicate the needs for a large number of - LLN nodes pertaining to a single RPL DODAG (e.g. 5000) and connected - to the 6LBR over a large number of LLN hops (e.g. 15). + LLN nodes pertaining to a single RPL DODAG (e.g., 5000) and connected + to the 6LBR over a large number of LLN hops (e.g., 15). Related requirements are: Req6.1: The registration mechanism SHOULD enable a single 6LBR to register multiple thousands of devices. Req6.2: The timing of the registration operation should allow for a large latency such as found in LLNs with ten and more hops. B.7. Requirements Related to Operations and Management - Section 3.8 of "Architectural Principles of the Internet" [RFC1558] + Section 3.8 of "Architectural Principles of the Internet" [RFC1958] recommends to : "avoid options and parameters whenever possible. Any options and parameters should be configured or negotiated dynamically rather than manually". This is especially true in LLNs where the number of devices may be large and manual configuration is infeasible. Capabilities for a dynamic configuration of LLN devices can also be constrained by the network and power limitation. A Network Administrator should be able to validate that the network is operating within capacity, and that in particular a 6LBR does not get overloaded with an excessive amount of registration, so he can @@ -1756,45 +1785,49 @@ | | | | Req7.3 | | | | | | Req7.4 | | +-------------+-----------------------------------------+ Table 7: Work Addressing requirements Appendix C. Subset of a 6LoWPAN Glossary - This document often uses the followng acronyms: + This document often uses the following acronyms: 6BBR: 6LoWPAN Backbone Router (proxy for the registration) 6LBR: 6LoWPAN Border Router (authoritative on DAD) 6LN: 6LoWPAN Node 6LR: 6LoWPAN Router (relay to the registration process) 6CIO: Capability Indication Option (E)ARO: (Extended) Address Registration Option DAD: Duplicate Address Detection LLN: Low Power Lossy Network (a typical IoT network) + NA: Neighbor Advertisement NCE: Neighbor Cache Entry + ND: Neighbor Discovery + NDP: Neighbor Discovery Protocol + NS: Neighbor Solicitation RUID: Registration Unique ID TSCH: TimeSlotted Channel Hopping TID: Transaction ID (a sequence counter in the EARO) Authors' Addresses - Pascal Thubert (editor) Cisco Systems, Inc Building D (Regus) 45 Allee des Ormes Mougins - Sophia Antipolis France Phone: +33 4 97 23 26 34 Email: pthubert@cisco.com + Erik Nordmark Zededa Santa Clara, CA United States of America Email: nordmark@sonic.net Samita Chakrabarti Verizon San Jose, CA