]> Cisco Systems, Inc

Building D 45 Allee des Ormes - BP1200 MOUGINS - Sophia Antipolis 06254 FRANCE +33 497 23 26 34 pthubert@cisco.com

Futurewei

2330 Central Expressway Santa Clara 95050 United States of America charliep@computer.org

Internet 6lo Backbone Routers running IPv6 Neighbor Discovery can manage multiple wireless links to form a large MultiLink Subnet, but it is more efficient if IPv6 Neighbor Discovery packets are not broadcast over the wireless links. This specification specifies proxy operations for IPv6 Neighbor Discovery on behalf of devices located on broadcast-inefficient wireless networks. Backbone Routers placed along the wireless edge of the backbone handle IPv6 Neighbor Discovery, and route packets on behalf of registered nodes. Wireless nodes register, or are registered by proxy, to a Backbone Router to establish proxy services in a fashion similar to layer-2 association.

IEEE STD. 802.1 Ethernet Bridging provides an efficient and reliable broadcast service; applications and protocols have been built that heavily depend on that feature for their core operation. Unfortunately, many wireless networks do not economically provide the broadcast capabilities of Ethernet Bridging; protocols designed for bridged networks that rely on broadcast often exhibit disappointing behaviours when applied unmodified to a wireless medium (see ). WiFi Access Points (APs) deployed in an Extended Service Set (ESS) act as bridges. In order to ensure a solid connectivity to the devices and protect the medium against harmful broadcasts, they refrain from relying on broadcast-intensive protocols such as Transparent Bridging on the wireless side. Instead, an association process is used to register the MAC addresses of the wireless device (STA) to the AP. The APs subsequently proxy the bridging operation and eliminate the broadcasts. The IPv6 Neighbor Discovery Protocol (IPv6 ND) operations are reactive and rely heavily on multicast transmissions to locate an on-link correspondent and ensure address uniqueness. Duplicate Address Detection (DAD) mechanism was designed as a natural match with the efficient broadcast operation of Ethernet Bridging. However, since broadcast can be unreliable over wireless media, DAD often fails to discover duplications . DAD usually appears to work on wireless media, not because address duplication is detected and solved as designed, but because the use of 64-bit Interface IDs makes duplication into a very rare event. IPv6 multicast messages are typically broadcast over the wireless medium. They are processed by most if not all wireless nodes over the ESS fabric even when very few if any of them are subscribed to the multicast address. A simple Neighbor Solicitation (NS) , that is supposedly targeted to a small group of nodes, can congest the wireless bandwidth . The IPv6 ND operation leads to undesirable power consumption in battery-operated devices. These problems suggest restricting IPv6 ND broadcasts over wireless access links, which can be done by dividing up the subnet. Another way is to take over (proxy) the Layer-3 protocols that rely on broadcast operation at the boundary of the wired and wireless domains, emulating the Layer-2 association at layer-3. For instance, IEEE 802.11 specifies ARP and ND proxy services at the Access Points (APs). Current devices rely on snooping for detecting association state, which is failure-prone in lossy and mobile conditions. With snooping, a state (e.g. a new IPv6 address) may not be discovered, or a change of state (e.g. a movement) may be missed, leading to unreliable connectivity. WPAN devices (i.e., those implementing IEEE STD. 802.15.4 ) can make use of Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs) which treats the wireless medium as different from Ethernet. RFC 6775 is updated as ; the update includes changes that are required by this document. DHCPv6 is still a viable option in Low power and Lossy Network (LLN) to assign IPv6 global addresses. However, the IETF standard that supports address assignment specifically for LLNs is 6LoWPAN ND , which is a mix of IPv6 stateless autoconfiguration mechanism (SLAAC) and a new registration process for ND. This specification introduces a Layer-3 association process based on 6LoWPAN ND that maintains a proxy state in the 6BBR to keep the LLN nodes reachable and protect their addresses through sleeping periods. A number of use cases, including the Industrial Internet, require a large scale deployment of monitoring sensors that can only be realized in a cost-effective fashion with wireless technologies. Mesh networks are deployed when simpler hub-and-spoke topologies are insufficient for the expected size, throughput, and density. Meshes imply the routing of packets, operated at either Layer-2 or Layer-3. For routing over a mesh at Layer-3, the IETF has designed the IPv6 Routing Protocol over LLN (RPL) . 6LoWPAN ND was designed as a stand-alone mechanism separately from RPL, and the interaction between the 2 protocols was not defined. This specification details how periodic updates from RPL can be used by the RPL root to renew the association of the RPL node to the 6BBR on its behalf so as to maintain the proxy operation active for that node. This document suggests a limited evolution to so as to allow operation of a 6LoWPAN ND node while a routing protocol (in first instance RPL) is present and operational. It also suggests a more generalized use of the information in the ARO option of the ND messages outside the strict LLN domain, for instance over a federating backbone.

This specification updates and generalizes 6LoWPAN ND to a broader range of Low power and Lossy Networks (LLNs) with support for Duplicate Address Detection (DAD) and address lookup that does not require broadcasts over the LLNs. The term LLN is used loosely in this specification to cover multiple types of WLANs and WPANs, including Low-Power Wi-Fi, BLUETOOTH(R) Low Energy, IEEE STD. 802.11AH and IEEE STD. 802.15.4 wireless meshes, so as to address the requirements listed in Appendix B.3 of "Requirements Related to the Variety of Low-Power Link types". For the TimeSlotted Channel Hopping (TSCH) mode of , the 6TiSCH architecture describes how a 6LoWPAN ND host could connect to the Internet via a RPL mesh Network, but doing so requires extensions to the 6LOWPAN ND protocol to support mobility and reachability in a secure and manageable environment. The extensions detailed in this document also work for the 6TiSCH architecture, serving the requirements listed in Appendix B.2 of "Requirements Related to Routing Protocols". This specification also applies to wireless links such as Low-Power IEEE STD. 802.11 (Wi-Fi) and IEEE STD. 802.15.1 (Bluetooth) . It makes use of extensions to to enable proxy operation by the 6BBR, as specified in . The BBR proxy operations eliminate the need for wireless nodes to respond synchronously when a lookup is performed for their addresses. This provides the function of a Sleep Proxy for ND . This draft establishes a Backbone that treats multiple LLNs as a single IPv6 MultiLink Subnet. Each LLN in the subnet is anchored at an IPv6 Backbone Router (6BBR). The Backbone Routers interconnect the LLNs and advertise the addresses of the 6LNs using proxy-ND operations. This specification extends IPv6 ND over the backbone to distinguish address movement from duplication and eliminate stale state in the backbone routers and backbone nodes once a 6LN has roamed. In this way, mobile nodes may roam rapidly from one 6BBR to the next and requirements in Appendix B.1 of "Requirements Related to Mobility" are met. This specification enables any 6LN to register its IPv6 addresses and thereby obtain routing services including proxy-ND operations over the backbone, providing a solution to the requirements expressed in Appendix B.4 of "Requirements Related to Proxy Operations". The Link Layer Address (LLA) that is returned as Target LLA (TLLA) in Neighbor Advertisements (NA) messages by the 6BBR on behalf of the Registered Node over the backbone may be that of the Registering Node. In that case, the 6BBR needs to bridge the unicast packets (Bridging proxy), or that of the 6BBR on the backbone, in which case the 6BBRs needs to route the unicast packets (Routing proxy). The IPv6 ND operation is minimized as the number of 6LNs grows in the LLN. This meets the requirements in Appendix B.6 of "Requirements Related to Scalability", as long has the 6BBRs are dimensioned for the number of registrations that each needs to support. In the case of Low-Power IEEE STD. 802.11, a 6BBR may be collocated with a standalone AP or a CAPWAP wireless controller. Then the wireless client (STA) makes use of this specification to register its IPv6 address(es) to the 6BBR over the wireless medium. In the case RPL, the RPL root is collocated with a 6LoWPAN Border Router (6LBR), and either collocated with or connected to the 6BBR over an IPv6 Link. The 6LBR makes use of this specification to register the 6LNs on their behalf to the 6BBR.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 . In this document, readers will encounter terms and concepts that are discussed in the following documents: "Neighbor Discovery for IP version 6", "IPv6 Stateless Address Autoconfiguration" , "Multi-Link Subnet Issues", "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals", Neighbor Discovery Optimization for Low-power and Lossy Networks, ,"Mobility Support in IPv6" , "Neighbor Discovery Proxies (ND Proxy)" "Optimistic Duplicate Address Detection" , and "Registration Extensions for 6LoWPAN Neighbor Discovery" This document also uses terminology from and , and introduces the following terminology: A 6BBR acts as a Sleeping Proxy if it answers ND Neighbor Solicitation over the backbone on behalf of the Registered Node. A Unicasting Proxy forwards NS messages to the Registering Node, transforming Layer-2 multicast into unicast. A routing proxy advertises its own MAC address as the TLLA in the proxied NAs over the backbone, as opposed to that of the node that performs the registration. A Bridging proxy advertises the MAC address of the node that performs the registration as the TLLA in the proxied NAs over the backbone. In that case, the MAC address and the mobility of 6LN is still visible across the bridged backbone fabric. The BBR that will defend a Registered Address for the purpose of DAD over the backbone. A BBR other than the Primary BBR to which an address is registered. A Secondary Router MAY advertise the address over the backbone and proxy for it.

The services specified in this document assist a 6LN to move freely from an LLN anchored at one 6BBR to an LLN anchored at another 6BBR on the same backbone and keep any or all of the IPv6 addresses that the 6LN has formed.

Each Backbone Router (6BBR) maintains a Binding Table of its Registered Nodes. The Binding Tables form a distributed database of wireless 6LNs that reside on the LLNs or on the backbone, and use an extension to IPv6 ND to exchange that information across the Backbone as described below. The Extended Address Registration Option (EARO) defined in is used in the ND exchanges over the backbone between the 6BBRs to enable the registration for routing and proxy services, as well as distinguish duplication from movement. Address duplication is detected using the ROVR field in the EARO. In case of conflicting registrations to multiple 6BBRs from the same node, the Transaction ID (TID) in the EARO enables 6BBRs to determine the latest registration for that 6LN. 6BBRs perform ND proxy operations over the backbone, on behalf of their Registered Nodes. Registration to a proxy service is done via a NS/NA(EARO) exchange. 6BBR operation resembles that of a Mobile IPv6 (MIPv6) Home Agent. This enables mobility support for 6LNs; if they move outside of the network delimited by the Backbone link, then they make use of a Home Agent. Home Agent functionality can easily be collocated with a 6BBR on the same backbone interface of a router. The Optimistic Duplicate Address Detection (ODAD) specification details how an address can be used before a Duplicate Address Detection (DAD) is complete, and mandates that an address that is TENTATIVE should not be associated to a Source Link-Layer Address Option in a Neighbor Solicitation message. This specification makes use of ODAD to create a temporary proxy state in the 6BBR until DAD is completed over the backbone. This way, the specification allows proxy state distribution across multiple 6BBR and co-existence with IPv6 ND over the backbone.

A 6BBR is a specific kind of Border Router that performs proxy Neighbor Discovery on its backbone interface on behalf of registered 6LNs on its LLN interfaces. On the backbone side, the 6BBR advertises the prefixes of the LLNs for which it serves as a proxy. Some restrictions of the attached LLNs will apply to the backbone. In particular, the MTU SHOULD be set to the same value on the backbone and all attached LLNs. The scalability of the multilink subnet requires that broadcast operations are avoided as much as possible on the backbone as well. The 6BBR uses an EARO in the NS-DAD and the multicast NA messages that it generates over the Backbone Link on behalf of a Registered Node. The 6BBR places an EARO in its unicast NA messages, if and only if the NS/NA that stimulates it had an EARO in it and the 'R' bit set. The 6BBR SHOULD use unicast or the solicited-node multicast address (SNMA) to defend its Registered Addresses in its Binding Table over the backbone. In particular, the 6BBR MUST join the SNMA group that corresponds to a Registered Address as soon as it creates an entry for that address, and maintain its SNMA membership as long as it maintains that entry. Optimistic DAD (ODAD) SHOULD be supported by the 6BBRs in their proxy activity over the backbone. A 6BBR supporting ODAD MUST join the SNMA of a Tentative address. A 6BBR in Routing Proxy mode MAY advertise the Registered IPv6 Address with the 6BBR Link Layer Address, and update Neighbor Cache Entries (NCE) in correspondent nodes over the backbone, using gratuitous NA(Override). This method may fail if the multicast message is not received, and correspondent nodes may maintain an incorrect neighbor state, which they will eventually discover through Neighbor Unreachability Detection (NUD). For slow movements, the NUD procedure defined in may time out too quickly, and the support of is recommended in all 6LNs in the network. Multicast should be avoided as much as possible even on the backbone . Although hosts can participate using legacy IPv6 ND, all 6LNs connected to the backbone SHOULD support , which also requires the support of .

6LNs on the LLN follow and do not depend on multicast RAs to discover routers. 6LNs SHOULD accept multicast RAs , but those are expected to be rare within in the LLN. Nodes SHOULD follow the Simple Procedures for Detecting Network Attachment in IPv6 (DNA procedures) to assert movements, and support Packet-Loss Resiliency for Router Solicitations to make the unicast RS more reliable. A 6LN signals that it requires IPv6 ND proxy services from a 6BBR by registering the corresponding IPv6 Address with an NS(EARO) message with the 'R' flag set. The 6LN that performs the registration (the Registering Node) may be the owner of the IPv6 Address (the Registered Node) or a 6LBR that performs the registration on its behalf.

When operating as a Routing Proxy, the BBR installs host routes (/128) to the Registered Addresses within the LLN, via the Registering Node as identified by the Source Address and the SLLA option in the NS(EARO) messages. In that case, the MAC address of the 6LN is not visible at Layer-2 over the backbone. The 6BBR installs a host route towards the Registered Node over the interface toward the 6LN, and routes unicast packets to the 6LN. The Routing Proxy 6BBR handles the ND protocol over the backbone on behalf of the Registered Nodes, using its own MAC address in the TLLA and SLLA options in proxied NS and NA messages. For each Registered Address, multiple peer Nodes on the backbone may have resolved the address with the 6BBR MAC address, maintaining that mapping in their Neighbor cache. For each Registered Address, the 6BBR SHOULD maintain a list of the peers on the backbone which have associated its MAC address with the Registered Address. If that Registered Address moves to a different 6BBR, the first 6BBR SHOULD unicast a gratuitous NA(Override) to each such peer, to supply the MAC address of the new 6BBR in the TLLA option for the Address.

A Bridging Proxy can be implemented in a Layer-3 switch, or in a wireless Access Point that acts as an IPv6 Host. In the latter case, the SLLA option in the proxied NA messages is that of the Registering Node, and the 6BBR acts as a Layer-2 bridge for unicast packets to the Registered Address. The MAC address in the S/TLLA is that of the Registering Node, which is not necessarily the Registered Node. When a 6LN moves within a LLN mesh, it may attach to a different 6LBR acting as Registering Node, and the MAC address advertised over the backbone might change. If a registration moves from one 6BBR to the next, but the Registering Node does not change, as indicated by the S/TLLA option in the ND exchanges, there is no need to update the Neighbor Caches of the peer's Nodes on the backbone. On the other hand, if the LLA changes, the 6BBR SHOULD inform all the relevant peers as described above, to update the affected Neighbor Caches. In the same fashion, if the Registering Node changes with a new registration, the 6BBR SHOULD also update the affected Neighbor Caches over the backbone.

The LLNs attached to each 6BBR are considered different Links in a multi-link subnet. The prefix that is used may still be advertised as on-link on the backbone to support legacy 6LNs. Multicast ND messages are link-scoped and not forwarded across the backbone routers. By default, a 6BBR operates as a Sleeping Proxy, as follows: Create a new entry in a Binding Table for a new Registered Address and ensure that the address is not a duplicate over the backbone Defend a Registered Address over the backbone using NA messages with the Override bit set on behalf of the sleeping 6LN Advertise a Registered Address over the backbone using NA messages, asynchronously or as a response to a Neighbor Solicitation messages. To deliver packets arriving from the LLN, use Neighbor Solicitation messages to look up the destination over the backbone. Forward packets between the LLN and the backbone. Verify liveliness when needed for a stale registration. A 6BBR may act as a Sleeping Proxy only for a Registered Address that is REACHABLE, or TENTATIVE in which case the answer is delayed. In any other state, the Sleeping Proxy operates as a Unicasting Proxy. The 6BBR does not act on ND Messages over the backbone unless they are relevant to a Registered Node on the LLN side, saving wireless interference. On the LLN side, the prefixes associated to the MultiLink Subnet are presented as not on-link, so address resolution for other hosts do not occur. As a Unicasting Proxy, the 6BBR forwards NS lookup messages to the Registering Node, transforming Layer-2 multicast into unicast. This is not possible in UNREACHABLE state, so the NS messages are multicasted, and rate-limited. Retries are possible, using an exponential back-off to protect the medium. In other states, the messages are forwarded to the Registering Node as unicast Layer-2 messages. In TENTATIVE state, the NS message is either held till DAD completes, or dropped if DAD does not complete.

A 6BBR MAY be primary or secondary. The primary is the backbone router that has the highest EUI-64 address of all the 6BBRs that share a registration for a same Registered Address, with the same ROVR and same Transaction ID, the EUI-64 address being considered as an unsigned 64bit integer. A given 6BBR can be primary for a given address and secondary for another address, regardless of whether or not the addresses belong to the same 6LN. The primary Backbone Router is in charge of protecting the address for DAD over the Backbone. Any of the Primary and Secondary 6BBR may claim the address over the backbone, since they are all capable to route from the backbone to the 6LN; the address appears on the backbone as an anycast address.

Each 6BBR maintains a Binding Table, using IPv6 ND over the backbone to detect duplication. Another document provides details about how the EARO is used between 6LRs and 6LBRs by way of DAR/DAC messages within the LLN. Addresses in a LLN that can be reachable from the backbone by way of a 6BBR MUST be registered to that 6BBR. A false positive duplicate detection may arise over the backbone, for instance if a 6LN's Registered Address is registered to more than one LBR, or if the 6LN has moved. Both situations are handled by the 6BBR transparently to the 6LN. In the former case, one LBR becomes primary to defend the address over the backbone while the others become secondary and may still forward packets. In the latter case the LBR that receives the newest registration becomes primary because of the TID. Only one 6LN may register a given Address at a particular 6BBR. However, that Registered Address may be registered to Multiple 6BBRs for higher availability. Over the LLN, Binding Table management is as follows: De-registrations (newer TID, same ROVR, null Lifetime) are accepted and acknowledged with a status of 4 (TBD); the entry is deleted; Newer registrations (newer TID, same ROVR, non-null Lifetime) are acknowledged with a status of 0 (success); the binding is updated with the new TID, the Registration Lifetime and the Registering Node; in TENTATIVE state the acknowledgement is held and may be overwritten; in other states the Registration-Lifetime timer is restarted and the entry is placed in REACHABLE state. Identical registrations (same TID, same ROVR) from a same Registering Node are acknowledged with a status of 0 (success). If they are not identical, an error SHOULD be logged. In TENTATIVE state, the response is held and may be overwritten, but it MUST be eventually produced and it carries the result of the DAD process; Older registrations (older TID, same ROVR) from a Registering Node are ignored; Identical and older registrations (not-newer TID, same ROVR) from a different Registering Node are acknowledged with a status of 3 (moved); this may be rate limited to protect the medium; Any registration for a different Registered Node (different ROVR) are acknowledged with a status of 1 (duplicate).

Upon receiving a registration for a new address with an NS(EARO) with the 'R' bit set, the 6BBR performs DAD over the backbone, placing the new address as target in the NS-DAD message. The EARO from the registration MUST be placed unchanged in the NS-DAD message, and an Neighbor Cache entry created in TENTATIVE state for a duration of TENTATIVE_DURATION. The NS-DAD message is sent multicast over the backbone to the SNMA associated with the registered address, unless that operation is known to be costly, and the 6BBR has an indication from another source (such as a Neighbor Cache entry) that the Registered Address was known on the backbone; in the latter case, an NS-DAD message may be sent as a Layer-2 unicast to the MAC Address that was associated with the Registered Address. In TENTATIVE state after EARO with 'R' bit set: The entry is removed if an NA is received over the backbone for the Registered Address with no EARO, or containing an EARO with a status of 1 (duplicate) that indicates an existing registration for another 6LN. The ROVR and TID fields in the EARO received over the backbone are ignored. A status of 1 is returned in the EARO of the NA back to the Registering Node; The entry is also removed if an NA with an ARO option with a status of 3 (moved), or a NS with an ARO option that indicates a newer registration for the same Registered Node, is received over the backbone for the Registered Address. A status of 3 is returned in the NA(EARO) back to the Registering Node; When a registration is updated but not deleted, e.g. from a newer registration, the DAD process on the backbone continues and the running timers are not restarted; Other NS (including DAD with no EARO) and NA from the backbone are not acknowledged in TENTATIVE state. To cover legacy 6LNs that do not support ODAD, the list of their origins MAY be stored and then, if the TENTATIVE_DURATION timer elapses, the 6BBR MAY send each such legacy 6LN a unicast NA. When the TENTATIVE_DURATION timer elapses, a status 0 (success) is returned in a NA(EARO) back to the Registering Node(s), and the entry goes to REACHABLE state for the Registration Lifetime. The 6BBR MUST send a multicast NA(EARO) to the SNMA associated to the Registered Address over the backbone with the Override bit set so as to take over the binding from other 6BBRs.

If a 6BBR has an entry in REACHABLE state for a Registered Address: If the 6BBR is primary, or does not support the function of primary, it MUST defend that address over the backbone upon receiving NS, either if the NS does not carry an EARO, or if an EARO is present that indicates a different Registering Node (different ROVR). The 6BBR sends a NA message with the Override bit set and the NA carries an EARO if and only if the NS-DAD did so. When present, the EARO in the NA(Override) that is sent in response to the NS(EARO) carries a status of 1 (duplicate), and the ROVR and TID fields in the EARO are obfuscated with null or random values to avoid network scanning and impersonation attacks. If the 6BBR receives an NS(EARO) for a newer registration, the 6BBR updates the entry and the routing state to forward packets to the new 6BBR, but keeps the entry REACHABLE. Afterwards, the 6BBR MAY use REDIRECT messages to reroute traffic for the Registered Address to the new 6BBR. If the 6BBR receives an NA(EARO) for a newer registration, the 6BBR removes its entry and sends a NA(EARO) with a status of 3 (MOVED) to the Registering Node, if the Registering Node is different from the Registered Node. The 6BBR cleans up existing Neighbor Cache entries in peer nodes as discussed in , by unicasting to each such peer, or one broadcast NA(Override). If the 6BBR receives a NS(LOOKUP) for a Registered Address, it answers immediately with an NA on behalf of the Registered Node, without polling it. There is no need of an EARO in that exchange. When the Registration-Lifetime timer elapses, the entry goes to STALE state for a duration of STABLE_STALE_DURATION in LLNs that keep stable addresses such as LWPANs, and UNSTABLE_STALE_DURATION in LLNs where addresses are renewed rapidly, e.g. for privacy reasons. The STALE state enables tracking of the backbone peers that have a Neighbor Cache entry pointing to this 6BBR in case the Registered Address shows up later. If the Registered Address is claimed by another 6LN on the backbone, with an NS-DAD or an NA, the 6BBR does not defend the address. In STALE state: If STALE_DURATION elapses, the 6BBR removes the entry. Upon receiving an NA(Override) the 6BBR removes its entry and sends a NA(EARO) with a status of 4 (removed) to the Registering Node. If the 6BBR receives a NS(LOOKUP) for a Registered Address, the 6BBR MUST send an NS(NUD) following rules in to the Registering Node targeting the Registered Address prior to answering. If the NUD succeeds, the operation in REACHABLE state applies. If the NUD fails, the 6BBR refrains from answering the lookup. The NUD SHOULD be used by the Registering Node to indicate liveness of the Registered Node, if they are different nodes.

This specification applies to LLNS in which the link layer is protected, either by means of physical or IP security for the Backbone Link or MAC sublayer cryptography. In particular, the LLN MAC is required to provide secure unicast to/from the Backbone Router and secure Broadcast from the Backbone Router in a way that prevents tampering with or replaying the RA messages. The use of EUI-64 for forming the Interface ID in the link local address prevents the usage of Secure ND ( and ) and address privacy techniques. Additional protection against address theft is provided by , which guarantees the ownership of the ROVR. When the ownership of the ROVR cannot be assessed, this specification limits the cases where the ROVR and the TID are multicasted, and obfuscates them in responses to attempts to take over an address.

This Specification uses the following constants: 800 milliseconds 24 hours 5 minutes 3 times

This document has no request to IANA.

Future documents may extend this specification by allowing the 6BBR to redistribute host routes in routing protocols that would operate over the backbone, or in MIPv6, or FMIP, or the Locator/ID Separation Protocol (LISP) to support mobility on behalf of the 6LNs, etc...

Kudos to Eric Levy-Abegnoli who designed the First Hop Security infrastructure at Cisco.

&RFC2119; &RFC4291; &RFC4429; &RFC4861; &RFC4862; &RFC6059; &RFC6775; &RFC8200; &RFC3971; &RFC3972; &RFC4389; &RFC4903; &RFC4919; &RFC5415; &RFC6275; &RFC6830; &RFC7048; &RFC7102; &RFC7559; &RFC7772; IEEE standard for Information Technology IEEE standard for Information Technology IEEE standard for Information Technology IEEE standard for Information Technology

This section lists the changes between draft-ietf-6lo-backbone-router revisions ...-07.txt and ...-08.txt. Reorganized the order of presentation of some sections so that related material is closer together. Added "Future Work" section. Added this section detailing recent changes. Used '6LN' when LLN node is meant. Updated bibliographic citations.