<?xml version="1.0" encoding="US-ASCII"?>
<!-- This template is for creating an Internet Draft using xml2rfc,
     which is available here: http://xml.resource.org. -->
<!DOCTYPE rfc    SYSTEM "rfc2629.dtd" [
]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>

<!-- rfc category="std" ipr="trust200902" updates="6437" docName="draft-thubert-6man-flow-label-for-rpl-05" -->

<rfc category="std" ipr="trust200902" docName="draft-thubert-6man-flow-label-for-rpl-05">

<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>

<?rfc sortrefs="yes"?>
<?rfc iprnotified="no" ?>
<?rfc authorship="yes"?>
<?rfc tocappendix="yes"?>
<?rfc strict="yes" ?>
<!-- give errors regarding ID-nits and DTD validation -->
<!-- control the table of contents (ToC) -->
<?rfc toc="yes"?>
<!-- generate a ToC -->
<?rfc tocdepth="4"?>
<!-- the number of levels of subsections in ToC. default: 3 -->
<!-- control references -->
<?rfc symrefs="yes"?>
<!-- use symbolic references tags, i.e, [RFC2119] instead of [1] -->
<?rfc sortrefs="yes" ?>
<!-- sort the reference entries alphabetically -->
<!-- control vertical white space
     (using these PIs as follows is recommended by the RFC Editor) -->
<?rfc compact="no" ?>

    <front>
        <title>The IPv6 Flow Label within a LLN domain</title>
        <author initials="P" surname="Thubert" fullname="Pascal Thubert" role="editor">
          <organization abbrev="Cisco">
             Cisco Systems
          </organization>
          <address>
            <postal>
             <street>Village d'Entreprises Green Side</street>
             <street>400, Avenue de Roumanille</street>
	     <street>Batiment T3</street>
             <city>Biot - Sophia Antipolis</city>
             <code>06410</code>
             <country>FRANCE</country>
            </postal>
            <phone>+33 4 97 23 26 34</phone>
            <email>pthubert@cisco.com</email>
	  </address>
        </author>
	<!--author fullname="Michael Richardson" initials="M.C." surname="Richardson">
          <organization abbrev="Sandelman">
			Sandelman Software Works
          </organization>
	  <address>
            <postal>
              <street>  </street>
              <city>Ottawa</city>
              <region>Ontario</region>
              <code>  </code>
              <country>Canada</country>
            </postal>
            <email>mcr+ietf@sandelman.ca</email>
	  </address>
	</author-->
        <date/>

	<area>Routing</area>

	<workgroup>6MAN</workgroup>

        <abstract>
	  <t>	
		This document presents how the Flow Label can be used inside a LLN domain 
      such as a RPL domain or an ISA100.11a D-subnet, and provides updated rules 
      for a domain Border Router to set and reset the Flow Label when forwarding
      between inside the domain and the larger Internet in both direction. Rules 
      for routers inside the domain are also provided. 
	  </t>
	</abstract>
    </front>

    <middle>

	<!-- **************************************************************** -->
	<!-- **************************************************************** -->
	<!-- **************************************************************** -->
	<!-- **************************************************************** -->
	<section anchor='introduction' title="Introduction">


      <t> The design of Lowpower Lossy Networks (LLNs) is generally focussed on 
      saving energy, which is typically the most constrained resource of all. 
      Other classical constraints, such as memory capacity, frame size, as well
      as the duty cycling of the LLN devices, derive from that primary concern. 
      </t>      <t> 
      In isolated devices, energy is typically available
      from batteries that are expected to last for years, or scavenged from the
      environment in very limited quantities. Any protocol that is intended for
      use in LLNs must be designed with the primary concern of saving energy as
      a strict requirement.
      </t>   <t>
         The <xref target="IEEE802154"> IEEE802.15.4</xref>  was designed to 
         offer the Physical (PHY) and Medium Access Control (MAC) layers for 
         low-cost, low-speed, low-power Wireless Personal Area Networks (WPANs),
         which are a wireless form of LLNs.

      </t>    <t>
         With the traditional IEEE802.15.4 PHY, frames are limited to 127 
         octets. In order to adapt <xref target="RFC2460"> IPv6 </xref> over 
         IEEE802.15.4, <xref target="RFC4944">6LoWPAN </xref> introduced a 
         fragmentation mechanism under IP, which in turn causes even more energy
         spending and other issues as discussed in 
         <xref target="I-D.thubert-6lo-forwarding-fragments">LLN Fragment Forwarding 
         and Recovery</xref>. 
      </t> <t> 
         The IEEE802.15.4e Task Group further defined the 
         <xref target="I-D.ietf-6tisch-tsch"> TimeSlotted Channel Hopping</xref> 
         (TSCH) mode of operation as an update to the MAC specification 
         in order to address Time Sensitive applications. 
      </t> <t> 
         The <xref target="I-D.ietf-6tisch-architecture">6TISCH 
         architecture</xref> specifies the operation of IPv6 over IEEE802.15.4e
         TSCH networks attached and synchronized by backbone routers. 
         6TiSCH was created to simplify the adoption of IETF technology by other
         Standard Defining Organizations (SDOs), in particular in the Industrial 
         Automation space, which already relies on variations of IEEE802.15.4e 
         TSCH for Wireless Sensor Networking. 
      </t>      <t> 
         The <xref target="ISA100.11a">ISA100.11a</xref> specification provides
         an example of such an industrial WSN standard, using a precursor to
         IEEE802.15.4e over the classical IEEE802.14.5 PHY. In that case, after
         security is applied, roughly 80 octets are available per frame for
         IP and Payload. In order to 1) avoid fragmentation and 2) conserve 
         energy, the ISA100 WG in charge of that specification did scrutinize 
         the use of every bit in the frame and rejected any perceived waste. 
      </t>
      <t> 
         The challenge to obtain the adoption of IPv6 in the original standard 
         was thus to save all possible bits in the frames, including the UDP 
         checksum which was an interesting discussion on its own. This work was
         actually one of the roots for the <xref target="RFC6282"> 6LoWPAN 
         Header Compression </xref> work, which goes down to the individual bits 
         to save space in the frames for actual data, and allowed ISA100.11a to
         adopt IPv6.
      </t>      <t> 
         ISA100.11a (now IEC62734) uses IPv6 over UDP, and conforms to a number 
         of other IETF RFCs including the <xref target="RFC3697">IPv6 Flow Label 
         Specification </xref> that was the reference at the time the standard 
         was elaborated, but fails to conform to the newer 
         <xref target="RFC6437">IPv6 Flow Label Specification</xref> that 
         obsoleted it. 
      </t>      <t> 
         The bone of contention is the use of the Flow Label as an index called 
         a contract ID, and the capability for the Backbone Router, that is the 
         Border Router of a ISA100.11a WSN (also called a D-subnet), to modify 
         the Flow Label. There is work at ROLL that indicates that RPL nodes may 
         benefit from similar abilities to also transport flow-related 
         information in the Flow Label.
      </t>      <t>  This document adds an exception to the 
         rules in <xref target="RFC6437"/>, for application within a 
         well-defined LLN domain, whereby the Border Routers would be in a 
         position to ensure that from an external viewpoint, the domain complies
         to the new Flow Label specification even though the internal use of the
         Flow Label does not.
      </t>
   	
     
	  </section>
	<!-- **************************************************************** -->
	<!-- **************************************************************** -->
	<!-- **************************************************************** -->
	<!-- **************************************************************** -->

        <section title="Terminology">
            <t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
            "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
            and "OPTIONAL" in this document are to be interpreted as
            described in <xref target="RFC2119"/>.</t>

      <t>This document uses Terminology defined in
      <xref target="RFC7102">Terminology in Low power And Lossy
      Networks</xref>, as well as 
      <xref target="RFC6550"/> and <xref target="RFC6553"/>.</t>
        </section>
<section anchor='reqs' title="Requirements for LLN Flows">
	<t>
	   In Industrial Automation and Control Systems (IACS) <xref target="RFC5673"/>,
      a packet loss is usually acceptable but jitter and latency must be 
      strictly controlled as they can play a critical role in the interpretation
		of the measured information. 
      Sensory systems are often distributed, and the control information can 
      in fact be originated from multiple sources and aggregated.
      In such cases, related packets from multiple
      sources should not be load-balanced along their path in the Internet. 
      
	</t>
	<t>
		In a typical LLN application, the bulk of the traffic consists of small 
      chunks of data (in the order few bytes to a few tens of bytes) at a time. 
		4Hz is a typical loop frequency in Process Control, though it can be a
		lot slower than that in, say, environmental monitoring. The granularity 
		of traffic from a single source is too small to make a lot of sense in 
      load balancing application. 
	</t>
	<t>
		As a result, it can be a requirement for related measurements from multiple sources  
		to be treated as a single flow following a same path over the Internet so 
      as to experience similar jitter and latency. The traditional tuple of source,
		destination and ports might then not be the proper indication to isolate
		a consistent flow. On the other hand, the flow integrity can be preserved 
      in a simple manner if the setting of the Flow Label in the IPv6
      header of packets outgoing a LLN domain, is centralized to the Border
      Router, such as the root of a RPL DODAG structure, or an ISA100.11a
      Backbone Router, as opposed to distributed across the actual sources.
	 </t>
    
		<t>Considering that the goal for setting the Flow Label as prescribed in
      <xref target="RFC6437">the IPv6 Flow Label Specification</xref> is to 
      improve load balancing in the core of the Internet, it is unlikely that
		LLN devices will consume energy to generate and then transmit a Flow Label
		to serve outside interests and the Flow Label is generally left to zero 
      so as to be elided in the 6LoWPAN <xref target="RFC6282"/> compression. So
      in a general manner the interests of the core are better served if the RPL
      roots systematically rewrite the flow label rather than if they never do.
		</t> <t>
		For packets coming into the RPL domain from the Internet, the value for 
      setting the Flow Label as prescribed in <xref target="RFC6437"/> 
      is consumed once the packet has traversed the core and reaches the LLN.
		Then again, there is little value but a high cost for the LLN in spending 
      20 bits to transport a Flow Label, that was set by a peer or a router in 
      the Internet, over the constrained network to a destination node that has 
      no use of it. 
		</t> <t>On a PHY layer with super-short frames such as IEEE802.15.4,
      compliance with those rules will simply not happen, and the rules will 
      become an bone of contention for IPv6 adoption at a time where great
      progress is happening towards that goal, as illustrated by the activity
      at 6lo on multiple LLN Link-layers.
		 
	 </t>
	  </section>
   	<section anchor='compate' title="On Compatibility With Existing Standards">
      <t>
      All the packets from all the nodes in a same DODAG that are leaving a RPL 
      domain towards the Internet will transit via a same RPL root. The RPL root 
      segregates the Internet and the RPL domain, which enables the capability
      to reuse the Flow Label within the RPL domain. The ISA100.11a Backbone
      Router plays a similar role and interfaces an ISA100.11a WSN D-subnet with
      a larger IPv6 network.
      </t>
      <t>This specification enables the operation of resetting or reusing the 
      IPv6 Flow Label at the border of a LLN domain. This is a deviation from  
      <xref target="RFC6437"> the IPv6 Flow Label Specification </xref>, in that
      the LLN border router is neither the source nor the first hop router that 
      sets the final Flow Label for use outside the LLN domain. 
      </t>
      <t>
      But if we consider the whole RPL domain as a large virtual host from the 
      standpoint of the rest of the Internet, the interests that lead to
      <xref target="RFC6437"/>, and in 
      particular load balancing in the core of the Internet, are probably better
      served if the root guarantees that the Flow Label is set in a compliant 
      fashion than if we rely on each individual sensor that may 
      not use it at all, or use it slightly differently such as done in 
      ISA100.11a. 
      </t>
      <t>Additionally, LLN flows can be compound flows aggregating information 
      from multiple sources. The Border Router is an ideal place to rewrite the 
      Flow Label to a same value for a same flow across multiple 
      sources, ensuring compliance with the rules defined by 
      <xref target="RFC6437"/> for use outside
      of the RPL domain and in particular in the core of the Internet.  </t>
      
		<!--t> It can be noted that <xref target="RFC6282"/> provides an efficient header compression for packets
		that do have the Flow Label set in the IPv6 header. It results that the overhead for transporting the RPL information
      can be down from 64 to 20 bits, alleviating at the same time the need for IP-in-IP encapsulation.
      This optimization cannot be ignored, and can make the difference for the adoption of RPL and 6TiSCH 
      by external standard bodies.</t-->
      <t>
		This document specifies how the Flow Label can be reused within a LLN 
      domain such as a RPL domain and an ISA100.11a D-subnet, in which a Border 
      Router delineates the limit of the domain and may rewrite the Flow Label
      on all packets. In a RPL domain, it will become acceptable to use the Flow
      Label as replacement to the RPL option, though whether that operation gets 
      standardized is left to be discussed. That use of the Flow Label within 
      a RPL domain would be an instance of the stateful scenarios as discussed 
      in <xref target="RFC6437"/> where the flow state in the node is indexed by
      the RPLInstanceID that identifies the routing topology. 
      ISA100.11a would be another instance where the 16bit Contract ID in the 
      Flow Label identifies a state in a node that is specific to a particular 
      flow. 
		 </t>
    </section>

	
<section anchor='appli' title="Updated Rules">

   <t>This specification applies to a constrained LLN domain that forms a stub 
      and is connected to the Internet by and only by its Border Routers.
      In the case of a RPL domain, the RPL root is such a bottleneck for all the
      traffic between the Internet and the 
      Destination-Oriented Directed Acyclic Graph (DODAG) that it serves. 
      This specification also covers other LLN domains with the same properties 
      of having strict constraints in energy and/or frame size, such as an
      <xref target="ISA100.11a">ISA100.11a</xref> Industrial Wireless Sensor 
      Network, but does not generalize to any arbitrary domain. This updates
       <xref target="RFC6437"> the IPv6 Flow Label Specification </xref>, which
      does not allow any specific rule in any particular domain, and updates it 
      only in the context of constrained LLN domains.       
        </t> 
	<t>
      In that context, a LLN domain Border Router MAY rewrite the 
      Flow Label of all packets entering or leaving the RPL domain in both 
      directions, from and towards the Internet, regardless of its original 
      setting. For the limited context of a constrained LLN domain, this updates 
      <xref target="RFC6437"> the IPv6 Flow Label Specification </xref> which 
      stipulates that once it is set, the Flow Label is left unchanged; but the  
      RFC also indicates a violation to the rule can be accepted for compelling  
      reasons related to security. This specification adds that energy-saving 
      is another compelling reason for a violation to the aforementioned rule, 
      though applicable only inside a constrained LLN.
      </t>
      <t>
      In particular, the Border Router of a LLN domain MAY set the Flow Label of 
      IPv6 packets that exit the LLN domain. It SHOULD do it if the LLN domain 
      operations do not conform <xref target="RFC6437"/>, and if it does modify 
      the Flow Label, then it MUST do it in a manner that conforms 
      <xref target="RFC6437"/> from the perspective of a Node outside the LLN. 
      </t>
      <t>It results that a Node in a constrained LLN domain MUST NOT assume 
      that the setting of the Flow Label will be preserved end-to-end, and that 
      an intermediate router inside a constrained LLN MAY alter a non-zero Flow 
      Label between the source in the LLN and the LLN Border Router. This does
      not modify the expectations on end Nodes but extends the updated rules
      from <xref target="RFC6437"/> to arbitrary routers in the LLN.
      </t> 
      <t>
		 For instance, a RPL root MAY reset the Flow Label of IPv6 packets 
       entering the RPL domain to zero for an optimal Header Compression by
       6LoWPAN <xref target="RFC6282"/>. A RPL root MAY also reuse the Flow 
       Label towards the LLN for other purposes, such as to carry the 
       <xref target="RFC6553"> RPL Information</xref>. An ISA100.11s 
       Backbone Router MAY reuse the Flow Label to carry local flow information, 
       such as the Contract ID specified in 
       <xref target="ISA100.11a">ISA100.11a</xref>.
      </t>
</section>        
    <!-- section title="Flow Label Format Within the RPL Domain">
	<t>
	<xref target="RFC6550"/> section 11.2 specifies the fields that are 
	to be placed into the packets for the purpose of Instance Identification, 
	as well as Loop Avoidance and Detection. Those fields include an 'O', and 'R'
	and an 'F' bits, the 8-bit RPLInstanceID, and the 16-bit SenderRank.
	SenderRank is the result of the DAGRank operation on the rank of the sender,	
	where the DAGRank operation is defined in section 3.5.1 as:
	<list><t>DAGRank(rank) = floor(rank/MinHopRankIncrease)</t></list>
	</t>
	<t>If MinHopRankIncrease is set to a multiple of 256, it appears that
	the most significant 8 bits of the SenderRank will be all zeroes and 
	could be omitted. In that case, the Flow Label MAY be used as a 
	replacement to the <xref target="RFC6553"/> RPL option. To achieve this, the 
	SenderRank is expressed with 8 least significant bits, and the information
	carried within the Flow Label in a packet is constructed follows: </t>

<figure anchor="flowlabel" title="The RPL Flow Label">
              <artwork>

        0                   1                   2
        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
               | |O|R|F|  SenderRank   | RPLInstanceID |
               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

 </artwork>
</figure>
	<t>The first (leftmost) bit of the Flow Label is reserved and should be set to zero.
	</t>
	</section -->
	
    <!--section title="LLN Border Router Operation">
	<t>  <xref target="RFC6437"/> section 3 intentionally does not consider Flow 
   Label values in which any of the bits have semantic significance. However, 
   the  present specification allows to assign semantics to various bits in the 
   flow label, destroying  within the LLN domain the property of belonging to a 
   statistically uniform distribution that is desirabl in the rest of the 
   Internet.<!- - This property MUST be restored by the root for packets 
   that exit the RPL domain towards the Internet. - ->
	</t>
	<t> It can be noted that the rationale for the statistically uniform distribution does not
	necessarily bring a lot of value within the LLN domain. In a specific use case where it would,
	that value must be compared with that of the battery savings in order to decide which technique
	the deployment will use to transport the RPL information.
	</t>
	<section title="Incoming Packets">
	<t>
	When routing a packet towards the RPL domain, the root applies a policy to determine whether
	the Flow Label is to be used to carry the RPL information. If so, the root MUST reset the Flow Label and
	then it MUST set all the fields in the Flow Label as prescribed by <xref target="RFC6553"/> using the
	format specified in <xref target="flowlabel"/>. In particular, the root selects the Instance that will
	be used to forward the packet within the RPL domain.
	</t>
	</section>
	<section title="Outgoing Packets">
	<t>
	When routing a packet outside the RPL domain, the root applies a policy to determine whether
	the Flow Label was used to carry the RPL information. If so, the root MUST reset the Flow Label.
	The root SHOULD recompute a Flow Label following the rules prescribed by <xref target="RFC6553"/>.
	In particular, the root MAY ignore the source address but it SHOULD use the RPLInstanceID for the computation.
	</t>
	</section>
	</section>
	
    <section title="RPL node Operation">
	<t>Depending on the policy in place, the source of a packet will decide whether to use this specification
	to transport the RPL information in the IPv6 packets. If it does, the source in the LLN SHOULD set the 
	Flow Label to zero and MUST NOT expect that the flow label will be conserved end-to-end". 
	</t>
	</section -->
    <section title="Security Considerations">
    <t>Because the flow label is not protected by IPSec, it is expected that 
    Layer-2 security is deployed  in the LLN where is specification is applied. 
    This is the actual best practice in LLNs, which serves in particular to
    avoid forwarding of untrusted packets over the constrained network. 
    </t> <t>
    The specification insists that the LLN Node should not expect that the 
    Flow Label is conserved end-to-end and rather reduces the risk of 
    misinterpretation in case of a rewrite by a router in the middle.
    </t>
   
        </section>
        <section title="IANA Considerations">
        <t>No IANA action is required for this specification.
		</t>
        </section>


<section title="Acknowledgements">
<t>The author wishes to thank Brian Carpenter for his in-depth review and constructive approach to the problem resolution.
</t>
</section>

    </middle>

    <back>
    <references title='Normative References'>
	  <?rfc include="reference.RFC.2119"?>
	  <?rfc include="reference.RFC.2460"?>
	  <?rfc include="reference.RFC.3697"?>
	  <?rfc include="reference.RFC.6437"?>
	  <?rfc include="reference.RFC.6282"?>
	  <?rfc include="reference.RFC.6550"?>
	  <?rfc include="reference.RFC.6552"?>
	  <?rfc include="reference.RFC.6553"?>
      <reference anchor="IEEE802154">
         <front>
            <title>IEEE std. 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks</title>
            <author>
               <organization>IEEE standard for Information Technology</organization>
            </author>
            <date month="June" year="2011"/>
         </front>
      </reference>
	        
      <reference anchor="ISA100.11a" target="http://www.isa.org/Community/SP100WirelessSystemsforAutomation">
         <front>
            <title>Wireless Systems for Industrial Automation: Process Control and Related Applications - ISA100.11a-2011 - IEC 62734</title>
            <author>
               <organization>ISA/ANSI</organization>
            </author>
            <date year="2011" />
         </front>
      </reference>
    </references>
    <references title='Informative References'>

	  <?rfc include="reference.RFC.4944"?>
	  <?rfc include="reference.RFC.5673"?>
	  <?rfc include="reference.RFC.7102"?>
      <?rfc include='reference.I-D.ietf-6tisch-tsch'?>
      <?rfc include='reference.I-D.thubert-6lo-forwarding-fragments'?>
      <?rfc include='reference.I-D.ietf-6tisch-architecture'?>

    </references>
    </back>

</rfc>
