lpwan Working Group A. Minaburo Internet-Draft Acklio Intended status: Informational L. Toutain Expires:June 8,September 3, 2017 IMT-Atlantique C. Gomez Universitat Politecnica de Catalunya March 02, 2017Institut MINES TELECOM ; TELECOM Bretagne December 5, 2016LPWAN Static Context Header Compression (SCHC) and fragmentation for IPv6 and UDPdraft-ietf-lpwan-ipv6-static-context-hc-00draft-ietf-lpwan-ipv6-static-context-hc-01 Abstract This document describes a header compression scheme and fragmentation functionality forIPv6, IPv6/ UDP based on static contexts. This technique isIPv6/UDP protocols. These techniques are especially tailored forLPWALPWAN (Low Power Wide Area Network) networks and could be extended to other protocol stacks.During the IETF history several compression mechanisms have been proposed. First mechanisms, such as RoHC, are using a context to store header field values and send smaller incremental differences on the link. Values in the context evolve dynamically with information contained in the compressed header. The challenge is to maintain sender's and receiver's contexts synchronized even with packet losses. Based on the fact that IPv6 contains only static fields, 6LoWPAN developed an efficient context-free compression mechanisms, allowing better flexibility and performance.The Static Context Header Compression (SCHC)combines the advantages of RoHC context whichoffers a great level of flexibilityin thewhen processingof fields, and 6LoWPAN behavior to elide fields that are known fromtheother side.header fields. Static context means thatvaluesinformation stored in the context which, describes fielddovalues, does not change during the packet transmission, avoiding complex resynchronization mechanisms, incompatible withLPWALPWAN characteristics. In most of the cases, IPv6/UDP headers are reduced to a small identifier. This documentfocuses on IPv6/UDP headers compression, butdescribes themechanism can be appliedgeneric compression/decompression process and applies it to IPv6/UDP headers. Similar mechanisms for other protocols such asCoAP. ItCoAP will be described in a separate document. Moreover, this document specifies fragmentation and reassembly mechanims for SCHC compressed packets exceeding the L2 pdu size and for the case where the SCHC compression is not possible then the IPv6/UDP packet is sent. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire onJune 8,September 3, 2017. Copyright Notice Copyright (c)20162017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. 1. IntroductionHeadersHeader compression is mandatory to efficiently bringthe internet protocolsInternet connectivity to the node within aLPWALPWAN network [I-D.minaburo-lp-wan-gap-analysis].Nevertheless, LPWASome LPWAN networksoffer goodproperties can be exploited for an efficient header compression: o Topology is star oriented, therefore all the packetsfollowsfollow the same path. For the needs of this draft, the architecture can be summarized to Things or End-Systems (ES) exchanging information with LPWAN Application Server(LA). The exchange goes trhough a single LPWA Compressor (LC). In most of the cases, End Systems and LC form a star topology. ESs and LC maintain(LA) through astatic context for compression. Static context means that context information is not learned during the exchange.Network Gateway (NG). o Traffic flows are mostlydeterministic,known in advanced, since End-Systems embed built-in applications. Contrary to computers or smartphones, new applications cannot be easily installed.First mechanisms such as RoHC useThe Static Context Header Compression (SCHC) is defined for this environment. SCHC uses a contextto storewhere headerfieldinformation is kept in order, this context is static the valuesand send smaller incremental differenceson thelink. The first versionheader fields do not change during time, avoiding complex resynchronization mechanisms, incompatible with LPWAN characteristics. In most ofRoHC targeted IP/UDP/RTP stack. RoHCv2 extendstheprinciplecases, IPv6/ UDP headers are reduced toany protocol and introducesaformal notation [RFC4997] describing thesmall context identifier. The SCHC headerand associatingcompressionfunctions to each field. To be efficient the sender and the receiver must check thatis indedependent of thecontext remains synchronized (i.e. containsspecific LPWAN technology over which it will be used. On thesame values). Context synchronization imposes to periodically sendother hand, LPWAN technologies are characterized, among others, by afull header or at least dynamic fields. If fully compressed, the header can be compatible with LPWA constraints.very reduced data unit and/or payload size [I-D.ietf-lpwan-overview]. However, some of these technologies do not support layer two fragmentation, therefore thefirst exchanges or context resynchronisations imposeonly option for these tosend uncompressed headers, which may be bigger than the original one. This will forcesupport IPv6 when header compression is not possible (and, in particular, its MTU requirement of 1280 bytes [RFC2460]) is the use ofinefficientfragmentationmechanisms. For some LPWA technologies, duty cycle limits can also delaymechanism at theresynchronization. Figure 1 illustrates this behavior. sync ^ +-+ sync sync ^ | IPv6 | | +-+ +-+ | IPv6 v | | | | | | v +------------+ | +-+-+ | | | | +------------+ | +--+ | | | | | | | | | | +--+ | | | c| | | | | +-+-+-+ +-+-+-+-+ | | | c| | | | t| | | | | | | | | | | | | | | | | t| | | | x| | +-+-+-+-+-+-+-+-+-+-+-+-+ | | x| | | | t| | <----------------------------> | | t| | | +--+ | header size of sent packets | +--+ | +------------+ +------------+ Figure 1: RoHC Compressed Header size evolution. Onadaptation layer below IPv6. This specification defines fragmentation functionality to support theother hand, 6LoWPAN [RFC4944] is context-free based onIPv6 MTU requirements over LPWAN technologies. 2. Vocabulary This section defines thefact that IPv6, its extensions or UDP headers do not contain incremental fields. The compression mechanism describedterminology and aconyms used in[RFC6282]this document. o CDF: Compression/Decompression Function. A function that isbased on sendingused for both functionnalities to compress a2-byte bitmap, which describes how theheadershould be decompressed, either using some standard valuesfield orsending information after this bitmap. [RFC6282] also allows for UDP compression. Into recover its original value in thebest case, when Hop limit is a standard value, flow label, DiffServ fields aredecompression phase. o Context: A setto 0 and Link Local addresses areof rules usedover a single hop network, the 6LoWPAN compressed header is reducedto4 bytes. This compression ratio is possible because the IID are derived fromcompress/decompress headers o ES: End System. Node connected to theMAC addresses andLPWAN. An ES may implement SCHC. o LA: LPWAN Application. An application sending/consuming IPv6 packets to/from thelink local prefix is known from both sides. In that case,End System. o LC: LPWAN Compressor/Decompressor. A process in theIPv6network to achieve compression/decompressing headers. LC uses SCHC rules to perform compressionis 4 bytesandUDP compression is 2 bytes, which fills half of the payload ofdecompression. o MO: Matching Operator. An operator used to compare aSIGFOX frame, or more than 10% ofvalue contained in aLoRaWAN payload (with spreading factor 12). The Static Context Header Compression (SCHC) combines the advantages of RoHC context, which offersheader field with agreat level of flexibilityvalue contained inthe processinga rule. o Rule: A set offields,header field values. o Rule ID: An identifier for a rule, LC and6LoWPAN behavior to elide fields that are known fromES share theother side. Static context means that values insame rule ID for a specific flow. Rule ID is sent on thecontext field do not change duringLPWAN. o TV: Target value. A value contained in thetransmission, avoiding complex resynchronization mechanisms, incompatiblerule that will be matched withLPWA characteristics. In most ofthecases, IPv6/UDP headers are reduced tovalue of asmall context identifier. 2.header field. 3. Static Context Header Compression Static Context Header Compression (SCHC) avoids context synchronization, which is the most bandwidth-consuming operation in other header compression mechanisms such as RoHC. Based on the fact that the nature of data flows is highly predictable inLPWALPWAN networks, a static context may be stored on the End-System (ES). Theother end,context must be stored in both ends. It can also be learned by using a provisionning protocol that is out of theLPWAscope of this draft. End-System Appl Servers +-----------------+ +---------------+ | APP1 APP2 APP3 | |APP1 APP2 APP3| | | | | | UDP | | UDP | | IPv6 | | IPv6 | | | | | | LC (contxt)| | | +--------+--------+ +-------+-------+ | +--+ +--+ +-----------+ . +~~ |RG| === |NG| === |LC (contxt)| ... Internet ... +--+ +--+ +-----+-----+ Figure 1: Architecture Figure 1 based on [I-D.ietf-lpwan-overview] terminology represents the architecture for compression/decompression. The Thing or End- System is running applications which produce IPv6 or IPv6/UDP flows. These flows are compressed by a LPWAN Compressor (LC) to reduce the headers size. Resulting information is sent on a layer two (L2) frame to the LPWAN Radio Network to a Radio Gateway (RG) which forwards the frame to a Network Gateway. The Network Gateway sends the data to a LC for decompression which shares the same rules with the ES. The LC canlearnbe located on thecontext throughNetwork Gateway or in another places if aprovisioning protocol duringtunnel is established between theidentification phase (for instance, as it learnsNG and the LC. This architecture forms a star topology. After decompression, the packet can be sent on the Internet to one or several LPWAN Application Servers (LA). The principle is exactly theencryption key).same in the other direction. The context contains a list of rules (cf. Figure 2). Each rule contains itself a list offieldfields descriptions composed of a field identifier (FID), a target value (TV), a matching operator (MO) and a Compression/Decompression Function (CDF).+------------------------------------------------------------------++-----------------------------------------------------------------+ | Rule N |+-----------------------------------------------------------------++----------------------------------------------------------------+ | | Rule i | |+----------------------------------------------------------------++---------------------------------------------------------------+ | | | Rule 1 | | || +--------------+-------------------+-----------------+ | ||+--------+--------------+-------------------+-----------------+| | |Field||Field 1 | Target Value | Matching Operator | Comp/Decomp Fct || | | |+--------+--------------+-------------------+-----------------+| | || +--------------+-------------------+-----------------+ | | | | Field||Field 2 | Target Value | Matching Operator | Comp/Decomp Fct || | | |+--------+--------------+-------------------+-----------------+| | || +--------------+-------------------+-----------------+ | | | | ...||... | ... | ... | ... || | || | | +--------------+-------------------+-----------------+ ||+--------+--------------+-------------------+-----------------+| |-+| Field||Field N | Target Value | Matching Operator | Comp/Decomp Fct || | |+--------+--------------+-------------------+-----------------+|-+ | || +--------------+-------------------+-----------------+ |-+ | | +----------------------------------------------------------------++---------------------------------------------------------------+ Figure 2: Compression Decompression Context The rule does not describe thecompressed/decompressedoriginal packet format which must be known from the compressor/decompressor. The rule just describes the compression/decompression behavior fora field.the header fields. In the rule, it is recommended to describe the header field in the same order they appear in the packet. The main idea of the compression scheme is to send the rulenumber (or rule id)id to the other end instead of known field values.Matching a field withWhen a valueand header compression are related operations; If a field matches a rule containing the value,is known by both ends, it is not necessary to send it on thelink. Since contexts are synchronized, reading the rule's value is enough to reconstruct the field's value at the other end. On some other cases, the value need to be sent on the link to inform the other end.LPWAN network. The fieldvalue may vary from one packet to another, therefore the field cannot be used to select the rule id. 2.1. Simple Example A simple headerdescription is composed of3 fields (F1, F2, F3). The compressor receivesdifferent entries: o A Field ID (FID) is apacket containing respectively [F1:0x00, F2:0x1230, F3:0xABC0] in those fields. The Matching Operators (as defined in Section 3) allow to select Rule 5 as represented in Figure 3; F1unique valueis ignored and F2 and F3 packet field values are matched with those stored into define therule Target Values. Rule 5field. o A Target ValueMatching Operator Comp/Decomp Fct +--------------+-------------------+-----------------+ F1 | 0x00 | Ignore | not-sent | +--------------+-------------------+-----------------+ F2 | 0x1230 | Equal | not-sent | +--------------+-------------------+-----------------+ F3 | 0xABC0 | Equal | not-sent | +--------------+-------------------+-----------------+ Figure 3: Matching Rule The Compression/Decompression Function (as defined in Section 4 describes how the fields are compressed. In this example, all the fields are elided and only(TV) is therule number has to be sentvalue used to make theother end. The decompressor receives the rule number and reconstructscomparison with the packet headerusing the values stored in thefield. The Target Valuecolumn. Note that F1can be of any type (integer, strings,...). It can be a single valuewillor a more complex structure (array, list,...). It can besetconsidered as a CBOR structure. o A Matching Operator (MO) is the operator used to0x00 bymake thedecompressor, even ifcomparison between theoriginal header field was carrying a different value. To allow a range of values forfieldF2value andF3,theMSB()Target Value. The Matching Operatorand LSB() Compression/Decompression Functionmay require some parameters, which can be considered as a CBOR structure. MO is only used(as defined in Section 3during the compression phase. o A Compression Decompression Function (CDF) is used to describe the compression andSection 4). In that casetherule willdecompression process. The CDF may require some parameters, which can berewrittenconsidered asdefined in Figure 4.a CBOR structure. 3.1. Rule5 Target Value Matching Operator Comp/Decomp Fct +--------------+-------------------+-----------------+ F1 | 0x00 | Ignore | not-sent | +--------------+-------------------+-----------------+ F2 | 0x1230 | MSB(12) | LSB(4) | +--------------+-------------------+-----------------+ F3 | 0xABC0 | MSB(12) | LSB(4) | +--------------+-------------------+-----------------+ Figure 4: MatchingID RuleIn that case, if a packet with the following header fields [F1:0x00, F2:0x1234, F3:0xABCD] arrives to the compressor,IDs are sent between both compression/decompression elements. The size of thenewrule5 will be selectedID is not specified in this document andsent tocan vary regarding theother end. The compressed header will be composed ofLPWAN technology, thesingle byte [0x4D]. The decompressor receivesnumber of flows,... Some values in thecompressedrule ID space may be reserved for goals other than headerand followscompression, for example fragmentation. Rule IDs are specific to an ES. Two ESs may use the same rule ID for different header compression. The LC needs toreconstruct [0x00, 0x1234, 0xABCD] applying a OR operator between the target value stored incombine the ruleandID with thecompressed field value sent. 2.2.ES L2 address to find the appropriate rule. 3.2. Packet processing The compression/decompression process follows several steps: o compression rule selection: the goal is to identify whichrulerule(s) will be used to compress the headers.To eachEach field is associated to a matchingruleoperator for compression. Each header field's value is compared to the corresponding target value stored in the rule for that field using the matching operator. If all the fields in the packet's header satisfied all the matchingoperator,operators of a rule, the packet is processed usingthisCompression Decompression Functionfunctions.associated with the fields. Otherwise the next rule is tested. If no eligible rule is found, then the packet isdropped.sent without compression, which may require using the fragmentation procedure. o sending: The rulenumberID is sent to the other end followed bydatainformation resulting from thefield compression.compression of header fields. This information is sent in the order expressed in the rule for the matching fields. The way the rulenumberID is sent dependsofon the layer two technology and will be specified in a specific document. Forexemple,example, it can either be included in a Layer 2 header or sent in the first byte of the L2 payload. o decompression: The receiver identifies the sender through its device-id (e.g. MAC address) andselectselects the appropriate rule through the rulenumber.ID. This rule gives the compressed header format and associates these values to header fields. It applies thecompression decompressionCDF function to reconstruct the original header fields.3. Matching operators It may exist some intermediary cases, where partCDF ofthe value may be used to select a field and a variable part has toCompute-* must besent onapplied after thelink.other CDFs. 4. Matching operators Thisis true for Least Significant Bits (LSB) wheredocument describes basic matching operators (MO)s which must be known by both LC, endpoints involved in themost significant bitheader compression/ decompression. They are not typed and can beusedapplied indifferently toselect a rule idinteger, string or any other type. The MOs andthe least significant bits have to be sent on the link. Several matching operatorstheir definition aredefined:provided next: o equal: a field value in a packet matches with a field value in a rule if they are equal. o ignore: no check is done between a field value in a packet and a field value in the rule. The result of the matching is always true. o MSB(length): a field value oflength Ta size equal to "length" bits in a packet matches with a field value in a rule if the most significant "length" bits are equal.4.o match-mapping: The goal of mapping-sent is to reduce the size of a field by allocating a shorter value. The Target Value contains a list of pairs. Each pair is composed of a value and a short ID. This operator matches if a field value is equal to one of the pairs' values. Matching Operators may need a list of parameters to proceed to the matching. For instance MSB requires an integer indicating the number of bits to test. 5. Compression Decompression Functions (CDF) The Compression Decompression Functions (CDF)describedescribes the action taken during the compression of headers fields, andinverselyinversely, the action taken by the decompressor to restore the original value./--------------------+-------------+--------------------------\/--------------------+-------------+---------------------------\ | Function | Compression | Decompression | | | | |+--------------------+-------------+--------------------------++--------------------+-------------+---------------------------+ |not-sent |elided |use value stored in ctxt | |value-sent |send |build from received value | |LSB(length) |send LSB |ctxt value OR rcvd value ||compute-IPv6-length |elided |compute IPv6 length | |compute-UDP-length|compute-length |elided |computeUDPlength | |compute-UDP-checksum|elided |compute UDP checksum | |ESiid-DID |elided |build IID from L2 ES addr | |LAiid-DID |elided |build IID from L2 LA addr |\--------------------+-------------+--------------------------/|mapping-sent |send index |value from index on a table| \--------------------+-------------+---------------------------/ Figure5:3: Compression and Decompression Functions Figure5 lists all3 sumarizes the functions defined to compress and decompress a field. The first column gives the function's name. The second and third columns outlines the compression/decompressionprocess. As with 6LoWPAN,behavior. Compression is done in thecompression process may produce some data, where fields that were notrule order and compressed(or were partially compressed) will bevalues are sent inthethat orderof the original packet. Information added byin thecompression phasecompressed message. The receiver must bealigned on byte boundaries, but each individual compression function may generate any size. /--------------+-------------------+-----------------------------------\ | Field |Comp Decomp Fct | Behavior | +--------------+-------------------+-----------------------------------+ |IPv6 version |not-sent |The value is not sent, butable to find the size of each| |IPv6 DiffServ | |end agrees on a value,compressed field which can| |IPv6 FL | |be different from 0. | |IPv6 NH |value-sent |Depending onbe given by the rule or may be sent with the compressed header. 5.1. not-sent CDF Not-sent function is generally used when thematching operator,| | | |the entirefield value issent or | | | |an adjustment tospecified in thecontext value | +--------------+-------------------+-----------------------------------+ |IPv6 Length |compute-IPv6-length|Dedicated fct to reconstruct value | +--------------+-------------------+-----------------------------------+ |IPv6 Hop Limit|not-sent+MO=ignore |The receiver takesrule and therefore known by thevalue stored| | | |inboth Compressor and Decompressor. This function is generally used with thecontext. It may be different| | | |from one originally sent, but in a | | | |star topology,"equal" MO. If MO is "ignore", there isnoa riskof | | | |loops | | |not-sent+matching |Receiver and sender agree onto have a| | | |specific value. | | |value-sent |Explicitly sent | +--------------+-------------------+-----------------------------------+ |IPv6 ESPrefix |not-sent |The 64 bit prefix is stored on | |IPv6 LAPrefix | |the context | | |value-sent |Explicitlydecompressed field value different from the compressed field. The compressor does not send64 bitsany value on thelink| +--------------+-------------------+-----------------------------------+ |IPv6 ESiid |not-sent |IIDcompressed header for that field on which compression isnot sent, butapplied. The decompressor restores the field value with the target value stored in the| |IPv6 LAiid | |context | | |ESiid-DID|LAiid-DID|IIDmatched rule. 5.2. value-sent CDF The value-sent function isbuilt fromgenerally used when theES/LA Dev. ID| | |value-sent |IIDfield value is not known by both Compressor and Decompressor. The value isexplicitlysenton the link.| | | |Size depends of the L2 technology | +--------------+-------------------+-----------------------------------+ |UDP ESport |not-sent |Inin thecontext | |UDP LAport |value-sent |Sendcompressed message header. Both Compressor and Decompressor must know the2 bytessize of theport number| | |LSB(length) |or least significant bits if MSB | | | |matchingfield, either implicitely (the size isspecifiedknown by both sides) or explicitely in the| | | |matching operator. | +--------------+-------------------+-----------------------------------+ |UDP length |compute-UDP-length |Dedicated fct to reconstruct value | +--------------+-------------------+-----------------------------------+ |UDP Checksum |compute-UDP-checksum|Dedicated fct to reconstruct value| +--------------+-------------------+-----------------------------------+ Figure 6: SCHC functions' example assignment for IPv6 and UDP Figure 6 gives an example ofcompressed header field by indicating the length. This functionassignment to IPv6/UDP fields. 4.1. Compression Decompression Functions (CDF) 4.1.1. not-sentis generally used with the "ignore" MO. The compressordo not sentsends thefield valueTarget Value stored on thelink.rule in the compressed header message. The decompressorrestorerestores the field value with the onestored inreceived from thematched rule. 4.1.2. value-sent The compressorLPWAN 5.3. LSB CDF LSB function is used to send a fixed part of the packet fieldvalue on the link, ifheader to thematching operatorother end. This function is"=". Otherwise the matching operator indicates the information that will be sent on the link. For a LSB operator onlyused together with theLeast Significant Bits are sent. 4.1.3. LSB(length)"MSB" MO The compressor sends the "length" Least Significant Bits. The decompressor combines withaan OR operator the value received with the Target Value.4.1.4.5.4. ESiid-DID, LAiid-DID CDF These functions are used to process respectively the End System and the LA Device Identifier (DID). The IID value is computed from the device ID present in the Layer 2 header. The computation depends on the technology and the device ID size.4.1.5.5.5. mapping-sent mapping-sent is used to send a smaller index associated to the field value in the Target Value. This function is used together with the "match-mapping" MO. The compressor looks in the TV to find the field value and send the corresponding index. The decompressor uses this index to restore the field value. 5.6. Compute-* These functions are used by the decompressor to compute the compressed field value based on received information.TheyCompressed fields are elided during the compression and reconstructed during the decompression. ocompute-ipv6-length:compute-length: compute theIPv6length assigned to this field. For instance, regarding the fieldas described in [RFC2460].ID, this CDF may be used to compute IPv6 length or UDP length. ocompute-udp-length:compute-checksum: compute a checksum from the information already received by the LC. This field may be used to compute UDP checksum. 6. Application to IPv6lengthand UDP headers This section lists the different IPv6 and UDP header fields and how they can be compressed. 6.1. IPv6 version fieldas described in [RFC0768].This field always holds the same value, therefore the TV is 6, the MO is "equal" and the CDF "not-sent". 6.2. IPv6 Traffic class field If the DiffServ field identified by the rest of the rule do not vary and is known by both sides, the TV should contain this wellknown value, the MO should be "equal" and the CDF must be "not-sent. If the DiffServ field identified by the rest of the rule varies over time or is not known by both sides, then there are two possibilities depending on the variability of the value, the first one there is without compression and the original value is sent, or the sencond where the values can be computed by sending only the LSB bits: ocompute-udp-checksum:TV is not set, MO is set to "ignore" and CDF is set to "value- sent" o TV contains a stable value, MO is MSB(X) and CDF is set to LSB(8-X) 6.3. Flow label field If the Flow Label field identified by the rest of the rule does not vary and is known by both sides, the TV should contain this well- known value, the MO should be "equal" and the CDF should be "not- sent". If the Flow Label field identified by the rest of the rule varies during time or is not known by both sides, there are two possibilities dpending on the variability of the value, the first one is without compression and then the value is sent and the second where only part of the value is sent and the decompressor needs to compute the original value: o TV is not set, MO is set to "ignore" and CDF is set to "value- sent" o TV contains a stable value, MO is MSB(X) and CDF is set to LSB(20-X) 6.4. Payload Length field If the LPWAN technology does not add padding, this field can be elided for the transmission on the LPWAN network. The LC recompute the original payload length value. The TV is not set, the MO is set to "ignore" and the CDF is "compute-IPv6-length". If the payload is small, the TV can be set to 0x0000, the MO set to "MSB (16-s)" and the CDF to "LSB (s)". The 's' parameter depends on the maximum packet length. On other cases, the payload length field must be sent and the CDF is replaced by "value-sent". 6.5. Next Header field If the Next Header field identified by the rest of the rule does not vary and is known by both sides, the TV should contain this Next Header value, the MO should be "equal" and the CDF should be "not- sent". If the Next header field identified by the rest of the rule varies during time or is not known by both sides, then TV is not set, MO is set to "ignore" and CDF is set to "value-sent". 6.6. Hop Limit field The End System is generally a host and does not forward packets, therefore the Hop Limit value is constant. So the TV is set with a default value, the MO is set to "equal" and the CDF is set to "not- sent". Otherwise the value is sent on the LPWAN: TV is not set, MO is set to ignore and CDF is set to "value-sent". 6.7. IPv6 addresses fields As in 6LoWPAN [RFC4944], IPv6 addresses are split into two 64-bit long fields; one for the prefix and one for the Interface Identifier (IID). These fields should be compressed. To allow a single rule, these values are identified by their role (ES or LA) and not by their position in the frame (source or destination). The LC must be aware of the traffic direction (upstream, downstream) to select the appropriate field. 6.7.1. IPv6 source and destination prefixes Both ends must be synchronized with the appropriate prefixes. For a specific flow, the source and destination prefix can be unique and stored in the context. It can be either a link-local prefix or a global prefix. In that case, the TV for the source and destination prefixes contains the values, the MO is set to "equal" and the CDF is set to "not-sent". In case the rule allows several prefixes, static mapping must be used. The different prefixes are listed in the TV associated with a short ID. The MO is set to "match-mapping" and the CDF is set to "mapping-sent". Otherwise the TV contains the prefix, the MO is set to "equal" and the CDF is set to value-sent. 6.7.2. IPv6 source and destination IID If the ES or LA IID are based on an LPWAN address, then the IID can be reconstructed with information coming from the LPWAN header. In that case, the TV is not set, the MO is set to "ignore" and the CDF is set to "ESiid-DID" or "LAiid-DID". Note that the LPWAN technology is generally carrying a single device identifier corresponding to the ES. The LC may also not be aware of these values. For privacy reasons or if the ES address is changing over time, it maybe better to use a static value. In that case, the TV contains the value, the MO operator is set to "equal" and the CDF is set to "not-sent". If several IIDs are possible, then the TV contains the list of possible IID, the MO is set to "match-mapping" and the CDF is set to "mapping-sent". Otherwise the value variation of the IID may be reduced to few bytes. In that case, the TV is set to the stable part of the IID, the MO is set to MSB and the CDF is set to LSB. Finally, the IID can be sent on the LPWAN. In that case, the TV is not set, the MO is set to "ignore" and the CDF is set to "value- sent". 6.8. IPv6 extensions No extension rules are currently defined. They can be based on the MOs and CDFs described above. 6.9. UDP source and destination port To allow a single rule, the UDP port values are identified by their role (ES or LA) and not by their position in the frame (source or destination). The LC must be aware of the traffic direction (upstream, downstream) to select the appropriate field. The following rules apply for ES and LA port numbers. If both ends knows the port number, it can be elided. The TV contains the port number, the MO is set to "equal" and the CDF is set to "not-sent". If the port variation is on few bits, the TV contains the stable part of the port number, the MO is set to "MSB" and the CDF is set to "LSB". If some well-known values are used, the TV can contain the list of this values, the MO is set to "match-mapping" and the CDF is set to "mapping-sent". Otherwise the port numbers are sent on the LPWAN. The TV is not set, the MO is set to "ignore" and the CDF is set to "value-sent". 6.10. UDP length field If the LPWAN technology does not introduce padding, the UDP length can be computed from the received data. In that case the TV is not set, the MO is set to "ignore" and the CDF is set to "compute-UDP- length". If the payload is small, the TV can be set to 0x0000, the MO set to "MSB" and the CDF to "LSB". On other cases, the length must be sent and the CDF is replaced by "value-sent". 6.11. UDP Checksum field IPv6 mandates a checksum in the protocol above IP. Nevertheless, if a more efficient mechanism such as L2 CRC or MIC is carried by or over the L2 (such asdescribedin[RFC0768]. 5.the LPWAN fragmentation process (see XXXX)), the UDP checksum transmission can be avoided. In that case, the TV is not set, the MO is set to "ignore" and the CDF is set to "compute- UDP-checksum". In other cases the checksum must be explicitly sent. The TV is not set, the MO is set to "ignore" and the CDF is set to "value-sent". 7. Examples This section gives some scenarios of the compression mechanism for IPv6/UDP. The goal is to illustrate the SCHC behavior.5.1.7.1. IPv6/UDP compressionin a star topologyThe most common case using the mechanisms defined in this document will be aLPWALPWAN end-system that embeds some applications running over CoAP. In this example,thethree flows are considered. The first flow is for the device management based on CoAP using Link Local IPv6 addresses and UDP ports 123 and124.124 for ES and LA, respectively. The second flow will be a CoAP server for measurements done by theend-systemend- system (using ports 5683) and GlobalAddressesIPv6 Address prefixes alpha::IID/64 to beta::1/64. The last flow is for legacy applications using different ports numbers, the destination IPv6 address prefix is gamma::1/64. Figure74 presents the protocol stack for thisend-system.End-System. IPv6 and UDP are represented with dotted lines since these protocols are compressed on the radio link. Managment Data +----------+---------+---------+ | CoAP | CoAP | legacy | +----||----+---||----+---||----+ . UDP . UDP | UDP | ................................ . IPv6 . IPv6 . IPv6 . +------------------------------+ | SCHC Header compression | | and fragmentation | +------------------------------+ | 6LPWA L2 technologies | +------------------------------+ End System or LPWA GW Figure7:4: Simplified Protocol Stack for LP-WAN Note that in someLPWALPWAN technologies, only the End Systems have a deviceID . ThereforeID. Therefore, when such technologie are used, it is necessary to define statically an IID for the Link Local address for theLPWA Compressor.LPWAN compressor. Rule 0 +----------------+---------+--------+-------------++------+ | Field | Value | Match | Function || Sent | +----------------+---------+----------------------++------+ |IPv6 version |6 | equal | not-sent || | |IPv6 DiffServ |0 | equal | not-sent || | |IPv6 Flow Label |0 | equal | not-sent || | |IPv6 Length | | ignore | comp-IPv6-l || | |IPv6 Next Header|17 | equal | not-sent || | |IPv6 Hop Limit |255 | ignore | not-sent || | |IPv6 ESprefix |FE80::/64| equal | not-sent || | |IPv6 ESiid | | ignore | ESiid-DID || | |IPv6 LCprefix |FE80::/64| equal | not-sent || | |IPv6 LAiid |::1 | equal | not-sent || | +================+=========+========+=============++======+ |UDP ESport |123 | equal | not-sent || | |UDP LAport |124 | equal | not-sent || | |UDP Length | | ignore |comp-UDP-lcomp-length || | |UDP checksum | | ignore |comp-UDP-ccomp-chk || | +================+=========+========+=============++======+ Rule 1 +----------------+---------+--------+-------------++------+ | Field | Value | Match | Function || Sent | +----------------+---------+--------+-------------++------+ |IPv6 version |6 | equal | not-sent || | |IPv6 DiffServ |0 | equal | not-sent || | |IPv6 Flow Label |0 | equal | not-sent || | |IPv6 Length | | ignore | comp-IPv6-l || | |IPv6 Next Header|17 | equal | not-sent || | |IPv6 Hop Limit |255 | ignore | not-sent || | |IPv6 ESprefix |alpha/64 | equal | not-sent || | |IPv6 ESiid | | ignore | ESiid-DID || | |IPv6 LAprefix |beta/64 | equal | not-sent || | |IPv6 LAiid |::1000 | equal | not-sent || | +================+=========+========+=============++======+ |UDP ESport |5683 | equal | not-sent || | |UDP LAport |5683 | equal | not-sent || | |UDP Length | | ignore |comp-UDP-lcomp-length || | |UDP checksum | | ignore |comp-UDP-ccomp-chk || | +================+=========+========+=============++======+ Rule 2 +----------------+---------+--------+-------------++------+ | Field | Value | Match | Function || Sent | +----------------+---------+--------+-------------++------+ |IPv6 version |6 | equal | not-sent || | |IPv6 DiffServ |0 | equal | not-sent || | |IPv6 Flow Label |0 | equal | not-sent || | |IPv6 Length | | ignore | comp-IPv6-l || | |IPv6 Next Header|17 | equal | not-sent || | |IPv6 Hop Limit |255 | ignore | not-sent || | |IPv6 ESprefix |alpha/64 | equal | not-sent || | |IPv6 ESiid | | ignore | ESiid-DID || | |IPv6 LAprefix |gamma/64 | equal | not-sent || | |IPv6 LAiid |::1000 | equal | not-sent || | +================+=========+========+=============++======+ |UDP ESport |8720 | MSB(12)| LSB(4) || lsb | |UDP LAport |8720 | MSB(12)| LSB(4) || lsb | |UDP Length | | ignore |comp-UDP-lcomp-length || | |UDP checksum | | ignore |comp-UDP-ccomp-chk || | +================+=========+========+=============++======+ Figure8:5: Context rules All the fields described in the three rules Figure85 are present in the IPv6 and UDP headers. The ESDevice-ID value is found in the L2 header. The second and third rules use global addresses. The way the ESlearnlearns the prefix is not in the scope of the document.OneThe third rule compresses port numbers to 4 bits. 8. Fragmentation 8.1. Overview Fragmentation in LPWAN is mandatory and it is used if after the SCHC header compression the size of the packet is larger than the L2 data unit maximum payload or if the SCHC header compression is not able to compress the packet. In LPWAN technologies the L2 data unit size typically varies from tens to hundreds of bytes. If the entire IPv6 datagram fits within a single L2 data unit, the fragmentation mechanims is not used and the packet is sent unfragmented. If the datagram does not fit within a single L2 data unit, it SHALL be broken into fragments. Moreover, LPWAN technologies impose some strict limitations on traffic; therefore it is desirable to enable optional fragment retransmission, while a single fragment loss should not lead to retransmitting the full datagram. To preserve energy, Things (End Systems) are sleeping most of the time and may receive data during a short period of time after transmission. This specification enables two main fragment delivery reliability options, namely: Unreliable and Reliable. The same reliability option MUST be used for all fragments of a packet. Note that the fragment delivery reliability option to be used is not necessarily tied to the particular characteristics of the underlying L2 LPWAN technology (e.g. Unreliable may be used on top of an L2 LPWAN technology with symmetric characteristics for uplink and downlink). In Unreliable, the receiver MUST NOT issue acknowledgments and the sender MUST NOT perform fragment transmission retries. In Reliable, there exist two possiblewaysuboptions, namely: packet mode and window mode. In packet mode, the receiver may transmit one acknowledgment (ACK) after all fragments carrying an IPv6 packet have been transmitted. The ACK informs the sender about received and missing fragments from the IPv6 packet. In window mode, an ACK may be transmitted by the fragment receiver after a window of fragments have been sent. A window of fragments is a subset of the fragments needed tousecarry an IPv6 packet. In this mode, the ACK informs the sender about received and missing fragments from the window of fragments. In either mode, upon receipt of an ACK that informs about any lost fragments, the sender may retransmit the lost fragments. The maximum number of ACK and retransmission rounds is TBD. In Reliable, the same reliability suboption MUST be used for all fragments of amanagementpacket. Some LPWAN deployments may benefit from conditioning the creation and transmission of an ACK to the detection of at least one fragment loss (per-packet or per-window), thus leading to negative ACK (NACK)- oriented behavior, while not having such condition may be preferred for other scenarios. This document does not make any decision as to whether Unreliable or Reliable are used, or whether in Reliable a fragment receiver generates ACKs per packet or per window, or whether the transmission of such ACKs is conditioned to the detection of fragment losses or not. A complete specification of the receiver and sender behaviors that correspond to each acknowledgment policy is also out of scope. Nevertheless, this document does provide examples of the different reliability options described. 8.2. Fragment format A fragment comprises a fragmentation header and a fragment payload, and conforms to the format shown in Figure 6. The fragment payload carries a subset of either the IPv6 packet after header compression or an IPv6 packet which could not be compressed. A fragment is the payload in the L2 protocol data unit (PDU). +---------------+-----------------------+ | Fragm. Header | Fragment payload | +---------------+-----------------------+ Figure 6: Fragment format. 8.3. Fragmentation header formats Fragments except the last one SHALL contain the fragmentation header as defined in Figure 7. The total size of this fragmentation header is R bits. <----------- R -----------> <-- N --> +----- ... -----+-- ... --+ | Rule ID | CFN | +----- ... -----+-- ... --+ Figure 7: Fragmentation Header for Fragments except the Last One The last fragment SHALL contain a fragmentation header that conforms to the format shown in Figure 8. The total size of this fragmentation header is R+M bits. <----------- R ----------> <-- N --> <---- M -----> +----- ... -----+-- ... --+---- ... ----+ | Rule ID | 11..1 | MIC | +----- ... -----+-- ... --+---- ... ----+ Figure 8: Fragmentation Header for the Last Fragment Rule ID: this field has a size of R - N bits in all fragments. Rule ID may be used to signal whether Unreliable or Reliable are in use, and within the latter, whether window mode or packet mode are used. CFN: CFN stands for Compressed Fragment Number. The size of the CFN field is N bits. In Unreliable, N=1. For Reliable, N equal to or greater than 3 is recommended. This field is an unsigned integer that carries a non-absolute fragment number. The CFN MUST be setupsequentially decreasing from 2^N - 2 for the first fragment, and MUST wrap from 0 back to 2^N - 2 (e.g. for N=3, the first fragment has CFN=6, subsequent CFNs are set sequentially and inboth end rulesdecreasing order, and CFN will wrap from 0 back to 6). The CFN for theprefixlast fragment has all bits set to 1. Note that, by this definition, the CFN value of 2^N - 1 is only used to identify a fragment as the last fragment carrying a subset of the IPv6 packet being transported, and thus the CFN does not strictly correspond to the N least significant bits of the actual absolute fragment number. It is also important to note that, for N=1, the last fragment of the packet will carry a CFN equal to 1, while all previous fragments will carry a CFN of 0. MIC: MIC stands for Message Integrity Check. This field has a size of M bits. It is computed by the sender over the complete IPv6 packet before fragmentation by using the TBD algorithm. The MIC allows to check for errors in the reassembled IPv6 packet, while it also enables compressing the UDP checksum by use of SCHC. 8.4. ACK format The format of an ACK is shown in Figure 9: <----- R ----> +-+-+-+-+-+-+-+-+----- ... ---+ | Rule ID | bitmap | +-+-+-+-+-+-+-+-+----- ... ---+ Figure 9: Format of an ACK Rule ID: In all ACKs, Rule ID has a size of R bits and SHALL be set to TBD_ACK to signal that the message is an ACK. bitmap: size of the bitmap field of an ACK can be equal to 0 or Ceiling(Number_of_Fragments/8) octets, where Number_of_Fragments denotes the number of fragments of a window (in window mode) or the number of fragments that carry the IPv6 packet (in packet mode). The bitmap is a sequence of bits, where the n-th bit signals whether the n-th fragment transmitted has been correctly received (n-th bit set to 1) or not (n-th bit set to 0). Remaining bits with bit order greater than the number of fragments sent (as determined by the receiver) are set to 0, except for the last bit in the bitmap, which is set to 1 if the last fragment (carrying the MIC) has been correctly received, and 0 otherwise. Absence of the bitmap in an ACK confirms correct reception of all fragments to be acknowledged by means of the ACK. Figure 10 shows an example of an ACK in packet mode, where the bitmap indicates that the second and the ninth fragments have not been correctly received. In this example, the IPv6 packet is carried by eleven fragments in total, therefore the bitmap in has a size of two bytes. 1 <----- R ----> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Rule ID |1|0|1|1|1|1|1|1|0|1|1|0|0|0|0|1| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 10: Example of the Bitmap in an ACK Figure 11 shows an example of an ACK in window mode (N=3), where the bitmap indicates that the second and the fifth fragments have not been correctly received. <----- R ----> 0 1 2 3 4 5 6 7 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Rule ID |1|0|1|1|0|1|1|1| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 11: Example of the bitmap in an ACK (in window mode, for N=3) Figure 12 illustrates an ACK without bitmap. <----- R ----> +-+-+-+-+-+-+-+-+ | Rule ID | +-+-+-+-+-+-+-+-+ Figure 12: Example of an ACK without bitmap 8.5. Baseline mechanism The receiver of link fragments SHALL use (1) the sender's L2 source address (if present), (2) the destination's L2 address (if present), and (3) Rule ID to identify all the fragments that belong to a given datagram. The fragment receiver SHALL determine the fragment delivery reliability option in use for the fragment based on theLPWA network.Rule ID field in that fragment. Upon receipt of a link fragment, the receiver starts constructing the original unfragmented packet. It uses the CFN and the order of arrival of each fragment to determine the location of the individual fragments within the original unfragmented packet. For example, it may place the data payload of the fragments within a payload datagram reassembly buffer at the location determined from the CFN and order of arrival of the fragments, and the fragment payload sizes. Note that the size of the original, unfragmented IPv6 packet cannot be determined from fragmentation headers. In Reliable, when a fragment with all CFN bits set to 0 is received, the recipient MAY transmit an ACK for the last window of fragments sent. Note that the first fragment of the window is the one sent with CFN=2^N-2. In window mode, the fragment with CFN=0 is considered the last fragment of its window, except for the last fragment (with all CFN bits set to 1). Thethird rule compresses port numberslast fragment of a packet is also the last fragment of the last window. Once the recipient has received the last fragment, it checks for the integrity of the reassembled IPv6 datagram, based on4 bits.the MIC received. In Unreliable, if the integrity check indicates that the reassembled IPv6 datagram does not match the original IPv6 datagram (prior to fragmentation), the reassembled IPv6 datagram MUST be discarded. In Reliable, upon receipt of the last fragment (i.e. with all CFN bits set to 1), the recipient MAY transmit an ACK for the last window of fragments sent (window mode) or for the whole set of fragments sent that carry a complete IPv6 packet (packet mode). In Reliable, the sender retransmits any lost fragments reported in the ACK. A maximum of TBD iterations of ACK and fragment retransmission rounds are allowed per-window or per-IPv6-packet in window mode or in packet mode, respectively. A complete specification of the mechanisms needed to enable the above described fragment delivery reliability options is out of the scope of this document. If a fragment recipient disassociates from its L2 network, the recipient MUST discard all link fragments of all partially reassembled payload datagrams, and fragment senders MUST discard all not yet transmitted link fragments of all partially transmitted payload (e.g., IPv6) datagrams. Similarly, when a node first receives a fragment of a packet, it starts a reassembly timer. When this time expires, if the entire packet has not been reassembled, the existing fragments MUST be discarded and the reassembly state MUST be flushed. The reassembly timeout MUST be set to a maximum of TBD seconds). 8.6. Examples Thisvaluesection provides examples of different fragment delivery reliability options possible on the basis of this specification. Figure 13 illustrates the transmission of an IPv6 packet that needs 11 fragments in Unreliable. Sender Receiver |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=0-------->| |-------CFN=1-------->|MIC checked => Figure 13: Transmission of an IPv6 packet carried by 11 fragments in Unreliable Figure 14 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, for N=3, NACK-oriented packet mode, without losses. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=3-------->| |-------CFN=2-------->| |-------CFN=1-------->| |-------CFN=0-------->| |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=7-------->|MIC checked => (no NACK) Figure 14: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, NACK-oriented packet mode; no losses. Figure 15 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, for N=3, NACK-oriented packet mode, with three losses. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=3-------->| |-------CFN=2---X---->| |-------CFN=1-------->| |-------CFN=0-------->| |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=7-------->|MIC checked => |<-------NACK---------|Bitmap:1101011110100000 |-------CFN=4-------->| |-------CFN=2-------->| |-------CFN=4-------->|MIC checked => (no NACK) Figure 15: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, NACK-oriented packet mode; three losses. Figure 16 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, window mode, for N=3, without losses. Receiver feedback is NACK-oriented. Note: in window mode, an additional bit will be needed to number windows. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=3-------->| |-------CFN=2-------->| |-------CFN=1-------->| |-------CFN=0-------->| (no NACK) |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=7-------->|MIC checked => (no NACK) Figure 16: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, NACK-oriented window mode; without losses. Figure 17 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, window mode, for N=3, with three losses. Receiver feedback is NACK-oriented. Note: in window mode, an additional bit will be needed to number windows. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=3-------->| |-------CFN=2---X---->| |-------CFN=1-------->| |-------CFN=0-------->| |<-------NACK---------|Bitmap:11010110 |-------CFN=4-------->| |-------CFN=2-------->| (no NACK) |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=7-------->|MIC checked => |<-------NACK---------|Bitmap:11010000 |-------CFN=4-------->|MIC checked => (no NACK) Figure 17: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, NACK-oriented window mode; three losses. Figure 18 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, packet mode, for N=3, without losses. Receiver feedback is positive-ACK-oriented. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=3-------->| |-------CFN=2-------->| |-------CFN=1-------->| |-------CFN=0-------->| |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=7-------->|MIC checked => |<-------ACK----------|no bitmap (End) Figure 18: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, packet mode, positive-ACK-oriented; no losses. Figure 19 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, packet mode, for N=3, with three losses. Receiver feedback is positive-ACK-oriented. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=3-------->| |-------CFN=2---X---->| |-------CFN=1-------->| |-------CFN=0-------->| |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=7-------->|MIC checked => |<-------ACK----------|bitmap:1101011110100000 |-------CFN=4-------->| |-------CFN=2-------->| |-------CFN=4-------->|MIC checked => |<-------ACK----------|no bitmap (End) Figure 19: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, packet mode, positive-ACK-oriented; with three losses. 8.6.1. Reliable, window mode, ACK-oriented Figure 20 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, window mode, for N=3, without losses. Receiver feedback is positive-ACK-oriented. Note: in window mode, an additional bit will be needed to number windows. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=3-------->| |-------CFN=2-------->| |-------CFN=1-------->| |-------CFN=0-------->| |<-------ACK----------|no bitmap |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4-------->| |-------CFN=7-------->|MIC checked => |<-------ACK----------|no bitmap (End) Figure 20: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, window mode, positive-ACK-oriented; no losses. Figure 21 illustrates the transmission of an IPv6 packet that needs 11 fragments in Reliable, window mode, for N=3, with three losses. Receiver feedback isselectedpositive-ACK-oriented. Note: in window mode, an additional bit will be needed tomaintain alignmentnumber windows. Sender Receiver |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=3-------->| |-------CFN=2---X---->| |-------CFN=1-------->| |-------CFN=0-------->| |<-------ACK----------|bitmap:11010110 |-------CFN=4-------->| |-------CFN=2-------->| |<-------ACK----------|no bitmap |-------CFN=6-------->| |-------CFN=5-------->| |-------CFN=4---X---->| |-------CFN=7-------->|MIC checked => |<-------ACK----------|bitmap:11010000 |-------CFN=4-------->|MIC checked => |<-------ACK----------|no bitmap (End) Figure 21: Transmission of an IPv6 packet carried by 11 fragments in Reliable, for N=3, window mode, positive-ACK-oriented; with three losses. 9. Security considerations 9.1. Security considerations for header compression TBD 9.2. Security considerations for fragmentation This subsection describes potential attacks to LPWAN fragmentation and proposes countermeasures, based onbyte boundariesexisting analysis of attacks to 6LoWPAN fragmentation {HHWH}. A node can perform a buffer reservation attack by sending a first fragment to a target. Then, the receiver will reserve buffer space for thecompressed header. 6.whole packet on the basis of the datagram size announced in that first fragment. Other incoming fragmented packets will be dropped while the reassembly buffer is occupied during the reassembly timeout. Once that timeout expires, the attacker can repeat the same procedure, and iterate, thus creating a denial of service attack. The (low) cost to mount this attack is linear with the number of buffers at the target node. However, the cost for an attacker can be increased if individual fragments of multiple packets can be stored in the reassembly buffer. To further increase the attack cost, the reassembly buffer can be split into fragment-sized buffer slots. Once a packet is complete, it is processed normally. If buffer overload occurs, a receiver can discard packets based on the sender behavior, which may help identify which fragments have been sent by an attacker. In another type of attack, the malicious node is required to have overhearing capabilities. If an attacker can overhear a fragment, it can send a spoofed duplicate (e.g. with random payload) to the destination. A receiver cannot distinguish legitimate from spoofed fragments. Therefore, the original IPv6 packet will be considered corrupt and will be dropped. To protect resource-constrained nodes from this attack, it has been proposed to establish a binding among the fragments to be transmitted by a node, by applying content- chaining to the different fragments, based on cryptographic hash functionality. The aim of this technique is to allow a receiver to identify illegitimate fragments. Further attacks may involve sending overlapped fragments (i.e. comprising some overlapping parts of the original IPv6 datagram). Implementers should make sure that correct operation is not affected by such event. 10. Acknowledgements Thanks to Dominique Barthel, Carsten Bormann, Arunprabhu Kandasamy, Antony Markovski, Alexander Pelov, Pascal Thubert, Juan Carlos Zuniga for useful design consideration.7. Normative References [I-D.minaburo-lp-wan-gap-analysis] Minaburo, A., Pelov, A., and L. Toutain, "LP-WAN GAP Analysis", draft-minaburo-lp-wan-gap-analysis-01 (workIn the fragmentation section, the authors have reused parts of text available inprogress), February 2016. [RFC0768] Postel, J., "User Datagram Protocol", STD 6,section 5.3 of RFC768, DOI 10.17487/RFC0768, August 1980, <http://www.rfc-editor.org/info/rfc768>.4944, and would like to thank the authors of RFC 4944. Carles Gomez has been funded in part by the Spanish Government (Ministerio de Educacion, Cultura y Deporte) through the Jose Castillejo grant CAS15/00336, and by the ERDF and the Spanish Government through project TEC2016-79988-P. Part of his contribution to this work has been carried out during his stay as a visiting scholar at the Computer Laboratory of the University of Cambridge. 11. References 11.1. Normative References [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, December 1998, <http://www.rfc-editor.org/info/rfc2460>. [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, "Transmission of IPv6 Packets over IEEE 802.15.4 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, <http://www.rfc-editor.org/info/rfc4944>.[RFC4997] Finking, R. and G. Pelletier, "Formal Notation for RObust Header Compression (ROHC-FN)", RFC 4997, DOI 10.17487/RFC4997, July 2007, <http://www.rfc-editor.org/info/rfc4997>. [RFC6282] Hui, J., Ed.11.2. Informative References [I-D.ietf-lpwan-overview] Farrell, S., "LPWAN Overview", draft-ietf-lpwan- overview-01 (work in progress), February 2017. [I-D.minaburo-lp-wan-gap-analysis] Minaburo, A., Pelov, A., andP. Thubert, "Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, DOI 10.17487/RFC6282, September 2011, <http://www.rfc-editor.org/info/rfc6282>.L. Toutain, "LP-WAN GAP Analysis", draft-minaburo-lp-wan-gap-analysis-01 (work in progress), February 2016. Authors' Addresses Ana Minaburo Acklio 2bis rue de la Chataigneraie 35510 Cesson-Sevigne Cedex France Email: ana@ackl.io Laurent ToutainInstitut MINES TELECOM ; TELECOM BretagneIMT-Atlantique 2 rue de la Chataigneraie CS 17607 35576 Cesson-Sevigne Cedex France Email:Laurent.Toutain@telecom-bretagne.euLaurent.Toutain@imt-atlantique.fr Carles Gomez Universitat Politecnica de Catalunya C/Esteve Terradas, 7 08860 Castelldefels Spain Email: carlesgo@entel.upc.edu