< draft-ietf-6lo-rfc6775-update-19.txt   draft-ietf-6lo-rfc6775-update-20.txt >
6lo P. Thubert, Ed. 6lo P. Thubert, Ed.
Internet-Draft Cisco Internet-Draft Cisco
Updates: 6775 (if approved) E. Nordmark Updates: 6775 (if approved) E. Nordmark
Intended status: Standards Track Zededa Intended status: Standards Track Zededa
Expires: October 25, 2018 S. Chakrabarti Expires: December 8, 2018 S. Chakrabarti
Verizon Verizon
C. Perkins C. Perkins
Futurewei Futurewei
April 23, 2018 June 6, 2018
Registration Extensions for 6LoWPAN Neighbor Discovery Registration Extensions for 6LoWPAN Neighbor Discovery
draft-ietf-6lo-rfc6775-update-19 draft-ietf-6lo-rfc6775-update-20
Abstract Abstract
This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to
clarify the role of the protocol as a registration technique, clarify the role of the protocol as a registration technique,
simplify the registration operation in 6LoWPAN routers, as well as to simplify the registration operation in 6LoWPAN routers, as well as to
provide enhancements to the registration capabilities and mobility provide enhancements to the registration capabilities and mobility
detection for different network topologies including the backbone detection for different network topologies including the backbone
routers performing proxy Neighbor Discovery in a low power network. routers performing proxy Neighbor Discovery in a low power network.
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 25, 2018. This Internet-Draft will expire on December 8, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 17 skipping to change at page 2, line 17
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. BCP 14 . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1. BCP 14 . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2. References . . . . . . . . . . . . . . . . . . . . . . . 4 2.2. References . . . . . . . . . . . . . . . . . . . . . . . 4
2.3. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 5 2.3. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 4
2.4. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . . . 6 2.4. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . . . 5
3. Applicability of Address Registration Options . . . . . . . . 7 3. Applicability of Address Registration Options . . . . . . . . 6
4. Extended ND Options and Messages . . . . . . . . . . . . . . 8 4. Extended ND Options and Messages . . . . . . . . . . . . . . 7
4.1. Extended Address Registration Option (EARO) . . . . . . . 8 4.1. Extended Address Registration Option (EARO) . . . . . . . 7
4.2. Extended Duplicate Address Message Formats . . . . . . . 12 4.2. Extended Duplicate Address Message Formats . . . . . . . 11
4.3. New 6LoWPAN Capability Bits in the Capability Indication 4.3. New 6LoWPAN Capability Bits in the Capability Indication
Option . . . . . . . . . . . . . . . . . . . . . . . . . 13 Option . . . . . . . . . . . . . . . . . . . . . . . . . 12
5. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 14 5. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 13
5.1. Extending the Address Registration Option . . . . . . . . 15 5.1. Extending the Address Registration Option . . . . . . . . 14
5.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 16 5.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 15
5.2.1. Comparing TID values . . . . . . . . . . . . . . . . 16 5.2.1. Comparing TID values . . . . . . . . . . . . . . . . 15
5.3. Registration Ownership Verifier . . . . . . . . . . . . . 18 5.3. Registration Ownership Verifier (ROVR) . . . . . . . . . 17
5.4. Extended Duplicate Address Messages . . . . . . . . . . . 19 5.4. Extended Duplicate Address Messages . . . . . . . . . . . 18
5.5. Registering the Target Address . . . . . . . . . . . . . 19 5.5. Registering the Target Address . . . . . . . . . . . . . 18
5.6. Link-Local Addresses and Registration . . . . . . . . . . 20 5.6. Link-Local Addresses and Registration . . . . . . . . . . 19
5.7. Maintaining the Registration States . . . . . . . . . . . 22 5.7. Maintaining the Registration States . . . . . . . . . . . 20
6. Backward Compatibility . . . . . . . . . . . . . . . . . . . 23 6. Backward Compatibility . . . . . . . . . . . . . . . . . . . 22
6.1. Signaling EARO Capability Support . . . . . . . . . . . . 24 6.1. Signaling EARO Capability Support . . . . . . . . . . . . 23
6.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 24 6.2. RFC6775-only 6LN . . . . . . . . . . . . . . . . . . . . 23
6.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 25 6.3. RFC6775-only 6LR . . . . . . . . . . . . . . . . . . . . 23
6.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 25 6.4. RFC6775-only 6LBR . . . . . . . . . . . . . . . . . . . . 24
7. Security Considerations . . . . . . . . . . . . . . . . . . . 25 7. Security Considerations . . . . . . . . . . . . . . . . . . . 24
8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 27 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 26
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27
9.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . . 28 9.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . . 27
9.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 28 9.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 27
9.3. New ARO Status values . . . . . . . . . . . . . . . . . . 29 9.3. New ARO Status values . . . . . . . . . . . . . . . . . . 29
9.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . . 30 9.4. New 6LoWPAN Capability Bits . . . . . . . . . . . . . . . 29
10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 30
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 31 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 30
11.1. Normative References . . . . . . . . . . . . . . . . . . 31 11.1. Normative References . . . . . . . . . . . . . . . . . . 30
11.2. Terminology Related References . . . . . . . . . . . . . 32 11.2. Terminology Related References . . . . . . . . . . . . . 31
11.3. Informative References . . . . . . . . . . . . . . . . . 32 11.3. Informative References . . . . . . . . . . . . . . . . . 32
11.4. External Informative References . . . . . . . . . . . . 36 11.4. External Informative References . . . . . . . . . . . . 35
Appendix A. Applicability and Requirements Served (Not Appendix A. Applicability and Requirements Served (Not
Normative) . . . . . . . . . . . . . . . . . . . . . 36 Normative) . . . . . . . . . . . . . . . . . . . . . 35
Appendix B. Requirements (Not Normative) . . . . . . . . . . . . 37 Appendix B. Requirements (Not Normative) . . . . . . . . . . . . 36
B.1. Requirements Related to Mobility . . . . . . . . . . . . 37 B.1. Requirements Related to Mobility . . . . . . . . . . . . 36
B.2. Requirements Related to Routing Protocols . . . . . . . . 38 B.2. Requirements Related to Routing Protocols . . . . . . . . 37
B.3. Requirements Related to the Variety of Low-Power Link B.3. Requirements Related to the Variety of Low-Power Link
types . . . . . . . . . . . . . . . . . . . . . . . . . . 39 types . . . . . . . . . . . . . . . . . . . . . . . . . . 38
B.4. Requirements Related to Proxy Operations . . . . . . . . 39 B.4. Requirements Related to Proxy Operations . . . . . . . . 39
B.5. Requirements Related to Security . . . . . . . . . . . . 40 B.5. Requirements Related to Security . . . . . . . . . . . . 39
B.6. Requirements Related to Scalability . . . . . . . . . . . 41 B.6. Requirements Related to Scalability . . . . . . . . . . . 41
B.7. Requirements Related to Operations and Management . . . . 42 B.7. Requirements Related to Operations and Management . . . . 41
B.8. Matching Requirements with Specifications . . . . . . . . 42 B.8. Matching Requirements with Specifications . . . . . . . . 42
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43
1. Introduction 1. Introduction
The scope of this draft is an IPv6 Low-Power Network including star IPv6 Low-Power Lossy Networks (LLNs) support star and mesh
and mesh topologies. In that context, "Neighbor Discovery topologies. For such networks, "Neighbor Discovery Optimization for
Optimization for IPv6 over Low-Power Wireless Personal Area Networks" IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND)
(6LoWPAN ND) [RFC6775] defines a registration mechanism that [RFC6775] defines a registration mechanism and a central registrar to
leverages a central registrar for the main purpose of Duplicate assure unique addresses. The 6LoWPAN ND mechanism reduces the
Address Detection (DAD), with the intention to reduce the dependency dependency of the IPv6 Neighbor Discovery Protocol (IPv6 ND)
of the IPv6 Neighbor Discovery Protocol (IPv6 ND) [RFC4861][RFC4862] [RFC4861][RFC4862] on network-layer multicast and link-layer
on network-layer multicast and link-layer broadcast operations. broadcast operations.
This specification updates 6LoWPAN ND to simplify the registration
operation in 6LoWPAN routers and to extend the protocol as a more
generic registration technique. The specified updates enable other
specifications to define new services such as Source Address
Validation (SAVI) with [I-D.ietf-6lo-ap-nd], participation as an
unaware leaf to an abstract routing protocol such as the "Routing
Protocol for Low Power and Lossy Networks" [RFC6550] (RPL) with
[I-D.thubert-roll-unaware-leaves], and registration to a backbone
routers performing proxy Neighbor Discovery in a Low-Power and Lossy
Network (LLN) with [I-D.ietf-6lo-backbone-router].
In more details, this specification modifies and extends the behavior This specification updates 6LoWPAN ND to simplify and generalize
and protocol elements of 6LoWPAN ND to enable the following new registration in 6LoWPAN routers (6LRs). In particular, this
capabilities: specification modifies and extends the behavior and protocol elements
of 6LoWPAN ND to enable the following actions:
o determining the freshest location in case of mobility (TID) o Determine the freshest location in case of node mobility
o Simplifying the registration flow for Link-Local Addresses o Simplify the registration flow for Link-Local Addresses
o Support of a Leaf Node in a Route-Over network o Support of a Leaf Node in a Route-Over network
o Proxy registration in a Route-Over network o Proxy registration in a Route-Over network
o Associating the registration with a variable-length Registration
o Associate the registration with a variable-length Registration
Ownership Verifier (ROVR) Ownership Verifier (ROVR)
o Registration to a IPv6 ND proxy over a Backbone Link (6BBR) o Registration via an IPv6 ND proxy over a Backbone Link (6BBR)
o Clarification of support for privacy and temporary addresses o Better support for privacy and temporary addresses
A more comprehensive set of requirements is provided in Appendix B. These features satisfy requirements as listed in Appendix B.
2. Terminology 2. Terminology
2.1. BCP 14 2.1. BCP 14
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119][RFC8174] when, and only when, they appear in all 14 [RFC2119][RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
2.2. References 2.2. References
The Terminology used in this document is consistent with and In this document, readers will encounter terms and concepts that are
incorporates that described in Terms Used in Routing for Low-Power discussed in the following documents:
and Lossy Networks (LLNs). [RFC7102].
Other terms in use in LLNs are found in Terminology for Constrained-
Node Networks [RFC7228].
Readers are expected to be familiar with all the terms and concepts o "Cryptographically Generated Addresses (CGA)" [RFC3972],
that are discussed in
o "Neighbor Discovery for IP version 6" [RFC4861], o "Neighbor Discovery for IP version 6" [RFC4861],
o "IPv6 Stateless Address Autoconfiguration" [RFC4862], o "IPv6 Stateless Address Autoconfiguration" [RFC4862],
o "Problem Statement and Requirements for IPv6 over Low-Power
Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606],
o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs):
Overview, Assumptions, Problem Statement, and Goals" [RFC4919] and Overview, Assumptions, Problem Statement, and Goals" [RFC4919],
o "Problem Statement and Requirements for IPv6 over Low-Power
Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], and
o "Neighbor Discovery Optimization for Low-power and Lossy Networks" o "Neighbor Discovery Optimization for Low-power and Lossy Networks"
[RFC6775]. [RFC6775],
2.3. New Terms 2.3. New Terms
Backbone Link: An IPv6 transit link that interconnects two or more Backbone Link: An IPv6 transit link that interconnects two or more
Backbone Routers. It is expected to be of high speed compared Backbone Routers.
to the LLN in order to carry the traffic that is required to
federate multiple segments of the potentially large LLN into a
single IPv6 subnet.
Backbone Router: A logical network function in an IPv6 router that
federates an LLN over a Backbone Link. In order to do so, the
Backbone Router (6BBR) proxies the 6LoWPAN ND operations
detailed in this document onto the matching operations that run
over the backbone, typically IPv6 ND. Note that 6BBR is a
logical function, just like 6LR and 6LBR, and that the same
physical router may operate all three.
Extended LLN: Multiple LLNs as defined in [RFC6550], interconnected Backbone Router (6BBR): A logical network function in an IPv6 router
by a Backbone Link via Backbone Routers, and forming a single that proxies the 6LoWPAN ND operations specified in this
IPv6 Multi-Link Subnet. document to assure address uniqueness and other functions
required so that multiple LLNs can operate as a single IPv6
network.
Registration: The process during which a 6LN registers an IPv6 Binding: The association between an IP address, a MAC address, and
Address with a 6LR in order to obtain services such as DAD and other information about the node that owns the IP Address.
routing back. In a Route-Over network, a 6LBR may serve as
proxy for the registration of the 6LN to the 6BBR so the 6BBR
can provide IPv6 ND proxy services over the Backbone.
Binding: The association between an IP address, a MAC address, a Registration: The process by which a 6LN registers an IPv6 Address
physical port on a switch, and other information about the node with a 6LR in order to establish connectivity to the LLN. In a
that owns the IP Address. Route-Over network, a 6LBR may register the 6LN to the 6BBR.
Registered Node: The 6LN for which the registration is performed, Registered Node: The 6LN for which the registration is performed,
and which owns the fields in the Extended ARO option. and which owns the fields in the Extended ARO option.
Registering Node: The node that performs the registration; this may Registering Node: The node that performs the registration; either
be the Registered Node, or a proxy such as a 6LBR performing a the Registered Node or a proxy.
registration to a 6BBR, on behalf of the Registered Node.
Registered Address: An address owned by the Registered Node that was Registered Address: An address registered for the Registered Node.
or is being registered.
RFC6775-only: Applied to an implementation, a type of node, or a RFC6775-only: An implementation, a type of node, or a message that
type of message, this adjective indicates a behavior that is behaves only as specified by [RFC6775], as opposed to the
strictly as specified by [RFC6775] as opposed to updated with behavior specified in this document.
this specification.
updated: Qualifies a 6LN, a 6LR, or a 6LBR that supports this Route-Over network: A network for which connectivity provided at the
specification. IP layer.
updated: A 6LN, a 6LR, or a 6LBR that supports this specification,
in contrast to an RFC6775-only device.
2.4. Subset of a 6LoWPAN Glossary 2.4. Subset of a 6LoWPAN Glossary
This document often uses the following acronyms: This document often uses the following acronyms:
6BBR: 6LoWPAN Backbone Router (proxy for the registration) 6BBR: 6LoWPAN Backbone Router
6LBR: 6LoWPAN Border Router (authoritative on DAD) 6LBR: 6LoWPAN Border Router
6LN: 6LoWPAN Node 6LN: 6LoWPAN Node
6LR: 6LoWPAN Router (relay to the registration process) 6LR: 6LoWPAN Router
6CIO: Capability Indication Option 6CIO: Capability Indication Option
(E)ARO: (Extended) Address Registration Option EARO: (Extended) Address Registration Option -- (E)ARO
(E)DAR: (Extended) Duplicate Address Request EDAR: (Extended) Duplicate Address Request -- (E)DAR
(E)DAC: (Extended) Duplicate Address Confirmation EDAC: (Extended) Duplicate Address Confirmation -- (E)DAC
DAD: Duplicate Address Detection DAD: Duplicate Address Detection
DODAG: Destination-Oriented Directed Acyclic Graph DODAG: Destination-Oriented Directed Acyclic Graph
LLN: Low-Power and Lossy Network (a typical IoT network) LLN: Low-Power and Lossy Network
NA: Neighbor Advertisement NA: Neighbor Advertisement
NCE: Neighbor Cache Entry NCE: Neighbor Cache Entry
ND: Neighbor Discovery ND: Neighbor Discovery
NDP: Neighbor Discovery Protocol NDP: Neighbor Discovery Protocol
NS: Neighbor Solicitation NS: Neighbor Solicitation
ROVR: Registration Ownership Verifier (pronounced rover) ROVR: Registration Ownership Verifier (pronounced rover)
RPL: IPv6 Routing Protocol for LLNs (pronounced ripple) RPL: IPv6 Routing Protocol for LLNs (pronounced ripple) [RFC6550]
RA: Router Advertisement RA: Router Advertisement
RS: Router Solicitation RS: Router Solicitation
TSCH: Timeslotted Channel Hopping
TID: Transaction ID (a sequence counter in the EARO) TID: Transaction ID (a sequence counter in the EARO)
3. Applicability of Address Registration Options 3. Applicability of Address Registration Options
The purpose of the Address Registration Option (ARO) in [RFC6775] is The Address Registration Option (ARO) in [RFC6775] facilitates
to facilitate duplicate address detection (DAD) for hosts as well as Duplicate Address Detection (DAD) for hosts and populates Neighbor
to populate Neighbor Cache Entries (NCEs) [RFC4861] in the routers. Cache Entries (NCEs) [RFC4861] in the routers. This reduces the
This reduces the reliance on multicast operations, which are often as reliance on multicast operations, which are often as intrusive as
intrusive as broadcast, in IPv6 ND operations. broadcast, in IPv6 ND operations (see
[I-D.ietf-mboned-ieee802-mcast-problems]).
With this specification, a failed or useless registration can be With this specification, a failed or useless registration can be
detected by a 6LR or a 6LBR for reasons other than address rejected by a 6LR or a 6LBR for reasons other than address
duplication. Examples include: the router having run out of space; a duplication. Examples include:
registration bearing a stale sequence number perhaps denoting a
movement of the host after the registration was placed; a host o the router having run out of space;
misbehaving and attempting to register an invalid address such as the
unspecified address [RFC4291]; or a host using an address that is not o a registration bearing a stale sequence number perhaps denoting a
topologically correct on that link. movement of the host after the registration was placed;
o a host misbehaving and attempting to register an invalid address
such as the unspecified address [RFC4291];
o a host using an address that is not topologically correct on that
link.
In such cases the host will receive an error to help diagnose the In such cases the host will receive an error to help diagnose the
issue and may retry, possibly with a different address, and possibly issue and may retry, possibly with a different address, and possibly
registering to a different router, depending on the returned error. registering to a different router, depending on the returned error.
The ability to return errors to address registrations is not intended The ability to return errors to address registrations is not intended
to be used to restrict the ability of hosts to form and use multiple to be used to restrict the ability of hosts to form and use multiple
addresses. Rather, the intention is to conform to "Host Address addresses. Each host may form and register a number of addresses for
Availability Recommendations" [RFC7934]. enhanced privacy, using mechanisms such as "Privacy Extensions for
Stateless Address Autoconfiguration (SLAAC) in IPv6" [RFC4941], and
In particular, the freedom to form and register addresses is needed SHOULD conform to "Host Address Availability Recommendations"
for enhanced privacy; each host may register a number of addresses [RFC7934].
using mechanisms such as "Privacy Extensions for Stateless Address
Autoconfiguration (SLAAC) in IPv6" [RFC4941].
In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for
all directly connected addresses to which it is currently forwarding all directly connected addresses to which it is currently forwarding
packets (entries that do not appear to be in use may be flushed). In packets (unused entries may be flushed). In contrast, a router
contrast, a router serving the Address Registration mechanism needs serving the Address Registration mechanism needs enough storage to
enough storage to hold NCEs for all the addresses that may be hold NCEs for all the addresses that may be registered to it,
registered to it, regardless of whether or not they are actively regardless of whether or not they are actively communicating. The
communicating. The number of registrations supported by a 6LoWPAN number of registrations supported by a 6LoWPAN Router (6LR) or
Router (6LR) or 6LoWPAN Border Router (6LBR) MUST be clearly 6LoWPAN Border Router (6LBR) MUST be clearly documented by the vendor
documented by the vendor and the dynamic use of associated resources and the dynamic use of associated resources SHOULD be made available
SHOULD be made available to the network operator, e.g., to a to the network operator, e.g., to a management console. Network
management console. administrators need to ensure that 6LR/6LBRs in their network support
the number and type of devices that can register to them, based on
In order to deploy this, network administrators need to ensure that the number of IPv6 addresses that those devices require and their
6LR/6LBRs in their network support the number and type of devices address renewal rate and behavior.
that can register to them, based on the number of IPv6 addresses that
those devices require and their address renewal rate and behavior.
4. Extended ND Options and Messages 4. Extended ND Options and Messages
This specification does not introduce new options, but it modifies This specification does not introduce new options; it modifies
existing ones and updates the associated behaviors as specified in existing options and updates the associated behaviors.
the following subsections.
4.1. Extended Address Registration Option (EARO) 4.1. Extended Address Registration Option (EARO)
The Address Registration Option (ARO) is defined in section 4.1 of The Address Registration Option (ARO) is defined in section 4.1 of
[RFC6775]. [RFC6775].
This specification introduces the Extended Address Registration This specification introduces the Extended Address Registration
Option (EARO) based on the ARO for use in NS and NA messages. The Option (EARO) based on the ARO for use in NS and NA messages. The
EARO conveys additional information such as a sequence counter called EARO includes a sequence counter called Transaction ID (TID) that is
Transaction ID (TID) that is used to determine the latest location of used to determine the latest location of a registering mobile device.
a registering mobile device. A new 'T' flag indicates that the TID A new 'T' flag indicates the presence of the TID field is populated
field is populated and that the option is an EARO. and that the option is an EARO. A 6LN requests routing or proxy
services from a 6LR using a new 'R' flag in the EARO.
The EARO also signals whether the 6LN expects routing or proxy
services from the 6LR using a new 'R' flag.
The EUI-64 field is overloaded and renamed ROVR in order to carry The EUI-64 field is redefined and renamed ROVR in order to carry
different types of information, e.g., cryptographic information of different types of information, e.g., cryptographic information of
variable size. A larger ROVR size may be used if and only if variable size. A larger ROVR size MAY be used if and only if
backward compatibility is not an issue in the particular deployment. backward compatibility is not an issue in the particular deployment.
Note that the length of the ROVR field expressed in units of 8 bytes The length of the ROVR field expressed in units of 8 bytes is the
is the Length of the option minus 1. Length of the option minus 1.
Section 5.1 discusses those changes in depth. Section 5.1 discusses those changes in depth.
The format of the EARO is as follows: The format of the EARO is shown in Figure 1:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Status | Opaque | | Type | Length | Status | Opaque |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Rsvd | I |R|T| TID | Registration Lifetime | | Rsvd | I |R|T| TID | Registration Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
... Registration Ownership Verifier ... ... Registration Ownership Verifier ...
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: EARO Figure 1: EARO Option Format
Option Fields: Option Fields:
Type: 33 Type: 33
Length: 8-bit unsigned integer. The length of the whole Length: 8-bit unsigned integer. The length of the option in
option in units of 8 bytes. It MUST be 2 when units of 8 bytes.
operating in a backward-compatible mode with a ROVR
size of 64 bits. It MAY be 3, 4 or 5, denoting a
ROVR size of 128, 192 and 256 bits respectively.
Status: 8-bit unsigned integer. Indicates the status of a Status: 8-bit unsigned integer. Indicates the status of a
registration in the NA response. MUST be set to 0 in registration in the NA response. MUST be set to 0 in
NS messages. See Table 1 below. NS messages. See Table 1 below.
Opaque: An octet opaque to ND; the 6LN MAY pass it
transparently to another process. It MUST be set to
zero when not used.
Rsvd (Reserved): This field is unused. It MUST be initialized to Rsvd (Reserved): This field is unused. It MUST be initialized to
zero by the sender and MUST be ignored by the zero by the sender and MUST be ignored by the
receiver. receiver.
Opaque: One-byte Opaque field; this is an octet is opaque to
ND but that the 6LN may wish to pass transparently to
another process. This field MUST be set to zero
unless the 6LN has a policy to set it otherwise.
I: Two-bit Integer: A value of zero indicates that the I: Two-bit Integer: A value of zero indicates that the
Opaque field carries an abstract index that is used Opaque field carries an abstract index that is used
to decide in which routing topology the address is to decide in which routing topology the address is
expected to be injected. In that case, the Opaque expected to be injected. In that case, the Opaque
field is passed to a routing process with the field is passed to a routing process with the
indication that this is a topology information, and indication that it carries topology information, and
the value of 0 indicates default. All other values the value of 0 indicates default. All other values
of "I" are reserved and MUST NOT be used. of "I" are reserved and MUST NOT be used.
R: One-bit flag. If the 'R' flag is set, the R: The Registering Node sets the 'R' flag to request
Registering Node expects that the 6LR ensures
reachability for the registered address, e.g., by reachability for the registered address, e.g., by
injecting the address in a Route-Over routing advertising the address in a Route-Over routing
protocol or proxying ND over a Backbone Link. protocol or proxying ND over a Backbone Link.
T: One-bit flag. Set if the next octet is used as a T: One-bit flag. Set if the next octet is used as a
TID. TID.
TID: One-byte integer; a Transaction ID that is maintained TID: One-byte integer; a Transaction ID that is maintained
by the node and incremented with each transaction of by the node and incremented with each transaction of
one or more registrations performed at the same time one or more registrations performed at the same time
to one or more respective 6LRs. This field MUST be to one or more respective 6LRs. This field MUST be
ignored if the 'T' flag is not set. ignored if the 'T' flag is not set.
Registration Lifetime: 16-bit integer; expressed in minutes. A Registration Lifetime: 16-bit integer; expressed in minutes. A
value of 0 indicates that the registration has ended value of 0 indicates that the registration has ended
and that the associated state MUST be removed. and that the associated state MUST be removed.
Registration Ownership Verifier (ROVR): Enables the correlation Registration Ownership Verifier (ROVR): Enables the correlation
between multiple attempts to register a same IPv6 between multiple attempts to register a same IPv6
Address. The ROVR is stored in the 6LR and the 6LBR Address. The ROVR size MUST be 64 bits when backward
in the state associated to the registration. This compatibility is needed; otherwise the size MAY be
can be a unique ID of the Registering Node, such as 128, 192, or 256 bits.
the EUI-64 address of an interface. This can also be
a token obtained with cryptographic methods which can
be used in additional protocol exchanges to associate
a cryptographic identity (key) with this registration
to ensure that only the owner can modify it later.
The scope of a ROVR is the registration of a
particular IPv6 Address and it must not be used to
correlate registrations of different addresses.
+-------+-----------------------------------------------------------+ +-------+-----------------------------------------------------------+
| Value | Description | | Value | Description |
+-------+-----------------------------------------------------------+ +-------+-----------------------------------------------------------+
| 0..2 | See [RFC6775]. Note: a Status of 1 ("Duplicate Address") | | 0..2 | As defined in [RFC6775]. Note: a Status of 1 ("Duplicate |
| | applies to the Registered Address. If the Source Address | | | Address") applies to the Registered Address. If the |
| | conflicts with an existing registration, "Duplicate | | | Source Address conflicts with an existing registration, |
| | Source Address" MUST be used. | | | "Duplicate Source Address" MUST be used. |
| | | | | |
| 3 | Moved: The registration failed because it is not the | | 3 | Moved: The registration failed because it is not the |
| | freshest. This Status indicates that the registration is | | | freshest. This Status indicates that the registration is |
| | rejected because another more recent registration was | | | rejected because another more recent registration was |
| | done, as indicated by a same ROVR and a more recent TID. | | | done, as indicated by a same ROVR and a more recent TID. |
| | One possible cause is a stale registration that has | | | One possible cause is a stale registration that has |
| | progressed slowly in the network and was passed by a more | | | progressed slowly in the network and was passed by a more |
| | recent one. It could also indicate a ROVR collision. | | | recent one. It could also indicate a ROVR collision. |
| | | | | |
| 4 | Removed: The binding state was removed. This status may | | 4 | Removed: The binding state was removed. This status MAY |
| | be placed in an NA(EARO) message that is sent as the | | | be placed in an NA(EARO) message that is sent as the |
| | rejection of a proxy registration to a Backbone Router, | | | rejection of a proxy registration to a Backbone Router, |
| | or in an asynchronous NA(EARO) at any time. | | | or in an asynchronous NA(EARO) at any time. |
| | | | | |
| 5 | Validation Requested: The Registering Node is challenged | | 5 | Validation Requested: The Registering Node is challenged |
| | for owning the Registered Address or for being an | | | for owning the Registered Address or for being an |
| | acceptable proxy for the registration. This Status may | | | acceptable proxy for the registration. A registrar (6LR, |
| | be received in asynchronous DAC or NA messages from a | | | 6LBR, 6BBR) MAY place this Status in asynchronous DAC or |
| | registrar (6LR, 6LBR, 6BBR). | | | NA messages. |
| | | | | |
| 6 | Duplicate Source Address: The address used as source of | | 6 | Duplicate Source Address: The address used as source of |
| | the NS(EARO) conflicts with an existing registration. | | | the NS(EARO) conflicts with an existing registration. |
| | | | | |
| 7 | Invalid Source Address: The address used as source of the | | 7 | Invalid Source Address: The address used as source of the |
| | NS(EARO) is not a Link-Local Address. | | | NS(EARO) is not a Link-Local Address. |
| | | | | |
| 8 | Registered Address topologically incorrect: The address | | 8 | Registered Address topologically incorrect: The address |
| | being registered is not usable on this link, e.g., it is | | | being registered is not usable on this link. |
| | not topologically correct |
| | | | | |
| 9 | 6LBR Registry saturated: A new registration cannot be | | 9 | 6LBR Registry saturated: A new registration cannot be |
| | accepted because the 6LBR Registry is saturated. Note: | | | accepted because the 6LBR Registry is saturated. Note: |
| | this code is used by 6LBRs instead of Status 2 when | | | this code is used by 6LBRs instead of Status 2 when |
| | responding to a Duplicate Address message exchange and is | | | responding to a Duplicate Address message exchange and is |
| | passed on to the Registering Node by the 6LR. | | | passed on to the Registering Node by the 6LR. |
| | | | | |
| 10 | Validation Failed: The proof of ownership of the | | 10 | Validation Failed: The proof of ownership of the |
| | registered address is not correct. | | | registered address is not correct. |
+-------+-----------------------------------------------------------+ +-------+-----------------------------------------------------------+
Table 1: EARO Status Table 1: EARO Status
4.2. Extended Duplicate Address Message Formats 4.2. Extended Duplicate Address Message Formats
The DAR and DAC messages are defined in section 4.4 of [RFC6775]. The DAR and DAC messages share a common base format as defined in
Those messages follow a common base format, which enables information section 4.4 of [RFC6775]. Those messages enable information from the
from the ARO to be transported over multiple hops. ARO to be transported over multiple hops. The DAR and DAC are
extended as shown in Figure 2:
Those messages are extended to adapt to the new EARO format, as
follows:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum | | Type |CodePfx|CodeSfx| Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Status | TID | Registration Lifetime | | Status | TID | Registration Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
... Registration Ownership Verifier ... ... Registration Ownership Verifier ...
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ + + +
| | | |
+ Registered Address + + Registered Address +
| | | |
+ + + +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Duplicate Address Messages Format Figure 2: Duplicate Address Messages Format
Modified Message Fields: Modified Message Fields:
Code: The ICMP Code as defined in [RFC4443]. The ICMP Code Code: The ICMP Code [RFC4443] for Duplicate Address
MUST be set to 1 with this specification. An non- Messages is split in two 4-bit fields, the Code
null value of the ICMP Code indicates support for Prefix and the Code Suffix. The Code Prefix MUST be
this specification. set to zero by the sender and MUST be ignored by the
receiver. A non-null value of the Code Suffix
indicates support for this specification. It MUST be
set to 1 when operating in a backward-compatible
mode, indicating a ROVR size of 64 bits. It MAY be
2, 3 or 4, denoting a ROVR size of 128, 192, and 256
bits, respectively.
TID: 1-byte integer; same definition and processing as the TID: 1-byte integer; same definition and processing as the
TID in the EARO as defined in Section 4.1. This TID in the EARO as defined in Section 4.1. This
field MUST be ignored if the ICMP Code is null. field MUST be ignored if the ICMP Code is null.
Registration Ownership Verifier (ROVR): The size of the ROVR is Registration Ownership Verifier (ROVR): The size of the ROVR is
computed from the overall size of the IPv6 packet. known from the ICMP Code Suffix. This field has the
This field has the same definition and processing as same definition and processing as the ROVR in the
the ROVR in the EARO option as defined in EARO option as defined in Section 4.1.
Section 4.1.
4.3. New 6LoWPAN Capability Bits in the Capability Indication Option 4.3. New 6LoWPAN Capability Bits in the Capability Indication Option
This specification defines 5 new capability bits for use in the 6CIO, This specification defines 5 new capability bits for use in the 6CIO,
which was introduced by [RFC7400] for use in IPv6 ND RA messages. defined by [RFC7400] for use in IPv6 ND messages.
The new "E" flag indicates that EARO can be used in a registration. The "E" flag indicates that EARO can be used in a registration. A
A 6LR that supports this specification MUST set the "E" flag. 6LR that supports this specification MUST set the "E" flag.
A similar "D" flag indicates the support of EDA Messages by the 6LBR; The "D" flag indicates that the 6LBR supports EDA Messages. A 6LR
A 6LBR that supports this specification MUST set the "D" flag. The that learns the "D" flag from advertisements can then exchange EDAR
"D" flag is learned from advertisements by a 6LBR, and is propagated and EDAC messages with the 6LBR, and it also sets the "D" flag as
down a graph of 6LRs as a node acting as 6LN registers to a 6LR well as the "L" flag in the 6CIO in its own advertisements. In this
(which could be the 6LBR), and in turn becomes a 6LR to which other way, 6LNs will be able to prefer registration with a 6LR that can
6LNs will register. make use of new 6LBR features.
The new "L", "B", and "P" flags, indicate whether a router is capable The new "L", "B", and "P" flags, indicate whether a router is capable
of acting as 6LR, 6LBR, and 6BBR, respectively. These flags are not of acting as 6LR, 6LBR, and 6BBR, respectively. These flags are not
mutually exclusive and a node MUST set all the flags that are mutually exclusive; an updated node can advertise multiple collocated
relevant to it. functions.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length = 1 | Reserved |D|L|B|P|E|G| | Type | Length = 1 | Reserved |D|L|B|P|E|G|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: New capability Bits L, B, P, E in the 6CIO Figure 3: New Capability Bits in the 6CIO
Option Fields: Option Fields:
Type: 36 Type: 36
L: Node is a 6LR. L: Node is a 6LR.
B: Node is a 6LBR. B: Node is a 6LBR.
P: Node is a 6BBR. P: Node is a 6BBR.
E: Node supports registrations based on EARO. E: Node supports registrations based on EARO.
D: 6LBR supports EDA messages. D: 6LBR supports EDA messages.
As an example, a 6LBR sets the "B" and "D" flags. If it acts as a
6LR, then it sets the "L" and "E" flags. If it is collocated with a
6BBR, then it also sets the "P" flag.
5. Updating RFC 6775 5. Updating RFC 6775
The Extended Address Registration Option (EARO) (see Section 4.1) The Extended Address Registration Option (EARO) (see Section 4.1)
replaces the ARO used within Neighbor Discovery NS and NA messages updates the ARO used within Neighbor Discovery NS and NA messages
between a 6LN and its 6LR. Similarly, the EDA messages, EDAR and between a 6LN and its 6LR. Similarly, EDAR and EDAC update the DAR
EDAC, replace the DAR and DAC messages so as to transport the new and DAC messages so as to transport the new information between 6LRs
information between 6LRs and 6LBRs across an LLN mesh such as a and 6LBRs across an LLN mesh.
6TiSCH network.
The extensions to the ARO option are used in the Duplicate Address The extensions to the ARO option are the Duplicate Address Request
messages, the Duplicate Address Request (DAR) and Duplicate Address (DAR) and Duplicate Address Confirmation (DAC), used in the Duplicate
Confirmation (DAC), so as to convey the additional information all Address messages. They convey the additional information all the way
the way to the 6LBR. In turn the 6LBR may proxy the registration to the 6LBR. In turn the 6LBR may proxy the registration using IPv6
using IPv6 ND over a Backbone Link as illustrated in Figure 4. Note ND over a Backbone Link as illustrated in Figure 4. This
that this specification avoids the Duplicate Address message flow for specification avoids the Duplicate Address message flow for Link-
Link-Local Addresses in a Route-Over [RFC6606] topology (see Local Addresses in a Route-Over [RFC6606] topology (see Section 5.6).
Section 5.6).
6LN 6LR 6LBR 6BBR 6LN 6LR 6LBR 6BBR
| | | | | | | |
| NS(EARO) | | | | NS(EARO) | | |
|--------------->| | | |--------------->| | |
| | Extended DAR | | | | Extended DAR | |
| |-------------->| | | |-------------->| |
| | | | | | | |
| | | proxy NS(EARO) | | | | proxy NS(EARO) |
| | |--------------->| | | |--------------->|
skipping to change at page 14, line 46 skipping to change at page 13, line 46
| | | proxy NA(EARO) | | | | proxy NA(EARO) |
| | |<---------------| | | |<---------------|
| | Extended DAC | | | | Extended DAC | |
| |<--------------| | | |<--------------| |
| NA(EARO) | | | | NA(EARO) | | |
|<---------------| | | |<---------------| | |
| | | | | | | |
Figure 4: (Re-)Registration Flow Figure 4: (Re-)Registration Flow
In order to support various types of link layers, this specification This specification allows multiple registrations, including for
allows multiple registrations, including for privacy / temporary privacy / temporary addresses and provides a mechanism to help clean
addresses and provides new mechanisms to help clean up stale up stale registration state as soon as possible, e.g., after a
registration state as soon as possible, e.g., after a movement (see movement (see Section 7).
Section 7).
Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface
and locates available 6LRs. A Registering Node prefers registering and locates available 6LRs. A Registering Node SHOULD register to a
to a 6LR that is found to support this specification, as discussed in 6LR that supports this specification if one is found, as discussed in
Section 6.1, over an RFC6775-only one, and operates in a backward- Section 6.1, instead of registering to an RFC6775-only one; otherwise
compatible fashion when attaching to an RFC6775-only 6LR. the Registering Node operates in a backward-compatible fashion when
attaching to an RFC6775-only 6LR.
5.1. Extending the Address Registration Option 5.1. Extending the Address Registration Option
The Extended ARO (EARO) replaces the ARO and is backward compatible The Extended ARO (EARO) updates the ARO and is backward compatible
with the ARO if and only if the Length of the option is set to 2. with the ARO if and only if the Length of the option is set to 2.
Its format is presented in Section 4.1. More details on backward Its format is presented in Section 4.1. More details on backward
compatibility can be found in Section 6. compatibility can be found in Section 6.
The semantics of the Neighbor Solicitation (NS) and the ARO are The Neighbor Solicitation (NS) and the ARO are modified as follows:
modified as follows:
o The Target Address in the NS containing the EARO is now the field o The Target Address in the NS containing the EARO is now the field
that indicates the address that is being registered, as opposed to that indicates the address that is being registered, as opposed to
the Source Address field as specified in [RFC6775] (see the Source Address field as specified in [RFC6775] (see
Section 5.5). This change enables a 6LBR to use one of its Section 5.5). This change enables a 6LBR to use one of its
addresses as source of the proxy-registration of an address that addresses as source of the proxy-registration of an address that
belongs to a LLN Node to a 6BBR. This also limits the use of an belongs to a LLN Node to a 6BBR. This change also avoids in most
address as source address before it is registered and the cases the use of an address as source address before it is
associated DAD process is complete. registered.
o The EUI-64 field in the ARO Option is renamed Registration o The EUI-64 field in the ARO Option is renamed Registration
Ownership Verifier (ROVR) and is not required to be derived from a Ownership Verifier (ROVR) and is not required to be derived from a
MAC address (see Section 5.3). MAC address (see Section 5.3).
o The option Length MAY be different than 2 and take a value between o The option Length MAY be different than 2 and take a value between
3 and 5, in which case the EARO is not backward compatible with an 3 and 5, in which case the EARO is not backward compatible with an
ARO. The increase of size corresponds to a larger ROVR field, so ARO. The increase of size corresponds to a larger ROVR field, so
the size of the ROVR is inferred from the option Length. the size of the ROVR is inferred from the option Length.
o A new Opaque field is introduced to carry opaque information in o A new Opaque field is introduced to carry opaque information in
case the registration is relayed to another process, e.g.; case the registration is relayed to another process, e.g., to be
injected in a routing protocol. A new "I" field provides an advertised by a routing protocol. A new "I" field provides a type
abstract type for the opaque information, and from which the 6LN for the opaque information, and indicates the other process to
derives to which other process the opaque is expected to be which the 6LN passes the opaque value. A value of Zero for I
passed. A value of Zero for I indicates an abstract topological indicates topological information to be passed to a routing
information to be passed to a routing process if the registration process if the registration is redistributed. In that case, a
is redistributed. In that case, a value of Zero for the Opaque value of Zero for the Opaque field is backward-compatible with the
field is backward-compatible with the reserved fields that are reserved fields that are overloaded, and the meaning is to use the
overloaded, and the meaning is to use the default topology. default topology.
o This document specifies a new flag in the EARO, the 'R' flag. If o This document specifies a new flag in the EARO, the 'R' flag. If
the 'R' flag is set, the Registering Node expects that the 6LR the 'R' flag is set, the Registering Node requests the 6LR to
ensures reachability for the Registered Address, e.g., by means of ensure reachability for the Registered Address, e.g., by means of
routing or proxying ND. Conversely, when it is not set, the 'R' routing or proxying ND. Conversely, when it is not set, the 'R'
flag indicates that the Registering Node is a router, which for flag indicates that the Registering Node is a router, and that it
instance participates to a Route-Over routing protocol such as RPL will advertise reachability to the Registered Address via a
[RFC6550] and that it will take care of injecting its Address over routing protocol (such as RPL [RFC6550]).
the routing protocol by itself. A 6LN that acts only as a host,
when registering, MUST set the 'R' flag to indicate that it is not
a router and that it will not handle its own reachability. A 6LR
that manages its reachability SHOULD NOT set the 'R' flag; if it
does, routes towards this router may be installed on its behalf
and may interfere with those it injects.
o The specification introduces a Transaction ID (TID) field in the o A node that supports this specification MUST be provide a
EARO (see Section 5.2). The TID MUST be provided by a node that Transaction ID (TID) field in the EARO, and set the 'T' flag to
supports this specification and another new flag, the 'T' flag, indicate the presence of the TID (see Section 5.2).
MUST be set to indicate so.
o Finally, this specification introduces new status codes to help o Finally, this specification introduces new status codes to help
diagnose the cause of a registration failure (see Table 1). diagnose the cause of a registration failure (see Table 1).
A 6LN that acts only as a host, when registering, MUST set the 'R'
flag to indicate that it is not a router and that it will not handle
its own reachability. A 6LR that manages its reachability SHOULD NOT
set the 'R' flag; if it does, routes towards this router may be
installed on its behalf and may interfere with those it advertises.
5.2. Transaction ID 5.2. Transaction ID
The TID is a sequence number that is incremented by the 6LN with each The TID is a sequence number that is incremented by the 6LN with each
re-registration to a 6LR. The TID is used to detect the freshness of re-registration to a 6LR. The TID is used to determine the freshness
the registration request and to detect one single registration by of the registration request. The network uses the most recent TID to
multiple 6LoWPAN border routers (e.g., 6LBRs and 6BBRs) supporting determine the current (most recent known) location(s) of a moving
the same 6LoWPAN. The TID may also be used by the network to route 6LN. When a Registered Node is registered with multiple 6LRs in
to the current (freshest known) location of a moving node by spotting parallel, the same TID MUST be used. This enables the 6LBRs and/or
the most recent TID. 6BBRs to determine whether the registrations are the same, and to
distinguish that situation from a movement (see section 4 of
When a Registered Node is registered with multiple 6BBRs in parallel, [I-D.ietf-6lo-backbone-router] and Section 5.7 below).
the same TID MUST be used. This enables the 6BBRs to determine that
the registrations are the same, and distinguish that situation from a
movement (see section 4 of [I-D.ietf-6lo-backbone-router] and
Section 5.7 below).
5.2.1. Comparing TID values 5.2.1. Comparing TID values
As a note to the implementer, the operation of the TID is fully The operation of the TID is fully compatible with that of the RPL
compatible with that of the RPL Path Sequence counter as described in Path Sequence counter as described in the "Sequence Counter
the "Sequence Counter Operation" section of the "IPv6 Routing Operation" section of the "IPv6 Routing Protocol for Low-Power and
Protocol for Low-Power and Lossy Networks" [RFC6550] specification. Lossy Networks" [RFC6550] specification.
A TID is deemed to be fresher than another when its value is greater A TID is deemed to be fresher than another when its value is greater
per the operations detailed in this section. as determined by the operations detailed in this section.
The TID range is subdivided in a 'lollipop' fashion ([Perlman83]), The TID range is subdivided in a 'lollipop' fashion ([Perlman83]),
where the values from 128 and greater are used as a linear sequence where the values from 128 and greater are used as a linear sequence
to indicate a restart and bootstrap the counter, and the values less to indicate a restart and bootstrap the counter, and the values less
than or equal to 127 used as a circular sequence number space of size than or equal to 127 used as a circular sequence number space of size
128 as in [RFC1982]. Consideration is given to the mode of operation 128 as in [RFC1982]. Consideration is given to the mode of operation
when transitioning from the linear region to the circular region. when transitioning from the linear region to the circular region.
Finally, when operating in the circular region, if sequence numbers Finally, when operating in the circular region, if sequence numbers
are detected to be too far apart then they are not comparable, as are determined to be too far apart then they are not comparable, as
detailed below. detailed below.
A window of comparison, SEQUENCE_WINDOW = 16, is configured based on A window of comparison, SEQUENCE_WINDOW = 16, is configured based on
a value of 2^N, where N is defined to be 4 in this specification. a value of 2^N, where N is defined to be 4 in this specification.
For a given sequence counter, For a given sequence counter,
1. The sequence counter SHOULD be initialized to an implementation 1. The sequence counter SHOULD be initialized to an implementation
defined value which is 128 or greater prior to use. A defined value which is 128 or greater prior to use. A
recommended value is 240 (256 - SEQUENCE_WINDOW). recommended value is 240 (256 - SEQUENCE_WINDOW).
skipping to change at page 18, line 23 skipping to change at page 17, line 17
desynchronization has occurred and the two sequence desynchronization has occurred and the two sequence
numbers are not comparable. numbers are not comparable.
4. If two sequence numbers are determined to be not comparable, 4. If two sequence numbers are determined to be not comparable,
i.e., the results of the comparison are not defined, then a node i.e., the results of the comparison are not defined, then a node
should give precedence to the sequence number that was most should give precedence to the sequence number that was most
recently incremented. Failing this, the node should select the recently incremented. Failing this, the node should select the
sequence number in order to minimize the resulting changes to its sequence number in order to minimize the resulting changes to its
own state. own state.
5.3. Registration Ownership Verifier 5.3. Registration Ownership Verifier (ROVR)
The ROVR field generalizes the EUI-64 field of the ARO defined in The ROVR field replaces the EUI-64 field of the ARO defined in
[RFC6775]. It is scoped to a registration and enables recognizing [RFC6775]. It is associated in the 6LR and the 6LBR with the
and blocking an attempt to register a duplicate address, which is registration state. The ROVR can be a unique ID of the Registering
characterized by a different ROVR in the conflicting registrations. Node, such as the EUI-64 address of an interface. This can also be a
It can also be used to protect the ownership of a Registered Address, token obtained with cryptographic methods which can be used in
if the proof-of-ownership of the ROVR can be obtained (more in additional protocol exchanges to associate a cryptographic identity
Section 5.6). (key) with this registration to ensure that only the owner can modify
it later, if the proof-of-ownership of the ROVR can be obtained (more
in Section 5.6). The scope of a ROVR is the registration of a
particular IPv6 Address and it MUST NOT be used to correlate
registrations of different addresses.
The ROVR can be of different types, as long as the type is signaled The ROVR can be of different types; the type is signaled in the
in the message that carries the new type. For instance, the type can message that carries the new type. For instance, the type can be a
be a cryptographic string and used to prove the ownership of the cryptographic string and used to prove the ownership of the
registration as specified in "Address Protected Neighbor Discovery registration as specified in "Address Protected Neighbor Discovery
for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to
support the flows related to the proof-of-ownership, this support the flows related to the proof-of-ownership, this
specification introduces new status codes "Validation Requested" and specification introduces new status codes "Validation Requested" and
"Validation Failed" in the EARO. "Validation Failed" in the EARO.
Note on ROVR collision: different techniques for forming the ROVR Note on ROVR collision: different techniques for forming the ROVR
will operate in different name-spaces. [RFC6775] operates on EUI- will operate in different name-spaces. [RFC6775] operates on EUI-
64(TM) addresses. [I-D.ietf-6lo-ap-nd] generates cryptographic 64(TM) addresses. [I-D.ietf-6lo-ap-nd] generates cryptographic
tokens. While collisions are not expected in the EUI-64 name-space tokens. While collisions are not expected in the EUI-64 name-space
skipping to change at page 19, line 14 skipping to change at page 18, line 12
significant within the context of one registration. A ROVR is not significant within the context of one registration. A ROVR is not
expected to be unique to one registration, as this specification expected to be unique to one registration, as this specification
allows a node to use the same ROVR to register multiple IPv6 allows a node to use the same ROVR to register multiple IPv6
addresses. This is why the ROVR MUST NOT be used as a key to addresses. This is why the ROVR MUST NOT be used as a key to
identify the Registering Node, or as an index to the registration. identify the Registering Node, or as an index to the registration.
It is only used as a match to ensure that the node that updates a It is only used as a match to ensure that the node that updates a
registration for an IPv6 address is the node that made the original registration for an IPv6 address is the node that made the original
registration for that IPv6 address. Also, when the ROVR is not an registration for that IPv6 address. Also, when the ROVR is not an
EUI-64 address, then it MUST NOT be used as the interface ID of the EUI-64 address, then it MUST NOT be used as the interface ID of the
Registered Address. This way, a registration that uses that ROVR Registered Address. This way, a registration that uses that ROVR
will not collision with that of an IPv6 Address derived from EUI-64 will not collide with that of an IPv6 Address derived from EUI-64 and
and using the EUI-64 as ROVR per [RFC6775]. using the EUI-64 as ROVR per [RFC6775].
The Registering Node SHOULD store the ROVR, or enough information to The Registering Node SHOULD store the ROVR, or enough information to
regenerate it, in persistent memory. If this is not done and an regenerate it, in persistent memory. If this is not done and an
event such as a reboot causes a loss of state, re-registering the event such as a reboot causes a loss of state, re-registering the
same address could be impossible until the 6LRs and the 6LBR time out same address could be impossible until the 6LRs and the 6LBR time out
the previous registration, or a management action is taken to clear the previous registration, or a management action is taken to clear
the relevant state in the network. the relevant state in the network.
5.4. Extended Duplicate Address Messages 5.4. Extended Duplicate Address Messages
skipping to change at page 20, line 22 skipping to change at page 19, line 22
Node. This enables the Registering Node to attract the packets from Node. This enables the Registering Node to attract the packets from
the 6BBR and route them over the LLN to the Registered Node. the 6BBR and route them over the LLN to the Registered Node.
In order to enable the latter operation, this specification changes In order to enable the latter operation, this specification changes
the behavior of the 6LN and the 6LR so that the Registered Address is the behavior of the 6LN and the 6LR so that the Registered Address is
found in the Target Address field of the NS and NA messages as found in the Target Address field of the NS and NA messages as
opposed to the Source Address field. With this convention, a TLLA opposed to the Source Address field. With this convention, a TLLA
option indicates the link-layer address of the 6LN that owns the option indicates the link-layer address of the 6LN that owns the
address. address.
If Registering Node expects packets for the 6LN, e.g., a 6LBR also A Registering Node (e.g., a 6LBR also acting as RPL Root) that
acting as RPL Root, then it MUST place its own Link Layer Address in advertises reachability for the 6LN MUST place its own Link Layer
the SLLA Option that MUST always be placed in a registration NS(EARO) Address in the SLLA Option of the registration NS(EARO) message.
message. This maintains compatibility with RFC6775-only 6LoWPAN ND This maintains compatibility with RFC6775-only 6LoWPAN ND [RFC6775].
[RFC6775].
5.6. Link-Local Addresses and Registration 5.6. Link-Local Addresses and Registration
Considering that LLN nodes are often not wired and may move, there is LLN nodes are often not wired and may move. There is no guarantee
no guarantee that a Link-Local Address stays unique between a that a Link-Local Address remain unique among a huge and potentially
potentially variable and unbounded set of neighboring nodes. variable set of neighboring nodes.
Compared to [RFC6775], this specification only requires that a Link- Compared to [RFC6775], this specification only requires that a Link-
Local Address be unique from the perspective of the two nodes that Local Address be unique from the perspective of the two nodes that
use it to communicate (e.g., the 6LN and the 6LR in an NS/NA use it to communicate (e.g., the 6LN and the 6LR in an NS/NA
exchange). This simplifies the DAD process in a Route-Over topology exchange). This simplifies the DAD process in a Route-Over topology
for Link-Local Addresses by avoiding an exchange of EDA messages for Link-Local Addresses by avoiding an exchange of EDA messages
between the 6LR and a 6LBR for those addresses. between the 6LR and a 6LBR for those addresses.
In more details:
An exchange between two nodes using Link-Local Addresses implies that An exchange between two nodes using Link-Local Addresses implies that
they are reachable over one hop. A node MUST register a Link-Local they are reachable over one hop. A node MUST register a Link-Local
Address to a 6LR in order to obtain reachability from that 6LR beyond Address to a 6LR in order to obtain further reachability by way of
the current exchange, and in particular to use the Link-Local Address that 6LR, and in particular to use the Link-Local Address as source
as source address to register other addresses, e.g., global address to register other addresses, e.g., global addresses.
addresses.
If there is no collision with an address previously registered to
this 6LR by another 6LN, then the Link-Local Address is unique from
the standpoint of this 6LR and the registration is not a duplicate.
Alternatively, two different 6LRs might expose the same Link-Local If there is no collision with a previously registered address, then
Address but different link-layer addresses. In that case, a 6LN MUST the Link-Local Address is unique from the standpoint of this 6LR and
only interact with at most one of the 6LRs. the registration is not a duplicate. Two different 6LRs might claim
the same Link-Local Address but different link-layer addresses. In
that case, a 6LN MUST only interact with at most one of the 6LRs.
The exchange of EDA messages between the 6LR and a 6LBR, which The exchange of EDA messages between the 6LR and a 6LBR, which
ensures that an address is unique across the domain covered by the ensures that an address is unique across the domain covered by the
6LBR, does not need to take place for Link-Local Addresses. 6LBR, does not need to take place for Link-Local Addresses.
When registering to a 6LR that conforms to this specification, a 6LN When sending an NS(EARO) to a 6LR, a 6LN MUST use a Link-Local
MUST use a Link-Local Address as the source address of the Address as the source address of the registration, whatever the type
registration, whatever the type of IPv6 address that is being of IPv6 address that is being registered. That Link-Local Address
registered. That Link-Local Address MUST be either an address that MUST be either an address that is already registered to the 6LR, or
is already registered to the 6LR, or the address that is being the address that is being registered.
registered.
A typical flow when a 6LN starts up is that it sends a multicast RS When a 6LN starts up, it typically multicasts a RS and receives one
and receives one or more unicast RA messages. If the 6LR can process or more unicast RA messages from 6LRs. If the 6LR can process EARO
Extended ARO, then it places a 6CIO in its RA message back with the messages, then it places a 6CIO in its RA message with the "E" Flag
"E" Flag set as required in Section 6.1. set as required in Section 6.1.
When a Registering Node does not have an already-registered Address, When a Registering Node does not have an already-registered Address,
it MUST register a Link-Local Address, using it as both the Source it MUST register a Link-Local Address, using it as both the Source
and the Target Address of an NS(EARO) message. In that case, it is and the Target Address of an NS(EARO) message. In that case, it is
RECOMMENDED to use a Link-Local Address that is (expected to be) RECOMMENDED to use an address for which DAD is not required (see
globally unique, e.g., derived from a globally unique EUI-64 address. [RFC6775]), e.g., derived from a globally unique EUI-64 address;
For such an address, DAD is not required (see [RFC6775]) and using using the SLLA Option in the NS is consistent with existing ND
the SLLA Option in the NS is actually more consistent with existing specifications such as the "Optimistic Duplicate Address Detection
ND specifications such as the "Optimistic Duplicate Address Detection
(ODAD) for IPv6" [RFC4429]. The 6LN MAY then use that address to (ODAD) for IPv6" [RFC4429]. The 6LN MAY then use that address to
register one or more other addresses. register one or more other addresses.
A 6LR that supports this specification replies with an NA(EARO), A 6LR that supports this specification replies with an NA(EARO),
setting the appropriate status. Since there is no exchange of EDA setting the appropriate status. Since there is no exchange of EDA
messages for Link-Local Addresses, the 6LR may answer immediately to messages for Link-Local Addresses, the 6LR may answer immediately to
the registration of a Link-Local Address, based solely on its the registration of a Link-Local Address, based solely on its
existing state and the Source Link-Layer Option that is placed in the existing state and the Source Link-Layer Option that is placed in the
NS(EARO) message as required in [RFC6775]. NS(EARO) message as required in [RFC6775].
A node needs to register its IPv6 Global Unicast Addresses (GUAs) to A node registers its IPv6 Global Unicast Addresses (GUAs) to a 6LR in
a 6LR in order to establish global reachability for these addresses order to establish global reachability for these addresses via that
via that 6LR. When registering with an updated 6LR, a Registering 6LR. When registering with an updated 6LR, a Registering Node does
Node does not use a GUA as Source Address, in contrast to a node that not use a GUA as Source Address, in contrast to a node that complies
complies to [RFC6775]. For non-Link-Local Addresses, the exchange of to [RFC6775]. For non-Link-Local Addresses, the exchange of EDA
EDA messages MUST conform to [RFC6775], but the extended formats messages MUST conform to [RFC6775], but the extended formats
described in this specification for the DAR and the DAC are used to described in this specification for the DAR and the DAC are used to
relay the extended information in the case of an EARO. relay the extended information in the case of an EARO.
5.7. Maintaining the Registration States 5.7. Maintaining the Registration States
This section discusses protocol actions that involve the Registering This section discusses protocol actions that involve the Registering
Node, the 6LR, and the 6LBR. It must be noted that the portion that Node, the 6LR, and the 6LBR. It must be noted that the portion that
deals with a 6LBR only applies to those addresses that are registered deals with a 6LBR only applies to those addresses that are registered
to it; as discussed in Section 5.6, this is not the case for Link- to it; as discussed in Section 5.6, this is not the case for Link-
Local Addresses. The registration state includes all data that is Local Addresses. The registration state includes all data that is
stored in the router relative to that registration, in particular, stored in the router relative to that registration, in particular,
but not limited to, an NCE. 6LBRs and 6BBRs may store additional but not limited to, an NCE. 6LBRs and 6BBRs may store additional
registration information in more complex abstract data structures and registration information and use synchronization protocols that are
use protocols that are out of scope of this document to keep them out of scope of this document.
synchronized when they are distributed.
When its resource available to store registration states are A 6LR cannot accept a new registration when its registration storage
exhausted, a 6LR cannot accept a new registration. In that space is exhausted. In that situation, the EARO is returned in an NA
situation, the EARO is returned in an NA message with a Status Code message with a Status Code of "Neighbor Cache Full" (Table 1), and
of "Neighbor Cache Full" (Table 1), and the Registering Node may the Registering Node may attempt to register to another 6LR.
attempt to register to another 6LR.
If the registry in the 6LBR is saturated, then the 6LBR cannot decide If the registry in the 6LBR is full, then the 6LBR cannot decide
whether a registration for a new address is a duplicate. In that whether a registration for a new address is a duplicate. In that
case, the 6LBR replies to an EDAR message with an EDAC message that case, the 6LBR replies to an EDAR message with an EDAC message that
carries a new Status Code indicating "6LBR Registry saturated" carries a new Status Code indicating "6LBR Registry Saturated"
(Table 1). Note: this code is used by 6LBRs instead of "Neighbor (Table 1). Note: this code is used by 6LBRs instead of "Neighbor
Cache Full" when responding to a Duplicate Address message exchange Cache Full" when responding to a Duplicate Address message exchange
and is passed on to the Registering Node by the 6LR. There is no and is passed on to the Registering Node by the 6LR. There is no
point for the node to retry this registration immediately via another point for the node to retry this registration via another 6LR, since
6LR, since the problem is global to the network. The node may either the problem is network-wide. The node may either abandon that
abandon that address, de-register other addresses first to make room, address, de-register other addresses first to make room, or keep the
or keep the address in TENTATIVE state and retry later. address in TENTATIVE state and retry later.
A node renews an existing registration by sending a new NS(EARO) A node renews an existing registration by sending a new NS(EARO)
message for the Registered Address. In order to refresh the message for the Registered Address, and the 6LR MUST report the new
registration state in the 6LBR, the registration MUST be reported to registration to the 6LBR.
the 6LBR.
A node that ceases to use an address SHOULD attempt to de-register A node that ceases to use an address SHOULD attempt to de-register
that address from all the 6LRs to which it has registered the that address from all the 6LRs to which it has registered the
address. This is achieved using an NS(EARO) message with a address. This is achieved using an NS(EARO) message with a
Registration Lifetime of 0. If this is not done, the associated Registration Lifetime of 0. If this is not done, the associated
state will remain in the network till the current Registration state will remain in the network till the current Registration
Lifetime expires and this may lead to a situation where the 6LR Lifetime expires and this may lead to a situation where the 6LR
resources become saturated, even if they are correctly planned to resources become saturated, even if they are correctly planned to
start with. The 6LR may then take defensive measures that may start with. The 6LR may then take defensive measures that may
prevent this node or some other nodes from owning as many addresses prevent this node or some other nodes from owning as many addresses
as they would expect (see Section 7). as they request (see Section 7).
A node that moves away from a particular 6LR SHOULD attempt to de- A node that moves away from a particular 6LR SHOULD attempt to de-
register all of its addresses registered to that 6LR and register to register all of its addresses registered to that 6LR and register to
a new 6LR with an incremented TID. When/if the node shows up a new 6LR with an incremented TID. When/if the node appears
elsewhere, an asynchronous NA(EARO) or EDAC message with a Status elsewhere, an asynchronous NA(EARO) or EDAC message with a Status
Code of "Moved" SHOULD be used to clean up the state in the previous Code of "Moved" SHOULD be used to clean up the state in the previous
location. For instance, as described in location. As described in [I-D.ietf-6lo-backbone-router], the
[I-D.ietf-6lo-backbone-router], the "Moved" status can be used by a "Moved" status can be used by a 6BBR in an NA(EARO) message to
6BBR in an NA(EARO) message to indicate that the ownership of the indicate that the ownership of the proxy state on the Backbone Link
proxy state on the Backbone Link was transferred to another 6BBR as was transferred to another 6BBR as the consequence of a movement of
the consequence of a movement of the device. If the receiver of the the device. If the receiver of the message has registration state
message has a state corresponding to the related address, it SHOULD corresponding to the related address, it SHOULD propagate the status
propagate the status down the forwarding path to the Registered node down the forwarding path to the Registered node (e.g., reversing an
(e.g., reversing an existing RPL [RFC6550] path as prescribed in existing RPL [RFC6550] path as prescribed in
[I-D.ietf-roll-efficient-npdao]). Whether it could do so or not, the [I-D.ietf-roll-efficient-npdao]). Whether it could do so or not, the
receiver MUST clean up said state. receiver MUST clean up said state.
Upon receiving an NS(EARO) message with a Registration Lifetime of 0 Upon receiving an NS(EARO) message with a Registration Lifetime of 0
and determining that this EARO is the freshest for a given NCE (see and determining that this EARO is the freshest for a given NCE (see
Section 5.2), a 6LR cleans up its NCE. If the address was registered Section 5.2), a 6LR cleans up its NCE. If the address was registered
to the 6LBR, then the 6LR MUST report to the 6LBR, through a to the 6LBR, then the 6LR MUST report to the 6LBR, through a
Duplicate Address exchange with the 6LBR, indicating the null Duplicate Address exchange with the 6LBR, indicating the null
Registration Lifetime and the latest TID that this 6LR is aware of. Registration Lifetime and the latest TID that this 6LR is aware of.
Upon receiving the EDAR message, the 6LBR evaluates if this is the Upon receiving the EDAR message, the 6LBR evaluates if this is the
most recent TID it has received for that particular registry entry. most recent TID it has received for that particular registry entry.
If so, then the EDAR is answered with an EDAC message bearing a If so, then the EDAR is answered with an EDAC message bearing a
Status of "Success" and the entry is scheduled to be removed. Status of "Success" and the entry is scheduled to be removed.
Otherwise, a Status Code of "Moved" is returned instead, and the Otherwise, a Status Code of "Moved" is returned instead, and the
existing entry is maintained. existing entry is maintained.
When an address is scheduled to be removed, the 6LBR SHOULD keep its When an address is scheduled to be removed, the 6LBR SHOULD keep its
entry in a DELAY state for a configurable period of time, so as to NCE in a DELAY state [RFC4861] for a configurable period of time, so
protect a mobile node that de-registered from one 6LR and did not as to protect a mobile node that de-registered from one 6LR and did
register yet to a new one, or the new registration did not yet reach not register yet to a new one, or the new registration did not yet
the 6LBR due to propagation delays in the network. Once the DELAY reach the 6LBR due to propagation delays in the network. Once the
time is passed, the 6LBR silently removes its entry. DELAY time is passed, the 6LBR silently removes its entry.
6. Backward Compatibility 6. Backward Compatibility
This specification changes the behavior of the peers in a This specification changes the behavior of the peers in a
registration flow. To enable backward compatibility, a 6LN that registration flow. To enable backward compatibility, a 6LN that
registers to a 6LR that is not known to support this specification registers to a 6LR that is not known to support this specification
MUST behave in a manner that is backward-compatible with [RFC6775]. MUST behave in a manner that is backward-compatible with [RFC6775].
On the contrary, if the 6LR is found to support this specification, On the contrary, if the 6LR is found to support this specification,
then the 6LN MUST conform to this specification when communicating then the 6LN MUST conform to this specification when communicating
with that 6LR. with that 6LR.
skipping to change at page 24, line 17 skipping to change at page 23, line 8
backward-compatible since the 'T' flag and TID field are reserved in backward-compatible since the 'T' flag and TID field are reserved in
[RFC6775], and are ignored by an RFC6775-only router. A router that [RFC6775], and are ignored by an RFC6775-only router. A router that
supports this specification MUST answer an NS(ARO) and an NS(EARO) supports this specification MUST answer an NS(ARO) and an NS(EARO)
with an NA(EARO). A router that does not support this specification with an NA(EARO). A router that does not support this specification
will consider the ROVR as an EUI-64 address and treat it the same, will consider the ROVR as an EUI-64 address and treat it the same,
which has no consequence if the Registered Addresses are different. which has no consequence if the Registered Addresses are different.
6.1. Signaling EARO Capability Support 6.1. Signaling EARO Capability Support
"Generic Header Compression for IPv6 over 6LoWPANs" [RFC7400] "Generic Header Compression for IPv6 over 6LoWPANs" [RFC7400]
introduces the 6LoWPAN Capability Indication Option (6CIO) to specifies the 6LoWPAN Capability Indication Option (6CIO) to indicate
indicate a node's capabilities to its peers. The 6CIO MUST be a node's capabilities to its peers. The 6CIO MUST be present in both
present in both Router Solicitation (RS) and Router Advertisement Router Solicitation (RS) and Router Advertisement (RA) messages,
(RA) messages, unless the information therein was already shared. unless the 6CIO information was already shared in recent exchanges,
This can have happened in recent exchanges. The information can also or pre-configured in all nodes in a network. In any case, a 6CIO
be implicit, or pre-configured in all nodes in a network. In any MUST be placed in an RA message that is sent in response to an RS
case, a 6CIO MUST be placed in an RA message that is sent in response with a 6CIO.
to an RS with a 6CIO.
Section 4.3 defines a new flag for the 6CIO to signal support for Section 4.3 defines a new flag for the 6CIO to signal support for
EARO by the issuer of the message. New flags are also added to the EARO by the issuer of the message. New flags are also added to the
6CIO to signal the sender's capability to act as a 6LR, 6LBR, and 6CIO to signal the sender's capability to act as a 6LR, 6LBR, and
6BBR (see Section 4.3). 6BBR (see Section 4.3).
Section 4.3 also defines a new flag that indicates the support of EDA Section 4.3 also defines a new flag that indicates the support of EDA
messages by the 6LBR. This flag is valid in RA messages but not in messages by the 6LBR. This flag is valid in RA messages but not in
RS messages. More information on the 6LBR is found in a separate RS messages. More information on the 6LBR is found in a separate
Authoritative Border Router Option (ABRO). The ABRO is placed in RA Authoritative Border Router Option (ABRO). The ABRO is placed in RA
messages as prescribed by [RFC6775]; in particular, it MUST be placed messages as prescribed by [RFC6775]; in particular, it MUST be placed
in an RA message that is sent in response to an RS with a 6CIO in an RA message that is sent in response to an RS with a 6CIO
indicating the capability to act as a 6LR, since the RA propagates indicating the capability to act as a 6LR, since the RA propagates
information between routers. information between routers.
6.2. RFC6775-only 6LoWPAN Node 6.2. RFC6775-only 6LN
An RFC6775-only 6LN will use the Registered Address as the source An RFC6775-only 6LN will use the Registered Address as the source
address of the NS message and will not use an EARO. An updated 6LR address of the NS message and will not use an EARO. An updated 6LR
MUST accept that registration if it is valid per [RFC6775], and it MUST accept that registration if it is valid per [RFC6775], and it
MUST manage the binding cache accordingly. The updated 6LR MUST then MUST manage the binding cache accordingly. The updated 6LR MUST then
use the RFC6775-only EDA messages as specified in [RFC6775] to use the RFC6775-only DAR and DAC messages as specified in [RFC6775]
indicate to the 6LBR that the TID is not present in the messages. to indicate to the 6LBR that the TID is not present in the messages.
The main difference from [RFC6775] is that the exchange of EDA The main difference from [RFC6775] is that the exchange of EDA
messages for the purpose of DAD is avoided for Link-Local Addresses. messages for the purpose of DAD is avoided for Link-Local Addresses.
In any case, the 6LR MUST use an EARO in the reply, and can use any In any case, the 6LR MUST use an EARO in the reply, and can use any
of the Status codes defined in this specification. of the Status codes defined in this specification.
6.3. RFC6775-only 6LoWPAN Router 6.3. RFC6775-only 6LR
An updated 6LN discovers the capabilities of the 6LR in the 6CIO in An updated 6LN discovers the capabilities of the 6LR in the 6CIO in
RA messages from that 6LR; if the 6CIO was not present in the RA, RA messages from that 6LR; if the 6CIO was not present in the RA,
then the 6LR is assumed to be a RFC6775-only 6LoWPAN Router. then the 6LR is assumed to be a RFC6775-only 6LR.
An updated 6LN MUST use an EARO in the request regardless of the type An updated 6LN MUST use an EARO in the request regardless of the type
of 6LR, RFC6775-only or updated, which implies that the 'T' flag is of 6LR, RFC6775-only or updated, which implies that the 'T' flag is
set. It MUST use a ROVR of 64 bits if the 6LR is an RFC6775-only set. It MUST use a ROVR of 64 bits if the 6LR is an RFC6775-only
6LoWPAN Router. 6LR.
If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR, If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR,
the RFC6775-only 6LR will send an RFC6775-only DAR message, which the RFC6775-only 6LR will send an RFC6775-only DAR message, which
cannot be compared with an updated one for freshness. Allowing cannot be compared with an updated one for freshness. Allowing
RFC6775-only DAR messages to replace a state established by the RFC6775-only DAR messages to update a state established by the
updated protocol in the 6LBR would be an attack vector and that updated protocol in the 6LBR would be an attack vector and that
cannot be the default behavior. But if RFC6775-only and updated 6LRs cannot be the default behavior. But if RFC6775-only and updated 6LRs
coexist temporarily in a network, then it makes sense for an coexist temporarily in a network, then it makes sense for an
administrator to install a policy that allows this, and the administrator to install a policy that allows this, using some method
capability to install such a policy should be configurable in a 6LBR out of scope for this document.
though it is out of scope for this document.
6.4. RFC6775-only 6LoWPAN Border Router 6.4. RFC6775-only 6LBR
With this specification, the Duplicate Address messages are extended With this specification, the Duplicate Address messages are extended
to transport the EARO information. Similarly to the NS/NA exchange, to transport the EARO information. Similarly to the NS/NA exchange,
an updated 6LBR MUST always use the EDA messages. an updated 6LBR MUST always use the EDA messages.
Note that an RFC6775-only 6LBR will accept and process an EDAR Note that an RFC6775-only 6LBR will accept and process an EDAR
message as if it were an RFC6775-only DAR, as long as the ROVR is 64 message as if it were an RFC6775-only DAR, as long as the ROVR is 64
bits long. An updated 6LR discovers the capabilities of the 6LBR in bits long. An updated 6LR discovers the capabilities of the 6LBR in
the 6CIO in RA messages from the 6LR; if the 6CIO was not present in the 6CIO in RA messages from the 6LR; if the 6CIO was not present in
any RA, then the 6LBR si assumed to be a RFC6775-only 6LoWPAN Border any RA, then the 6LBR is assumed to be a RFC6775-only 6LBR.
Router.
If the 6LBR is RFC6775-only, and the ROVR in the NS(EARO) was more If the 6LBR is RFC6775-only, the 6LR MUST use only the 64 leftmost
than 64 bits long, then the 6LR MUST truncate the ROVR to the 64 bits of the ROVR, and place the result in the EDAR message to
leftmost bits and place the result in the EDAR message to maintain maintain compatibility. This way, the support of DAD is preserved.
compatibility. This way, the support of DAD is preserved.
7. Security Considerations 7. Security Considerations
This specification extends [RFC6775], and the security section of This specification extends [RFC6775], and the security section of
that document also applies to this as well. In particular, it is that document also applies to this document. In particular, the link
expected that the link layer is sufficiently protected to prevent layer SHOULD be sufficiently protected to prevent rogue access.
rogue access, either by means of physical or IP security on the
Backbone Link and link-layer cryptography on the LLN.
[RFC6775] does not protect the content of its messages and expects a [RFC6775] does not protect the content of its messages and expects a
lower layer encryption to defeat potential attacks. This lower layer encryption to defeat potential attacks. This
specification also expects that the LLN MAC provides secure unicast specification requires the LLN MAC to provide secure unicast to/from
to/from the Backbone Router and secure Broadcast or Multicast from the Backbone Router and secure Broadcast or Multicast from the
the Backbone Router in a way that prevents tampering with or Backbone Router in a way that prevents tampering with or replaying
replaying the Neighbor Discovery messages. the Neighbor Discovery messages.
This specification recommends using privacy techniques (see This specification recommends using privacy techniques (see
Section 8) and protecting against address theft such as provided by Section 8), and protecting against address theft by methods outside
"Address Protected Neighbor Discovery for Low-power and Lossy the scope of this document. For instance, "Address Protected
Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the Neighbor Discovery for Low-power and Lossy Networks"
Registered Address using a cryptographic ROVR. [I-D.ietf-6lo-ap-nd] guarantees the ownership of the Registered
Address using a cryptographic ROVR.
The registration mechanism may be used by a rogue node to attack the The registration mechanism may be used by a rogue node to attack the
6LR or the 6LBR with a Denial-of-Service attack against the registry. 6LR or the 6LBR with a Denial-of-Service attack against the registry.
It may also happen that the registry of a 6LR or a 6LBR is saturated It may also happen that the registry of a 6LR or a 6LBR is saturated
and cannot take any more registrations, which effectively denies the and cannot take any more registrations, which effectively denies the
requesting node the capability to use a new address. In order to requesting node the capability to use a new address. In order to
alleviate those concerns, Section 5.7 provides a number of alleviate those concerns, Section 5.7 provides a number of
recommendations that ensure that a stale registration is removed as recommendations that ensure that a stale registration is removed as
soon as possible from the 6LR and 6LBR. In particular, this soon as possible from the 6LR and 6LBR. In particular, this
specification recommends that: specification recommends that:
skipping to change at page 26, line 51 skipping to change at page 25, line 38
o The router (6LR or 6LBR) SHOULD be configurable so as to limit the o The router (6LR or 6LBR) SHOULD be configurable so as to limit the
number of addresses that can be registered by a single node, but number of addresses that can be registered by a single node, but
as a protective measure only. In any case, a router MUST be able as a protective measure only. In any case, a router MUST be able
to keep a minimum number of addresses per node. That minimum to keep a minimum number of addresses per node. That minimum
depends on the type of device and ranges between 3 for a very depends on the type of device and ranges between 3 for a very
constrained LLN and 10 for a larger device. A node may be constrained LLN and 10 for a larger device. A node may be
identified by its MAC address, as long as it is not obfuscated by identified by its MAC address, as long as it is not obfuscated by
privacy measures. A stronger identification (e.g., by security privacy measures. A stronger identification (e.g., by security
credentials) is RECOMMENDED. When the maximum is reached, the credentials) is RECOMMENDED. When the maximum is reached, the
router should use a Least-Recently-Used (LRU) algorithm to clean router SHOULD use a Least-Recently-Used (LRU) algorithm to clean
up the addresses, keeping at least one Link-Local Address. The up the addresses, keeping at least one Link-Local Address. The
router SHOULD attempt to keep one or more stable addresses if router SHOULD attempt to keep one or more stable addresses if
stability can be determined, e.g., because they are used over a stability can be determined, e.g., because they are used over a
much longer time span than other (privacy, shorter-lived) much longer time span than other (privacy, shorter-lived)
addresses. addresses.
o In order to avoid denial of registration for the lack of o In order to avoid denial of registration for the lack of
resources, administrators should take great care to deploy resources, administrators should take great care to deploy
adequate numbers of 6LRs to cover the needs of the nodes in their adequate numbers of 6LRs to cover the needs of the nodes in their
range, so as to avoid a situation of starving nodes. It is range, so as to avoid a situation of starving nodes. It is
expected that the 6LBR that serves an LLN is a more capable node expected that the 6LBR that serves an LLN is a more capable node
than the average 6LR, but in a network condition where it may than the average 6LR, but in a network condition where it may
become saturated, a particular deployment should distribute the become saturated, a particular deployment should distribute the
6LBR functionality, for instance by leveraging a high speed 6LBR functionality, for instance by leveraging a high speed
Backbone Link and Backbone Routers to aggregate multiple LLNs into Backbone Link and Backbone Routers to aggregate multiple LLNs into
a larger subnet. a larger subnet.
The LLN nodes depend on the 6LBR and the 6BBR for their operation. A The LLN nodes depend on the 6LBR and the 6BBR for their operation. A
trust model must be put in place to ensure that the right devices are trust model MUST be put in place to ensure that only authorized
acting in these roles so as to avoid threats such as black-holing or devices are acting in these roles so as to avoid threats such as
bombing attack whereby an impersonated 6LBR would destroy state in black-holing or bombing attack whereby an impersonated 6LBR would
the network by using the "Removed" Status code. This trust model destroy state in the network by using the "Removed" Status code.
could be at a minimum based on a Layer-2 access control, or could This trust model could be at a minimum based on a Layer-2 access
provide role validation as well (see Req5.1 in Appendix B.5). control, or could provide role validation as well (see Req5.1 in
Appendix B.5).
8. Privacy Considerations 8. Privacy Considerations
As indicated in Section 3, this protocol does not inherently limit As indicated in Section 3, this protocol does not limit the number of
the number of IPv6 addresses that each device can form. However, to IPv6 addresses that each device can form. However, to mitigate
mitigate denial-of-service attacks, it can be useful as a protective denial-of-service attacks, it can be useful as a protective measure
measure to have a limit that is high enough not to interfere with the to have a limit that is high enough not to interfere with the normal
normal behavior of devices in the network. A host should be able to behavior of devices in the network. A host should be able to form
form and register any address that is topologically correct in the and register any address that is topologically correct in the
subnet(s) advertised by the 6LR/6LBR. subnet(s) advertised by the 6LR/6LBR.
This specification does not mandate any particular way for forming This specification does not mandate any particular way for forming
IPv6 addresses, but it discourages using EUI-64 for forming the IPv6 addresses, but it discourages using EUI-64 for forming the
Interface ID in the Link-Local Address because this method prevents Interface ID in the Link-Local Address because this method prevents
the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971], the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971],
"Cryptographically Generated Addresses (CGA)" [RFC3972], and that of "Cryptographically Generated Addresses (CGA)" [RFC3972], and other
address privacy techniques. address privacy techniques.
"Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms"
[RFC8065] explains why privacy is important and how to form privacy- [RFC8065] explains why privacy is important and how to form privacy-
aware addresses. All implementations and deployments must consider aware addresses. All implementations and deployments must consider
the option of privacy addresses in their own environments. the option of privacy addresses in their own environments.
The IPv6 address of the 6LN in the IPv6 header can be compressed The IPv6 address of the 6LN in the IPv6 header can be compressed
statelessly when the Interface Identifier in the IPv6 address can be statelessly when the Interface Identifier in the IPv6 address can be
derived from the Lower Layer address. When it is not critical to derived from the Lower Layer address. When it is not critical to
skipping to change at page 28, line 16 skipping to change at page 27, line 7
statefully, or it is rarely used and/or it is used only over one hop, statefully, or it is rarely used and/or it is used only over one hop,
then privacy concerns should be considered. In particular, new then privacy concerns should be considered. In particular, new
implementations should follow the IETF "Recommendation on Stable IPv6 implementations should follow the IETF "Recommendation on Stable IPv6
Interface Identifiers" [RFC8064]. [RFC8064] recommends the use of "A Interface Identifiers" [RFC8064]. [RFC8064] recommends the use of "A
Method for Generating Semantically Opaque Interface Identifiers with Method for Generating Semantically Opaque Interface Identifiers with
IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for
generating Interface Identifiers to be used in SLAAC. generating Interface Identifiers to be used in SLAAC.
9. IANA Considerations 9. IANA Considerations
Note to RFC Editor, to be removed: please replace "This RFC" Note to RFC Editor, to be removed: please replace "This RFC"
throughout this document by the RFC number for this specification throughout this document by the RFC number for this specification
once it is allocated. once it is allocated.
IANA is requested to make a number of changes under the "Internet IANA is requested to make a number of changes under the "Internet
Control Message Protocol version 6 (ICMPv6) Parameters" registry, as Control Message Protocol version 6 (ICMPv6) Parameters" registry, as
follows. follows.
9.1. ARO Flags 9.1. ARO Flags
IANA is requested to create a new subregistry for "ARO Flags". This IANA is requested to create a new subregistry for "ARO Flags" under
specification defines 8 positions, bit 0 to bit 7, and assigns bit 6 the "Internet Control Message Protocol version 6 (ICMPv6) [RFC4443]
for the 'R' flag and bit 7 for the 'T' flag (see Section 4.1). The Parameters". This specification defines 8 positions, bit 0 to bit 7,
policy is "IETF Review" or "IESG Approval" [RFC8126]. The initial and assigns bit 6 for the 'R' flag and bit 7 for the 'T' flag (see
content of the registry is as shown in Table 2. Section 4.1). The policy is "IETF Review" or "IESG Approval"
[RFC8126]. The initial content of the registry is as shown in
Table 2.
New subregistry for ARO Flags under the "Internet Control Message New subregistry for ARO Flags
Protocol version 6 (ICMPv6) [RFC4443] Parameters"
+-------------+--------------+-----------+ +-------------+--------------+-----------+
| ARO Status | Description | Document | | ARO Status | Description | Document |
+-------------+--------------+-----------+ +-------------+--------------+-----------+
| 0..5 | Unassigned | | | 0..5 | Unassigned | |
| | | | | | | |
| 6 | 'R' Flag | This RFC | | 6 | 'R' Flag | This RFC |
| | | | | | | |
| 7 | 'T' Flag | This RFC | | 7 | 'T' Flag | This RFC |
+-------------+--------------+-----------+ +-------------+--------------+-----------+
Table 2: new ARO Flags Table 2: New ARO Flags
9.2. ICMP Codes 9.2. ICMP Codes
IANA is requested to create 2 new subregistries of the ICMPv6 "Code" IANA is requested to create 2 new subregistries of the ICMPv6 "Code"
Fields registry, which itself is a subregistry of the Internet Fields registry, which itself is a subregistry of the Internet
Control Message Protocol version 6 (ICMPv6) Parameters for the ICMP Control Message Protocol version 6 (ICMPv6) Parameters for the ICMP
codes. The new subregistries relate to the ICMP type 157, Duplicate codes. The new subregistries relate to the ICMP type 157, Duplicate
Address Request (shown in Table 3), and 158, Duplicate Address Address Request (shown in Table 3), and 158, Duplicate Address
Confirmation (shown in Table 4), respectively. The range of an Confirmation (shown in Table 4), respectively. For those ICMP types,
ICMPv6 "Code" Field is 0..255 in all cases. The policy is "IETF the ICMP Code field is split in 2 subfields, the "Code Prefix" and
Review" or "IESG Approval" [RFC8126] for both subregistries. The new the "Code Suffix". The new subregistries relate to the "Code Suffix"
subregistries are initialized as follows: portion of the ICMP Code. The range of "Code Suffix" is 0..15 in all
cases. The policy is "IETF Review" or "IESG Approval" [RFC8126] for
both subregistries. The new subregistries are to be initialized as
follows:
New entries for ICMP types 157 DAR message New Code Suffixes for ICMP types 157 DAR message
+---------+----------------------+------------+ +--------------+---------------------------------------+------------+
| Code | Name | Reference | | Code Suffix | Meaning | Reference |
+---------+----------------------+------------+ +--------------+---------------------------------------+------------+
| 0 | Original DAR message | RFC 6775 | | 0 | RFC6775 DAR message | RFC 6775 |
| | | | | | | |
| 1 | Extended DAR message | This RFC | | 1 | EDAR message with 64bits-long ROVR | This RFC |
| | | | | | field | |
| 2...255 | Unassigned | | | | | |
+---------+----------------------+------------+ | 2 | EDAR message with 128bits-long ROVR | This RFC |
| | field | |
| | | |
| 3 | EDAR message with 192bits-long ROVR | This RFC |
| | field | |
| | | |
| 4 | EDAR message with 256bits-long ROVR | This RFC |
| | field | |
| | | |
| 5...15 | Unassigned | |
+--------------+---------------------------------------+------------+
Table 3: new ICMPv6 Code Fields Table 3: New Code Suffixes for the DAR message
New entries for ICMP types 158 DAC message New Code Suffixes for ICMP types 158 DAC message
+---------+----------------------+------------+ +-------------+----------------------------------------+------------+
| Code | Name | Reference | | Code Suffix | Meaning | Reference |
+---------+----------------------+------------+ +-------------+----------------------------------------+------------+
| 0 | Original DAC message | RFC 6775 | | 0 | RFC6775 DAC message | RFC 6775 |
| | | | | | | |
| 1 | Extended DAC message | This RFC | | 1 | EDAC message with 64bits-long ROVR | This RFC |
| | | | | | field | |
| 2...255 | Unassigned | | | | | |
+---------+----------------------+------------+ | 2 | EDAC message with 128bits-long ROVR | This RFC |
| | field | |
| | | |
| 3 | EDAC message with 192bits-long ROVR | This RFC |
| | field | |
| | | |
| 4 | EDAC message with 256bits-long ROVR | This RFC |
| | field | |
| | | |
| 5...15 | Unassigned | |
+-------------+----------------------------------------+------------+
Table 4: new ICMPv6 Code Fields Table 4: New Code Suffixes for the DAC message
9.3. New ARO Status values 9.3. New ARO Status values
IANA is requested to make additions to the Address Registration IANA is requested to make additions to the Address Registration
Option Status Values Registry as follows: Option Status Values Registry as follows:
Address Registration Option Status Values Registry Address Registration Option Status Values Registry
+-------------+-----------------------------------------+-----------+ +-------------+-----------------------------------------+-----------+
| ARO Status | Description | Document | | ARO Status | Description | Document |
skipping to change at page 30, line 30 skipping to change at page 29, line 35
| 8 | Registered Address topologically | This RFC | | 8 | Registered Address topologically | This RFC |
| | incorrect | | | | incorrect | |
| | | | | | | |
| 9 | 6LBR Registry saturated | This RFC | | 9 | 6LBR Registry saturated | This RFC |
| | | | | | | |
| 10 | Validation Failed | This RFC | | 10 | Validation Failed | This RFC |
+-------------+-----------------------------------------+-----------+ +-------------+-----------------------------------------+-----------+
Table 5: New ARO Status values Table 5: New ARO Status values
9.4. New 6LoWPAN capability Bits 9.4. New 6LoWPAN Capability Bits
IANA is requested to make additions to the Subregistry for "6LoWPAN IANA is requested to make additions to the Subregistry for "6LoWPAN
capability Bits" as follows: Capability Bits" as follows:
Subregistry for "6LoWPAN capability Bits" under the "Internet Control Subregistry for "6LoWPAN Capability Bits" under the "Internet Control
Message Protocol version 6 (ICMPv6) Parameters" Message Protocol version 6 (ICMPv6) Parameters"
+-----------------+----------------------+-----------+ +-----------------+----------------------+-----------+
| Capability Bit | Description | Document | | Capability Bit | Description | Document |
+-----------------+----------------------+-----------+ +-----------------+----------------------+-----------+
| 10 | EDA Support (D bit) | This RFC | | 10 | EDA Support (D bit) | This RFC |
| | | | | | | |
| 11 | 6LR capable (L bit) | This RFC | | 11 | 6LR capable (L bit) | This RFC |
| | | | | | | |
| 12 | 6LBR capable (B bit) | This RFC | | 12 | 6LBR capable (B bit) | This RFC |
| | | | | | | |
| 13 | 6BBR capable (P bit) | This RFC | | 13 | 6BBR capable (P bit) | This RFC |
| | | | | | | |
| 14 | EARO support (E bit) | This RFC | | 14 | EARO support (E bit) | This RFC |
+-----------------+----------------------+-----------+ +-----------------+----------------------+-----------+
Table 6: New 6LoWPAN capability Bits Table 6: New 6LoWPAN Capability Bits
10. Acknowledgments 10. Acknowledgments
Kudos to Eric Levy-Abegnoli who designed the First Hop Security Kudos to Eric Levy-Abegnoli who designed the First Hop Security
infrastructure upon which the first backbone router was implemented. infrastructure upon which the first backbone router was implemented.
Many thanks to Sedat Gormus, Rahul Jadhav, Tim Chown, Juergen Many thanks to Sedat Gormus, Rahul Jadhav, Tim Chown, Juergen
Schoenwaelder, Chris Lonvick, Dave Thaler, Adrian Farrel, Peter Yee, Schoenwaelder, Chris Lonvick, Dave Thaler, Adrian Farrel, Peter Yee,
Warren Kumari, Benjamin Kaduk, Mirja Kuhlewind, Ben Campbell, Eric Warren Kumari, Benjamin Kaduk, Mirja Kuhlewind, Ben Campbell, Eric
Rescorla, and Lorenzo Colitti for their various contributions and Rescorla, and Lorenzo Colitti for their various contributions and
reviews. Also, many thanks to Thomas Watteyne for the world first reviews. Also, many thanks to Thomas Watteyne for the world first
skipping to change at page 32, line 39 skipping to change at page 32, line 11
Overview, Assumptions, Problem Statement, and Goals", Overview, Assumptions, Problem Statement, and Goals",
RFC 4919, DOI 10.17487/RFC4919, August 2007, RFC 4919, DOI 10.17487/RFC4919, August 2007,
<https://www.rfc-editor.org/info/rfc4919>. <https://www.rfc-editor.org/info/rfc4919>.
[RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem
Statement and Requirements for IPv6 over Low-Power Statement and Requirements for IPv6 over Low-Power
Wireless Personal Area Network (6LoWPAN) Routing", Wireless Personal Area Network (6LoWPAN) Routing",
RFC 6606, DOI 10.17487/RFC6606, May 2012, RFC 6606, DOI 10.17487/RFC6606, May 2012,
<https://www.rfc-editor.org/info/rfc6606>. <https://www.rfc-editor.org/info/rfc6606>.
[RFC7102] Vasseur, JP., "Terms Used in Routing for Low-Power and
Lossy Networks", RFC 7102, DOI 10.17487/RFC7102, January
2014, <https://www.rfc-editor.org/info/rfc7102>.
[RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for
Constrained-Node Networks", RFC 7228,
DOI 10.17487/RFC7228, May 2014,
<https://www.rfc-editor.org/info/rfc7228>.
11.3. Informative References 11.3. Informative References
[I-D.chakrabarti-nordmark-6man-efficient-nd] [I-D.chakrabarti-nordmark-6man-efficient-nd]
Chakrabarti, S., Nordmark, E., Thubert, P., and M. Chakrabarti, S., Nordmark, E., Thubert, P., and M.
Wasserman, "IPv6 Neighbor Discovery Optimizations for Wasserman, "IPv6 Neighbor Discovery Optimizations for
Wired and Wireless Networks", draft-chakrabarti-nordmark- Wired and Wireless Networks", draft-chakrabarti-nordmark-
6man-efficient-nd-07 (work in progress), February 2015. 6man-efficient-nd-07 (work in progress), February 2015.
[I-D.delcarpio-6lo-wlanah] [I-D.delcarpio-6lo-wlanah]
Vega, L., Robles, I., and R. Morabito, "IPv6 over Vega, L., Robles, I., and R. Morabito, "IPv6 over
skipping to change at page 33, line 39 skipping to change at page 32, line 47
backbone-router-06 (work in progress), February 2018. backbone-router-06 (work in progress), February 2018.
[I-D.ietf-6lo-nfc] [I-D.ietf-6lo-nfc]
Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi,
"Transmission of IPv6 Packets over Near Field "Transmission of IPv6 Packets over Near Field
Communication", draft-ietf-6lo-nfc-09 (work in progress), Communication", draft-ietf-6lo-nfc-09 (work in progress),
January 2018. January 2018.
[I-D.ietf-6tisch-architecture] [I-D.ietf-6tisch-architecture]
Thubert, P., "An Architecture for IPv6 over the TSCH mode Thubert, P., "An Architecture for IPv6 over the TSCH mode
of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work of IEEE 802.15.4", draft-ietf-6tisch-architecture-14 (work
in progress), November 2017. in progress), April 2018.
[I-D.ietf-mboned-ieee802-mcast-problems] [I-D.ietf-mboned-ieee802-mcast-problems]
Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. Perkins, C., McBride, M., Stanley, D., Kumari, W., and J.
Zuniga, "Multicast Considerations over IEEE 802 Wireless Zuniga, "Multicast Considerations over IEEE 802 Wireless
Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work
in progress), February 2018. in progress), February 2018.
[I-D.ietf-roll-efficient-npdao] [I-D.ietf-roll-efficient-npdao]
Jadhav, R., Thubert, P., Sahoo, R., and Z. Cao, "Efficient Jadhav, R., Thubert, P., Sahoo, R., and Z. Cao, "Efficient
Route Invalidation", draft-ietf-roll-efficient-npdao-03 Route Invalidation", draft-ietf-roll-efficient-npdao-03
(work in progress), March 2018. (work in progress), March 2018.
[I-D.perkins-intarea-multicast-ieee802]
Perkins, C., Stanley, D., Kumari, W., and J. Zuniga,
"Multicast Considerations over IEEE 802 Wireless Media",
draft-perkins-intarea-multicast-ieee802-03 (work in
progress), July 2017.
[I-D.struik-lwip-curve-representations] [I-D.struik-lwip-curve-representations]
Struik, R., "Alternative Elliptic Curve Representations", Struik, R., "Alternative Elliptic Curve Representations",
draft-struik-lwip-curve-representations-00 (work in draft-struik-lwip-curve-representations-00 (work in
progress), October 2017. progress), October 2017.
[I-D.thubert-roll-unaware-leaves] [I-D.thubert-roll-unaware-leaves]
Thubert, P., "Routing for RPL Leaves", draft-thubert-roll- Thubert, P., "Routing for RPL Leaves", draft-thubert-roll-
unaware-leaves-04 (work in progress), March 2018. unaware-leaves-05 (work in progress), May 2018.
[RFC1958] Carpenter, B., Ed., "Architectural Principles of the [RFC1958] Carpenter, B., Ed., "Architectural Principles of the
Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996, Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996,
<https://www.rfc-editor.org/info/rfc1958>. <https://www.rfc-editor.org/info/rfc1958>.
[RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982,
DOI 10.17487/RFC1982, August 1996, DOI 10.17487/RFC1982, August 1996,
<https://www.rfc-editor.org/info/rfc1982>. <https://www.rfc-editor.org/info/rfc1982>.
[RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with
skipping to change at page 36, line 38 skipping to change at page 35, line 44
readings/p83.pdf>. readings/p83.pdf>.
Appendix A. Applicability and Requirements Served (Not Normative) Appendix A. Applicability and Requirements Served (Not Normative)
This specification extends 6LoWPAN ND to provide a sequence number to This specification extends 6LoWPAN ND to provide a sequence number to
the registration and serves the requirements expressed in the registration and serves the requirements expressed in
Appendix B.1 by enabling the mobility of devices from one LLN to the Appendix B.1 by enabling the mobility of devices from one LLN to the
next based on the complementary work in the "IPv6 Backbone Router" next based on the complementary work in the "IPv6 Backbone Router"
[I-D.ietf-6lo-backbone-router] specification. [I-D.ietf-6lo-backbone-router] specification.
In the context of the Timeslotted Channel Hopping (TSCH) mode of IEEE "6TiSCH architecture" [I-D.ietf-6tisch-architecture] describes how a
Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" 6LoWPAN ND host using the Timeslotted Channel Hopping (TSCH) mode of
[I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could IEEE Std. 802.15.4 [IEEEstd802154] can connect to the Internet via a
connect to the Internet via a RPL mesh network, but this requires RPL mesh network. Doing so requires additions to the 6LoWPAN ND
additions to the 6LoWPAN ND protocol to support mobility and protocol to support mobility and reachability in a secure and
reachability in a secured and manageable environment. This manageable network environment. This document specifies those new
specification details the new operations that are required to operations, and fulfills the requirements listed in Appendix B.2.
implement the 6TiSCH architecture and serves the requirements listed
in Appendix B.2.
The term LLN is used loosely in this specification to cover multiple The term LLN is used loosely in this document, and intended to cover
types of WLANs and WPANs, including Low-Power IEEE Std. 802.11 multiple types of WLANs and WPANs, including Low-Power IEEE Std.
networking, Bluetooth Low Energy, IEEE Std. 802.11ah, and IEEE Std. 802.11 networking, Bluetooth Low Energy, IEEE Std. 802.11ah, and IEEE
802.15.4 wireless meshes, so as to address the requirements discussed Std. 802.15.4 wireless meshes, so as to address the requirements
in Appendix B.3. discussed in Appendix B.3.
This specification can be used by any wireless node to associate at This specification can be used by any wireless node to associate at
Layer-3 with a 6BBR and register its IPv6 addresses to obtain routing Layer-3 with a 6BBR and register its IPv6 addresses to obtain routing
services including proxy-ND operations over a Backbone Link, services including proxy-ND operations over a Backbone Link,
effectively providing a solution to the requirements expressed in effectively providing a solution to the requirements expressed in
Appendix B.4. Appendix B.4.
This specification is extended by "Address Protected Neighbor This specification is extended by "Address Protected Neighbor
Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd] to Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd] to
providing a solution to some of the security-related requirements providing a solution to some of the security-related requirements
skipping to change at page 37, line 27 skipping to change at page 36, line 33
[I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND
[RFC6775] can be extended to other types of links beyond IEEE Std. [RFC6775] can be extended to other types of links beyond IEEE Std.
802.15.4 for which it was defined. The registration technique is 802.15.4 for which it was defined. The registration technique is
beneficial when the Link-Layer technique used to carry IPv6 multicast beneficial when the Link-Layer technique used to carry IPv6 multicast
packets is not sufficiently efficient in terms of delivery ratio or packets is not sufficiently efficient in terms of delivery ratio or
energy consumption in the end devices, in particular to enable energy consumption in the end devices, in particular to enable
energy-constrained sleeping nodes. The value of such extension is energy-constrained sleeping nodes. The value of such extension is
especially apparent in the case of mobile wireless nodes, to reduce especially apparent in the case of mobile wireless nodes, to reduce
the multicast operations that are related to IPv6 ND ([RFC4861], the multicast operations that are related to IPv6 ND ([RFC4861],
[RFC4862]) and affect the operation of the wireless medium [RFC4862]) and affect the operation of the wireless medium
[I-D.ietf-mboned-ieee802-mcast-problems] [I-D.ietf-mboned-ieee802-mcast-problems]. This serves the
[I-D.perkins-intarea-multicast-ieee802]. This serves the scalability scalability requirements listed in Appendix B.6.
requirements listed in Appendix B.6.
Appendix B. Requirements (Not Normative) Appendix B. Requirements (Not Normative)
This section lists requirements that were discussed by the 6lo WG for This section lists requirements that were discussed by the 6lo WG for
an update to 6LoWPAN ND. How those requirements are matched with an update to 6LoWPAN ND. How those requirements are matched with
existing specifications at the time of this writing is shown in existing specifications at the time of this writing is shown in
Appendix B.8. Appendix B.8.
B.1. Requirements Related to Mobility B.1. Requirements Related to Mobility
skipping to change at page 38, line 26 skipping to change at page 37, line 32
The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6
routing in an LLN can be based on RPL, which is the routing protocol routing in an LLN can be based on RPL, which is the routing protocol
that was defined by the IETF for this particular purpose. Other that was defined by the IETF for this particular purpose. Other
routing protocols are also considered by Standards Development routing protocols are also considered by Standards Development
Organizations (SDO) on the basis of the expected network Organizations (SDO) on the basis of the expected network
characteristics. It is required that a 6LN attached via ND to a 6LR characteristics. It is required that a 6LN attached via ND to a 6LR
indicates whether it participates in the selected routing protocol to indicates whether it participates in the selected routing protocol to
obtain reachability via the 6LR, or whether it expects the 6LR to obtain reachability via the 6LR, or whether it expects the 6LR to
manage its reachability. manage its reachability.
The specified updates enable other specifications to define new
services such as Source Address Validation (SAVI) with
[I-D.ietf-6lo-ap-nd], participation as an unaware leaf to a routing
protocol such as the "Routing Protocol for Low Power and Lossy
Networks" [RFC6550] (RPL) with [I-D.thubert-roll-unaware-leaves], and
registration to a backbone routers performing proxy Neighbor
Discovery in a Low-Power and Lossy Network (LLN) with
[I-D.ietf-6lo-backbone-router].
Beyond the 6LBR unicast address registered by ND, other addresses Beyond the 6LBR unicast address registered by ND, other addresses
including multicast addresses are needed as well. For example, a including multicast addresses are needed as well. For example, a
routing protocol often uses a multicast address to register changes routing protocol often uses a multicast address to register changes
to established paths. ND needs to register such a multicast address to established paths. ND needs to register such a multicast address
to enable routing concurrently with discovery. to enable routing concurrently with discovery.
Multicast is needed for groups. Groups may be formed by device type Multicast is needed for groups. Groups may be formed by device type
(e.g., routers, street lamps), location (Geography, RPL sub-tree), or (e.g., routers, street lamps), location (Geography, RPL sub-tree), or
both. both.
skipping to change at page 41, line 10 skipping to change at page 40, line 27
nodes. Joining of unauthorized nodes MUST be prevented. nodes. Joining of unauthorized nodes MUST be prevented.
Req5.3: 6LoWPAN ND security mechanisms SHOULD NOT lead to large Req5.3: 6LoWPAN ND security mechanisms SHOULD NOT lead to large
packet sizes. In particular, the NS, NA, DAR, and DAC messages for a packet sizes. In particular, the NS, NA, DAR, and DAC messages for a
re-registration flow SHOULD NOT exceed 80 octets so as to fit in a re-registration flow SHOULD NOT exceed 80 octets so as to fit in a
secured IEEE Std.802.15.4 [IEEEstd802154] frame. secured IEEE Std.802.15.4 [IEEEstd802154] frame.
Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be
computationally intensive on the LoWPAN Node CPU. When a Key hash computationally intensive on the LoWPAN Node CPU. When a Key hash
calculation is employed, a mechanism lighter than SHA-1 SHOULD be calculation is employed, a mechanism lighter than SHA-1 SHOULD be
preferred. used.
Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate
SHOULD be minimized. SHOULD be minimized.
Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the
variation of CCM [RFC3610] called CCM* for use at both Layer 2 and variation of CCM [RFC3610] called CCM* for use at both Layer 2 and
Layer 3, and SHOULD enable the reuse of security code that has to be Layer 3, and SHOULD enable the reuse of security code that has to be
present on the device for upper layer security such as TLS. present on the device for upper layer security such as TLS.
Algorithm agility and support for large keys (e.g., 256-bit key Algorithm agility and support for large keys (e.g., 256-bit key
sizes) is also desirable, following at Layer-3 the introduction of sizes) is also desirable, following at Layer-3 the introduction of
 End of changes. 159 change blocks. 
532 lines changed or deleted 484 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/