idnits 2.17.1 draft-clausen-lln-rpl-experiences-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of lines with control characters in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 16, 2012) is 4392 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-13) exists of draft-ietf-roll-terminology-06 -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Clausen 3 Internet-Draft A. Colin de Verdiere 4 Intended status: Informational J. Yi 5 Expires: October 18, 2012 LIX, Ecole Polytechnique 6 U. Herberg 7 Fujitsu Laboratories of America 8 Y. Igarashi 9 Hitachi, Ltd., Yokohama Research 10 Laboratory 11 April 16, 2012 13 Experiences with RPL: IPv6 Routing Protocol for Low power and Lossy 14 Networks 15 draft-clausen-lln-rpl-experiences-03 17 Abstract 19 With RPL - the "IPv6 Routing Protocol for Low-power Lossy Networks" - 20 having been published as a Proposed Standard after a ~2-year 21 development cycle, this document presents an evaluation of the 22 resulting protocol, of its applicability, and of its limits. The 23 documents presents a selection of observations of the protocol 24 characteristics, exposes experiences acquired when producing various 25 prototype implementations of RPL, and presents results obtained from 26 testing this protocol - by way of network simulations, in network 27 testbeds and in deployments. The document aims at providing a better 28 understanding of possible weaknesses and limits of RPL, notably the 29 possible directions that further protocol developments should 30 explore, in order to address these. 32 Status of this Memo 34 This Internet-Draft is submitted in full conformance with the 35 provisions of BCP 78 and BCP 79. 37 Internet-Drafts are working documents of the Internet Engineering 38 Task Force (IETF). Note that other groups may also distribute 39 working documents as Internet-Drafts. The list of current Internet- 40 Drafts is at http://datatracker.ietf.org/drafts/current/. 42 Internet-Drafts are draft documents valid for a maximum of six months 43 and may be updated, replaced, or obsoleted by other documents at any 44 time. It is inappropriate to use Internet-Drafts as reference 45 material or to cite them other than as "work in progress." 47 This Internet-Draft will expire on October 18, 2012. 49 Copyright Notice 51 Copyright (c) 2012 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (http://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 Table of Contents 66 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 67 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 68 3. RPL Overview . . . . . . . . . . . . . . . . . . . . . . . . . 5 69 3.1. RPL Message Emission Timing - Trickle Timers . . . . . . . 7 70 4. Requirement Of DODAG Root . . . . . . . . . . . . . . . . . . 8 71 4.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 8 72 5. RPL Data Traffic Flows . . . . . . . . . . . . . . . . . . . . 9 73 5.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 10 74 6. Fragmentation Of RPL Control Messages And Data Packet . . . . 11 75 6.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 12 76 7. The DAO Mechanism: Downward and Point-to-Point Routes . . . . 14 77 7.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 14 78 8. Address Aggregation and Summarization . . . . . . . . . . . . 15 79 8.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 16 80 9. Links Assumed Bi-Directional . . . . . . . . . . . . . . . . . 18 81 9.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 18 82 10. Neighbor Unreachability Detection For Unidirectional Links . . 18 83 10.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 18 84 11. RPL Implementability and Complexity . . . . . . . . . . . . . 20 85 11.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 20 86 12. Underspecification . . . . . . . . . . . . . . . . . . . . . . 21 87 12.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 21 88 13. Protocol Convergence . . . . . . . . . . . . . . . . . . . . . 22 89 13.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 23 90 14. Loops . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 91 14.1. Observations . . . . . . . . . . . . . . . . . . . . . . . 23 92 15. Security Considerations . . . . . . . . . . . . . . . . . . . 25 93 16. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 94 17. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 25 95 18. Informative References . . . . . . . . . . . . . . . . . . . . 25 96 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 28 98 1. Introduction 100 RPL - the "Routing Protocol for Low Power and Lossy Networks" 101 [RFC6550] - is a proposal for an IPv6 routing protocol for Low-power 102 Lossy Networks (LLNs), by the ROLL Working Group in the Internet 103 Engineering Task Force (IETF). This routing protocol is intended to 104 be the IPv6 routing protocol for LLNs and sensor networks, applicable 105 in all kinds of deployments and applications of LLNs. 107 The objective of RPL and ROLL is to provide routing in networks which 108 "comprise up to thousands of nodes" [roll-charter], where the 109 majority of the nodes have very constrained resources 110 [I-D.ietf-roll-terminology], and where handling mobility is not an 111 explicit design criteria [RFC5867], [RFC5826], [RFC5673], [RFC5548]. 113 [roll-charter] states that "Typical traffic patterns are not simply 114 unicast flows (e.g. in some cases most if not all traffic can be 115 point to multipoint)", and [I-D.ietf-roll-terminology] further 116 categorizes the supported traffic types into "upward" traffic from 117 sensors to a collection sink or LBR (LLN Border Router) (denoted 118 multipoint-to-point), "downward" traffic from the collection sink or 119 LBR to the sensors (denoted point-to-multipoint) and traffic from 120 "sensor to sensor" (denoted point-to-point traffic), and establishes 121 this terminology for these traffic types. Thus, while the target for 122 RPL and ROLL is to support all of these traffic types, the emphasis 123 among these, according to [roll-charter], appears to be to optimize 124 for multipoint-to-point traffic, while also supporting point-to- 125 multipoint and point-to-point traffic. 127 As of early 2011, RPL has been approved by the IESG, for publication 128 as a "Proposed Standard" RFC (Request for Comments). The implication 129 of a protocol being labeled "Proposed Standard" is that it is 130 considered generally stable: well-understood and community reviewed, 131 no known design issues pending, and with some community support 132 [RFC2026]. 134 "Proposed Standard" is, however, only the first step on the Standards 135 Track, and it is thus opportune to document experiences with the 136 protocol, in order to understand which aspects of it necessitate 137 further investigations, and in order to identify possibly weak points 138 which may restrict the deployment scope of the protocol. This 139 document has as objective to document such experiences with and 140 observations of RPL, in the spirit of better understanding its 141 characteristics and limits. 143 2. Terminology 145 This document uses the terminology and notation defined in [RFC6550]. 147 Additionally, this document uses terminology from 148 [I-D.ietf-roll-terminology], specifically the terms defined for the 149 traffic types "MP2P" (Multipoint-to-Point), "P2P" (Point To Point) 150 and "P2MP" (Point-to-Multipoint). 152 Finally, this document introduces the following terminology: 154 RPL Router - A device, running the RPL protocol, as specified by 155 [RFC6550]. 157 3. RPL Overview 159 The basic construct in RPL is a "Destination Oriented Directed 160 Acyclic Graph" (DODAG), depicted in Figure 1, with a single RPL 161 router acting as DODAG root. The DODAG root has responsabilities in 162 addition to those of other RPL routers, including for initiating, 163 configuring, and managing the DODAG, and (in some cases) acting as a 164 central relay for traffic through and between RPL routers in the LLN. 166 (s) 167 ^ ^ ^ 168 / | \ 169 (a) | (b) 170 ^ (c) ^ 171 / ^ (d) 172 (f) | ^ ^ 173 (e)--/ \ 174 (g) 176 Figure 1: RPL DODAG 178 In an LLN, in which RPL has converged to a stable state, each RPL 179 Router has identified a stable set of parents, each of which is a 180 potential next-hop on a route towards the DODAG root. One of the 181 parents is selected as preferred parent. Each RPL Router, which is 182 part of a DODAG (i.e., which has selected parents and a preferred 183 parent) will emit DODAG Information Object (DIO) messages, using 184 link-local multicast, indicating its respective rank in the DODAG 185 (i.e., distance to the DODAG Root according to some metric(s), in the 186 simplest form hop-count). Upon having received a (number of such) 187 DIO messages, an RPL Router will calculate its own rank such that it 188 is greater than the rank of each of its parents, select a preferred 189 parent and then itself start emitting DIO messages. 191 DODAG formation thus starts at the DODAG Root (initially, the only 192 RPL Router which is part of a DODAG), and spreads gradually to cover 193 the whole LLN as DIOs are received, parents and preferred parents are 194 selected, and further RPL Routers participate in the DODAG. The 195 DODAG Root also includes, in DIO messages, a DODAG Configuration 196 Object, describing common configuration attributes for all RPL 197 Routers in that network - including their mode of operation, timer 198 characteristics etc. RPL Routers in a DODAG include a verbatim copy 199 of the last received DODAG Configuration Object in their DIO 200 messages, permitting also such configuration parameters propagating 201 through the network. 203 As a Distance Vector protocol, RPL restricts the ability for an RPL 204 Router to change rank. An RPL Router can freely assume a smaller 205 rank than previously advertised (i.e., logically move closer to the 206 DODAG Root) if it discovers a parent advertising a lower rank, and 207 must then disregard all previous parents of ranks higher than the 208 router's new rank. The ability for an RPL Router to assume a greater 209 rank (i.e., logically move farther from the DODAG Root) than 210 previously advertised is restricted in order to avoid count-to- 211 infinity problems. The DODAG Root can trigger "global recalculation" 212 of the DODAG by increasing a sequence number, DODAG version, in DIO 213 messages. 215 The DODAG so constructed is used for installing routes: the 216 "preferred parent" of an RPL Router can serve as a default route 217 towards the DODAG Root, and the DODAG Root can embed in its DIO 218 messages the destination prefixes, included by DIOs generated by RPL 219 Routers through the LLN, to which connectivity is provided by the 220 DODAG Root. Thus, RPL by way of DIO generation provides "upward 221 routes" or "multipoint-to-point routes" from the sensors inside the 222 LLN and towards the DODAG Root (and, possibly, to destinations 223 reachable through the DODAG Root). 225 "Downward routes" are enabled by having sensors issue Destination 226 Advertisement Object (DAO) messages, propagating as unicast via 227 preferred parents towards the DODAG Root. These describe which 228 prefixes belong to, and can be reached via, which RPL Router. In a 229 network, all RPL Routers must operate in either of storing mode or 230 non-storing mode, specified by way of a "Mode of Operation" (MOP) 231 flag in the DODAG Configuration Object from the DODAG Root. 232 Depending on the MOP, DAO messages are forwarded differently towards 233 the DODAG Root: 235 o In "non-storing mode", an RPL Router originates a DAO messages, 236 advertising one or more of its parents, and unicasts these to the 237 DODAG Root. Once the DODAG Root has received DAOs from an RPL 238 Router, and from all RPL Routers on the route between it and the 239 DODAG Root, it can use source routing for reaching advertised 240 destinations inside the LLN. 242 o In "storing mode", each RPL Router on the route between the 243 originator of a DAO and the DODAG Root records a route to the 244 prefixes advertised in the DAO, as well as the next-hop towards 245 these (the RPL Router, from which the DAO was received), then 246 forwards the DAO to its preferred parent. 248 "Point-to-point routes", for communication between devices inside the 249 LLN and where neither of the communicating devices are the DODAG 250 Root, are as default supported by having the source sensor transmit a 251 data packet, via its default route to the DODAG Root (i.e., using the 252 upward routes), which will then, depending on the "Mode of Operation" 253 for the DODAG, either add a source-route to the received data packet 254 for reaching the destination sensor (downward routes in non-storing 255 mode), or simply use hop-by-hop routing (downward routes in storing 256 mode) for forwarding the data packet. In the case of storing mode, 257 if the source and the destination for a point-to-point data packet 258 share a common ancestor other than the DODAG Root, a downward route 259 may be available in an RPL Router (and, thus, used) before the data 260 packet reaches the DODAG Root. 262 3.1. RPL Message Emission Timing - Trickle Timers 264 RPL message generation is timer-based, with the DODAG Root being able 265 to configure back-off of message emission intervals using Trickle 266 [RFC6206]. Trickle, as used in RPL, stipulates that an RPL Router 267 transmits a DIO "every so often" - except if receiving a number of 268 DIOs from neighbor RPL routers, enabling the RPL Router to determine 269 if its DIO transmission is redundant. 271 When an RPL Router transmits a DIO, there are two possible outcomes: 272 either every neighbor RPL Router that hears the message finds that 273 the information contained is consistent with its own state (i.e., the 274 received DODAG version number corresponds with that which the RPL 275 Router has recorded, and no better rank is advertised than that which 276 is recorded in the parent set) - or, a recipient RPL Router detects 277 that either the sender of the DIO or itself has out-of-date 278 information. If the sender has out-of-date information, then the 279 recipient RPL Router schedules transmission of a DIO to update this 280 information. If the recipient RPL Router has out-of-date 281 information, then it updates based on the information received in the 282 DIO. 284 With Trickle, an RPL Router will schedule emission of a DIO at some 285 time, t, in the future. When receiving a DIO containing information 286 consistent with its own information, the RPL Router will record that 287 "redundant information has been received" by incrementing a 288 redundancy counter, c. At the time t, if c is below some "redundancy 289 threshold", then it transmits its DIO. Otherwise, transmission of a 290 DIO at this time is suppressed, c is reset and a new t is selected to 291 twice as long time in the future - bounded by a pre-configured 292 maximum value for t. If, on the other hand, the RPL Router has 293 received an out-of-date DIO from one of its neighbors, t is reset to 294 a pre-configured minimum value and c is set to zero. In both cases, 295 at the expiration of t, the RPL Router will verify if c is below the 296 "redundancy threshold" and if so transmit - otherwise, increase t and 297 stay quiet. 299 4. Requirement Of DODAG Root 301 As indicated in Section 3, the DODAG Root has both a special 302 responsibility and is subject to special requirements. The DODAG 303 Root is responsible for determining and maintaining the configuration 304 parameters for the DODAG, and for initiating DIO emissions. 306 The DODAG Root is also responsible (in both storing and non-storing 307 mode) for being able to, when downward routes are supported, maintain 308 sufficient topological information to be able to construct routes to 309 all destinations in the network. 311 When operating in non-storing mode, this entails that the DODAG Root 312 is required to have sufficient memory and sufficient computational 313 resources to be able to record a network graph containing all routes 314 from itself and to all destinations and calculate routes. 316 When operating in storing mode, this entails that the DODAG Root 317 needs enough memory to keep a list of all RPL Routers in the RPL 318 instance, and a next hop for each of those RPL routers. If 319 aggregation is used, the memory requirements can be reduced in 320 storing mode (see Section 8 for observations about aggregation in 321 RPL). 323 The DODAG Root is also required to have sufficient energy available 324 so as to be able to ensure the relay functions required. This, 325 especially for non-storing mode, where all data packets transit 326 through the DODAG Root. 328 4.1. Observations 330 In a given deployment, select RPL Routers can be provisioned with the 331 required energy, memory and computational resources so as to serve as 332 DODAG Roots, and be administratively configured as such - with the 333 remainder of the RPL routers in the network being of typically lesser 334 capacity. [rpl-eval-UCB] indicates that, in storing mode, a TelosB 335 mote with 10KB of RAM has sufficient memory to support up to about 30 336 RPL Routers in the LLN - in a larger network (in storing or non- 337 storing mode, both) the DODAG Root would require at least that much, 338 likely much more, memory. In non-storing mode, the resource 339 requirements on the DODAG Root are likely much higher than in storing 340 mode, as the DODAG Root needs to store a network graph containing 341 complete routes to all destinations in the RPL instance, in order to 342 calculate the routing table (whereas in storing mode, only the next 343 hop for each destination in the RPL instance needs to be stored, and 344 aggregation may be used to further reduce the resource requirements). 346 RPL Routers provisioned with resources to act as DODAG Roots, and 347 administratively configured to act as such, represent a single point 348 of failure in the network. As the memory requirements for the DODAG 349 Root and for other RPL Routers are substantially different, unless 350 all RPL Routers are provisioned with resources (memory, energy, ...) 351 to act as DODAG Roots, effectively if the designated DODAG Root 352 fails, the network fails and RPL is unable to operate. Even if 353 electing another RPL Router as temporary DODAG root (e.g., for 354 forming a "Floating" DODAG) for providing internal connectivity 355 between RPL Routers, this router may not have the necessary resources 356 to satisfy this role as (temporary) DODAG Root. 358 Thus, although in principle RPL provides, by way of "Floating 359 DODAGs", protocol mechanisms for establishing a DODAG for providing 360 internal connectivity even in case of failure of the administratively 361 provisioned DODAG Root - especially in non-storing mode - it is 362 unlikely that any RPL Routers not explicitly provisioned as DODAG 363 Roots will have sufficient resources to undertake this task. 365 Another possible LLN scenario is that only internal point-to-point 366 connectivity is sought, and no RPL Router has a more "central" role 367 than any other - a self-organizing LLN. Requiring special 368 provisioning of a specific "super-node" as DODAG Root is both 369 unnecessary and undesirable. 371 5. RPL Data Traffic Flows 373 RPL makes a-priori assumptions of data traffic types, and explicitly 374 defines three such [I-D.ietf-roll-terminology] traffic types: sensor- 375 to-root data traffic (multipoint-to-point) is predominant, root-to- 376 sensor data traffic (point-to-multipoint) is rare and sensor-to- 377 sensor (point-to-point) data traffic is extremely rare. While not 378 specifically called out thus in [RFC6550], the resulting protocol 379 design, however, reflects these assumptions in that the mechanism 380 constructing multipoint-to-point routes is efficient in terms of 381 control traffic generated and state required, point-to-multipoint 382 route construction much less so - and point-to-point routes subject 383 to potentially significant route stretch (routes going through the 384 DODAG Root in non-storing mode) and over-the-wire overhead from using 385 source routing (from the DODAG Root to the destination) (see 386 Section 7) - or, in case of storing mode, considerable memory 387 requirements in all LLN routers inside the network (see Section 7). 389 An RPL Router selects from among its parents a "preferred parent", to 390 serve as a default route towards the DODAG Root (and to prefixes 391 advertised by the DODAG Root). Thus, RPL provides "upward routes" or 392 "multipoint-to-point routes" from the RPL Routers below the DODAG 393 Root and towards the DODAG Root. 395 An RPL Router which wishes to act as a destination for data traffic 396 ("downward routes" or "point-to-multipoint") issues DAOs upwards in 397 the DODAG towards the DODAG Root, describing which prefixes belong 398 to, and can be reached via, that RPL Router. 400 Point-to-Point routes between RPL Routers below the DODAG Root are 401 supported by having the source RPL Router transmit, via its default 402 route, data traffic towards the DODAG Root. In non-storing mode, the 403 data traffic will reach the DODAG Root, which will reflect the data 404 traffic downward towards the destination RPL Router, adding a strict 405 source routing header indicating the precise route for the data 406 traffic to reach the intended destination RPL Router. In storing 407 mode, the source and the destination may possibly (although, may also 408 not) have a common ancestor other than the DODAG Root, which may 409 provide a downward route to the destination before data traffic 410 reaching the DODAG Root. 412 5.1. Observations 414 The data traffic characteristics, assumed by RPL, do not represent a 415 universal distribution of traffic types in LLNs: 417 o There are scenarios where sensor-to-sensor traffic is a more 418 common occurrence, documented, e.g., in [RFC5867] ("Building 419 Automation Routing Requirements in Low Power and Lossy Networks"). 421 o There are scenarios, where all traffic is bi-directional, e.g., in 422 case sensor devices in the LLN are, in majority, "actively read": 423 a request is issued by the DODAG Root to a specific sensor, and 424 the sensor value is expected returned. In fact, unless all 425 traffic in the LLN is unidirectional, without acknowledgements 426 (e.g., as in UDP), and no control messages (e.g., for service 427 discovery) or other data packets are sent from the DODAG Root to 428 the RPL Routers, traffic will be bi-directional. As an example, 429 the ZigBee Alliance SEP 2.0 specification [SEP2.0] describes the 430 use of HTTP over TCP over ZigBeeIP, between RPL Routers and the 431 DODAG Root - and with the use of TCP inherently causing 432 bidirectional traffic by way of data-packets and their 433 corresponding acknowledgements. 435 For the former, all sensor-to-sensor routes include the DODAG Root, 436 possibly causing congestions on the communication medium near the 437 DODAG Root, and draining energy from the intermediate RPL Routers on 438 an unnecessarily long route. If sensor-to-sensor traffic is common, 439 RPL Routers near the DODAG Root will be particularly solicited as 440 relays, especially in non-storing mode. 442 For the latter, as there is no provision for on-demand generation of 443 routing information from the DODAG Root to a proper subset of all RPL 444 Routers, each RPL Router (besides the Root) is required to generate 445 DAOs. In particular in non-storing mode, each RPL Router will 446 unicast a DAO to the DODAG Root (whereas in storing mode, the DAOs 447 propagate upwards towards the Root). The effects of the requirement 448 to establish downward routes to all RPL Routers are: 450 o Increased memory and processing requirements at the DODAG Root (in 451 particular in non-storing mode) and in RPL routers near the DODAG 452 Root (in storing mode). 454 o A considerable control traffic overhead [bidir], in particular at 455 and near the DODAG Root, therefore: 457 o Potentially congested channels, and: 459 o Energy drain from the RPL Routers. 461 6. Fragmentation Of RPL Control Messages And Data Packet 463 The link technologies in LLNs often use small frames [RFC4919], which 464 are unable to carry the minimum 1280 octet IP packet in a single 465 frame [RFC2460]. In such LLNs, link-specific fragmentation and 466 reassembly of IP packets at a layer below IPv6 is used to transport 467 larger IP packets, providing the required minimum 1280 octet MTU. 469 When link-layer fragmentation is applied, the IP packet has to be 470 reassembled at every hop. Every fragment must be received 471 successfully by the receiving node, or the entire IP packet is lost. 472 Moreover, the additional link-layer frame overhead (and IPv6 Fragment 473 header overhead in case of IP fragmentation) for each of the 474 fragments increases the capacity required from the medium, and may 475 consume more energy for transmitting a higher number of frames on the 476 network interface. 478 RPL is an IPv6 routing protocol, designed to operate on constrained 479 link layers, such as IEEE 802.15.4 [ieee802154], with a maximum frame 480 size of 127 bytes - a much smaller value than the specified minimum 481 MTU of 1280 bytes for IPv6 [RFC2460]. Reducing the need of 482 fragmentation of IP datagrams on such a link layer, 6LoWPAN provides 483 an adaptation layer [RFC4944], [RFC6282], providing "Layer 2.5 484 fragmentation" in order to accommodate IPv6 packet transmissions over 485 the maximum IEEE 802.15.4 frame size of 127 octets, as well as 486 compressing the IPv6 header, reducing the overhead of the IPv6 header 487 from at least 40 octets to a minimum of 2 octets by way of 488 compression. Given the IEEE 802.15.4 frame size of 127 octets, a 489 maximum frame overhead of 25 octets and 21 octets for link layer 490 security [RFC4944], 81 octets remain for L2 payload. Further 491 subtracting 2 octets for the compressed IPv6 header leaves 79 octets 492 for L3 data payload if link-layer fragmentation is to be avoided. 494 The second L in LLN indicating Lossy [roll-charter], higher loss 495 rates than typically seen in IP networks are expected, rendering 496 fragmentation important to avoid, in particular because, as mentioned 497 above, the whole IP packet is dropped if only a single fragment is 498 lost. 500 DIO messages consist of a mandatory base object, facilitating DODAG 501 formation, and additional options for e.g., autoconfiguration and 502 network management. The base object contains two unused octets, 503 reserved for future use, resulting in two bytes of unnecessary zeros, 504 sent with each DIO message. The Prefix Information option, used for 505 automatic configuration of address, carries even four unused octets 506 in order to be compatible with IPv6 neighbor discovery. 508 6.1. Observations 510 [RFC4919] makes the following observation regarding using IP in 511 LoWPAN networks based on IEEE 802.15.4 frames: 513 Applications within LoWPANs are expected to originate small 514 packets. Adding all layers for IP connectivity should still allow 515 transmission in one frame, without incurring excessive 516 fragmentation and reassembly. Furthermore, protocols must be 517 designed or chosen so that the individual "control/protocol 518 packets" fit within a single 802.15.4 frame. Along these lines, 519 IPv6's requirement of sub-IP reassembly [...] may pose challenges 520 for low-end LoWPAN devices that do not have enough RAM or storage 521 for a 1280-octet packet. 523 In order to avoid the link-layer fragmentation and thus to adhere to 524 the recommendation in [RFC4919], each control packet of RPL must fit 525 into the remaining 79 octets of the 802.15.4 frame. While 79 octets 526 may seem to be sufficient to carry RPL control messages, consider the 527 following: RPL control messages are carried in ICMPv6, and the 528 mandatory ICMPv6 header consumes 4 octets. The DIO base another 24 529 octets. If link metrics are used, that consumes at least another 8 530 octets - and this is using a hop count metric; other metrics may 531 require more. The DODAG Configuration Object consumes up to a 532 further 16 octets, for a total of 52 octets. Adding a Prefix 533 Information Object for address configuration consumes another 32 534 octets, for a total of 84 octets - thus exceeding the 79 octets 535 available for L3 data payload and causing link-layer fragmentation of 536 such a DIO. As a point of reference, the ContikiRPL [rpl-contiki] 537 implementation includes both the DODAG Configuration option and the 538 Prefix Information option in all DIO messages. Any other options, 539 e.g., Route Information options indicating prefixes reachable through 540 the DODAG Root, increase the overhead and thus the probability of 541 fragmentation. 543 RPL may further increase the probability of link-layer fragmentation 544 of data traffic: for non-storing mode, RPL employs source-routing for 545 all downward traffic. [RFC6554] specifies the RPL Source Routing 546 header, which imposes a fixed overhead of 8 octets per IP packet 547 leaving 71 octets remaining from the link-layer MTU in order to 548 contain the whole IP packet into a single frame - from which must be 549 deducted a variable number of octets, depending on the length of the 550 route. With fewer octets available for data payload, RPL thus 551 increases the probability for link-layer fragmentation of also data 552 packets. This, in particular, for longer routes, e.g., in point-to- 553 point data traffic between sensors inside the LLN, where data traffic 554 transit through the DODAG Root and are then source-routed to the 555 destination. 557 Given the minimal packet size of LLNs, the routing protocol must 558 impose low (or no) overhead on data packets, hopefully independently 559 of the number of hops [RFC4919]. However, source-routing not only 560 causes increased overhead in the IP header, but also leads to a 561 variable available payload for data (depending on how long the source 562 route is). In point-to-point communication and when non-storing mode 563 is used for downward traffic, the source of a data packet will be 564 unaware of how many octets will be available for payload (without 565 incurring L2.5 fragmentation) when the DODAG Root relays the data 566 packet and add the source routing header. Thus, the source may 567 choose an inefficient size for the data payload: if the data payload 568 is large, it may exceed the link-layer MTU at the DODAG Root after 569 adding the source-routing header; on the other hand, if the data 570 payload is low, the network resources are not used efficiently, which 571 introduces more overhead and more frame transmissions. 573 Unless the DODAG root is the source of an IPv6 packet to be forwarded 574 through an RPL LLN, the IPv6 packet must be encapsulated in IPv6-in- 575 IPv6 tunneling, with the RPL extension added to the outer IPv6 576 header. Similarly, in non-storing mode, the original IPv6 packet 577 must be carried in IPv6-in-IPv6 tunneling, with the RPL routing 578 header added to the outer IPv6 header. Both of these mechanisms add 579 additional overhead, increasing the likelihood that link-layer 580 fragmentation will be required to deliver the IPv6 packet. In 581 addition, even IPv6 packets that are the minimum MTU size of 1280 582 octets will require IPv6 fragmentation to accommodate the RPL tunnel 583 and headers on a deployment using the RFC4944 specification to carry 584 IPv6 over IEEE 802.15.4, because RFC4944 defines the MTU for such 585 deployments to be 1280 octets. The ZigBee Alliance is considering 586 relaxing RFC4944 to use an MTU of 1360 octets in its specification 587 for IPv6 over IEEE 802.15.4 to accommodate 1280 octet IPv6 packets 588 with the required tunnel overhead without fragmentation. 590 7. The DAO Mechanism: Downward and Point-to-Point Routes 592 RPL specifies two distinct and incompatible "modes of operation" for 593 downward traffic: storing mode, where each RPL Router is assumed to 594 maintain routes to all destinations in its sub-DODAG, i.e., RPL 595 Routers that are "deeper down" in the DODAG, and non-storing mode, 596 where only the DODAG Root stores routes to destinations inside the 597 LLN, and where the DODAG Root employs strict source routing in order 598 to route data traffic to the destination RPL Router. 600 7.1. Observations 602 In addition to possible fragmentation, as occurs when using 603 potentially long source routing headers over a medium with a small 604 MTU - similar to what is discussed in Section 6 - the maximum length 605 of the source routing header [RFC6554] is limited to 136 octets, 606 including an 8 octet long header. As each IPv6 address has a length 607 of 16 octets, not more than 8 hops from the source to the destination 608 are possible for "raw IPv6". Using address compression (e.g., as 609 specified in [RFC4944]), the maximum route length may not exceed 64 610 hops. This excludes deployment of RPL for scenarios with long 611 "chain-like" topologies, such as traffic lights along a street. 613 In storing mode, each RPL Router has to store routes for destinations 614 in its sub-DODAG. This implies that, for RPL Routers near the DODAG 615 Root, the required storage is only bounded by the number of 616 destinations in the network. As RPL targets constrained devices with 617 little memory, but also has as ambition to be operating networks 618 consisting of thousands of routers [roll-charter], the storing 619 capacity on these RPL Routers may not be sufficient - or, at least, 620 the storage requirements in RPL Routers "near the DODAG Root" and 621 "far from the DODAG Root" is not homogenous, thus some sort of 622 administrative deployment, and continued administrative maintenance 623 of devices, as the network evolves, is needed. Indeed, 624 [rpl-eval-UCB] argues that practical experiences suggest that RPL in 625 storing mode, with RPL Routers having 10kB of RAM, should be limited 626 to networks of less than ~30 RPL Routers. Aggregation / 627 summarization of addresses may be advanced as a possible argument 628 that this issue is of little significance - Section 8 discusses why 629 such an argument does not apply. Moreover, if the LoWPAN adaption 630 layer [RFC4944] is used in the LLN, route aggregation is not possible 631 since the same /64 is applied across the entire network. 633 In short, the mechanisms in RPL force the choice between requiring 634 all RPL Routers to have sufficient memory to store route entries for 635 all destinations (storing mode) - or, suffer increased risk of 636 fragmentation, and thus loss of data packets, while consuming network 637 capacity by way of source routing through the DODAG Root (non-storing 638 mode). 640 In RPL, the "mode of operation" stipulates that either downward 641 routes are not supported (MOP=0), or that they are supported by way 642 of either storing or non-storing mode. In case downward routes are 643 supported, RPL does not provide any mechanism for discriminating 644 between which routes should or should not be maintained. In 645 particular, in order to calculate routes to a given destination, all 646 intermediaries between the DODAG Root and that destination must 647 themselves be reachable - effectively rendering downward routes in 648 RPL an "all-or-none" situation. In case a destination is 649 unreachable, all the DODAG Root may do is require all destinations to 650 re-issue their DAOs, by way of issuing a DIO with an increased DODAG 651 version number, possibly provoking a broadcast-storm-like situation. 652 This, in particular, as [RFC6550] does not specify DAO message 653 transmission constraints, nor any mechanism for adapting DAO emission 654 to the network capacity. 656 A final point on the DAO mechanism: RPL supports point-to-point 657 traffic only by way of relaying through the DODAG. In networks where 658 point-to-point traffic is no rare occurrence, this causes unduly long 659 routes (with possibly increased energy consumption, increased 660 probability of packet losses) as well as possibly congestion around 661 the DODAG Root. 663 8. Address Aggregation and Summarization 665 As indicated in Section 7, in storing mode, an RPL Router is expected 666 to be able to store routing entries for all destinations in its "sub- 667 DODAG", i.e., routing entries for all destinations in the network 668 where the route to the DODAG Root includes that RPL Router. 670 In the Internet, no single router stores explicit routing entries for 671 all destinations. Rather, IP addresses are assigned hierarchically, 672 such that an IP address does not only uniquely identify a network 673 interface, but also its topological location in the network, as 674 illustrated in Figure 2. All addresses with the same prefix are 675 reachable by way of the same router - which can, therefore, advertise 676 only that prefix. Other routers need only record a single routing 677 entry for that prefix, knowing that as the IP packet reaches the 678 router advertising that prefix, more precise routing information is 679 available. 681 .---. 682 | | 683 '---' 684 | 685 | 686 (a) 687 | 688 |1.x.x.x/8 689 | 690 (b) 691 / \ 692 1.1.x.x/16/ \ 1.2.x.x/16 693 / \ 694 .---. .---. 695 | c | | d | 696 '---' '---' 698 Figure 2: Address Hierarchies 700 Any aggregated routes require the use of a prefix shorter than /64, 701 and subsequent hierarchical assignment of prefixes down to a /64 (as 702 any RPL Router itself provides a /64 subnet to any hosts connected to 703 the router). 705 Moreover, if the 6lowpan adaption layer [RFC4944] is used in the LLN, 706 route aggregation is not possible since the same /64 is applied 707 across the entire network. 709 8.1. Observations 711 In RPL, each RPL Router acquires a number of parents, as described in 712 Section 3, from among which it selects one as its preferred parent 713 and, thus, next-hop on the route to the DODAG Root. RPL Routers 714 maintain a parent set containing possibly more than a single parent 715 so as to be able to rapidly select an alternative preferred parent, 716 should the previously selected such become unavailable. Thus 717 expected behavior is for an RPL Router to be able to change its point 718 of attachment towards the DODAG Root. If IP addresses are assigned 719 in a strictly hierarchical fashion, and if scalability of the routing 720 state maintained in storing mode is based on this hierarchy, then 721 this entails that each time an RPL Router changes its preferred 722 parent, it must also change its own IP address - as well as cause RPL 723 routers in its "sub-DODAG" to do the same. RPL does not specify 724 signaling for reconfiguring addresses in a sub-DODAG, while [RFC6550] 725 specifically allows for aggregation (e.g., in Section 18.2.6.: "[...] 726 it is recommended to delay the sending of DAO message to DAO parents 727 in order to maximize the chances to perform route aggregation"). 729 A slightly less strict hierarchy can be envisioned, where an RPL 730 Router can change its preferred parent without necessarily changing 731 addresses of itself and of its sub-DODAG, provided that its former 732 and new preferred parents both have the same preferred parent, and 733 have addresses hierarchically assigned from that - from the 734 "preferred grandparent". With reference to Figure 1, this could be e 735 changing its preferred parent from d to c, provided that both d and c 736 have b as preferred parent. Doing so would impose a restriction on 737 the parent-set selection, admitting only parents which have 738 themselves the same parent, losing redundancy in the network 739 connectivity. RPL does not specify rules for admitting only parents 740 with identical grand-parents into the parent set - although such is 741 not prohibited either, if the loss of redundancy is acceptable. 743 The DODAG Root incrementing the DODAG version number is the mechanism 744 by which RPL enables global reconfiguration of the network, 745 reconstructing the DODAG with (intended) more optimal routes. In 746 case of addressing hierarchies being enforced, so as to enable 747 aggregation, this will either restrict the ability for an optimal 748 DODAG construction, or will also have to trigger global address 749 autoconfiguration so as to ensure addressing hierarchies. 751 Finally, with IP addresses serving a dual role of an identifier of 752 both an end-point for communication and a topological location in the 753 network, changing the IP address of a device, so as to reflect a 754 change in network topology, also entails interrupting ongoing 755 communication to or through that device. Additional mechanisms 756 (e.g., a DNS-like system) mapping "communications identifiers" and 757 "IP addresses" are required. 759 9. Links Assumed Bi-Directional 761 Parents (and the preferred parent) are selected based on receipt of 762 DIOs, without verification of the ability for an RPL Router to 763 successfully communicate with the parent - i.e., without any 764 bidirectionality check of links. However, the basic use of links is 765 for "upward" routes, i.e., for the RPL Router to use a parent (the 766 preferred parent) as relay towards the DODAG Root - in the opposite 767 direction of the one in which the DIO was received. 769 9.1. Observations 771 Unidirectional links are no rare occurrence, such as is known from 772 wireless multi-hop networks. Preliminary results from a test-bed of 773 AMI (Automated Metering Infrastructure) devices using 950MHz radio 774 interfaces, and with a total of 22 links, show that 36% of these 775 links are unidirectional. If an RPL Router receives a DIO on such an 776 unidirectional link, and selects the originator of the DIO as parent, 777 which would be a bad choice: unicast traffic in the upward direction 778 would be lost. If the RPL Router had verified the bidirectionality 779 of links, it might have selected a better parent, to which it has a 780 bidirectional link. 782 10. Neighbor Unreachability Detection For Unidirectional Links 784 [RFC6550] suggests using Neighbor Unreachability Detection (NUD) 785 [RFC4861] to detect and recover from the situation of unidirectional 786 links between an RPL Router and its (preferred) parent(s). When, 787 e.g., an RPL Router tries (and fails) to actually use another RPL 788 Router for forwarding traffic, NUD is supposed engaged to detect and 789 prompt corrective action, e.g., by way of selecting an alternative 790 preferred parent. 792 NUD is based upon observing if a data packet is making forward 793 progress towards the destination, either by way of indicators from 794 upper-layer protocols (such as TCP and, though not called out in 795 [RFC4861], also from lower-layer protocols such as Link Layer ACKs ) 796 or - failing that - by unicast probing by way of transmitting a 797 unicast Neighbor Solicitation message and expecting that a solicited 798 Neighbor Advertisement message be returned. 800 10.1. Observations 802 An RPL Router may receive, transiently, a DIO from an RPL Router, 803 closer (in terms of rank) to the DODAG Root than any other RPL Router 804 from which a DIO has been received. Some, especially wireless, link 805 layers may exhibit different transmission characteristics between 806 multicast and unicast transmissions (such is the case for some 807 implementations of IEEE 802.11b, where multicast/broadcast 808 transmissions are sent at much lower bit-rates than are unicast; IEEE 809 802.11b is, of course, not suggested as a viable L2 for LLNs, but 810 serves to illustrate that such asymmetric designs exist), leading to 811 a (multicast) DIO being received from farther away than a unicast 812 transmission can reach. DIOs are sent (downward) using link-local 813 multicast, whereas the traffic flowing in the opposite direction 814 (upward) is unicast. Thus, a received (multicast) DIO may not be 815 indicative of useful unicast connectivity - yet, RPL might cause this 816 RPL Router to select this seemingly attractive RPL Router as its 817 preferred parent. This may happen both at initialization, or at any 818 time during the LLN lifetime as RPL allows attachment to a "better 819 parent" over the network lifetime. 821 A DODAG so constructed may appear stable and converged until such 822 time that unicast traffic is to be sent and, thus, NUD invoked. 823 Detecting only at that point that unicast connectivity is not 824 maintained, and causing local (and possibly global) repairs exactly 825 at that time, may lead to traffic not being deliverable. As 826 indicated in Section 8, if scalability is dependent on addresses 827 being assigned hierarchically, changing point-of-attachment may 828 entail more than switching preferred parent. 830 An RPL router may detect that its preferred parent is lost by way of 831 NUD, when trying to communicate to the DODAG Root. If that RPL 832 router has no other parents in its parent set, all it can do is wait: 833 RPL does not provide other mechanisms for an RPL router to react to 834 such an event. In the case where there is no downward traffic (i.e., 835 no data or acknowledgements are sent from the DODAG Root), neither 836 the DODAG Root nor the preferred parent, to which upward connectivity 837 was lost, will be able to detect and react to the event of 838 connectivity loss. 840 In other words, for upward traffic, the RPL routers that by way of 841 NUD detect connectivity loss, will be unable to act in order to 842 restore connectivity (e.g., by way of a signaling mechanism to the 843 DODAG Root, to request DODAG reconstruction by way of version number 844 increase). The RPL routers, which could react (the "preferred 845 parents") will for upward traffic not generate any traffic "downward" 846 allowing NUD to engage and detect connectivity loss. 848 It is worth noting that RPL is optimized for upward traffic 849 (multipoint-to-point traffic), and that this is exactly the type of 850 traffic where NUD is not applicable as a mechanism for detecting and 851 reacting to connectivity loss. 853 Also, absent all RPL Routers consistently advertising their 854 reachability through DAO messages, a protocol requiring bidirectional 855 flows between the communicating devices, such as TCP, will be unable 856 to operate. 858 Finally, upon having been notified by NUD that the "next hop" is 859 unreachable, an RPL Router must discard the preferred parent and 860 select another - hoping that this time, the preferred parent is 861 actually reachable. Also, if NUD indicates "no forward progress" 862 based on an upper-layer protocol, there is no guarantee that the 863 problem stems exclusively from the preferred parent being 864 unreachable. Indeed, it may be a problem farther ahead, possibly 865 outside the LLN, thus changing preferred parent will not alleviate 866 the situation. Moreover, using information from an upper-layer 867 protocol, e.g., to return TCP ACKs back to the source, requires 868 established downward routes in the DODAG (i.e., each RPL router needs 869 to send DAO messages to the DODAG Root, as described in Section 7). 871 Incidentally, this stems from a fundamental difference between "fixed 872 links in the Internet" and "wireless links": whereas the former, as a 873 rule, are reliable, predictable and with losses being rare 874 exceptions, the latter are characterized by frequent losses and 875 general unpredictability. 877 11. RPL Implementability and Complexity 879 RPL is designed to operate on "RPL Routers [...] with constraints on 880 processing power, memory, and energy (battery power)" [RFC6550]. 881 However, the 163 pages long specification of RPL, plus additional 882 specifications for routing headers [RFC6554], Trickle timer 883 [RFC6206], routing metrics [RFC6551] and objective function 884 [RFC6552], describes complex mechanisms (e.g., the upwards and 885 downward data traffic, a security solution, manageability of RPL 886 Routers, auxiliary functions for autoconfiguration of RPL Routers, 887 etc.), and provides no less than 9 message types, and 10 different 888 message options. 890 To give one example, the ContikiRPL implementation 891 (http://www.sics.se/contiki), which provides only storing mode and no 892 security features, consumes about 50 KByte of memory. Sensor 893 hardware, such as MSP430 sensor platforms, does not contain much more 894 memory than that, i.e., there may not be much space left to deploy 895 any application on the RPL Router. 897 11.1. Observations 899 Since RPL is intended as the routing protocol for LLNs, which covers 900 all the diverse applications requirements listed in [RFC5867], 902 [RFC5673], [RFC5826], [RFC5548], it is likely that (i) due to limited 903 memory capacity of the RPL Routers, and (ii) due to expensive 904 development cost of the routing protocol implementation, RPL 905 implementations will only support a partial set of features from the 906 specification, leading to non-interoperable implementations. 908 In order to accommodate for the verbose exchange format, route 909 stretching and source routing for point-to-point traffic, several 910 additional Internet-Drafts are being discussed for adoption in the 911 ROLL Working Group - adding complexity to an already complex 912 specification which, it is worth recalling, was intended to be of a 913 protocol for low-capacity devices. 915 12. Underspecification 917 While [RFC6550] is verbose in many parts, as described in Section 11, 918 some mechanisms are underspecified. 920 While for DIOs, the Trickle timer specifies a relatively efficient 921 and easy-to-understand timing for message transmission, the timing of 922 DAO transmission is not explicit. As each DAO may have a limited 923 lifetime, one "best guess" for implementers would be to send DAO 924 periodically, just before the life-time of the previous DAO expires. 925 Since DAOs may be lost, another "best guess" would be to send several 926 DAOs shortly one after the other in order to increase probability 927 that at least one DAO is successfully received. 929 The same underspecification applies for DAO-ACK messages: optionally, 930 on reception of a DAO, an RPL Router may acknowledge successful 931 reception by returning a DAO-ACK. Timing of DAO-ACK messages is 932 unspecified by RPL. 934 12.1. Observations 936 By not specifying details about message transmission intervals and 937 required actions when receiving DAO and DAO-ACKs, implementations may 938 exhibit a bad performance if not carefully implemented. Some 939 examples are: 941 1. If DAO messages are not sent in due time before the previous DAO 942 expires (or if the DAO is lost during transmission), the routing 943 entry will expire before it is renewed, leading to a possible 944 data traffic loss. 946 2. RPL does not specify to use jitter [RFC5148] (i.e., small random 947 delay for message transmissions). If DAOs are sent periodically, 948 adjacent RPL Routers may transmit DAO messages at the same time, 949 leading to link layer collisions. 951 3. In non-storing mode, the "piece-wise calculation" of routes to a 952 destination from which a DAO has been received, relies on 953 previous reception of DAOs from intermediate RPL Routers along 954 the route. If not all of these DAOs from intermediate RPL 955 Routers have been received, route calculation is not possible, 956 and DAO-ACKs or data traffic cannot be sent to that destination. 958 Other examples of underspecification include detection of 959 connectivity loss, as described in Section 10, as well as the local 960 repair mechanism, which may lead to loops and thus data traffic loss, 961 if not carefully implemented: an RPL Router discovering that all its 962 parents are unreachable, may - according to the RPL specification - 963 "detach" from the DODAG, i.e., increase its own rank to infinity. It 964 may then "poison" its sub-DODAG by advertising its infinite rank in 965 its DIOs. If, however, the RPL Router receives a DIO before it 966 transmits the "poisoned" DIO, it may attach to its own sub-DODAG, 967 creating a loop. If, instead, it had waited some time before 968 processing DIOs again, chances are it would have succeeded in 969 poisoning its sub-DODAG and thus avoided the loop. 971 13. Protocol Convergence 973 Trickle [RFC6206] is used by RPL to schedule transmission of DIO 974 messages, with the objective of minimizing the amount of transmitted 975 DIOs while ensuring a low convergence time of the network. The 976 theoretical behavior of Trickle is well understood, and the 977 convergence properties are well studied. Simulations of the 978 mechanism, such as documented [trickle-multicast], confirm these 979 theoretical studies. 981 In real-world environments, however, varying link qualities may cause 982 the algorithm to converge less well: frequent message losses entail 983 resets of the Trickle timer and more frequent and unpredicted message 984 emissions. 986 This has been observed, e.g., in an experimental testbed: 69 RPL 987 Routers (MSP430-based wireless sensor routers with IEEE 802.15.4, 988 using [rpl-contiki] IPv6 stack and RPL without downward routes; the 989 parameters of the Trickle timer were set to the implementation 990 defaults (minimum DIO interval: 4 s, DIO interval doublings: 8, 991 redundancy constant: 10) were positioned in a fixed grid topology. 992 This resulted in DODAGs being constructed with an average of 2.45 993 children per RPL Router and an average rank of 3.58. 995 In this small test network, the number of DIO messages emitted - 996 expectedly - spiked within the first ~10 seconds. Alas, rather than 997 taper off to become zero (as the simulation studies would suggest), 998 the DIO emission rate remained constant at about 70 DIOs per second. 999 Details on this experiment can be found in [rpl-eval]. 1001 13.1. Observations 1003 The varying link quality in real-world environments results in 1004 frequent changes of the best parent, which triggers a reset of the 1005 Trickle timer and thus the emission of DIOs. Therefore Trickle does 1006 not converge as well for links that are fluctuating in quality as in 1007 theory. 1009 The resulting higher control overhead due to frequent DIO emission, 1010 leads to higher bandwidth and energy consumption as well as possibly 1011 to an increased number of collisions of frames, as observed in 1012 [trickle-multicast]. 1014 14. Loops 1016 [RFC6550] states that it "guarantees neither loop free route 1017 selection nor tight delay convergence times, but can detect and 1018 repair a loop as soon as it is used. RPL uses this loop detection to 1019 ensure that packets make forward progress [...] and trigger repairs 1020 when necessary". This implies that a loop may only then be detected 1021 and fixed when data traffic is sent through the network. 1023 In order to trigger a local repair, RPL relies on the "direction" 1024 information (with values "up" or "down"), contained in an IPv6 hop- 1025 by-hop option header from received a data packet. If an "upward" 1026 data packet is received by an RPL Router, but the previous hop of the 1027 packet is listed with a lower rank in the neighbor set, the RPL 1028 Router concludes that there must be a routing loop and it may 1029 therefore trigger a local repair. For downward traffic in non- 1030 storing mode, the DODAG Root can detect loops if the same router 1031 identifier (i.e., IP address) appears at least twice in the route 1032 towards a destination. 1034 14.1. Observations 1036 The reason for RPL to repair loops only when detected by a data 1037 traffic transmission is to reduce control traffic overhead. However, 1038 there are two problems in repairing loops only when so triggered: (i) 1039 the triggered local repair mechanism delays forward progress of data 1040 packets, increasing end-to-end delays, and (ii) the data packet has 1041 to be buffered during repair. 1043 (i) may seem as the lesser of the two problems, since in a number of 1044 applications, such as data acquisition in smart metering 1045 applications, an increased delay may be acceptable. However, for 1046 applications such as alarm signals or in home automation (e.g., a 1047 light switch), increased delay may be undesirable. 1049 As for (ii), RPL is supposed to run on LLN routers with "constraints 1050 on [...] memory" [RFC6550]; buffering incoming packets during the 1051 route repair may not be possible for all incoming data packets, 1052 leading to dropped packets. Depending on the transport protocol, 1053 these data packets must be retransmitted by the source or are 1054 definitely lost. 1056 If carefully implemented with respect to avoiding loops before they 1057 occur, the impact of the loop detection in RPL may be minimized. 1058 However, it can be observed that with current implementations of RPL, 1059 such as the ContikiRPL implementation, loops do occur - and, 1060 frequently. During the same experiments described in Section 13, a 1061 snapshot of the DODAG was made every ten seconds. In 74.14% of the 1062 4114 snapshots, at least one loop was observed. Further 1063 investigation revealed that in all these cases the DODAG was 1064 partitioned, and the loop occurred in the sub-DODAG that no longer 1065 had a connection to the DODAG Root. When the link to the only parent 1066 of an RPL Router breaks, the RPL Router may increase its rank and - 1067 when receiving a DIO from an RPL Router in its sub-DODAG - attach 1068 itself to its own sub-DODAG, thereby creating a loop - as detailed in 1069 Section 12.1. 1071 While it can be argued that the observed loops are harmless since 1072 they occur in a DODAG partition that has no connection to the DODAG 1073 Root, they show that the state of the network is inconsistent. Even 1074 worse, when the broken link re-appears, it is possible that in 1075 certain situations, the loop is only repaired when data traffic is 1076 sent, possibly leading to data loss (as described above). This can 1077 occur if the link to the previous parent is reestablished, but the 1078 rank of that previous parent has increased in the meantime. 1080 Another problem with the loop repair mechanism arises in non-storing 1081 mode when using only downward traffic: while the DODAG Root can 1082 easily detect loops (as described above), it has no direct means to 1083 trigger a local repair where the loop occurs. Indeed, it can only 1084 trigger a global repair by increasing the DODAG version number, 1085 leading to a Trickle timer reset and increased control traffic 1086 overhead in the network caused by DIO messages, and therefore a 1087 possible energy drain of the RPL Routers and congestion of the 1088 channel. 1090 Finally, loop detection for every data packet increases the 1091 processing overhead. RPL is targeted for deployments on very 1092 constrained devices with little CPU power, therefore a loop detection 1093 for every packet reduces available resources of the LLN router for 1094 other tasks (such as sensing). Moreover, each IPv6 packet needs to 1095 contain the "RPL Option for Carrying RPL Information in Data-Plane 1096 Datagrams" [RFC6553] in order to use loop detection (as well as 1097 determining the RPL instance), which in turn implies an extra IPv6 1098 header (and thus overhead) for IPv6-in-IPv6 tunneling. As this RPL 1099 option is a hop-by-hop option, it needs to be in an encapsulating 1100 IPv6-in-IPv6 tunnel and then regenerated at each hop. 1102 15. Security Considerations 1104 This document does currently not specify any security considerations. 1105 This document also does not provide any evaluation of the security 1106 mechanisms of RPL. 1108 16. IANA Considerations 1110 This document has no actions for IANA. 1112 17. Acknowledgements 1114 The authors would like to thank Matthias Philipp (INRIA) for his 1115 contributions to conducting many of the experiments, revealing or 1116 confirming the issues described in this document. 1118 Moreover, the authors would like to express their gratitude to Ralph 1119 Droms (Cisco) for his careful review of various versions of this 1120 document, for many long discussions, and for his considerable 1121 contributions to both the content and the quality of this document. 1123 18. Informative References 1125 [I-D.ietf-roll-terminology] 1126 Vasseur, JP., "Terminology in Low power And Lossy 1127 Networks", work in 1128 progress draft-ietf-roll-terminology-06, September 2011. 1130 [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 1131 3", BCP 9, RFC 2026, October 1996. 1133 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1134 (IPv6) Specification", RFC 2460, Decemer 1998. 1136 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1137 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1138 September 2007. 1140 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 1141 over Low-Power Wireless Personal Area Networks (6LoWPANs): 1142 Overview, Assumptions, Problem Statement, and Goals", 1143 RFC 4919, August 2007. 1145 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1146 "Transmission of IPv6 Packets over IEEE 802.15.4 1147 Networks", RFC 4944, September 2007. 1149 [RFC5148] Clausen, T., Dearlove, C., and B. Adamson, "Jitter 1150 Considerations in Mobile Ad Hoc Networks (MANETs)", 1151 RFC 5148, February 2008. 1153 [RFC5548] Dohler, M., Watteyne, T., Winter, T., and D. Barthel, 1154 "Routing Requirements for Urban Low-Power and Lossy 1155 Networks", RFC 5548, May 2009. 1157 [RFC5673] Pister, K., Thubert, P., Dwars, S., and T. Phinney, 1158 "Industrial Routing Requirements in Low-Power and Lossy 1159 Networks", RFC 5673, October 2009. 1161 [RFC5826] Brandt, A., Buron, J., and G. Porcu, "Home Automation 1162 Routing Requirements in Low-Power and Lossy Networks", 1163 RFC 5826, April 2010. 1165 [RFC5867] Martocci, J., Mi, P., Riou, N., and W. Vermeylen, 1166 "Building Automation Routing Requirements in Low Power and 1167 Lossy Networks", RFC 5867, June 2010. 1169 [RFC6206] Levis, P., Clausen, T., Gnawali, O., and J. Ko, "The 1170 Trickle Algorithm", RFC 6206, March 2011. 1172 [RFC6282] Hui, J. and P. Thubert, "Compression Format for IPv6 1173 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1174 September 2011. 1176 [RFC6550] Winther, T., Thubert, P., Hui, J., Vasseur, J., Brandt, 1177 A., Kelsey, R., Levis, P., Piester, K., Struik, R., and R. 1178 Alexander, "RPL: IPv6 Routing Protocol for Low-Power and 1179 Lossy Networks", RFC 6550, March 2012. 1181 [RFC6551] Vasseur, J., Pister, K., Dejan, N., and D. Barthel, 1182 "Routing Metrics Used for Path Calculation in Low-Power 1183 and Lossy Networks", RFC 6551, March 2012. 1185 [RFC6552] Thubert, P., "Objective Function Zero for the Routing 1186 Protocol for Low-Power and Lossy Networks (RPL)", 1187 RFC 6552, March 2012. 1189 [RFC6553] Hui, J. and J. Vasseur, "The Routing Protocol for Low- 1190 Power and Lossy Networks (RPL) Option for Carrying RPL 1191 Information in Data-Plane Datagrams", RFC 6553, 1192 March 2012. 1194 [RFC6554] Hui, J., Vasseur, J., Culler, D., and V. Manral, "An IPv6 1195 Routing Header for Source Routes with the Routing Protocol 1196 for Low-Power and Lossy Networks (RPL)", RFC 6554, 1197 March 2012. 1199 [SEP2.0] Alliance, Zigbee., "ZigSmart Energy version 2.0 (SEP 2.0) 1200 draft 0.7", July 2011. 1202 [bidir] Clausen, T. and U. Herberg, "A Comparative Performance 1203 Study of the Routing Protocols LOAD and RPL with Bi- 1204 Directional Traffic in Low-power and Lossy Networks 1205 (LLN)", Proceedings of the Eighth ACM International 1206 Symposium on Performance Evaluation of Wireless Ad Hoc, 1207 Sensor, and Ubiquitous Networks (PE-WASUN), 2011. 1209 [ieee802154] 1210 Computer Society, IEEE., "IEEE Std. 802.15.4-2003", 1211 October 2003. 1213 [roll-charter] 1214 "ROLL Charter", 1215 web http://datatracker.ietf.org/wg/roll/charter/, 1216 February 2012. 1218 [rpl-contiki] 1219 Tsiftes, N., Eriksson, J., and A. Dunkels, "Low-Power 1220 Wireless IPv6 Routing with ContikiRPL", 1221 Proceedings Proceedings of the 9th ACM/IEEE International 1222 Conference on Information Processing in Sensor Networks 1223 (ISPN), 2011. 1225 [rpl-eval] 1226 Clausen, T., Herberg, U., and M. Philipp, "A Critical 1227 Evaluation of the IPv6 Routing Protocol for Low Power and 1228 Lossy Networks (RPL)", Proceedings of the 5th IEEE 1229 International Conference on Wireless & Mobile Computing, 1230 Networking & Communication (WiMob), 2011. 1232 [rpl-eval-UCB] 1233 Ko, J., Dawson-Haggerty, S., Culler, D., and A. Terzis, 1234 "Evaluating the Performance of RPL and 6LoWPAN in TinyOS", 1235 Proceedings of the Workshop on Extending the Internet to 1236 Low power and Lossy Networks (IP+SN), 2011. 1238 [trickle-multicast] 1239 Clausen, T. and U. Herberg, "Study of Multipoint-to-Point 1240 and Broadcast Traffic Performance in the 'IPv6 Routing 1241 Protocol for Low Power and Lossy Networks' (RPL)", 1242 Journal of Ambient Intelligence and Humanized Computing, 1243 2011. 1245 Authors' Addresses 1247 Thomas Clausen 1248 LIX, Ecole Polytechnique 1249 91128 Palaiseau Cedex, 1250 France 1252 Phone: +33 6 6058 9349 1253 Email: T.Clausen@computer.org 1254 URI: http://www.thomasclausen.org 1256 Axel Colin de Verdiere 1257 LIX, Ecole Polytechnique 1258 91128 Palaiseau Cedex, 1259 France 1261 Phone: +33 6 1264 7119 1262 Email: axel@axelcdv.com 1263 URI: http://www.axelcdv.com/ 1265 Jiazi Yi 1266 LIX, Ecole Polytechnique 1267 91128 Palaiseau Cedex, 1268 France 1270 Phone: +33 1 6933 4031 1271 Email: jiazi@jiaziyi.com 1272 URI: http://www.jiaziyi.com/ 1273 Ulrich Herberg 1274 Fujitsu Laboratories of America 1275 1240 E Arques Ave 1276 Sunnyvale, CA 94085 1277 USA 1279 Email: ulrich@herberg.name 1280 URI: http://www.herberg.name/ 1282 Yuichi Igarashi 1283 Hitachi, Ltd., Yokohama Research Laboratory 1285 Phone: +81 45 860 3083 1286 Email: yuichi.igarashi.hb@hitachi.com 1287 URI: http://www.hitachi.com/