idnits 2.17.1 draft-ietf-6lo-minimal-fragment-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (23 March 2020) is 1467 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 4919 == Outdated reference: A later version (-21) exists of draft-ietf-6lo-fragment-recovery-20 Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo T. Watteyne, Ed. 3 Internet-Draft Analog Devices 4 Intended status: Standards Track P. Thubert, Ed. 5 Expires: 24 September 2020 Cisco Systems 6 C. Bormann 7 Universitaet Bremen TZI 8 23 March 2020 10 On Forwarding 6LoWPAN Fragments over a Multihop IPv6 Network 11 draft-ietf-6lo-minimal-fragment-15 13 Abstract 15 This document provides generic rules to enable the forwarding of 16 6LoWPAN fragment over a route-over network. Forwarding fragments can 17 improve both the end-to-end latency and reliability, and reduce the 18 buffer requirements in intermediate nodes; it may be implemented 19 using RFC 4944 and virtual reassembly buffers. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on 24 September 2020. 38 Copyright Notice 40 Copyright (c) 2020 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 45 license-info) in effect on the date of publication of this document. 46 Please review these documents carefully, as they describe your rights 47 and restrictions with respect to this document. Code Components 48 extracted from this document must include Simplified BSD License text 49 as described in Section 4.e of the Trust Legal Provisions and are 50 provided without warranty as described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 2.1. BCP 14 . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 2.2. Referenced Work . . . . . . . . . . . . . . . . . . . . . 3 58 2.3. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 4 59 3. Overview of 6LoWPAN Fragmentation . . . . . . . . . . . . . . 4 60 4. Limitations of Per-Hop Fragmentation and Reassembly . . . . . 6 61 4.1. Latency . . . . . . . . . . . . . . . . . . . . . . . . . 6 62 4.2. Memory Management and Reliability . . . . . . . . . . . . 6 63 5. Forwarding Fragments . . . . . . . . . . . . . . . . . . . . 7 64 6. Virtual Reassembly Buffer (VRB) Implementation . . . . . . . 9 65 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 66 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 67 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 11 68 10. Normative References . . . . . . . . . . . . . . . . . . . . 11 69 11. Informative References . . . . . . . . . . . . . . . . . . . 12 70 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 72 1. Introduction 74 The original 6LoWPAN fragmentation is defined in [RFC4944] for use 75 over a single Layer 3 hop, though possibly multiple Layer 2 hops in a 76 mesh-under network, and was not modified by the [RFC6282] update. 77 6LoWPAN operations including fragmentation depend on a Link-Layer 78 security that prevents any rogue access to the network. 80 In a route-over 6LoWPAN network, an IP packet is expected to be 81 reassembled at each intermediate hop, uncompressed, pushed to Layer 3 82 to be routed, and then compressed and fragmented again. This draft 83 introduces an alternate approach called 6LoWPAN Fragment Forwarding 84 (6FF) whereby an intermediate node forwards a fragment (or the bulk 85 thereof, MTU permitting) without reassembling if the next hop is a 86 similar 6LoWPAN link. The routing decision is made on the first 87 fragment of the datagram, which has the IPv6 routing information. 88 The first fragment is forwarded immediately and a state is stored to 89 enable forwarding the next fragments along the same path. 91 Done right, 6LoWPAN Fragment Forwarding techniques lead to more 92 streamlined operations, less buffer bloat and lower latency. But it 93 may be wasteful when fragments are missing, leading to locked 94 resources and low throughput, and it may be misused to the point that 95 the end-to-end latency of one packet falls behind that of per-hop 96 reassembly. 98 This specification provides a generic overview of 6FF, discusses 99 advantages and caveats, and introduces a particular 6LoWPAN Fragment 100 Forwarding technique called Virtual Reassembly Buffer that can be 101 used while retaining the message formats defined in [RFC4944]. Basic 102 recommendations such as the insertion of an inter-frame gap between 103 fragments are provided to avoid the most typical caveats. 105 2. Terminology 107 2.1. BCP 14 109 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 110 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 111 "OPTIONAL" in this document are to be interpreted as described in BCP 112 14 [RFC2119][RFC8174] when, and only when, they appear in all 113 capitals, as shown here. 115 2.2. Referenced Work 117 Past experience with fragmentation, e.g., as described in "IPv4 118 Reassembly Errors at High Data Rates" [RFC4963] and references 119 therein, has shown that mis-associated or lost fragments can lead to 120 poor network behavior and, occasionally, trouble at the application 121 layer. That experience led to the definition of the "Path MTU 122 discovery" [RFC8201] (PMTUD) protocol that limits fragmentation over 123 the Internet. 125 "IP Fragmentation Considered Fragile" [FRAG-ILE] discusses security 126 threats that are linked to using IP fragmentation. The 6LoWPAN 127 fragmentation takes place underneath the IP Layer, but some issues 128 described there may still apply to 6LoWPAN fragments (as discussed in 129 further details in Section 7). 131 Readers are expected to be familiar with all the terms and concepts 132 that are discussed in "IPv6 over Low-Power Wireless Personal Area 133 Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and 134 Goals" [RFC4919] and "Transmission of IPv6 Packets over IEEE 802.15.4 135 Networks" [RFC4944]. 137 "Multiprotocol Label Switching (MPLS) Architecture" [RFC3031] says 138 that with MPLS, 'packets are "labeled" before they are forwarded.' 139 It goes on to say, "At subsequent hops, there is no further analysis 140 of the packet's network layer header. Rather, the label is used as 141 an index into a table which specifies the next hop, and a new label". 142 The MPLS technique is leveraged in the present specification to 143 forward fragments that actually do not have a network layer header, 144 since the fragmentation occurs below IP. 146 2.3. New Terms 148 This specification uses the following terms: 150 6LoWPAN Fragment Forwarding endpoints: The 6FF endpoints are the 151 first and last nodes in an unbroken string of 6LoWPAN Fragment 152 Forwarding nodes. They are also the only points where the 153 fragmentation and reassembly operations take place. 155 Compressed Form: This specification uses the generic term Compressed 156 Form to refer to the format of a datagram after the action of 157 [RFC6282] and possibly [RFC8138] for RPL [RFC6550] artifacts. 159 Datagram_Size: The size of the datagram in its Compressed Form 160 before it is fragmented. 162 Datagram_Tag: An identifier of a datagram that is locally unique to 163 the Layer 2 sender. Associated with the Link-Layer address of the 164 sender, this becomes a globally unique identifier for the datagram 165 within the duration of its transmission. 167 Fragment_Offset: The offset of a fragment of a datagram in its 168 Compressed Form. 170 3. Overview of 6LoWPAN Fragmentation 172 We use Figure 1 to illustrate 6LoWPAN fragmentation. We assume node 173 A forwards a packet to node B, possibly as part of a multi-hop route 174 between 6LoWPAN Fragment Forwarding endpoints which may be neither A 175 nor B, though 6LoWPAN may compress the IP header better when they are 176 both the 6FF and the 6LoWPAN compression endpoints. 178 +---+ +---+ 179 ... ---| A |-------------------->| B |--- ... 180 +---+ +---+ 181 # (frag. 5) 183 123456789 123456789 184 +---------+ +---------+ 185 | # ###| |### # | 186 +---------+ +---------+ 187 outgoing incoming 188 fragmentation reassembly 189 buffer buffer 191 Figure 1: Fragmentation at node A, reassembly at node B. 193 Typically, Node A starts with an uncompressed packet and compacts the 194 IPv6 packet using the header compression mechanism defined in 195 [RFC6282]. If the resulting 6LoWPAN packet does not fit into a 196 single Link-Layer frame, node A's 6LoWPAN sublayer cuts it into 197 multiple 6LoWPAN fragments, which it transmits as separate Link-Layer 198 frames to node B. Node B's 6LoWPAN sublayer reassembles these 199 fragments, inflates the compressed header fields back to the original 200 IPv6 header, and hands over the full IPv6 packet to its IPv6 layer. 202 In Figure 1, a packet forwarded by node A to node B is cut into nine 203 fragments, numbered 1 to 9 as follows: 205 * Each fragment is represented by the '#' symbol. 207 * Node A has sent fragments 1, 2, 3, 5, 6 to node B. 209 * Node B has received fragments 1, 2, 3, 6 from node A. 211 * Fragment 5 is still being transmitted at the link layer from node 212 A to node B. 214 The reassembly buffer for 6LoWPAN is indexed in node B by: 216 * a unique Identifier of Node A (e.g., Node A's Link-Layer address) 218 * the Datagram_Tag chosen by node A for this fragmented datagram 220 Because it may be hard for node B to correlate all possible Link- 221 Layer addresses that node A may use (e.g., short vs. long addresses), 222 node A must use the same Link-Layer address to send all the fragments 223 of the same datagram to node B. 225 Conceptually, the reassembly buffer in node B contains: 227 * a Datagram_Tag as received in the incoming fragments, associated 228 to the interface and the Link-Layer address of node A for which 229 the received Datagram_Tag is unique, 231 * the actual packet data from the fragments received so far, in a 232 form that makes it possible to detect when the whole packet has 233 been received and can be processed or forwarded, 235 * a state indicating the fragments already received, 237 * a Datagram_Size, 239 * a timer that allows discarding a partially reassembled packet 240 after some timeout. 242 A fragmentation header is added to each fragment; it indicates what 243 portion of the packet that fragment corresponds to. Section 5.3 of 244 [RFC4944] defines the format of the header for the first and 245 subsequent fragments. All fragments are tagged with a 16-bit 246 "Datagram_Tag", used to identify which packet each fragment belongs 247 to. Each datagram can be uniquely identified by the sender Link- 248 Layer addresses of the frame that carries it and the Datagram_Tag 249 that the sender allocated for this datagram. [RFC4944] also mandates 250 that the first fragment is sent first and with a particular format 251 that is different than that of the next fragments. Each fragment but 252 the first one can be identified within its datagram by the datagram- 253 offset. 255 Node B's typical behavior, per [RFC4944], is as follows. Upon 256 receiving a fragment from node A with a Datagram_Tag previously 257 unseen from node A, node B allocates a buffer large enough to hold 258 the entire packet. The length of the packet is indicated in each 259 fragment (the Datagram_Size field), so node B can allocate the buffer 260 even if the fragment it receives first is not the first fragment. As 261 fragments come in, node B fills the buffer. When all fragments have 262 been received, node B inflates the compressed header fields into an 263 IPv6 header, and hands the resulting IPv6 packet to the IPv6 layer 264 which performs the route lookup. This behavior typically results in 265 per-hop fragmentation and reassembly. That is, the packet is fully 266 reassembled, then (re)fragmented, at every hop. 268 4. Limitations of Per-Hop Fragmentation and Reassembly 270 There are at least 2 limitations to doing per-hop fragmentation and 271 reassembly. See [ARTICLE] for detailed simulation results on both 272 limitations. 274 4.1. Latency 276 When reassembling, a node needs to wait for all the fragments to be 277 received before being able to reform the IPv6 packet, and possibly 278 forward it to the next hop. This repeats at every hop. 280 This may result in increased end-to-end latency compared to a case 281 where each fragment is forwarded without per-hop reassembly. 283 4.2. Memory Management and Reliability 285 Constrained nodes have limited memory. Assuming a reassembly buffer 286 for a 6LoWPAN MTU of 1280 bytes as defined in section 4 of [RFC4944], 287 typical nodes only have enough memory for 1-3 reassembly buffers. 289 To illustrate this we use the topology from Figure 2, where nodes A, 290 B, C and D all send packets through node E. We further assume that 291 node E's memory can only hold 3 reassembly buffers. 293 +---+ +---+ 294 ... --->| A |------>| B | 295 +---+ +---+\ 296 \ 297 +---+ +---+ 298 | E |--->| F | ... 299 +---+ +---+ 300 / 301 / 302 +---+ +---+ 303 ... --->| C |------>| D | 304 +---+ +---+ 306 Figure 2: Illustrating the Memory Management Issue. 308 When nodes A, B and C concurrently send fragmented packets, all 3 309 reassembly buffers in node E are occupied. If, at that moment, node 310 D also sends a fragmented packet, node E has no option but to drop 311 one of the packets, lowering end-to-end reliability. 313 5. Forwarding Fragments 315 A 6LoWPAN Fragment Forwarding technique makes the routing decision on 316 the first fragment, which is always the one with the IPv6 address of 317 the destination. Upon receiving a first fragment, a forwarding node 318 (e.g. node B in a A->B->C sequence) that does fragment forwarding 319 MUST attempt to create a state and forward the fragment. This is an 320 atomic operation, and if the first fragment cannot be forwarded then 321 the state MUST be removed. 323 Since the Datagram_Tag is uniquely associated to the source Link- 324 Layer address of the fragment, the forwarding node MUST assign a new 325 Datagram_Tag from its own namespace for the next hop and rewrite the 326 fragment header of each fragment with that Datagram_Tag. 328 When a forwarding node receives a fragment other than a first 329 fragment, it MUST look up state based on the source Link-Layer 330 address and the Datagram_Tag in the received fragment. If no such 331 state is found, the fragment MUST be dropped; otherwise the fragment 332 MUST be forwarded using the information in the state found. 334 Compared to Section 3, the conceptual reassembly buffer in node B now 335 contains, assuming that node B is neither the source nor the final 336 destination: 338 * a Datagram_Tag as received in the incoming fragments, associated 339 to the interface and the Link-Layer address of node A for which 340 the received Datagram_Tag is unique 342 * the Link-Layer address that node B uses as source to forward the 343 fragments 345 * the interface and the Link-Layer address of the next hop C that is 346 resolved on the first fragment 348 * a Datagram_Tag that node B uniquely allocated for this datagram 349 and that is used when forwarding the fragments of the datagram 351 * a buffer for the remainder of a previous fragment left to be sent, 353 * a timer that allows discarding the stale FF state after some 354 timeout. The duration of the timer should be longer than that 355 which covers the reassembly at the receiving end point. 357 A node that has not received the first fragment cannot forward the 358 next fragments. This means that if node B receives a fragment, node 359 A was in possession of the first fragment at some point. To keep the 360 operation simple and consistent with [RFC4944], the first fragment 361 MUST always be sent first. When that is done, if node B receives a 362 fragment that is not the first and for which it has no state, then 363 node B treats it as an error and refrains from creating a state or 364 attempting to forward. This also means that node A should perform 365 all its possible retries on the first fragment before it attempts to 366 send the next fragments, and that it should abort the datagram and 367 release its state if it fails to send the first fragment. 369 Fragment forwarding obviates some of the benefits of the 6LoWPAN 370 header compression [RFC6282] in intermediate hops. In return, the 371 memory used to store the packet is distributed along the path, which 372 limits the buffer bloat effect. Multiple fragments may progress 373 simultaneously along the network as long as they do not interfere. 374 An associated caveat is that on a half duplex radio, if node A sends 375 the next fragment at the same time as node B forwards the previous 376 fragment to a node C down the path then node B will miss it. If node 377 C forwards the previous fragment to a node D at the same time and on 378 the same frequency as node A sends the next fragment to node B, this 379 may result in a hidden terminal problem. In that case, the 380 transmission from C interferes at node B with that from A unbeknownst 381 of node A. Consecutive fragments of a same datagram MUST be 382 separated with an inter-frame gap that allows one fragment to 383 progress beyond the next hop and beyond the interference domain 384 before the next shows up. This can be achieved by interleaving 385 packets or fragments sent via different next-hop routers. 387 6. Virtual Reassembly Buffer (VRB) Implementation 389 The Virtual Reassembly Buffer (VRB) [LWIG-VRB] is a particular 390 incarnation of a 6LoWPAN Fragment Forwarding that can be implemented 391 without a change to [RFC4944]. 393 VRB overcomes the limitations listed in Section 4. Nodes do not wait 394 for the last fragment before forwarding, reducing end-to-end latency. 395 Similarly, the memory footprint of VRB is just the VRB table, 396 reducing the packet drop probability significantly. 398 There are other caveats, however: 400 Non-zero Packet Drop Probability: The abstract data in a VRB table 401 entry contains at a minimum the Link-Layer address of the 402 predecessor and that of the successor, the Datagram_Tag used by 403 the predecessor and the local Datagram_Tag that this node will 404 swap with it. The VRB may need to store a few octets from the 405 last fragment that may not have fit within MTU and that will be 406 prepended to the next fragment. This yields a small footprint 407 that is 2 orders of magnitude smaller compared to needing a 408 1280-byte reassembly buffer for each packet. Yet, the size of the 409 VRB table necessarily remains finite. In the extreme case where a 410 node is required to concurrently forward more packets that it has 411 entries in its VRB table, packets are dropped. 413 No Fragment Recovery: There is no mechanism in VRB for the node that 414 reassembles a packet to request a single missing fragment. 415 Dropping a fragment requires the whole packet to be resent. This 416 causes unnecessary traffic, as fragments are forwarded even when 417 the destination node can never construct the original IPv6 packet. 419 No Per-Fragment Routing: All subsequent fragments follow the same 420 sequence of hops from the source to the destination node as the 421 first fragment, because the IP header is required in order to 422 route the fragment and is only present in the first fragment. A 423 side effect is that the first fragment must always be forwarded 424 first. 426 The severity and occurrence of these caveats depends on the Link- 427 Layer used. Whether they are acceptable depends entirely on the 428 requirements the application places on the network. 430 If the caveats are present and not acceptable for the application, 431 alternative specifications may define new protocols to overcome them. 432 One example is [FRAG-RECOV] which specifies a 6LoWPAN Fragment 433 Forwarding technique that allows the end-to-end fragment recovery 434 between the 6LoWPAN FF endpoints. 436 7. Security Considerations 438 An attacker can perform a Denial-of-Service (DoS) attack on a node 439 implementing VRB by generating a large number of bogus "fragment 1" 440 fragments without sending subsequent fragments. This causes the VRB 441 table to fill up. Note that the VRB does not need to remember the 442 full datagram as received so far but only possibly a few octets from 443 the last fragment that could not fit in it. It is expected that an 444 implementation protects itself to keep the number of VRBs within 445 capacity, and that old VRBs are protected by a timer of a reasonable 446 duration for the technology and destroyed upon timeout. 448 Secure joining and the Link-Layer security that it sets up protects 449 against those attacks from network outsiders. 451 "IP Fragmentation Considered Fragile" [FRAG-ILE] discusses security 452 threats and other caveats that are linked to using IP fragmentation. 453 The 6LoWPAN fragmentation takes place underneath the IP Layer, but 454 some issues described there may still apply to 6LoWPAN fragments. 456 * Overlapping fragment attacks are possible with 6LoWPAN fragments 457 but there is no known firewall operation that would work on 458 6LoWPAN fragments at the time of this writing, so the exposure is 459 limited. An implementation of a firewall SHOULD NOT forward 460 fragments but instead should recompose the IP packet, check it in 461 the u ncompressed form, and then forward it again as fragments if 462 necessary. Overlapping fragments are acceptable as long as they 463 contain the same payload. The firewall MUST drop the whole packet 464 if overlapping fragments are encountered that result in different 465 data at the same offset. 467 * Resource exhaustion attacks are certainly possible and a sensitive 468 issue in a constrained network. An attacker can perform a Denial- 469 of-Service (DoS) attack on a node implementing VRB by generating a 470 large number of bogus first fragments without sending subsequent 471 fragments. This causes the VRB table to fill up. When hop-by-hop 472 reassembly is used, the same attack can be more damaging if the 473 node allocates a full Datagram_Size for each bogus first fragment. 474 With the VRB, the attack can be performed remotely on all nodes 475 along a path, but each node suffers a lesser hit. This is because 476 the VRB does not need to remember the full datagram as received so 477 far but only possibly a few octets from the last fragment that 478 could not fit in it. An implementation MUST protect itself to 479 keep the number of VRBs within capacity, and ensure that old VRBs 480 are protected by a timer of a reasonable duration for the 481 technology and destroyed upon timeout. 483 * Attacks based on predictable fragment identification values are 484 also possible but can be avoided. The Datagram_Tag SHOULD be 485 assigned pseudo-randomly in order to defeat such attacks. A 486 larger size of the Datagram_Tag makes the guessing more difficult 487 and reduces the chances of an accidental reuse while the original 488 packet is still in flight, at the expense of more space in each 489 frame. Attacks based on predictable fragment identification 490 values are also possible but can be avoided. The Datagram_Tag 491 SHOULD be assigned pseudo-randomly in order to reduce the risk of 492 such attacks. Nonetheless, some level of risk remains that an 493 attacker able to authenticate to and send traffic on the network 494 can guess a valid Datagram_Tag value, since there are only a 495 limited number of possible values. 497 * Evasion of Network Intrusion Detection Systems (NIDS) leverages 498 ambiguity in the reassembly of the fragment. This attack makes 499 little sense in the context of this specification since the 500 fragmentation happens within the LLN, meaning that the intruder 501 should already be inside to perform the attack. NDIS systems 502 would probably not be installed within the LLN either, but rather 503 at a boittleneck at the exterior edge of the network. 505 8. IANA Considerations 507 No requests to IANA are made by this document. 509 9. Acknowledgments 511 The authors would like to thank Carles Gomez Montenegro, Yasuyuki 512 Tanaka, Ines Robles and Dave Thaler for their in-depth review of this 513 document and improvement suggestions. Also many thanks to Georgios 514 Papadopoulos and Dominique Barthel for their own reviews, and to 515 Roman Danyliw, Barry Leiba, Murray Kucherawy, Derrell Piper, Sarah 516 Banks, Joerg Ott, Francesca Palombini, Mirja Kuhlewind, Eric Vyncke, 517 and especially Benjamin Kaduk for their constructive reviews through 518 the IETF last call and IESG process. 520 10. Normative References 522 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 523 Requirement Levels", BCP 14, RFC 2119, 524 DOI 10.17487/RFC2119, March 1997, 525 . 527 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 528 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 529 May 2017, . 531 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 532 "Transmission of IPv6 Packets over IEEE 802.15.4 533 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 534 . 536 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 537 over Low-Power Wireless Personal Area Networks (6LoWPANs): 538 Overview, Assumptions, Problem Statement, and Goals", 539 RFC 4919, DOI 10.17487/RFC4919, August 2007, 540 . 542 11. Informative References 544 [RFC4963] Heffner, J., Mathis, M., and B. Chandler, "IPv4 Reassembly 545 Errors at High Data Rates", RFC 4963, 546 DOI 10.17487/RFC4963, July 2007, 547 . 549 [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol 550 Label Switching Architecture", RFC 3031, 551 DOI 10.17487/RFC3031, January 2001, 552 . 554 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 555 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 556 DOI 10.17487/RFC6282, September 2011, 557 . 559 [RFC8138] Thubert, P., Ed., Bormann, C., Toutain, L., and R. Cragie, 560 "IPv6 over Low-Power Wireless Personal Area Network 561 (6LoWPAN) Routing Header", RFC 8138, DOI 10.17487/RFC8138, 562 April 2017, . 564 [RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed., 565 "Path MTU Discovery for IP version 6", STD 87, RFC 8201, 566 DOI 10.17487/RFC8201, July 2017, 567 . 569 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 570 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 571 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 572 Low-Power and Lossy Networks", RFC 6550, 573 DOI 10.17487/RFC6550, March 2012, 574 . 576 [FRAG-ILE] Bonica, R., Baker, F., Huston, G., Hinden, R., Troan, O., 577 and F. Gont, "IP Fragmentation Considered Fragile", Work 578 in Progress, Internet-Draft, draft-ietf-intarea-frag- 579 fragile-17, 30 September 2019, 580 . 583 [LWIG-VRB] Bormann, C. and T. Watteyne, "Virtual reassembly buffers 584 in 6LoWPAN", Work in Progress, Internet-Draft, draft-ietf- 585 lwig-6lowpan-virtual-reassembly-02, 9 March 2020, 586 . 589 [FRAG-RECOV] 590 Thubert, P., "6LoWPAN Selective Fragment Recovery", Work 591 in Progress, Internet-Draft, draft-ietf-6lo-fragment- 592 recovery-20, 20 March 2020, . 595 [ARTICLE] Tanaka, Y., Minet, P., and T. Watteyne, "6LoWPAN Fragment 596 Forwarding", IEEE Communications Standards Magazine , 597 2019. 599 Authors' Addresses 601 Thomas Watteyne (editor) 602 Analog Devices 603 32990 Alvarado-Niles Road, Suite 910 604 Union City, CA 94587 605 United States of America 607 Email: thomas.watteyne@analog.com 609 Pascal Thubert (editor) 610 Cisco Systems, Inc 611 Building D 612 45 Allee des Ormes - BP1200 613 06254 Mougins - Sophia Antipolis 614 France 616 Phone: +33 497 23 26 34 617 Email: pthubert@cisco.com 619 Carsten Bormann 620 Universitaet Bremen TZI 621 Postfach 330440 622 D-28359 Bremen 623 Germany 624 Email: cabo@tzi.org