idnits 2.17.1 draft-ietf-6lo-rfc6775-update-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 27, 2017) is 2556 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'IEEEstd802154' is mentioned on line 1283, but not defined == Outdated reference: A later version (-20) exists of draft-ietf-6lo-backbone-router-03 ** Obsolete normative reference: RFC 4941 (Obsoleted by RFC 8981) ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) == Outdated reference: A later version (-23) exists of draft-ietf-6lo-ap-nd-00 == Outdated reference: A later version (-22) exists of draft-ietf-6lo-nfc-06 == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-11 == Outdated reference: A later version (-10) exists of draft-ietf-6tisch-terminology-08 == Outdated reference: A later version (-08) exists of draft-ietf-bier-architecture-06 Summary: 2 errors (**), 0 flaws (~~), 8 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo P. Thubert, Ed. 3 Internet-Draft cisco 4 Updates: 6775 (if approved) E. Nordmark 5 Intended status: Standards Track 6 Expires: October 29, 2017 S. Chakrabarti 7 April 27, 2017 9 An Update to 6LoWPAN ND 10 draft-ietf-6lo-rfc6775-update-03 12 Abstract 14 This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to 15 clarify the role of the protocol as a registration technique, 16 simplify the registration operation in 6LoWPAN routers, and provide 17 enhancements to the registration capabilities, in particular for the 18 registration to a Backbone Router for proxy ND operations. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on October 29, 2017. 37 Copyright Notice 39 Copyright (c) 2017 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. Considerations On Registration Rejection . . . . . . . . . . 3 56 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 4. Extending RFC 7400 . . . . . . . . . . . . . . . . . . . . . 5 58 5. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 5 59 5.1. Extended Address Registration Option . . . . . . . . . . 6 60 5.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 6 61 5.3. Owner Unique ID . . . . . . . . . . . . . . . . . . . . . 7 62 5.4. Registering the Target Address . . . . . . . . . . . . . 8 63 5.5. Link-Local Addresses and Registration . . . . . . . . . . 8 64 5.6. Maintaining the Registration States . . . . . . . . . . . 10 65 6. Updated ND Options . . . . . . . . . . . . . . . . . . . . . 11 66 6.1. New 6LoWPAN capability Bits in the Capability Indication 67 Option . . . . . . . . . . . . . . . . . . . . . . . . . 11 68 6.2. The Enhanced Address Registration Option (EARO) . . . . . 12 69 7. Backward Compatibility . . . . . . . . . . . . . . . . . . . 15 70 7.1. Discovering the capabilities of an ND peer . . . . . . . 15 71 7.1.1. Using the E Flag in the CIO . . . . . . . . . . . . . 15 72 7.1.2. Using the T Flag in the EARO . . . . . . . . . . . . 15 73 7.2. Legacy 6LoWPAN Node . . . . . . . . . . . . . . . . . . . 16 74 7.3. Legacy 6LoWPAN Router . . . . . . . . . . . . . . . . . . 16 75 7.4. Legacy 6LoWPAN Border Router . . . . . . . . . . . . . . 16 76 8. Security Considerations . . . . . . . . . . . . . . . . . . . 17 77 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 78 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 20 79 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 20 80 11.1. Normative References . . . . . . . . . . . . . . . . . . 20 81 11.2. Informative References . . . . . . . . . . . . . . . . . 21 82 11.3. External Informative References . . . . . . . . . . . . 24 83 Appendix A. Applicability and Requirements Served . . . . . . . 24 84 Appendix B. Requirements . . . . . . . . . . . . . . . . . . . . 25 85 B.1. Requirements Related to Mobility . . . . . . . . . . . . 25 86 B.2. Requirements Related to Routing Protocols . . . . . . . . 26 87 B.3. Requirements Related to the Variety of Low-Power Link 88 types . . . . . . . . . . . . . . . . . . . . . . . . . . 27 89 B.4. Requirements Related to Proxy Operations . . . . . . . . 27 90 B.5. Requirements Related to Security . . . . . . . . . . . . 28 91 B.6. Requirements Related to Scalability . . . . . . . . . . . 29 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 94 1. Introduction 96 RFC 6775, the "Neighbor Discovery Optimization for IPv6 over Low- 97 Power Wireless Personal Area Networks (6LoWPANs)" [RFC6775] 98 introduced a proactive registration mechanism to IPv6 Neighbor 99 Discovery (ND) services that is well suited to nodes belonging to a 100 Low Power Lossy Network (LLN). 102 The scope of this draft is an IPv6 LLN, which can be a simple star or 103 a more complex mesh topology. The LLN may be anchored at an IPv6 104 Backbone Router (6BBR) [I-D.ietf-6lo-backbone-router]. The 6BBRs 105 interconnect the LLNs over a Backbone Link and emulate that the LLN 106 nodes are present on the Backbone using proxy-ND operations. 108 This specification modifies and extends the behaviour and protocol 109 elements of RFC 6775 [RFC6775] to enable additional capabilities, in 110 particular the registration to a 6BBR for proxy ND operations. 112 2. Considerations On Registration Rejection 114 The purpose of the Address Registration Option (ARO) RFC 6775 115 [RFC6775] and of the Extended ARO (EARO) that is introduced in this 116 document is to facilitate duplicate address detection (DAD) for hosts 117 and pre-populate Neighbor Cache Entries (NCE) [RFC4861] in the 118 routers to reduce the need for sending multicast neighbor 119 solicitations and also to be able to support IPv6 Backbone Routers. 121 In some cases the address registration can fail or be useless for 122 reasons other than a duplicate address. Examples are the router 123 having run out of space, a registration bearing a stale sequence 124 number (e.g. denoting a movement of the host after this registration 125 was placed), a host misbehaving and attempting to register an invalid 126 address such as the unspecified address [RFC4291], or the host using 127 an address which is not topologically correct on that link. In such 128 cases the host will receive an error to help diagnose the issue and 129 may retry, possibly with a different address, and possibly 130 registering to a different 6LR, depending on the returned error. 132 However, the ability to return errors to address registrations MUST 133 NOT be used to restrict the ability of hosts to form and use 134 addresses as recommended in "Host Address Availability 135 Recommendations" [RFC7934]. In particular, this is needed for 136 enhanced privacy, which implies that each host will register a 137 multiplicity of address as part mechanisms like "Privacy Extensions 138 for Stateless Address Autoconfiguration (SLAAC) in IPv6" [RFC4941]. 139 This implies that the capabilities of 6LR and 6LBRs in terms of 140 number of registrations must be clearly announced in the router 141 documentation, and that a network administrator should deploy adapted 142 6LR/6LBRs to support the number and type of devices in his network, 143 based on the number of IPv6 addresses that those devices require. 145 3. Terminology 147 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 148 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 149 document are to be interpreted as described in RFC 2119 [RFC2119]. 151 Readers are expected to be familiar with all the terms and concepts 152 that are discussed in 154 "Neighbor Discovery for IP version 6" [RFC4861], 156 "IPv6 Stateless Address Autoconfiguration" [RFC4862], 158 "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 159 Overview, Assumptions, Problem Statement, and Goals" [RFC4919], 161 "Neighbor Discovery Optimization for Low-power and Lossy Networks" 162 [RFC6775] and 164 "Multi-link Subnet Support in IPv6" 165 [I-D.ietf-ipv6-multilink-subnets]. 167 Additionally, this document uses terminology from 169 "Terms Used in Routing for Low-Power and Lossy Networks" [RFC7102] 170 and 172 the "6TiSCH Terminology" [I-D.ietf-6tisch-terminology], 174 as well as this additional terminology: 176 Backbone This is an IPv6 transit link that interconnects 2 or more 177 Backbone Routers. It is expected to be deployed as a high 178 speed backbone in order to federate a potentially large set of 179 LLNS. Also referred to as a LLN backbone or Backbone network. 181 Backbone Router An IPv6 router that federates the LLN using a 182 Backbone link as a backbone. A 6BBR acts as a 6LoWPAN Border 183 Routers (6LBR) and an Energy Aware Default Router (NEAR). 185 Extended LLN This is the aggregation of multiple LLNs as defined in 186 RFC 4919 [RFC4919], interconnected by a Backbone Link via 187 Backbone Routers, and forming a single IPv6 MultiLink Subnet. 189 Registration The process during which a wireless Node registers its 190 address(es) with the Border Router so the 6BBR can proxy ND for 191 it over the backbone. 193 Binding The state in the 6BBR that associates an IP address with a 194 MAC address, a port and some other information about the node 195 that owns the IP address. 197 Registered Node The node for which the registration is performed, 198 which owns the fields in the EARO option. 200 Registering Node The node that performs the registration to the 201 6BBR, either for one of its own addresses, in which case it is 202 Registered Node and indicates its own MAC Address as Source 203 Link Layer Address (SLLA) in the NS(EARO), or on behalf of a 204 Registered Node that is reachable over a LLN mesh. In the 205 latter case, if the Registered Node is reachable from the 6BBR 206 over a Mesh-Under mesh, the Registering Node indicates the MAC 207 Address of the Registered Node as SLLA in the NS(EARO). 208 Otherwise, it is expected that the Registered Device is 209 reachable over a Route-Over mesh from the Registering Node, in 210 which case the SLLA in the NS(ARO) is that of the Registering 211 Node, which causes it to attract the packets from the 6BBR to 212 the Registered Node and route them over the LLN. 214 Registered Address The address owned by the Registered Node node 215 that is being registered. 217 4. Extending RFC 7400 219 RFC 7400 [RFC7400] introduces the 6LoWPAN Capability Indication 220 Option (6CIO) to indicate a node's capabilities to its peers. This 221 specification extends the format defined in RFC 7400 to signal the 222 support for EARO, as well as the capability to act as a 6LR, 6LBR and 223 6BBR. 225 With RFC 7400 [RFC7400], the 6CIO is typically sent Router 226 Solicitation (RS) messages. When used to signal the capabilities 227 above per this specification, the 6CIO is typically present Router 228 Advertisement (RA) messages but can also be present in RS, Neighbor 229 Solicitation (NS) and Neighbor Advertisement (NA) messages. 231 5. Updating RFC 6775 233 This specification extends the Address Registration Option (ARO) 234 defined in RFC 6775 [RFC6775]; in particular a "T" flag is added that 235 must be set is NS messages when this specification is used, and 236 echo'ed in NA messages to confirm that the protocol effectively 237 supported. Support for this specification can thus be inferred from 238 the presence of the Extended ARO ("T" flag set) in ND messages. 240 In order to support various types of link layers, this specification 241 also adds recommendation to allow multiple registrations, including 242 for privacy / temporary addresses, and provides new mechanisms to 243 help clean up stale registration states as soon as possible. 245 A Registering Node that supports this specification will favor 246 registering to a 6LR that indicates support for this specification 247 over that of RFC 6775 [RFC6775]. 249 5.1. Extended Address Registration Option 251 This specification extends the ARO option that is used for the 252 process of address registration. The new ARO is referred to as 253 Extended ARO (EARO), and its semantics are modified as follows: 255 The address that is being registered with a Neighbor Solicitation 256 (NS) with an EARO is now the Target Address, as opposed to the Source 257 Address as specified in RFC 6775 [RFC6775] (see Section 5.4 for 258 more). This change enables a 6LBR to use an address of his as source 259 to the proxy-registration of an address that belongs to a LLN Node to 260 a 6BBR. This also limits the use of an address as source address 261 before it is registered and the associated Duplicate Address 262 Detection (DAD) is complete. 264 The Unique ID in the EARO option does no more have to be a MAC 265 address (see Section 5.3 for more). This enables in particular the 266 use of a Provable Temporary UID (PT-UID) as opposed to burn-in MAC 267 address, the PT-UID providing a trusted anchor by the 6LR and 6LBR to 268 protect the state associated to the node. 270 The specification introduces a Transaction ID (TID) field in the EARO 271 (see Section 5.2 for more on TID). The TID MUST be provided by a 272 node that supports this specification and a new T flag MUST be set to 273 indicate so. The T bit can be used to determine whether the peer 274 supports this specification. 276 Finally, this specification introduces a number of new Status codes 277 to help diagnose the cause of a registration failure (more in 278 Table 1). 280 5.2. Transaction ID 282 The specification expects that the Registered Node can provide a 283 sequence number called Transaction ID (TID) that is incremented with 284 each re-registration. The TID essentially obeys the same rules as 285 the Path Sequence field in the Transit Information Option (TIO) found 286 in the RPL Destination Advertisement Object (DAO) [RFC6550]. This 287 way, the LLN node can use the same counter for ND and RPL, and a 6LBR 288 acting as RPL root may easily maintain the registration on behalf of 289 a RPL node deep inside the mesh by simply using the RPL TIO Path 290 Sequence as TID for EARO. 292 When a Registered Node is registered to multiple BBRs in parallel, it 293 is expected that the same TID is used, to enable the 6BBRs to 294 correlate the registrations as being a single one, and differentiate 295 that situation from a movement. 297 If the TIDs are different, a conflict resolution inherited from RPL 298 sorts out the most recent registration and other ones are removed. 299 The operation for computing and comparing the Path Sequence is 300 detailed in section 7 of RFC 6550 [RFC6550] and applies to the TID in 301 the exact same fashion. The resolution is used to determine the 302 freshest registration for a particular address, and an EARO is 303 processed only if it is the freshest, otherwise a Status code 3 304 "Moved" is returned. 306 5.3. Owner Unique ID 308 The Owner Unique ID (OUID) enables to differentiate a real duplicate 309 address registration from a double registration or a movement. An ND 310 message from the 6BBR over the backbone that is proxied on behalf of 311 a Registered Node must carry the most recent EARO option seen for 312 that node. A NS/NA with an EARO and a NS/NA without a EARO thus 313 represent different nodes and if they relate to a same target then 314 they reflect an address duplication. The Owner Unique ID can be as 315 simple as a EUI-64 burn-in address, if duplicate EUI-64 addresses are 316 avoided. 318 Alternatively, the unique ID can be a cryptographic string that can 319 can be used to prove the ownership of the registration as discussed 320 in "Address Protected Neighbor Discovery for Low-power and Lossy 321 Networks" [I-D.ietf-6lo-ap-nd]. 323 In any fashion, it is recommended that the node stores the unique Id 324 or the keys used to generate that ID in persistent memory. 325 Otherwise, it will be prevented to re-register after a reboot that 326 would cause a loss of memory until the Backbone Router times out the 327 registration. 329 5.4. Registering the Target Address 331 This specification changes the behaviour of the 6LN and the 6LR so 332 that the Registered Address is found in the Target Address field of 333 the NS and NA messages as opposed to the Source Address. 335 The reason for this change is to enable proxy-registrations on behalf 336 of other nodes in Route-Over meshes, for instance to enable that a 337 RPL root registers addresses on behalf LLN nodes that are deeper in a 338 6TiSCH mesh, as discussed in Appendix B.4. In that case, the 339 Registering Node MUST indicate its own address as source of the ND 340 message and its MAC address in the Source Link-Layer Address Option 341 (SLLAO), since it still expects to get the packets and route them 342 down the mesh. But the Registered Address belongs to another node, 343 the Registered Node, and that address is indicated in the Target 344 Address field of the NS message. 346 With this convention, a TLLA option indicates the link-layer address 347 of the 6LN that owns the address, whereas the SLLA Option in a NS 348 message indicates that of the Registering Node, which can be the 349 owner device, or a proxy. 351 Since the Registering Node is the one that has reachability with the 352 6LR, and is the one expecting packets for the 6LN, it makes sense to 353 maintain compatibility with RFC 6775 [RFC6775], and it is REQUIRED 354 that an SLLA Option is always placed in a registration NS(EARO) 355 message. 357 5.5. Link-Local Addresses and Registration 359 Considering that LLN nodes are often not wired and may move, there is 360 no guarantee that a Link-Local address stays unique between a 361 potentially variable and unbounded set of neighboring nodes. 362 Compared to RFC 6775 [RFC6775], this specification only requires that 363 a Link-Local address is unique from the perspective of the peering 364 nodes. This simplifies the Duplicate Address Detection (DAD) for 365 Link-Local addresses, and there is no DAR/DAC exchange between the 366 6LR and a 6LBR for Link-Local addresses. 368 Additionally, RFC 6775 [RFC6775] requires that a 6LoWPAN Node (6LN) 369 uses an address being registered as the source of the registration 370 message. This generates complexities in the 6LR to be able to cope 371 with a potential duplication, in particular for global addresses. To 372 simplify this, a 6LN and a 6LR that conform this specification always 373 use Link-Local addresses as source and destination addresses for the 374 registration NS/NA exchange. As a result, the registration is 375 globally faster, and some of the complexity is removed. 377 In more details: 379 An exchange between two nodes using Link-Local addresses implies that 380 they are reachable over one hop and that at least one of the 2 nodes 381 acts as a 6LR. A node MUST register a Link-Local address to a 6LR in 382 order to obtain reachability from that 6LR beyond the current 383 exchange, and in particular to use the Link-Local address as source 384 address to register other addresses, e.g. global addresses. 386 If there is no collision with an address previously registered to 387 this 6LR by another 6LN, then, from the standpoint of this 6LR, this 388 Link-Local address is unique and the registration is acceptable. 389 Conversely, it may possibly happen that two different 6LRs expose a 390 same Link-Local address but different link-layer addresses. In that 391 case, a 6LN may only interact with one of the 6LR so as to avoid 392 confusion in the 6LN neighbor cache. 394 The DAD process between the 6LR and a 6LoWPAN Border Router (6LBR), 395 which is based on a Duplicate Address Request (DAR) / Duplicate 396 Address Confirmation (DAC) exchange as described in RFC 6775 397 [RFC6775], does not need to take place for Link-Local addresses. 399 It is desired that a 6LR does not need to modify its state associated 400 to the Source Address of an NS(EARO) message. For that reason, when 401 possible, it is RECOMMENDED to use an address that is already 402 registered with a 6LR 404 When registering to a 6LR that conforms this specification, a node 405 MUST use a Link-Local address as the source address of the 406 registration, whatever the type of IPv6 address that is being 407 registered. That Link-Local Address MUST be either already 408 registrered, or the address that is being registered. 410 When a Registering Node does not have an already-registered address, 411 it MUST register a Link-Local address, using it as both the Source 412 and the Target Address of an NS(EARO) message. In that case, it is 413 RECOMMENDED to use a Link-Local address that is (expected to be) 414 globally unique, e.g. derived from a burn-in MAC address. An EARO 415 option in the response NA indicates that the 6LR supports this 416 specification. 418 Since there is no DAR/DAC exchange for Link-Local addresses, the 6LR 419 may answer immediately to the registration of a Link-Local address, 420 based solely on its existing state and the Source Link-Layer Option 421 that MUST be placed in the NS(EARO) message as required in RFC 6775 422 [RFC6775]. 424 A node needs to register its IPv6 Global Unicast IPv6 Addresses (GUA) 425 to a 6LR in order to obtain a global reachability for these addresses 426 via that 6LR. As opposed to a node that complies to RFC 6775 427 [RFC6775], a Registering Node registering a GUA does not use that GUA 428 as Source Address for the registration to a 6LR that conforms this 429 specification. The DAR/DAC exchange MUST take place for non-Link- 430 Local addresses as prescribed by RFC 6775 [RFC6775]. 432 5.6. Maintaining the Registration States 434 This section discusses protocol actions that involve the registering 435 node, the 6LR and the 6LBR. It must be noted that the portion that 436 deals with a 6LBR only applies to those addresses that are registered 437 to it, which, as discussed in Section 5.5, is not the case for Link- 438 Local addresses. The registration state includes all data that is 439 stored in the router relative to that registration, in particular, 440 but not limited to, an NCE in a 6LR. 6LBRs and 6BBRs may store 441 additional registration information in more complex data structures 442 and use protocols that are out of scope of this document to keep them 443 synchonized when they are distributed. 445 When its Neighbor Cache is full, a 6LR cannot accept a new 446 registration. In that situation, the EARO is returned in a NA 447 message with a Status of 2, and the registering node may attempt to 448 register to another 6LR. Conversely the registry in the 6LBR may be 449 saturated, in which case the 6LBR cannot guarantee that a new address 450 is effectively not a duplicate. In that case, the 6LBR replies to a 451 DAR message with a DAC message that carries a Status code 9 452 indicating "6LBR Registry saturated", and the address stays in 453 TENTATIVE state. 455 A node renews an existing registration by repeatedly sending NS(EARO) 456 messages for the registered address. In order to refresh the 457 registration state in the 6LBR, these registrations MUST be reported 458 to the 6LBR. This is normally done through a DAR/DAC exchange, but 459 the refresh MAY alternatively be piggy-backed in another protocol 460 such as RPL [RFC6550], as long as the semantics of the EARO are fully 461 carried in the alternate protocol. In the particular case of RPL, 462 the TID MUST be used as the Path Sequence in the TIO, and the 463 Registration Lifetime MUST be used as Path Lifetime. It is also 464 REQUIRED that the root of the RPL DODAG passes that information to 465 the 6LBR on behalf of the 6LR, either through a DAR/DAC exchange, or 466 through internal methods if they are collocated. 468 A node that ceases to use an address SHOULD attempt to deregister 469 that address from all the 6LRs to which it has registered the 470 address, which is achieved using an NS(EARO) message with a 471 Registration Lifetime of 0. 473 A node that moves away from a particular 6LR SHOULD attempt to 474 deregister all of its addresses registered to that 6LR. 476 Upon receiving a NS(EARO) message with a Registration Lifetime of 0 477 and determining that this EARO is the freshest for a given NCE (see 478 Section 5.2), a 6LR cleans up its NCE. If the address was registered 479 to the 6LBR, then the 6LR MUST report to the 6LBR, through a DAR/DAC 480 exchange with the 6LBR, or an alternate protocol, indicating the null 481 Registration Lifetime and the latest TID that this 6LR is aware of. 483 Upon the DAR message, the 6LBR evaluates if this is the freshest EARO 484 it has received for that particular registry entry. If it is, then 485 the entry is scheduled to be removed, and the DAR is answered with a 486 DAC message bearing a Status of 0 "Success". If it is not the 487 freshest, then a Status 2 "Moved" is returned instead, and the 488 existing entry is conserved. The 6LBR SHOULD conserve the address in 489 a DELAY state for a configurable period of time, so as to protect a 490 mobile node that deregistered from one 6LR and did not register yet 491 to a new one. 493 6. Updated ND Options 495 This specification does not introduce new options, but it modifies 496 existing ones and updates the associated behaviours as follow: 498 6.1. New 6LoWPAN capability Bits in the Capability Indication Option 500 This specification defines a number of capability bits in the CIO 501 that was introduced by RFC 7400 [RFC7400]. 503 Support for this specification is indicated by setting the "E" flag 504 in a CIO option. Routers that are capable of acting as 6LR, 6LBR and 505 6BBR SHOULD set the L, B andP flags, respectively. 507 Those flags are not mutually exclusive and if a router is capable of 508 multiple roles, it SHOULD set all the related flags. 510 0 1 2 3 511 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 512 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 513 | Type | Length = 1 |_____________________|L|B|P|E|G| 514 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 515 |_______________________________________________________________| 516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 518 Figure 1: New capability Bits L, B, P, E in the CIO 520 Option Fields 522 Type: 36 524 L: Node is a 6LR, it can take registrations. 526 B: Node is a 6LBR. 528 P: Node is a 6BBR, proxying for nodes on this link. 530 E: This specification is supported and applied. 532 6.2. The Enhanced Address Registration Option (EARO) 534 The Enhanced Address Registration Option (EARO) is intended to be 535 used as a replacement to the ARO option within Neighbor Discovery NS 536 and NA messages between a LLN node and its 6LoWPAN Router (6LR), as 537 well as in Duplicate Address Request (DAR) and the Duplicate Address 538 Confirmation (DAC) messages between 6LRs and 6LBRs in LLNs meshes 539 such as 6TiSCH networks. 541 An NS message with an EARO option is a registration if and only if it 542 also carries an SLLAO option. The AERO option also used in NS and NA 543 messages between Backbone Routers over the backbone link to sort out 544 the distributed registration state, and in that case, it does not 545 carry the SLLAO option and is not confused with a registration. 547 The EARO extends the ARO and is recognized by the "T" flag set. 549 When using the EARO option, the address being registered is found in 550 the Target Address field of the NS and NA messages. This differs 551 from 6LoWPAN ND RFC 6775 [RFC6775] which specifies that the address 552 being registered is the source of the NS. 554 The format of the EARO option is as follows: 556 0 1 2 3 557 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 558 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 559 | Type | Length = 2 | Status | Reserved | 560 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 561 | Reserved |T| TID | Registration Lifetime | 562 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 563 | | 564 + Owner Unique ID (EUI-64 or equivalent) + 565 | | 566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 568 Figure 2: EARO 570 Option Fields 572 Type: 33 574 Length: 8-bit unsigned integer. 576 Status: 8-bit unsigned integer. Indicates the status of a 577 registration in the NA response. MUST be set to 0 in NS messages. 578 See Table 1 below. 580 Reserved: This field is unused. It MUST be initialized to zero by 581 the sender and MUST be ignored by the receiver. 583 T: One bit flag. Set if the next octet is a used as a TID. 585 TID: 1-byte integer; a transaction id that is maintained by the node 586 and incremented with each transaction. it is recommended that the 587 node maintains the TID in a persistent storage. 589 Registration Lifetime: 16-bit integer; expressed in minutes. 0 590 means that the registration has ended and the associated state 591 should be removed. 593 Owner Unique Identifier (OUI): A globally unique identifier for the 594 node associated. This can be the EUI-64 derived IID of an 595 interface, or some provable ID obtained cryptographically. 597 +-------+-----------------------------------------------------------+ 598 | Value | Description | 599 +-------+-----------------------------------------------------------+ 600 | 0..2 | See RFC 6775 [RFC6775]. Note that a Status of 1 | 601 | | "Duplicate Address" applies to the Registered Address. If | 602 | | the Source Address conflicts with an existing | 603 | | registration, "Duplicate Source Address" should be used | 604 | | instead | 605 | | | 606 | 3 | Moved: The registration fails because it is not the | 607 | | freshest. This Status indicates that the registration is | 608 | | rejected because another more recent registration was | 609 | | done, as indicated by a same OUI and a more recent TID. | 610 | | One possible cause is a stale registration that has | 611 | | progressed slowly in the network and was passed by a more | 612 | | recent one. It could also indicate a OUI collision. | 613 | | | 614 | 4 | Removed: The binding state was removed. This may be | 615 | | placed in an asynchronous NS(ARO) message, or as the | 616 | | rejection of a proxy registration to a Backbone Router | 617 | | | 618 | 5 | Proof requested: The registering node is challenged for | 619 | | owning the registered address or for being an acceptable | 620 | | proxy for the registration. This Status is expected in | 621 | | asynchronous messages from a registrar (6LR, 6LBR, 6BBR) | 622 | | to indicate that the registration state is removed, for | 623 | | instance due to time out of a lifetime, or a movement. It | 624 | | is used for instance by a 6BBR in a NA(ARO) message to | 625 | | indicate that the ownership of the proxy state on the | 626 | | backbone was transfered to another 6BBR, which is | 627 | | indicative of a movement of the device. The receiver of | 628 | | the NA is the device that has performed a registration | 629 | | that is now stale and it should clean up its state. | 630 | | | 631 | 6 | Duplicate Source Address: The address used as source of | 632 | | the NS(ARO) conflicts with an existing registration. | 633 | | | 634 | 7 | Invalid Source Address: The address used as source of the | 635 | | NS(ARO) is not a Link-Local address as prescribed by this | 636 | | document. | 637 | | | 638 | 8 | Registered Address topologically incorrect: The address | 639 | | being registered is not usable on this link, e.g. it is | 640 | | not topologically correct | 641 | | | 642 | 9 | 6LBR Registry saturated: A new registration cannot be | 643 | | accepted because the 6LBR Registry is saturated. This | 644 | | code is used by 6LBRs instead of Status 2 when responding | 645 | | to a DAR/DAC exchange and passed on to the registering | 646 | | node by the 6LR. There is no point for the node to retry | 647 | | this registration immediately via another 6LR, since the | 648 | | problem is global to the network. The node may either | 649 | | abandon that address, deregister other addresses first to | 650 | | make room, or keep the address in TENTATIVE state and | 651 | | retry later. | 652 +-------+-----------------------------------------------------------+ 654 Table 1: EARO Status 656 7. Backward Compatibility 658 7.1. Discovering the capabilities of an ND peer 660 7.1.1. Using the E Flag in the CIO 662 If the CIO is used in an ND message, then the "E" Flag MUST be set by 663 the sending node if supports this specification. 665 It is RECOMMENDED that a router that supports this specification 666 indicates so with a CIO option, but this might not be practical if 667 the link-layer MTU is too small. 669 If the registering node receives a CIO in a RA, then the setting of 670 the E" Flag indicates whether or not this specification is supported. 672 7.1.2. Using the T Flag in the EARO 674 One alternate way for a 6LN to discover the router's capabilities to 675 first register a Link Local address, placing the same address in the 676 Source and Target Address fields of the NS message, and setting the 677 "T" Flag. The node may for instance register an address that is 678 based on EUI-64. For such address, DAD is not required and using the 679 SLLAO option in the NS is actually more amenable with existing ND 680 specifications such as the "Optimistic Duplicate Address Detection 681 (DAD) for IPv6" [RFC4429]. Once that first registration is complete, 682 the node knows from the setting of the "T" Flag in the response 683 whether the router supports this specification. If this is verified, 684 the node may register other addresses that it owns, or proxy-register 685 addresses on behalf some another node, indicating those addresses 686 being registered in the Target Address field of the NS messages, 687 while using one of its own, already registered, addresses as source. 689 A node that supports this specification MUST always use an EARO as a 690 replacement to an ARO in its registration to a router. This is 691 harmless since the "T" flag and TID field are reserved in RFC 6775 692 [RFC6775] are ignored by a legacy router. A router that supports 693 this specification answers to an ARO with an ARO and to an EARO with 694 an EARO. 696 This specification changes the behavior of the peers in a 697 registration flows. To enable backward compatibility, a node that 698 registers to a router that is not known to support this specification 699 MUST behave as prescribed by RFC 6775 [RFC6775]. Once the router is 700 known to support this specification, the node MUST obey this 701 specification. 703 7.2. Legacy 6LoWPAN Node 705 A legacy 6LN will use the registered address as source and will not 706 use an EARO option. In order to be backward compatible, an updated 707 6LR needs to accept that registration if it is valid per the 708 "Cryptographically Generated Addresses (CGA)" [RFC3972] 709 specification, and manage the binding cache accordingly. 711 The main difference with RFC 3972 [RFC3972] is that DAR/DAC exchange 712 for DAD may be avoided for Link-Local addresses. Additionally, the 713 6LR SHOULD use an EARO in the reply, and may use any of the Status 714 codes defined in this specification. 716 7.3. Legacy 6LoWPAN Router 718 The first registration by a an updated 6LN is for a Link-Local 719 address, using that Link-Local address as source. A legacy 6LN will 720 not makes a difference and accept -or reject- that registration as if 721 the 6LN was a legacy node. 723 An updated 6LN will always use an EARO option in the registration NS 724 message, whereas a legacy 6LN will always areply with an ARO option 725 in the NA message. So from that first registration, the updated 6LN 726 can figure whether the 6LR supports this specification or not. 728 When facing a legacy 6LR, an updated 6LN may attempt to find an 729 alternate 6LR that is updated. In order to be backward compatible, 730 based on the discovery that a 6LR is legacy, the 6LN needs to 731 fallback to legacy behaviour and source the packet with the 732 registrered address. 734 The main difference is that the updated 6LN SHOULD use an EARO in the 735 request regardless of the type of 6LN, legacy or updated 737 7.4. Legacy 6LoWPAN Border Router 739 With this specification, the DAR/DAC transports an EARO option as 740 opposed to an ARO option. As described for the NS/NA exchange, 741 devices that support this specification always use an EARO option and 742 all the associated behaviour. 744 8. Security Considerations 746 This specification extends RFC 6775 [RFC6775], and the security 747 section of that draft also applies to this as well. In particular, 748 it is expected that the link layer is sufficiently protected to 749 prevent a rogue access, either by means of physical or IP security on 750 the Backbone Link and link layer cryptography on the LLN. This 751 specification also expects that the LLN MAC provides secure unicast 752 to/from the Backbone Router and secure Broadcast from the Backbone 753 Router in a way that prevents tempering with or replaying the RA 754 messages. 756 This specification does not mandate any particular way for forming 757 IPv6 addresses, but it recognizes that use of EUI-64 for forming the 758 Interface ID in the Link-Local address prevents the usage of "SEcure 759 Neighbor Discovery (SEND)" [RFC3971] and CGA [RFC3972], and that of 760 address privacy techniques. This specification RECOMMENDS the use of 761 additional protection against address theft such as provided by 762 "Address Protected Neighbor Discovery for Low-power and Lossy 763 Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the 764 OUID. 766 As indicated in section Section 2, this protocol does not aim at 767 limiting the number of IPv6 addresses that a device can form, either. 768 A host should be able to register any address that is topologically 769 correct in the subnet(s) advertised by the 6LR/6LBR. 771 On the other hand, the registration mechanism may be used by a rogue 772 node to attack the 6LR or the 6LBR with a Denial-of-Service attack 773 against the registry. It may also happen that the registry of a 6LR 774 or a 6LBR is saturated and cannot take any more registration, which 775 effectively denies the requesting a node the capability to use a new 776 address. In order to alleviate those concerns, Section 5.6 provides 777 a number of recommendations that ensure that a stale registration is 778 removed as soon as possible from the 6LR and 6LBR. In particular, 779 this specification recommends that: 781 o A node that ceases to use an address should attempt to deregister 782 that address from all the 6LRs to which it is registered. The 783 flow is propagated to the 6LBR when needed, and a sequence number 784 is used to make sure that only the freshest command is acted upon. 786 o The nodes should be configured with a Registration Lifetime that 787 reflects their expectation of how long they will use the address 788 with the 6LR to which it is registered. In particular, use cases 789 that involve mobility or rapid address changes should use 790 lifetimes that are homogeneous with the expectation of presence. 792 o The router (6LR or 6LBR) should be configurable so as to limit the 793 number of addresses that can be registered by a single node, as 794 identified at least by MAC address and preferably by security 795 credentials. When that maximum is reached, the router should use 796 a Least-Recently-Used (LRU) logic so as to clean up the addresses 797 that were not used for the longest time, keeping at least one 798 Link-Local address, and attempting to keep one or more stable 799 addresses if such can be recognized, e.g. from the way the IID is 800 formed or because they are used over a much longer time span than 801 other (privacy, shorter-lived) addresses. 803 o Administrators should take great care to deploy adequate numbers 804 of 6LR to cover the needs of the nodes in their range, so as to 805 avoid a situation of starving nodes. It is expected that the 6LBR 806 that serves a LLN is a more capable node then the average 6LR, but 807 in a network condition where it may become saturated, a particular 808 deployment should distribute the 6LBR functionality, for instance 809 by leveraging a high speed backbone and Backbone Routers to 810 aggregate multiple LLNs into a larger subnet. 812 When the ownership of the OUID cannot be assessed, this specification 813 limits the cases where the OUID and the TID are multicasted, and 814 obfuscates them in responses to attempts to take over an address. 816 The LLN nodes depend on the 6LBR and the 6BBR for their operation. A 817 trust model must be put in place to ensure that the right devices are 818 acting in these roles, so as to avoid threats such as black-holing, 819 or bombing attack whereby an impersonated 6LBR would destroy state in 820 the network by using the "Removed" Status code. 822 9. IANA Considerations 824 IANA is requested to create a new subregistry for "ARO Flags" under 825 the "Internet Control Message Protocol version 6 (ICMPv6) 826 Parameters". This specification defines 8 positions, bit 0 to bit 7, 827 and assigns bit 7 for the "T" flag in Section 6.2. The policy is 828 "IETF Review" or "IESG Approval" [RFC5226]. The initial content of 829 the registry is as shown in Table 2. 831 New subregistry for ARO Flags under the "Internet Control Message 832 Protocol version 6 (ICMPv6) Parameters" 834 +------------+--------------+-----------+ 835 | ARO Status | Description | Document | 836 +------------+--------------+-----------+ 837 | 0..6 | Unassigned | | 838 | | | | 839 | 7 | "T" Flag | RFC This | 840 +------------+--------------+-----------+ 842 Table 2: new ARO Flags 844 IANA is requested to make additions to existing registries as 845 follows: 847 Address Registration Option Status Values Registry 849 +------------+------------------------------------------+-----------+ 850 | ARO Status | Description | Document | 851 +------------+------------------------------------------+-----------+ 852 | 3 | Moved | RFC This | 853 | | | | 854 | 4 | Removed | RFC This | 855 | | | | 856 | 5 | Proof requested | RFC This | 857 | | | | 858 | 6 | Duplicate Source Address | RFC This | 859 | | | | 860 | 7 | Invalid Source Address | RFC This | 861 | | | | 862 | 8 | Registered Address topologically | RFC This | 863 | | incorrect | | 864 | | | | 865 | 9 | 6LBR registry saturated | RFC This | 866 +------------+------------------------------------------+-----------+ 868 Table 3: New ARO Status values 870 Subregistry for "6LoWPAN capability Bits" under the "Internet Control 871 Message Protocol version 6 (ICMPv6) Parameters" 873 +----------------+----------------------+-----------+ 874 | capability Bit | Description | Document | 875 +----------------+----------------------+-----------+ 876 | 11 | 6LR capable (L bit) | RFC This | 877 | | | | 878 | 12 | 6LBR capable (B bit) | RFC This | 879 | | | | 880 | 13 | 6BBR capable (P bit) | RFC This | 881 | | | | 882 | 14 | EARO support (E bit) | RFC This | 883 +----------------+----------------------+-----------+ 885 Table 4: New 6LoWPAN capability Bits 887 10. Acknowledgments 889 Kudos to Eric Levy-Abegnoli who designed the First Hop Security 890 infrastructure at Cisco. 892 11. References 894 11.1. Normative References 896 [I-D.ietf-6lo-backbone-router] 897 Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- 898 backbone-router-03 (work in progress), January 2017. 900 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 901 Requirement Levels", BCP 14, RFC 2119, 902 DOI 10.17487/RFC2119, March 1997, 903 . 905 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 906 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 907 2006, . 909 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) 910 for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, 911 . 913 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 914 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 915 DOI 10.17487/RFC4861, September 2007, 916 . 918 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 919 Address Autoconfiguration", RFC 4862, 920 DOI 10.17487/RFC4862, September 2007, 921 . 923 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 924 Extensions for Stateless Address Autoconfiguration in 925 IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007, 926 . 928 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 929 IANA Considerations Section in RFCs", BCP 26, RFC 5226, 930 DOI 10.17487/RFC5226, May 2008, 931 . 933 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 934 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 935 DOI 10.17487/RFC6282, September 2011, 936 . 938 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 939 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 940 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 941 Low-Power and Lossy Networks", RFC 6550, 942 DOI 10.17487/RFC6550, March 2012, 943 . 945 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 946 Bormann, "Neighbor Discovery Optimization for IPv6 over 947 Low-Power Wireless Personal Area Networks (6LoWPANs)", 948 RFC 6775, DOI 10.17487/RFC6775, November 2012, 949 . 951 [RFC7400] Bormann, C., "6LoWPAN-GHC: Generic Header Compression for 952 IPv6 over Low-Power Wireless Personal Area Networks 953 (6LoWPANs)", RFC 7400, DOI 10.17487/RFC7400, November 954 2014, . 956 [RFC7934] Colitti, L., Cerf, V., Cheshire, S., and D. Schinazi, 957 "Host Address Availability Recommendations", BCP 204, 958 RFC 7934, DOI 10.17487/RFC7934, July 2016, 959 . 961 11.2. Informative References 963 [I-D.chakrabarti-nordmark-6man-efficient-nd] 964 Chakrabarti, S., Nordmark, E., Thubert, P., and M. 965 Wasserman, "IPv6 Neighbor Discovery Optimizations for 966 Wired and Wireless Networks", draft-chakrabarti-nordmark- 967 6man-efficient-nd-07 (work in progress), February 2015. 969 [I-D.delcarpio-6lo-wlanah] 970 Vega, L., Robles, I., and R. Morabito, "IPv6 over 971 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in 972 progress), October 2015. 974 [I-D.ietf-6lo-6lobac] 975 Lynn, K., Martocci, J., Neilson, C., and S. Donaldson, 976 "Transmission of IPv6 over MS/TP Networks", draft-ietf- 977 6lo-6lobac-08 (work in progress), March 2017. 979 [I-D.ietf-6lo-ap-nd] 980 Sarikaya, B., Thubert, P., and M. Sethi, "Address 981 Protected Neighbor Discovery for Low-power and Lossy 982 Networks", draft-ietf-6lo-ap-nd-00 (work in progress), 983 November 2016. 985 [I-D.ietf-6lo-dect-ule] 986 Mariager, P., Petersen, J., Shelby, Z., Logt, M., and D. 987 Barthel, "Transmission of IPv6 Packets over DECT Ultra Low 988 Energy", draft-ietf-6lo-dect-ule-09 (work in progress), 989 December 2016. 991 [I-D.ietf-6lo-nfc] 992 Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, 993 "Transmission of IPv6 Packets over Near Field 994 Communication", draft-ietf-6lo-nfc-06 (work in progress), 995 March 2017. 997 [I-D.ietf-6tisch-architecture] 998 Thubert, P., "An Architecture for IPv6 over the TSCH mode 999 of IEEE 802.15.4", draft-ietf-6tisch-architecture-11 (work 1000 in progress), January 2017. 1002 [I-D.ietf-6tisch-terminology] 1003 Palattella, M., Thubert, P., Watteyne, T., and Q. Wang, 1004 "Terminology in IPv6 over the TSCH mode of IEEE 1005 802.15.4e", draft-ietf-6tisch-terminology-08 (work in 1006 progress), December 2016. 1008 [I-D.ietf-bier-architecture] 1009 Wijnands, I., Rosen, E., Dolganow, A., Przygienda, T., and 1010 S. Aldrin, "Multicast using Bit Index Explicit 1011 Replication", draft-ietf-bier-architecture-06 (work in 1012 progress), April 2017. 1014 [I-D.ietf-ipv6-multilink-subnets] 1015 Thaler, D. and C. Huitema, "Multi-link Subnet Support in 1016 IPv6", draft-ietf-ipv6-multilink-subnets-00 (work in 1017 progress), July 2002. 1019 [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] 1020 Popa, D. and J. Hui, "6LoPLC: Transmission of IPv6 Packets 1021 over IEEE 1901.2 Narrowband Powerline Communication 1022 Networks", draft-popa-6lo-6loplc-ipv6-over- 1023 ieee19012-networks-00 (work in progress), March 2014. 1025 [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with 1026 CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 1027 2003, . 1029 [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener 1030 Discovery Version 2 (MLDv2) for IPv6", RFC 3810, 1031 DOI 10.17487/RFC3810, June 2004, 1032 . 1034 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 1035 "SEcure Neighbor Discovery (SEND)", RFC 3971, 1036 DOI 10.17487/RFC3971, March 2005, 1037 . 1039 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 1040 RFC 3972, DOI 10.17487/RFC3972, March 2005, 1041 . 1043 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 1044 over Low-Power Wireless Personal Area Networks (6LoWPANs): 1045 Overview, Assumptions, Problem Statement, and Goals", 1046 RFC 4919, DOI 10.17487/RFC4919, August 2007, 1047 . 1049 [RFC7102] Vasseur, JP., "Terms Used in Routing for Low-Power and 1050 Lossy Networks", RFC 7102, DOI 10.17487/RFC7102, January 1051 2014, . 1053 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 1054 Interface Identifiers with IPv6 Stateless Address 1055 Autoconfiguration (SLAAC)", RFC 7217, 1056 DOI 10.17487/RFC7217, April 2014, 1057 . 1059 [RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets 1060 over ITU-T G.9959 Networks", RFC 7428, 1061 DOI 10.17487/RFC7428, February 2015, 1062 . 1064 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1065 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1066 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1067 . 1069 11.3. External Informative References 1071 [IEEEstd802154] 1072 IEEE, "IEEE Standard for Low-Rate Wireless Networks", 1073 IEEE Standard 802.15.4, DOI 10.1109/IEEESTD.2016.7460875, 1074 . 1076 Appendix A. Applicability and Requirements Served 1078 This specification extends 6LoWPAN ND to sequence the registration 1079 and serves the requirements expressed Appendix B.1 by enabling the 1080 mobility of devices from one LLN to the next based on the 1081 complementary work in the "IPv6 Backbone Router" 1082 [I-D.ietf-6lo-backbone-router] specification. 1084 In the context of the the TimeSlotted Channel Hopping (TSCH) mode of 1085 IEEE Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" 1086 [I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could 1087 connect to the Internet via a RPL mesh Network, but this requires 1088 additions to the 6LOWPAN ND protocol to support mobility and 1089 reachability in a secured and manageable environment. This 1090 specification details the new operations that are required to 1091 implement the 6TiSCH architecture and serves the requirements listed 1092 in Appendix B.2. 1094 The term LLN is used loosely in this specification to cover multiple 1095 types of WLANs and WPANs, including Low-Power Wi-Fi, BLUETOOTH(R) Low 1096 Energy, IEEE std 802.11AH and IEEE std 802.15.4 wireless meshes, so 1097 as to address the requirements discussed in Appendix B.3 1099 This specification can be used by any wireless node to associate at 1100 Layer-3 with a 6BBR and register its IPv6 addresses to obtain routing 1101 services including proxy-ND operations over the backbone, effectively 1102 providing a solution to the requirements expressed in Appendix B.4. 1104 "Efficiency aware IPv6 Neighbor Discovery Optimizations" 1105 [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND 1106 [RFC6775] can be extended to other types of links beyond IEEE Std. 1107 802.15.4 for which it was defined. The registration technique is 1108 beneficial when the Link-Layer technique used to carry IPv6 multicast 1109 packets is not sufficiently efficient in terms of delivery ratio or 1110 energy consumption in the end devices, in particular to enable 1111 energy-constrained sleeping nodes. The value of such extension is 1112 especially apparent in the case of mobile wireless nodes, to reduce 1113 the multicast operations that are related to classical ND ([RFC4861], 1114 [RFC4862]) and plague the wireless medium. This serves scalability 1115 requirements listed in Appendix B.6. 1117 Appendix B. Requirements 1119 This section lists requirements that were discussed at 6lo for an 1120 update to 6LoWPAN ND. This specification meets most of them, but 1121 those listed in Appendix B.5 which are deferred to a different 1122 specification such as [I-D.ietf-6lo-ap-nd], and those related to 1123 multicast. 1125 B.1. Requirements Related to Mobility 1127 Due to the unstable nature of LLN links, even in a LLN of immobile 1128 nodes a 6LN may change its point of attachment to a 6LR, say 6LR-a, 1129 and may not be able to notify 6LR-a. Consequently, 6LR-a may still 1130 attract traffic that it cannot deliver any more. When links to a 6LR 1131 change state, there is thus a need to identify stale states in a 6LR 1132 and restore reachability in a timely fashion. 1134 Req1.1: Upon a change of point of attachment, connectivity via a new 1135 6LR MUST be restored timely without the need to de-register from the 1136 previous 6LR. 1138 Req1.2: For that purpose, the protocol MUST enable to differentiate 1139 between multiple registrations from one 6LoWPAN Node and 1140 registrations from different 6LoWPAN Nodes claiming the same address. 1142 Req1.3: Stale states MUST be cleaned up in 6LRs. 1144 Req1.4: A 6LoWPAN Node SHOULD also be capable to register its Address 1145 to multiple 6LRs, and this, concurrently. 1147 B.2. Requirements Related to Routing Protocols 1149 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 1150 routing in a LLN can be based on RPL, which is the routing protocol 1151 that was defined at the IETF for this particular purpose. Other 1152 routing protocols than RPL are also considered by Standard Defining 1153 Organizations (SDO) on the basis of the expected network 1154 characteristics. It is required that a 6LoWPAN Node attached via ND 1155 to a 6LR would need to participate in the selected routing protocol 1156 to obtain reachability via the 6LR. 1158 Next to the 6LBR unicast address registered by ND, other addresses 1159 including multicast addresses are needed as well. For example a 1160 routing protocol often uses a multicast address to register changes 1161 to established paths. ND needs to register such a multicast address 1162 to enable routing concurrently with discovery. 1164 Multicast is needed for groups. Groups MAY be formed by device type 1165 (e.g. routers, street lamps), location (Geography, RPL sub-tree), or 1166 both. 1168 The Bit Index Explicit Replication (BIER) Architecture 1169 [I-D.ietf-bier-architecture] proposes an optimized technique to 1170 enable multicast in a LLN with a very limited requirement for routing 1171 state in the nodes. 1173 Related requirements are: 1175 Req2.1: The ND registration method SHOULD be extended in such a 1176 fashion that the 6LR MAY advertise the Address of a 6LoWPAN Node over 1177 the selected routing protocol and obtain reachability to that Address 1178 using the selected routing protocol. 1180 Req2.2: Considering RPL, the Address Registration Option that is used 1181 in the ND registration SHOULD be extended to carry enough information 1182 to generate a DAO message as specified in [RFC6550] section 6.4, in 1183 particular the capability to compute a Path Sequence and, as an 1184 option, a RPLInstanceID. 1186 Req2.3: Multicast operations SHOULD be supported and optimized, for 1187 instance using BIER or MPL. Whether ND is appropriate for the 1188 registration to the 6BBR is to be defined, considering the additional 1189 burden of supporting the Multicast Listener Discovery Version 2 1190 [RFC3810] (MLDv2) for IPv6. 1192 B.3. Requirements Related to the Variety of Low-Power Link types 1194 6LoWPAN ND [RFC6775] was defined with a focus on IEEE std 802.15.4 1195 and in particular the capability to derive a unique Identifier from a 1196 globally unique MAC-64 address. At this point, the 6lo Working Group 1197 is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique 1198 to other link types ITU-T G.9959 [RFC7428], Master-Slave/Token- 1199 Passing [I-D.ietf-6lo-6lobac], DECT Ultra Low Energy 1200 [I-D.ietf-6lo-dect-ule], Near Field Communication [I-D.ietf-6lo-nfc], 1201 IEEE std 802.11ah [I-D.delcarpio-6lo-wlanah], as well as IEEE1901.2 1202 Narrowband Powerline Communication Networks 1203 [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] and BLUETOOTH(R) 1204 Low Energy [RFC7668]. 1206 Related requirements are: 1208 Req3.1: The support of the registration mechanism SHOULD be extended 1209 to more LLN links than IEEE std 802.15.4, matching at least the LLN 1210 links for which an "IPv6 over foo" specification exists, as well as 1211 Low-Power Wi-Fi. 1213 Req3.2: As part of this extension, a mechanism to compute a unique 1214 Identifier should be provided, with the capability to form a Link- 1215 Local Address that SHOULD be unique at least within the LLN connected 1216 to a 6LBR discovered by ND in each node within the LLN. 1218 Req3.3: The Address Registration Option used in the ND registration 1219 SHOULD be extended to carry the relevant forms of unique Identifier. 1221 Req3.4: The Neighbour Discovery should specify the formation of a 1222 site-local address that follows the security recommendations from 1223 [RFC7217]. 1225 B.4. Requirements Related to Proxy Operations 1227 Duty-cycled devices may not be able to answer themselves to a lookup 1228 from a node that uses classical ND on a backbone and may need a 1229 proxy. Additionally, the duty-cycled device may need to rely on the 1230 6LBR to perform registration to the 6BBR. 1232 The ND registration method SHOULD defend the addresses of duty-cycled 1233 devices that are sleeping most of the time and not capable to defend 1234 their own Addresses. 1236 Related requirements are: 1238 Req4.1: The registration mechanism SHOULD enable a third party to 1239 proxy register an Address on behalf of a 6LoWPAN node that may be 1240 sleeping or located deeper in an LLN mesh. 1242 Req4.2: The registration mechanism SHOULD be applicable to a duty- 1243 cycled device regardless of the link type, and enable a 6BBR to 1244 operate as a proxy to defend the registered Addresses on its behalf. 1246 Req4.3: The registration mechanism SHOULD enable long sleep 1247 durations, in the order of multiple days to a month. 1249 B.5. Requirements Related to Security 1251 In order to guarantee the operations of the 6LoWPAN ND flows, the 1252 spoofing of the 6LR, 6LBR and 6BBRs roles should be avoided. Once a 1253 node successfully registers an address, 6LoWPAN ND should provide 1254 energy-efficient means for the 6LBR to protect that ownership even 1255 when the node that registered the address is sleeping. 1257 In particular, the 6LR and the 6LBR then should be able to verify 1258 whether a subsequent registration for a given Address comes from the 1259 original node. 1261 In a LLN it makes sense to base security on layer-2 security. During 1262 bootstrap of the LLN, nodes join the network after authorization by a 1263 Joining Assistant (JA) or a Commissioning Tool (CT). After joining 1264 nodes communicate with each other via secured links. The keys for 1265 the layer-2 security are distributed by the JA/CT. The JA/CT can be 1266 part of the LLN or be outside the LLN. In both cases it is needed 1267 that packets are routed between JA/CT and the joining node. 1269 Related requirements are: 1271 Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1272 the 6LR, 6LBR and 6BBR to authenticate and authorize one another for 1273 their respective roles, as well as with the 6LoWPAN Node for the role 1274 of 6LR. 1276 Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1277 the 6LR and the 6LBR to validate new registration of authorized 1278 nodes. Joining of unauthorized nodes MUST be impossible. 1280 Req5.3: 6LoWPAN ND security mechanisms SHOULD lead to small packet 1281 sizes. In particular, the NS, NA, DAR and DAC messages for a re- 1282 registration flow SHOULD NOT exceed 80 octets so as to fit in a 1283 secured IEEE std 802.15.4 [IEEEstd802154] frame. 1285 Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be 1286 computationally intensive on the LoWPAN Node CPU. When a Key hash 1287 calculation is employed, a mechanism lighter than SHA-1 SHOULD be 1288 preferred. 1290 Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate 1291 SHOULD be minimized. 1293 Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the 1294 variation of CCM [RFC3610] called CCM* for use at both Layer 2 and 1295 Layer 3, and SHOULD enable the reuse of security code that has to be 1296 present on the device for upper layer security such as TLS. 1298 Req5.7: Public key and signature sizes SHOULD be minimized while 1299 maintaining adequate confidentiality and data origin authentication 1300 for multiple types of applications with various degrees of 1301 criticality. 1303 Req5.8: Routing of packets should continue when links pass from the 1304 unsecured to the secured state. 1306 Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1307 the 6LR and the 6LBR to validate whether a new registration for a 1308 given address corresponds to the same 6LoWPAN Node that registered it 1309 initially, and, if not, determine the rightful owner, and deny or 1310 clean-up the registration that is duplicate. 1312 B.6. Requirements Related to Scalability 1314 Use cases from Automatic Meter Reading (AMR, collection tree 1315 operations) and Advanced Metering Infrastructure (AMI, bi-directional 1316 communication to the meters) indicate the needs for a large number of 1317 LLN nodes pertaining to a single RPL DODAG (e.g. 5000) and connected 1318 to the 6LBR over a large number of LLN hops (e.g. 15). 1320 Related requirements are: 1322 Req6.1: The registration mechanism SHOULD enable a single 6LBR to 1323 register multiple thousands of devices. 1325 Req6.2: The timing of the registration operation should allow for a 1326 large latency such as found in LLNs with ten and more hops. 1328 Authors' Addresses 1329 Pascal Thubert (editor) 1330 Cisco Systems, Inc 1331 Sophia Antipolis 1332 FRANCE 1334 Email: pthubert@cisco.com 1336 Erik Nordmark 1337 Santa Clara, CA 1338 USA 1340 Email: nordmark@sonic.net 1342 Samita Chakrabarti 1343 San Jose, CA 1344 USA 1346 Email: samitac.ietf@gmail.com