idnits 2.17.1 draft-ietf-6lo-rfc6775-update-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 18, 2018) is 2230 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'Perlman83' is mentioned on line 1510, but not defined == Missing Reference: 'IEEEstd802154' is mentioned on line 1733, but not defined == Unused Reference: 'RFC4429' is defined on line 1439, but no explicit reference was found in the text ** Downref: Normative reference to an Informational RFC: RFC 4919 ** Downref: Normative reference to an Informational RFC: RFC 6606 ** Downref: Normative reference to an Informational RFC: RFC 7102 ** Downref: Normative reference to an Informational RFC: RFC 7228 == Outdated reference: A later version (-05) exists of draft-hou-6lo-plc-03 == Outdated reference: A later version (-23) exists of draft-ietf-6lo-ap-nd-06 == Outdated reference: A later version (-20) exists of draft-ietf-6lo-backbone-router-06 == Outdated reference: A later version (-22) exists of draft-ietf-6lo-nfc-09 == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-13 == Outdated reference: A later version (-15) exists of draft-ietf-mboned-ieee802-mcast-problems-01 == Outdated reference: A later version (-18) exists of draft-ietf-roll-efficient-npdao-01 -- Obsolete informational reference (is this intentional?): RFC 4941 (Obsoleted by RFC 8981) Summary: 4 errors (**), 0 flaws (~~), 11 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo P. Thubert, Ed. 3 Internet-Draft Cisco 4 Updates: 6775 (if approved) E. Nordmark 5 Intended status: Standards Track Zededa 6 Expires: September 19, 2018 S. Chakrabarti 7 Verizon 8 C. Perkins 9 Futurewei 10 March 18, 2018 12 Registration Extensions for 6LoWPAN Neighbor Discovery 13 draft-ietf-6lo-rfc6775-update-16 15 Abstract 17 This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to 18 clarify the role of the protocol as a registration technique, 19 simplify the registration operation in 6LoWPAN routers, as well as to 20 provide enhancements to the registration capabilities and mobility 21 detection for different network topologies including the backbone 22 routers performing proxy Neighbor Discovery in a low power network. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on September 19, 2018. 41 Copyright Notice 43 Copyright (c) 2018 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 2.1. BCP 14 . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 2.2. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . . . 3 62 2.3. References . . . . . . . . . . . . . . . . . . . . . . . 4 63 2.4. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 4 64 3. Applicability of Address Registration Options . . . . . . . . 5 65 4. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 6 66 4.1. Extended Address Registration Option (EARO) . . . . . . . 7 67 4.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 8 68 4.2.1. Comparing TID values . . . . . . . . . . . . . . . . 9 69 4.3. Registration Ownership Verifier . . . . . . . . . . . . . 10 70 4.4. Extended Duplicate Address Messages . . . . . . . . . . . 11 71 4.5. Registering the Target Address . . . . . . . . . . . . . 12 72 4.6. Link-Local Addresses and Registration . . . . . . . . . . 12 73 4.7. Maintaining the Registration States . . . . . . . . . . . 14 74 5. Detecting Enhanced ARO Capability Support . . . . . . . . . . 15 75 6. Extended ND Options and Messages . . . . . . . . . . . . . . 16 76 6.1. Extended Address Registration Option (EARO) . . . . . . . 16 77 6.2. Extended Duplicate Address Message Formats . . . . . . . 19 78 6.3. New 6LoWPAN Capability Bits in the Capability Indication 79 Option . . . . . . . . . . . . . . . . . . . . . . . . . 20 80 7. Backward Compatibility . . . . . . . . . . . . . . . . . . . 21 81 7.1. Discovering the Capabilities of Router . . . . . . . . . 21 82 7.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 21 83 7.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 21 84 7.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 22 85 8. Security Considerations . . . . . . . . . . . . . . . . . . . 22 86 9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 24 87 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 88 10.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . 25 89 10.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 25 90 10.3. New ARO Status values . . . . . . . . . . . . . . . . . 26 91 10.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . 27 92 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 28 93 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 28 94 12.1. Normative References . . . . . . . . . . . . . . . . . . 28 95 12.2. Informative References . . . . . . . . . . . . . . . . . 29 96 12.3. External Informative References . . . . . . . . . . . . 33 98 Appendix A. Applicability and Requirements Served (Not 99 Normative) . . . . . . . . . . . . . . . . . . . . . 33 100 Appendix B. Requirements (Not Normative) . . . . . . . . . . . . 34 101 B.1. Requirements Related to Mobility . . . . . . . . . . . . 34 102 B.2. Requirements Related to Routing Protocols . . . . . . . . 35 103 B.3. Requirements Related to the Variety of Low-Power Link 104 types . . . . . . . . . . . . . . . . . . . . . . . . . . 36 105 B.4. Requirements Related to Proxy Operations . . . . . . . . 36 106 B.5. Requirements Related to Security . . . . . . . . . . . . 37 107 B.6. Requirements Related to Scalability . . . . . . . . . . . 38 108 B.7. Requirements Related to Operations and Management . . . . 38 109 B.8. Matching Requirements with Specifications . . . . . . . . 39 110 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 112 1. Introduction 114 The scope of this draft is an IPv6 Low-Power Network including star 115 and mesh topologies. This specification modifies and extends the 116 behavior and protocol elements of "Neighbor Discovery Optimization 117 for IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND) 118 [RFC6775] to enable additional capabilities and enhancements 119 including: 121 o determining the freshest location in case of mobility (TID) 122 o Simplifying the registration flow for Link-Local Addresses 123 o Support of a Leaf Node in a Route-Over network 124 o Proxy registration in a Route-Over network 125 o Registration to a IPv6 ND proxy over a Backbone Link (6BBR) 126 o Clarification of support for privacy and temporary addresses 128 2. Terminology 130 2.1. BCP 14 132 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 133 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 134 "OPTIONAL" in this document are to be interpreted as described in BCP 135 14 [RFC2119][RFC8174] when, and only when, they appear in all 136 capitals, as shown here. 138 2.2. Subset of a 6LoWPAN Glossary 140 This document often uses the following acronyms: 142 6BBR: 6LoWPAN Backbone Router (proxy for the registration) 143 6LBR: 6LoWPAN Border Router (authoritative on DAD) 144 6LN: 6LoWPAN Node 145 6LR: 6LoWPAN Router (relay to the registration process) 146 6CIO: Capability Indication Option 147 (E)ARO: (Extended) Address Registration Option 148 (E)DAR: (Extended) Duplicate Address Request 149 (E)DAC: (Extended) Duplicate Address Confirmation 150 DAD: Duplicate Address Detection 151 DODAG: Destination-Oriented Directed Acyclic Graph 152 LLN: Low-Power and Lossy Network (a typical IoT network) 153 NA: Neighbor Advertisement 154 NCE: Neighbor Cache Entry 155 ND: Neighbor Discovery 156 NDP: Neighbor Discovery Protocol 157 NS: Neighbor Solicitation 158 ROVR: Registration Ownership Verifier (pronounced rover) 159 RPL: IPv6 Routing Protocol for LLNs (pronounced ripple) 160 RA: Router Advertisement 161 RS: Router Solicitation 162 TSCH: Timeslotted Channel Hopping 163 TID: Transaction ID (a sequence counter in the EARO) 165 2.3. References 167 The Terminology used in this document is consistent with and 168 incorporates that described in Terms Used in Routing for Low-Power 169 and Lossy Networks (LLNs). [RFC7102]. 171 Other terms in use in LLNs are found in Terminology for Constrained- 172 Node Networks [RFC7228]. 174 Readers are expected to be familiar with all the terms and concepts 175 that are discussed in 177 o "Neighbor Discovery for IP version 6" [RFC4861], 178 o "IPv6 Stateless Address Autoconfiguration" [RFC4862], 179 o "Problem Statement and Requirements for IPv6 over Low-Power 180 Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], 181 o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 182 Overview, Assumptions, Problem Statement, and Goals" [RFC4919] and 183 o "Neighbor Discovery Optimization for Low-power and Lossy Networks" 184 [RFC6775]. 186 2.4. New Terms 188 This specification introduces the following terminology: 190 Backbone Link: An IPv6 transit link that interconnects two or more 191 Backbone Routers. It is expected to be of high speed compared 192 to the LLN in order to carry the traffic that is required to 193 federate multiple segments of the potentially large LLN into a 194 single IPv6 subnet. 195 Backbone Router: A logical network function in an IPv6 router that 196 federates an LLN over a Backbone Link. In order to do so, the 197 Backbone Router (6BBR) proxies the 6LoWPAN ND operations 198 detailed in this document onto the matching operations that run 199 over the backbone, typically IPv6 ND. Note that 6BBR is a 200 logical function, just like 6LR and 6LBR, and that the same 201 physical router may operate all three. 202 Extended LLN: Multiple LLNs as defined in [RFC6550], interconnected 203 by a Backbone Link via Backbone Routers, and forming a single 204 IPv6 Multi-Link Subnet. 205 Registration: The process during which a 6LN registers an IPv6 206 Address with a 6LR in order to obtain services such as DAD and 207 routing back. In a Route-Over network, a router that provides 208 connectivity to the LLN (typically a 6LBR, e.g., collocated 209 with a RPL Root) may serve as proxy for the registration of the 210 6LN to the 6BBR so the 6BBR can provide IPv6 ND proxy services 211 over the Backbone. 212 Binding: The association between an IP address, a MAC address, a 213 port, and other information about the node that owns the IP 214 Address. 215 Registered Node: The 6LN for which the registration is performed, 216 and which owns the fields in the Extended ARO option. 217 Registering Node: The node that performs the registration; this may 218 be the Registered Node, or a proxy such as a 6LBR performing a 219 registration to a 6BBR, on behalf of the Registered Node. 220 Registered Address: An address owned by the Registered Node that was 221 or is being registered. 222 RFC6775-only: Applied to a type of node or a type of message, this 223 adjective indicates a behavior that is strictly as specified by 224 [RFC6775] as opposed to updated with this specification. 225 updated: Qualifies a 6LN, a 6LR, or a 6LBR that supports this 226 specification. 228 3. Applicability of Address Registration Options 230 The purpose of the Address Registration Option (ARO) in [RFC6775] is 231 to facilitate duplicate address detection (DAD) for hosts as well as 232 to populate Neighbor Cache Entries (NCEs) [RFC4861] in the routers. 233 This reduces the reliance on multicast operations, which are often as 234 intrusive as broadcast, in IPv6 ND operations. 236 With this specification, a failed or useless registration can be 237 detected by a 6LR or a 6LBR for reasons other than address 238 duplication. Examples include: the router having run out of space; a 239 registration bearing a stale sequence number perhaps denoting a 240 movement of the host after the registration was placed; a host 241 misbehaving and attempting to register an invalid address such as the 242 unspecified address [RFC4291]; or a host using an address that is not 243 topologically correct on that link. 245 In such cases the host will receive an error to help diagnose the 246 issue and may retry, possibly with a different address, and possibly 247 registering to a different router, depending on the returned error. 248 The ability to return errors to address registrations is not intended 249 to be used to restrict the ability of hosts to form and use multiple 250 addresses. Rather, the intention is to conform to "Host Address 251 Availability Recommendations" [RFC7934]. 253 In particular, the freedom to form and register addresses is needed 254 for enhanced privacy; each host may register a number of addresses 255 using mechanisms such as "Privacy Extensions for Stateless Address 256 Autoconfiguration (SLAAC) in IPv6" [RFC4941]. 258 In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for 259 all the addresses to which it can currently forward packets. A 260 router using the Address Registration mechanism also needs enough 261 storage to hold NCEs for all the addresses that may be registered to 262 it, regardless of whether or not they are actively communicating. 263 The number of registrations supported by a 6LoWPAN Router (6LR) or 264 6LoWPAN Border Router (6LBR) MUST be clearly documented by the vendor 265 and the dynamic use of associated resources SHOULD be made available 266 to the network operator, e.g., to a management console. 268 A network administrator MUST deploy updated 6LR/6LBRs to support the 269 number and type of devices in their network, based on the number of 270 IPv6 addresses that those devices require and their address renewal 271 rate and behavior. 273 4. Updating RFC 6775 275 This specification introduces the Extended Address Registration 276 Option (EARO) based on the ARO as defined [RFC6775]. A 'T' flag is 277 added to indicate that a new field, the Transaction ID (TID) is 278 populated. The 'T' flag MUST be set in NS messages when this 279 specification is used, and echoed in NA messages to confirm that the 280 protocol is supported. The EUI-64 field is overloaded to carry 281 different types of information and its size may be increased when 282 backward compatibility is not an issue. 284 The extensions to the ARO option are used in the Duplicate Address 285 messages, the Duplicate Address Request (DAR) and Duplicate Address 286 Confirmation (DAC), so as to convey the additional information all 287 the way to the 6LBR. In turn the 6LBR may proxy the registration 288 using IPv6 ND over a Backbone Link as illustrated in Figure 1. Note 289 that this specification avoids the Duplicate Address message flow for 290 Link-Local Addresses in a Route-Over [RFC6606] topology. 292 6LN 6LR 6LBR 6BBR 293 | | | | 294 | NS(EARO) | | | 295 |--------------->| | | 296 | | Extended DAR | | 297 | |-------------->| | 298 | | | | 299 | | | proxy NS(EARO) | 300 | | |--------------->| 301 | | | | NS(DAD) 302 | | | | ------> 303 | | | | 304 | | | | 305 | | | proxy NA(EARO) | 306 | | |<---------------| 307 | | Extended DAC | | 308 | |<--------------| | 309 | NA(EARO) | | | 310 |<---------------| | | 311 | | | | 313 Figure 1: (Re-)Registration Flow 315 In order to support various types of link layers, this specification 316 allows multiple registrations, including for privacy / temporary 317 addresses and provides new mechanisms to help clean up stale 318 registration state as soon as possible, e.g., after a movement (see 319 Section 8). 321 Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface 322 and locates available 6LRs. A Registering Node prefers registering 323 to a 6LR that is found to support this specification, as discussed in 324 Section 5, over an RFC6775-only one, and operates in a backward- 325 compatible fashion when attaching to an RFC6775-only 6LR. 327 4.1. Extended Address Registration Option (EARO) 329 The Extended ARO (EARO) replaces the ARO and is backward compatible 330 with the ARO if and only if the Length of the option is set to 2. 331 Its format is presented in Section 6.1. More details on backward 332 compatibility can be found in Section 7. 334 The semantics of the Neighbor Solicitation (NS) and the ARO are 335 modified as follows: 337 o The address that is being registered with an NS with an EARO is 338 now the Target Address, as opposed to the Source Address as 339 specified in [RFC6775] (see Section 4.5). This change enables a 340 6LBR to use one of its addresses as source of the proxy- 341 registration of an address that belongs to a LLN Node to a 6BBR. 342 This also limits the use of an address as source address before it 343 is registered and the associated DAD process is complete. 344 o The EUI-64 field in the ARO Option is renamed Registration 345 Ownership Verifier (ROVR) and is not required to be derived from a 346 MAC address (see Section 4.3). 347 o The option Length MAY be different than 2 and take a value between 348 3 and 5, in which case the EARO is not backward compatible with an 349 ARO. The increase of size corresponds to a larger ROVR field, so 350 the size of the ROVR is inferred from the option Length. 351 o This document specifies a new flag in the EARO, the 'R' flag. If 352 the 'R' flag is set, the Registering Node expects that the 6LR 353 ensures reachability for the Registered Address, e.g., by means of 354 routing or proxying ND. Conversely, when it is not set, the 'R' 355 flag indicates that the Registering Node is a router, which for 356 instance participates to a Route-Over routing protocol such as the 357 IPv6 Routing Protocol for Low-Power and Lossy Networks [RFC6550] 358 (RPL) and that it will take care of injecting its Address over the 359 routing protocol by itself. A 6LN that acts only as a host, when 360 registering, MUST set the 'R' flag to indicate that it is not a 361 router and that it will not handle its own reachability. A 6LR 362 that manages its reachability SHOULD NOT set the 'R' flag; if it 363 does, routes towards this router may be installed on its behalf 364 and may interfere with those it injects. 365 o The specification introduces a Transaction ID (TID) field in the 366 EARO (see Section 4.2). The TID MUST be provided by a node that 367 supports this specification and another new flag, the 'T' flag, 368 MUST be set to indicate so. 369 o Finally, this specification introduces new status codes to help 370 diagnose the cause of a registration failure (see Table 1). 372 4.2. Transaction ID 374 The TID is a sequence number that is incremented by the 6LN with each 375 re-registration to a 6LR. The TID is used to detect the freshness of 376 the registration request and to detect one single registration by 377 multiple 6LoWPAN border routers (e.g., 6LBRs and 6BBRs) supporting 378 the same 6LoWPAN. The TID may also be used by the network to route 379 to the current (freshest known) location of a moving node by spotting 380 the most recent TID. 382 When a Registered Node is registered with multiple 6BBRs in parallel, 383 the same TID MUST be used. This enables the 6BBRs to determine that 384 the registrations are the same, and distinguish that situation from a 385 movement (see section 4 of [I-D.ietf-6lo-backbone-router] and 386 Section 4.7 below). 388 4.2.1. Comparing TID values 390 The TID is a sequence counter and its operation is the exact match of 391 the path sequence specified in RPL, the IPv6 Routing Protocol for 392 Low-Power and Lossy Networks [RFC6550] specification. 394 In order to keep this document self-contained and yet compatible, the 395 text below is an exact copy from section 7.2. "Sequence Counter 396 Operation" of [RFC6550]. 398 A TID is deemed to be fresher than another when its value is greater 399 per the operations detailed in this section. 401 The TID range is subdivided in a 'lollipop' fashion ([Perlman83]), 402 where the values from 128 and greater are used as a linear sequence 403 to indicate a restart and bootstrap the counter, and the values less 404 than or equal to 127 used as a circular sequence number space of size 405 128 as in [RFC1982]. Consideration is given to the mode of operation 406 when transitioning from the linear region to the circular region. 407 Finally, when operating in the circular region, if sequence numbers 408 are detected to be too far apart then they are not comparable, as 409 detailed below. 411 A window of comparison, SEQUENCE_WINDOW = 16, is configured based on 412 a value of 2^N, where N is defined to be 4 in this specification. 414 For a given sequence counter, 416 1. The sequence counter SHOULD be initialized to an implementation 417 defined value which is 128 or greater prior to use. A 418 recommended value is 240 (256 - SEQUENCE_WINDOW). 419 2. When a sequence counter increment would cause the sequence 420 counter to increment beyond its maximum value, the sequence 421 counter MUST wrap back to zero. When incrementing a sequence 422 counter greater than or equal to 128, the maximum value is 255. 423 When incrementing a sequence counter less than 128, the maximum 424 value is 127. 425 3. When comparing two sequence counters, the following rules MUST be 426 applied: 428 1. When a first sequence counter A is in the interval [128..255] 429 and a second sequence counter B is in [0..127]: 431 1. If (256 + B - A) is less than or equal to 432 SEQUENCE_WINDOW, then B is greater than A, A is less than 433 B, and the two are not equal. 434 2. If (256 + B - A) is greater than SEQUENCE_WINDOW, then A 435 is greater than B, B is less than A, and the two are not 436 equal. 438 For example, if A is 240, and B is 5, then (256 + 5 - 240) is 439 21. 21 is greater than SEQUENCE_WINDOW (16), thus 240 is 440 greater than 5. As another example, if A is 250 and B is 5, 441 then (256 + 5 - 250) is 11. 11 is less than SEQUENCE_WINDOW 442 (16), thus 250 is less than 5. 443 2. In the case where both sequence counters to be compared are 444 less than or equal to 127, and in the case where both 445 sequence counters to be compared are greater than or equal to 446 128: 448 1. If the absolute magnitude of difference between the two 449 sequence counters is less than or equal to 450 SEQUENCE_WINDOW, then a comparison as described in 451 [RFC1982] is used to determine the relationships greater 452 than, less than, and equal. 453 2. If the absolute magnitude of difference of the two 454 sequence counters is greater than SEQUENCE_WINDOW, then a 455 desynchronization has occurred and the two sequence 456 numbers are not comparable. 457 4. If two sequence numbers are determined to be not comparable, 458 i.e., the results of the comparison are not defined, then a node 459 should give precedence to the sequence number that was most 460 recently incremented. Failing this, the node should select the 461 sequence number in order to minimize the resulting changes to its 462 own state. 464 4.3. Registration Ownership Verifier 466 The ROVR field generalizes the EUI-64 field of the ARO defined in 467 [RFC6775]. It is scoped to a registration and enables recognizing 468 and blocking an attempt to register a duplicate address, which is 469 characterized by a different ROVR in the conflicting registrations. 470 It can also be used to protect the ownership of a Registered Address, 471 if the proof-of-ownership of the ROVR can be obtained (more in 472 Section 4.6). 474 The ROVR can be of different types, as long as the type is signaled 475 in the message that carries the new type. For instance, the type can 476 be a cryptographic string and used to prove the ownership of the 477 registration as specified in "Address Protected Neighbor Discovery 478 for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to 479 support the flows related to the proof-of-ownership, this 480 specification introduces new status codes "Validation Requested" and 481 "Validation Failed" in the EARO. 483 Note on ROVR collision: different techniques for forming the ROVR 484 will operate in different name-spaces. [RFC6775] operates on EUI- 485 64(TM) addresses. [I-D.ietf-6lo-ap-nd] generates cryptographic 486 tokens. While collisions are not expected in the EUI-64 name-space 487 only, they may happen in the case of [I-D.ietf-6lo-ap-nd] and in a 488 mixed situation. An implementation that understands the name-space 489 MUST consider that ROVRs from different name-spaces are different 490 even if they have the same value. An RFC6775-only will confuse the 491 name-spaces, which slightly increases the risk of a ROVR collision. 492 A collision of ROVR has no effect if the two Registering Nodes 493 register different addresses, since the ROVR is only significant 494 within the context of one registration. A ROVR is not expected to be 495 unique to one registration, as this specification allows a node to 496 use the same ROVR to register multiple IPv6 addresses. This is why 497 the ROVR MUST NOT be used as a key to identify the Registering Node, 498 or as an index to the registration. It is only used as a match to 499 ensure that the node that updates a registration for an IPv6 address 500 is the node that made the original registration for that IPv6 501 address. Also, when the ROVR is not an EUI-64 address, then it MUST 502 NOT be used as the interface ID of the Registered Address. This way, 503 a registration that uses that ROVR will not collision with that of an 504 IPv6 Address derived from EUI-64 and using the EUI-64 as ROVR per 505 [RFC6775]. 507 The Registering Node SHOULD store the ROVR, or enough information to 508 regenerate it, in persistent memory. If this is not done and an 509 event such as a reboot causes a loss of state, re-registering the 510 same address could be impossible until the 6LRs and the 6LBR time out 511 the previous registration, or a management action is taken to clear 512 the relevant state in the network. 514 4.4. Extended Duplicate Address Messages 516 In order to map the new EARO content in the Extended Duplicate 517 Address (EDA) messages, a new TID field is added to the Extended DAR 518 (EDAR) and the Extended DAC (EDAC) messages as a replacement of the 519 Reserved field, and a non-null value of the ICMP Code indicates 520 support for this specification. The format of the EDA messages is 521 presented in Section 6.2. 523 As with the EARO, the Extended Duplicate Address messages are 524 backward compatible with the RFC6775-only versions as long as the 525 ROVR field is 64 bits long. Remarks concerning backwards 526 compatibility for the protocol between the 6LN and the 6LR apply 527 similarly between a 6LR and a 6LBR. 529 4.5. Registering the Target Address 531 The Registering Node is the node that performs the registration to 532 the 6BBR. As in [RFC6775], it may be the Registered Node as well, in 533 which case it registers one of its own addresses and indicates its 534 own MAC Address as Source Link Layer Address (SLLA) in the NS(EARO). 536 This specification adds the capability to proxy the registration 537 operation on behalf of a Registered Node that is reachable over an 538 LLN mesh. In that case, if the Registered Node is reachable from the 539 6BBR over a Mesh-Under mesh, the Registering Node indicates the MAC 540 Address of the Registered Node as the SLLA in the NS(EARO). If the 541 Registered Node is reachable over a Route-Over mesh from the 542 Registering Node, the SLLA in the NS(ARO) is that of the Registering 543 Node. This enables the Registering Node to attract the packets from 544 the 6BBR and route them over the LLN to the Registered Node. 546 In order to enable the latter operation, this specification changes 547 the behavior of the 6LN and the 6LR so that the Registered Address is 548 found in the Target Address field of the NS and NA messages as 549 opposed to the Source Address. With this convention, a TLLA option 550 indicates the link-layer address of the 6LN that owns the address. 552 If Registering Node expects packets for the 6LN, e.g., a 6LBR also 553 acting as RPL Root, then it MUST place its own Link Layer Address in 554 the SLLA Option that MUST always be placed in a registration NS(EARO) 555 message. This maintains compatibility with RFC6775-only 6LoWPAN ND 556 [RFC6775]. 558 4.6. Link-Local Addresses and Registration 560 Considering that LLN nodes are often not wired and may move, there is 561 no guarantee that a Link-Local Address stays unique between a 562 potentially variable and unbounded set of neighboring nodes. 564 Compared to [RFC6775], this specification only requires that a Link- 565 Local Address be unique from the perspective of the two nodes that 566 use it to communicate (e.g., the 6LN and the 6LR in an NS/NA 567 exchange). This simplifies the DAD process in a Route-Over topology 568 for Link-Local Addresses by avoiding an exchange of EDA messages 569 between the 6LR and a 6LBR for those addresses. 571 In more details: 573 An exchange between two nodes using Link-Local Addresses implies that 574 they are reachable over one hop. A node MUST register a Link-Local 575 Address to a 6LR in order to obtain reachability from that 6LR beyond 576 the current exchange, and in particular to use the Link-Local Address 577 as source address to register other addresses, e.g., global 578 addresses. 580 If there is no collision with an address previously registered to 581 this 6LR by another 6LN, then the Link-Local Address is unique from 582 the standpoint of this 6LR and the registration is not a duplicate. 583 Alternatively, two different 6LRs might expose the same Link-Local 584 Address but different link-layer addresses. In that case, a 6LN MUST 585 only interact with at most one of the 6LRs. 587 The DAD process between the 6LR and a 6LBR, which is based on an 588 exchange of EDA messages, does not need to take place for Link-Local 589 Addresses. 591 When registering to a 6LR that conforms to this specification (see 592 Section 7.1, a node MUST use a Link-Local Address as the source 593 address of the registration, whatever the type of IPv6 address that 594 is being registered. That Link-Local Address MUST be either an 595 address that is already registered to the 6LR, or the address that is 596 being registered. 598 When a Registering Node does not have an already-registered Address, 599 it MUST register a Link-Local Address, using it as both the Source 600 and the Target Address of an NS(EARO) message. In that case, it is 601 RECOMMENDED to use a Link-Local Address that is (expected to be) 602 globally unique, e.g., derived from a globally unique EUI-64 address. 603 A 6LR that supports this specification replies with an NA(EARO), 604 setting the appropriate status. 606 Since there is no exchange of EDA messages for Link-Local Addresses, 607 the 6LR may answer immediately to the registration of a Link-Local 608 Address, based solely on its existing state and the Source Link-Layer 609 Option that is placed in the NS(EARO) message as required in 610 [RFC6775]. 612 A node needs to register its IPv6 Global Unicast Addresses (GUAs) to 613 a 6LR in order to establish global reachability for these addresses 614 via that 6LR. When registering with an updated 6LR, a Registering 615 Node does not use a GUA as Source Address, in contrast to a node that 616 complies to [RFC6775]. For non-Link-Local Addresses, the exchange of 617 EDA messages MUST conform to [RFC6775], but the extended formats 618 described in this specification for the DAR and the DAC are used to 619 relay the extended information in the case of an EARO. 621 4.7. Maintaining the Registration States 623 This section discusses protocol actions that involve the Registering 624 Node, the 6LR, and the 6LBR. It must be noted that the portion that 625 deals with a 6LBR only applies to those addresses that are registered 626 to it; as discussed in Section 4.6, this is not the case for Link- 627 Local Addresses. The registration state includes all data that is 628 stored in the router relative to that registration, in particular, 629 but not limited to, an NCE. 6LBRs and 6BBRs may store additional 630 registration information in more complex abstract data structures and 631 use protocols that are out of scope of this document to keep them 632 synchronized when they are distributed. 634 When its resource available to store registration states are 635 exhausted, a 6LR cannot accept a new registration. In that 636 situation, the EARO is returned in an NA message with a Status Code 637 of "Neighbor Cache Full" (Table 1), and the Registering Node may 638 attempt to register to another 6LR. 640 If the registry in the 6LBR is saturated, then the 6LBR cannot decide 641 whether a registration for a new address is a duplicate. In that 642 case, the 6LBR replies to an EDAR message with an EDAC message that 643 carries a new Status Code indicating "6LBR Registry saturated" 644 (Table 1). Note: this code is used by 6LBRs instead of "Neighbor 645 Cache Full" when responding to a Duplicate Address message exchange 646 and is passed on to the Registering Node by the 6LR. There is no 647 point for the node to retry this registration immediately via another 648 6LR, since the problem is global to the network. The node may either 649 abandon that address, de-register other addresses first to make room, 650 or keep the address in TENTATIVE state and retry later. 652 A node renews an existing registration by sending a new NS(EARO) 653 message for the Registered Address. In order to refresh the 654 registration state in the 6LBR, the registration MUST be reported to 655 the 6LBR. 657 A node that ceases to use an address SHOULD attempt to de-register 658 that address from all the 6LRs to which it has registered the 659 address. This is achieved using an NS(EARO) message with a 660 Registration Lifetime of 0. If this is not done, a state will remain 661 in the network for its Lifetime. 663 A node that moves away from a particular 6LR SHOULD attempt to de- 664 register all of its addresses registered to that 6LR and register to 665 a new 6LR with an incremented TID. When/if the node shows up 666 elsewhere, an asynchronous NA(EARO) or EDAC message with a Status 667 Code of "Moved" SHOULD be used to clean up the state in the previous 668 location. For instance, as described in 670 [I-D.ietf-6lo-backbone-router], the "Moved" status can be used by a 671 6BBR in an NA(EARO) message to indicate that the ownership of the 672 proxy state on the Backbone Link was transferred to another 6BBR as 673 the consequence of a movement of the device. If the receiver of the 674 message has a state corresponding to the related address, it SHOULD 675 propagate the status down the forwarding path to the Registered node 676 (e.g., reversing an existing RPL [RFC6550] path as prescribed in 677 [I-D.ietf-roll-efficient-npdao]). Whether it could do so or not, the 678 receiver MUST clean up said state. 680 Upon receiving an NS(EARO) message with a Registration Lifetime of 0 681 and determining that this EARO is the freshest for a given NCE (see 682 Section 4.2), a 6LR cleans up its NCE. If the address was registered 683 to the 6LBR, then the 6LR MUST report to the 6LBR, through a 684 Duplicate Address exchange with the 6LBR, indicating the null 685 Registration Lifetime and the latest TID that this 6LR is aware of. 687 Upon receiving the EDAR message, the 6LBR evaluates if this is the 688 most recent TID it has received for that particular registry entry. 689 If so, then the EDAR is answered with an EDAC message bearing a 690 Status of "Success" and the entry is scheduled to be removed. 691 Otherwise, a Status Code of "Moved" is returned instead, and the 692 existing entry is maintained. 694 When an address is scheduled to be removed, the 6LBR SHOULD keep its 695 entry in a DELAY state for a configurable period of time, so as to 696 protect a mobile node that de-registered from one 6LR and did not 697 register yet to a new one, or the new registration did not yet reach 698 the 6LBR due to propagation delays in the network. Once the DELAY 699 time is passed, the 6LBR silently removes its entry. 701 5. Detecting Enhanced ARO Capability Support 703 "Generic Header Compression for IPv6 over 6LoWPANs" [RFC7400] 704 introduces the 6LoWPAN Capability Indication Option (6CIO) to 705 indicate a node's capabilities to its peers. The 6CIO MUST be 706 present in both Router Solicitation (RS) and Router Advertisement 707 (RA) messages, unless the information therein was already shared. 708 This can have happened in recent exchanges. The information can also 709 be implicit, or pre-configured in all nodes in a network. In any 710 case, a 6CIO MUST be placed in an RA message that is sent in response 711 to an RS with a 6CIO. 713 Section 6.3 defines a new flag for the 6CIO to signal support for 714 EARO by the issuer of the message and Section 7.1 specifies how the 715 flag is to be used. New flags are also added to the 6CIO to signal 716 the sender's capability to act as a 6LR, 6LBR, and 6BBR (see 717 Section 6.3). 719 Section 6.3 also defines a new flag that indicates the support of EDA 720 messages by the 6LBR. This flag is valid in RA messages but not in 721 RS messages. More information on the 6LBR is found in a separate 722 Authoritative Border Router Option (ABRO). The ABRO is placed in RA 723 messages as prescribed by [RFC6775]; in particular, it MUST be placed 724 in an RA message that is sent in response to an RS with a 6CIO 725 indicating the capability to act as a 6LR, since the RA propagates 726 information between routers. 728 6. Extended ND Options and Messages 730 This specification does not introduce new options, but it modifies 731 existing ones and updates the associated behaviors as specified in 732 the following subsections. 734 6.1. Extended Address Registration Option (EARO) 736 The Address Registration Option (ARO) is defined in section 4.1 of 737 [RFC6775]. 739 The Extended Address Registration Option (EARO) replaces the ARO used 740 within Neighbor Discovery NS and NA messages between a 6LN and its 741 6LR. Similarly, the EDA messages, EDAR and EDAC, replace the DAR and 742 DAC messages so as to transport the new information between 6LRs and 743 6LBRs across LLN meshes such as 6TiSCH networks. 745 An NS message with an EARO is a registration if and only if it also 746 carries an SLLA Option. The EARO is also used in NS and NA messages 747 between Backbone Routers [I-D.ietf-6lo-backbone-router] over the 748 Backbone Link to sort out the distributed registration state; in that 749 case, it does not carry the SLLA Option and is not confused with a 750 registration. 752 When using the EARO, the address being registered is found in the 753 Target Address field of the NS and NA messages. 755 The EARO extends the ARO and is indicated by the 'T' flag being set. 756 The format of the EARO is as follows: 758 0 1 2 3 759 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 760 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 761 | Type | Length | Status | Reserved | 762 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 763 | Reserved |R|T| TID | Registration Lifetime | 764 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 765 | | 766 ... Registration Ownership Verifier ... 767 | | 768 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 770 Figure 2: EARO 772 Option Fields 774 Type: 33 775 Length: 8-bit unsigned integer. The length of the option in 776 units of 8 bytes. It MUST be 2 when operating in 777 backward-compatible mode. It MAY be 3, 4 or 5, 778 denoting a ROVR size of 128, 192 and 256 bits 779 respectively. 780 Status: 8-bit unsigned integer. Indicates the status of a 781 registration in the NA response. MUST be set to 0 in 782 NS messages. See Table 1 below. 784 +-------+-----------------------------------------------------------+ 785 | Value | Description | 786 +-------+-----------------------------------------------------------+ 787 | 0..2 | See [RFC6775]. Note: a Status of 1 ("Duplicate Address") | 788 | | applies to the Registered Address. If the Source Address | 789 | | conflicts with an existing registration, "Duplicate | 790 | | Source Address" MUST be used. | 791 | | | 792 | 3 | Moved: The registration failed because it is not the | 793 | | freshest. This Status indicates that the registration is | 794 | | rejected because another more recent registration was | 795 | | done, as indicated by a same ROVR and a more recent TID. | 796 | | One possible cause is a stale registration that has | 797 | | progressed slowly in the network and was passed by a more | 798 | | recent one. It could also indicate a ROVR collision. | 799 | | | 800 | 4 | Removed: The binding state was removed. This status may | 801 | | be placed in an NA(EARO) message that is sent as the | 802 | | rejection of a proxy registration to a Backbone Router, | 803 | | or in an asynchronous NA(EARO) at any time. | 804 | | | 805 | 5 | Validation Requested: The Registering Node is challenged | 806 | | for owning the Registered Address or for being an | 807 | | acceptable proxy for the registration. This Status is | 808 | | expected in asynchronous messages from a registrar (6LR, | 809 | | 6LBR, 6BBR) to indicate that the registration state is | 810 | | removed, for instance, due to a movement of the device. | 811 | | | 812 | 6 | Duplicate Source Address: The address used as source of | 813 | | the NS(ARO) conflicts with an existing registration. | 814 | | | 815 | 7 | Invalid Source Address: The address used as source of the | 816 | | NS(ARO) is not a Link-Local Address as prescribed by this | 817 | | document. | 818 | | | 819 | 8 | Registered Address topologically incorrect: The address | 820 | | being registered is not usable on this link, e.g., it is | 821 | | not topologically correct | 822 | | | 823 | 9 | 6LBR Registry saturated: A new registration cannot be | 824 | | accepted because the 6LBR Registry is saturated. Note: | 825 | | this code is used by 6LBRs instead of Status 2 when | 826 | | responding to a Duplicate Address message exchange and is | 827 | | passed on to the Registering Node by the 6LR. | 828 | | | 829 | 10 | Validation Failed: The proof of ownership of the | 830 | | registered address is not correct. | 831 +-------+-----------------------------------------------------------+ 833 Table 1: EARO Status 835 Reserved: This field is unused. It MUST be initialized to zero 836 by the sender and MUST be ignored by the receiver. 837 R: One-bit flag. If the 'R' flag is set, the 838 Registering Node expects that the 6LR ensures 839 reachability for the registered address, e.g., by 840 injecting the address in a Route-Over routing 841 protocol or proxying ND over a Backbone Link. 842 T: One-bit flag. Set if the next octet is used as a 843 TID. 844 TID: One-byte integer; a Transaction ID that is maintained 845 by the node and incremented with each transaction. 846 Registration Lifetime: 16-bit integer; expressed in minutes. 0 847 means that the registration has ended and the 848 associated state MUST be removed. 849 Registration Ownership Verifier (ROVR): Enables the correlation 850 between multiple attempts to register a same IPv6 851 Address. This can be a unique ID of the Registering 852 Node, such as the EUI-64 address of an interface. 853 This can also be a token obtained with cryptographic 854 methods and used as proof of ownership of the 855 registration. The scope of a ROVR is the 856 registration of a particular IPv6 Address and it 857 cannot be used to correlate registrations of 858 different addresses. 860 6.2. Extended Duplicate Address Message Formats 862 The DAR and DAC messages are defined in section 4.4 of [RFC6775]. 863 Those messages follow a common base format, which enables information 864 from the ARO to be transported over multiple hops. 866 Those messages are extended to adapt to the new EARO format, as 867 follows: 869 0 1 2 3 870 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 871 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 872 | Type | Code | Checksum | 873 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 874 | Status | TID | Registration Lifetime | 875 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 876 | | 877 ... Registration Ownership Verifier ... 878 | | 879 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 880 | | 881 + + 882 | | 883 + Registered Address + 884 | | 885 + + 886 | | 887 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 889 Figure 3: Duplicate Address Messages Format 891 Modified Message Fields 893 Code: The ICMP Code as defined in [RFC4443]. The ICMP Code 894 MUST be set to 1 with this specification. An non- 895 null value of the ICMP Code indicates support for 896 this specification. 897 TID: 1-byte integer; same definition and processing as the 898 TID in the EARO as defined in Section 6.1. 899 Registration Ownership Verifier (ROVR): The size of the ROVR is 900 computed from the overall size of the IPv6 packet. 902 It MUST be 64bits long when operating in backward- 903 compatible mode. This field has the same definition 904 and processing as the ROVR in the EARO option as 905 defined in Section 6.1. 907 6.3. New 6LoWPAN Capability Bits in the Capability Indication Option 909 This specification defines 5 new capability bits for use in the 6CIO, 910 which was introduced by [RFC7400] for use in IPv6 ND RA messages. 912 This specification introduces the "E" flag to indicate that extended 913 ARO can be used in a registration. A 6LR that supports this 914 specification MUST set the "E" flag. 916 A similar flag "D" indicates the support of Extended Duplicate 917 Address Messages by the 6LBR; A 6LBR that supports this specification 918 MUST set the "D" flag. The "D" flag is learned from advertisements 919 by a 6LBR, and is propagated down a graph of 6LRs as a node acting as 920 6LN registers to a 6LR (which could be the 6LBR), and in turn becomes 921 a 6LR to which other 6LNs will register. 923 The new "L", "B", and "P" flags, indicate whether a router is capable 924 of acting as 6LR, 6LBR, and 6BBR, respectively. These flags are not 925 mutually exclusive and a node MUST set all the flags that are 926 relevant to it. 928 As an example, a 6LBR sets the "B" and "D" flags. If it acts as a 929 6LR, then it sets the "L" and "E" flags. If it is collocated with a 930 6BBR, then it also sets the "P" flag. 932 0 1 2 3 933 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 934 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 935 | Type | Length = 1 | Reserved |D|L|B|P|E|G| 936 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 937 | Reserved | 938 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 940 Figure 4: New capability Bits L, B, P, E in the 6CIO 942 Option Fields 944 Type: 36 945 L: Node is a 6LR. 946 B: Node is a 6LBR. 947 P: Node is a 6BBR. 948 E: Node supports registrations based on EARO. 950 D: 6LBR supports EDA messages. 952 7. Backward Compatibility 954 7.1. Discovering the Capabilities of Router 956 A 6LR that supports this specification MUST place a 6CIO in its RA 957 messages. A typical flow when a node starts up is that it sends a 958 multicast RS and receives one or more unicast RA messages. If the 959 6LR can process Extended ARO, then the "E" Flag is set in the RA. 961 This specification changes the behavior of the peers in a 962 registration flow. To enable backward compatibility, a 6LN that 963 registers to a 6LR that is not known to support this specification 964 MUST behave in a manner that is backward-compatible with [RFC6775]. 965 On the contrary, if the 6LR is known to support this specification, 966 then the 6LN MUST conform to this specification when communicating 967 with that 6LR. 969 A 6LN that supports this specification MUST always use an EARO as a 970 replacement for an ARO in its registration to a router. This is 971 harmless since the 'T' flag and TID field are reserved in [RFC6775], 972 and are ignored by an RFC6775-only router. A router that supports 973 this specification MUST answer an NS(ARO) and an NS(EARO) with an 974 NA(EARO). A router that does not support this specification will 975 consider the ROVR as an EUI-64 address and treat it the same, which 976 has no consequence if the Registered Addresses are different. 978 7.2. RFC6775-only 6LoWPAN Node 980 An RFC6775-only 6LN will use the Registered Address as the source 981 address of the NS message and will not use an EARO. An updated 6LR 982 MUST accept that registration if it is valid per [RFC6775], and it 983 MUST manage the binding cache accordingly. The updated 6LR MUST then 984 use the RFC6775-only EDA messages as specified in [RFC6775] to 985 indicate to the 6LBR that the TID is not present in the messages. 987 The main difference from [RFC6775] is that the exchange of EDA 988 messages for the purpose of DAD is avoided for Link-Local Addresses. 989 In any case, the 6LR MUST use an EARO in the reply, and can use any 990 of the Status codes defined in this specification. 992 7.3. RFC6775-only 6LoWPAN Router 994 An updated 6LN discovers the capabilities of the 6LR in the 6CIO in 995 RA messages from that 6LR; if the 6CIO was not present in the RA, 996 then the 6LR is assumed to be a RFC6775-only 6LoWPAN Router. 998 An updated 6LN MUST use an EARO in the request regardless of the type 999 of 6LR, RFC6775-only or updated, which implies that the 'T' flag is 1000 set. It MUST use a ROVR of 64 bits if the 6LR is an RFC6775-only 1001 6LoWPAN Router. 1003 If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR, 1004 the RFC6775-only 6LR will send an RFC6775-only DAR message, which 1005 cannot be compared with an updated one for freshness. Allowing 1006 RFC6775-only DAR messages to replace a state established by the 1007 updated protocol in the 6LBR would be an attack vector and that 1008 cannot be the default behavior. But if RFC6775-only and updated 6LRs 1009 coexist temporarily in a network, then it makes sense for an 1010 administrator to install a policy that allows so, and the capability 1011 to install such a policy should be configurable in a 6LBR though it 1012 is out of scope for this document. 1014 7.4. RFC6775-only 6LoWPAN Border Router 1016 With this specification, the Duplicate Address messages are extended 1017 to transport the EARO information. Similarly to the NS/NA exchange, 1018 an updated 6LBR MUST always use the EDA messages. 1020 Note that an RFC6775-only 6LBR will accept and process an EDAR 1021 message as if it were an RFC6775-only DAR, as long as the ROVR is 64 1022 bits long. An updated 6LR discovers the capabilities of the 6LBR in 1023 the 6CIO in RA messages from the 6LR; if the 6CIO was not present in 1024 any RA, then the 6LBR si assumed to be a RFC6775-only 6LoWPAN Border 1025 Router. 1027 If the 6LBR is RFC6775-only, and the ROVR in the NS(EARO) was more 1028 than 64 bits long, then the 6LR MUST truncate the ROVR to the 64 1029 rightmost bit and place the result in the EDAR message to maintain 1030 compatibility. This way, the support of DAD is preserved. 1032 8. Security Considerations 1034 This specification extends [RFC6775], and the security section of 1035 that document also applies to this as well. In particular, it is 1036 expected that the link layer is sufficiently protected to prevent 1037 rogue access, either by means of physical or IP security on the 1038 Backbone Link and link-layer cryptography on the LLN. 1040 [RFC6775] does not protect the content of its messages and expects a 1041 lower layer encryption to defeat potential attacks. This 1042 specification also expects that the LLN MAC provides secure unicast 1043 to/from the Backbone Router and secure Broadcast or Multicast from 1044 the Backbone Router in a way that prevents tampering with or 1045 replaying the Neighbor Discovery messages. 1047 This specification recommends using privacy techniques (see 1048 Section 9) and protecting against address theft such as provided by 1049 "Address Protected Neighbor Discovery for Low-power and Lossy 1050 Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the 1051 Registered Address using a cryptographic ROVR. 1053 The registration mechanism may be used by a rogue node to attack the 1054 6LR or the 6LBR with a Denial-of-Service attack against the registry. 1055 It may also happen that the registry of a 6LR or a 6LBR is saturated 1056 and cannot take any more registrations, which effectively denies the 1057 requesting node the capability to use a new address. In order to 1058 alleviate those concerns, Section 4.7 provides a number of 1059 recommendations that ensure that a stale registration is removed as 1060 soon as possible from the 6LR and 6LBR. In particular, this 1061 specification recommends that: 1063 o A node that ceases to use an address SHOULD attempt to de-register 1064 that address from all the 6LRs to which it is registered. See 1065 Section 4.2 for the mechanism to avoid replay attacks and avoiding 1066 the use of stale registration information. 1067 o The Registration lifetimes SHOULD be individually configurable for 1068 each address or group of addresses. The nodes SHOULD be 1069 configured with a Registration Lifetime that reflects their 1070 expectation of how long they will use the address with the 6LR to 1071 which it is registered. In particular, use cases that involve 1072 mobility or rapid address changes SHOULD use lifetimes that are 1073 larger yet of a same order as the duration of the expectation of 1074 presence. 1075 o The router (6LR or 6LBR) SHOULD be configurable so as to limit the 1076 number of addresses that can be registered by a single node, but 1077 as a protective measure only. A node may be identified by MAC 1078 address, but a stronger identification (e.g., by security 1079 credentials) is RECOMMENDED. When that maximum is reached, the 1080 router should use a Least-Recently-Used (LRU) algorithm to clean 1081 up the addresses, keeping at least one Link-Local Address. The 1082 router SHOULD attempt to keep one or more stable addresses if 1083 stability can be determined, e.g., because they are used over a 1084 much longer time span than other (privacy, shorter-lived) 1085 addresses. Address lifetimes SHOULD be individually configurable. 1086 o In order to avoid denial of registration for the lack of 1087 resources, administrators should take great care to deploy 1088 adequate numbers of 6LRs to cover the needs of the nodes in their 1089 range, so as to avoid a situation of starving nodes. It is 1090 expected that the 6LBR that serves an LLN is a more capable node 1091 than the average 6LR, but in a network condition where it may 1092 become saturated, a particular deployment should distribute the 1093 6LBR functionality, for instance by leveraging a high speed 1094 Backbone Link and Backbone Routers to aggregate multiple LLNs into 1095 a larger subnet. 1097 The LLN nodes depend on the 6LBR and the 6BBR for their operation. A 1098 trust model must be put in place to ensure that the right devices are 1099 acting in these roles so as to avoid threats such as black-holing or 1100 bombing attack whereby an impersonated 6LBR would destroy state in 1101 the network by using the "Removed" Status code. This trust model 1102 could be at a minimum based on a Layer-2 access control, or could 1103 provide role validation as well (see Req5.1 in Appendix B.5). 1105 9. Privacy Considerations 1107 As indicated in Section 3, this protocol does not inherently limit 1108 the number of IPv6 addresses that each device can form. However, to 1109 mitigate denial-of-service attacks, it can be useful as a protective 1110 measure to have a limit that is high enough not to interfere with the 1111 normal behavior of devices in the network. A host should be able to 1112 form and register any address that is topologically correct in the 1113 subnet(s) advertised by the 6LR/6LBR. 1115 This specification does not mandate any particular way for forming 1116 IPv6 addresses, but it discourages using EUI-64 for forming the 1117 Interface ID in the Link-Local Address because this method prevents 1118 the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971], 1119 "Cryptographically Generated Addresses (CGA)" [RFC3972], and that of 1120 address privacy techniques. 1122 "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" 1123 [RFC8065] explains why privacy is important and how to form privacy- 1124 aware addresses. All implementations and deployments must consider 1125 the option of privacy addresses in their own environments. 1127 The IPv6 address of the 6LN in the IPv6 header can be compressed 1128 statelessly when the Interface Identifier in the IPv6 address can be 1129 derived from the Lower Layer address. When it is not critical to 1130 benefit from that compression, e.g., the address can be compressed 1131 statefully, or it is rarely used and/or it is used only over one hop, 1132 then privacy concerns should be considered. In particular, new 1133 implementations should follow the IETF "Recommendation on Stable IPv6 1134 Interface Identifiers" [RFC8064]. [RFC8064] recommends the use of "A 1135 Method for Generating Semantically Opaque Interface Identifiers with 1136 IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for 1137 generating Interface Identifiers to be used in SLAAC. 1139 10. IANA Considerations 1141 Note to RFC Editor, to be removed: please replace "This RFC" 1142 throughout this document by the RFC number for this specification 1143 once it is allocated. 1145 IANA is requested to make a number of changes under the "Internet 1146 Control Message Protocol version 6 (ICMPv6) Parameters" registry, as 1147 follows. 1149 10.1. ARO Flags 1151 IANA is requested to create a new subregistry for "ARO Flags". This 1152 specification defines 8 positions, bit 0 to bit 7, and assigns bit 6 1153 for the 'R' flag and bit 7 for the 'T' flag (see Section 6.1). The 1154 policy is "IETF Review" or "IESG Approval" [RFC8126]. The initial 1155 content of the registry is as shown in Table 2. 1157 New subregistry for ARO Flags under the "Internet Control Message 1158 Protocol version 6 (ICMPv6) [RFC4443] Parameters" 1160 +-------------+--------------+-----------+ 1161 | ARO Status | Description | Document | 1162 +-------------+--------------+-----------+ 1163 | 0..5 | Unassigned | | 1164 | | | | 1165 | 6 | 'R' Flag | This RFC | 1166 | | | | 1167 | 7 | 'T' Flag | This RFC | 1168 +-------------+--------------+-----------+ 1170 Table 2: new ARO Flags 1172 10.2. ICMP Codes 1174 IANA is requested to create 2 new subregistries of the ICMPv6 "Code" 1175 Fields registry, which itself is a subregistry of the Internet 1176 Control Message Protocol version 6 (ICMPv6) Parameters for the ICMP 1177 codes. The new subregistries relate to the ICMP type 157, Duplicate 1178 Address Request (shown in Table 3), and 158, Duplicate Address 1179 Confirmation (shown in Table 4), respectively. The range of an 1180 ICMPv6 "Code" Field is 0..255 in all cases. The policy is "IETF 1181 Review" or "IESG Approval" [RFC8126] for both subregistries. The new 1182 subregistries are initialized as follows: 1184 New entries for ICMP types 157 DAR message 1186 +---------+----------------------+------------+ 1187 | Code | Name | Reference | 1188 +---------+----------------------+------------+ 1189 | 0 | Original DAR message | RFC 6775 | 1190 | | | | 1191 | 1 | Extended DAR message | This RFC | 1192 | | | | 1193 | 2...255 | Unassigned | | 1194 +---------+----------------------+------------+ 1196 Table 3: new ICMPv6 Code Fields 1198 New entries for ICMP types 158 DAC message 1200 +---------+----------------------+------------+ 1201 | Code | Name | Reference | 1202 +---------+----------------------+------------+ 1203 | 0 | Original DAC message | RFC 6775 | 1204 | | | | 1205 | 1 | Extended DAC message | This RFC | 1206 | | | | 1207 | 2...255 | Unassigned | | 1208 +---------+----------------------+------------+ 1210 Table 4: new ICMPv6 Code Fields 1212 10.3. New ARO Status values 1214 IANA is requested to make additions to the Address Registration 1215 Option Status Values Registry as follows: 1217 Address Registration Option Status Values Registry 1219 +-------------+-----------------------------------------+-----------+ 1220 | ARO Status | Description | Document | 1221 +-------------+-----------------------------------------+-----------+ 1222 | 3 | Moved | This RFC | 1223 | | | | 1224 | 4 | Removed | This RFC | 1225 | | | | 1226 | 5 | Validation Requested | This RFC | 1227 | | | | 1228 | 6 | Duplicate Source Address | This RFC | 1229 | | | | 1230 | 7 | Invalid Source Address | This RFC | 1231 | | | | 1232 | 8 | Registered Address topologically | This RFC | 1233 | | incorrect | | 1234 | | | | 1235 | 9 | 6LBR Registry saturated | This RFC | 1236 | | | | 1237 | 10 | Validation Failed | This RFC | 1238 +-------------+-----------------------------------------+-----------+ 1240 Table 5: New ARO Status values 1242 10.4. New 6LoWPAN capability Bits 1244 IANA is requested to make additions to the Subregistry for "6LoWPAN 1245 capability Bits" as follows: 1247 Subregistry for "6LoWPAN capability Bits" under the "Internet Control 1248 Message Protocol version 6 (ICMPv6) Parameters" 1250 +-----------------+----------------------+-----------+ 1251 | Capability Bit | Description | Document | 1252 +-----------------+----------------------+-----------+ 1253 | 10 | EDA Support (D bit) | This RFC | 1254 | | | | 1255 | 11 | 6LR capable (L bit) | This RFC | 1256 | | | | 1257 | 12 | 6LBR capable (B bit) | This RFC | 1258 | | | | 1259 | 13 | 6BBR capable (P bit) | This RFC | 1260 | | | | 1261 | 14 | EARO support (E bit) | This RFC | 1262 +-----------------+----------------------+-----------+ 1264 Table 6: New 6LoWPAN capability Bits 1266 11. Acknowledgments 1268 Kudos to Eric Levy-Abegnoli who designed the First Hop Security 1269 infrastructure upon which the first backbone router was implemented. 1270 Many thanks to Sedat Gormus, Rahul Jadhav, Tim Chown, Juergen 1271 Schoenwaelder, Chris Lonvick, Dave Thaler, Adrian Farrel, Peter Yee, 1272 and Lorenzo Colitti for their various contributions and reviews. 1273 Also, many thanks to Thomas Watteyne for the world first 1274 implementation of a 6LN that was instrumental to the early tests of 1275 the 6LR, 6LBR and Backbone Router. 1277 12. References 1279 12.1. Normative References 1281 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1282 Requirement Levels", BCP 14, RFC 2119, 1283 DOI 10.17487/RFC2119, March 1997, 1284 . 1286 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 1287 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 1288 2006, . 1290 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1291 Control Message Protocol (ICMPv6) for the Internet 1292 Protocol Version 6 (IPv6) Specification", STD 89, 1293 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1294 . 1296 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1297 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1298 DOI 10.17487/RFC4861, September 2007, 1299 . 1301 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 1302 Address Autoconfiguration", RFC 4862, 1303 DOI 10.17487/RFC4862, September 2007, 1304 . 1306 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 1307 over Low-Power Wireless Personal Area Networks (6LoWPANs): 1308 Overview, Assumptions, Problem Statement, and Goals", 1309 RFC 4919, DOI 10.17487/RFC4919, August 2007, 1310 . 1312 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1313 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1314 DOI 10.17487/RFC6282, September 2011, 1315 . 1317 [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem 1318 Statement and Requirements for IPv6 over Low-Power 1319 Wireless Personal Area Network (6LoWPAN) Routing", 1320 RFC 6606, DOI 10.17487/RFC6606, May 2012, 1321 . 1323 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1324 Bormann, "Neighbor Discovery Optimization for IPv6 over 1325 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1326 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1327 . 1329 [RFC7102] Vasseur, JP., "Terms Used in Routing for Low-Power and 1330 Lossy Networks", RFC 7102, DOI 10.17487/RFC7102, January 1331 2014, . 1333 [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for 1334 Constrained-Node Networks", RFC 7228, 1335 DOI 10.17487/RFC7228, May 2014, 1336 . 1338 [RFC7400] Bormann, C., "6LoWPAN-GHC: Generic Header Compression for 1339 IPv6 over Low-Power Wireless Personal Area Networks 1340 (6LoWPANs)", RFC 7400, DOI 10.17487/RFC7400, November 1341 2014, . 1343 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1344 Writing an IANA Considerations Section in RFCs", BCP 26, 1345 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1346 . 1348 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1349 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1350 May 2017, . 1352 12.2. Informative References 1354 [I-D.chakrabarti-nordmark-6man-efficient-nd] 1355 Chakrabarti, S., Nordmark, E., Thubert, P., and M. 1356 Wasserman, "IPv6 Neighbor Discovery Optimizations for 1357 Wired and Wireless Networks", draft-chakrabarti-nordmark- 1358 6man-efficient-nd-07 (work in progress), February 2015. 1360 [I-D.delcarpio-6lo-wlanah] 1361 Vega, L., Robles, I., and R. Morabito, "IPv6 over 1362 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in 1363 progress), October 2015. 1365 [I-D.hou-6lo-plc] 1366 Hou, J., Hong, Y., and X. Tang, "Transmission of IPv6 1367 Packets over PLC Networks", draft-hou-6lo-plc-03 (work in 1368 progress), December 2017. 1370 [I-D.ietf-6lo-ap-nd] 1371 Thubert, P., Sarikaya, B., and M. Sethi, "Address 1372 Protected Neighbor Discovery for Low-power and Lossy 1373 Networks", draft-ietf-6lo-ap-nd-06 (work in progress), 1374 February 2018. 1376 [I-D.ietf-6lo-backbone-router] 1377 Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- 1378 backbone-router-06 (work in progress), February 2018. 1380 [I-D.ietf-6lo-nfc] 1381 Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, 1382 "Transmission of IPv6 Packets over Near Field 1383 Communication", draft-ietf-6lo-nfc-09 (work in progress), 1384 January 2018. 1386 [I-D.ietf-6tisch-architecture] 1387 Thubert, P., "An Architecture for IPv6 over the TSCH mode 1388 of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work 1389 in progress), November 2017. 1391 [I-D.ietf-mboned-ieee802-mcast-problems] 1392 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 1393 Zuniga, "Multicast Considerations over IEEE 802 Wireless 1394 Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work 1395 in progress), February 2018. 1397 [I-D.ietf-roll-efficient-npdao] 1398 Jadhav, R., Sahoo, R., and Z. Cao, "No-Path DAO 1399 modifications", draft-ietf-roll-efficient-npdao-01 (work 1400 in progress), October 2017. 1402 [I-D.perkins-intarea-multicast-ieee802] 1403 Perkins, C., Stanley, D., Kumari, W., and J. Zuniga, 1404 "Multicast Considerations over IEEE 802 Wireless Media", 1405 draft-perkins-intarea-multicast-ieee802-03 (work in 1406 progress), July 2017. 1408 [I-D.struik-lwip-curve-representations] 1409 Struik, R., "Alternative Elliptic Curve Representations", 1410 draft-struik-lwip-curve-representations-00 (work in 1411 progress), October 2017. 1413 [RFC1958] Carpenter, B., Ed., "Architectural Principles of the 1414 Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996, 1415 . 1417 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 1418 DOI 10.17487/RFC1982, August 1996, 1419 . 1421 [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with 1422 CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 1423 2003, . 1425 [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener 1426 Discovery Version 2 (MLDv2) for IPv6", RFC 3810, 1427 DOI 10.17487/RFC3810, June 2004, 1428 . 1430 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 1431 "SEcure Neighbor Discovery (SEND)", RFC 3971, 1432 DOI 10.17487/RFC3971, March 2005, 1433 . 1435 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 1436 RFC 3972, DOI 10.17487/RFC3972, March 2005, 1437 . 1439 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) 1440 for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, 1441 . 1443 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 1444 Extensions for Stateless Address Autoconfiguration in 1445 IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007, 1446 . 1448 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 1449 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 1450 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 1451 Low-Power and Lossy Networks", RFC 6550, 1452 DOI 10.17487/RFC6550, March 2012, 1453 . 1455 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 1456 Interface Identifiers with IPv6 Stateless Address 1457 Autoconfiguration (SLAAC)", RFC 7217, 1458 DOI 10.17487/RFC7217, April 2014, 1459 . 1461 [RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets 1462 over ITU-T G.9959 Networks", RFC 7428, 1463 DOI 10.17487/RFC7428, February 2015, 1464 . 1466 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1467 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1468 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1469 . 1471 [RFC7934] Colitti, L., Cerf, V., Cheshire, S., and D. Schinazi, 1472 "Host Address Availability Recommendations", BCP 204, 1473 RFC 7934, DOI 10.17487/RFC7934, July 2016, 1474 . 1476 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 1477 "Recommendation on Stable IPv6 Interface Identifiers", 1478 RFC 8064, DOI 10.17487/RFC8064, February 2017, 1479 . 1481 [RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation- 1482 Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065, 1483 February 2017, . 1485 [RFC8105] Mariager, P., Petersen, J., Ed., Shelby, Z., Van de Logt, 1486 M., and D. Barthel, "Transmission of IPv6 Packets over 1487 Digital Enhanced Cordless Telecommunications (DECT) Ultra 1488 Low Energy (ULE)", RFC 8105, DOI 10.17487/RFC8105, May 1489 2017, . 1491 [RFC8163] Lynn, K., Ed., Martocci, J., Neilson, C., and S. 1492 Donaldson, "Transmission of IPv6 over Master-Slave/Token- 1493 Passing (MS/TP) Networks", RFC 8163, DOI 10.17487/RFC8163, 1494 May 2017, . 1496 [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., 1497 Przygienda, T., and S. Aldrin, "Multicast Using Bit Index 1498 Explicit Replication (BIER)", RFC 8279, 1499 DOI 10.17487/RFC8279, November 2017, 1500 . 1502 12.3. External Informative References 1504 [IEEEstd802154] 1505 IEEE, "IEEE Standard for Low-Rate Wireless Networks", 1506 IEEE Standard 802.15.4, DOI 10.1109/IEEE 1507 P802.15.4-REVd/D01, June 2017, 1508 . 1510 [Perlman83] 1511 Perlman, R., "Fault-Tolerant Broadcast of Routing 1512 Information", North-Holland Computer Networks 7: 395-405, 1513 1983, . 1516 Appendix A. Applicability and Requirements Served (Not Normative) 1518 This specification extends 6LoWPAN ND to provide a sequence number to 1519 the registration and serves the requirements expressed in 1520 Appendix B.1 by enabling the mobility of devices from one LLN to the 1521 next based on the complementary work in the "IPv6 Backbone Router" 1522 [I-D.ietf-6lo-backbone-router] specification. 1524 IEEE Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" 1525 [I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could 1526 connect to the Internet via a RPL mesh network, but this requires 1527 additions to the 6LoWPAN ND protocol to support mobility and 1528 reachability in a secured and manageable environment. This 1529 specification details the new operations that are required to 1530 implement the 6TiSCH architecture and serves the requirements listed 1531 in Appendix B.2. 1533 The term LLN is used loosely in this specification to cover multiple 1534 types of WLANs and WPANs, including Low-Power IEEE Std. 802.11 1535 networking, Bluetooth Low Energy, IEEE Std. 802.11ah, and IEEE Std. 1536 802.15.4 wireless meshes, so as to address the requirements discussed 1537 in Appendix B.3. 1539 This specification can be used by any wireless node to associate at 1540 Layer-3 with a 6BBR and register its IPv6 addresses to obtain routing 1541 services including proxy-ND operations over a Backbone Link, 1542 effectively providing a solution to the requirements expressed in 1543 Appendix B.4. 1545 This specification is extended by "Address Protected Neighbor 1546 Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd] to 1547 providing a solution to some of the security-related requirements 1548 expressed in Appendix B.5. 1550 "Efficiency aware IPv6 Neighbor Discovery Optimizations" 1551 [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND 1552 [RFC6775] can be extended to other types of links beyond IEEE Std. 1553 802.15.4 for which it was defined. The registration technique is 1554 beneficial when the Link-Layer technique used to carry IPv6 multicast 1555 packets is not sufficiently efficient in terms of delivery ratio or 1556 energy consumption in the end devices, in particular to enable 1557 energy-constrained sleeping nodes. The value of such extension is 1558 especially apparent in the case of mobile wireless nodes, to reduce 1559 the multicast operations that are related to IPv6 ND ([RFC4861], 1560 [RFC4862]) and affect the operation of the wireless medium 1561 [I-D.ietf-mboned-ieee802-mcast-problems] 1562 [I-D.perkins-intarea-multicast-ieee802]. This serves the scalability 1563 requirements listed in Appendix B.6. 1565 Appendix B. Requirements (Not Normative) 1567 This section lists requirements that were discussed discussed by the 1568 6lo WG for an update to 6LoWPAN ND. How those requirements are 1569 matched with existing specifications at the time of this writing is 1570 shown in Appendix B.8. 1572 B.1. Requirements Related to Mobility 1574 Due to the unstable nature of LLN links, even in an LLN of immobile 1575 nodes a 6LN may change its point of attachment from 6LR-a to 6LR-b, 1576 and may not be able to notify 6LR-a. Consequently, 6LR-a may still 1577 attract traffic that it cannot deliver any more. When links to a 6LR 1578 change state, there is thus a need to identify stale states in a 6LR 1579 and restore reachability in a timely fashion, e.g., by using some 1580 signaling upon the detection of the movement, or using a keep-alive 1581 mechanism with a period that is consistent with the application 1582 needs. 1584 Req1.1: Upon a change of point of attachment, connectivity via a new 1585 6LR MUST be restored in a timely fashion without the need to de- 1586 register from the previous 6LR. 1588 Req1.2: For that purpose, the protocol MUST enable differentiating 1589 between multiple registrations from one 6LoWPAN Node and 1590 registrations from different 6LoWPAN Nodes claiming the same address. 1592 Req1.3: Stale states MUST be cleaned up in 6LRs. 1594 Req1.4: A 6LoWPAN Node SHOULD also be able to register its Address 1595 concurrently to multiple 6LRs. 1597 B.2. Requirements Related to Routing Protocols 1599 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 1600 routing in an LLN can be based on RPL, which is the routing protocol 1601 that was defined by the IETF for this particular purpose. Other 1602 routing protocols are also considered by Standards Development 1603 Organizations (SDO) on the basis of the expected network 1604 characteristics. It is required that a 6LN attached via ND to a 6LR 1605 indicates whether it participates in the selected routing protocol to 1606 obtain reachability via the 6LR, or whether it expects the 6LR to 1607 manage its reachability. 1609 Beyond the 6LBR unicast address registered by ND, other addresses 1610 including multicast addresses are needed as well. For example, a 1611 routing protocol often uses a multicast address to register changes 1612 to established paths. ND needs to register such a multicast address 1613 to enable routing concurrently with discovery. 1615 Multicast is needed for groups. Groups may be formed by device type 1616 (e.g., routers, street lamps), location (Geography, RPL sub-tree), or 1617 both. 1619 The Bit Index Explicit Replication (BIER) Architecture [RFC8279] 1620 proposes an optimized technique to enable multicast in an LLN with a 1621 very limited requirement for routing state in the nodes. 1623 Related requirements are: 1625 Req2.1: The ND registration method SHOULD be extended so that the 6LR 1626 is instructed whether to advertise the Address of a 6LN over the 1627 selected routing protocol and obtain reachability to that Address 1628 using the selected routing protocol. 1630 Req2.2: Considering RPL, the Address Registration Option that is used 1631 in the ND registration SHOULD be extended to carry enough information 1632 to generate a DAO message as specified in section 6.4 of [RFC6550], 1633 in particular the capability to compute a Path Sequence and, as an 1634 option, a RPLInstanceID. 1636 Req2.3: Multicast operations SHOULD be supported and optimized, for 1637 instance, using BIER or MPL. Whether ND is appropriate for the 1638 registration to the 6BBR is to be defined, considering the additional 1639 burden of supporting the Multicast Listener Discovery Version 2 1640 [RFC3810] (MLDv2) for IPv6. 1642 B.3. Requirements Related to the Variety of Low-Power Link types 1644 6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4 1645 and in particular the capability to derive a unique identifier from a 1646 globally unique EUI-64 address. At this point, the 6lo Working Group 1647 is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique 1648 to other link types including ITU-T G.9959 [RFC7428], Master-Slave/ 1649 Token-Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field 1650 Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah 1651 [I-D.delcarpio-6lo-wlanah], as well as Bluetooth(R) Low Energy 1652 [RFC7668], and Power Line Communication (PLC) [I-D.hou-6lo-plc] 1653 Networks. 1655 Related requirements are: 1657 Req3.1: The support of the registration mechanism SHOULD be extended 1658 to more LLN links than IEEE Std.802.15.4, matching at least the LLN 1659 links for which an "IPv6 over foo" specification exists, as well as 1660 Low-Power Wi-Fi. 1662 Req3.2: As part of this extension, a mechanism to compute a unique 1663 identifier should be provided, with the capability to form a Link- 1664 Local Address that SHOULD be unique at least within the LLN connected 1665 to a 6LBR discovered by ND in each node within the LLN. 1667 Req3.3: The Address Registration Option used in the ND registration 1668 SHOULD be extended to carry the relevant forms of unique Identifier. 1670 Req3.4: The Neighbor Discovery should specify the formation of a 1671 site-local address that follows the security recommendations from 1672 [RFC7217]. 1674 B.4. Requirements Related to Proxy Operations 1676 Duty-cycled devices may not be able to answer themselves to a lookup 1677 from a node that uses IPv6 ND on a Backbone Link and may need a 1678 proxy. Additionally, the duty-cycled device may need to rely on the 1679 6LBR to perform registration to the 6BBR. 1681 The ND registration method SHOULD defend the addresses of duty-cycled 1682 devices that are sleeping most of the time and not capable to defend 1683 their own addresses. 1685 Related requirements are: 1687 Req4.1: The registration mechanism SHOULD enable a third party to 1688 proxy register an address on behalf of a 6LoWPAN node that may be 1689 sleeping or located deeper in an LLN mesh. 1691 Req4.2: The registration mechanism SHOULD be applicable to a duty- 1692 cycled device regardless of the link type and SHOULD enable a 6BBR to 1693 operate as a proxy to defend the Registered Addresses on its behalf. 1695 Req4.3: The registration mechanism SHOULD enable long sleep 1696 durations, on the order of multiple days to a month. 1698 B.5. Requirements Related to Security 1700 In order to guarantee the operations of the 6LoWPAN ND flows, the 1701 spoofing of the 6LR, 6LBR, and 6BBRs roles should be avoided. Once a 1702 node successfully registers an address, 6LoWPAN ND should provide 1703 energy-efficient means for the 6LBR to protect that ownership even 1704 when the node that registered the address is sleeping. 1706 In particular, the 6LR and the 6LBR then should be able to verify 1707 whether a subsequent registration for a given address comes from the 1708 original node. 1710 In an LLN it makes sense to base security on Layer-2 security. 1711 During bootstrap of the LLN, nodes join the network after 1712 authorization by a Joining Assistant (JA) or a Commissioning Tool 1713 (CT). After joining, nodes communicate with each other via secured 1714 links. The keys for the Layer-2 security are distributed by the JA/ 1715 CT. The JA/CT can be part of the LLN or be outside the LLN. In both 1716 cases it is needed that packets are routed between JA/CT and the 1717 joining node. 1719 Related requirements are: 1721 Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1722 the 6LR, 6LBR, and 6BBR to authenticate and authorize one another for 1723 their respective roles, as well as with the 6LoWPAN Node for the role 1724 of 6LR. 1726 Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1727 the 6LR and the 6LBR to validate new registration of authorized 1728 nodes. Joining of unauthorized nodes MUST be prevented. 1730 Req5.3: 6LoWPAN ND security mechanisms SHOULD NOT lead to large 1731 packet sizes. In particular, the NS, NA, DAR, and DAC messages for a 1732 re-registration flow SHOULD NOT exceed 80 octets so as to fit in a 1733 secured IEEE Std.802.15.4 [IEEEstd802154] frame. 1735 Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be 1736 computationally intensive on the LoWPAN Node CPU. When a Key hash 1737 calculation is employed, a mechanism lighter than SHA-1 SHOULD be 1738 preferred. 1740 Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate 1741 SHOULD be minimized. 1743 Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the 1744 variation of CCM [RFC3610] called CCM* for use at both Layer 2 and 1745 Layer 3, and SHOULD enable the reuse of security code that has to be 1746 present on the device for upper layer security such as TLS. 1747 Algorithm agility and support for large keys (e.g., 256-bit key 1748 sizes) is also desirable, following at Layer-3 the introduction of 1749 those capabilities at Layer-2. 1751 Req5.7: Public key and signature sizes SHOULD be minimized while 1752 maintaining adequate confidentiality and data origin authentication 1753 for multiple types of applications with various degrees of 1754 criticality. 1756 Req5.8: Routing of packets should continue when links pass from the 1757 unsecured to the secured state. 1759 Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1760 the 6LR and the 6LBR to validate whether a new registration for a 1761 given address corresponds to the same 6LN that registered it 1762 initially, and, if not, determine the rightful owner and deny or 1763 clean up the registration that is duplicate. 1765 B.6. Requirements Related to Scalability 1767 Use cases from Automatic Meter Reading (AMR, collection tree 1768 operations) and Advanced Metering Infrastructure (AMI, bi-directional 1769 communication to the meters) indicate the needs for a large number of 1770 LLN nodes pertaining to a single RPL DODAG (e.g., 5000) and connected 1771 to the 6LBR over a large number of LLN hops (e.g., 15). 1773 Related requirements are: 1775 Req6.1: The registration mechanism SHOULD enable a single 6LBR to 1776 register multiple thousands of devices. 1778 Req6.2: The timing of the registration operation should allow for a 1779 large latency such as found in LLNs with ten to more hops. 1781 B.7. Requirements Related to Operations and Management 1783 Section 3.8 of "Architectural Principles of the Internet" [RFC1958] 1784 recommends to: "avoid options and parameters whenever possible. Any 1785 options and parameters should be configured or negotiated dynamically 1786 rather than manually". This is especially true in LLNs where the 1787 number of devices may be large and manual configuration is 1788 infeasible. Capabilities for a dynamic configuration of LLN devices 1789 can also be constrained by the network and power limitation. 1791 A Network Administrator should be able to validate that the network 1792 is operating within capacity, and that in particular a 6LBR does not 1793 get overloaded with an excessive amount of registration, so the 1794 administrator can take actions such as adding a Backbone Link with 1795 additional 6LBRs and 6BBRs to the network. 1797 Related requirements are: 1799 Req7.1: A management model SHOULD be provided that enables access to 1800 the 6LBR, monitor its usage vs. capacity, and alert in case of 1801 congestion. It is recommended that the 6LBR be reachable over a non- 1802 LLN link. 1804 Req7.2: A management model SHOULD be provided that enables access to 1805 the 6LR and its capacity to host additional NCE. This management 1806 model SHOULD avoid polling individual 6LRs in a way that could 1807 disrupt the operation of the LLN. 1809 Req7.3: Information on successful and failed registration SHOULD be 1810 provided, including information such as the ROVR of the 6LN, the 1811 Registered Address, the address of the 6LR, and the duration of the 1812 registration flow. 1814 Req7.4: In case of a failed registration, information on the failure 1815 including the identification of the node that rejected the 1816 registration and the status in the EARO SHOULD be provided. 1818 B.8. Matching Requirements with Specifications 1820 I-drafts/RFCs addressing requirements 1822 +-------------+-----------------------------------------+ 1823 | Requirement | Document | 1824 +-------------+-----------------------------------------+ 1825 | Req1.1 | [I-D.ietf-6lo-backbone-router] | 1826 | | | 1827 | Req1.2 | [RFC6775] | 1828 | | | 1829 | Req1.3 | [RFC6775] | 1830 | | | 1831 | Req1.4 | This RFC | 1832 | | | 1833 | Req2.1 | This RFC | 1834 | | | 1835 | Req2.2 | This RFC | 1836 | | | 1837 | Req2.3 | | 1838 | | | 1839 | Req3.1 | Technology Dependent | 1840 | | | 1841 | Req3.2 | Technology Dependent | 1842 | | | 1843 | Req3.3 | Technology Dependent | 1844 | | | 1845 | Req3.4 | Technology Dependent | 1846 | | | 1847 | Req4.1 | This RFC | 1848 | | | 1849 | Req4.2 | This RFC | 1850 | | | 1851 | Req4.3 | [RFC6775] | 1852 | | | 1853 | Req5.1 | | 1854 | | | 1855 | Req5.2 | [I-D.ietf-6lo-ap-nd] | 1856 | | | 1857 | Req5.3 | | 1858 | | | 1859 | Req5.4 | | 1860 | | | 1861 | Req5.5 | [I-D.ietf-6lo-ap-nd] | 1862 | | | 1863 | Req5.6 | [I-D.struik-lwip-curve-representations] | 1864 | | | 1865 | Req5.7 | [I-D.ietf-6lo-ap-nd] | 1866 | | | 1867 | Req5.8 | | 1868 | | | 1869 | Req5.9 | [I-D.ietf-6lo-ap-nd] | 1870 | | | 1871 | Req6.1 | This RFC | 1872 | | | 1873 | Req6.2 | This RFC | 1874 | | | 1875 | Req7.1 | | 1876 | | | 1877 | Req7.2 | | 1878 | | | 1879 | Req7.3 | | 1880 | | | 1881 | Req7.4 | | 1882 +-------------+-----------------------------------------+ 1883 Table 7: Work Addressing requirements 1885 Authors' Addresses 1887 Pascal Thubert (editor) 1888 Cisco Systems, Inc 1889 Building D (Regus) 45 Allee des Ormes 1890 Mougins - Sophia Antipolis 1891 France 1893 Phone: +33 4 97 23 26 34 1894 Email: pthubert@cisco.com 1896 Erik Nordmark 1897 Zededa 1898 Santa Clara, CA 1899 United States of America 1901 Email: nordmark@sonic.net 1903 Samita Chakrabarti 1904 Verizon 1905 San Jose, CA 1906 United States of America 1908 Email: samitac.ietf@gmail.com 1910 Charles E. Perkins 1911 Futurewei 1912 2330 Central Expressway 1913 Santa Clara 95050 1914 United States of America 1916 Email: charliep@computer.org