idnits 2.17.1
draft-ietf-6tisch-architecture-08.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 1559 has weird spacing: '...ssimiti for h...'
== Line 1562 has weird spacing: '... Pister for c...'
== Line 1565 has weird spacing: '...hardson for h...'
== Line 1568 has weird spacing: '... Struik for t...'
== Line 1571 has weird spacing: '...ajosana who l...'
== (2 more instances...)
-- The document date (May 12, 2015) is 3272 days in the past. Is this
intentional?
Checking references for intended status: Informational
----------------------------------------------------------------------------
== Missing Reference: 'IEEE802.1TSNTG' is mentioned on line 1867, but not
defined
== Missing Reference: 'IEEE802154' is mentioned on line 1872, but not
defined
== Missing Reference: 'IEEE802154e' is mentioned on line 1878, but not
defined
== Missing Reference: 'PCE' is mentioned on line 1897, but not defined
== Missing Reference: 'WirelessHART' is mentioned on line 1903, but not
defined
== Missing Reference: 'TEAS' is mentioned on line 1900, but not defined
== Missing Reference: 'CCAMP' is mentioned on line 1857, but not defined
== Missing Reference: 'DICE' is mentioned on line 1860, but not defined
== Missing Reference: 'ACE' is mentioned on line 1853, but not defined
== Missing Reference: 'ISA100' is mentioned on line 1888, but not defined
== Missing Reference: 'HART' is mentioned on line 1863, but not defined
== Outdated reference: A later version (-10) exists of
draft-ietf-6tisch-terminology-04
** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200)
== Outdated reference: A later version (-06) exists of
draft-dujovne-6tisch-on-the-fly-05
== Outdated reference: A later version (-08) exists of
draft-finn-detnet-architecture-01
== Outdated reference: A later version (-04) exists of
draft-ietf-6tisch-6top-interface-03
== Outdated reference: A later version (-21) exists of
draft-ietf-6tisch-minimal-06
== Outdated reference: A later version (-04) exists of
draft-svshah-tsvwg-deterministic-forwarding-03
== Outdated reference: A later version (-07) exists of
draft-thubert-6lo-rfc6775-update-reqs-06
== Outdated reference: A later version (-07) exists of
draft-thubert-6lo-routing-dispatch-03
== Outdated reference: A later version (-11) exists of
draft-vanderstok-core-comi-06
== Outdated reference: A later version (-04) exists of
draft-wang-6tisch-6top-sublayer-01
-- Obsolete informational reference (is this intentional?): RFC 6347
(Obsoleted by RFC 9147)
-- Obsolete informational reference (is this intentional?): RFC 6830
(Obsoleted by RFC 9300, RFC 9301)
Summary: 1 error (**), 0 flaws (~~), 28 warnings (==), 3 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 6TiSCH P. Thubert, Ed.
3 Internet-Draft Cisco
4 Intended status: Informational May 12, 2015
5 Expires: November 13, 2015
7 An Architecture for IPv6 over the TSCH mode of IEEE 802.15.4
8 draft-ietf-6tisch-architecture-08
10 Abstract
12 This document is the first volume of the 6TiSCH architecture of an
13 IPv6 Multi-Link subnet that is composed of a high speed powered
14 backbone and a number of IEEE802.15.4 TSCH low-power wireless
15 networks attached and synchronized by Backbone Routers. The
16 architecture defines mechanisms to establish and maintain routing and
17 scheduling in a centralized, distributed, or mixed fashion.
19 Status of This Memo
21 This Internet-Draft is submitted in full conformance with the
22 provisions of BCP 78 and BCP 79.
24 Internet-Drafts are working documents of the Internet Engineering
25 Task Force (IETF). Note that other groups may also distribute
26 working documents as Internet-Drafts. The list of current Internet-
27 Drafts is at http://datatracker.ietf.org/drafts/current/.
29 Internet-Drafts are draft documents valid for a maximum of six months
30 and may be updated, replaced, or obsoleted by other documents at any
31 time. It is inappropriate to use Internet-Drafts as reference
32 material or to cite them other than as "work in progress."
34 This Internet-Draft will expire on November 13, 2015.
36 Copyright Notice
38 Copyright (c) 2015 IETF Trust and the persons identified as the
39 document authors. All rights reserved.
41 This document is subject to BCP 78 and the IETF Trust's Legal
42 Provisions Relating to IETF Documents
43 (http://trustee.ietf.org/license-info) in effect on the date of
44 publication of this document. Please review these documents
45 carefully, as they describe your rights and restrictions with respect
46 to this document. Code Components extracted from this document must
47 include Simplified BSD License text as described in Section 4.e of
48 the Trust Legal Provisions and are provided without warranty as
49 described in the Simplified BSD License.
51 Table of Contents
53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
54 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
55 3. Applications and Goals . . . . . . . . . . . . . . . . . . . 5
56 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 6
57 5. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
58 5.1. Components . . . . . . . . . . . . . . . . . . . . . . . 8
59 5.2. Dependencies . . . . . . . . . . . . . . . . . . . . . . 10
60 6. 6LoWPAN (and RPL) . . . . . . . . . . . . . . . . . . . . . . 10
61 6.1. RPL Leaf Support in 6LoWPAN ND . . . . . . . . . . . . . 12
62 6.2. registration Failures Due to Movement . . . . . . . . . . 13
63 6.3. Proxy registration . . . . . . . . . . . . . . . . . . . 13
64 6.4. Target Registration . . . . . . . . . . . . . . . . . . . 13
65 6.5. RPL root vs. 6LBR . . . . . . . . . . . . . . . . . . . . 14
66 6.6. Securing the Registration . . . . . . . . . . . . . . . . 14
67 7. TSCH and 6top . . . . . . . . . . . . . . . . . . . . . . . . 15
68 7.1. 6top . . . . . . . . . . . . . . . . . . . . . . . . . . 15
69 7.1.1. Hard Cells . . . . . . . . . . . . . . . . . . . . . 16
70 7.1.2. Soft Cells . . . . . . . . . . . . . . . . . . . . . 16
71 7.2. 6top and RPL Objective Function operations . . . . . . . 16
72 7.3. Network Synchronization . . . . . . . . . . . . . . . . . 17
73 7.4. SlotFrames and Priorities . . . . . . . . . . . . . . . . 18
74 7.5. Distributing the reservation of cells . . . . . . . . . . 19
75 8. Communication Paradigms and Interaction Models . . . . . . . 21
76 8.1. Schedule Management Mechanisms . . . . . . . . . . . . . 22
77 8.1.1. Static Scheduling . . . . . . . . . . . . . . . . . . 22
78 8.1.2. Neighbor-to-neighbor Scheduling . . . . . . . . . . . 22
79 8.1.3. remote Monitoring and Schedule Management . . . . . . 23
80 8.1.4. Hop-by-hop Scheduling . . . . . . . . . . . . . . . . 24
81 8.2. Forwarding Models . . . . . . . . . . . . . . . . . . . . 24
82 8.2.1. Track Forwarding . . . . . . . . . . . . . . . . . . 24
83 8.2.2. Fragment Forwarding . . . . . . . . . . . . . . . . . 28
84 8.2.3. IPv6 Forwarding . . . . . . . . . . . . . . . . . . . 29
85 8.3. Centralized vs. Distributed Routing . . . . . . . . . . . 30
86 8.3.1. Packet Marking and Handling . . . . . . . . . . . . . 30
87 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31
88 10. Security Considerations . . . . . . . . . . . . . . . . . . . 31
89 10.1. Join Process Highlights . . . . . . . . . . . . . . . . 32
90 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34
91 11.1. Contributors . . . . . . . . . . . . . . . . . . . . . . 34
92 11.2. Special Thanks . . . . . . . . . . . . . . . . . . . . . 35
93 11.3. And Do not Forget . . . . . . . . . . . . . . . . . . . 35
94 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 35
95 12.1. Normative References . . . . . . . . . . . . . . . . . . 35
96 12.2. Informative References . . . . . . . . . . . . . . . . . 37
97 12.3. Other Informative References . . . . . . . . . . . . . . 40
98 Appendix A. Personal submissions relevant to the next volumes . 42
99 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 42
101 1. Introduction
103 The emergence of wireless technology has enabled a variety of new
104 devices to get interconnected, at a very low marginal cost per
105 device, at any distance ranging from Near Field to interplanetary,
106 and in circumstances where wiring may not be practical, for instance
107 on fast-moving or rotating devices.
109 At the same time, a new breed of Time Sensitive Networks is being
110 developed to enable traffic that is highly sensitive to jitter, quite
111 sensitive to latency, and with a high degree of operational
112 criticality so that loss should be minimized at all times. Such
113 traffic is not limited to professional Audio/ Video networks, but is
114 also found in command and control operations such as industrial
115 automation and vehicular sensors and actuators. At IEEE802.1, the
116 Audio/Video Task Group [IEEE802.1TSNTG] Time Sensitive Networking
117 (TSN) to address Deterministic Ethernet. The Medium access Control
118 (MAC) of IEEE802.15.4 [IEEE802154] has evolved with the new
119 IEEE802.15.4e TimeSlotted Channel Hopping (TSCH)
120 [I-D.ietf-6tisch-tsch] mode for deterministic industrial-type
121 applications. TSCH was introduced with the IEEE802.15.4e
122 [IEEE802154e] amendment and will be wrapped up in the next revision
123 of the IEEE802.15.4 standard. For all practical purpose, this
124 document is expected to be insensitive to the future versions of the
125 IEEE802.15.4 standard, which is thus referenced undated.
127 Though at a different time scale, both TSN and TSCH standards provide
128 Deterministic capabilities to the point that a packet that pertains
129 to a certain flow crosses the network from node to node following a
130 very precise schedule, as a train that leaves intermediate stations
131 at precise times along its path. With TSCH, time is formatted into
132 timeSlots, and an individual cell is allocated to unicast or
133 broadcast communication at the MAC level. The time-slotted operation
134 reduces collisions, saves energy, and enables to more closely
135 engineer the network for deterministic properties. The channel
136 hopping aspect is a simple and efficient technique to combat
137 multipath fading and external interference (for example by Wi-Fi
138 emitters).
140 This document is the first volume of an architecture for an IPv6
141 Multi-Link subnet that is composed of a high speed powered backbone
142 and a number of IEEE802.15.4 TSCH wireless networks attached and
143 synchronized by backbone routers. Route Computation may be achieved
144 in a centralized fashion by a Path Computation Element (PCE) [PCE],
145 in a distributed fashion using the Routing Protocol for Low Power and
146 Lossy Networks (RPL) [RFC6550], or in a mixed mode. The Backbone
147 Routers may perform proxy IPv6 Neighbor Discovery (ND) [RFC4861]
148 operations over the backbone on behalf of the wireless devices (also
149 called motes), so they can share a same IPv6 subnet and appear to be
150 connected to the same backbone as classical devices. The Backbone
151 Routers may alternatively redistribute the registration in a routing
152 protocol such as OSPF [RFC5340] or BGP [RFC2545], or inject them in a
153 mobility protocol such as MIPv6 [RFC6275], NEMO [RFC3963], or LISP
154 [RFC6830].
156 The 6TiSCH architecture defines four ways a schedule can be managed
157 and TimeSlots can be allocated: Static Scheduling, neighbor-to-
158 neighbor Scheduling, remote monitoring and scheduling management, and
159 Hop-by-hop scheduling. In the case of remote monitoring and
160 scheduling management, TimeSlots and other device resources are
161 managed by an abstract Network Management Entity (NME), which may
162 cooperate with the PCE in order to minimize the interaction with and
163 the load on the constrained device.
165 The 6TiSCH architecture supports three different forwarding models,
166 G-MPLS Track Forwarding, which switches a frame received at a
167 particular TimeSlot into another TimeStot at Layer-2, 6LoWPAN
168 Fragment Forwarding, which allows to forward individual 6loWPAN
169 fragments along the route set by the first fragment, and classical
170 IPv6 Forwarding, where the node selects a feasible successor at
171 Layer-3 on a per packet basis, based on its routing table.
173 2. Terminology
175 Readers are expected to be familiar with all the terms and concepts
176 that are discussed in "Neighbor Discovery for IP version 6"
177 [RFC4861], "IPv6 over Low-Power Wireless Personal Area Networks
178 (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals"
179 [RFC4919], Neighbor Discovery Optimization for Low-power and Lossy
180 Networks [RFC6775] where the 6LoWPAN Router (6LR) and the 6LoWPAN
181 Border Router (6LBR) are introduced, and "Multi-link Subnet Support
182 in IPv6" [I-D.ietf-ipv6-multilink-subnets].
184 Readers may benefit from reading the "RPL: IPv6 Routing Protocol for
185 Low-Power and Lossy Networks" [RFC6550] specification; "Multi-Link
186 Subnet Issues" [RFC4903]; "Mobility Support in IPv6" [RFC6275];
187 "Neighbor Discovery Proxies (ND Proxy)" [RFC4389]; "IPv6 Stateless
188 Address Autoconfiguration" [RFC4862]; "FCFS SAVI: First-Come, First-
189 Served Source Address Validation Improvement for Locally Assigned
190 IPv6 Addresses" [RFC6620]; and "Optimistic Duplicate Address
191 Detection" [RFC4429] prior to this specification for a clear
192 understanding of the art in ND-proxying and binding.
194 The draft uses terminology defined or referenced in
195 [I-D.ietf-6tisch-terminology],
196 [I-D.chakrabarti-nordmark-6man-efficient-nd],
197 [I-D.ietf-roll-rpl-industrial-applicability], [RFC4080], and
198 [RFC5191].
200 The draft also conforms to the terms and models described in
201 [RFC3444] and [RFC5889] and uses the vocabulary and the concepts
202 defined in [RFC4291] for the IPv6 Architecture.
204 3. Applications and Goals
206 Some aspects of this architecture derive from existing industrial
207 standards for Process Control such as ISA100.11a [ISA100.11a]and
208 WirelessHART [WirelessHART], by its focus on Deterministic
209 Networking, in particular with the use of the IEEE802.15.4 TSCH MAC
210 and a centralized PCE. This approach leverages the TSCH MAC benefits
211 for high reliability against interference, low-power consumption on
212 deterministic traffic, and its Traffic Engineering capabilities. In
213 such applications, Deterministic Networking applies mainly to control
214 loops and movement detection, but it can also be used for supervisory
215 control flows and management.
217 An incremental set of industrial requirements is addressed with the
218 addition of an autonomic and distributed routing operation based on
219 RPL. These use-cases include plant setup and decommissioning, as
220 well as monitoring of lots of lesser importance measurements such as
221 corrosion and events. RPL also enables mobile use cases such as
222 mobile workers and cranes, as discussed in
223 [I-D.ietf-roll-rpl-industrial-applicability].
225 A Backbone Router is included in order to scale the factory plant
226 subnet to address large deployments, with proxy ND and time
227 synchronization over a high speed backbone.
229 The architecture also applies to building automation that leverage
230 RPL's storing mode to address multipath over a large number of hops,
231 in-vehicle command and control that can be as demanding as industrial
232 applications, commercial automation and asset Tracking with mobile
233 scenarios, home automation and domotics which become more reliable
234 and thus provide a better user experience, and resource management
235 (energy, water, etc.).
237 4. Overview
239 The scope of the present work is a subnet that, in its basic
240 configuration, is made of a TSCH [I-D.ietf-6tisch-tsch] MAC Low Power
241 Lossy Network (LLN).
243 ---+-------- ............ ------------
244 | External Network |
245 | +-----+
246 +-----+ | NME |
247 | | LLN Border | |
248 | | router +-----+
249 +-----+
250 o o o
251 o o o o
252 o o LLN o o o
253 o o o o
254 o
256 Figure 1: Basic Configuration of a 6TiSCH Network
258 Security aspects of the join process by which a device obtains access
259 to the network are discussed in Section 10. With TSCH, devices are
260 time-synchronized at the MAC level. The use of a particular RPL
261 Instance for time synchronization is discussed in Section 7.3. With
262 this mechanism, the time synchronization starts at the RPL root and
263 follows the RPL DODAGs with no timing loop.
265 The LLN devices communicate over IPv6 [RFC2460] using the 6LoWPAN
266 Header Compression ( 6LoWPAN HC) [RFC6282]. From the perspective of
267 Layer-3, a single LLN interface (typically an IEEE802.15.4-compliant
268 radio) may be seen as a collection of Links with different
269 capabilities for unicast or multicast services. An IPv6 subnet spans
270 over multiple links, effectively forming a Multi-Link subnet. Within
271 that subnet, neighbor devices are discovered with 6LoWPAN Neighbor
272 Discovery [RFC6775] (6LoWPAN ND). RPL [RFC6550] enables routing
273 within the LLN, in the so called Route Over fashion, either in
274 storing (stateful) or non-storing (stateless, with routing headers)
275 mode.
277 RPL forms Destination Oriented Directed Acyclic Graphs (DODAGs)
278 within Instances of the protocol, each Instance being associated with
279 an Objective Function (OF) to form a routing topology. A particular
280 LLN device, the LLN Border Router (LBR), acts as RPL root, 6LoWPAN HC
281 terminator, and Border Router for the LLN to the outside. The LBR is
282 usually powered. More on RPL Instances can be found in section 3.1
283 of RPL [RFC6550], in particular "3.1.2. RPL Identifiers" and "3.1.3.
284 Instances, DODAGs, and DODAG Versions".
286 This architecture expects that a 6LoWPAN node can connect as a leaf
287 to a RPL network, where the leaf support is the minimal functionality
288 to connect as a host to a RPL network without the need to participate
289 to the full routing protocol. The architecture also expects that a
290 6LoWPAN node that is not aware at all of the RPL protocol may also
291 connect as a host. The derived requirements are listed in
292 [I-D.thubert-6lo-rfc6775-update-reqs].
294 An extended configuration of the subnet comprises multiple LLNs. The
295 LLNs are interconnected and synchronized over a backbone, that can be
296 wired or wireless. The backbone can be a classical IPv6 network,
297 with Neighbor Discovery operating as defined in [RFC4861] and
298 [RFC4862]. This architecture requires new work to standardize the
299 the registration of 6LoWPAN nodes to the Backbone Routers.
301 In the extended configuration, a Backbone Router (6BBR) acts as an
302 Energy Aware Default Router (NEAR) as defined in
303 [I-D.chakrabarti-nordmark-6man-efficient-nd]. The 6BBR performs ND
304 proxy operations between the registered devices and the classical ND
305 devices that are located over the backbone. 6TiSCH 6BBRs synchronize
306 with one another over the backbone, so as to ensure that the multiple
307 LLNs that form the IPv6 subnet stay tightly synchronized.
309 ---+-------- ............ ------------
310 | External Network |
311 | +-----+
312 | +-----+ | NME |
313 +-----+ | +-----+ | |
314 | | Router | | PCE | +-----+
315 | | +--| |
316 +-----+ +-----+
317 | |
318 | Subnet Backbone |
319 +--------------------+------------------+
320 | | |
321 +-----+ +-----+ +-----+
322 | | Backbone | | Backbone | | Backbone
323 o | | router | | router | | router
324 +-----+ +-----+ +-----+
325 o o o o o
326 o o o o o o o o o o o
327 o o o LLN o o o o
328 o o o o o o o o o o o o
330 Figure 2: Extended Configuration of a 6TiSCH Network
332 In order to serve nodes that are multiple hops away, an integrated
333 RPL root and 6LBR may be collocated with the 6BBR, or attached to the
334 6BBR in which case they would perform the registration on behalf of
335 the remote LLN nodes - they proxy the efficient ND registration over
336 the LLN in order for the 6BBR to perform proxy ND operations over the
337 backbone.
339 If the Backbone is Deterministic (such as defined by the Time
340 Sensitive Networking WG at IEEE), then the Backbone Router ensures
341 that the end-to-end deterministic behavior is maintained between the
342 LLN and the backbone. The DetNet Architecture
343 [I-D.finn-detnet-architecture] studies Layer-3 aspects of
344 Deterministic Networks, and covers networks that span multiple
345 Layer-2 domains.
347 5. Scope
349 5.1. Components
351 In order to control the complexity and the size of the 6TiSCH work,
352 the architecture and the associated IETF work are staged in volumes.
353 This document covers the first stage of the work, as specified by the
354 WG charter. If the work continues as expected, further volumes will
355 complete this piece and provide the full coverage of IPv6 over TSCH.
357 The main architectural blocks are represented below to help detail
358 what is covered and what is not yet covered from the global 6TiSCH
359 architecture by this initial volume:
361 +-----+-----+
362 | PCEP|TEAS/|
363 | PCE |CCAMP|
364 +-----+-----+-----+-----+-------+-----+
365 | (COMI) |PANA |6LoWPAN| RPL |
366 | CoAP / DTLS | | ND | |
367 +-----+-----+-----+-----+-------+-----+
368 | UDP | ICMP |
369 +-----+-----+-----+-----+-------+-----+-----+
370 | IPv6 |
371 +-------------------------------------------+
372 | 6LoWPAN adaptation and compression (HC) |
373 +-------------------------------------------+
374 | 6top |
375 +-------------------------------------------+
376 | IEEE802.15.4 TSCH |
377 +-------------------------------------------+
379 Figure 3: Envisioned 6TiSCH protocol stack
381 RPL is the routing protocol of choice for LLNs. So far, there was no
382 identified need to define a 6TiSCH specific Objective Function. The
383 Minimal 6TiSCH Configuration [I-D.ietf-6tisch-minimal] describes the
384 operation of RPL over a static schedule used in a slotted aloha
385 fashion, whereby all active slots may be used for emission or
386 reception of both unicast and multicast frames.
388 The architecture of the operation of RPL over a dynamic schedule is
389 deferred to a subsequent volume of the architecture.
391 6TiSCH has adopted the general direction of CoAP Management Interface
392 (COMI) [I-D.vanderstok-core-comi] for the management of devices.
393 This is leveraged for instance for the implementation of the generic
394 data model for the 6top sublayer management interface
395 [I-D.ietf-6tisch-6top-interface]. The proposed implementation is
396 based on CoAP and CBOR, and specified in 6TiSCH Resource Management
397 and Interaction using CoAP [I-D.ietf-6tisch-coap].
399 The work on centralized track computation is deferred to a subsequent
400 volume of the architecture. The Path Computation Element (PCE) is
401 certainly the core component of that architecture. Around the PCE, a
402 protocol such as an extension to a TEAS [TEAS] protocol (maybe
403 running over CoAP as illustrated) will be required to expose the
404 device capabilities and the network peers to the PCE, and a protocol
405 such as a lightweight PCEP or an adaptation of CCAMP [CCAMP] G-MPLS
406 formats and procedures will be used to publish the tracks, computed
407 by the PCE, to the devices (maybe in a fashion similar to RSVP-TE).
409 The selection of an authentication, an authorization and a Transport
410 layer security protocols are out of scope for this volume.
412 The Datagram Transport Layer Security (DTLS) [RFC6347] is represented
413 as an example of a protocol that could be used to protect CoAP
414 datagrams, and work at [DICE] may optimize the protocol for
415 constrained devices.
417 Similarly, the Protocol for Carrying Authentication for Network
418 access (PANA) [RFC5191] is represented as an example of a protocol
419 that could be leveraged to secure the join process, as a Layer-3
420 alternate to IEEE802.1x/EAP. Work resulting from [ACE] could be
421 considered as well. Regardless, the security model must ensure that,
422 prior to a join process, packets from a untrusted device are
423 controlled in volume and in reachability. An overview of the
424 security aspects of the join process can be found in Section 10.
425 Related contributions are presented in Appendix A.
427 The 6TiSCH Operation sublayer (6top) [I-D.wang-6tisch-6top-sublayer]
428 is an Logical Link Control (LLC) or a portion thereof that provides
429 the abstraction of an IP link over a TSCH MAC. The work on the
430 operations of that layer, in particular related to dynamic
431 scheduling, is only introduced here, and should be detailed further
432 in a subsequent volume of the architecture.
434 5.2. Dependencies
436 At the time of this writing, the components and protocols that are
437 required to implement this stage of architecture are not fully
438 available from the IETF. In particular, the requirements on an
439 evolution of 6LoWPAN Neighbor Discovery that are needed to implement
440 the Backbone Router as covered by this stage of the architecture are
441 detailed in [I-D.thubert-6lo-rfc6775-update-reqs].
443 The 6TiSCH Architecture applies the concepts of Deterministic
444 Networking on a Layer-3 network. The 6TiSCH Architecture should
445 inherit from DetNet [I-D.finn-detnet-architecture] work and thus
446 depends on it. In turn, DetNet is expected to integrate and maintain
447 consistency with the work that has taken place and is continuing at
448 IEEE802.1TSN and AVnu.
450 The current charter positions 6TiSCH on IEEE802.15.4 only. Though
451 most of the design should be portable on other link types, 6TiSCH has
452 a strong dependency on IEEE802.15.4 and its evolution. A new version
453 of the IEEE802.15.4 standard is expected in 2015. That version
454 should integrate TSCH as well as other amendments and fixes into the
455 main specification. The impact on this Architecture should be
456 minimal to non-existent, but deeper work such as 6top and security
457 may be impacted. A 6TiSCH Interest Group was formed at IEEE to
458 maintain the synchronization and help foster work at the IEEE should
459 6TiSCH demand it.
461 ISA100 [ISA100] Common Network Management (CNM) is another external
462 work of interest for 6TiSCH. The group, referred to as ISA100.20,
463 defines a Common Network Management framework that should enable the
464 management of resources that are controlled by heterogeneous
465 protocols such as ISA100.11a [ISA100.11a], WirelessHART
466 [WirelessHART], and 6TiSCH. Interestingly, the establishment of
467 6TiSCH Deterministic paths, called tracks, are also in scope, and
468 ISA100.20 is working on requirements for DetNet.
470 6. 6LoWPAN (and RPL)
472 The architecture expects that a 6LoWPAN node that is not aware at all
473 of the RPL protocol may still connect as a host. It suggests to
474 extend 6LoWPAN ND [RFC6775] to carry the sequence number that is
475 needed by RPL to track the movements of the device, and optionally
476 some abstract information about the RPL instance (topology) that the
477 device will be reachable over.
479 In this design, the root of the RPL network is integrated with the
480 6LoWPAN ND 6LBR, but it is logically separated from the Backbone
481 Router (6BBR) that is used to connect the RPL topology to the
482 backbone. This way, the root has all information from 6LoWPAN ND and
483 RPL about the LLN devices attached to it.
485 This architecture also expects that the root of the RPL network
486 (proxy-)registers the LLN devices on their behalf to the 6BBR, for
487 whatever operation the 6BBR performs on the backbone, such as ND
488 proxy, or redistribution in a routing protocol. It suggests to use
489 an extension of the mixed mode of Efficient ND
490 [I-D.chakrabarti-nordmark-6man-efficient-nd] for the registration as
491 described in [I-D.thubert-6lowpan-backbone-router].
493 It results that, as illustrated in Figure 4, the periodic signaling
494 would start at the leaf node with 6LoWPAN ND, then would be carried
495 over RPL to the RPL root, and then with Efficient-ND to the 6BBR.
496 Efficient ND being an adaptation of 6LoWPAN ND, it makes sense to
497 keep those two homogeneous in the way they use the source and the
498 target addresses in the Neighbor Solicitation (NS) messages for
499 registration, as well as in the options that they use for that
500 process.
502 6LoWPAN Node 6LR 6LBR 6BBR
503 (RPL leaf) (router) (root)
504 | | | |
505 | 6LoWPAN ND |6LoWPAN ND+RPL | Efficient ND | IPv6 ND
506 | LLN link |Route-Over mesh| IPv6 link | Backbone
507 | | | |
508 | NS(ARO) | | |
509 |-------------->| | |
510 | 6LoWPAN ND | DAR (then DAO)| |
511 | |-------------->| |
512 | | | NS(ARO) |
513 | | |-------------->|
514 | | | | DAD
515 | | | |------>
516 | | | |
517 | | | NA(ARO) |
518 | | |<--------------|
519 | | DAC | |
520 | |<--------------| |
521 | NA(ARO) | | |
522 |<--------------| | |
524 Figure 4: (Re-)Registration Flow over Multi-Link Subnet
526 As the network builds up, a node should start as a leaf to join the
527 RPL network, and may later turn into both a RPL-capable router and a
528 6LR, so as to accept leaf nodes to recursively join the network.
530 6.1. RPL Leaf Support in 6LoWPAN ND
532 RPL needs a set of information in order to advertise a leaf node
533 through a DAO message and establish reachability.
535 At the bare minimum the leaf device must provide a sequence number
536 that matches the RPL specification in section 7. Section 4.1 of
537 [I-D.chakrabarti-nordmark-6man-efficient-nd], on the Address
538 Registration Option (ARO), already incorporates that addition with a
539 new field in the option called the Transaction ID.
541 If for some reason the node is aware of RPL topologies, then
542 providing the RPL InstanceID for the instances to which the node
543 wishes to participate would be a welcome addition. In the absence of
544 such information, the RPL router must infer the proper instanceID
545 from external rules and policies.
547 On the backbone, the InstanceID is expected to be mapped onto a an
548 overlay that matches the instanceID, for instance a VLANID.
550 6.2. registration Failures Due to Movement
552 Registration to the 6LBR through DAR/DAC messages [RFC6775] may
553 percolate slowly through an LLN mesh, and it might happen that in the
554 meantime, the 6LoWPAN node moves and registers somewhere else. Both
555 RPL and 6LoWPAN ND lack the capability to indicate that the same node
556 is registered elsewhere, so as to invalidate states down the
557 deprecated path.
559 In its current expression and functionality, 6LoWPAN ND considers
560 that the registration is used for the purpose of DAD only as opposed
561 to that of achieving reachability, and as long as the same node
562 registers the IPv6 address, the protocol is functional. In order to
563 act as a RPL leaf registration protocol and achieve reachability, the
564 device must use the same TID for all its concurrent registrations,
565 and registrations with a past TID should be declined. The state for
566 an obsolete registration in the 6LR, as well as the RPL routers on
567 the way, should be invalidated. This can only be achieved with the
568 addition of a new Status in the DAC message, and a new error/clean-up
569 flow in RPL.
571 6.3. Proxy registration
573 The 6BBR provides the capability to defend an address that is owned
574 by a 6LoWPAN Node, and attract packets to that address, whether it is
575 done by proxying ND over a MultiLink Subnet, redistributing the
576 address in a routing protocol or advertising it through an alternate
577 proxy registration such as the Locator/ID Separation Protocol
578 [RFC6830] (LISP) or Mobility Support in IPv6 [RFC6275] (MIPv6). In a
579 LLN, it makes sense to piggyback the request to proxy/defend an
580 address with its registration.
582 6.4. Target Registration
584 In their current incarnations, both 6LoWPAN ND and Efficient ND
585 expect that the address being registered is the source of the NS(ARO)
586 message and thus impose that a Source Link-Layer Address (SLLA)
587 option be present in the message. In a mesh scenario where the 6LBR
588 is physically separated from the 6LoWPAN Node, the 6LBR does not own
589 the address being registered. This suggests that
590 [I-D.chakrabarti-nordmark-6man-efficient-nd] should evolve to
591 register the Target of the NS message as opposed to the Source
592 Address. From another perspective, it may happen, in the use case of
593 a Star topology, that the 6LR, 6LBR and 6BBR are effectively
594 collapsed and should support 6LoWPAN ND clients. The convergence of
595 efficient ND and 6LoWPAN ND into a single protocol is thus highly
596 desirable.
598 In any case, as long as the DAD process is not complete for the
599 address used as source of the packet, it is against the current
600 practice to advertise the SLLA, since this may corrupt the ND cache
601 of the destination node, as discussed in the Optimistic DAD
602 specification [RFC4429] with regards to the TENTATIVE state.
604 This may look like a chicken and an egg problem, but in fact 6LoWPAN
605 ND acknowledges that the Link-Local Address that is based on an
606 EUI-64 address of a LLN node may be autoconfigured without the need
607 for DAD. It results that a node could use that Address as source,
608 with an SLLA option in the message if required, to register any other
609 addresses, either Global or Unique-Local Addresses, which would be
610 indicated in the Target.
612 The suggested change is to register the target of the NS message, and
613 use Target Link-Layer Address (TLLA) in the NS as opposed to the SLLA
614 in order to install a Neighbor Cache Entry. This would apply to both
615 Efficient ND and 6LoWPAN ND in a very same manner, with the caveat
616 that depending on the nature of the link between the 6LBR and the
617 6BBR, the 6LBR may resort to classical ND or DHCPv6 to obtain the
618 address that it uses to source the NS registration messages, whether
619 for itself or on behalf of LLN nodes.
621 6.5. RPL root vs. 6LBR
623 6LoWPAN ND is unclear on how the 6LBR is discovered, and how the
624 liveliness of the 6LBR is asserted over time. On the other hand, the
625 discovery and liveliness of the RPL root are obtained through the RPL
626 protocol.
628 When 6LoWPAN ND is coupled with RPL, the 6LBR and RPL root
629 functionalities are co-located in order that the address of the 6LBR
630 be indicated by RPL DIO messages and to associate the unique ID from
631 the DAR/DAC exchange with the state that is maintained by RPL. The
632 DAR/DAC exchange becomes a preamble to the DAO messages that are used
633 from then on to reconfirm the registration, thus eliminating a
634 duplication of functionality between DAO and DAR messages.
636 6.6. Securing the Registration
638 A typical attack against IPv6 ND is address spoofing, whereby a rogue
639 node claims the IPv6 Address of another node in and hijacks its
640 traffic. The threats against IPv6 ND as described in SEcure Neighbor
641 Discovery (SEND) [RFC3971] are applicable to 6LoPWAN ND as well, but
642 the solution can not work as the route over network does not permit
643 direct peer to peer communication.
645 Additionally SEND requires considerably enlarged ND messages to carry
646 cryptographic material, and requires that each protected address is
647 generated cryptographically, which implies the computation of a
648 different key for each Cryptographically Generated Address (CGA).
649 SEND as defined in [RFC3971] is thus largely unsuitable for
650 application in a LLN.
652 With 6LoWPAN ND, as illustrated in Figure 4, it is possible to
653 leverage the registration state in the 6LBR, which may store
654 additional security information for later proof of ownership. If
655 this information proves the ownership independently of the address
656 itself, then a single proof may be used to protect multiple
657 addresses.
659 Once an Address is registered, the 6LBR maintains a state for that
660 Address and is in position to bind securely the first registration
661 with the Node that placed it, whether the Address is CGA or not. It
662 should thus be possible to protect the ownership of all the addresses
663 of a 6LoWPAN Node with a single key, and there should not be a need
664 to carry the cryptographic material more than once to the 6LBR.
666 The energy constraint is usually a foremost factor, and attention
667 should be paid to minimize the burden on the CPU. Hardware-assisted
668 support of variants of the Counter with CBC-MAC [RFC3610] (CCM)
669 authenticated encryption block cipher mode such as CCM* are common in
670 LowPower ship-set implementations, and 6LoWPAN ND security mechanism
671 should be capable to reuse them when applicable.
673 Finally, the code footprint in the device being also an issue, the
674 capability to reuse not only hardware-assist mechanisms but also
675 software across layers has to be considered. For instance, if code
676 has to be present for upper-layer operations, e.g AES-CCM Cipher
677 Suites for Transport Layer Security (TLS) [RFC6655], then the
678 capability to reuse that code should be considered.
680 7. TSCH and 6top
682 7.1. 6top
684 6top is a logical link control sitting between the IP layer and the
685 TSCH MAC layer, which provides the link abstraction that is required
686 for IP operations. The 6top operations are specified in
687 [I-D.wang-6tisch-6top-sublayer]. In particular, 6top provides a
688 management interface that enables an external management entity to
689 schedule cells and slotFrames, and allows the addition of
690 complementary functionality, for instance to support a dynamic
691 schedule management based on observed resource usage as discussed in
692 Section 8.1.2.
694 The 6top data model and management interfaces are further discussed
695 in Section 8.1.3.
697 7.1.1. Hard Cells
699 The architecture defines "soft" cells and "hard" cells. "Hard" cells
700 are owned and managed by an separate scheduling entity (e.g. a PCE)
701 that specifies the slotOffset/channelOffset of the cells to be
702 added/moved/deleted, in which case 6top can only act as instructed,
703 and may not move hard cells in the TSCH schedule on its own.
705 7.1.2. Soft Cells
707 6top contains a monitoring process which monitors the performance of
708 cells, and can move a cell in the TSCH schedule when it performs
709 poorly. This is only applicable to cells which are marked as "soft".
710 To reserve a soft cell, the higher layer does not indicate the exact
711 slotOffset/channelOffset of the cell to add, but rather the resulting
712 bandwidth and QoS requirements. When the monitoring process triggers
713 a cell reallocation, the two neighbor devices communicating over this
714 cell negotiate its new position in the TSCH schedule.
716 7.2. 6top and RPL Objective Function operations
718 An implementation of a RPL [RFC6550] Objective Function (OF), such as
719 the RPL Objective Function Zero (OF0) [RFC6552] that is used in the
720 Minimal 6TiSCH Configuration [I-D.ietf-6tisch-minimal] to support RPL
721 over a static schedule, may leverage, for its internal computation,
722 the information maintained by 6top.
724 Most OFs require metrics about reachability, such as the ETX. 6top
725 creates and maintains an abstract neighbor table, and this state may
726 be leveraged to feed an OF and/or store OF information as well. In
727 particular, 6top creates and maintains an abstract neighbor table. A
728 neighbor table entry contains a set of statistics with respect to
729 that specific neighbor including the time when the last packet has
730 been received from that neighbor, a set of cell quality metrics (e.g.
731 RSSI or LQI), the number of packets sent to the neighbor or the
732 number of packets received from it. This information can be obtained
733 through 6top management APIs as detailed in the 6top sublayer
734 specification [I-D.wang-6tisch-6top-sublayer] and used for instance
735 to compute a Rank Increment that will determine the selection of the
736 preferred parent.
738 6top provides statistics about the underlying layer so the OF can be
739 tuned to the nature of the TSCH MAC layer. 6top also enables the RPL
740 OF to influence the MAC behaviour, for instance by configuring the
741 periodicity of IEEE802.15.4 Extended Beacons (EB's). By augmenting
742 the EB periodicity, it is possible to change the network dynamics so
743 as to improve the support of devices that may change their point of
744 attachment in the 6TiSCH network.
746 Some RPL control messages, such as the DODAG Information Object (DIO)
747 are ICMPv6 messages that are broadcast to all neighbor nodes. With
748 6TiSCH, the broadcast channel requirement is addressed by 6top by
749 configuring TSCH to provide a broadcast channel, as opposed to, for
750 instance, piggybacking the DIO messages in Enhance Beacons.
751 Consideration was given towards finding a way to embed the Route
752 Advertisements and the RPL DIO messages (both of which are multicast)
753 into the IEEE802.15.4 Enhanced Beacons. It was determined that this
754 produced undue timer coupling among layers, that the resulting packet
755 size was potentially too large, and required it is not yet clear that
756 there is any need for Enhanced Beacons in a production network.
758 7.3. Network Synchronization
760 Nodes in a TSCH network must be time synchronized. A node keeps
761 synchronized to its time source neighbor through a combination of
762 frame-based and acknowledgment-based synchronization. In order to
763 maximize battery life and network throughput, it is advisable that
764 RPL ICMP discovery and maintenance traffic (governed by the trickle
765 timer) be somehow coordinated with the transmission of time
766 synchronization packets (especially with enhanced beacons). This
767 could be achieved through an interaction of the 6top sublayer and the
768 RPL objective Function, or could be controlled by a management
769 entity.
771 Time distribution requires a loop-less structure. Nodes taken in a
772 synchronization loop will rapidly desynchronize from the network and
773 become isolated. It is expected that a RPL DAG with a dedicated
774 global Instance is deployed for the purpose of time synchronization.
775 That Instance is referred to as the Time Synchronization Global
776 Instance (TSGI). The TSGI can be operated in either of the 3 modes
777 that are detailed in section 3.1.3 of RPL [RFC6550], "Instances,
778 DODAGs, and DODAG Versions". Multiple uncoordinated DODAGs with
779 independent roots may be used if all the roots share a common time
780 source such as the Global Positioning System (GPS). In the absence
781 of a common time source, the TSGI should form a single DODAG with a
782 virtual root. A backbone network is then used to synchronize and
783 coordinate RPL operations between the backbone routers that act as
784 sinks for the LLN. Optionally, RPL's periodic operations may be used
785 to transport the network synchronization. This may mean that 6top
786 would need to trigger (override) the trickle timer if no other
787 traffic has occurred for such a time that nodes may get out of
788 synchronization.
790 A node that has not joined the TSGI advertises a MAC level Join
791 Priority of 0xFF to notify its neighbors that is not capable of
792 serving as time parent. A node that has joined the TSGI advertises a
793 MAC level Join Priority set to its DAGRank() in that Instance, where
794 DAGRank() is the operation specified in section 3.5.1 of [RFC6550],
795 "Rank Comparison".
797 A root is configured or obtains by some external means the knowledge
798 of the RPLInstanceID for the TSGI. The root advertises its DagRank
799 in the TSGI, that must be less than 0xFF, as its Join Priority (JP)
800 in its IEEE802.15.4 Extended Beacons (EB). We'll note that the JP is
801 now specified between 0 and 0x3F leaving 2 bits in the octet unused
802 in the IEEE802.15.4e specification. After consultation with IEEE
803 authors, it was asserted that 6TiSCH can make a full use of the octet
804 to carry an integer value up to 0xFF.
806 A node that reads a Join Priority of less than 0xFF should join the
807 neighbor with the lesser Join Priority and use it as time parent. If
808 the node is configured to serve as time parent, then the node should
809 join the TSGI, obtain a Rank in that Instance and start advertising
810 its own DagRank in the TSGI as its Join Priority in its EBs.
812 7.4. SlotFrames and Priorities
814 6TiSCH enables in essence the capability to use IPv6 over a MAC layer
815 that enables to schedule some of the transmissions. In order to
816 ensure that the medium is free of contending packets when time
817 arrives for a scheduled transmission, a window of time is defined
818 around the scheduled transmission time where the medium must be free
819 of contending energy.
821 One simple way to obtain such a window is to format time and
822 frequencies in cells of transmission of equal duration. This is the
823 method that is adopted in IEEE802.15.4 TSCH as well as the Long Term
824 Evolution (LTE) of cellular networks.
826 In order to describe that formatting of time and frequencies, the
827 6TiSCH architecture defines a global concept that is called a Channel
828 Distribution and Usage (CDU) matrix; a CDU matrix is a matrix of
829 cells with an height equal to the number of available channels
830 (indexed by ChannelOffsets) and a width (in timeSlots) that is the
831 period of the network scheduling operation (indexed by slotOffsets)
832 for that CDU matrix. The size of a cell is a timeSlot duration, and
833 values of 10 to 15 milliseconds are typical in 802.15.4 TSCH to
834 accommodate for the transmission of a frame and an ack, including the
835 security validation on the receive side which may take up to a few
836 milliseconds on some device architecture.
838 A CDU matrix iterates over and over with a pseudo-random rotation
839 from an epoch time. In a given network, there might be multiple CDU
840 matrices that operate with different width, so they have different
841 durations and represent different periodic operations. It is
842 recommended that all CDU matrices in a 6TiSCH domain operate with the
843 same cell duration and are aligned, so as to reduce the chances of
844 interferences from slotted-aloha operations. The knowledge of the
845 CDU matrices is shared between all the nodes and used in particular
846 to define slotFrames.
848 A slotFrame is a MAC-level abstraction that is common to all nodes
849 and contains a series of timeSlots of equal length and precedence.
850 It is characterized by a slotFrame_ID, and a slotFrame_size. A
851 slotFrame aligns to a CDU matrix for its parameters, such as number
852 and duration of timeSlots.
854 Multiple slotFrames can coexist in a node schedule, i.e., a node can
855 have multiple activities scheduled in different slotFrames, based on
856 the precedence of the 6TiSCH topologies. The slotFrames may be
857 aligned to different CDU matrices and thus have different width.
858 There is typically one slotFrame for scheduled traffic that has the
859 highest precedence and one or more slotFrame(s) for RPL traffic. The
860 timeSlots in the slotFrame are indexed by the SlotOffset; the first
861 cell is at SlotOffset 0.
863 When a packet is received from a higher layer for transmission, 6top
864 inserts that packet in the outgoing queue which matches the packet
865 best (Differentiated Services [RFC2474] can therefore be used). At
866 each scheduled transmit slot, 6top looks for the frame in all the
867 outgoing queues that best matches the cells. If a frame is found, it
868 is given to the TSCH MAC for transmission.
870 7.5. Distributing the reservation of cells
872 6TiSCH expects a high degree of scalability together with a
873 distributed routing functionality based on RPL. To achieve this
874 goal, the spectrum must be allocated in a way that allows for spatial
875 reuse between zones that will not interfere with one another. In a
876 large and spatially distributed network, a 6TiSCH node is often in a
877 good position to determine usage of spectrum in its vicinity.
879 Use cases for distributed routing are often associated with a
880 statistical distribution of best-effort traffic with variable needs
881 for bandwidth on each individual link. With 6TiSCH, the link
882 abstraction is implemented as a bundle of cells; the size of a bundle
883 is optimal when both the energy wasted idle listening and the packet
884 drops due to congestion loss are minimized. This can be maintained
885 if the number of cells in a bundle is adapted dynamically, and with
886 enough reactivity, to match the variations of best-effort traffic.
887 In turn, the agility to fulfill the needs for additional cells
888 improves when the number of interactions with other devices and the
889 protocol latencies are minimized.
891 6TiSCH limits that interaction to RPL parents that will only
892 negotiate with other RPL parents, and performs that negotiation by
893 groups of cells as opposed to individual cells. The 6TiSCH
894 architecture allows RPL parents to adjust dynamically, and
895 independently from the PCE, the amount of bandwidth that is used to
896 communicate between themselves and their children, in both
897 directions; to that effect, an allocation mechanism enables a RPL
898 parent to obtain the exclusive use of a portion of a CDU matrix
899 within its interference domain. Note that a PCE is expected to have
900 precedence in the allocation, so that a RPL parent would only be able
901 to obtain portions that are not in-use by the PCE.
903 The 6TiSCH architecture introduces the concept of chunks
904 [I-D.ietf-6tisch-terminology]) to operate such spectrum distribution
905 for a whole group of cells at a time. The CDU matrix is formatted
906 into a set of chunks, each of them identified uniquely by a chunk-ID.
907 The knowledge of this formatting is shared between all the nodes in a
908 6TiSCH network. 6TiSCH also defines the process of chunk ownership
909 appropriation whereby a RPL parent discovers a chunk that is not used
910 in its interference domain (e.g lack of energy detected in reference
911 cells in that chunk); then claims the chunk, and then defends it in
912 case another RPL parent would attempt to appropriate it while it is
913 in use. The chunk is the basic unit of ownership that is used in
914 that process.
916 +-----+-----+-----+-----+-----+-----+-----+ +-----+
917 chan.Off. 0 |chnkA|chnkP|chnk7|chnkO|chnk2|chnkK|chnk1| ... |chnkZ|
918 +-----+-----+-----+-----+-----+-----+-----+ +-----+
919 chan.Off. 1 |chnkB|chnkQ|chnkA|chnkP|chnk3|chnkL|chnk2| ... |chnk1|
920 +-----+-----+-----+-----+-----+-----+-----+ +-----+
921 ...
922 +-----+-----+-----+-----+-----+-----+-----+ +-----+
923 chan.Off. 15 |chnkO|chnk6|chnkN|chnk1|chnkJ|chnkZ|chnkI| ... |chnkG|
924 +-----+-----+-----+-----+-----+-----+-----+ +-----+
925 0 1 2 3 4 5 6 M
927 Figure 5: CDU matrix Partitioning in Chunks
929 As a result of the process of chunk ownership appropriation, the RPL
930 parent has exclusive authority to decide which cell in the
931 appropriated chunk can be used by which node in its interference
932 domain. In other words, it is implicitly delegated the right to
933 manage the portion of the CDU matrix that is represented by the
934 chunk. The RPL parent may thus orchestrate which transmissions occur
935 in any of the cells in the chunk, by allocating cells from the chunk
936 to any form of communication (unicast, multicast) in any direction
937 between itself and its children. Initially, those cells are added to
938 the heap of free cells, then dynamically placed into existing
939 bundles, in new bundles, or allocated opportunistically for one
940 transmission.
942 The appropriation of a chunk can also be requested explicitly by the
943 PCE to any node. In that case, the node still may need to perform
944 the appropriation process to validate that no other node has claimed
945 that chunk already. After a successful appropriation, the PCE owns
946 the cells in that chunk, and may use them as hard cells to set up
947 tracks.
949 8. Communication Paradigms and Interaction Models
951 [I-D.ietf-6tisch-terminology] defines the terms of Communication
952 Paradigms and Interaction Models, which can be placed in parallel to
953 the Information Models and Data Models that are defined in [RFC3444].
955 A Communication Paradigms would be an abstract view of a protocol
956 exchange, and would come with an Information Model for the
957 information that is being exchanged. In contrast, an Interaction
958 Models would be more refined and could point on standard operation
959 such as a Representational state transfer (REST) "GET" operation and
960 would match a Data Model for the data that is provided over the
961 protocol exchange.
963 section 2.1.3 of [I-D.ietf-roll-rpl-industrial-applicability] and
964 next sections discuss application-layer paradigms, such as Source-
965 sink (SS) that is a Multipeer to Multipeer (MP2MP) model primarily
966 used for alarms and alerts, Publish-subscribe (PS, or pub/sub) that
967 is typically used for sensor data, as well as Peer-to-peer (P2P) and
968 Peer-to-multipeer (P2MP) communications. Additional considerations
969 on Duocast and its N-cast generalization are also provided. Those
970 paradigms are frequently used in industrial automation, which is a
971 major use case for IEEE802.15.4 TSCH wireless networks with
972 [ISA100.11a] and [WirelessHART], that provides a wireless access to
973 [HART] applications and devices.
975 This specification focuses on Communication Paradigms and Interaction
976 Models for packet forwarding and TSCH resources (cells) management.
977 Management mechanisms for the TSCH schedule at Link-layer (one-hop),
978 Network-layer (multithop along a track), and Application-layer
979 (remote control) are discussed in Section 8.1. Link-layer frame
980 forwarding interactions are discussed in Section 8.2, and Network-
981 layer Packet routing is addressed in Section 8.3.
983 8.1. Schedule Management Mechanisms
985 6TiSCH uses 4 paradigms to manage the TSCH schedule of the LLN nodes:
986 Static Scheduling, neighbor-to-neighbor Scheduling, remote monitoring
987 and scheduling management, and Hop-by-hop scheduling. Multiple
988 mechanisms are defined that implement the associated Interaction
989 Models, and can be combined and used in the same LLN. Which
990 mechanism(s) to use depends on application requirements.
992 8.1.1. Static Scheduling
994 In the simplest instantiation of a 6TiSCH network, a common fixed
995 schedule may be shared by all nodes in the network. Cells are
996 shared, and nodes contend for slot access in a slotted aloha manner.
998 A static TSCH schedule can be used to bootstrap a network, as an
999 initial phase during implementation, or as a fall-back mechanism in
1000 case of network malfunction. This schedule can be preconfigured or
1001 learnt by a node when joining the network. Regardless, the schedule
1002 remains unchanged after the node has joined a network. The Routing
1003 Protocol for LLNs (RPL) is used on the resulting network. This
1004 "minimal" scheduling mechanism that implements this paradigm is
1005 detailed in [I-D.ietf-6tisch-minimal].
1007 8.1.2. Neighbor-to-neighbor Scheduling
1009 In the simplest instantiation of a 6TiSCH network described in
1010 Section 8.1.1, nodes may expect a packet at any cell in the schedule
1011 and will waste energy idle listening. In a more complex
1012 instantiation of a 6TiSCH network, a matching portion of the schedule
1013 is established between peers to reflect the observed amount of
1014 transmissions between those nodes. The aggregation of the cells
1015 between a node and a peer forms a bundle that the 6top layer uses to
1016 implement the abstraction of a link for IP. The bandwidth on that
1017 link is proportional to the number of cells in the bundle.
1019 If the size of a bundle is configured to fit an average amount of
1020 bandwidth, peak traffic is dropped. If the size is configured to
1021 allow for peak emissions, energy is be wasted idle listening.
1023 In the most efficient instantiation of a 6TiSCH network, the size of
1024 the bundles that implement the links may be changed dynamically in
1025 order to adapt to the need of end-to-end flows routed by RPL. An
1026 optional On-The-Fly (OTF) component may be used to monitor bandwidth
1027 usage and perform requests for dynamic allocation by the 6top
1028 sublayer. The OTF component is not part of the 6top sublayer. It
1029 may be collocated on the same device or may be partially or fully
1030 offloaded to an external system.
1032 The 6top sublayer [I-D.wang-6tisch-6top-sublayer] defines a protocol
1033 for neighbor nodes to reserve soft cells to one another. Because
1034 this reservation is done without global knowledge of the schedule of
1035 nodes in the LLN, scheduling collisions are possible. 6top defines a
1036 monitoring process which continuously tracks the packet delivery
1037 ratio of soft cells. It uses these statistics to trigger the
1038 reallocation of a soft cell in the schedule, using a negotiation
1039 protocol between the neighbors nodes communicating over that cell.
1041 Monitoring and relocation is done in the 6top layer. For the upper
1042 layer, the connection between two neighbor nodes appears as an number
1043 of cells. Depending on traffic requirements, the upper layer can
1044 request 6top to add or delete a number of cells scheduled to a
1045 particular neighbor, without being responsible for choosing the exact
1046 slotOffset/channelOffset of those cells.
1048 8.1.3. remote Monitoring and Schedule Management
1050 The 6top interface document [I-D.ietf-6tisch-6top-interface]
1051 specifies the generic data model that can be used to monitor and
1052 manage resources of the 6top sublayer. Abstract methods are
1053 suggested for use by a management entity in the device. The data
1054 model also enables remote control operations on the 6top sublayer.
1056 The capability to interact with the node 6top sublayer from multiple
1057 hops away can be leveraged for monitoring, scheduling, or a
1058 combination of thereof. The architecture supports variations on the
1059 deployment model, and focuses on the flows rather than whether there
1060 is a proxy or a translation operation en-route.
1062 [I-D.ietf-6tisch-coap] defines an mapping of the 6top set of
1063 commands, which is described in [I-D.ietf-6tisch-6top-interface], to
1064 CoAP resources. This allows an entity to interact with the 6top
1065 layer of a node that is multiple hops away in a RESTful fashion.
1067 [I-D.ietf-6tisch-coap] defines a basic set CoAP resources and
1068 associated RESTful access methods (GET/PUT/POST/DELETE). The payload
1069 (body) of the CoAP messages is encoded using the CBOR format. The
1070 draft also defines the concept of "profiles" to allow for future or
1071 specific extensions, as well as a mechanism for a CoAP client to
1072 discover the profiles installed on a node.
1074 The entity issuing the CoAP requests can be a central scheduling
1075 entity (e.g. a PCE), a node multiple hops away with the authority to
1076 modify the TSCH schedule (e.g. the head of a local cluster), or a
1077 external device monitoring the overall state of the network (e.g.
1078 NME). It is also possible that a mapping entity on the backbone
1079 transforms a non-CoAP protocol such as PCEP into the RESTful
1080 interfaces that the 6TiSCH devices support.
1082 8.1.4. Hop-by-hop Scheduling
1084 A node can reserve a track to a destination node multiple hops away
1085 by installing soft cells at each intermediate node. This forms a
1086 track of soft cells. It is the responsibility of the 6top sublayer
1087 of each node on the track to monitor these soft cells and trigger
1088 relocation when needed.
1090 This hop-by-hop reservation mechanism is expected to be similar in
1091 essence to [RFC3209] and/or [RFC4080]/[RFC5974]. The protocol for a
1092 node to trigger hop-by-hop scheduling is not yet defined.
1094 8.2. Forwarding Models
1096 By forwarding, this specification means the per-packet operation that
1097 allows to deliver a packet to a next hop or an upper layer in this
1098 node. Forwarding is based on pre-existing state that was installed
1099 as a result of a routing computation Section 8.3. 6TiSCH supports
1100 three different forwarding model, G-MPLS Track Forwarding (TF),
1101 6LoWPAN Fragment Forwarding (FF) and IPv6 Forwarding (6F).
1103 8.2.1. Track Forwarding
1105 A Track is a unidirectional path between a source and a destination.
1106 In a Track cell, the normal operation of IEEE802.15.4 Automatic
1107 Repeat-reQuest (ARQ) usually happens, though the acknowledgment may
1108 be omitted in some cases, for instance if there is no scheduled cell
1109 for a retry.
1111 Track Forwarding is the simplest and fastest. A bundle of cells set
1112 to receive (RX-cells) is uniquely paired to a bundle of cells that
1113 are set to transmit (TX-cells), representing a layer-2 forwarding
1114 state that can be used regardless of the network layer protocol.
1115 This model can effectively be seen as a Generalized Multi-protocol
1116 Label Switching (G-MPLS) operation in that the information used to
1117 switch a frame is not an explicit label, but rather related to other
1118 properties of the way the packet was received, a particular cell in
1119 the case of 6TiSCH. As a result, as long as the TSCH MAC (and
1120 Layer-2 security) accepts a frame, that frame can be switched
1121 regardless of the protocol, whether this is an IPv6 packet, a 6LoWPAN
1122 fragment, or a frame from an alternate protocol such as WirelessHART
1123 or ISA100.11a.
1125 A data frame that is forwarded along a Track normally has a
1126 destination MAC address that is set to broadcast - or a multicast
1127 address depending on MAC support. This way, the MAC layer in the
1128 intermediate nodes accepts the incoming frame and 6top switches it
1129 without incurring a change in the MAC header. In the case of
1130 IEEE802.15.4, this means effectively broadcast, so that along the
1131 Track the short address for the destination of the frame is set to
1132 0xFFFF.
1134 A Track is thus formed end-to-end as a succession of paired bundles,
1135 a receive bundle from the previous hop and a transmit bundle to the
1136 next hop along the Track, and a cell in such a bundle belongs to at
1137 most one Track. For a given iteration of the device schedule, the
1138 effective channel of the cell is obtained by adding a pseudo-random
1139 number to the channelOffset of the cell, which results in a rotation
1140 of the frequency that used for transmission. The bundles may be
1141 computed so as to accommodate both variable rates and
1142 retransmissions, so they might not be fully used at a given iteration
1143 of the schedule. The 6TiSCH architecture provides additional means
1144 to avoid waste of cells as well as overflows in the transmit bundle,
1145 as follows:
1147 In one hand, a TX-cell that is not needed for the current iteration
1148 may be reused opportunistically on a per-hop basis for routed
1149 packets. When all of the frame that were received for a given Track
1150 are effectively transmitted, any available TX-cell for that Track can
1151 be reused for upper layer traffic for which the next-hop router
1152 matches the next hop along the Track. In that case, the cell that is
1153 being used is effectively a TX-cell from the Track, but the short
1154 address for the destination is that of the next-hop router. It
1155 results that a frame that is received in a RX-cell of a Track with a
1156 destination MAC address set to this node as opposed to broadcast must
1157 be extracted from the Track and delivered to the upper layer (a frame
1158 with an unrecognized MAC address is dropped at the lower MAC layer
1159 and thus is not received at the 6top sublayer).
1161 On the other hand, it might happen that there are not enough TX-cells
1162 in the transmit bundle to accommodate the Track traffic, for instance
1163 if more retransmissions are needed than provisioned. In that case,
1164 the frame can be placed for transmission in the bundle that is used
1165 for layer-3 traffic towards the next hop along the track as long as
1166 it can be routed by the upper layer, that is, typically, if the frame
1167 transports an IPv6 packet. The MAC address should be set to the
1168 next-hop MAC address to avoid confusion. It results that a frame
1169 that is received over a layer-3 bundle may be in fact associated to a
1170 Track. In a classical IP link such as an Ethernet, off-track traffic
1171 is typically in excess over reservation to be routed along the non-
1172 reserved path based on its QoS setting. But with 6TiSCH, since the
1173 use of the layer-3 bundle may be due to transmission failures, it
1174 makes sense for the receiver to recognize a frame that should be re-
1175 tracked, and to place it back on the appropriate bundle if possible.
1176 A frame should be re-tracked if the Per-Hop-Behavior group indicated
1177 in the Differentiated Services Field in the IPv6 header is set to
1178 Deterministic Forwarding, as discussed in Section 8.3.1. A frame is
1179 re-tracked by scheduling it for transmission over the transmit bundle
1180 associated to the Track, with the destination MAC address set to
1181 broadcast.
1183 There are 2 modes for a Track, transport mode and tunnel mode.
1185 8.2.1.1. Transport Mode
1187 In transport mode, the Protocol Data Unit (PDU) is associated with
1188 flow-dependant meta-data that refers uniquely to the Track, so the
1189 6top sublayer can place the frame in the appropriate cell without
1190 ambiguity. In the case of IPv6 traffic, this flow identification is
1191 transported in the Flow Label of the IPv6 header. Associated with
1192 the source IPv6 address, the Flow Label forms a globally unique
1193 identifier for that particular Track that is validated at egress
1194 before restoring the destination MAC address (DMAC) and punting to
1195 the upper layer.
1197 | ^
1198 +--------------+ | |
1199 | IPv6 | | |
1200 +--------------+ | |
1201 | 6LoWPAN HC | | |
1202 +--------------+ ingress egress
1203 | 6top | sets +----+ +----+ restores
1204 +--------------+ dmac to | | | | dmac to
1205 | TSCH MAC | brdcst | | | | self
1206 +--------------+ | | | | | |
1207 | LLN PHY | +-------+ +--...-----+ +-------+
1208 +--------------+
1210 Track Forwarding, Transport Mode
1212 8.2.1.2. Tunnel Mode
1214 In tunnel mode, the frames originate from an arbitrary protocol over
1215 a compatible MAC that may or may not be synchronized with the 6TiSCH
1216 network. An example of this would be a router with a dual radio that
1217 is capable of receiving and sending WirelessHART or ISA100.11a frames
1218 with the second radio, by presenting itself as an access Point or a
1219 Backbone Router, respectively.
1221 In that mode, some entity (e.g. PCE) can coordinate with a
1222 WirelessHART Network Manager or an ISA100.11a System Manager to
1223 specify the flows that are to be transported transparently over the
1224 Track.
1226 +--------------+
1227 | IPv6 |
1228 +--------------+
1229 | 6LoWPAN HC |
1230 +--------------+ set restore
1231 | 6top | +dmac+ +dmac+
1232 +--------------+ to|brdcst to|nexthop
1233 | TSCH MAC | | | | |
1234 +--------------+ | | | |
1235 | LLN PHY | +-------+ +--...-----+ +-------+
1236 +--------------+ | ingress egress |
1237 | |
1238 +--------------+ | |
1239 | LLN PHY | | |
1240 +--------------+ | |
1241 | TSCH MAC | | |
1242 +--------------+ | dmac = | dmac =
1243 |ISA100/WiHART | | nexthop v nexthop
1244 +--------------+
1246 Figure 6: Track Forwarding, Tunnel Mode
1248 In that case, the flow information that identifies the Track at the
1249 ingress 6TiSCH router is derived from the RX-cell. The dmac is set
1250 to this node but the flow information indicates that the frame must
1251 be tunneled over a particular Track so the frame is not passed to the
1252 upper layer. Instead, the dmac is forced to broadcast and the frame
1253 is passed to the 6top sublayer for switching.
1255 At the egress 6TiSCH router, the reverse operation occurs. Based on
1256 metadata associated to the Track, the frame is passed to the
1257 appropriate link layer with the destination MAC restored.
1259 8.2.1.3. Tunnel Metadata
1261 Metadata coming with the Track configuration is expected to provide
1262 the destination MAC address of the egress endpoint as well as the
1263 tunnel mode and specific data depending on the mode, for instance a
1264 service access point for frame delivery at egress. If the tunnel
1265 egress point does not have a MAC address that matches the
1266 configuration, the Track installation fails.
1268 In transport mode, if the final layer-3 destination is the tunnel
1269 termination, then it is possible that the IPv6 address of the
1270 destination is compressed at the 6LoWPAN sublayer based on the MAC
1271 address. It is thus mandatory at the ingress point to validate that
1272 the MAC address that was used at the 6LoWPAN sublayer for compression
1273 matches that of the tunnel egress point. For that reason, the node
1274 that injects a packet on a Track checks that the destination is
1275 effectively that of the tunnel egress point before it overwrites it
1276 to broadcast. The 6top sublayer at the tunnel egress point reverts
1277 that operation to the MAC address obtained from the tunnel metadata.
1279 8.2.2. Fragment Forwarding
1281 Considering that 6LoWPAN packets can be as large as 1280 bytes (the
1282 IPv6 MTU), and that the non-storing mode of RPL implies Source
1283 Routing that requires space for routing headers, and that a
1284 IEEE802.15.4 frame with security may carry in the order of 80 bytes
1285 of effective payload, an IPv6 packet might be fragmented into more
1286 than 16 fragments at the 6LoWPAN sublayer.
1288 This level of fragmentation is much higher than that traditionally
1289 experienced over the Internet with IPv4 fragments, where
1290 fragmentation is already known as harmful.
1292 In the case to a multihop route within a 6TiSCH network, Hop-by-Hop
1293 recomposition occurs at each hop in order to reform the packet and
1294 route it. This creates additional latency and forces intermediate
1295 nodes to store a portion of a packet for an undetermined time, thus
1296 impacting critical resources such as memory and battery.
1298 [I-D.thubert-roll-forwarding-frags] describes a mechanism whereby the
1299 datagram tag in the 6LoWPAN Fragment is used as a label for switching
1300 at the 6LoWPAN sublayer. The draft allows for a degree of flow
1301 control based on an Explicit Congestion Notification, as well as end-
1302 to-end individual fragment recovery.
1304 | ^
1305 +--------------+ | |
1306 | IPv6 | | +----+ +----+ |
1307 +--------------+ | | | | | |
1308 | 6LoWPAN HC | | learn learn |
1309 +--------------+ | | | | | |
1310 | 6top | | | | | | |
1311 +--------------+ | | | | | |
1312 | TSCH MAC | | | | | | |
1313 +--------------+ | | | | | |
1314 | LLN PHY | +-------+ +--...-----+ +-------+
1315 +--------------+
1317 Figure 7: Forwarding First Fragment
1319 In that model, the first fragment is routed based on the IPv6 header
1320 that is present in that fragment. The 6LoWPAN sublayer learns the
1321 next hop selection, generates a new datagram tag for transmission to
1322 the next hop, and stores that information indexed by the incoming MAC
1323 address and datagram tag. The next fragments are then switched based
1324 on that stored state.
1326 | ^
1327 +--------------+ | |
1328 | IPv6 | | |
1329 +--------------+ | |
1330 | 6LoWPAN HC | | replay replay |
1331 +--------------+ | | | | | |
1332 | 6top | | | | | | |
1333 +--------------+ | | | | | |
1334 | TSCH MAC | | | | | | |
1335 +--------------+ | | | | | |
1336 | LLN PHY | +-------+ +--...-----+ +-------+
1337 +--------------+
1339 Figure 8: Forwarding Next Fragment
1341 A bitmap and an ECN echo in the end-to-end acknowledgment enable the
1342 source to resend the missing fragments selectively. The first
1343 fragment may be resent to carve a new path in case of a path failure.
1344 The ECN echo set indicates that the number of outstanding fragments
1345 should be reduced.
1347 8.2.3. IPv6 Forwarding
1349 As the packets are routed at Layer-3, traditional QoS and RED
1350 operations are expected to prioritize flows; the application of
1351 Differentiated Services is further discussed in
1352 [I-D.svshah-tsvwg-lln-diffserv-recommendations].
1354 | ^
1355 +--------------+ | |
1356 | IPv6 | | +-QoS+ +-QoS+ |
1357 +--------------+ | | | | | |
1358 | 6LoWPAN HC | | | | | | |
1359 +--------------+ | | | | | |
1360 | 6top | | | | | | |
1361 +--------------+ | | | | | |
1362 | TSCH MAC | | | | | | |
1363 +--------------+ | | | | | |
1364 | LLN PHY | +-------+ +--...-----+ +-------+
1365 +--------------+
1367 Figure 9: IP Forwarding
1369 8.3. Centralized vs. Distributed Routing
1371 6TiSCH supports a mixed model of centralized routes and distributed
1372 routes. Centralized routes can for example be computed by a entity
1373 such as a PCE. Distributed routes are computed by RPL.
1375 Both methods may inject routes in the Routing Tables of the 6TiSCH
1376 routers. In either case, each route is associated with a 6TiSCH
1377 topology that can be a RPL Instance topology or a track. The 6TiSCH
1378 topology is indexed by a Instance ID, in a format that reuses the
1379 RPLInstanceID as defined in RPL [RFC6550].
1381 Both RPL and PCE rely on shared sources such as policies to define
1382 Global and Local RPLInstanceIDs that can be used by either method.
1383 It is possible for centralized and distributed routing to share a
1384 same topology. Generally they will operate in different slotFrames,
1385 and centralized routes will be used for scheduled traffic and will
1386 have precedence over distributed routes in case of conflict between
1387 the slotFrames.
1389 8.3.1. Packet Marking and Handling
1391 All packets inside a 6TiSCH domain must carry the Instance ID that
1392 identifies the 6TiSCH topology that is to be used for routing and
1393 forwarding that packet. The location of that information must be the
1394 same for all packets forwarded inside the domain.
1396 For packets that are routed by a PCE along a Track, the tuple formed
1397 by the IPv6 source address and a local RPLInstanceID in the packet
1398 identify uniquely the Track and associated transmit bundle.
1400 Additionally, an IP packet that is sent along a Track uses the
1401 Differentiated Services Per-Hop-Behavior Group called Deterministic
1402 Forwarding, as described in
1403 [I-D.svshah-tsvwg-deterministic-forwarding].
1405 For packets that are routed by RPL, that information is the
1406 RPLInstanceID which is carried in the RPL Packet Information, as
1407 discussed in section 11.2 of [RFC6550], "Loop Avoidance and
1408 Detection".
1410 The RPL Packet Information (RPI) is carried in IPv6 packets as a RPL
1411 option in the IPv6 Hop-By-Hop Header [RFC6553].
1413 6Lo is currently considering a Next Header Compression (NHC) for the
1414 RPI (RPI-NHC). The RPI-NHC is specified in
1415 [I-D.thubert-6lo-rpl-nhc], and is the compressed equivalent to the
1416 whole HbH header with the RPL option.
1418 An alternative form of compression that integrates the compression on
1419 IP-in-IP encapsulation and the Routing Header type 3 [RFC6554] with
1420 that of the RPI in a new 6LoWPAN dispatch/header type is concurrently
1421 being evaluated as [I-D.thubert-6lo-routing-dispatch].
1423 Either way, the method and format used for encoding the RPLInstanceID
1424 is generalized to all 6TiSCH topological Instances, which include
1425 both RPL Instances and Tracks.
1427 9. IANA Considerations
1429 This specification does not require IANA action.
1431 10. Security Considerations
1433 This architecture operates on IEEE802.15.4 and expects link-layer
1434 security to be enabled at all times between connected devices, except
1435 for the very first step of the device join process, where a joining
1436 device may need some initial, unsecured exchanges so as to obtain its
1437 initial key material. Work has already started at the 6TiSCH
1438 Security Design Team and an overview of the current state of that
1439 work is presented in Section 10.1.
1441 Future work on 6TiSCH security and will examine in deeper detail how
1442 to secure transactions end-to-end, and to maintain the security
1443 posture of a device over its lifetime. The result of that work will
1444 be described in a subsequent volume of this architecture.
1446 10.1. Join Process Highlights
1448 The architecture specifies three logical elements to describe the
1449 join process:
1451 Joining Node (JN): Node that wishes to become part of the network;
1453 Join Coordination Entity (JCE) : A Join Coordination Entity (JCE)
1454 that arbitrates network access and hands out network parameters
1455 (such as keying material);
1457 Join Assistant (JA), a one-hop (radio) neighbor of the joining node
1458 that acts as proxy network node and may provide connectivity
1459 with the JCE.
1461 The join protocol consists of three major activities:
1463 Device Authentication: The JN and the JA mutually authenticate each
1464 other and establish a shared key, so as to ensure on-going
1465 authenticated communications. This may involve a server as a
1466 third party.
1468 Authorization: The JA decides on whether/how to authorize a JN (if
1469 denied, this may result in loss of bandwidth). Conversely, the
1470 JN decides on whether/how to authorize the network (if denied,
1471 it will not join the network). Authorization decisions may
1472 involve other nodes in the network.
1474 Configuration/Parameterization: The JA distributes configuration
1475 information to the JN, such as scheduling information, IP
1476 address assignment information, and network policies. This may
1477 originate from other network devices, for which the JA may act
1478 as proxy. This step may also include distribution of
1479 information from the JN to the JA and other nodes in the
1480 network and, more generally, synchronization of information
1481 between these entities.
1483 The device joining process is depicted in Figure 10, where it is
1484 assumed that devices have access to certificates and where entities
1485 have access to the root CA keys of their communicating parties
1486 (initial set-up requirement). Under these assumptions, the
1487 authentication step of the device joining process does not require
1488 online involvement of a third party. Mutual authentication is
1489 performed between the JN and the JA using their certificates, which
1490 also results in a shared key between these two entities.
1492 The JA assists the JN in mutual authentication with a remote server
1493 node (primarily via provision of a communication path with the
1494 server), which also results in a shared (end-to-end) key between
1495 those two entities. The server node may be a JCE that arbitrages the
1496 network authorization of the JN (where the JA will deny bandwidth if
1497 authorization is not successful); it may distribute network-specific
1498 configuration parameters (including network-wide keys) to the JN. In
1499 its turn, the JN may distribute and synchronize information
1500 (including, e.g., network statistics) to the server node and, if so
1501 desired, also to the JA. The actual decision of the JN to become
1502 part of the network may depend on authorization of the network
1503 itself.
1505 The server functionality is a role which may be implemented with one
1506 (centralized) or multiple devices (distributed). In either case,
1507 mutual authentication is established with each physical server entity
1508 with which a role is implemented.
1510 Note that in the above description, the JA does not solely act as a
1511 relay node, thereby allowing it to first filter traffic to be relayed
1512 based on cryptographic authentication criteria - this provides first-
1513 level access control and mitigates certain types of denial-of-service
1514 attacks on the network at large.
1516 Depending on more detailed insight in cost/benefit trade-offs, this
1517 process might be complemented by a more "relaxed" mechanism, where
1518 the JA acts as a relay node only. The final architecture will
1519 provide mechanisms to also cover cases where the initial set-up
1520 requirements are not met or where some other out-of-sync behavior
1521 occurs; it will also suggest some optimizations in case JCE-related
1522 information is already available with the JA (via caching of
1523 information).
1525 When a device rejoins the network in the same authorization domain,
1526 the authorization step could be omitted if the server distributes the
1527 authorization state for the device to the JA when the device
1528 initially joined the network. However, this generally still requires
1529 the exchange of updated configuration information, e.g., related to
1530 time schedules and bandwidth allocation.
1532 {joining node} {neighbor} {server, etc.} Example:
1533 +---------+ +---------+ +---------+
1534 | Joining | | Join | +--| CA |certificate
1535 | Node | |Assistant| | +---------+ issuance
1536 +---------+ +---------+ | +---------+
1537 | | +--|Authoriz.| membership
1538 |<----Beaconing------| | +---------+ test (JCE)
1539 | | | +---------+
1540 |<--Authentication-->| +--| Routing | IP address
1541 | |<--Authorization-->| +--------- assignment
1542 |<-------------------| | +---------+
1543 | | +--| Gateway | backbone,
1544 |------------------->| | +---------+ cloud
1545 | |<--Configuration-->| +---------+
1546 |<-------------------| +--|Bandwidth| PCE
1547 +---------+ schedule
1548 . . .
1549 . . .
1551 Figure 10: Network joining, with only authorization by third party
1553 11. Acknowledgments
1555 11.1. Contributors
1557 The co-authors of this document are listed below:
1559 Robert Assimiti for his breakthrough work on RPL over TSCH and
1560 initial text and guidance.
1562 Kris Pister for creating it all and his continuing guidance through
1563 the elaboration of this design.
1565 Michael Richardson for his leadership role in the Security Design
1566 Team and his contribution throughout this document.
1568 Rene Struik for the security section and his contribution to the
1569 Security Design Team.
1571 Xavier Vilajosana who lead the design of the minimal support with
1572 RPL and contributed deeply to the 6top design and the G-MPLS
1573 operation of track switching.
1575 Qin Wang who lead the design of the 6top sublayer and contributed
1576 related text that was moved and/or adapted in this document.
1578 Thomas Watteyne for his contribution to the whole design, in
1579 particular on TSCH and security.
1581 11.2. Special Thanks
1583 Special thanks to Tero Kivinen, Jonathan Simon, Giuseppe Piro, Subir
1584 Das and Yoshihiro Ohba for their deep contribution to the initial
1585 security work, and to Diego Dujovne for starting and leading the On-
1586 the-Fly effort.
1588 Special thanks also to Pat Kinney for his support in maintaining the
1589 connection active and the design in line with work happening at
1590 IEEE802.15.4.
1592 Also special thanks to Ted Lemon who was the INT Area A-D while this
1593 specification was developed for his great support and help
1594 throughout.
1596 11.3. And Do not Forget
1598 This specification is the result of multiple interactions, in
1599 particular during the 6TiSCH (bi)Weekly Interim call, relayed through
1600 the 6TiSCH mailing list at the IETF.
1602 The authors wish to thank: Alaeddine Weslati, Chonggang Wang,
1603 Georgios Exarchakos, Zhuo Chen, Alfredo Grieco, Bert Greevenbosch,
1604 Cedric Adjih, Deji Chen, Martin Turon, Dominique Barthel, Elvis
1605 Vogli, Geraldine Texier, Malisa Vucinic, Guillaume Gaillard, Herman
1606 Storey, Kazushi Muraoka, Ken Bannister, Kuor Hsin Chang, Laurent
1607 Toutain, Maik Seewald, Maria Rita Palattella, Michael Behringer,
1608 Nancy Cam Winget, Nicola Accettura, Nicolas Montavont, Oleg Hahm,
1609 Patrick Wetterwald, Paul Duffy, Peter van der Stock, Rahul Sen,
1610 Pieter de Mil, Pouria Zand, Rouhollah Nabati, Rafa Marin-Lopez,
1611 Raghuram Sudhaakar, Sedat Gormus, Shitanshu Shah, Steve Simlo,
1612 Tengfei Chang, Tina Tsou, Tom Phinney, Xavier Lagrange, Ines Robles
1613 and Samita Chakrabarti for their participation and various
1614 contributions.
1616 12. References
1618 12.1. Normative References
1620 [I-D.ietf-6tisch-terminology]
1621 Palattella, M., Thubert, P., Watteyne, T., and Q. Wang,
1622 "Terminology in IPv6 over the TSCH mode of IEEE
1623 802.15.4e", draft-ietf-6tisch-terminology-04 (work in
1624 progress), March 2015.
1626 [I-D.ietf-6tisch-tsch]
1627 Watteyne, T., Palattella, M., and L. Grieco, "Using
1628 IEEE802.15.4e TSCH in an IoT context: Overview, Problem
1629 Statement and Goals", draft-ietf-6tisch-tsch-06 (work in
1630 progress), March 2015.
1632 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
1633 (IPv6) Specification", RFC 2460, December 1998.
1635 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
1636 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
1637 September 2007.
1639 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
1640 Address Autoconfiguration", RFC 4862, September 2007.
1642 [RFC6282] Hui, J. and P. Thubert, "Compression Format for IPv6
1643 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282,
1644 September 2011.
1646 [RFC6550] Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R.,
1647 Levis, P., Pister, K., Struik, R., Vasseur, JP., and R.
1648 Alexander, "RPL: IPv6 Routing Protocol for Low-Power and
1649 Lossy Networks", RFC 6550, March 2012.
1651 [RFC6552] Thubert, P., "Objective Function Zero for the Routing
1652 Protocol for Low-Power and Lossy Networks (RPL)", RFC
1653 6552, March 2012.
1655 [RFC6553] Hui, J. and JP. Vasseur, "The Routing Protocol for Low-
1656 Power and Lossy Networks (RPL) Option for Carrying RPL
1657 Information in Data-Plane Datagrams", RFC 6553, March
1658 2012.
1660 [RFC6554] Hui, J., Vasseur, JP., Culler, D., and V. Manral, "An IPv6
1661 Routing Header for Source Routes with the Routing Protocol
1662 for Low-Power and Lossy Networks (RPL)", RFC 6554, March
1663 2012.
1665 [RFC6775] Shelby, Z., Chakrabarti, S., Nordmark, E., and C. Bormann,
1666 "Neighbor Discovery Optimization for IPv6 over Low-Power
1667 Wireless Personal Area Networks (6LoWPANs)", RFC 6775,
1668 November 2012.
1670 12.2. Informative References
1672 [I-D.chakrabarti-nordmark-6man-efficient-nd]
1673 Chakrabarti, S., Nordmark, E., Thubert, P., and M.
1674 Wasserman, "IPv6 Neighbor Discovery Optimizations for
1675 Wired and Wireless Networks", draft-chakrabarti-nordmark-
1676 6man-efficient-nd-07 (work in progress), February 2015.
1678 [I-D.dujovne-6tisch-on-the-fly]
1679 Dujovne, D., Grieco, L., Palattella, M., and N. Accettura,
1680 "6TiSCH On-the-Fly Scheduling", draft-dujovne-6tisch-on-
1681 the-fly-05 (work in progress), March 2015.
1683 [I-D.finn-detnet-architecture]
1684 Finn, N., Thubert, P., and M. Teener, "Deterministic
1685 Networking Architecture", draft-finn-detnet-
1686 architecture-01 (work in progress), March 2015.
1688 [I-D.ietf-6tisch-6top-interface]
1689 Wang, Q., Vilajosana, X., and T. Watteyne, "6TiSCH
1690 Operation Sublayer (6top) Interface", draft-ietf-6tisch-
1691 6top-interface-03 (work in progress), March 2015.
1693 [I-D.ietf-6tisch-coap]
1694 Sudhaakar, R. and P. Zand, "6TiSCH Resource Management and
1695 Interaction using CoAP", draft-ietf-6tisch-coap-03 (work
1696 in progress), March 2015.
1698 [I-D.ietf-6tisch-minimal]
1699 Vilajosana, X. and K. Pister, "Minimal 6TiSCH
1700 Configuration", draft-ietf-6tisch-minimal-06 (work in
1701 progress), March 2015.
1703 [I-D.ietf-ipv6-multilink-subnets]
1704 Thaler, D. and C. Huitema, "Multi-link Subnet Support in
1705 IPv6", draft-ietf-ipv6-multilink-subnets-00 (work in
1706 progress), July 2002.
1708 [I-D.ietf-roll-rpl-industrial-applicability]
1709 Phinney, T., Thubert, P., and R. Assimiti, "RPL
1710 applicability in industrial networks", draft-ietf-roll-
1711 rpl-industrial-applicability-02 (work in progress),
1712 October 2013.
1714 [I-D.richardson-6tisch-security-architecture]
1715 Richardson, M., "security architecture for 6top:
1716 requirements and structure", draft-richardson-6tisch-
1717 security-architecture-02 (work in progress), April 2014.
1719 [I-D.struik-6tisch-security-architecture-elements]
1720 Struik, R., Ohba, Y., and S. Das, "6TiSCH Security
1721 Architectural Elements, Desired Protocol Properties, and
1722 Framework", draft-struik-6tisch-security-architecture-
1723 elements-01 (work in progress), October 2014.
1725 [I-D.svshah-tsvwg-deterministic-forwarding]
1726 Shah, S. and P. Thubert, "Deterministic Forwarding PHB",
1727 draft-svshah-tsvwg-deterministic-forwarding-03 (work in
1728 progress), March 2015.
1730 [I-D.svshah-tsvwg-lln-diffserv-recommendations]
1731 Shah, S. and P. Thubert, "Differentiated Service Class
1732 Recommendations for LLN Traffic", draft-svshah-tsvwg-lln-
1733 diffserv-recommendations-04 (work in progress), February
1734 2015.
1736 [I-D.thubert-6lo-rfc6775-update-reqs]
1737 Thubert, P. and P. Stok, "Requirements for an update to
1738 6LoWPAN ND", draft-thubert-6lo-rfc6775-update-reqs-06
1739 (work in progress), January 2015.
1741 [I-D.thubert-6lo-routing-dispatch]
1742 Thubert, P., Bormann, C., Toutain, L., and R. Cragie, "A
1743 Routing Header Dispatch for 6LoWPAN", draft-thubert-6lo-
1744 routing-dispatch-03 (work in progress), January 2015.
1746 [I-D.thubert-6lo-rpl-nhc]
1747 Thubert, P. and C. Bormann, "A compression mechanism for
1748 the RPL option", draft-thubert-6lo-rpl-nhc-02 (work in
1749 progress), October 2014.
1751 [I-D.thubert-6lowpan-backbone-router]
1752 Thubert, P., "6LoWPAN Backbone Router", draft-thubert-
1753 6lowpan-backbone-router-03 (work in progress), February
1754 2013.
1756 [I-D.thubert-roll-forwarding-frags]
1757 Thubert, P. and J. Hui, "LLN Fragment Forwarding and
1758 Recovery", draft-thubert-roll-forwarding-frags-02 (work in
1759 progress), September 2013.
1761 [I-D.vanderstok-core-comi]
1762 Stok, P., Greevenbosch, B., Bierman, A., Schoenwaelder,
1763 J., and A. Sehgal, "CoAP Management Interface", draft-
1764 vanderstok-core-comi-06 (work in progress), February 2015.
1766 [I-D.wang-6tisch-6top-sublayer]
1767 Wang, Q., Vilajosana, X., and T. Watteyne, "6TiSCH
1768 Operation Sublayer (6top)", draft-wang-6tisch-6top-
1769 sublayer-01 (work in progress), July 2014.
1771 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black,
1772 "Definition of the Differentiated Services Field (DS
1773 Field) in the IPv4 and IPv6 Headers", RFC 2474, December
1774 1998.
1776 [RFC2545] Marques, P. and F. Dupont, "Use of BGP-4 Multiprotocol
1777 Extensions for IPv6 Inter-Domain Routing", RFC 2545, March
1778 1999.
1780 [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V.,
1781 and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP
1782 Tunnels", RFC 3209, December 2001.
1784 [RFC3444] Pras, A. and J. Schoenwaelder, "On the Difference between
1785 Information Models and Data Models", RFC 3444, January
1786 2003.
1788 [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with
1789 CBC-MAC (CCM)", RFC 3610, September 2003.
1791 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P.
1792 Thubert, "Network Mobility (NEMO) Basic Support Protocol",
1793 RFC 3963, January 2005.
1795 [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure
1796 Neighbor Discovery (SEND)", RFC 3971, March 2005.
1798 [RFC4080] Hancock, R., Karagiannis, G., Loughney, J., and S. Van den
1799 Bosch, "Next Steps in Signaling (NSIS): Framework", RFC
1800 4080, June 2005.
1802 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
1803 Architecture", RFC 4291, February 2006.
1805 [RFC4389] Thaler, D., Talwar, M., and C. Patel, "Neighbor Discovery
1806 Proxies (ND Proxy)", RFC 4389, April 2006.
1808 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD)
1809 for IPv6", RFC 4429, April 2006.
1811 [RFC4903] Thaler, D., "Multi-Link Subnet Issues", RFC 4903, June
1812 2007.
1814 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6
1815 over Low-Power Wireless Personal Area Networks (6LoWPANs):
1816 Overview, Assumptions, Problem Statement, and Goals", RFC
1817 4919, August 2007.
1819 [RFC5191] Forsberg, D., Ohba, Y., Patil, B., Tschofenig, H., and A.
1820 Yegin, "Protocol for Carrying Authentication for Network
1821 Access (PANA)", RFC 5191, May 2008.
1823 [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF
1824 for IPv6", RFC 5340, July 2008.
1826 [RFC5889] Baccelli, E. and M. Townsley, "IP Addressing Model in Ad
1827 Hoc Networks", RFC 5889, September 2010.
1829 [RFC5974] Manner, J., Karagiannis, G., and A. McDonald, "NSIS
1830 Signaling Layer Protocol (NSLP) for Quality-of-Service
1831 Signaling", RFC 5974, October 2010.
1833 [RFC6275] Perkins, C., Johnson, D., and J. Arkko, "Mobility Support
1834 in IPv6", RFC 6275, July 2011.
1836 [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
1837 Security Version 1.2", RFC 6347, January 2012.
1839 [RFC6620] Nordmark, E., Bagnulo, M., and E. Levy-Abegnoli, "FCFS
1840 SAVI: First-Come, First-Served Source Address Validation
1841 Improvement for Locally Assigned IPv6 Addresses", RFC
1842 6620, May 2012.
1844 [RFC6655] McGrew, D. and D. Bailey, "AES-CCM Cipher Suites for
1845 Transport Layer Security (TLS)", RFC 6655, July 2012.
1847 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The
1848 Locator/ID Separation Protocol (LISP)", RFC 6830, January
1849 2013.
1851 12.3. Other Informative References
1853 [ACE] IETF, "Authentication and Authorization for Constrained
1854 Environments", .
1857 [CCAMP] IETF, "Common Control and Measurement Plane",
1858 .
1860 [DICE] IETF, "DTLS In Constrained Environments",
1861 .
1863 [HART] www.hartcomm.org, "Highway Addressable remote Transducer,
1864 a group of specifications for industrial process and
1865 control devices administered by the HART Foundation".
1867 [IEEE802.1TSNTG]
1868 IEEE Standards Association, "IEEE 802.1 Time-Sensitive
1869 Networks Task Group", March 2013,
1870 .
1872 [IEEE802154]
1873 IEEE standard for Information Technology, "IEEE std.
1874 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC)
1875 and Physical Layer (PHY) Specifications for Low-Rate
1876 Wireless Personal Area Networks".
1878 [IEEE802154e]
1879 IEEE standard for Information Technology, "IEEE standard
1880 for Information Technology, IEEE std. 802.15.4, Part.
1881 15.4: Wireless Medium Access Control (MAC) and Physical
1882 Layer (PHY) Specifications for Low-Rate Wireless Personal
1883 Area Networks, June 2011 as amended by IEEE std.
1884 802.15.4e, Part. 15.4: Low-Rate Wireless Personal Area
1885 Networks (LR-WPANs) Amendment 1: MAC sublayer", April
1886 2012.
1888 [ISA100] ISA/ANSI, "ISA100, Wireless Systems for Automation",
1889 .
1891 [ISA100.11a]
1892 ISA/ANSI, "Wireless Systems for Industrial Automation:
1893 Process Control and Related Applications - ISA100.11a-2011
1894 - IEC 62734", 2011, .
1897 [PCE] IETF, "Path Computation Element",
1898 .
1900 [TEAS] IETF, "Traffic Engineering Architecture and Signaling",
1901 .
1903 [WirelessHART]
1904 www.hartcomm.org, "Industrial Communication Networks -
1905 Wireless Communication Network and Communication Profiles
1906 - WirelessHART - IEC 62591", 2010.
1908 Appendix A. Personal submissions relevant to the next volumes
1910 This volume only covers a portion of the total work that is needed to
1911 cover the full 6TiSCH architecture. Missing portions include
1912 Deterministic Networking with Track Forwarding, Dynamic Scheduling,
1913 and Security.
1915 [I-D.richardson-6tisch-security-architecture] elaborates on the
1916 potential use of 802.1AR certificates, and some options for the join
1917 process are presented in more details.
1919 [I-D.struik-6tisch-security-architecture-elements] describes 6TiSCH
1920 security architectural elements with high level requirements and the
1921 security framework that are relevant for the design of the 6TiSCH
1922 security solution.
1924 [I-D.dujovne-6tisch-on-the-fly] discusses the use of the 6top
1925 sublayer [I-D.wang-6tisch-6top-sublayer] to adapt dynamically the
1926 number of cells between a RPL parent and a child to the needs of the
1927 actual traffic.
1929 Author's Address
1931 Pascal Thubert (editor)
1932 Cisco Systems, Inc
1933 Building D
1934 45 Allee des Ormes - BP1200
1935 MOUGINS - Sophia Antipolis 06254
1936 FRANCE
1938 Phone: +33 497 23 26 34
1939 Email: pthubert@cisco.com