idnits 2.17.1 draft-ietf-ipwave-ipv6-over-80211ocb-46.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 7, 2019) is 1778 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC 4191' is mentioned on line 1393, but not defined == Unused Reference: 'RFC2818' is defined on line 529, but no explicit reference was found in the text == Unused Reference: 'RFC4210' is defined on line 560, but no explicit reference was found in the text == Unused Reference: 'RFC4302' is defined on line 574, but no explicit reference was found in the text == Unused Reference: 'RFC4303' is defined on line 578, but no explicit reference was found in the text == Unused Reference: 'RFC5374' is defined on line 592, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Downref: Normative reference to an Informational RFC: RFC 3753 ** Downref: Normative reference to an Informational RFC: RFC 5889 ** Downref: Normative reference to an Informational RFC: RFC 6959 ** Obsolete normative reference: RFC 7042 (Obsoleted by RFC 9542) ** Downref: Normative reference to an Informational RFC: RFC 7721 == Outdated reference: A later version (-30) exists of draft-ietf-ipwave-vehicular-networking-09 == Outdated reference: A later version (-15) exists of draft-ietf-mboned-ieee802-mcast-problems-05 Summary: 6 errors (**), 0 flaws (~~), 9 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPWAVE Working Group N. Benamar 3 Internet-Draft Moulay Ismail University 4 Intended status: Standards Track J. Haerri 5 Expires: December 9, 2019 Eurecom 6 J. Lee 7 Sangmyung University 8 T. Ernst 9 YoGoKo 10 June 7, 2019 12 Basic support for IPv6 over IEEE Std 802.11 Networks operating Outside 13 the Context of a Basic Service Set (IPv6-over-80211-OCB) 14 draft-ietf-ipwave-ipv6-over-80211ocb-46 16 Abstract 18 This document provides methods and settings, and describes 19 limitations, for using IPv6 to communicate among nodes in range of 20 one another over a single IEEE 802.11-OCB link with minimal change to 21 existing stacks. Optimizations and usage of IPv6 over more complex 22 scenarios is not covered and is subject of future work. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on December 9, 2019. 41 Copyright Notice 43 Copyright (c) 2019 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 3. Communication Scenarios where IEEE 802.11-OCB Links are Used 4 61 4. IPv6 over 802.11-OCB . . . . . . . . . . . . . . . . . . . . 4 62 4.1. Maximum Transmission Unit (MTU) . . . . . . . . . . . . . 4 63 4.2. Frame Format . . . . . . . . . . . . . . . . . . . . . . 4 64 4.3. Link-Local Addresses . . . . . . . . . . . . . . . . . . 5 65 4.4. Stateless Autoconfiguration . . . . . . . . . . . . . . . 5 66 4.5. Address Mapping . . . . . . . . . . . . . . . . . . . . . 6 67 4.5.1. Address Mapping -- Unicast . . . . . . . . . . . . . 6 68 4.5.2. Address Mapping -- Multicast . . . . . . . . . . . . 6 69 4.6. Subnet Structure . . . . . . . . . . . . . . . . . . . . 7 70 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 71 5.1. Privacy Considerations . . . . . . . . . . . . . . . . . 8 72 5.1.1. Privacy Risks of Meaningful info in Interface IDs . . 9 73 5.2. MAC Address and Interface ID Generation . . . . . . . . . 9 74 5.3. Pseudonym Handling . . . . . . . . . . . . . . . . . . . 10 75 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 76 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 10 77 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 78 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 79 9.1. Normative References . . . . . . . . . . . . . . . . . . 11 80 9.2. Informative References . . . . . . . . . . . . . . . . . 14 81 Appendix A. 802.11p . . . . . . . . . . . . . . . . . . . . . . 16 82 Appendix B. Aspects introduced by the OCB mode to 802.11 . . . . 16 83 Appendix C. Changes Needed on a software driver 802.11a to 84 become a 802.11-OCB driver . . . 21 85 Appendix D. Protocol Layering . . . . . . . . . . . . . . . . . 22 86 Appendix E. Design Considerations . . . . . . . . . . . . . . . 23 87 Appendix F. IEEE 802.11 Messages Transmitted in OCB mode . . . . 23 88 Appendix G. Examples of Packet Formats . . . . . . . . . . . . . 23 89 G.1. Capture in Monitor Mode . . . . . . . . . . . . . . . . . 24 90 G.2. Capture in Normal Mode . . . . . . . . . . . . . . . . . 27 91 Appendix H. Extra Terminology . . . . . . . . . . . . . . . . . 29 92 Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless 93 Links . . . . . . . . . . . . . . . . . . . . . . . 30 94 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 96 1. Introduction 98 This document provides a baseline with limitations for using IPv6 to 99 communicate among nodes in range of one another over a single IEEE 100 802.11-OCB link [IEEE-802.11-2016] (a.k.a "802.11p" see Appendix A, 101 Appendix B and Appendix C) with minimal change to existing stacks. 102 This document describes the layering of IPv6 networking on top of the 103 IEEE Std 802.11 MAC layer or an IEEE Std 802.3 MAC layer with a frame 104 translation underneath. The resulting stack operates over 802.11-OCB 105 and provides at least P2P connectivity using IPv6 ND and link-local 106 addresses. ND Extensions and IPWAVE optimizations for vehicular 107 communications are not in scope. The expectation is that further 108 specs will elaborate for more complex vehicular networking scenarios. 110 The IPv6 network layer operates on 802.11-OCB in the same manner as 111 operating on Ethernet, but there are two kinds of exceptions: 113 o Exceptions due to different operation of IPv6 network layer on 114 802.11 than on Ethernet. The operation of IP on Ethernet is 115 described in [RFC1042], [RFC2464] . 117 o Exceptions due to the OCB nature of 802.11-OCB compared to 802.11. 118 This has impacts on security, privacy, subnet structure and 119 movement detection. For security and privacy recommendations see 120 Section 5 and Section 4.4. The subnet structure is described in 121 Section 4.6. The movement detection on OCB links is not described 122 in this document. 124 In the published literature, many documents describe aspects and 125 problems related to running IPv6 over 802.11-OCB: 126 [I-D.ietf-ipwave-vehicular-networking]. 128 2. Terminology 130 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 131 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 132 "OPTIONAL" in this document are to be interpreted as described in BCP 133 14 [RFC2119] [RFC8174] when, and only when, they appear in all 134 capitals, as shown here. 136 IP-OBU (Internet Protocol On-Board Unit): an IP-OBU is a computer 137 situated in a vehicle such as an automobile, bicycle, or similar. It 138 has at least one IP interface that runs in mode OCB of 802.11, and 139 that has an "OBU" transceiver. See the definition of the term "OBU" 140 in section Appendix H. 142 IP-RSU (IP Road-Side Unit): an IP-RSU is situated along the road. It 143 has at least two distinct IP-enabled interfaces; the wireless PHY/MAC 144 layer of at least one of its IP-enabled interfaces is configured to 145 operate in 802.11-OCB mode. An IP-RSU communicates with the IP-OBU 146 in the vehicle over 802.11 wireless link operating in OCB mode. An 147 IP-RSU is similar to an Access Network Router (ANR) defined in 148 [RFC3753], and a Wireless Termination Point (WTP) defined in 149 [RFC5415]. 151 OCB (outside the context of a basic service set - BSS): A mode of 152 operation in which a STA is not a member of a BSS and does not 153 utilize IEEE Std 802.11 authentication, association, or data 154 confidentiality. 156 802.11-OCB: mode specified in IEEE Std 802.11-2016 when the MIB 157 attribute dot11OCBActivited is true. Note: compliance with standards 158 and regulations set in different countries when using the 5.9GHz 159 frequency band is required. 161 3. Communication Scenarios where IEEE 802.11-OCB Links are Used 163 The IEEE 802.11-OCB Networks are used for vehicular communications, 164 as 'Wireless Access in Vehicular Environments'. In particular, we 165 refer the reader to [I-D.ietf-ipwave-vehicular-networking], that 166 lists some scenarios and requirements for IP in Intelligent 167 Transportation Systems. 169 The link model is the following: STA --- 802.11-OCB --- STA. In 170 vehicular networks, STAs can be IP-RSUs and/or IP-OBUs. All links 171 are assumed to be P2P and multiple links can be on one radio 172 interface. While 802.11-OCB is clearly specified, and a legacy IPv6 173 stack can operate on such links, the use of the operating environment 174 (vehicular networks) brings in new perspectives. 176 4. IPv6 over 802.11-OCB 178 4.1. Maximum Transmission Unit (MTU) 180 The default MTU for IP packets on 802.11-OCB is inherited from 181 RFC2464 and is 1500 octets. This value of the MTU respects the 182 recommendation that every link on the Internet must have a minimum 183 MTU of 1280 octets (stated in [RFC8200], and the recommendations 184 therein, especially with respect to fragmentation). 186 4.2. Frame Format 188 IP packets MUST be transmitted over 802.11-OCB media as QoS Data 189 frames whose format is specified in IEEE 802.11 spec 190 [IEEE-802.11-2016]. 192 The IPv6 packet transmitted on 802.11-OCB are immediately preceded by 193 a Logical Link Control (LLC) header and an 802.11 header. In the LLC 194 header, and in accordance with the EtherType Protocol Discrimination 195 (EPD, see Appendix D), the value of the Type field MUST be set to 196 0x86DD (IPv6). The mapping to the 802.11 data service MUST use a 197 'priority' value of 1, which specifies the use of QoS with a 198 'Background' user priority. 200 To simplify the Application Programming Interface (API) between the 201 operating system and the 802.11-OCB media, device drivers MAY 202 implement IPv6 over Ethernet per RFC 2464 and then a frame 203 translation from 802.3 to 802.11 in order to minimize the code 204 changes. 206 4.3. Link-Local Addresses 208 There are several types of IPv6 addresses [RFC4291], [RFC4193], that 209 MAY be assigned to an 802.11-OCB interface. Among these types of 210 addresses only the IPv6 link-local addresses MAY be formed using an 211 EUI-64 identifier, in particular during transition time. 213 If the IPv6 link-local address is formed using an EUI-64 identifier, 214 then the mechanism of forming that address is the same mechanism as 215 used to form an IPv6 link-local address on Ethernet links. This 216 mechanism is described in section 5 of [RFC2464]. 218 4.4. Stateless Autoconfiguration 220 The steps a host takes in deciding how to autoconfigure its 221 interfaces in IP version 6 are described in [RFC4862]. This section 222 describes the formation of Interface Identifiers for IPv6 addresses 223 of type 'Global' or 'Unique Local'. For Interface Identifiers for 224 IPv6 address of type 'Link-Local' see Section 4.3. 226 The RECOMMENDED method for forming stable Interface Identifiers 227 (IIDs) is described in [RFC8064]. The method of forming IIDs 228 described in section 4 of [RFC2464] MAY be used during transition 229 time, in particular for IPv6 link-local addresses. 231 The bits in the Interface Identifier have no generic meaning and the 232 identifier should be treated as an opaque value. The bits 233 'Universal' and 'Group' in the identifier of an 802.11-OCB interface 234 are significant, as this is an IEEE link-layer address. The details 235 of this significance are described in [RFC7136]. 237 Semantically opaque Interface Identifiers, instead of meaningful 238 Interface Identifiers derived from a valid and meaningful MAC address 239 ([RFC2464], section 4), help avoid certain privacy risks (see the 240 risks mentioned in Section 5.1.1). If semantically opaque Interface 241 Identifiers are needed, they MAY be generated using the method for 242 generating semantically opaque Interface Identifiers with IPv6 243 Stateless Address Autoconfiguration given in [RFC7217]. Typically, 244 an opaque Interface Identifier is formed starting from identifiers 245 different than the MAC addresses, and from cryptographically strong 246 material. Thus, privacy sensitive information is absent from 247 Interface IDs, because it is impossible to calculate back the initial 248 value from which the Interface ID was first generated (intuitively, 249 it is as hard as mentally finding the square root of a number, and as 250 impossible as trying to use computers to identify quickly whether a 251 large number is prime). 253 Some applications that use IPv6 packets on 802.11-OCB links (among 254 other link types) may benefit from IPv6 addresses whose Interface 255 Identifiers don't change too often. It is RECOMMENDED to use the 256 mechanisms described in RFC 7217 to permit the use of Stable 257 Interface Identifiers that do not change within one subnet prefix. A 258 possible source for the Net-Iface Parameter is a virtual interface 259 name, or logical interface name, that is decided by a local 260 administrator. 262 4.5. Address Mapping 264 Unicast and multicast address mapping MUST follow the procedures 265 specified for Ethernet interfaces in sections 6 and 7 of [RFC2464]. 267 4.5.1. Address Mapping -- Unicast 269 This draft is scoped for AR and DAD per RFC 4861 [RFC4861]. 271 4.5.2. Address Mapping -- Multicast 273 The multicast address mapping is performed according to the method 274 specified in section 7 of [RFC2464]. The meaning of the value "3333" 275 mentioned in that section 7 of [RFC2464] is defined in section 2.3.1 276 of [RFC7042]. 278 Transmitting IPv6 packets to multicast destinations over 802.11 links 279 proved to have some performance issues 280 [I-D.ietf-mboned-ieee802-mcast-problems]. These issues may be 281 exacerbated in OCB mode.A Future improvement to this specification 282 SHOULD consider solutions for these problems. 284 4.6. Subnet Structure 286 A subnet may be formed over 802.11-OCB interfaces of vehicles that 287 are in close range (not by their in-vehicle interfaces). A Prefix 288 List conceptual data structure ([RFC4861] section 5.1) is maintained 289 for each 802.11-OCB interface. 291 An IPv6 subnet on which Neighbor Discovery protocol (ND) can be 292 mapped on an OCB network iff all nodes share a single broadcast 293 Domain, which is generally the case for P2P OCB links; The extension 294 to IPv6 ND operating on a subnet that covers multiple OCB links and 295 not fully overlapping (NBMA) is not in scope. 297 The structure of this subnet is ephemeral, in that it is strongly 298 influenced by the mobility of vehicles: the hidden terminal effects 299 appear; the 802.11 networks in OCB mode may be considered as 'ad-hoc' 300 networks with an addressing model as described in [RFC5889]. On 301 another hand, the structure of the internal subnets in each car is 302 relatively stable. 304 As recommended in [RFC5889], when the timing requirements are very 305 strict (e.g. fast drive through IP-RSU coverage), no on-link subnet 306 prefix should be configured on an 802.11-OCB interface. In such 307 cases, the exclusive use of IPv6 link-local addresses is RECOMMENDED. 309 Additionally, even if the timing requirements are not very strict 310 (e.g. the moving subnet formed by two following vehicles is stable, a 311 fixed IP-RSU is absent), the subnet is disconnected from the Internet 312 (a default route is absent), and the addressing peers are equally 313 qualified (impossible to determine that some vehicle owns and 314 distributes addresses to others) the use of link-local addresses is 315 RECOMMENDED. 317 The baseline Neighbor Discovery protocol (ND) [RFC4861] MUST be 318 supported over 802.11-OCB links. Transmitting ND packets may prove 319 to have some performance issues see Section 4.5.2, and Appendix I. 320 These issues may be exacerbated in OCB mode. Solutions for these 321 problems SHOULD consider the OCB mode of operation. Future solutions 322 to OCB should consider solutions for avoiding broadcast. The best of 323 current knowledge indicates the kinds of issues that may arise with 324 ND in OCB mode; they are described in Appendix I. 326 Protocols like Mobile IPv6 [RFC6275] , [RFC3963] and DNAv6 [RFC6059], 327 which depend on timely movement detection, might need additional 328 tuning work to handle the lack of link-layer notifications during 329 handover. This is for further study. 331 5. Security Considerations 333 Any security mechanism at the IP layer or above that may be carried 334 out for the general case of IPv6 may also be carried out for IPv6 335 operating over 802.11-OCB. 337 The OCB operation is stripped off of all existing 802.11 link-layer 338 security mechanisms. There is no encryption applied below the 339 network layer running on 802.11-OCB. At application layer, the IEEE 340 1609.2 document [IEEE-1609.2] does provide security services for 341 certain applications to use; application-layer mechanisms are out-of- 342 scope of this document. On another hand, a security mechanism 343 provided at networking layer, such as IPsec [RFC4301], may provide 344 data security protection to a wider range of applications. 346 802.11-OCB does not provide any cryptographic protection, because it 347 operates outside the context of a BSS (no Association Request/ 348 Response, no Challenge messages). Any attacker can therefore just 349 sit in the near range of vehicles, sniff the network (just set the 350 interface card's frequency to the proper range) and perform attacks 351 without needing to physically break any wall. Such a link is less 352 protected than commonly used links (wired link or protected 802.11). 354 The potential attack vectors are: MAC address spoofing, IP address 355 and session hijacking, and privacy violation Section 5.1. A previous 356 work at SAVI WG presents some threats [RFC6959], while SeND presented 357 in [RFC3971] and [RFC3972] is a solution against address theft but it 358 is complex and not deployed. 360 More IETF protocols are available in the toolbox of the IP security 361 protocol designer. Certain ETSI protocols related to security 362 protocols in Intelligent Transportation Systems are described in 363 [ETSI-sec-archi]. 365 5.1. Privacy Considerations 367 As with all Ethernet and 802.11 interface identifiers ([RFC7721]), 368 the identifier of an 802.11-OCB interface may involve privacy, MAC 369 address spoofing and IP address hijacking risks. A vehicle embarking 370 an IP-OBU whose egress interface is 802.11-OCB may expose itself to 371 eavesdropping and subsequent correlation of data; this may reveal 372 data considered private by the vehicle owner; there is a risk of 373 being tracked. In outdoors public environments, where vehicles 374 typically circulate, the privacy risks are more important than in 375 indoors settings. It is highly likely that attacker sniffers are 376 deployed along routes which listen for IEEE frames, including IP 377 packets, of vehicles passing by. For this reason, in the 802.11-OCB 378 deployments, there is a strong necessity to use protection tools such 379 as dynamically changing MAC addresses Section 5.2, semantically 380 opaque Interface Identifiers and stable Interface Identifiers 381 Section 4.4. This may help mitigate privacy risks to a certain 382 level. 384 5.1.1. Privacy Risks of Meaningful info in Interface IDs 386 The privacy risks of using MAC addresses displayed in Interface 387 Identifiers are important. The IPv6 packets can be captured easily 388 in the Internet and on-link in public roads. For this reason, an 389 attacker may realize many attacks on privacy. One such attack on 390 802.11-OCB is to capture, store and correlate Company ID information 391 present in MAC addresses of many cars (e.g. listen for Router 392 Advertisements, or other IPv6 application data packets, and record 393 the value of the source address in these packets). Further 394 correlation of this information with other data captured by other 395 means, or other visual information (car color, others) MAY constitute 396 privacy risks. 398 5.2. MAC Address and Interface ID Generation 400 In 802.11-OCB networks, the MAC addresses MAY change during well 401 defined renumbering events. In the moment the MAC address is changed 402 on an 802.11-OCB interface all the Interface Identifiers of IPv6 403 addresses assigned to that interface MUST change. 405 The policy dictating when the MAC address is changed on the 406 802.11-OCB interface is to-be-determined. For more information on 407 the motivation of this policy please refer to the privacy discussion 408 in Appendix B. 410 A 'randomized' MAC address has the following characteristics: 412 o Bit "Local/Global" set to "locally admninistered". 414 o Bit "Unicast/Multicast" set to "Unicast". 416 o The 46 remaining bits are set to a random value, using a random 417 number generator that meets the requirements of [RFC4086]. 419 To meet the randomization requirements for the 46 remaining bits, a 420 hash function may be used. For example, the SHA256 hash function may 421 be used with input a 256 bit local secret, the 'nominal' MAC Address 422 of the interface, and a representation of the date and time of the 423 renumbering event. 425 A randomized Interface ID has the same characteristics of a 426 randomized MAC address, except the length in bits. An Interface ID 427 SHOULD be of length specified in other documents. 429 5.3. Pseudonym Handling 431 The demand for privacy protection of vehicles' and drivers' 432 identities, which could be granted by using a pseudonym or alias 433 identity at the same time, may hamper the required confidentiality of 434 messages and trust between participants - especially in safety 435 critical vehicular communication. 437 o Particular challenges arise when the pseudonymization mechanism 438 used relies on (randomized) re-addressing. 440 o A proper pseudonymization tool operated by a trusted third party 441 may be needed to ensure both aspects simultaneously (privacy 442 protection on one hand and trust between participants on another 443 hand). 445 o This is discussed in Section 4.4 and Section 5 of this document. 447 o Pseudonymity is also discussed in 448 [I-D.ietf-ipwave-vehicular-networking] in its sections 4.2.4 and 449 5.1.2. 451 6. IANA Considerations 453 No request to IANA. 455 7. Contributors 457 Christian Huitema, Tony Li. 459 Romain Kuntz contributed extensively about IPv6 handovers between 460 links running outside the context of a BSS (802.11-OCB links). 462 Tim Leinmueller contributed the idea of the use of IPv6 over 463 802.11-OCB for distribution of certificates. 465 Marios Makassikis, Jose Santa Lozano, Albin Severinson and Alexey 466 Voronov provided significant feedback on the experience of using IP 467 messages over 802.11-OCB in initial trials. 469 Michelle Wetterwald contributed extensively the MTU discussion, 470 offered the ETSI ITS perspective, and reviewed other parts of the 471 document. 473 8. Acknowledgements 475 The authors would like to thank Alexandre Petrescu for initiating 476 this work and for being the lead author until the version 43 of this 477 draft. 479 The authors would like to thank Pascal Thubert for reviewing, 480 proofreading and suggesting modifications of this document. 482 The authors would like to thank Witold Klaudel, Ryuji Wakikawa, 483 Emmanuel Baccelli, John Kenney, John Moring, Francois Simon, Dan 484 Romascanu, Konstantin Khait, Ralph Droms, Richard 'Dick' Roy, Ray 485 Hunter, Tom Kurihara, Michal Sojka, Jan de Jongh, Suresh Krishnan, 486 Dino Farinacci, Vincent Park, Jaehoon Paul Jeong, Gloria Gwynne, 487 Hans-Joachim Fischer, Russ Housley, Rex Buddenberg, Erik Nordmark, 488 Bob Moskowitz, Andrew Dryden, Georg Mayer, Dorothy Stanley, Sandra 489 Cespedes, Mariano Falcitelli, Sri Gundavelli, Abdussalam Baryun, 490 Margaret Cullen, Erik Kline, Carlos Jesus Bernardos Cano, Ronald in 491 't Velt, Katrin Sjoberg, Roland Bless, Tijink Jasja, Kevin Smith, 492 Brian Carpenter, Julian Reschke, Mikael Abrahamsson, Dirk von Hugo, 493 Lorenzo Colitti, Pascal Thubert, Ole Troan, Jinmei Tatuya, Joel 494 Halpern, Eric Gray and William Whyte. Their valuable comments 495 clarified particular issues and generally helped to improve the 496 document. 498 Pierre Pfister, Rostislav Lisovy, and others, wrote 802.11-OCB 499 drivers for linux and described how. 501 For the multicast discussion, the authors would like to thank Owen 502 DeLong, Joe Touch, Jen Linkova, Erik Kline, Brian Haberman and 503 participants to discussions in network working groups. 505 The authors would like to thank participants to the Birds-of- 506 a-Feather "Intelligent Transportation Systems" meetings held at IETF 507 in 2016. 509 Human Rights Protocol Considerations review by Amelia Andersdotter. 511 9. References 513 9.1. Normative References 515 [RFC1042] Postel, J. and J. Reynolds, "Standard for the transmission 516 of IP datagrams over IEEE 802 networks", STD 43, RFC 1042, 517 DOI 10.17487/RFC1042, February 1988, 518 . 520 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 521 Requirement Levels", BCP 14, RFC 2119, 522 DOI 10.17487/RFC2119, March 1997, 523 . 525 [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet 526 Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998, 527 . 529 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, 530 DOI 10.17487/RFC2818, May 2000, 531 . 533 [RFC3753] Manner, J., Ed. and M. Kojo, Ed., "Mobility Related 534 Terminology", RFC 3753, DOI 10.17487/RFC3753, June 2004, 535 . 537 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 538 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 539 RFC 3963, DOI 10.17487/RFC3963, January 2005, 540 . 542 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 543 "SEcure Neighbor Discovery (SEND)", RFC 3971, 544 DOI 10.17487/RFC3971, March 2005, 545 . 547 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 548 RFC 3972, DOI 10.17487/RFC3972, March 2005, 549 . 551 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 552 "Randomness Requirements for Security", BCP 106, RFC 4086, 553 DOI 10.17487/RFC4086, June 2005, 554 . 556 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast 557 Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, 558 . 560 [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen, 561 "Internet X.509 Public Key Infrastructure Certificate 562 Management Protocol (CMP)", RFC 4210, 563 DOI 10.17487/RFC4210, September 2005, 564 . 566 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 567 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 568 2006, . 570 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 571 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 572 December 2005, . 574 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 575 DOI 10.17487/RFC4302, December 2005, 576 . 578 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 579 RFC 4303, DOI 10.17487/RFC4303, December 2005, 580 . 582 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 583 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 584 DOI 10.17487/RFC4861, September 2007, 585 . 587 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 588 Address Autoconfiguration", RFC 4862, 589 DOI 10.17487/RFC4862, September 2007, 590 . 592 [RFC5374] Weis, B., Gross, G., and D. Ignjatic, "Multicast 593 Extensions to the Security Architecture for the Internet 594 Protocol", RFC 5374, DOI 10.17487/RFC5374, November 2008, 595 . 597 [RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, 598 Ed., "Control And Provisioning of Wireless Access Points 599 (CAPWAP) Protocol Specification", RFC 5415, 600 DOI 10.17487/RFC5415, March 2009, 601 . 603 [RFC5889] Baccelli, E., Ed. and M. Townsley, Ed., "IP Addressing 604 Model in Ad Hoc Networks", RFC 5889, DOI 10.17487/RFC5889, 605 September 2010, . 607 [RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for 608 Detecting Network Attachment in IPv6", RFC 6059, 609 DOI 10.17487/RFC6059, November 2010, 610 . 612 [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility 613 Support in IPv6", RFC 6275, DOI 10.17487/RFC6275, July 614 2011, . 616 [RFC6959] McPherson, D., Baker, F., and J. Halpern, "Source Address 617 Validation Improvement (SAVI) Threat Scope", RFC 6959, 618 DOI 10.17487/RFC6959, May 2013, 619 . 621 [RFC7042] Eastlake 3rd, D. and J. Abley, "IANA Considerations and 622 IETF Protocol and Documentation Usage for IEEE 802 623 Parameters", BCP 141, RFC 7042, DOI 10.17487/RFC7042, 624 October 2013, . 626 [RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6 627 Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136, 628 February 2014, . 630 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 631 Interface Identifiers with IPv6 Stateless Address 632 Autoconfiguration (SLAAC)", RFC 7217, 633 DOI 10.17487/RFC7217, April 2014, 634 . 636 [RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy 637 Considerations for IPv6 Address Generation Mechanisms", 638 RFC 7721, DOI 10.17487/RFC7721, March 2016, 639 . 641 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 642 "Recommendation on Stable IPv6 Interface Identifiers", 643 RFC 8064, DOI 10.17487/RFC8064, February 2017, 644 . 646 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 647 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 648 May 2017, . 650 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 651 (IPv6) Specification", STD 86, RFC 8200, 652 DOI 10.17487/RFC8200, July 2017, 653 . 655 9.2. Informative References 657 [ETSI-sec-archi] 658 "ETSI TS 102 940 V1.2.1 (2016-11), ETSI Technical 659 Specification, Intelligent Transport Systems (ITS); 660 Security; ITS communications security architecture and 661 security management, November 2016. Downloaded on 662 September 9th, 2017, freely available from ETSI website at 663 URL http://www.etsi.org/deliver/ 664 etsi_ts/102900_102999/102940/01.02.01_60/ 665 ts_102940v010201p.pdf". 667 [I-D.ietf-ipwave-vehicular-networking] 668 Jeong, J., "IP Wireless Access in Vehicular Environments 669 (IPWAVE): Problem Statement and Use Cases", draft-ietf- 670 ipwave-vehicular-networking-09 (work in progress), May 671 2019. 673 [I-D.ietf-mboned-ieee802-mcast-problems] 674 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 675 Zuniga, "Multicast Considerations over IEEE 802 Wireless 676 Media", draft-ietf-mboned-ieee802-mcast-problems-05 (work 677 in progress), April 2019. 679 [IEEE-1609.2] 680 "IEEE SA - 1609.2-2016 - IEEE Standard for Wireless Access 681 in Vehicular Environments (WAVE) -- Security Services for 682 Applications and Management Messages. Example URL 683 http://ieeexplore.ieee.org/document/7426684/ accessed on 684 August 17th, 2017.". 686 [IEEE-1609.3] 687 "IEEE SA - 1609.3-2016 - IEEE Standard for Wireless Access 688 in Vehicular Environments (WAVE) -- Networking Services. 689 Example URL http://ieeexplore.ieee.org/document/7458115/ 690 accessed on August 17th, 2017.". 692 [IEEE-1609.4] 693 "IEEE SA - 1609.4-2016 - IEEE Standard for Wireless Access 694 in Vehicular Environments (WAVE) -- Multi-Channel 695 Operation. Example URL 696 http://ieeexplore.ieee.org/document/7435228/ accessed on 697 August 17th, 2017.". 699 [IEEE-802.11-2016] 700 "IEEE Standard 802.11-2016 - IEEE Standard for Information 701 Technology - Telecommunications and information exchange 702 between systems Local and metropolitan area networks - 703 Specific requirements - Part 11: Wireless LAN Medium 704 Access Control (MAC) and Physical Layer (PHY) 705 Specifications. Status - Active Standard. Description 706 retrieved freely; the document itself is also freely 707 available, but with some difficulty (requires 708 registration); description and document retrieved on April 709 8th, 2019, starting from URL 710 https://standards.ieee.org/findstds/ 711 standard/802.11-2016.html". 713 [IEEE-802.11p-2010] 714 "IEEE Std 802.11p (TM)-2010, IEEE Standard for Information 715 Technology - Telecommunications and information exchange 716 between systems - Local and metropolitan area networks - 717 Specific requirements, Part 11: Wireless LAN Medium Access 718 Control (MAC) and Physical Layer (PHY) Specifications, 719 Amendment 6: Wireless Access in Vehicular Environments; 720 document freely available at URL 721 http://standards.ieee.org/getieee802/ 722 download/802.11p-2010.pdf retrieved on September 20th, 723 2013.". 725 Appendix A. 802.11p 727 The term "802.11p" is an earlier definition. The behaviour of 728 "802.11p" networks is rolled in the document IEEE Std 802.11-2016. 729 In that document the term 802.11p disappears. Instead, each 802.11p 730 feature is conditioned by the IEEE Management Information Base (MIB) 731 attribute "OCBActivated" [IEEE-802.11-2016]. Whenever OCBActivated 732 is set to true the IEEE Std 802.11-OCB state is activated. For 733 example, an 802.11 STAtion operating outside the context of a basic 734 service set has the OCBActivated flag set. Such a station, when it 735 has the flag set, uses a BSS identifier equal to ff:ff:ff:ff:ff:ff. 737 Appendix B. Aspects introduced by the OCB mode to 802.11 739 In the IEEE 802.11-OCB mode, all nodes in the wireless range can 740 directly communicate with each other without involving authentication 741 or association procedures. In OCB mode, the manner in which channels 742 are selected and used is simplified compared to when in BSS mode. 743 Contrary to BSS mode, at link layer, it is necessary to set 744 statically the same channel number (or frequency) on two stations 745 that need to communicate with each other (in BSS mode this channel 746 set operation is performed automatically during 'scanning'). The 747 manner in which stations set their channel number in OCB mode is not 748 specified in this document. Stations STA1 and STA2 can exchange IP 749 packets only if they are set on the same channel. At IP layer, they 750 then discover each other by using the IPv6 Neighbor Discovery 751 protocol. The allocation of a particular channel for a particular 752 use is defined statically in standards authored by ETSI (in Europe), 753 FCC in America, and similar organisations in South Korea, Japan and 754 other parts of the world. 756 Briefly, the IEEE 802.11-OCB mode has the following properties: 758 o The use by each node of a 'wildcard' BSSID (i.e., each bit of the 759 BSSID is set to 1) 761 o No IEEE 802.11 Beacon frames are transmitted 763 o No authentication is required in order to be able to communicate 765 o No association is needed in order to be able to communicate 767 o No encryption is provided in order to be able to communicate 769 o Flag dot11OCBActivated is set to true 771 All the nodes in the radio communication range (IP-OBU and IP-RSU) 772 receive all the messages transmitted (IP-OBU and IP-RSU) within the 773 radio communications range. The eventual conflict(s) are resolved by 774 the MAC CDMA function. 776 The message exchange diagram in Figure 1 illustrates a comparison 777 between traditional 802.11 and 802.11 in OCB mode. The 'Data' 778 messages can be IP packets such as HTTP or others. Other 802.11 779 management and control frames (non IP) may be transmitted, as 780 specified in the 802.11 standard. For information, the names of 781 these messages as currently specified by the 802.11 standard are 782 listed in Appendix F. 784 STA AP STA1 STA2 785 | | | | 786 |<------ Beacon -------| |<------ Data -------->| 787 | | | | 788 |---- Probe Req. ----->| |<------ Data -------->| 789 |<--- Probe Res. ------| | | 790 | | |<------ Data -------->| 791 |---- Auth Req. ------>| | | 792 |<--- Auth Res. -------| |<------ Data -------->| 793 | | | | 794 |---- Asso Req. ------>| |<------ Data -------->| 795 |<--- Asso Res. -------| | | 796 | | |<------ Data -------->| 797 |<------ Data -------->| | | 798 |<------ Data -------->| |<------ Data -------->| 800 (i) 802.11 Infrastructure mode (ii) 802.11-OCB mode 802 Figure 1: Difference between messages exchanged on 802.11 (left) and 803 802.11-OCB (right) 805 The interface 802.11-OCB was specified in IEEE Std 802.11p (TM) -2010 806 [IEEE-802.11p-2010] as an amendment to IEEE Std 802.11 (TM) -2007, 807 titled "Amendment 6: Wireless Access in Vehicular Environments". 808 Since then, this amendment has been integrated in IEEE 802.11(TM) 809 -2012 and -2016 [IEEE-802.11-2016]. 811 In document 802.11-2016, anything qualified specifically as 812 "OCBActivated", or "outside the context of a basic service" set to be 813 true, then it is actually referring to OCB aspects introduced to 814 802.11. 816 In order to delineate the aspects introduced by 802.11-OCB to 802.11, 817 we refer to the earlier [IEEE-802.11p-2010]. The amendment is 818 concerned with vehicular communications, where the wireless link is 819 similar to that of Wireless LAN (using a PHY layer specified by 820 802.11a/b/g/n), but which needs to cope with the high mobility factor 821 inherent in scenarios of communications between moving vehicles, and 822 between vehicles and fixed infrastructure deployed along roads. 823 While 'p' is a letter identifying the Ammendment, just like 'a, b, g' 824 and 'n' are, 'p' is concerned more with MAC modifications, and a 825 little with PHY modifications; the others are mainly about PHY 826 modifications. It is possible in practice to combine a 'p' MAC with 827 an 'a' PHY by operating outside the context of a BSS with OFDM at 828 5.4GHz and 5.9GHz. 830 The 802.11-OCB links are specified to be compatible as much as 831 possible with the behaviour of 802.11a/b/g/n and future generation 832 IEEE WLAN links. From the IP perspective, an 802.11-OCB MAC layer 833 offers practically the same interface to IP as the 802.11a/b/g/n and 834 802.3. A packet sent by an IP-OBU may be received by one or multiple 835 IP-RSUs. The link-layer resolution is performed by using the IPv6 836 Neighbor Discovery protocol. 838 To support this similarity statement (IPv6 is layered on top of LLC 839 on top of 802.11-OCB, in the same way that IPv6 is layered on top of 840 LLC on top of 802.11a/b/g/n (for WLAN) or layered on top of LLC on 841 top of 802.3 (for Ethernet)) it is useful to analyze the differences 842 between 802.11-OCB and 802.11 specifications. During this analysis, 843 we note that whereas 802.11-OCB lists relatively complex and numerous 844 changes to the MAC layer (and very little to the PHY layer), there 845 are only a few characteristics which may be important for an 846 implementation transmitting IPv6 packets on 802.11-OCB links. 848 The most important 802.11-OCB point which influences the IPv6 849 functioning is the OCB characteristic; an additional, less direct 850 influence, is the maximum bandwidth afforded by the PHY modulation/ 851 demodulation methods and channel access specified by 802.11-OCB. The 852 maximum bandwidth theoretically possible in 802.11-OCB is 54 Mbit/s 853 (when using, for example, the following parameters: 20 MHz channel; 854 modulation 64-QAM; coding rate R is 3/4); in practice of IP-over- 855 802.11-OCB a commonly observed figure is 12Mbit/s; this bandwidth 856 allows the operation of a wide range of protocols relying on IPv6. 858 o Operation Outside the Context of a BSS (OCB): the (earlier 859 802.11p) 802.11-OCB links are operated without a Basic Service Set 860 (BSS). This means that the frames IEEE 802.11 Beacon, Association 861 Request/Response, Authentication Request/Response, and similar, 862 are not used. The used identifier of BSS (BSSID) has a 863 hexadecimal value always 0xffffffffffff (48 '1' bits, represented 864 as MAC address ff:ff:ff:ff:ff:ff, or otherwise the 'wildcard' 865 BSSID), as opposed to an arbitrary BSSID value set by 866 administrator (e.g. 'My-Home-AccessPoint'). The OCB operation - 867 namely the lack of beacon-based scanning and lack of 868 authentication - should be taken into account when the Mobile IPv6 869 protocol [RFC6275] and the protocols for IP layer security 870 [RFC4301] are used. The way these protocols adapt to OCB is not 871 described in this document. 873 o Timing Advertisement: is a new message defined in 802.11-OCB, 874 which does not exist in 802.11a/b/g/n. This message is used by 875 stations to inform other stations about the value of time. It is 876 similar to the time as delivered by a GNSS system (Galileo, GPS, 877 ...) or by a cellular system. This message is optional for 878 implementation. 880 o Frequency range: this is a characteristic of the PHY layer, with 881 almost no impact on the interface between MAC and IP. However, it 882 is worth considering that the frequency range is regulated by a 883 regional authority (ARCEP, ECC/CEPT based on ENs from ETSI, FCC, 884 etc.); as part of the regulation process, specific applications 885 are associated with specific frequency ranges. In the case of 886 802.11-OCB, the regulator associates a set of frequency ranges, or 887 slots within a band, to the use of applications of vehicular 888 communications, in a band known as "5.9GHz". The 5.9GHz band is 889 different from the 2.4GHz and 5GHz bands used by Wireless LAN. 890 However, as with Wireless LAN, the operation of 802.11-OCB in 891 "5.9GHz" bands is exempt from owning a license in EU (in US the 892 5.9GHz is a licensed band of spectrum; for the fixed 893 infrastructure an explicit FCC authorization is required; for an 894 on-board device a 'licensed-by-rule' concept applies: rule 895 certification conformity is required.) Technical conditions are 896 different than those of the bands "2.4GHz" or "5GHz". The allowed 897 power levels, and implicitly the maximum allowed distance between 898 vehicles, is of 33dBm for 802.11-OCB (in Europe), compared to 20 899 dBm for Wireless LAN 802.11a/b/g/n; this leads to a maximum 900 distance of approximately 1km, compared to approximately 50m. 901 Additionally, specific conditions related to congestion avoidance, 902 jamming avoidance, and radar detection are imposed on the use of 903 DSRC (in US) and on the use of frequencies for Intelligent 904 Transportation Systems (in EU), compared to Wireless LAN 905 (802.11a/b/g/n). 907 o 'Half-rate' encoding: as the frequency range, this parameter is 908 related to PHY, and thus has not much impact on the interface 909 between the IP layer and the MAC layer. 911 o In vehicular communications using 802.11-OCB links, there are 912 strong privacy requirements with respect to addressing. While the 913 802.11-OCB standard does not specify anything in particular with 914 respect to MAC addresses, in these settings there exists a strong 915 need for dynamic change of these addresses (as opposed to the non- 916 vehicular settings - real wall protection - where fixed MAC 917 addresses do not currently pose some privacy risks). This is 918 further described in Section 5. A relevant function is described 919 in documents IEEE 1609.3-2016 [IEEE-1609.3] and IEEE 1609.4-2016 920 [IEEE-1609.4]. 922 Appendix C. Changes Needed on a software driver 802.11a to become a 923 802.11-OCB driver 925 The 802.11p amendment modifies both the 802.11 stack's physical and 926 MAC layers but all the induced modifications can be quite easily 927 obtained by modifying an existing 802.11a ad-hoc stack. 929 Conditions for a 802.11a hardware to be 802.11-OCB compliant: 931 o The PHY entity shall be an orthogonal frequency division 932 multiplexing (OFDM) system. It must support the frequency bands 933 on which the regulator recommends the use of ITS communications, 934 for example using IEEE 802.11-OCB layer, in France: 5875MHz to 935 5925MHz. 937 o The OFDM system must provide a "half-clocked" operation using 10 938 MHz channel spacings. 940 o The chip transmit spectrum mask must be compliant to the "Transmit 941 spectrum mask" from the IEEE 802.11p amendment (but experimental 942 environments tolerate otherwise). 944 o The chip should be able to transmit up to 44.8 dBm when used by 945 the US government in the United States, and up to 33 dBm in 946 Europe; other regional conditions apply. 948 Changes needed on the network stack in OCB mode: 950 o Physical layer: 952 * The chip must use the Orthogonal Frequency Multiple Access 953 (OFDM) encoding mode. 955 * The chip must be set in half-mode rate mode (the internal clock 956 frequency is divided by two). 958 * The chip must use dedicated channels and should allow the use 959 of higher emission powers. This may require modifications to 960 the local computer file that describes regulatory domains 961 rules, if used by the kernel to enforce local specific 962 restrictions. Such modifications to the local computer file 963 must respect the location-specific regulatory rules. 965 MAC layer: 967 * All management frames (beacons, join, leave, and others) 968 emission and reception must be disabled except for frames of 969 subtype Action and Timing Advertisement (defined below). 971 * No encryption key or method must be used. 973 * Packet emission and reception must be performed as in ad-hoc 974 mode, using the wildcard BSSID (ff:ff:ff:ff:ff:ff). 976 * The functions related to joining a BSS (Association Request/ 977 Response) and for authentication (Authentication Request/Reply, 978 Challenge) are not called. 980 * The beacon interval is always set to 0 (zero). 982 * Timing Advertisement frames, defined in the amendment, should 983 be supported. The upper layer should be able to trigger such 984 frames emission and to retrieve information contained in 985 received Timing Advertisements. 987 Appendix D. Protocol Layering 989 A more theoretical and detailed view of layer stacking, and 990 interfaces between the IP layer and 802.11-OCB layers, is illustrated 991 in Figure 2. The IP layer operates on top of the EtherType Protocol 992 Discrimination (EPD); this Discrimination layer is described in IEEE 993 Std 802.3-2012; the interface between IPv6 and EPD is the LLC_SAP 994 (Link Layer Control Service Access Point). 996 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 997 | IPv6 | 998 +-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ 999 { LLC_SAP } 802.11-OCB 1000 +-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ Boundary 1001 | EPD | | | 1002 | | MLME | | 1003 +-+-+-{ MAC_SAP }+-+-+-| MLME_SAP | 1004 | MAC Sublayer | | | 802.11-OCB 1005 | and ch. coord. | | SME | Services 1006 +-+-+-{ PHY_SAP }+-+-+-+-+-+-+-| | 1007 | | PLME | | 1008 | PHY Layer | PLME_SAP | 1009 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1011 Figure 2: EtherType Protocol Discrimination 1013 Appendix E. Design Considerations 1015 The networks defined by 802.11-OCB are in many ways similar to other 1016 networks of the 802.11 family. In theory, the encapsulation of IPv6 1017 over 802.11-OCB could be very similar to the operation of IPv6 over 1018 other networks of the 802.11 family. However, the high mobility, 1019 strong link asymmetry and very short connection makes the 802.11-OCB 1020 link significantly different from other 802.11 networks. Also, the 1021 automotive applications have specific requirements for reliability, 1022 security and privacy, which further add to the particularity of the 1023 802.11-OCB link. 1025 Appendix F. IEEE 802.11 Messages Transmitted in OCB mode 1027 For information, at the time of writing, this is the list of IEEE 1028 802.11 messages that may be transmitted in OCB mode, i.e. when 1029 dot11OCBActivated is true in a STA: 1031 o The STA may send management frames of subtype Action and, if the 1032 STA maintains a TSF Timer, subtype Timing Advertisement; 1034 o The STA may send control frames, except those of subtype PS-Poll, 1035 CF-End, and CF-End plus CFAck; 1037 o The STA may send data frames of subtype Data, Null, QoS Data, and 1038 QoS Null. 1040 Appendix G. Examples of Packet Formats 1042 This section describes an example of an IPv6 Packet captured over a 1043 IEEE 802.11-OCB link. 1045 By way of example we show that there is no modification in the 1046 headers when transmitted over 802.11-OCB networks - they are 1047 transmitted like any other 802.11 and Ethernet packets. 1049 We describe an experiment of capturing an IPv6 packet on an 1050 802.11-OCB link. In topology depicted in Figure 3, the packet is an 1051 IPv6 Router Advertisement. This packet is emitted by a Router on its 1052 802.11-OCB interface. The packet is captured on the Host, using a 1053 network protocol analyzer (e.g. Wireshark); the capture is performed 1054 in two different modes: direct mode and 'monitor' mode. The topology 1055 used during the capture is depicted below. 1057 The packet is captured on the Host. The Host is an IP-OBU containing 1058 an 802.11 interface in format PCI express (an ITRI product). The 1059 kernel runs the ath5k software driver with modifications for OCB 1060 mode. The capture tool is Wireshark. The file format for save and 1061 analyze is 'pcap'. The packet is generated by the Router. The 1062 Router is an IP-RSU (ITRI product). 1064 +--------+ +-------+ 1065 | | 802.11-OCB Link | | 1066 ---| Router |--------------------------------| Host | 1067 | | | | 1068 +--------+ +-------+ 1070 Figure 3: Topology for capturing IP packets on 802.11-OCB 1072 During several capture operations running from a few moments to 1073 several hours, no message relevant to the BSSID contexts were 1074 captured (no Association Request/Response, Authentication Req/Resp, 1075 Beacon). This shows that the operation of 802.11-OCB is outside the 1076 context of a BSSID. 1078 Overall, the captured message is identical with a capture of an IPv6 1079 packet emitted on a 802.11b interface. The contents are precisely 1080 similar. 1082 G.1. Capture in Monitor Mode 1084 The IPv6 RA packet captured in monitor mode is illustrated below. 1085 The radio tap header provides more flexibility for reporting the 1086 characteristics of frames. The Radiotap Header is prepended by this 1087 particular stack and operating system on the Host machine to the RA 1088 packet received from the network (the Radiotap Header is not present 1089 on the air). The implementation-dependent Radiotap Header is useful 1090 for piggybacking PHY information from the chip's registers as data in 1091 a packet understandable by userland applications using Socket 1092 interfaces (the PHY interface can be, for example: power levels, data 1093 rate, ratio of signal to noise). 1095 The packet present on the air is formed by IEEE 802.11 Data Header, 1096 Logical Link Control Header, IPv6 Base Header and ICMPv6 Header. 1098 Radiotap Header v0 1099 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1100 |Header Revision| Header Pad | Header length | 1101 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1102 | Present flags | 1103 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1104 | Data Rate | Pad | 1105 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1107 IEEE 802.11 Data Header 1108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1109 | Type/Subtype and Frame Ctrl | Duration | 1110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1111 | Receiver Address... 1112 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1113 ... Receiver Address | Transmitter Address... 1114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1115 ... Transmitter Address | 1116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1117 | BSS Id... 1118 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1119 ... BSS Id | Frag Number and Seq Number | 1120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1122 Logical-Link Control Header 1123 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1124 | DSAP |I| SSAP |C| Control field | Org. code... 1125 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1126 ... Organizational Code | Type | 1127 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1129 IPv6 Base Header 1130 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1131 |Version| Traffic Class | Flow Label | 1132 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1133 | Payload Length | Next Header | Hop Limit | 1134 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1135 | | 1136 + + 1137 | | 1138 + Source Address + 1139 | | 1140 + + 1141 | | 1142 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1143 | | 1144 + + 1145 | | 1146 + Destination Address + 1147 | | 1148 + + 1149 | | 1150 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1152 Router Advertisement 1153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1154 | Type | Code | Checksum | 1155 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1156 | Cur Hop Limit |M|O| Reserved | Router Lifetime | 1157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1158 | Reachable Time | 1159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1160 | Retrans Timer | 1161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1162 | Options ... 1163 +-+-+-+-+-+-+-+-+-+-+-+- 1165 The value of the Data Rate field in the Radiotap header is set to 6 1166 Mb/s. This indicates the rate at which this RA was received. 1168 The value of the Transmitter address in the IEEE 802.11 Data Header 1169 is set to a 48bit value. The value of the destination address is 1170 33:33:00:00:00:1 (all-nodes multicast address). The value of the BSS 1171 Id field is ff:ff:ff:ff:ff:ff, which is recognized by the network 1172 protocol analyzer as being "broadcast". The Fragment number and 1173 sequence number fields are together set to 0x90C6. 1175 The value of the Organization Code field in the Logical-Link Control 1176 Header is set to 0x0, recognized as "Encapsulated Ethernet". The 1177 value of the Type field is 0x86DD (hexadecimal 86DD, or otherwise 1178 #86DD), recognized as "IPv6". 1180 A Router Advertisement is periodically sent by the router to 1181 multicast group address ff02::1. It is an icmp packet type 134. The 1182 IPv6 Neighbor Discovery's Router Advertisement message contains an 1183 8-bit field reserved for single-bit flags, as described in [RFC4861]. 1185 The IPv6 header contains the link local address of the router 1186 (source) configured via EUI-64 algorithm, and destination address set 1187 to ff02::1. 1189 The Ethernet Type field in the logical-link control header is set to 1190 0x86dd which indicates that the frame transports an IPv6 packet. In 1191 the IEEE 802.11 data, the destination address is 33:33:00:00:00:01 1192 which is the corresponding multicast MAC address. The BSS id is a 1193 broadcast address of ff:ff:ff:ff:ff:ff. Due to the short link 1194 duration between vehicles and the roadside infrastructure, there is 1195 no need in IEEE 802.11-OCB to wait for the completion of association 1196 and authentication procedures before exchanging data. IEEE 1197 802.11-OCB enabled nodes use the wildcard BSSID (a value of all 1s) 1198 and may start communicating as soon as they arrive on the 1199 communication channel. 1201 G.2. Capture in Normal Mode 1203 The same IPv6 Router Advertisement packet described above (monitor 1204 mode) is captured on the Host, in the Normal mode, and depicted 1205 below. 1207 Ethernet II Header 1208 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1209 | Destination... 1210 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1211 ...Destination | Source... 1212 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1213 ...Source | 1214 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1215 | Type | 1216 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1218 IPv6 Base Header 1219 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1220 |Version| Traffic Class | Flow Label | 1221 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1222 | Payload Length | Next Header | Hop Limit | 1223 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1224 | | 1225 + + 1226 | | 1227 + Source Address + 1228 | | 1229 + + 1230 | | 1231 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1232 | | 1233 + + 1234 | | 1235 + Destination Address + 1236 | | 1237 + + 1238 | | 1239 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1241 Router Advertisement 1242 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1243 | Type | Code | Checksum | 1244 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1245 | Cur Hop Limit |M|O| Reserved | Router Lifetime | 1246 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1247 | Reachable Time | 1248 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1249 | Retrans Timer | 1250 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1251 | Options ... 1252 +-+-+-+-+-+-+-+-+-+-+-+- 1254 One notices that the Radiotap Header, the IEEE 802.11 Data Header and 1255 the Logical-Link Control Headers are not present. On the other hand, 1256 a new header named Ethernet II Header is present. 1258 The Destination and Source addresses in the Ethernet II header 1259 contain the same values as the fields Receiver Address and 1260 Transmitter Address present in the IEEE 802.11 Data Header in the 1261 "monitor" mode capture. 1263 The value of the Type field in the Ethernet II header is 0x86DD 1264 (recognized as "IPv6"); this value is the same value as the value of 1265 the field Type in the Logical-Link Control Header in the "monitor" 1266 mode capture. 1268 The knowledgeable experimenter will no doubt notice the similarity of 1269 this Ethernet II Header with a capture in normal mode on a pure 1270 Ethernet cable interface. 1272 A frame translation is inserted on top of a pure IEEE 802.11 MAC 1273 layer, in order to adapt packets, before delivering the payload data 1274 to the applications. It adapts 802.11 LLC/MAC headers to Ethernet II 1275 headers. In further detail, this adaptation consists in the 1276 elimination of the Radiotap, 802.11 and LLC headers, and in the 1277 insertion of the Ethernet II header. In this way, IPv6 runs straight 1278 over LLC over the 802.11-OCB MAC layer; this is further confirmed by 1279 the use of the unique Type 0x86DD. 1281 Appendix H. Extra Terminology 1283 The following terms are defined outside the IETF. They are used to 1284 define the main terms in the main terminology section Section 2. 1286 DSRC (Dedicated Short Range Communication): a term defined outside 1287 the IETF. The US Federal Communications Commission (FCC) Dedicated 1288 Short Range Communication (DSRC) is defined in the Code of Federal 1289 Regulations (CFR) 47, Parts 90 and 95. This Code is referred in the 1290 definitions below. At the time of the writing of this Internet 1291 Draft, the last update of this Code was dated October 1st, 2010. 1293 DSRCS (Dedicated Short-Range Communications Services): a term defined 1294 outside the IETF. The use of radio techniques to transfer data over 1295 short distances between roadside and mobile units, between mobile 1296 units, and between portable and mobile units to perform operations 1297 related to the improvement of traffic flow, traffic safety, and other 1298 intelligent transportation service applications in a variety of 1299 environments. DSRCS systems may also transmit status and 1300 instructional messages related to the units involve. [Ref. 47 CFR 1301 90.7 - Definitions] 1302 OBU (On-Board Unit): a term defined outside the IETF. An On-Board 1303 Unit is a DSRCS transceiver that is normally mounted in or on a 1304 vehicle, or which in some instances may be a portable unit. An OBU 1305 can be operational while a vehicle or person is either mobile or 1306 stationary. The OBUs receive and contend for time to transmit on one 1307 or more radio frequency (RF) channels. Except where specifically 1308 excluded, OBU operation is permitted wherever vehicle operation or 1309 human passage is permitted. The OBUs mounted in vehicles are 1310 licensed by rule under part 95 of the respective chapter and 1311 communicate with Roadside Units (RSUs) and other OBUs. Portable OBUs 1312 are also licensed by rule under part 95 of the respective chapter. 1313 OBU operations in the Unlicensed National Information Infrastructure 1314 (UNII) Bands follow the rules in those bands. - [CFR 90.7 - 1315 Definitions]. 1317 RSU (Road-Side Unit): a term defined outside of IETF. A Roadside 1318 Unit is a DSRC transceiver that is mounted along a road or pedestrian 1319 passageway. An RSU may also be mounted on a vehicle or is hand 1320 carried, but it may only operate when the vehicle or hand- carried 1321 unit is stationary. Furthermore, an RSU operating under the 1322 respectgive part is restricted to the location where it is licensed 1323 to operate. However, portable or hand-held RSUs are permitted to 1324 operate where they do not interfere with a site-licensed operation. 1325 A RSU broadcasts data to OBUs or exchanges data with OBUs in its 1326 communications zone. An RSU also provides channel assignments and 1327 operating instructions to OBUs in its communications zone, when 1328 required. - [CFR 90.7 - Definitions]. 1330 Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless Links 1332 IPv6 Neighbor Discovery (IPv6 ND) [RFC4861][RFC4862] was designed for 1333 point-to-point and transit links such as Ethernet, with the 1334 expectation of a cheap and reliable support for multicast from the 1335 lower layer. Section 3.2 of RFC 4861 indicates that the operation on 1336 Shared Media and on non-broadcast multi-access (NBMA) networks 1337 require additional support, e.g., for Address Resolution (AR) and 1338 duplicate address detection (DAD), which depend on multicast. An 1339 infrastructureless radio network such as OCB shares properties with 1340 both Shared Media and NBMA networks, and then adds its own 1341 complexity, e.g., from movement and interference that allow only 1342 transient and non-transitive reachability between any set of peers. 1344 The uniqueness of an address within a scoped domain is a key pillar 1345 of IPv6 and the base for unicast IP communication. RFC 4861 details 1346 the DAD method to avoid that an address is duplicated. For a link 1347 local address, the scope is the link, whereas for a Globally 1348 Reachable address the scope is much larger. The underlying 1349 assumption for DAD to operate correctly is that the node that owns an 1350 IPv6 address can reach any other node within the scope at the time it 1351 claims its address, which is done by sending a NS multicast message, 1352 and can hear any future claim for that address by another party 1353 within the scope for the duration of the address ownership. 1355 In the case of OCB, there is a potentially a need to define a scope 1356 that is compatible with DAD, and that cannot be the set of nodes that 1357 a transmitter can reach at a particular time, because that set varies 1358 all the time and does not meet the DAD requirements for a link local 1359 address that could possibly be used anytime, anywhere. The generic 1360 expectation of a reliable multicast is not ensured, and the operation 1361 of DAD and AR (Address Resolution) as specificed by RFC 4861 cannot 1362 be guaranteed. Moreoever, multicast transmissions that rely on 1363 broadcast are not only unreliable but are also often detrimental to 1364 unicast traffic (see [draft-ietf-mboned-ieee802-mcast-problems]). 1366 Early experience indicates that it should be possible to exchange 1367 IPv6 packets over OCB while relying on IPv6 ND alone for DAD and AR 1368 (Address Resolution) in good conditions. However, this does not 1369 apply if TBD TBD TBD. In the absence of a correct DAD operation, a 1370 node that relies only on IPv6 ND for AR and DAD over OCB should 1371 ensure that the addresses that it uses are unique by means others 1372 than DAD. It must be noted that deriving an IPv6 address from a 1373 globally unique MAC address has this property but may yield privacy 1374 issues. 1376 RFC 8505 provides a more recent approach to IPv6 ND and in particular 1377 DAD. RFC 8505 is designed to fit wireless and otherwise constrained 1378 networks whereby multicast and/or continuous access to the medium may 1379 not be guaranteed. RFC 8505 Section 5.6 "Link-Local Addresses and 1380 Registration" indicates that the scope of uniqueness for a link local 1381 address is restricted to a pair of nodes that use it to communicate, 1382 and provides a method to assert the uniqueness and resolve the link- 1383 Layer address using a unicast exchange. 1385 RFC 8505 also enables a router (acting as a 6LR) to own a prefix and 1386 act as a registrar (acting as a 6LBR) for addresses within the 1387 associated subnet. A peer host (acting as a 6LN) registers an 1388 address derived from that prefix and can use it for the lifetime of 1389 the registration. The prefix is advertised as not onlink, which 1390 means that the 6LN uses the 6LR to relay its packets within the 1391 subnet, and participation to the subnet is constrained to the time of 1392 reachability to the 6LR. Note that RSU that provides internet 1393 connectivity MAY announce a default router preference [RFC 4191], 1394 whereas a car that does not provide that connectivity MUST NOT do so. 1395 This operation presents similarities with that of an access point, 1396 but at Layer-3. This is why RFC 8505 well-suited for wireless in 1397 general. 1399 Support of RFC 8505 is may be implemented on OCB. OCB nodes that 1400 support RFC 8505 would support the 6LN operation in order to act as a 1401 host, and may support the 6LR and 6LBR operations in order to act as 1402 a router and in particular own a prefix that can be used by RFC 1403 8505-compliant hosts for address autoconfiguration and registration. 1405 Authors' Addresses 1407 Nabil Benamar 1408 Moulay Ismail University 1409 Morocco 1411 Phone: +212670832236 1412 Email: n.benamar@est.umi.ac.ma 1414 Jerome Haerri 1415 Eurecom 1416 Sophia-Antipolis 06904 1417 France 1419 Phone: +33493008134 1420 Email: Jerome.Haerri@eurecom.fr 1422 Jong-Hyouk Lee 1423 Sangmyung University 1424 31, Sangmyeongdae-gil, Dongnam-gu 1425 Cheonan 31066 1426 Republic of Korea 1428 Email: jonghyouk@smu.ac.kr 1430 Thierry Ernst 1431 YoGoKo 1432 France 1434 Email: thierry.ernst@yogoko.fr