idnits 2.17.1 draft-ietf-ipwave-ipv6-over-80211ocb-47.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 27, 2019) is 1759 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC 2464' is mentioned on line 105, but not defined == Missing Reference: 'RFC 4191' is mentioned on line 1396, but not defined == Unused Reference: 'RFC2818' is defined on line 534, but no explicit reference was found in the text == Unused Reference: 'RFC4210' is defined on line 565, but no explicit reference was found in the text == Unused Reference: 'RFC4302' is defined on line 579, but no explicit reference was found in the text == Unused Reference: 'RFC4303' is defined on line 583, but no explicit reference was found in the text == Unused Reference: 'RFC5374' is defined on line 597, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Downref: Normative reference to an Informational RFC: RFC 3753 ** Downref: Normative reference to an Informational RFC: RFC 5889 ** Downref: Normative reference to an Informational RFC: RFC 6959 ** Obsolete normative reference: RFC 7042 (Obsoleted by RFC 9542) ** Downref: Normative reference to an Informational RFC: RFC 7721 == Outdated reference: A later version (-30) exists of draft-ietf-ipwave-vehicular-networking-09 == Outdated reference: A later version (-15) exists of draft-ietf-mboned-ieee802-mcast-problems-05 Summary: 6 errors (**), 0 flaws (~~), 10 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPWAVE Working Group N. Benamar 3 Internet-Draft Moulay Ismail University 4 Intended status: Standards Track J. Haerri 5 Expires: December 29, 2019 Eurecom 6 J. Lee 7 Sangmyung University 8 T. Ernst 9 YoGoKo 10 June 27, 2019 12 Basic support for IPv6 over IEEE Std 802.11 Networks operating Outside 13 the Context of a Basic Service Set (IPv6-over-80211-OCB) 14 draft-ietf-ipwave-ipv6-over-80211ocb-47 16 Abstract 18 This document provides methods and settings, and describes 19 limitations, for using IPv6 to communicate among nodes in range of 20 one another over a single IEEE 802.11-OCB link with minimal change to 21 existing stacks. Optimizations and usage of IPv6 over more complex 22 scenarios is not covered and is subject of future work. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on December 29, 2019. 41 Copyright Notice 43 Copyright (c) 2019 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 3. Communication Scenarios where IEEE 802.11-OCB Links are Used 4 61 4. IPv6 over 802.11-OCB . . . . . . . . . . . . . . . . . . . . 4 62 4.1. Maximum Transmission Unit (MTU) . . . . . . . . . . . . . 4 63 4.2. Frame Format . . . . . . . . . . . . . . . . . . . . . . 5 64 4.3. Link-Local Addresses . . . . . . . . . . . . . . . . . . 5 65 4.4. Stateless Autoconfiguration . . . . . . . . . . . . . . . 5 66 4.5. Address Mapping . . . . . . . . . . . . . . . . . . . . . 6 67 4.5.1. Address Mapping -- Unicast . . . . . . . . . . . . . 6 68 4.5.2. Address Mapping -- Multicast . . . . . . . . . . . . 6 69 4.6. Subnet Structure . . . . . . . . . . . . . . . . . . . . 7 70 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 71 5.1. Privacy Considerations . . . . . . . . . . . . . . . . . 8 72 5.1.1. Privacy Risks of Meaningful info in Interface IDs . . 9 73 5.2. MAC Address and Interface ID Generation . . . . . . . . . 9 74 5.3. Pseudonym Handling . . . . . . . . . . . . . . . . . . . 10 75 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 76 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 10 77 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 78 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 79 9.1. Normative References . . . . . . . . . . . . . . . . . . 12 80 9.2. Informative References . . . . . . . . . . . . . . . . . 15 81 Appendix A. 802.11p . . . . . . . . . . . . . . . . . . . . . . 16 82 Appendix B. Aspects introduced by the OCB mode to 802.11 . . . . 16 83 Appendix C. Changes Needed on a software driver 802.11a to 84 become a 802.11-OCB driver . . . 21 85 Appendix D. Protocol Layering . . . . . . . . . . . . . . . . . 22 86 Appendix E. Design Considerations . . . . . . . . . . . . . . . 23 87 Appendix F. IEEE 802.11 Messages Transmitted in OCB mode . . . . 23 88 Appendix G. Examples of Packet Formats . . . . . . . . . . . . . 23 89 G.1. Capture in Monitor Mode . . . . . . . . . . . . . . . . . 24 90 G.2. Capture in Normal Mode . . . . . . . . . . . . . . . . . 27 91 Appendix H. Extra Terminology . . . . . . . . . . . . . . . . . 29 92 Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless 93 Links . . . . . . . . . . . . . . . . . . . . . . . 30 94 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 96 1. Introduction 98 This document provides a baseline with limitations for using IPv6 to 99 communicate among nodes in range of one another over a single IEEE 100 802.11-OCB link [IEEE-802.11-2016] (a.k.a "802.11p" see Appendix A, 101 Appendix B and Appendix C) with minimal change to existing stacks. 102 This document describes the layering of IPv6 networking on top of the 103 IEEE Std 802.11 MAC layer or an IEEE Std 802.3 MAC layer with a frame 104 translation underneath. The resulting stack inherits from IPv6 over 105 Ethernet [RFC 2464] and operates over 802.11-OCB providing at least 106 P2P connectivity using IPv6 ND and link-local addresses. ND 107 Extensions and IPWAVE optimizations for vehicular communications are 108 not in scope. The expectation is that further specs will elaborate 109 for more complex vehicular networking scenarios. 111 The IPv6 network layer operates on 802.11-OCB in the same manner as 112 operating on Ethernet, but there are two kinds of exceptions: 114 o Exceptions due to different operation of IPv6 network layer on 115 802.11 than on Ethernet. The operation of IP on Ethernet is 116 described in [RFC1042], [RFC2464] . 118 o Exceptions due to the OCB nature of 802.11-OCB compared to 802.11. 119 This has impacts on security, privacy, subnet structure and 120 movement detection. For security and privacy recommendations see 121 Section 5 and Section 4.4. The subnet structure is described in 122 Section 4.6. The movement detection on OCB links is not described 123 in this document. 125 In the published literature, many documents describe aspects and 126 problems related to running IPv6 over 802.11-OCB: 127 [I-D.ietf-ipwave-vehicular-networking]. 129 2. Terminology 131 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 132 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 133 "OPTIONAL" in this document are to be interpreted as described in BCP 134 14 [RFC2119] [RFC8174] when, and only when, they appear in all 135 capitals, as shown here. 137 IP-OBU (Internet Protocol On-Board Unit): an IP-OBU is a computer 138 situated in a vehicle such as an automobile, bicycle, or similar. It 139 has at least one IP interface that runs in mode OCB of 802.11, and 140 that has an "OBU" transceiver. See the definition of the term "OBU" 141 in section Appendix H. 143 IP-RSU (IP Road-Side Unit): an IP-RSU is situated along the road. It 144 has at least two distinct IP-enabled interfaces; the wireless PHY/MAC 145 layer of at least one of its IP-enabled interfaces is configured to 146 operate in 802.11-OCB mode. An IP-RSU communicates with the IP-OBU 147 in the vehicle over 802.11 wireless link operating in OCB mode. An 148 IP-RSU is similar to an Access Network Router (ANR) defined in 149 [RFC3753], and a Wireless Termination Point (WTP) defined in 150 [RFC5415]. 152 OCB (outside the context of a basic service set - BSS): A mode of 153 operation in which a STA is not a member of a BSS and does not 154 utilize IEEE Std 802.11 authentication, association, or data 155 confidentiality. 157 802.11-OCB: mode specified in IEEE Std 802.11-2016 when the MIB 158 attribute dot11OCBActivited is true. Note: compliance with standards 159 and regulations set in different countries when using the 5.9GHz 160 frequency band is required. 162 3. Communication Scenarios where IEEE 802.11-OCB Links are Used 164 The IEEE 802.11-OCB Networks are used for vehicular communications, 165 as 'Wireless Access in Vehicular Environments'. In particular, we 166 refer the reader to [I-D.ietf-ipwave-vehicular-networking], that 167 lists some scenarios and requirements for IP in Intelligent 168 Transportation Systems. 170 The link model is the following: STA --- 802.11-OCB --- STA. In 171 vehicular networks, STAs can be IP-RSUs and/or IP-OBUs. All links 172 are assumed to be P2P and multiple links can be on one radio 173 interface. While 802.11-OCB is clearly specified, and a legacy IPv6 174 stack can operate on such links, the use of the operating environment 175 (vehicular networks) brings in new perspectives. 177 4. IPv6 over 802.11-OCB 179 4.1. Maximum Transmission Unit (MTU) 181 The default MTU for IP packets on 802.11-OCB is inherited from 182 RFC2464 and is 1500 octets. This value of the MTU respects the 183 recommendation that every link on the Internet must have a minimum 184 MTU of 1280 octets (stated in [RFC8200], and the recommendations 185 therein, especially with respect to fragmentation). 187 4.2. Frame Format 189 IP packets MUST be transmitted over 802.11-OCB media as QoS Data 190 frames whose format is specified in IEEE 802.11 spec 191 [IEEE-802.11-2016]. 193 The IPv6 packet transmitted on 802.11-OCB are immediately preceded by 194 a Logical Link Control (LLC) header and an 802.11 header. In the LLC 195 header, and in accordance with the EtherType Protocol Discrimination 196 (EPD, see Appendix D), the value of the Type field MUST be set to 197 0x86DD (IPv6). The mapping to the 802.11 data service MUST use a 198 'priority' value of 1, which specifies the use of QoS with a 199 'Background' user priority. 201 To simplify the Application Programming Interface (API) between the 202 operating system and the 802.11-OCB media, device drivers MAY 203 implement IPv6 over Ethernet per RFC 2464 and then a frame 204 translation from 802.3 to 802.11 in order to minimize the code 205 changes. 207 4.3. Link-Local Addresses 209 There are several types of IPv6 addresses [RFC4291], [RFC4193], that 210 MAY be assigned to an 802.11-OCB interface. Among these types of 211 addresses only the IPv6 link-local addresses MAY be formed using an 212 EUI-64 identifier, in particular during transition time. 214 If the IPv6 link-local address is formed using an EUI-64 identifier, 215 then the mechanism of forming that address is the same mechanism as 216 used to form an IPv6 link-local address on Ethernet links. Moreover, 217 whether or not the interface identifier is derived from the EUI-64 A 218 identifier, its length is 64 bits as is the case for Ethernet 219 [RFC2464]. 221 4.4. Stateless Autoconfiguration 223 The steps a host takes in deciding how to autoconfigure its 224 interfaces in IP version 6 are described in [RFC4862]. This section 225 describes the formation of Interface Identifiers for IPv6 addresses 226 of type 'Global' or 'Unique Local'. For Interface Identifiers for 227 IPv6 address of type 'Link-Local' see Section 4.3. 229 The RECOMMENDED method for forming stable Interface Identifiers 230 (IIDs) is described in [RFC8064]. The method of forming IIDs 231 described in section 4 of [RFC2464] MAY be used during transition 232 time, in particular for IPv6 link-local addresses. Regardless of how 233 to form the Interface Identifier, its length is 64 bits, as is the 234 case of the IPv6 over Ethernet specification [RFC2464]. 236 The bits in the Interface Identifier have no generic meaning and the 237 identifier should be treated as an opaque value. The bits 238 'Universal' and 'Group' in the identifier of an 802.11-OCB interface 239 are significant, as this is an IEEE link-layer address. The details 240 of this significance are described in [RFC7136]. 242 Semantically opaque Interface Identifiers, instead of meaningful 243 Interface Identifiers derived from a valid and meaningful MAC address 244 ([RFC2464], section 4), help avoid certain privacy risks (see the 245 risks mentioned in Section 5.1.1). If semantically opaque Interface 246 Identifiers are needed, they MAY be generated using the method for 247 generating semantically opaque Interface Identifiers with IPv6 248 Stateless Address Autoconfiguration given in [RFC7217]. Typically, 249 an opaque Interface Identifier is formed starting from identifiers 250 different than the MAC addresses, and from cryptographically strong 251 material. Thus, privacy sensitive information is absent from 252 Interface IDs, because it is impossible to calculate back the initial 253 value from which the Interface ID was first generated (intuitively, 254 it is as hard as mentally finding the square root of a number, and as 255 impossible as trying to use computers to identify quickly whether a 256 large number is prime). 258 Some applications that use IPv6 packets on 802.11-OCB links (among 259 other link types) may benefit from IPv6 addresses whose Interface 260 Identifiers don't change too often. It is RECOMMENDED to use the 261 mechanisms described in RFC 7217 to permit the use of Stable 262 Interface Identifiers that do not change within one subnet prefix. A 263 possible source for the Net-Iface Parameter is a virtual interface 264 name, or logical interface name, that is decided by a local 265 administrator. 267 4.5. Address Mapping 269 Unicast and multicast address mapping MUST follow the procedures 270 specified for Ethernet interfaces in sections 6 and 7 of [RFC2464]. 272 4.5.1. Address Mapping -- Unicast 274 This draft is scoped for AR and DAD per RFC 4861 [RFC4861]. 276 4.5.2. Address Mapping -- Multicast 278 The multicast address mapping is performed according to the method 279 specified in section 7 of [RFC2464]. The meaning of the value "3333" 280 mentioned in that section 7 of [RFC2464] is defined in section 2.3.1 281 of [RFC7042]. 283 Transmitting IPv6 packets to multicast destinations over 802.11 links 284 proved to have some performance issues 285 [I-D.ietf-mboned-ieee802-mcast-problems]. These issues may be 286 exacerbated in OCB mode.A Future improvement to this specification 287 SHOULD consider solutions for these problems. 289 4.6. Subnet Structure 291 A subnet may be formed over 802.11-OCB interfaces of vehicles that 292 are in close range (not by their in-vehicle interfaces). A Prefix 293 List conceptual data structure ([RFC4861] section 5.1) is maintained 294 for each 802.11-OCB interface. 296 An IPv6 subnet on which Neighbor Discovery protocol (ND) can be 297 mapped on an OCB network iff all nodes share a single broadcast 298 Domain, which is generally the case for P2P OCB links; The extension 299 to IPv6 ND operating on a subnet that covers multiple OCB links and 300 not fully overlapping (NBMA) is not in scope. 302 The structure of this subnet is ephemeral, in that it is strongly 303 influenced by the mobility of vehicles: the hidden terminal effects 304 appear; the 802.11 networks in OCB mode may be considered as 'ad-hoc' 305 networks with an addressing model as described in [RFC5889]. On 306 another hand, the structure of the internal subnets in each car is 307 relatively stable. 309 As recommended in [RFC5889], when the timing requirements are very 310 strict (e.g. fast drive through IP-RSU coverage), no on-link subnet 311 prefix should be configured on an 802.11-OCB interface. In such 312 cases, the exclusive use of IPv6 link-local addresses is RECOMMENDED. 314 Additionally, even if the timing requirements are not very strict 315 (e.g. the moving subnet formed by two following vehicles is stable, a 316 fixed IP-RSU is absent), the subnet is disconnected from the Internet 317 (a default route is absent), and the addressing peers are equally 318 qualified (impossible to determine that some vehicle owns and 319 distributes addresses to others) the use of link-local addresses is 320 RECOMMENDED. 322 The baseline Neighbor Discovery protocol (ND) [RFC4861] MUST be 323 supported over 802.11-OCB links. Transmitting ND packets may prove 324 to have some performance issues see Section 4.5.2, and Appendix I. 325 These issues may be exacerbated in OCB mode. Solutions for these 326 problems SHOULD consider the OCB mode of operation. Future solutions 327 to OCB should consider solutions for avoiding broadcast. The best of 328 current knowledge indicates the kinds of issues that may arise with 329 ND in OCB mode; they are described in Appendix I. 331 Protocols like Mobile IPv6 [RFC6275] , [RFC3963] and DNAv6 [RFC6059], 332 which depend on timely movement detection, might need additional 333 tuning work to handle the lack of link-layer notifications during 334 handover. This is for further study. 336 5. Security Considerations 338 Any security mechanism at the IP layer or above that may be carried 339 out for the general case of IPv6 may also be carried out for IPv6 340 operating over 802.11-OCB. 342 The OCB operation is stripped off of all existing 802.11 link-layer 343 security mechanisms. There is no encryption applied below the 344 network layer running on 802.11-OCB. At application layer, the IEEE 345 1609.2 document [IEEE-1609.2] does provide security services for 346 certain applications to use; application-layer mechanisms are out-of- 347 scope of this document. On another hand, a security mechanism 348 provided at networking layer, such as IPsec [RFC4301], may provide 349 data security protection to a wider range of applications. 351 802.11-OCB does not provide any cryptographic protection, because it 352 operates outside the context of a BSS (no Association Request/ 353 Response, no Challenge messages). Any attacker can therefore just 354 sit in the near range of vehicles, sniff the network (just set the 355 interface card's frequency to the proper range) and perform attacks 356 without needing to physically break any wall. Such a link is less 357 protected than commonly used links (wired link or protected 802.11). 359 The potential attack vectors are: MAC address spoofing, IP address 360 and session hijacking, and privacy violation Section 5.1. A previous 361 work at SAVI WG presents some threats [RFC6959], while SeND presented 362 in [RFC3971] and [RFC3972] is a solution against address theft but it 363 is complex and not deployed. 365 More IETF protocols are available in the toolbox of the IP security 366 protocol designer. Certain ETSI protocols related to security 367 protocols in Intelligent Transportation Systems are described in 368 [ETSI-sec-archi]. 370 5.1. Privacy Considerations 372 As with all Ethernet and 802.11 interface identifiers ([RFC7721]), 373 the identifier of an 802.11-OCB interface may involve privacy, MAC 374 address spoofing and IP address hijacking risks. A vehicle embarking 375 an IP-OBU whose egress interface is 802.11-OCB may expose itself to 376 eavesdropping and subsequent correlation of data; this may reveal 377 data considered private by the vehicle owner; there is a risk of 378 being tracked. In outdoors public environments, where vehicles 379 typically circulate, the privacy risks are more important than in 380 indoors settings. It is highly likely that attacker sniffers are 381 deployed along routes which listen for IEEE frames, including IP 382 packets, of vehicles passing by. For this reason, in the 802.11-OCB 383 deployments, there is a strong necessity to use protection tools such 384 as dynamically changing MAC addresses Section 5.2, semantically 385 opaque Interface Identifiers and stable Interface Identifiers 386 Section 4.4. An example of change policy is to change the MAC 387 address of the OCB interface each time the system boots upThis may 388 help mitigate privacy risks to a certain level. 390 5.1.1. Privacy Risks of Meaningful info in Interface IDs 392 The privacy risks of using MAC addresses displayed in Interface 393 Identifiers are important. The IPv6 packets can be captured easily 394 in the Internet and on-link in public roads. For this reason, an 395 attacker may realize many attacks on privacy. One such attack on 396 802.11-OCB is to capture, store and correlate Company ID information 397 present in MAC addresses of many cars (e.g. listen for Router 398 Advertisements, or other IPv6 application data packets, and record 399 the value of the source address in these packets). Further 400 correlation of this information with other data captured by other 401 means, or other visual information (car color, others) MAY constitute 402 privacy risks. 404 5.2. MAC Address and Interface ID Generation 406 In 802.11-OCB networks, the MAC addresses MAY change during well 407 defined renumbering events. In the moment the MAC address is changed 408 on an 802.11-OCB interface all the Interface Identifiers of IPv6 409 addresses assigned to that interface MUST change. 411 The policy dictating when the MAC address is changed on the 412 802.11-OCB interface is to-be-determined. For more information on 413 the motivation of this policy please refer to the privacy discussion 414 in Appendix B. 416 A 'randomized' MAC address has the following characteristics: 418 o Bit "Local/Global" set to "locally admninistered". 420 o Bit "Unicast/Multicast" set to "Unicast". 422 o The 46 remaining bits are set to a random value, using a random 423 number generator that meets the requirements of [RFC4086]. 425 To meet the randomization requirements for the 46 remaining bits, a 426 hash function may be used. For example, the SHA256 hash function may 427 be used with input a 256 bit local secret, the 'nominal' MAC Address 428 of the interface, and a representation of the date and time of the 429 renumbering event. 431 A randomized Interface ID has the same characteristics of a 432 randomized MAC address, except the length in bits. An Interface ID 433 SHOULD be of length specified in other documents. 435 5.3. Pseudonym Handling 437 The demand for privacy protection of vehicles' and drivers' 438 identities, which could be granted by using a pseudonym or alias 439 identity at the same time, may hamper the required confidentiality of 440 messages and trust between participants - especially in safety 441 critical vehicular communication. 443 o Particular challenges arise when the pseudonymization mechanism 444 used relies on (randomized) re-addressing. 446 o A proper pseudonymization tool operated by a trusted third party 447 may be needed to ensure both aspects simultaneously (privacy 448 protection on one hand and trust between participants on another 449 hand). 451 o This is discussed in Section 4.4 and Section 5 of this document. 453 o Pseudonymity is also discussed in 454 [I-D.ietf-ipwave-vehicular-networking] in its sections 4.2.4 and 455 5.1.2. 457 6. IANA Considerations 459 No request to IANA. 461 7. Contributors 463 Christian Huitema, Tony Li. 465 Romain Kuntz contributed extensively about IPv6 handovers between 466 links running outside the context of a BSS (802.11-OCB links). 468 Tim Leinmueller contributed the idea of the use of IPv6 over 469 802.11-OCB for distribution of certificates. 471 Marios Makassikis, Jose Santa Lozano, Albin Severinson and Alexey 472 Voronov provided significant feedback on the experience of using IP 473 messages over 802.11-OCB in initial trials. 475 Michelle Wetterwald contributed extensively the MTU discussion, 476 offered the ETSI ITS perspective, and reviewed other parts of the 477 document. 479 8. Acknowledgements 481 The authors would like to thank Alexandre Petrescu for initiating 482 this work and for being the lead author until the version 43 of this 483 draft. 485 The authors would like to thank Pascal Thubert for reviewing, 486 proofreading and suggesting modifications of this document. 488 The authors would like to thank Witold Klaudel, Ryuji Wakikawa, 489 Emmanuel Baccelli, John Kenney, John Moring, Francois Simon, Dan 490 Romascanu, Konstantin Khait, Ralph Droms, Richard 'Dick' Roy, Ray 491 Hunter, Tom Kurihara, Michal Sojka, Jan de Jongh, Suresh Krishnan, 492 Dino Farinacci, Vincent Park, Jaehoon Paul Jeong, Gloria Gwynne, 493 Hans-Joachim Fischer, Russ Housley, Rex Buddenberg, Erik Nordmark, 494 Bob Moskowitz, Andrew Dryden, Georg Mayer, Dorothy Stanley, Sandra 495 Cespedes, Mariano Falcitelli, Sri Gundavelli, Abdussalam Baryun, 496 Margaret Cullen, Erik Kline, Carlos Jesus Bernardos Cano, Ronald in 497 't Velt, Katrin Sjoberg, Roland Bless, Tijink Jasja, Kevin Smith, 498 Brian Carpenter, Julian Reschke, Mikael Abrahamsson, Dirk von Hugo, 499 Lorenzo Colitti, Pascal Thubert, Ole Troan, Jinmei Tatuya, Joel 500 Halpern, Eric Gray and William Whyte. Their valuable comments 501 clarified particular issues and generally helped to improve the 502 document. 504 Pierre Pfister, Rostislav Lisovy, and others, wrote 802.11-OCB 505 drivers for linux and described how. 507 For the multicast discussion, the authors would like to thank Owen 508 DeLong, Joe Touch, Jen Linkova, Erik Kline, Brian Haberman and 509 participants to discussions in network working groups. 511 The authors would like to thank participants to the Birds-of- 512 a-Feather "Intelligent Transportation Systems" meetings held at IETF 513 in 2016. 515 Human Rights Protocol Considerations review by Amelia Andersdotter. 517 9. References 518 9.1. Normative References 520 [RFC1042] Postel, J. and J. Reynolds, "Standard for the transmission 521 of IP datagrams over IEEE 802 networks", STD 43, RFC 1042, 522 DOI 10.17487/RFC1042, February 1988, 523 . 525 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 526 Requirement Levels", BCP 14, RFC 2119, 527 DOI 10.17487/RFC2119, March 1997, 528 . 530 [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet 531 Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998, 532 . 534 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, 535 DOI 10.17487/RFC2818, May 2000, 536 . 538 [RFC3753] Manner, J., Ed. and M. Kojo, Ed., "Mobility Related 539 Terminology", RFC 3753, DOI 10.17487/RFC3753, June 2004, 540 . 542 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 543 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 544 RFC 3963, DOI 10.17487/RFC3963, January 2005, 545 . 547 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 548 "SEcure Neighbor Discovery (SEND)", RFC 3971, 549 DOI 10.17487/RFC3971, March 2005, 550 . 552 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 553 RFC 3972, DOI 10.17487/RFC3972, March 2005, 554 . 556 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 557 "Randomness Requirements for Security", BCP 106, RFC 4086, 558 DOI 10.17487/RFC4086, June 2005, 559 . 561 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast 562 Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, 563 . 565 [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen, 566 "Internet X.509 Public Key Infrastructure Certificate 567 Management Protocol (CMP)", RFC 4210, 568 DOI 10.17487/RFC4210, September 2005, 569 . 571 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 572 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 573 2006, . 575 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 576 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 577 December 2005, . 579 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 580 DOI 10.17487/RFC4302, December 2005, 581 . 583 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 584 RFC 4303, DOI 10.17487/RFC4303, December 2005, 585 . 587 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 588 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 589 DOI 10.17487/RFC4861, September 2007, 590 . 592 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 593 Address Autoconfiguration", RFC 4862, 594 DOI 10.17487/RFC4862, September 2007, 595 . 597 [RFC5374] Weis, B., Gross, G., and D. Ignjatic, "Multicast 598 Extensions to the Security Architecture for the Internet 599 Protocol", RFC 5374, DOI 10.17487/RFC5374, November 2008, 600 . 602 [RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, 603 Ed., "Control And Provisioning of Wireless Access Points 604 (CAPWAP) Protocol Specification", RFC 5415, 605 DOI 10.17487/RFC5415, March 2009, 606 . 608 [RFC5889] Baccelli, E., Ed. and M. Townsley, Ed., "IP Addressing 609 Model in Ad Hoc Networks", RFC 5889, DOI 10.17487/RFC5889, 610 September 2010, . 612 [RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for 613 Detecting Network Attachment in IPv6", RFC 6059, 614 DOI 10.17487/RFC6059, November 2010, 615 . 617 [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility 618 Support in IPv6", RFC 6275, DOI 10.17487/RFC6275, July 619 2011, . 621 [RFC6959] McPherson, D., Baker, F., and J. Halpern, "Source Address 622 Validation Improvement (SAVI) Threat Scope", RFC 6959, 623 DOI 10.17487/RFC6959, May 2013, 624 . 626 [RFC7042] Eastlake 3rd, D. and J. Abley, "IANA Considerations and 627 IETF Protocol and Documentation Usage for IEEE 802 628 Parameters", BCP 141, RFC 7042, DOI 10.17487/RFC7042, 629 October 2013, . 631 [RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6 632 Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136, 633 February 2014, . 635 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 636 Interface Identifiers with IPv6 Stateless Address 637 Autoconfiguration (SLAAC)", RFC 7217, 638 DOI 10.17487/RFC7217, April 2014, 639 . 641 [RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy 642 Considerations for IPv6 Address Generation Mechanisms", 643 RFC 7721, DOI 10.17487/RFC7721, March 2016, 644 . 646 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 647 "Recommendation on Stable IPv6 Interface Identifiers", 648 RFC 8064, DOI 10.17487/RFC8064, February 2017, 649 . 651 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 652 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 653 May 2017, . 655 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 656 (IPv6) Specification", STD 86, RFC 8200, 657 DOI 10.17487/RFC8200, July 2017, 658 . 660 9.2. Informative References 662 [ETSI-sec-archi] 663 "ETSI TS 102 940 V1.2.1 (2016-11), ETSI Technical 664 Specification, Intelligent Transport Systems (ITS); 665 Security; ITS communications security architecture and 666 security management, November 2016. Downloaded on 667 September 9th, 2017, freely available from ETSI website at 668 URL http://www.etsi.org/deliver/ 669 etsi_ts/102900_102999/102940/01.02.01_60/ 670 ts_102940v010201p.pdf". 672 [I-D.ietf-ipwave-vehicular-networking] 673 Jeong, J., "IP Wireless Access in Vehicular Environments 674 (IPWAVE): Problem Statement and Use Cases", draft-ietf- 675 ipwave-vehicular-networking-09 (work in progress), May 676 2019. 678 [I-D.ietf-mboned-ieee802-mcast-problems] 679 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 680 Zuniga, "Multicast Considerations over IEEE 802 Wireless 681 Media", draft-ietf-mboned-ieee802-mcast-problems-05 (work 682 in progress), April 2019. 684 [IEEE-1609.2] 685 "IEEE SA - 1609.2-2016 - IEEE Standard for Wireless Access 686 in Vehicular Environments (WAVE) -- Security Services for 687 Applications and Management Messages. Example URL 688 http://ieeexplore.ieee.org/document/7426684/ accessed on 689 August 17th, 2017.". 691 [IEEE-1609.3] 692 "IEEE SA - 1609.3-2016 - IEEE Standard for Wireless Access 693 in Vehicular Environments (WAVE) -- Networking Services. 694 Example URL http://ieeexplore.ieee.org/document/7458115/ 695 accessed on August 17th, 2017.". 697 [IEEE-1609.4] 698 "IEEE SA - 1609.4-2016 - IEEE Standard for Wireless Access 699 in Vehicular Environments (WAVE) -- Multi-Channel 700 Operation. Example URL 701 http://ieeexplore.ieee.org/document/7435228/ accessed on 702 August 17th, 2017.". 704 [IEEE-802.11-2016] 705 "IEEE Standard 802.11-2016 - IEEE Standard for Information 706 Technology - Telecommunications and information exchange 707 between systems Local and metropolitan area networks - 708 Specific requirements - Part 11: Wireless LAN Medium 709 Access Control (MAC) and Physical Layer (PHY) 710 Specifications. Status - Active Standard. Description 711 retrieved freely; the document itself is also freely 712 available, but with some difficulty (requires 713 registration); description and document retrieved on April 714 8th, 2019, starting from URL 715 https://standards.ieee.org/findstds/ 716 standard/802.11-2016.html". 718 [IEEE-802.11p-2010] 719 "IEEE Std 802.11p (TM)-2010, IEEE Standard for Information 720 Technology - Telecommunications and information exchange 721 between systems - Local and metropolitan area networks - 722 Specific requirements, Part 11: Wireless LAN Medium Access 723 Control (MAC) and Physical Layer (PHY) Specifications, 724 Amendment 6: Wireless Access in Vehicular Environments; 725 document freely available at URL 726 http://standards.ieee.org/getieee802/ 727 download/802.11p-2010.pdf retrieved on September 20th, 728 2013.". 730 Appendix A. 802.11p 732 The term "802.11p" is an earlier definition. The behaviour of 733 "802.11p" networks is rolled in the document IEEE Std 802.11-2016. 734 In that document the term 802.11p disappears. Instead, each 802.11p 735 feature is conditioned by the IEEE Management Information Base (MIB) 736 attribute "OCBActivated" [IEEE-802.11-2016]. Whenever OCBActivated 737 is set to true the IEEE Std 802.11-OCB state is activated. For 738 example, an 802.11 STAtion operating outside the context of a basic 739 service set has the OCBActivated flag set. Such a station, when it 740 has the flag set, uses a BSS identifier equal to ff:ff:ff:ff:ff:ff. 742 Appendix B. Aspects introduced by the OCB mode to 802.11 744 In the IEEE 802.11-OCB mode, all nodes in the wireless range can 745 directly communicate with each other without involving authentication 746 or association procedures. In OCB mode, the manner in which channels 747 are selected and used is simplified compared to when in BSS mode. 748 Contrary to BSS mode, at link layer, it is necessary to set 749 statically the same channel number (or frequency) on two stations 750 that need to communicate with each other (in BSS mode this channel 751 set operation is performed automatically during 'scanning'). The 752 manner in which stations set their channel number in OCB mode is not 753 specified in this document. Stations STA1 and STA2 can exchange IP 754 packets only if they are set on the same channel. At IP layer, they 755 then discover each other by using the IPv6 Neighbor Discovery 756 protocol. The allocation of a particular channel for a particular 757 use is defined statically in standards authored by ETSI (in Europe), 758 FCC in America, and similar organisations in South Korea, Japan and 759 other parts of the world. 761 Briefly, the IEEE 802.11-OCB mode has the following properties: 763 o The use by each node of a 'wildcard' BSSID (i.e., each bit of the 764 BSSID is set to 1) 766 o No IEEE 802.11 Beacon frames are transmitted 768 o No authentication is required in order to be able to communicate 770 o No association is needed in order to be able to communicate 772 o No encryption is provided in order to be able to communicate 774 o Flag dot11OCBActivated is set to true 776 All the nodes in the radio communication range (IP-OBU and IP-RSU) 777 receive all the messages transmitted (IP-OBU and IP-RSU) within the 778 radio communications range. The eventual conflict(s) are resolved by 779 the MAC CDMA function. 781 The message exchange diagram in Figure 1 illustrates a comparison 782 between traditional 802.11 and 802.11 in OCB mode. The 'Data' 783 messages can be IP packets such as HTTP or others. Other 802.11 784 management and control frames (non IP) may be transmitted, as 785 specified in the 802.11 standard. For information, the names of 786 these messages as currently specified by the 802.11 standard are 787 listed in Appendix F. 789 STA AP STA1 STA2 790 | | | | 791 |<------ Beacon -------| |<------ Data -------->| 792 | | | | 793 |---- Probe Req. ----->| |<------ Data -------->| 794 |<--- Probe Res. ------| | | 795 | | |<------ Data -------->| 796 |---- Auth Req. ------>| | | 797 |<--- Auth Res. -------| |<------ Data -------->| 798 | | | | 799 |---- Asso Req. ------>| |<------ Data -------->| 800 |<--- Asso Res. -------| | | 801 | | |<------ Data -------->| 802 |<------ Data -------->| | | 803 |<------ Data -------->| |<------ Data -------->| 805 (i) 802.11 Infrastructure mode (ii) 802.11-OCB mode 807 Figure 1: Difference between messages exchanged on 802.11 (left) and 808 802.11-OCB (right) 810 The interface 802.11-OCB was specified in IEEE Std 802.11p (TM) -2010 811 [IEEE-802.11p-2010] as an amendment to IEEE Std 802.11 (TM) -2007, 812 titled "Amendment 6: Wireless Access in Vehicular Environments". 813 Since then, this amendment has been integrated in IEEE 802.11(TM) 814 -2012 and -2016 [IEEE-802.11-2016]. 816 In document 802.11-2016, anything qualified specifically as 817 "OCBActivated", or "outside the context of a basic service" set to be 818 true, then it is actually referring to OCB aspects introduced to 819 802.11. 821 In order to delineate the aspects introduced by 802.11-OCB to 802.11, 822 we refer to the earlier [IEEE-802.11p-2010]. The amendment is 823 concerned with vehicular communications, where the wireless link is 824 similar to that of Wireless LAN (using a PHY layer specified by 825 802.11a/b/g/n), but which needs to cope with the high mobility factor 826 inherent in scenarios of communications between moving vehicles, and 827 between vehicles and fixed infrastructure deployed along roads. 828 While 'p' is a letter identifying the Ammendment, just like 'a, b, g' 829 and 'n' are, 'p' is concerned more with MAC modifications, and a 830 little with PHY modifications; the others are mainly about PHY 831 modifications. It is possible in practice to combine a 'p' MAC with 832 an 'a' PHY by operating outside the context of a BSS with OFDM at 833 5.4GHz and 5.9GHz. 835 The 802.11-OCB links are specified to be compatible as much as 836 possible with the behaviour of 802.11a/b/g/n and future generation 837 IEEE WLAN links. From the IP perspective, an 802.11-OCB MAC layer 838 offers practically the same interface to IP as the 802.11a/b/g/n and 839 802.3. A packet sent by an IP-OBU may be received by one or multiple 840 IP-RSUs. The link-layer resolution is performed by using the IPv6 841 Neighbor Discovery protocol. 843 To support this similarity statement (IPv6 is layered on top of LLC 844 on top of 802.11-OCB, in the same way that IPv6 is layered on top of 845 LLC on top of 802.11a/b/g/n (for WLAN) or layered on top of LLC on 846 top of 802.3 (for Ethernet)) it is useful to analyze the differences 847 between 802.11-OCB and 802.11 specifications. During this analysis, 848 we note that whereas 802.11-OCB lists relatively complex and numerous 849 changes to the MAC layer (and very little to the PHY layer), there 850 are only a few characteristics which may be important for an 851 implementation transmitting IPv6 packets on 802.11-OCB links. 853 The most important 802.11-OCB point which influences the IPv6 854 functioning is the OCB characteristic; an additional, less direct 855 influence, is the maximum bandwidth afforded by the PHY modulation/ 856 demodulation methods and channel access specified by 802.11-OCB. The 857 maximum bandwidth theoretically possible in 802.11-OCB is 54 Mbit/s 858 (when using, for example, the following parameters: 20 MHz channel; 859 modulation 64-QAM; coding rate R is 3/4); in practice of IP-over- 860 802.11-OCB a commonly observed figure is 12Mbit/s; this bandwidth 861 allows the operation of a wide range of protocols relying on IPv6. 863 o Operation Outside the Context of a BSS (OCB): the (earlier 864 802.11p) 802.11-OCB links are operated without a Basic Service Set 865 (BSS). This means that the frames IEEE 802.11 Beacon, Association 866 Request/Response, Authentication Request/Response, and similar, 867 are not used. The used identifier of BSS (BSSID) has a 868 hexadecimal value always 0xffffffffffff (48 '1' bits, represented 869 as MAC address ff:ff:ff:ff:ff:ff, or otherwise the 'wildcard' 870 BSSID), as opposed to an arbitrary BSSID value set by 871 administrator (e.g. 'My-Home-AccessPoint'). The OCB operation - 872 namely the lack of beacon-based scanning and lack of 873 authentication - should be taken into account when the Mobile IPv6 874 protocol [RFC6275] and the protocols for IP layer security 875 [RFC4301] are used. The way these protocols adapt to OCB is not 876 described in this document. 878 o Timing Advertisement: is a new message defined in 802.11-OCB, 879 which does not exist in 802.11a/b/g/n. This message is used by 880 stations to inform other stations about the value of time. It is 881 similar to the time as delivered by a GNSS system (Galileo, GPS, 882 ...) or by a cellular system. This message is optional for 883 implementation. 885 o Frequency range: this is a characteristic of the PHY layer, with 886 almost no impact on the interface between MAC and IP. However, it 887 is worth considering that the frequency range is regulated by a 888 regional authority (ARCEP, ECC/CEPT based on ENs from ETSI, FCC, 889 etc.); as part of the regulation process, specific applications 890 are associated with specific frequency ranges. In the case of 891 802.11-OCB, the regulator associates a set of frequency ranges, or 892 slots within a band, to the use of applications of vehicular 893 communications, in a band known as "5.9GHz". The 5.9GHz band is 894 different from the 2.4GHz and 5GHz bands used by Wireless LAN. 895 However, as with Wireless LAN, the operation of 802.11-OCB in 896 "5.9GHz" bands is exempt from owning a license in EU (in US the 897 5.9GHz is a licensed band of spectrum; for the fixed 898 infrastructure an explicit FCC authorization is required; for an 899 on-board device a 'licensed-by-rule' concept applies: rule 900 certification conformity is required.) Technical conditions are 901 different than those of the bands "2.4GHz" or "5GHz". The allowed 902 power levels, and implicitly the maximum allowed distance between 903 vehicles, is of 33dBm for 802.11-OCB (in Europe), compared to 20 904 dBm for Wireless LAN 802.11a/b/g/n; this leads to a maximum 905 distance of approximately 1km, compared to approximately 50m. 906 Additionally, specific conditions related to congestion avoidance, 907 jamming avoidance, and radar detection are imposed on the use of 908 DSRC (in US) and on the use of frequencies for Intelligent 909 Transportation Systems (in EU), compared to Wireless LAN 910 (802.11a/b/g/n). 912 o 'Half-rate' encoding: as the frequency range, this parameter is 913 related to PHY, and thus has not much impact on the interface 914 between the IP layer and the MAC layer. 916 o In vehicular communications using 802.11-OCB links, there are 917 strong privacy requirements with respect to addressing. While the 918 802.11-OCB standard does not specify anything in particular with 919 respect to MAC addresses, in these settings there exists a strong 920 need for dynamic change of these addresses (as opposed to the non- 921 vehicular settings - real wall protection - where fixed MAC 922 addresses do not currently pose some privacy risks). This is 923 further described in Section 5. A relevant function is described 924 in documents IEEE 1609.3-2016 [IEEE-1609.3] and IEEE 1609.4-2016 925 [IEEE-1609.4]. 927 Appendix C. Changes Needed on a software driver 802.11a to become a 928 802.11-OCB driver 930 The 802.11p amendment modifies both the 802.11 stack's physical and 931 MAC layers but all the induced modifications can be quite easily 932 obtained by modifying an existing 802.11a ad-hoc stack. 934 Conditions for a 802.11a hardware to be 802.11-OCB compliant: 936 o The PHY entity shall be an orthogonal frequency division 937 multiplexing (OFDM) system. It must support the frequency bands 938 on which the regulator recommends the use of ITS communications, 939 for example using IEEE 802.11-OCB layer, in France: 5875MHz to 940 5925MHz. 942 o The OFDM system must provide a "half-clocked" operation using 10 943 MHz channel spacings. 945 o The chip transmit spectrum mask must be compliant to the "Transmit 946 spectrum mask" from the IEEE 802.11p amendment (but experimental 947 environments tolerate otherwise). 949 o The chip should be able to transmit up to 44.8 dBm when used by 950 the US government in the United States, and up to 33 dBm in 951 Europe; other regional conditions apply. 953 Changes needed on the network stack in OCB mode: 955 o Physical layer: 957 * The chip must use the Orthogonal Frequency Multiple Access 958 (OFDM) encoding mode. 960 * The chip must be set in half-mode rate mode (the internal clock 961 frequency is divided by two). 963 * The chip must use dedicated channels and should allow the use 964 of higher emission powers. This may require modifications to 965 the local computer file that describes regulatory domains 966 rules, if used by the kernel to enforce local specific 967 restrictions. Such modifications to the local computer file 968 must respect the location-specific regulatory rules. 970 MAC layer: 972 * All management frames (beacons, join, leave, and others) 973 emission and reception must be disabled except for frames of 974 subtype Action and Timing Advertisement (defined below). 976 * No encryption key or method must be used. 978 * Packet emission and reception must be performed as in ad-hoc 979 mode, using the wildcard BSSID (ff:ff:ff:ff:ff:ff). 981 * The functions related to joining a BSS (Association Request/ 982 Response) and for authentication (Authentication Request/Reply, 983 Challenge) are not called. 985 * The beacon interval is always set to 0 (zero). 987 * Timing Advertisement frames, defined in the amendment, should 988 be supported. The upper layer should be able to trigger such 989 frames emission and to retrieve information contained in 990 received Timing Advertisements. 992 Appendix D. Protocol Layering 994 A more theoretical and detailed view of layer stacking, and 995 interfaces between the IP layer and 802.11-OCB layers, is illustrated 996 in Figure 2. The IP layer operates on top of the EtherType Protocol 997 Discrimination (EPD); this Discrimination layer is described in IEEE 998 Std 802.3-2012; the interface between IPv6 and EPD is the LLC_SAP 999 (Link Layer Control Service Access Point). 1001 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1002 | IPv6 | 1003 +-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ 1004 { LLC_SAP } 802.11-OCB 1005 +-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ Boundary 1006 | EPD | | | 1007 | | MLME | | 1008 +-+-+-{ MAC_SAP }+-+-+-| MLME_SAP | 1009 | MAC Sublayer | | | 802.11-OCB 1010 | and ch. coord. | | SME | Services 1011 +-+-+-{ PHY_SAP }+-+-+-+-+-+-+-| | 1012 | | PLME | | 1013 | PHY Layer | PLME_SAP | 1014 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1016 Figure 2: EtherType Protocol Discrimination 1018 Appendix E. Design Considerations 1020 The networks defined by 802.11-OCB are in many ways similar to other 1021 networks of the 802.11 family. In theory, the encapsulation of IPv6 1022 over 802.11-OCB could be very similar to the operation of IPv6 over 1023 other networks of the 802.11 family. However, the high mobility, 1024 strong link asymmetry and very short connection makes the 802.11-OCB 1025 link significantly different from other 802.11 networks. Also, the 1026 automotive applications have specific requirements for reliability, 1027 security and privacy, which further add to the particularity of the 1028 802.11-OCB link. 1030 Appendix F. IEEE 802.11 Messages Transmitted in OCB mode 1032 For information, at the time of writing, this is the list of IEEE 1033 802.11 messages that may be transmitted in OCB mode, i.e. when 1034 dot11OCBActivated is true in a STA: 1036 o The STA may send management frames of subtype Action and, if the 1037 STA maintains a TSF Timer, subtype Timing Advertisement; 1039 o The STA may send control frames, except those of subtype PS-Poll, 1040 CF-End, and CF-End plus CFAck; 1042 o The STA MUST send data frames of subtype QoS Data. 1044 Appendix G. Examples of Packet Formats 1046 This section describes an example of an IPv6 Packet captured over a 1047 IEEE 802.11-OCB link. 1049 By way of example we show that there is no modification in the 1050 headers when transmitted over 802.11-OCB networks - they are 1051 transmitted like any other 802.11 and Ethernet packets. 1053 We describe an experiment of capturing an IPv6 packet on an 1054 802.11-OCB link. In topology depicted in Figure 3, the packet is an 1055 IPv6 Router Advertisement. This packet is emitted by a Router on its 1056 802.11-OCB interface. The packet is captured on the Host, using a 1057 network protocol analyzer (e.g. Wireshark); the capture is performed 1058 in two different modes: direct mode and 'monitor' mode. The topology 1059 used during the capture is depicted below. 1061 The packet is captured on the Host. The Host is an IP-OBU containing 1062 an 802.11 interface in format PCI express (an ITRI product). The 1063 kernel runs the ath5k software driver with modifications for OCB 1064 mode. The capture tool is Wireshark. The file format for save and 1065 analyze is 'pcap'. The packet is generated by the Router. The 1066 Router is an IP-RSU (ITRI product). 1068 +--------+ +-------+ 1069 | | 802.11-OCB Link | | 1070 ---| Router |--------------------------------| Host | 1071 | | | | 1072 +--------+ +-------+ 1074 Figure 3: Topology for capturing IP packets on 802.11-OCB 1076 During several capture operations running from a few moments to 1077 several hours, no message relevant to the BSSID contexts were 1078 captured (no Association Request/Response, Authentication Req/Resp, 1079 Beacon). This shows that the operation of 802.11-OCB is outside the 1080 context of a BSSID. 1082 Overall, the captured message is identical with a capture of an IPv6 1083 packet emitted on a 802.11b interface. The contents are precisely 1084 similar. 1086 G.1. Capture in Monitor Mode 1088 The IPv6 RA packet captured in monitor mode is illustrated below. 1089 The radio tap header provides more flexibility for reporting the 1090 characteristics of frames. The Radiotap Header is prepended by this 1091 particular stack and operating system on the Host machine to the RA 1092 packet received from the network (the Radiotap Header is not present 1093 on the air). The implementation-dependent Radiotap Header is useful 1094 for piggybacking PHY information from the chip's registers as data in 1095 a packet understandable by userland applications using Socket 1096 interfaces (the PHY interface can be, for example: power levels, data 1097 rate, ratio of signal to noise). 1099 The packet present on the air is formed by IEEE 802.11 Data Header, 1100 Logical Link Control Header, IPv6 Base Header and ICMPv6 Header. 1102 Radiotap Header v0 1103 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1104 |Header Revision| Header Pad | Header length | 1105 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1106 | Present flags | 1107 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1108 | Data Rate | Pad | 1109 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1111 IEEE 802.11 Data Header 1112 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1113 | Type/Subtype and Frame Ctrl | Duration | 1114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1115 | Receiver Address... 1116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1117 ... Receiver Address | Transmitter Address... 1118 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1119 ... Transmitter Address | 1120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1121 | BSS Id... 1122 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1123 ... BSS Id | Frag Number and Seq Number | 1124 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1126 Logical-Link Control Header 1127 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1128 | DSAP |I| SSAP |C| Control field | Org. code... 1129 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1130 ... Organizational Code | Type | 1131 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1133 IPv6 Base Header 1134 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1135 |Version| Traffic Class | Flow Label | 1136 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1137 | Payload Length | Next Header | Hop Limit | 1138 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1139 | | 1140 + + 1141 | | 1142 + Source Address + 1143 | | 1144 + + 1145 | | 1146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1147 | | 1148 + + 1149 | | 1150 + Destination Address + 1151 | | 1152 + + 1153 | | 1154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1156 Router Advertisement 1157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1158 | Type | Code | Checksum | 1159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1160 | Cur Hop Limit |M|O| Reserved | Router Lifetime | 1161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1162 | Reachable Time | 1163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1164 | Retrans Timer | 1165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1166 | Options ... 1167 +-+-+-+-+-+-+-+-+-+-+-+- 1169 The value of the Data Rate field in the Radiotap header is set to 6 1170 Mb/s. This indicates the rate at which this RA was received. 1172 The value of the Transmitter address in the IEEE 802.11 Data Header 1173 is set to a 48bit value. The value of the destination address is 1174 33:33:00:00:00:1 (all-nodes multicast address). The value of the BSS 1175 Id field is ff:ff:ff:ff:ff:ff, which is recognized by the network 1176 protocol analyzer as being "broadcast". The Fragment number and 1177 sequence number fields are together set to 0x90C6. 1179 The value of the Organization Code field in the Logical-Link Control 1180 Header is set to 0x0, recognized as "Encapsulated Ethernet". The 1181 value of the Type field is 0x86DD (hexadecimal 86DD, or otherwise 1182 #86DD), recognized as "IPv6". 1184 A Router Advertisement is periodically sent by the router to 1185 multicast group address ff02::1. It is an icmp packet type 134. The 1186 IPv6 Neighbor Discovery's Router Advertisement message contains an 1187 8-bit field reserved for single-bit flags, as described in [RFC4861]. 1189 The IPv6 header contains the link local address of the router 1190 (source) configured via EUI-64 algorithm, and destination address set 1191 to ff02::1. 1193 The Ethernet Type field in the logical-link control header is set to 1194 0x86dd which indicates that the frame transports an IPv6 packet. In 1195 the IEEE 802.11 data, the destination address is 33:33:00:00:00:01 1196 which is the corresponding multicast MAC address. The BSS id is a 1197 broadcast address of ff:ff:ff:ff:ff:ff. Due to the short link 1198 duration between vehicles and the roadside infrastructure, there is 1199 no need in IEEE 802.11-OCB to wait for the completion of association 1200 and authentication procedures before exchanging data. IEEE 1201 802.11-OCB enabled nodes use the wildcard BSSID (a value of all 1s) 1202 and may start communicating as soon as they arrive on the 1203 communication channel. 1205 G.2. Capture in Normal Mode 1207 The same IPv6 Router Advertisement packet described above (monitor 1208 mode) is captured on the Host, in the Normal mode, and depicted 1209 below. 1211 Ethernet II Header 1212 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1213 | Destination... 1214 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1215 ...Destination | Source... 1216 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1217 ...Source | 1218 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1219 | Type | 1220 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1222 IPv6 Base Header 1223 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1224 |Version| Traffic Class | Flow Label | 1225 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1226 | Payload Length | Next Header | Hop Limit | 1227 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1228 | | 1229 + + 1230 | | 1231 + Source Address + 1232 | | 1233 + + 1234 | | 1235 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1236 | | 1237 + + 1238 | | 1239 + Destination Address + 1240 | | 1241 + + 1242 | | 1243 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1245 Router Advertisement 1246 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1247 | Type | Code | Checksum | 1248 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1249 | Cur Hop Limit |M|O| Reserved | Router Lifetime | 1250 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1251 | Reachable Time | 1252 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1253 | Retrans Timer | 1254 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1255 | Options ... 1256 +-+-+-+-+-+-+-+-+-+-+-+- 1258 One notices that the Radiotap Header, the IEEE 802.11 Data Header and 1259 the Logical-Link Control Headers are not present. On the other hand, 1260 a new header named Ethernet II Header is present. 1262 The Destination and Source addresses in the Ethernet II header 1263 contain the same values as the fields Receiver Address and 1264 Transmitter Address present in the IEEE 802.11 Data Header in the 1265 "monitor" mode capture. 1267 The value of the Type field in the Ethernet II header is 0x86DD 1268 (recognized as "IPv6"); this value is the same value as the value of 1269 the field Type in the Logical-Link Control Header in the "monitor" 1270 mode capture. 1272 The knowledgeable experimenter will no doubt notice the similarity of 1273 this Ethernet II Header with a capture in normal mode on a pure 1274 Ethernet cable interface. 1276 A frame translation is inserted on top of a pure IEEE 802.11 MAC 1277 layer, in order to adapt packets, before delivering the payload data 1278 to the applications. It adapts 802.11 LLC/MAC headers to Ethernet II 1279 headers. In further detail, this adaptation consists in the 1280 elimination of the Radiotap, 802.11 and LLC headers, and in the 1281 insertion of the Ethernet II header. In this way, IPv6 runs straight 1282 over LLC over the 802.11-OCB MAC layer; this is further confirmed by 1283 the use of the unique Type 0x86DD. 1285 Appendix H. Extra Terminology 1287 The following terms are defined outside the IETF. They are used to 1288 define the main terms in the main terminology section Section 2. 1290 DSRC (Dedicated Short Range Communication): a term defined outside 1291 the IETF. The US Federal Communications Commission (FCC) Dedicated 1292 Short Range Communication (DSRC) is defined in the Code of Federal 1293 Regulations (CFR) 47, Parts 90 and 95. This Code is referred in the 1294 definitions below. At the time of the writing of this Internet 1295 Draft, the last update of this Code was dated October 1st, 2010. 1297 DSRCS (Dedicated Short-Range Communications Services): a term defined 1298 outside the IETF. The use of radio techniques to transfer data over 1299 short distances between roadside and mobile units, between mobile 1300 units, and between portable and mobile units to perform operations 1301 related to the improvement of traffic flow, traffic safety, and other 1302 intelligent transportation service applications in a variety of 1303 environments. DSRCS systems may also transmit status and 1304 instructional messages related to the units involve. [Ref. 47 CFR 1305 90.7 - Definitions] 1306 OBU (On-Board Unit): a term defined outside the IETF. An On-Board 1307 Unit is a DSRCS transceiver that is normally mounted in or on a 1308 vehicle, or which in some instances may be a portable unit. An OBU 1309 can be operational while a vehicle or person is either mobile or 1310 stationary. The OBUs receive and contend for time to transmit on one 1311 or more radio frequency (RF) channels. Except where specifically 1312 excluded, OBU operation is permitted wherever vehicle operation or 1313 human passage is permitted. The OBUs mounted in vehicles are 1314 licensed by rule under part 95 of the respective chapter and 1315 communicate with Roadside Units (RSUs) and other OBUs. Portable OBUs 1316 are also licensed by rule under part 95 of the respective chapter. 1317 OBU operations in the Unlicensed National Information Infrastructure 1318 (UNII) Bands follow the rules in those bands. - [CFR 90.7 - 1319 Definitions]. 1321 RSU (Road-Side Unit): a term defined outside of IETF. A Roadside 1322 Unit is a DSRC transceiver that is mounted along a road or pedestrian 1323 passageway. An RSU may also be mounted on a vehicle or is hand 1324 carried, but it may only operate when the vehicle or hand- carried 1325 unit is stationary. Furthermore, an RSU operating under the 1326 respectgive part is restricted to the location where it is licensed 1327 to operate. However, portable or hand-held RSUs are permitted to 1328 operate where they do not interfere with a site-licensed operation. 1329 A RSU broadcasts data to OBUs or exchanges data with OBUs in its 1330 communications zone. An RSU also provides channel assignments and 1331 operating instructions to OBUs in its communications zone, when 1332 required. - [CFR 90.7 - Definitions]. 1334 Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless Links 1336 IPv6 Neighbor Discovery (IPv6 ND) [RFC4861][RFC4862] was designed for 1337 point-to-point and transit links such as Ethernet, with the 1338 expectation of a cheap and reliable support for multicast from the 1339 lower layer. Section 3.2 of RFC 4861 indicates that the operation on 1340 Shared Media and on non-broadcast multi-access (NBMA) networks 1341 require additional support, e.g., for Address Resolution (AR) and 1342 duplicate address detection (DAD), which depend on multicast. An 1343 infrastructureless radio network such as OCB shares properties with 1344 both Shared Media and NBMA networks, and then adds its own 1345 complexity, e.g., from movement and interference that allow only 1346 transient and non-transitive reachability between any set of peers. 1348 The uniqueness of an address within a scoped domain is a key pillar 1349 of IPv6 and the base for unicast IP communication. RFC 4861 details 1350 the DAD method to avoid that an address is duplicated. For a link 1351 local address, the scope is the link, whereas for a Globally 1352 Reachable address the scope is much larger. The underlying 1353 assumption for DAD to operate correctly is that the node that owns an 1354 IPv6 address can reach any other node within the scope at the time it 1355 claims its address, which is done by sending a NS multicast message, 1356 and can hear any future claim for that address by another party 1357 within the scope for the duration of the address ownership. 1359 In the case of OCB, there is a potentially a need to define a scope 1360 that is compatible with DAD, and that cannot be the set of nodes that 1361 a transmitter can reach at a particular time, because that set varies 1362 all the time and does not meet the DAD requirements for a link local 1363 address that could possibly be used anytime, anywhere. The generic 1364 expectation of a reliable multicast is not ensured, and the operation 1365 of DAD and AR (Address Resolution) as specificed by RFC 4861 cannot 1366 be guaranteed. Moreoever, multicast transmissions that rely on 1367 broadcast are not only unreliable but are also often detrimental to 1368 unicast traffic (see [draft-ietf-mboned-ieee802-mcast-problems]). 1370 Early experience indicates that it should be possible to exchange 1371 IPv6 packets over OCB while relying on IPv6 ND alone for DAD and AR 1372 (Address Resolution) in good conditions. In the absence of a correct 1373 DAD operation, a node that relies only on IPv6 ND for AR and DAD over 1374 OCB should ensure that the addresses that it uses are unique by means 1375 others than DAD. It must be noted that deriving an IPv6 address from 1376 a globally unique MAC address has this property but may yield privacy 1377 issues. 1379 RFC 8505 provides a more recent approach to IPv6 ND and in particular 1380 DAD. RFC 8505 is designed to fit wireless and otherwise constrained 1381 networks whereby multicast and/or continuous access to the medium may 1382 not be guaranteed. RFC 8505 Section 5.6 "Link-Local Addresses and 1383 Registration" indicates that the scope of uniqueness for a link local 1384 address is restricted to a pair of nodes that use it to communicate, 1385 and provides a method to assert the uniqueness and resolve the link- 1386 Layer address using a unicast exchange. 1388 RFC 8505 also enables a router (acting as a 6LR) to own a prefix and 1389 act as a registrar (acting as a 6LBR) for addresses within the 1390 associated subnet. A peer host (acting as a 6LN) registers an 1391 address derived from that prefix and can use it for the lifetime of 1392 the registration. The prefix is advertised as not onlink, which 1393 means that the 6LN uses the 6LR to relay its packets within the 1394 subnet, and participation to the subnet is constrained to the time of 1395 reachability to the 6LR. Note that RSU that provides internet 1396 connectivity MAY announce a default router preference [RFC 4191], 1397 whereas a car that does not provide that connectivity MUST NOT do so. 1398 This operation presents similarities with that of an access point, 1399 but at Layer-3. This is why RFC 8505 well-suited for wireless in 1400 general. 1402 Support of RFC 8505 may be implemented on OCB. OCB nodes that 1403 support RFC 8505 SHOULD support the 6LN operation in order to act as 1404 a host, and may support the 6LR and 6LBR operations in order to act 1405 as a router and in particular own a prefix that can be used by RFC 1406 8505-compliant hosts for address autoconfiguration and registration. 1408 Authors' Addresses 1410 Nabil Benamar 1411 Moulay Ismail University 1412 Morocco 1414 Phone: +212670832236 1415 Email: n.benamar@est.umi.ac.ma 1417 Jerome Haerri 1418 Eurecom 1419 Sophia-Antipolis 06904 1420 France 1422 Phone: +33493008134 1423 Email: Jerome.Haerri@eurecom.fr 1425 Jong-Hyouk Lee 1426 Sangmyung University 1427 31, Sangmyeongdae-gil, Dongnam-gu 1428 Cheonan 31066 1429 Republic of Korea 1431 Email: jonghyouk@smu.ac.kr 1433 Thierry Ernst 1434 YoGoKo 1435 France 1437 Email: thierry.ernst@yogoko.fr