idnits 2.17.1 draft-ietf-ipwave-ipv6-over-80211ocb-50.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 20, 2019) is 1741 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'IEEE-802.11-2016' ** Obsolete normative reference: RFC 7042 (Obsoleted by RFC 9542) == Outdated reference: A later version (-30) exists of draft-ietf-ipwave-vehicular-networking-11 == Outdated reference: A later version (-15) exists of draft-ietf-mboned-ieee802-mcast-problems-06 Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPWAVE Working Group N. Benamar 3 Internet-Draft Moulay Ismail University of Meknes 4 Intended status: Standards Track J. Haerri 5 Expires: January 21, 2020 Eurecom 6 J. Lee 7 Sangmyung University 8 T. Ernst 9 YoGoKo 10 July 20, 2019 12 Basic Support for IPv6 over IEEE Std 802.11 Networks Operating Outside 13 the Context of a Basic Service Set (IPv6-over-80211-OCB) 14 draft-ietf-ipwave-ipv6-over-80211ocb-50 16 Abstract 18 This document provides methods and settings, and describes 19 limitations, for using IPv6 to communicate among nodes in range of 20 one another over a single IEEE 802.11-OCB link. This support does 21 only require minimal changes to existing stacks. Optimizations and 22 usage of IPv6 over more complex scenarios is not covered in this 23 specification and is subject of future work. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on January 21, 2020. 42 Copyright Notice 44 Copyright (c) 2019 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. Communication Scenarios where IEEE 802.11-OCB Links are Used 4 62 4. IPv6 over 802.11-OCB . . . . . . . . . . . . . . . . . . . . 4 63 4.1. Maximum Transmission Unit (MTU) . . . . . . . . . . . . . 4 64 4.2. Frame Format . . . . . . . . . . . . . . . . . . . . . . 5 65 4.3. Link-Local Addresses . . . . . . . . . . . . . . . . . . 5 66 4.4. Stateless Autoconfiguration . . . . . . . . . . . . . . . 5 67 4.5. Address Mapping . . . . . . . . . . . . . . . . . . . . . 6 68 4.5.1. Address Mapping -- Unicast . . . . . . . . . . . . . 6 69 4.5.2. Address Mapping -- Multicast . . . . . . . . . . . . 6 70 4.6. Subnet Structure . . . . . . . . . . . . . . . . . . . . 7 71 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 72 5.1. Privacy Considerations . . . . . . . . . . . . . . . . . 8 73 5.1.1. Privacy Risks of Meaningful info in Interface IDs . . 9 74 5.2. MAC Address and Interface ID Generation . . . . . . . . . 9 75 5.3. Pseudonym Handling . . . . . . . . . . . . . . . . . . . 10 76 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 77 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 10 78 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 79 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 80 9.1. Normative References . . . . . . . . . . . . . . . . . . 12 81 9.2. Informative References . . . . . . . . . . . . . . . . . 14 82 Appendix A. 802.11p . . . . . . . . . . . . . . . . . . . . . . 16 83 Appendix B. Aspects introduced by the OCB mode to 802.11 . . . . 16 84 Appendix C. Changes Needed on a software driver 802.11a to 85 become a 802.11-OCB driver . . . . . . . . . . . . . 21 86 Appendix D. Protocol Layering . . . . . . . . . . . . . . . . . 22 87 Appendix E. Design Considerations . . . . . . . . . . . . . . . 23 88 Appendix F. IEEE 802.11 Messages Transmitted in OCB mode . . . . 23 89 Appendix G. Examples of Packet Formats . . . . . . . . . . . . . 23 90 G.1. Capture in Monitor Mode . . . . . . . . . . . . . . . . . 24 91 G.2. Capture in Normal Mode . . . . . . . . . . . . . . . . . 27 92 Appendix H. Extra Terminology . . . . . . . . . . . . . . . . . 29 93 Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless 94 Links . . . . . . . . . . . . . . . . . . . . . . . 30 95 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 32 97 1. Introduction 99 This document provides a baseline with limitations for using IPv6 to 100 communicate among nodes in range of one another over a single IEEE 101 802.11-OCB link [IEEE-802.11-2016] (a.k.a., "802.11p" see Appendix A, 102 Appendix B and Appendix C) with minimal changes to existing stacks. 103 Moreover, the document identifies limitations of such usage. 104 Concretely, the document describes the layering of IPv6 networking on 105 top of the IEEE Std 802.11 MAC layer or an IEEE Std 802.3 MAC layer 106 with a frame translation underneath. The resulting stack inherits 107 from IPv6 over Ethernet [RFC2464], but operates over 802.11-OCB to 108 provide at least P2P (Point to Point) connectivity using IPv6 ND and 109 link-local addresses. 111 The IPv6 network layer operates on 802.11-OCB in the same manner as 112 operating on Ethernet with the following exceptions: 114 o Exceptions due to different operation of IPv6 network layer on 115 802.11 than on Ethernet. The operation of IP on Ethernet is 116 described in [RFC1042] and [RFC2464]. 118 o Exceptions due to the OCB nature of 802.11-OCB compared to 802.11. 119 This has impacts on security, privacy, subnet structure and 120 movement detection. Security and privacy recommendations are 121 discussed in Section 5 and Section 4.4. The subnet structure is 122 described in Section 4.6. The movement detection on OCB links is 123 not described in this document. Likewise, ND Extensions and 124 IPWAVE optimizations for vehicular communications are not in 125 scope. The expectation is that further specifications will be 126 edited to cover more complex vehicular networking scenarios. 128 The reader may refer to [I-D.ietf-ipwave-vehicular-networking] for an 129 overview of problems related to running IPv6 over 802.11-OCB. It is 130 out of scope of this document to reiterate those. 132 2. Terminology 134 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 135 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 136 "OPTIONAL" in this document are to be interpreted as described in BCP 137 14 [RFC2119] [RFC8174] when, and only when, they appear in all 138 capitals, as shown here. 140 The document makes uses of the following terms: IP-OBU (Internet 141 Protocol On-Board Unit): an IP-OBU denotes a computer situated in a 142 vehicle such as a car, bicycle, or similar. It has at least one IP 143 interface that runs in mode OCB of 802.11, and that has an "OBU" 144 transceiver. See the definition of the term "OBU" in section 145 Appendix H. 147 IP-RSU (IP Road-Side Unit): an IP-RSU is situated along the road. It 148 has at least two distinct IP-enabled interfaces. The wireless PHY/ 149 MAC layer of at least one of its IP-enabled interfaces is configured 150 to operate in 802.11-OCB mode. An IP-RSU communicates with the IP- 151 OBU in the vehicle over 802.11 wireless link operating in OCB mode. 152 An IP-RSU is similar to an Access Network Router (ANR) defined in 153 [RFC3753], and a Wireless Termination Point (WTP) defined in 154 [RFC5415]. 156 OCB (outside the context of a basic service set - BSS): is a mode of 157 operation in which a STA is not a member of a BSS and does not 158 utilize IEEE Std 802.11 authentication, association, or data 159 confidentiality. 161 802.11-OCB: refers to the mode specified in IEEE Std 802.11-2016 when 162 the MIB attribute dot11OCBActivited is 'true'. 164 3. Communication Scenarios where IEEE 802.11-OCB Links are Used 166 The IEEE 802.11-OCB networks are used for vehicular communications, 167 as 'Wireless Access in Vehicular Environments'. In particular, we 168 refer the reader to [I-D.ietf-ipwave-vehicular-networking], that 169 lists some scenarios and requirements for IP in Intelligent 170 Transportation Systems (ITS). 172 The link model is the following: STA --- 802.11-OCB --- STA. In 173 vehicular networks, STAs can be IP-RSUs and/or IP-OBUs. All links 174 are assumed to be P2P and multiple links can be on one radio 175 interface. While 802.11-OCB is clearly specified, and a legacy IPv6 176 stack can operate on such links, the use of the operating environment 177 (vehicular networks) brings in new perspectives. 179 4. IPv6 over 802.11-OCB 181 4.1. Maximum Transmission Unit (MTU) 183 The default MTU for IP packets on 802.11-OCB is inherited from 184 [RFC2464] and is, as such, 1500 octets. This value of the MTU 185 respects the recommendation that every link on the Internet must have 186 a minimum MTU of 1280 octets (stated in [RFC8200], and the 187 recommendations therein, especially with respect to fragmentation). 189 4.2. Frame Format 191 IP packets MUST be transmitted over 802.11-OCB media as QoS Data 192 frames whose format is specified in IEEE 802.11 spec 193 [IEEE-802.11-2016]. 195 The IPv6 packet transmitted on 802.11-OCB are immediately preceded by 196 a Logical Link Control (LLC) header and an 802.11 header. In the LLC 197 header, and in accordance with the EtherType Protocol Discrimination 198 (EPD, see Appendix D), the value of the Type field MUST be set to 199 0x86DD (IPv6). The mapping to the 802.11 data service SHOULD use a 200 'priority' value of 1 (QoS with a 'Background' user priority), 201 reserving higher priority values for safety-critical and time- 202 sensitive traffic, including the ones listed in [ETSI-sec-archi]. 204 To simplify the Application Programming Interface (API) between the 205 operating system and the 802.11-OCB media, device drivers MAY 206 implement IPv6-over-Ethernet as per [RFC2464] and then a frame 207 translation from 802.3 to 802.11 in order to minimize the code 208 changes. 210 4.3. Link-Local Addresses 212 There are several types of IPv6 addresses [RFC4291], [RFC4193], that 213 may be assigned to an 802.11-OCB interface. Among these types of 214 addresses only the IPv6 link-local addresses can be formed using an 215 EUI-64 identifier, in particular during transition time. 217 If the IPv6 link-local address is formed using an EUI-64 identifier, 218 then the mechanism of forming that address is the same mechanism as 219 used to form an IPv6 link-local address on Ethernet links. Moreover, 220 whether or not the interface identifier is derived from the EUI-64 A 221 identifier, its length is 64 bits as is the case for Ethernet 222 [RFC2464]. 224 4.4. Stateless Autoconfiguration 226 The steps a host takes in deciding how to autoconfigure its 227 interfaces in IPv6 are described in [RFC4862]. This section 228 describes the formation of Interface Identifiers for IPv6 addresses 229 of type 'Global' or 'Unique Local'. Interface Identifiers for IPv6 230 address of type 'Link-Local' are discussed in Section 4.3. 232 The RECOMMENDED method for forming stable Interface Identifiers 233 (IIDs) is described in [RFC8064]. The method of forming IIDs 234 described in Section 4 of [RFC2464] MAY be used during transition 235 time, in particular for IPv6 link-local addresses. Regardless of how 236 to form the IID, its length is 64 bits, similarely to IPv6 over 237 Ethernet [RFC2464]. 239 The bits in the IID have no specific meaning and the identifier 240 should be treated as an opaque value. The bits 'Universal' and 241 'Group' in the identifier of an 802.11-OCB interface are significant, 242 as this is an IEEE link-layer address. The details of this 243 significance are described in [RFC7136]. 245 Semantically opaque IIDs, instead of meaningful IIDs derived from a 246 valid and meaningful MAC address ([RFC2464], Section 4), help avoid 247 certain privacy risks (see the risks mentioned in Section 5.1.1). If 248 semantically opaque IIDs are needed, they may be generated using the 249 method for generating semantically opaque IIDs with IPv6 Stateless 250 Address Autoconfiguration given in [RFC7217]. Typically, an opaque 251 IID is formed starting from identifiers different than the MAC 252 addresses, and from cryptographically strong material. Thus, privacy 253 sensitive information is absent from Interface IDs, because it is 254 impossible to calculate back the initial value from which the 255 Interface ID was first generated. 257 Some applications that use IPv6 packets on 802.11-OCB links (among 258 other link types) may benefit from IPv6 addresses whose IIDs don't 259 change too often. It is RECOMMENDED to use the mechanisms described 260 in RFC 7217 to permit the use of Stable IIDs that do not change 261 within one subnet prefix. A possible source for the Net-Iface 262 Parameter is a virtual interface name, or logical interface name, 263 that is decided by a local administrator. 265 4.5. Address Mapping 267 Unicast and multicast address mapping MUST follow the procedures 268 specified for Ethernet interfaces specified in Sections 6 and 7 of 269 [RFC2464]. 271 4.5.1. Address Mapping -- Unicast 273 This document is scoped for Address Resolution (AR) and Duplicate 274 Address Detection (DAD) per [RFC4862]. 276 4.5.2. Address Mapping -- Multicast 278 The multicast address mapping is performed according to the method 279 specified in section 7 of [RFC2464]. The meaning of the value "3333" 280 mentioned there is defined in section 2.3.1 of [RFC7042]. 282 Transmitting IPv6 packets to multicast destinations over 802.11 links 283 proved to have some performance issues 285 [I-D.ietf-mboned-ieee802-mcast-problems]. These issues may be 286 exacerbated in OCB mode.A A future improvement to this specification 287 should consider solutions for these problems. 289 4.6. Subnet Structure 291 When vehicles are in close range, a subnet may be formed over 292 802.11-OCB interfaces (not by their in-vehicle interfaces). A Prefix 293 List conceptual data structure ([RFC4861] Section 5.1) is maintained 294 for each 802.11-OCB interface. 296 IPv6 Neighbor Discovery protocol (ND) requires reflexive properties 297 (bidirectional connectivity) which is generally, though not always, 298 the case for P2P OCB links. IPv6 ND also requires transitive 299 properties for DAD and AR, so an IPv6 subnet can be mapped on an OCB 300 network only if all nodes in the network share a single physical 301 broadcast domain. The extension to IPv6 ND operating on a subnet 302 that covers multiple OCB links and not fully overlapping (NBMA) is 303 not in scope. Finally, IPv6 ND requires a permanent connectivity of 304 all nodes in the subnet to defend their addresses, in other words 305 very stable network conditions. 307 The structure of this subnet is ephemeral, in that it is strongly 308 influenced by the mobility of vehicles: the hidden terminal effects 309 appear; the 802.11 networks in OCB mode may be considered as 'ad-hoc' 310 networks with an addressing model as described in [RFC5889]. On 311 another hand, the structure of the internal subnets in each vehicle 312 is relatively stable. 314 As recommended in [RFC5889], when the timing requirements are very 315 strict (e.g., fast-drive-through IP-RSU coverage), no on-link subnet 316 prefix should be configured on an 802.11-OCB interface. In such 317 cases, the exclusive use of IPv6 link-local addresses is RECOMMENDED. 319 Additionally, even if the timing requirements are not very strict 320 (e.g., the moving subnet formed by two following vehicles is stable, 321 a fixed IP-RSU is absent), the subnet is disconnected from the 322 Internet (i.e., a default route is absent), and the addressing peers 323 are equally qualified (that is, it is impossible to determine that 324 some vehicle owns and distributes addresses to others) the use of 325 link-local addresses is RECOMMENDED. 327 The baseline ND protocol [RFC4861] MUST be supported over 802.11-OCB 328 links. Transmitting ND packets may prove to have some performance 329 issues as mentioned in Section 4.5.2, and Appendix I. These issues 330 may be exacerbated in OCB mode. Solutions for these problems should 331 consider the OCB mode of operation. Future solutions to OCB should 332 consider solutions for avoiding broadcast. The best of current 333 knowledge indicates the kinds of issues that may arise with ND in OCB 334 mode; they are described in Appendix I. 336 Protocols like Mobile IPv6 [RFC6275] , [RFC3963] and DNAv6 [RFC6059], 337 which depend on a timely movement detection, might need additional 338 tuning work to handle the lack of link-layer notifications during 339 handover. This is for further study. 341 5. Security Considerations 343 Any security mechanism at the IP layer or above that may be carried 344 out for the general case of IPv6 may also be carried out for IPv6 345 operating over 802.11-OCB. 347 The OCB operation does not use existing 802.11 link-layer security 348 mechanisms. There is no encryption applied below the network layer 349 running on 802.11-OCB. At the application layer, the IEEE 1609.2 350 document [IEEE-1609.2] provides security services for certain 351 applications to use; application-layer mechanisms are out of scope of 352 this document. On another hand, a security mechanism provided at 353 networking layer, such as IPsec [RFC4301], may provide data security 354 protection to a wider range of applications. 356 802.11-OCB does not provide any cryptographic protection, because it 357 operates outside the context of a BSS (no Association Request/ 358 Response, no Challenge messages). Therefore, an attacker can sniff 359 or inject traffic while within range of a vehicle or IP-RSU (by 360 setting an interface carda€™s frequency to the proper 361 range). Also, an attacker may not heed to legal limits for radio 362 power and can use a very sensitive directional antenna; if attackers 363 wishe to attack a given exchange they do not necessarily need to be 364 in close physical proximity. Hence, such a link is less protected 365 than commonly used links (wired link or protected 802.11). 367 Therefore, any node can join a subnet, directly communicate with any 368 nodes on the subset to include potentially impersonating another 369 node.A This design allows for a number of threats outlined in 370 Section 3 of [RFC6959]. While not widely deployed, SeND [RFC3971], 371 [RFC3972] is a solution that can address Spoof-Based Attack Vectors. 373 5.1. Privacy Considerations 375 As with all Ethernet and 802.11 interface identifiers ([RFC7721]), 376 the identifier of an 802.11-OCB interface may involve privacy, MAC 377 address spoofing and IP hijacking risks. A vehicle embarking an IP- 378 OBU whose egress interface is 802.11-OCB may expose itself to 379 eavesdropping and subsequent correlation of data. This may reveal 380 data considered private by the vehicle owner; there is a risk of 381 being tracked. In outdoors public environments, where vehicles 382 typically circulate, the privacy risks are more important than in 383 indoors settings. It is highly likely that attacker sniffers are 384 deployed along routes which listen for IEEE frames, including IP 385 packets, of vehicles passing by. For this reason, in the 802.11-OCB 386 deployments, there is a strong necessity to use protection tools such 387 as dynamically changing MAC addresses Section 5.2, semantically 388 opaque Interface Identifiers and stable Interface Identifiers 389 Section 4.4. An example of change policy is to change the MAC 390 address of the OCB interface each time the system boots up. This may 391 help mitigate privacy risks to a certain level. Futhermore, for 392 pricavy concerns, ([RFC8065]) recommends using an address generation 393 scheme rather than addresses generated from a fixed link-layer 394 address. However, there are some specificities related to vehicles. 395 Since roaming is an important characteristic of moving vehicles, the 396 use of the same Link-Local Address over time can indicate the 397 presence of the same vehicle in different places and thus leads to 398 location tracking. Hence, a vehicle should get hints about a change 399 of environment (e.g. , engine running, GPS, etc..) and renew the IID 400 in its LLAs. 402 5.1.1. Privacy Risks of Meaningful info in Interface IDs 404 The privacy risks of using MAC addresses displayed in Interface 405 Identifiers are important. The IPv6 packets can be captured easily 406 in the Internet and on-link in public roads. For this reason, an 407 attacker may realize many attacks on privacy. One such attack on 408 802.11-OCB is to capture, store and correlate Company ID information 409 present in MAC addresses of many cars (e.g. listen for Router 410 Advertisements, or other IPv6 application data packets, and record 411 the value of the source address in these packets). Further 412 correlation of this information with other data captured by other 413 means, or other visual information (car color, others) may constitute 414 privacy risks. 416 5.2. MAC Address and Interface ID Generation 418 In 802.11-OCB networks, the MAC addresses may change during well 419 defined renumbering events. In the moment the MAC address is changed 420 on an 802.11-OCB interface all the Interface Identifiers of IPv6 421 addresses assigned to that interface MUST change. 423 Implementations should use a policy dictating when the MAC address is 424 changed on the 802.11-OCB interface. For more information on the 425 motivation of this policy please refer to the privacy discussion in 426 Appendix B. 428 A 'randomized' MAC address has the following characteristics: 430 o Bit "Local/Global" set to "locally admninistered". 432 o Bit "Unicast/Multicast" set to "Unicast". 434 o The 46 remaining bits are set to a random value, using a random 435 number generator that meets the requirements of [RFC4086]. 437 To meet the randomization requirements for the 46 remaining bits, a 438 hash function may be used. For example, the SHA256 hash function may 439 be used with input a 256 bit local secret, the 'nominal' MAC Address 440 of the interface, and a representation of the date and time of the 441 renumbering event. 443 A randomized Interface ID has the same characteristics of a 444 randomized MAC address, except the length in bits. 446 5.3. Pseudonym Handling 448 The demand for privacy protection of vehicles' and drivers' 449 identities, which could be granted by using a pseudonym or alias 450 identity at the same time, may hamper the required confidentiality of 451 messages and trust between participants - especially in safety 452 critical vehicular communication. 454 o Particular challenges arise when the pseudonymization mechanism 455 used relies on (randomized) re-addressing. 457 o A proper pseudonymization tool operated by a trusted third party 458 may be needed to ensure both aspects simultaneously (privacy 459 protection on one hand and trust between participants on another 460 hand). 462 o This is discussed in Section 4.4 and Section 5 of this document. 464 o Pseudonymity is also discussed in 465 [I-D.ietf-ipwave-vehicular-networking] in its sections 4.2.4 and 466 5.1.2. 468 6. IANA Considerations 470 No request to IANA. 472 7. Contributors 474 Christian Huitema, Tony Li. 476 Romain Kuntz contributed extensively about IPv6 handovers between 477 links running outside the context of a BSS (802.11-OCB links). 479 Tim Leinmueller contributed the idea of the use of IPv6 over 480 802.11-OCB for distribution of certificates. 482 Marios Makassikis, Jose Santa Lozano, Albin Severinson and Alexey 483 Voronov provided significant feedback on the experience of using IP 484 messages over 802.11-OCB in initial trials. 486 Michelle Wetterwald contributed extensively the MTU discussion, 487 offered the ETSI ITS perspective, and reviewed other parts of the 488 document. 490 8. Acknowledgements 492 The authors would like to thank Alexandre Petrescu for initiating 493 this work and for being the lead author until the version 43 of this 494 draft. 496 The authors would like to thank Pascal Thubert for reviewing, 497 proofreading and suggesting modifications of this document. 499 The authors would like to thank Mohamed Boucadair for proofreading 500 and suggesting modifications of this document. 502 The authors would like to thank Witold Klaudel, Ryuji Wakikawa, 503 Emmanuel Baccelli, John Kenney, John Moring, Francois Simon, Dan 504 Romascanu, Konstantin Khait, Ralph Droms, Richard 'Dick' Roy, Ray 505 Hunter, Tom Kurihara, Michal Sojka, Jan de Jongh, Suresh Krishnan, 506 Dino Farinacci, Vincent Park, Jaehoon Paul Jeong, Gloria Gwynne, 507 Hans-Joachim Fischer, Russ Housley, Rex Buddenberg, Erik Nordmark, 508 Bob Moskowitz, Andrew Dryden, Georg Mayer, Dorothy Stanley, Sandra 509 Cespedes, Mariano Falcitelli, Sri Gundavelli, Abdussalam Baryun, 510 Margaret Cullen, Erik Kline, Carlos Jesus Bernardos Cano, Ronald in 511 't Velt, Katrin Sjoberg, Roland Bless, Tijink Jasja, Kevin Smith, 512 Brian Carpenter, Julian Reschke, Mikael Abrahamsson, Dirk von Hugo, 513 Lorenzo Colitti, Pascal Thubert, Ole Troan, Jinmei Tatuya, Joel 514 Halpern, Eric Gray and William Whyte. Their valuable comments 515 clarified particular issues and generally helped to improve the 516 document. 518 Pierre Pfister, Rostislav Lisovy, and others, wrote 802.11-OCB 519 drivers for linux and described how. 521 For the multicast discussion, the authors would like to thank Owen 522 DeLong, Joe Touch, Jen Linkova, Erik Kline, Brian Haberman and 523 participants to discussions in network working groups. 525 The authors would like to thank participants to the Birds-of- 526 a-Feather "Intelligent Transportation Systems" meetings held at IETF 527 in 2016. 529 Human Rights Protocol Considerations review by Amelia Andersdotter. 531 9. References 533 9.1. Normative References 535 [IEEE-802.11-2016] 536 "IEEE Standard 802.11-2016 - IEEE Standard for Information 537 Technology - Telecommunications and information exchange 538 between systems Local and metropolitan area networks - 539 Specific requirements - Part 11: Wireless LAN Medium 540 Access Control (MAC) and Physical Layer (PHY) 541 Specifications. Status - Active Standard. Description 542 retrieved freely; the document itself is also freely 543 available, but with some difficulty (requires 544 registration); description and document retrieved on April 545 8th, 2019, starting from URL 546 https://standards.ieee.org/findstds/ 547 standard/802.11-2016.html". 549 [RFC1042] Postel, J. and J. Reynolds, "Standard for the transmission 550 of IP datagrams over IEEE 802 networks", STD 43, RFC 1042, 551 DOI 10.17487/RFC1042, February 1988, 552 . 554 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 555 Requirement Levels", BCP 14, RFC 2119, 556 DOI 10.17487/RFC2119, March 1997, 557 . 559 [RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet 560 Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998, 561 . 563 [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, 564 "Randomness Requirements for Security", BCP 106, RFC 4086, 565 DOI 10.17487/RFC4086, June 2005, 566 . 568 [RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and 569 More-Specific Routes", RFC 4191, DOI 10.17487/RFC4191, 570 November 2005, . 572 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast 573 Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, 574 . 576 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 577 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 578 2006, . 580 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 581 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 582 December 2005, . 584 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 585 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 586 DOI 10.17487/RFC4861, September 2007, 587 . 589 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 590 Address Autoconfiguration", RFC 4862, 591 DOI 10.17487/RFC4862, September 2007, 592 . 594 [RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley, 595 Ed., "Control And Provisioning of Wireless Access Points 596 (CAPWAP) Protocol Specification", RFC 5415, 597 DOI 10.17487/RFC5415, March 2009, 598 . 600 [RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for 601 Detecting Network Attachment in IPv6", RFC 6059, 602 DOI 10.17487/RFC6059, November 2010, 603 . 605 [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility 606 Support in IPv6", RFC 6275, DOI 10.17487/RFC6275, July 607 2011, . 609 [RFC7042] Eastlake 3rd, D. and J. Abley, "IANA Considerations and 610 IETF Protocol and Documentation Usage for IEEE 802 611 Parameters", BCP 141, RFC 7042, DOI 10.17487/RFC7042, 612 October 2013, . 614 [RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6 615 Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136, 616 February 2014, . 618 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 619 Interface Identifiers with IPv6 Stateless Address 620 Autoconfiguration (SLAAC)", RFC 7217, 621 DOI 10.17487/RFC7217, April 2014, 622 . 624 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 625 "Recommendation on Stable IPv6 Interface Identifiers", 626 RFC 8064, DOI 10.17487/RFC8064, February 2017, 627 . 629 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 630 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 631 May 2017, . 633 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 634 (IPv6) Specification", STD 86, RFC 8200, 635 DOI 10.17487/RFC8200, July 2017, 636 . 638 9.2. Informative References 640 [ETSI-sec-archi] 641 "ETSI TS 102 940 V1.2.1 (2016-11), ETSI Technical 642 Specification, Intelligent Transport Systems (ITS); 643 Security; ITS communications security architecture and 644 security management, November 2016. Downloaded on 645 September 9th, 2017, freely available from ETSI website at 646 URL http://www.etsi.org/deliver/ 647 etsi_ts/102900_102999/102940/01.02.01_60/ 648 ts_102940v010201p.pdf". 650 [I-D.ietf-ipwave-vehicular-networking] 651 Jeong, J., "IP Wireless Access in Vehicular Environments 652 (IPWAVE): Problem Statement and Use Cases", draft-ietf- 653 ipwave-vehicular-networking-11 (work in progress), July 654 2019. 656 [I-D.ietf-mboned-ieee802-mcast-problems] 657 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 658 Zuniga, "Multicast Considerations over IEEE 802 Wireless 659 Media", draft-ietf-mboned-ieee802-mcast-problems-06 (work 660 in progress), July 2019. 662 [IEEE-1609.2] 663 "IEEE SA - 1609.2-2016 - IEEE Standard for Wireless Access 664 in Vehicular Environments (WAVE) -- Security Services for 665 Applications and Management Messages. Example URL 666 http://ieeexplore.ieee.org/document/7426684/ accessed on 667 August 17th, 2017.". 669 [IEEE-1609.3] 670 "IEEE SA - 1609.3-2016 - IEEE Standard for Wireless Access 671 in Vehicular Environments (WAVE) -- Networking Services. 672 Example URL http://ieeexplore.ieee.org/document/7458115/ 673 accessed on August 17th, 2017.". 675 [IEEE-1609.4] 676 "IEEE SA - 1609.4-2016 - IEEE Standard for Wireless Access 677 in Vehicular Environments (WAVE) -- Multi-Channel 678 Operation. Example URL 679 http://ieeexplore.ieee.org/document/7435228/ accessed on 680 August 17th, 2017.". 682 [IEEE-802.11p-2010] 683 "IEEE Std 802.11p (TM)-2010, IEEE Standard for Information 684 Technology - Telecommunications and information exchange 685 between systems - Local and metropolitan area networks - 686 Specific requirements, Part 11: Wireless LAN Medium Access 687 Control (MAC) and Physical Layer (PHY) Specifications, 688 Amendment 6: Wireless Access in Vehicular Environments; 689 document freely available at URL 690 http://standards.ieee.org/getieee802/ 691 download/802.11p-2010.pdf retrieved on September 20th, 692 2013.". 694 [RFC3753] Manner, J., Ed. and M. Kojo, Ed., "Mobility Related 695 Terminology", RFC 3753, DOI 10.17487/RFC3753, June 2004, 696 . 698 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. 699 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 700 RFC 3963, DOI 10.17487/RFC3963, January 2005, 701 . 703 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 704 "SEcure Neighbor Discovery (SEND)", RFC 3971, 705 DOI 10.17487/RFC3971, March 2005, 706 . 708 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 709 RFC 3972, DOI 10.17487/RFC3972, March 2005, 710 . 712 [RFC5889] Baccelli, E., Ed. and M. Townsley, Ed., "IP Addressing 713 Model in Ad Hoc Networks", RFC 5889, DOI 10.17487/RFC5889, 714 September 2010, . 716 [RFC6959] McPherson, D., Baker, F., and J. Halpern, "Source Address 717 Validation Improvement (SAVI) Threat Scope", RFC 6959, 718 DOI 10.17487/RFC6959, May 2013, 719 . 721 [RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy 722 Considerations for IPv6 Address Generation Mechanisms", 723 RFC 7721, DOI 10.17487/RFC7721, March 2016, 724 . 726 [RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation- 727 Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065, 728 February 2017, . 730 Appendix A. 802.11p 732 The term "802.11p" is an earlier definition. The behaviour of 733 "802.11p" networks is rolled in the document IEEE Std 802.11-2016. 734 In that document the term 802.11p disappears. Instead, each 802.11p 735 feature is conditioned by the IEEE Management Information Base (MIB) 736 attribute "OCBActivated" [IEEE-802.11-2016]. Whenever OCBActivated 737 is set to true the IEEE Std 802.11-OCB state is activated. For 738 example, an 802.11 STAtion operating outside the context of a basic 739 service set has the OCBActivated flag set. Such a station, when it 740 has the flag set, uses a BSS identifier equal to ff:ff:ff:ff:ff:ff. 742 Appendix B. Aspects introduced by the OCB mode to 802.11 744 In the IEEE 802.11-OCB mode, all nodes in the wireless range can 745 directly communicate with each other without involving authentication 746 or association procedures. In OCB mode, the manner in which channels 747 are selected and used is simplified compared to when in BSS mode. 748 Contrary to BSS mode, at link layer, it is necessary to set 749 statically the same channel number (or frequency) on two stations 750 that need to communicate with each other (in BSS mode this channel 751 set operation is performed automatically during 'scanning'). The 752 manner in which stations set their channel number in OCB mode is not 753 specified in this document. Stations STA1 and STA2 can exchange IP 754 packets only if they are set on the same channel. At IP layer, they 755 then discover each other by using the IPv6 Neighbor Discovery 756 protocol. The allocation of a particular channel for a particular 757 use is defined statically in standards authored by ETSI (in Europe), 758 FCC in America, and similar organisations in South Korea, Japan and 759 other parts of the world. 761 Briefly, the IEEE 802.11-OCB mode has the following properties: 763 o The use by each node of a 'wildcard' BSSID (i.e., each bit of the 764 BSSID is set to 1) 766 o No IEEE 802.11 Beacon frames are transmitted 768 o No authentication is required in order to be able to communicate 770 o No association is needed in order to be able to communicate 772 o No encryption is provided in order to be able to communicate 774 o Flag dot11OCBActivated is set to true 776 All the nodes in the radio communication range (IP-OBU and IP-RSU) 777 receive all the messages transmitted (IP-OBU and IP-RSU) within the 778 radio communications range. The eventual conflict(s) are resolved by 779 the MAC CDMA function. 781 The message exchange diagram in Figure 1 illustrates a comparison 782 between traditional 802.11 and 802.11 in OCB mode. The 'Data' 783 messages can be IP packets such as HTTP or others. Other 802.11 784 management and control frames (non IP) may be transmitted, as 785 specified in the 802.11 standard. For information, the names of 786 these messages as currently specified by the 802.11 standard are 787 listed in Appendix F. 789 STA AP STA1 STA2 790 | | | | 791 |<------ Beacon -------| |<------ Data -------->| 792 | | | | 793 |---- Probe Req. ----->| |<------ Data -------->| 794 |<--- Probe Res. ------| | | 795 | | |<------ Data -------->| 796 |---- Auth Req. ------>| | | 797 |<--- Auth Res. -------| |<------ Data -------->| 798 | | | | 799 |---- Asso Req. ------>| |<------ Data -------->| 800 |<--- Asso Res. -------| | | 801 | | |<------ Data -------->| 802 |<------ Data -------->| | | 803 |<------ Data -------->| |<------ Data -------->| 805 (i) 802.11 Infrastructure mode (ii) 802.11-OCB mode 807 Figure 1: Difference between messages exchanged on 802.11 (left) and 808 802.11-OCB (right) 810 The interface 802.11-OCB was specified in IEEE Std 802.11p (TM) -2010 811 [IEEE-802.11p-2010] as an amendment to IEEE Std 802.11 (TM) -2007, 812 titled "Amendment 6: Wireless Access in Vehicular Environments". 813 Since then, this amendment has been integrated in IEEE 802.11(TM) 814 -2012 and -2016 [IEEE-802.11-2016]. 816 In document 802.11-2016, anything qualified specifically as 817 "OCBActivated", or "outside the context of a basic service" set to be 818 true, then it is actually referring to OCB aspects introduced to 819 802.11. 821 In order to delineate the aspects introduced by 802.11-OCB to 802.11, 822 we refer to the earlier [IEEE-802.11p-2010]. The amendment is 823 concerned with vehicular communications, where the wireless link is 824 similar to that of Wireless LAN (using a PHY layer specified by 825 802.11a/b/g/n), but which needs to cope with the high mobility factor 826 inherent in scenarios of communications between moving vehicles, and 827 between vehicles and fixed infrastructure deployed along roads. 828 While 'p' is a letter identifying the Amendment, just like 'a, b, g' 829 and 'n' are, 'p' is concerned more with MAC modifications, and a 830 little with PHY modifications; the others are mainly about PHY 831 modifications. It is possible in practice to combine a 'p' MAC with 832 an 'a' PHY by operating outside the context of a BSS with OFDM at 833 5.4GHz and 5.9GHz. 835 The 802.11-OCB links are specified to be compatible as much as 836 possible with the behaviour of 802.11a/b/g/n and future generation 837 IEEE WLAN links. From the IP perspective, an 802.11-OCB MAC layer 838 offers practically the same interface to IP as the 802.11a/b/g/n and 839 802.3. A packet sent by an IP-OBU may be received by one or multiple 840 IP-RSUs. The link-layer resolution is performed by using the IPv6 841 Neighbor Discovery protocol. 843 To support this similarity statement (IPv6 is layered on top of LLC 844 on top of 802.11-OCB, in the same way that IPv6 is layered on top of 845 LLC on top of 802.11a/b/g/n (for WLAN) or layered on top of LLC on 846 top of 802.3 (for Ethernet)) it is useful to analyze the differences 847 between 802.11-OCB and 802.11 specifications. During this analysis, 848 we note that whereas 802.11-OCB lists relatively complex and numerous 849 changes to the MAC layer (and very little to the PHY layer), there 850 are only a few characteristics which may be important for an 851 implementation transmitting IPv6 packets on 802.11-OCB links. 853 The most important 802.11-OCB point which influences the IPv6 854 functioning is the OCB characteristic; an additional, less direct 855 influence, is the maximum bandwidth afforded by the PHY modulation/ 856 demodulation methods and channel access specified by 802.11-OCB. The 857 maximum bandwidth theoretically possible in 802.11-OCB is 54 Mbit/s 858 (when using, for example, the following parameters: 20 MHz channel; 859 modulation 64-QAM; coding rate R is 3/4); in practice of IP-over- 860 802.11-OCB a commonly observed figure is 12Mbit/s; this bandwidth 861 allows the operation of a wide range of protocols relying on IPv6. 863 o Operation Outside the Context of a BSS (OCB): the (earlier 864 802.11p) 802.11-OCB links are operated without a Basic Service Set 865 (BSS). This means that the frames IEEE 802.11 Beacon, Association 866 Request/Response, Authentication Request/Response, and similar, 867 are not used. The used identifier of BSS (BSSID) has a 868 hexadecimal value always 0xffffffffffff (48 '1' bits, represented 869 as MAC address ff:ff:ff:ff:ff:ff, or otherwise the 'wildcard' 870 BSSID), as opposed to an arbitrary BSSID value set by 871 administrator (e.g. 'My-Home-AccessPoint'). The OCB operation - 872 namely the lack of beacon-based scanning and lack of 873 authentication - should be taken into account when the Mobile IPv6 874 protocol [RFC6275] and the protocols for IP layer security 875 [RFC4301] are used. The way these protocols adapt to OCB is not 876 described in this document. 878 o Timing Advertisement: is a new message defined in 802.11-OCB, 879 which does not exist in 802.11a/b/g/n. This message is used by 880 stations to inform other stations about the value of time. It is 881 similar to the time as delivered by a GNSS system (Galileo, GPS, 882 ...) or by a cellular system. This message is optional for 883 implementation. 885 o Frequency range: this is a characteristic of the PHY layer, with 886 almost no impact on the interface between MAC and IP. However, it 887 is worth considering that the frequency range is regulated by a 888 regional authority (ARCEP, ECC/CEPT based on ENs from ETSI, FCC, 889 etc.); as part of the regulation process, specific applications 890 are associated with specific frequency ranges. In the case of 891 802.11-OCB, the regulator associates a set of frequency ranges, or 892 slots within a band, to the use of applications of vehicular 893 communications, in a band known as "5.9GHz". The 5.9GHz band is 894 different from the 2.4GHz and 5GHz bands used by Wireless LAN. 895 However, as with Wireless LAN, the operation of 802.11-OCB in 896 "5.9GHz" bands is exempt from owning a license in EU (in US the 897 5.9GHz is a licensed band of spectrum; for the fixed 898 infrastructure an explicit FCC authorization is required; for an 899 on-board device a 'licensed-by-rule' concept applies: rule 900 certification conformity is required.) Technical conditions are 901 different than those of the bands "2.4GHz" or "5GHz". The allowed 902 power levels, and implicitly the maximum allowed distance between 903 vehicles, is of 33dBm for 802.11-OCB (in Europe), compared to 20 904 dBm for Wireless LAN 802.11a/b/g/n; this leads to a maximum 905 distance of approximately 1km, compared to approximately 50m. 906 Additionally, specific conditions related to congestion avoidance, 907 jamming avoidance, and radar detection are imposed on the use of 908 DSRC (in US) and on the use of frequencies for Intelligent 909 Transportation Systems (in EU), compared to Wireless LAN 910 (802.11a/b/g/n). 912 o 'Half-rate' encoding: as the frequency range, this parameter is 913 related to PHY, and thus has not much impact on the interface 914 between the IP layer and the MAC layer. 916 o In vehicular communications using 802.11-OCB links, there are 917 strong privacy requirements with respect to addressing. While the 918 802.11-OCB standard does not specify anything in particular with 919 respect to MAC addresses, in these settings there exists a strong 920 need for dynamic change of these addresses (as opposed to the non- 921 vehicular settings - real wall protection - where fixed MAC 922 addresses do not currently pose some privacy risks). This is 923 further described in Section 5. A relevant function is described 924 in documents IEEE 1609.3-2016 [IEEE-1609.3] and IEEE 1609.4-2016 925 [IEEE-1609.4]. 927 Appendix C. Changes Needed on a software driver 802.11a to become a 928 802.11-OCB driver 930 The 802.11p amendment modifies both the 802.11 stack's physical and 931 MAC layers but all the induced modifications can be quite easily 932 obtained by modifying an existing 802.11a ad-hoc stack. 934 Conditions for a 802.11a hardware to be 802.11-OCB compliant: 936 o The PHY entity shall be an orthogonal frequency division 937 multiplexing (OFDM) system. It must support the frequency bands 938 on which the regulator recommends the use of ITS communications, 939 for example using IEEE 802.11-OCB layer, in France: 5875MHz to 940 5925MHz. 942 o The OFDM system must provide a "half-clocked" operation using 10 943 MHz channel spacings. 945 o The chip transmit spectrum mask must be compliant to the "Transmit 946 spectrum mask" from the IEEE 802.11p amendment (but experimental 947 environments tolerate otherwise). 949 o The chip should be able to transmit up to 44.8 dBm when used by 950 the US government in the United States, and up to 33 dBm in 951 Europe; other regional conditions apply. 953 Changes needed on the network stack in OCB mode: 955 o Physical layer: 957 * The chip must use the Orthogonal Frequency Multiple Access 958 (OFDM) encoding mode. 960 * The chip must be set in half-mode rate mode (the internal clock 961 frequency is divided by two). 963 * The chip must use dedicated channels and should allow the use 964 of higher emission powers. This may require modifications to 965 the local computer file that describes regulatory domains 966 rules, if used by the kernel to enforce local specific 967 restrictions. Such modifications to the local computer file 968 must respect the location-specific regulatory rules. 970 MAC layer: 972 * All management frames (beacons, join, leave, and others) 973 emission and reception must be disabled except for frames of 974 subtype Action and Timing Advertisement (defined below). 976 * No encryption key or method must be used. 978 * Packet emission and reception must be performed as in ad-hoc 979 mode, using the wildcard BSSID (ff:ff:ff:ff:ff:ff). 981 * The functions related to joining a BSS (Association Request/ 982 Response) and for authentication (Authentication Request/Reply, 983 Challenge) are not called. 985 * The beacon interval is always set to 0 (zero). 987 * Timing Advertisement frames, defined in the amendment, should 988 be supported. The upper layer should be able to trigger such 989 frames emission and to retrieve information contained in 990 received Timing Advertisements. 992 Appendix D. Protocol Layering 994 A more theoretical and detailed view of layer stacking, and 995 interfaces between the IP layer and 802.11-OCB layers, is illustrated 996 in Figure 2. The IP layer operates on top of the EtherType Protocol 997 Discrimination (EPD); this Discrimination layer is described in IEEE 998 Std 802.3-2012; the interface between IPv6 and EPD is the LLC_SAP 999 (Link Layer Control Service Access Point). 1001 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1002 | IPv6 | 1003 +-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ 1004 { LLC_SAP } 802.11-OCB 1005 +-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ Boundary 1006 | EPD | | | 1007 | | MLME | | 1008 +-+-+-{ MAC_SAP }+-+-+-| MLME_SAP | 1009 | MAC Sublayer | | | 802.11-OCB 1010 | and ch. coord. | | SME | Services 1011 +-+-+-{ PHY_SAP }+-+-+-+-+-+-+-| | 1012 | | PLME | | 1013 | PHY Layer | PLME_SAP | 1014 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1016 Figure 2: EtherType Protocol Discrimination 1018 Appendix E. Design Considerations 1020 The networks defined by 802.11-OCB are in many ways similar to other 1021 networks of the 802.11 family. In theory, the transportation of IPv6 1022 over 802.11-OCB could be very similar to the operation of IPv6 over 1023 other networks of the 802.11 family. However, the high mobility, 1024 strong link asymmetry and very short connection makes the 802.11-OCB 1025 link significantly different from other 802.11 networks. Also, the 1026 automotive applications have specific requirements for reliability, 1027 security and privacy, which further add to the particularity of the 1028 802.11-OCB link. 1030 Appendix F. IEEE 802.11 Messages Transmitted in OCB mode 1032 For information, at the time of writing, this is the list of IEEE 1033 802.11 messages that may be transmitted in OCB mode, i.e. when 1034 dot11OCBActivated is true in a STA: 1036 o The STA may send management frames of subtype Action and, if the 1037 STA maintains a TSF Timer, subtype Timing Advertisement; 1039 o The STA may send control frames, except those of subtype PS-Poll, 1040 CF-End, and CF-End plus CFAck; 1042 o The STA MUST send data frames of subtype QoS Data. 1044 Appendix G. Examples of Packet Formats 1046 This section describes an example of an IPv6 Packet captured over a 1047 IEEE 802.11-OCB link. 1049 By way of example we show that there is no modification in the 1050 headers when transmitted over 802.11-OCB networks - they are 1051 transmitted like any other 802.11 and Ethernet packets. 1053 We describe an experiment of capturing an IPv6 packet on an 1054 802.11-OCB link. In topology depicted in Figure 3, the packet is an 1055 IPv6 Router Advertisement. This packet is emitted by a Router on its 1056 802.11-OCB interface. The packet is captured on the Host, using a 1057 network protocol analyzer (e.g. Wireshark); the capture is performed 1058 in two different modes: direct mode and 'monitor' mode. The topology 1059 used during the capture is depicted below. 1061 The packet is captured on the Host. The Host is an IP-OBU containing 1062 an 802.11 interface in format PCI express (an ITRI product). The 1063 kernel runs the ath5k software driver with modifications for OCB 1064 mode. The capture tool is Wireshark. The file format for save and 1065 analyze is 'pcap'. The packet is generated by the Router. The 1066 Router is an IP-RSU (ITRI product). 1068 +--------+ +-------+ 1069 | | 802.11-OCB Link | | 1070 ---| Router |--------------------------------| Host | 1071 | | | | 1072 +--------+ +-------+ 1074 Figure 3: Topology for capturing IP packets on 802.11-OCB 1076 During several capture operations running from a few moments to 1077 several hours, no message relevant to the BSSID contexts were 1078 captured (no Association Request/Response, Authentication Req/Resp, 1079 Beacon). This shows that the operation of 802.11-OCB is outside the 1080 context of a BSSID. 1082 Overall, the captured message is identical with a capture of an IPv6 1083 packet emitted on a 802.11b interface. The contents are precisely 1084 similar. 1086 G.1. Capture in Monitor Mode 1088 The IPv6 RA packet captured in monitor mode is illustrated below. 1089 The radio tap header provides more flexibility for reporting the 1090 characteristics of frames. The Radiotap Header is prepended by this 1091 particular stack and operating system on the Host machine to the RA 1092 packet received from the network (the Radiotap Header is not present 1093 on the air). The implementation-dependent Radiotap Header is useful 1094 for piggybacking PHY information from the chip's registers as data in 1095 a packet understandable by userland applications using Socket 1096 interfaces (the PHY interface can be, for example: power levels, data 1097 rate, ratio of signal to noise). 1099 The packet present on the air is formed by IEEE 802.11 Data Header, 1100 Logical Link Control Header, IPv6 Base Header and ICMPv6 Header. 1102 Radiotap Header v0 1103 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1104 |Header Revision| Header Pad | Header length | 1105 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1106 | Present flags | 1107 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1108 | Data Rate | Pad | 1109 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1111 IEEE 802.11 Data Header 1112 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1113 | Type/Subtype and Frame Ctrl | Duration | 1114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1115 | Receiver Address... 1116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1117 ... Receiver Address | Transmitter Address... 1118 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1119 ... Transmitter Address | 1120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1121 | BSS Id... 1122 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1123 ... BSS Id | Frag Number and Seq Number | 1124 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1126 Logical-Link Control Header 1127 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1128 | DSAP |I| SSAP |C| Control field | Org. code... 1129 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1130 ... Organizational Code | Type | 1131 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1133 IPv6 Base Header 1134 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1135 |Version| Traffic Class | Flow Label | 1136 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1137 | Payload Length | Next Header | Hop Limit | 1138 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1139 | | 1140 + + 1141 | | 1142 + Source Address + 1143 | | 1144 + + 1145 | | 1146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1147 | | 1148 + + 1149 | | 1150 + Destination Address + 1151 | | 1152 + + 1153 | | 1154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1156 Router Advertisement 1157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1158 | Type | Code | Checksum | 1159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1160 | Cur Hop Limit |M|O| Reserved | Router Lifetime | 1161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1162 | Reachable Time | 1163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1164 | Retrans Timer | 1165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1166 | Options ... 1167 +-+-+-+-+-+-+-+-+-+-+-+- 1169 The value of the Data Rate field in the Radiotap header is set to 6 1170 Mb/s. This indicates the rate at which this RA was received. 1172 The value of the Transmitter address in the IEEE 802.11 Data Header 1173 is set to a 48bit value. The value of the destination address is 1174 33:33:00:00:00:1 (all-nodes multicast address). The value of the BSS 1175 Id field is ff:ff:ff:ff:ff:ff, which is recognized by the network 1176 protocol analyzer as being "broadcast". The Fragment number and 1177 sequence number fields are together set to 0x90C6. 1179 The value of the Organization Code field in the Logical-Link Control 1180 Header is set to 0x0, recognized as "Encapsulated Ethernet". The 1181 value of the Type field is 0x86DD (hexadecimal 86DD, or otherwise 1182 #86DD), recognized as "IPv6". 1184 A Router Advertisement is periodically sent by the router to 1185 multicast group address ff02::1. It is an icmp packet type 134. The 1186 IPv6 Neighbor Discovery's Router Advertisement message contains an 1187 8-bit field reserved for single-bit flags, as described in [RFC4861]. 1189 The IPv6 header contains the link local address of the router 1190 (source) configured via EUI-64 algorithm, and destination address set 1191 to ff02::1. 1193 The Ethernet Type field in the logical-link control header is set to 1194 0x86dd which indicates that the frame transports an IPv6 packet. In 1195 the IEEE 802.11 data, the destination address is 33:33:00:00:00:01 1196 which is the corresponding multicast MAC address. The BSS id is a 1197 broadcast address of ff:ff:ff:ff:ff:ff. Due to the short link 1198 duration between vehicles and the roadside infrastructure, there is 1199 no need in IEEE 802.11-OCB to wait for the completion of association 1200 and authentication procedures before exchanging data. IEEE 1201 802.11-OCB enabled nodes use the wildcard BSSID (a value of all 1s) 1202 and may start communicating as soon as they arrive on the 1203 communication channel. 1205 G.2. Capture in Normal Mode 1207 The same IPv6 Router Advertisement packet described above (monitor 1208 mode) is captured on the Host, in the Normal mode, and depicted 1209 below. 1211 Ethernet II Header 1212 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1213 | Destination... 1214 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1215 ...Destination | Source... 1216 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1217 ...Source | 1218 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1219 | Type | 1220 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1222 IPv6 Base Header 1223 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1224 |Version| Traffic Class | Flow Label | 1225 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1226 | Payload Length | Next Header | Hop Limit | 1227 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1228 | | 1229 + + 1230 | | 1231 + Source Address + 1232 | | 1233 + + 1234 | | 1235 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1236 | | 1237 + + 1238 | | 1239 + Destination Address + 1240 | | 1241 + + 1242 | | 1243 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1245 Router Advertisement 1246 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1247 | Type | Code | Checksum | 1248 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1249 | Cur Hop Limit |M|O| Reserved | Router Lifetime | 1250 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1251 | Reachable Time | 1252 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1253 | Retrans Timer | 1254 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1255 | Options ... 1256 +-+-+-+-+-+-+-+-+-+-+-+- 1258 One notices that the Radiotap Header, the IEEE 802.11 Data Header and 1259 the Logical-Link Control Headers are not present. On the other hand, 1260 a new header named Ethernet II Header is present. 1262 The Destination and Source addresses in the Ethernet II header 1263 contain the same values as the fields Receiver Address and 1264 Transmitter Address present in the IEEE 802.11 Data Header in the 1265 "monitor" mode capture. 1267 The value of the Type field in the Ethernet II header is 0x86DD 1268 (recognized as "IPv6"); this value is the same value as the value of 1269 the field Type in the Logical-Link Control Header in the "monitor" 1270 mode capture. 1272 The knowledgeable experimenter will no doubt notice the similarity of 1273 this Ethernet II Header with a capture in normal mode on a pure 1274 Ethernet cable interface. 1276 A frame translation is inserted on top of a pure IEEE 802.11 MAC 1277 layer, in order to adapt packets, before delivering the payload data 1278 to the applications. It adapts 802.11 LLC/MAC headers to Ethernet II 1279 headers. In further detail, this adaptation consists in the 1280 elimination of the Radiotap, 802.11 and LLC headers, and in the 1281 insertion of the Ethernet II header. In this way, IPv6 runs straight 1282 over LLC over the 802.11-OCB MAC layer; this is further confirmed by 1283 the use of the unique Type 0x86DD. 1285 Appendix H. Extra Terminology 1287 The following terms are defined outside the IETF. They are used to 1288 define the main terms in the main terminology section Section 2. 1290 DSRC (Dedicated Short Range Communication): a term defined outside 1291 the IETF. The US Federal Communications Commission (FCC) Dedicated 1292 Short Range Communication (DSRC) is defined in the Code of Federal 1293 Regulations (CFR) 47, Parts 90 and 95. This Code is referred in the 1294 definitions below. At the time of the writing of this Internet 1295 Draft, the last update of this Code was dated October 1st, 2010. 1297 DSRCS (Dedicated Short-Range Communications Services): a term defined 1298 outside the IETF. The use of radio techniques to transfer data over 1299 short distances between roadside and mobile units, between mobile 1300 units, and between portable and mobile units to perform operations 1301 related to the improvement of traffic flow, traffic safety, and other 1302 intelligent transportation service applications in a variety of 1303 environments. DSRCS systems may also transmit status and 1304 instructional messages related to the units involve. [Ref. 47 CFR 1305 90.7 - Definitions] 1306 OBU (On-Board Unit): a term defined outside the IETF. An On-Board 1307 Unit is a DSRCS transceiver that is normally mounted in or on a 1308 vehicle, or which in some instances may be a portable unit. An OBU 1309 can be operational while a vehicle or person is either mobile or 1310 stationary. The OBUs receive and contend for time to transmit on one 1311 or more radio frequency (RF) channels. Except where specifically 1312 excluded, OBU operation is permitted wherever vehicle operation or 1313 human passage is permitted. The OBUs mounted in vehicles are 1314 licensed by rule under part 95 of the respective chapter and 1315 communicate with Roadside Units (RSUs) and other OBUs. Portable OBUs 1316 are also licensed by rule under part 95 of the respective chapter. 1317 OBU operations in the Unlicensed National Information Infrastructure 1318 (UNII) Bands follow the rules in those bands. - [CFR 90.7 - 1319 Definitions]. 1321 RSU (Road-Side Unit): a term defined outside of IETF. A Roadside 1322 Unit is a DSRC transceiver that is mounted along a road or pedestrian 1323 passageway. An RSU may also be mounted on a vehicle or is hand 1324 carried, but it may only operate when the vehicle or hand- carried 1325 unit is stationary. Furthermore, an RSU operating under the 1326 respectgive part is restricted to the location where it is licensed 1327 to operate. However, portable or hand-held RSUs are permitted to 1328 operate where they do not interfere with a site-licensed operation. 1329 A RSU broadcasts data to OBUs or exchanges data with OBUs in its 1330 communications zone. An RSU also provides channel assignments and 1331 operating instructions to OBUs in its communications zone, when 1332 required. - [CFR 90.7 - Definitions]. 1334 Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless Links 1336 IPv6 Neighbor Discovery (IPv6 ND) [RFC4861][RFC4862] was designed for 1337 point-to-point and transit links such as Ethernet, with the 1338 expectation of a cheap and reliable support for multicast from the 1339 lower layer. Section 3.2 of RFC 4861 indicates that the operation on 1340 Shared Media and on non-broadcast multi-access (NBMA) networks 1341 require additional support, e.g., for Address Resolution (AR) and 1342 duplicate address detection (DAD), which depend on multicast. An 1343 infrastructureless radio network such as OCB shares properties with 1344 both Shared Media and NBMA networks, and then adds its own 1345 complexity, e.g., from movement and interference that allow only 1346 transient and non-transitive reachability between any set of peers. 1348 The uniqueness of an address within a scoped domain is a key pillar 1349 of IPv6 and the base for unicast IP communication. RFC 4861 details 1350 the DAD method to avoid that an address is duplicated. For a link 1351 local address, the scope is the link, whereas for a Globally 1352 Reachable address the scope is much larger. The underlying 1353 assumption for DAD to operate correctly is that the node that owns an 1354 IPv6 address can reach any other node within the scope at the time it 1355 claims its address, which is done by sending a NS multicast message, 1356 and can hear any future claim for that address by another party 1357 within the scope for the duration of the address ownership. 1359 In the case of OCB, there is a potentially a need to define a scope 1360 that is compatible with DAD, and that cannot be the set of nodes that 1361 a transmitter can reach at a particular time, because that set varies 1362 all the time and does not meet the DAD requirements for a link local 1363 address that could possibly be used anytime, anywhere. The generic 1364 expectation of a reliable multicast is not ensured, and the operation 1365 of DAD and AR (Address Resolution) as specified by RFC 4861 cannot be 1366 guaranteed. Moreover, multicast transmissions that rely on broadcast 1367 are not only unreliable but are also often detrimental to unicast 1368 traffic (see [draft-ietf-mboned-ieee802-mcast-problems]). 1370 Early experience indicates that it should be possible to exchange 1371 IPv6 packets over OCB while relying on IPv6 ND alone for DAD and AR 1372 (Address Resolution) in good conditions. In the absence of a correct 1373 DAD operation, a node that relies only on IPv6 ND for AR and DAD over 1374 OCB should ensure that the addresses that it uses are unique by means 1375 others than DAD. It must be noted that deriving an IPv6 address from 1376 a globally unique MAC address has this property but may yield privacy 1377 issues. 1379 RFC 8505 provides a more recent approach to IPv6 ND and in particular 1380 DAD. RFC 8505 is designed to fit wireless and otherwise constrained 1381 networks whereby multicast and/or continuous access to the medium may 1382 not be guaranteed. RFC 8505 Section 5.6 "Link-Local Addresses and 1383 Registration" indicates that the scope of uniqueness for a link local 1384 address is restricted to a pair of nodes that use it to communicate, 1385 and provides a method to assert the uniqueness and resolve the link- 1386 Layer address using a unicast exchange. 1388 RFC 8505 also enables a router (acting as a 6LR) to own a prefix and 1389 act as a registrar (acting as a 6LBR) for addresses within the 1390 associated subnet. A peer host (acting as a 6LN) registers an 1391 address derived from that prefix and can use it for the lifetime of 1392 the registration. The prefix is advertised as not onlink, which 1393 means that the 6LN uses the 6LR to relay its packets within the 1394 subnet, and participation to the subnet is constrained to the time of 1395 reachability to the 6LR. Note that RSU that provides internet 1396 connectivity MAY announce a default router preference [RFC4191], 1397 whereas a car that does not provide that connectivity MUST NOT do so. 1398 This operation presents similarities with that of an access point, 1399 but at Layer-3. This is why RFC 8505 well-suited for wireless in 1400 general. 1402 Support of RFC 8505 may be implemented on OCB. OCB nodes that 1403 support RFC 8505 SHOULD support the 6LN operation in order to act as 1404 a host, and may support the 6LR and 6LBR operations in order to act 1405 as a router and in particular own a prefix that can be used by RFC 1406 8505-compliant hosts for address autoconfiguration and registration. 1408 Authors' Addresses 1410 Nabil Benamar 1411 Moulay Ismail University of Meknes 1412 Morocco 1414 Phone: +212670832236 1415 Email: n.benamar@est.umi.ac.ma 1417 Jerome Haerri 1418 Eurecom 1419 Sophia-Antipolis 06904 1420 France 1422 Phone: +33493008134 1423 Email: Jerome.Haerri@eurecom.fr 1425 Jong-Hyouk Lee 1426 Sangmyung University 1427 31, Sangmyeongdae-gil, Dongnam-gu 1428 Cheonan 31066 1429 Republic of Korea 1431 Email: jonghyouk@smu.ac.kr 1433 Thierry Ernst 1434 YoGoKo 1435 France 1437 Email: thierry.ernst@yogoko.fr