idnits 2.17.1 draft-ietf-lpwan-ipv6-static-context-hc-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 840: '...within a single L2 data unit, it SHALL...' RFC 2119 keyword, line 877: '...liability option MUST be used for all ...' RFC 2119 keyword, line 886: '...on, the receiver MUST NOT issue acknow...' RFC 2119 keyword, line 993: '...s, fragments except the last one SHALL...' RFC 2119 keyword, line 1007: '...r the first time SHALL contain the fra...' (26 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 05, 2017) is 2548 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) == Outdated reference: A later version (-10) exists of draft-ietf-lpwan-overview-01 Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan Working Group A. Minaburo 3 Internet-Draft Acklio 4 Intended status: Informational L. Toutain 5 Expires: November 6, 2017 IMT-Atlantique 6 C. Gomez 7 Universitat Politecnica de Catalunya 8 May 05, 2017 10 LPWAN Static Context Header Compression (SCHC) and fragmentation for 11 IPv6 and UDP 12 draft-ietf-lpwan-ipv6-static-context-hc-03 14 Abstract 16 This document describes a header compression scheme and fragmentation 17 functionality for IPv6/UDP protocols. These techniques are 18 especially tailored for LPWAN (Low Power Wide Area Network) networks 19 and could be extended to other protocol stacks. 21 The Static Context Header Compression (SCHC) offers a great level of 22 flexibility when processing the header fields. Static context means 23 that information stored in the context which, describes field values, 24 does not change during the packet transmission, avoiding complex 25 resynchronization mechanisms, incompatible with LPWAN 26 characteristics. In most of the cases, IPv6/UDP headers are reduced 27 to a small identifier. 29 This document describes the generic compression/decompression process 30 and applies it to IPv6/UDP headers. Similar mechanisms for other 31 protocols such as CoAP will be described in a separate document. 32 Moreover, this document specifies fragmentation and reassembly 33 mechanims for SCHC compressed packets exceeding the L2 pdu size and 34 for the case where the SCHC compression is not possible then the 35 IPv6/UDP packet is sent. 37 Status of This Memo 39 This Internet-Draft is submitted in full conformance with the 40 provisions of BCP 78 and BCP 79. 42 Internet-Drafts are working documents of the Internet Engineering 43 Task Force (IETF). Note that other groups may also distribute 44 working documents as Internet-Drafts. The list of current Internet- 45 Drafts is at http://datatracker.ietf.org/drafts/current/. 47 Internet-Drafts are draft documents valid for a maximum of six months 48 and may be updated, replaced, or obsoleted by other documents at any 49 time. It is inappropriate to use Internet-Drafts as reference 50 material or to cite them other than as "work in progress." 52 This Internet-Draft will expire on November 6, 2017. 54 Copyright Notice 56 Copyright (c) 2017 IETF Trust and the persons identified as the 57 document authors. All rights reserved. 59 This document is subject to BCP 78 and the IETF Trust's Legal 60 Provisions Relating to IETF Documents 61 (http://trustee.ietf.org/license-info) in effect on the date of 62 publication of this document. Please review these documents 63 carefully, as they describe your rights and restrictions with respect 64 to this document. Code Components extracted from this document must 65 include Simplified BSD License text as described in Section 4.e of 66 the Trust Legal Provisions and are provided without warranty as 67 described in the Simplified BSD License. 69 Table of Contents 71 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 72 2. Vocabulary . . . . . . . . . . . . . . . . . . . . . . . . . 4 73 3. Static Context Header Compression . . . . . . . . . . . . . . 5 74 3.1. Rule ID . . . . . . . . . . . . . . . . . . . . . . . . . 7 75 3.2. Packet processing . . . . . . . . . . . . . . . . . . . . 7 76 4. Matching operators . . . . . . . . . . . . . . . . . . . . . 8 77 5. Compression Decompression Actions (CDA) . . . . . . . . . . . 9 78 5.1. not-sent CDA . . . . . . . . . . . . . . . . . . . . . . 10 79 5.2. value-sent CDA . . . . . . . . . . . . . . . . . . . . . 10 80 5.3. mapping-sent . . . . . . . . . . . . . . . . . . . . . . 10 81 5.4. LSB CDA . . . . . . . . . . . . . . . . . . . . . . . . . 10 82 5.5. DEViid-DID, APPiid-DID CDA . . . . . . . . . . . . . . . 11 83 5.6. Compute-* . . . . . . . . . . . . . . . . . . . . . . . . 11 84 6. Application to IPv6 and UDP headers . . . . . . . . . . . . . 11 85 6.1. IPv6 version field . . . . . . . . . . . . . . . . . . . 11 86 6.2. IPv6 Traffic class field . . . . . . . . . . . . . . . . 12 87 6.3. Flow label field . . . . . . . . . . . . . . . . . . . . 12 88 6.4. Payload Length field . . . . . . . . . . . . . . . . . . 12 89 6.5. Next Header field . . . . . . . . . . . . . . . . . . . . 13 90 6.6. Hop Limit field . . . . . . . . . . . . . . . . . . . . . 13 91 6.7. IPv6 addresses fields . . . . . . . . . . . . . . . . . . 13 92 6.7.1. IPv6 source and destination prefixes . . . . . . . . 13 93 6.7.2. IPv6 source and destination IID . . . . . . . . . . . 14 94 6.8. IPv6 extensions . . . . . . . . . . . . . . . . . . . . . 14 95 6.9. UDP source and destination port . . . . . . . . . . . . . 15 96 6.10. UDP length field . . . . . . . . . . . . . . . . . . . . 15 97 6.11. UDP Checksum field . . . . . . . . . . . . . . . . . . . 15 98 7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 16 99 7.1. IPv6/UDP compression . . . . . . . . . . . . . . . . . . 16 100 8. Fragmentation . . . . . . . . . . . . . . . . . . . . . . . . 18 101 8.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 18 102 8.2. Reliability options: definition . . . . . . . . . . . . . 19 103 8.3. Reliability options: discussion . . . . . . . . . . . . . 20 104 8.4. Fragment format . . . . . . . . . . . . . . . . . . . . . 21 105 8.5. Fragmentation header formats . . . . . . . . . . . . . . 22 106 8.6. ACK format . . . . . . . . . . . . . . . . . . . . . . . 24 107 8.7. Baseline mechanism . . . . . . . . . . . . . . . . . . . 25 108 8.8. Aborting a fragmented IPv6 datagram transmission . . . . 28 109 8.9. Downlink fragment transmission . . . . . . . . . . . . . 28 110 9. Security considerations . . . . . . . . . . . . . . . . . . . 29 111 9.1. Security considerations for header compression . . . . . 29 112 9.2. Security considerations for fragmentation . . . . . . . . 29 113 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30 114 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 30 115 11.1. Normative References . . . . . . . . . . . . . . . . . . 30 116 11.2. Informative References . . . . . . . . . . . . . . . . . 30 117 Appendix A. Fragmentation examples . . . . . . . . . . . . . . . 30 118 Appendix B. Note . . . . . . . . . . . . . . . . . . . . . . . . 35 119 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 35 121 1. Introduction 123 Header compression is mandatory to efficiently bring Internet 124 connectivity to the node within a LPWAN network 125 [I-D.minaburo-lp-wan-gap-analysis]. 127 Some LPWAN networks properties can be exploited for an efficient 128 header compression: 130 o Topology is star oriented, therefore all the packets follow the 131 same path. For the needs of this draft, the architecture can be 132 summarized to Devices (DEV) exchanging information with LPWAN 133 Application Server (APP) through a Network Gateway (NGW). 135 o Traffic flows are mostly known in advance, since devices embed 136 built-in applications. Contrary to computers or smartphones, new 137 applications cannot be easily installed. 139 The Static Context Header Compression (SCHC) is defined for this 140 environment. SCHC uses a context where header information is kept in 141 order. This context is static (the values on the header fields do 142 not change during time) avoiding complex resynchronization 143 mechanisms, incompatible with LPWAN characteristics. In most of the 144 cases, IPv6/UDP headers are reduced to a small context identifier. 146 The SCHC header compression is indedependent of the specific LPWAN 147 technology over which it will be used. 149 On the other hand, LPWAN technologies are characterized, among 150 others, by a very reduced data unit and/or payload size 151 [I-D.ietf-lpwan-overview]. However, some of these technologies do 152 not support layer two fragmentation, therefore the only option for 153 these to support the IPv6 MTU requirement of 1280 bytes [RFC2460] is 154 the use of a fragmentation mechanism at the adaptation layer below 155 IPv6. This specification defines fragmentation functionality to 156 support the IPv6 MTU requirements over LPWAN technologies. Such 157 functionality has been designed under the assumption that data unit 158 reordering will not happen between the entity performing 159 fragmentation and the entity performing reassembly. 161 2. Vocabulary 163 This section defines the terminology and acronyms used in this 164 document. 166 o CDA: Compression/Decompression Action. An action that is perfomed 167 for both functionnalities to compress a header field or to recover 168 its original value in the decompression phase. 170 o Context: A set of rules used to compress/decompress headers 172 o DEV: Device. Node connected to the LPWAN. A DEV may implement 173 SCHC. 175 o APP: LPWAN Application. An application sending/consuming IPv6 176 packets to/from the Device. 178 o SCHC C/D: LPWAN Compressor/Decompressor. A process in the network 179 to achieve compression/decompressing headers. SCHC C/D uses SCHC 180 rules to perform compression and decompression. 182 o MO: Matching Operator. An operator used to compare a value 183 contained in a header field with a value contained in a rule. 185 o Rule: A set of header field values. 187 o Rule ID: An identifier for a rule, SCHC C/D and DEV share the same 188 rule ID for a specific flow. Rule ID is sent on the LPWAN. 190 o TV: Target value. A value contained in the rule that will be 191 matched with the value of a header field. 193 3. Static Context Header Compression 195 Static Context Header Compression (SCHC) avoids context 196 synchronization, which is the most bandwidth-consuming operation in 197 other header compression mechanisms such as RoHC. Based on the fact 198 that the nature of data flows is highly predictable in LPWAN 199 networks, a static context may be stored on the Device (DEV). The 200 context must be stored in both ends. It can also be learned by using 201 a provisionning protocol that is out of the scope of this draft. 203 DEVICE Appl Servers 204 +---------------+ +---------------+ 205 | APP1 APP2 APP3| |APP1 APP2 APP3| 206 | | | | 207 | UDP | | UDP | 208 | IPv6 | | IPv6 | 209 | | | | 210 | SCHC C/D | | | 211 | (context) | | | 212 +--------+------+ +-------+-------+ 213 | +--+ +----+ +---------+ . 214 +~~ |RG| === |NGW | === |SCHC C/D |... Internet ... 215 +--+ +----+ |(context)| 216 +---------+ 218 Figure 1: Architecture 220 Figure 1 based on [I-D.ietf-lpwan-overview] terminology represents 221 the architecture for compression/decompression. The Device is 222 running applications which produce IPv6 or IPv6/UDP flows. These 223 flows are compressed by an Static Context Header Compression 224 Compressor/Decompressor (SCHC C/D) to reduce the headers size. 225 Resulting information is sent on a layer two (L2) frame to the LPWAN 226 Radio Network to a Radio Gateway (RG) which forwards the frame to a 227 Network Gateway (NGW). The NGW sends the data to a SCHC C/D for 228 decompression which shares the same rules with the DEV. The SCHC C/D 229 can be located on the Network Gateway (NGW) or in another places if a 230 tunnel is established between the NGW and the SCHC C/D. This 231 architecture forms a star topology. After decompression, the packet 232 can be sent on the Internet to one or several LPWAN Application 233 Servers (APP). 235 The principle is exactly the same in the other direction. 237 The context contains a list of rules (cf. Figure 2). Each rule 238 contains itself a list of fields descriptions composed of a field 239 identifier (FID), a field position (FP), a direction indicator (DI), 240 a target value (TV), a matching operator (MO) and a Compression/ 241 Decompression Action (CDA). 243 /----------------------------------------------------------------\ 244 | Rule N | 245 /----------------------------------------------------------------\| 246 | Rule i || 247 /----------------------------------------------------------------\|| 248 | (FID) Rule 1 ||| 249 |+-------+---+---+------------+-----------------+---------------+||| 250 ||Field 1|Pos|Dir|Target Value|Matching Operator|Comp/Decomp Act|||| 251 |+-------+---+---+------------+-----------------+---------------+||| 252 ||Field 2|Pos|Dir|Target Value|Matching Operator|Comp/Decomp Act|||| 253 |+-------+---+---+------------+-----------------+---------------+||| 254 ||... |...|...| ... | ... | ... |||| 255 |+-------+---+---+------------+-----------------+---------------+||/ 256 ||Field N|Pos|Dir|Target Value|Matching Operator|Comp/Decomp Act||| 257 |+-------+---+---+------------+-----------------+---------------+|/ 258 | | 259 \----------------------------------------------------------------/ 261 Figure 2: Compression Decompression Context 263 The rule does not describe the original packet format which must be 264 known from the compressor/decompressor. The rule just describes the 265 compression/decompression behavior for the header fields. In the 266 rule, the description of the header field must be done in the same 267 order they appear in the packet. 269 On the other hand, the rule describes the compressed header which are 270 transmitted regarding their position in the rule which is used for 271 data serialization on the compressor side and data deserialization on 272 the decompressor side. 274 The main idea of the compression scheme is to send the rule id to the 275 other end instead of known field values. When a value is known by 276 both ends, it is not necessary to send it on the LPWAN network. 278 The field description is composed of different entries: 280 o A Field ID (FID) is a unique value to define the field. 282 o A Field Position (FP) indicating if several instances of the field 283 exist in the headers which one is targeted. 285 o A direction indicator (DI) indicating the packet direction. Three 286 values are possible: 288 * upstream when the field or the value is only present in packets 289 sent by the DEV to the APP, 291 * downstream when the field or the value is only present in 292 packet sent from the APP to the DEV and 294 * bi-directional when the field or the value is present either 295 upstream or downstream. 297 o A Target Value (TV) is the value used to make the comparison with 298 the packet header field. The Target Value can be of any type 299 (integer, strings,...). It can be a single value or a more 300 complex structure (array, list,...). It can be considered as a 301 CBOR structure. 303 o A Matching Operator (MO) is the operator used to make the 304 comparison between the field value and the Target Value. The 305 Matching Operator may require some parameters, which can be 306 considered as a CBOR structure. MO is only used during the 307 compression phase. 309 o A Compression Decompression Action (CDA) is used to describe the 310 compression and the decompression process. The CDA may require 311 some parameters, which can be considered as a CBOR structure. 313 3.1. Rule ID 315 Rule IDs are sent between both compression/decompression elements. 316 The size of the rule ID is not specified in this document and can 317 vary regarding the LPWAN technology, the number of flows,... 319 Some values in the rule ID space may be reserved for goals other than 320 header compression, for example fragmentation. 322 Rule IDs are specific to a DEV. Two DEVs may use the same rule ID 323 for different header compression. The SCHC C/D needs to combine the 324 rule ID with the DEV L2 address to find the appropriate rule. 326 3.2. Packet processing 328 The compression/decompression process follows several steps: 330 o compression rule selection: the goal is to identify which rule(s) 331 will be used to compress the headers. Each field is associated to 332 a matching operator for compression. Each header field's value is 333 compared to the corresponding target value stored in the rule for 334 that field using the matching operator. This comparison includes 335 the direction indicator and the field position in the header. If 336 all the fields in the packet's header satisfy all the matching 337 operators (excluding unappropriate direction or position) of a 338 rule, the packet is processed using Compression Decompression 339 Function associated with the fields. Otherwise the next rule is 340 tested. If no eligible rule is found, then the packet is sent 341 without compression, which may require using the fragmentation 342 procedure. 344 In the downstrean direction, the rule is also used to find the 345 device ID. 347 o sending: The rule ID is sent to the other end followed by 348 information resulting from the compression of header fields. This 349 information is sent in the order expressed in the rule for the 350 matching fields. The way the rule ID is sent depends on the layer 351 two technology and will be specified in a specific document. For 352 example, it can either be included in a Layer 2 header or sent in 353 the first byte of the L2 payload. (cf. Figure 3) 355 o decompression: The receiver identifies the sender through its 356 device-id (e.g. MAC address) and selects the appropriate rule 357 through the rule ID. This rule gives the compressed header format 358 and associates these values to header fields. It applies the CDA 359 action to reconstruct the original header fields. The CDA order 360 can be different of the order given by the rule. For instance 361 Compute-* may be applied after the other CDAs. 363 +--- ... ---+-------------- ... --------------+ 364 | Rule ID |Compressed Hdr Fields information| 365 +--- ... ---+-------------- ... --------------+ 367 Figure 3: LPWAN Compressed Format Packet 369 4. Matching operators 371 This document describes basic matching operators (MO)s which must be 372 known by both SCHC C/D, endpoints involved in the header compression/ 373 decompression. They are not typed and can be applied indifferently 374 to integer, string or any other type. The MOs and their definitions 375 are provided next: 377 o equal: a field value in a packet matches with a field value in a 378 rule if they are equal. 380 o ignore: no check is done between a field value in a packet and a 381 field value in the rule. The result of the matching is always 382 true. 384 o MSB(length): a field value of a size equal to "length" bits in a 385 packet matches with a field value in a rule if the most 386 significant "length" bits are equal. 388 o match-mapping: The goal of mapping-sent is to reduce the size of a 389 field by allocating a shorter value. The Target Value contains a 390 list of pairs. Each pair is composed of a value and a short ID 391 (or index). This operator matches if a field value is equal to 392 one of the pairs' values. 394 Matching Operators and match-mapping needs a parameter to proceed to 395 the matching. Match-mapping requires a list of values associated to 396 an index and MSB requires an integer indicating the number of bits to 397 test. 399 5. Compression Decompression Actions (CDA) 401 The Compression Decompression Actions (CDA) describes the action 402 taken during the compression of headers fields, and inversely, the 403 action taken by the decompressor to restore the original value. 405 /--------------------+-------------+----------------------------\ 406 | Action | Compression | Decompression | 407 | | | | 408 +--------------------+-------------+----------------------------+ 409 |not-sent |elided |use value stored in ctxt | 410 |value-sent |send |build from received value | 411 |mapping-sent |send index |value from index on a table | 412 |LSB(length) |send LSB |ctxt value OR rcvd value | 413 |compute-length |elided |compute length | 414 |compute-checksum |elided |compute UDP checksum | 415 |DEViid-DID |elided |build IID from L2 DEV addr | 416 |APPiid-DID |elided |build IID from L2 APP addr | 417 \--------------------+-------------+----------------------------/ 419 Figure 4: Compression and Decompression Functions 421 Figure 4 sumarizes the functions defined to compress and decompress a 422 field. The first column gives the action's name. The second and 423 third columns outlines the compression/decompression behavior. 425 Compression is done in the rule order and compressed values are sent 426 in that order in the compressed message. The receiver must be able 427 to find the size of each compressed field which can be given by the 428 rule or may be sent with the compressed header. 430 5.1. not-sent CDA 432 Not-sent function is generally used when the field value is specified 433 in the rule and therefore known by the both Compressor and 434 Decompressor. This action is generally used with the "equal" MO. If 435 MO is "ignore", there is a risk to have a decompressed field value 436 different from the compressed field. 438 The compressor does not send any value on the compressed header for 439 that field on which compression is applied. 441 The decompressor restores the field value with the target value 442 stored in the matched rule. 444 5.2. value-sent CDA 446 The value-sent action is generally used when the field value is not 447 known by both Compressor and Decompressor. The value is sent in the 448 compressed message header. Both Compressor and Decompressor must 449 know the size of the field, either implicitly (the size is known by 450 both sides) or explicitly in the compressed header field by 451 indicating the length. This function is generally used with the 452 "ignore" MO. 454 The compressor sends the Target Value stored on the rule in the 455 compressed header message. The decompressor restores the field value 456 with the one received from the LPWAN 458 5.3. mapping-sent 460 mapping-sent is used to send a smaller index associated to the field 461 value in the Target Value. This function is used together with the 462 "match-mapping" MO. 464 The compressor looks in the TV to find the field value and send the 465 corresponding index. The decompressor uses this index to restore the 466 field value. 468 The number of bit sent is the minimal number to code all the indexes. 470 5.4. LSB CDA 472 LSB action is used to send a fixed part of the packet field header to 473 the other end. This action is used together with the "MSB" MO. A 474 length can be specified to indicate how many bits have to be sent. 476 If not length is specified, the number of bit sent are the field 477 length minus the bit length specified in the MSB MO. 479 The compressor sends the "length" Least Significant Bits. The 480 decompressor combines with an OR operator the value received with the 481 Target Value. 483 5.5. DEViid-DID, APPiid-DID CDA 485 These functions are used to process respectively the Device and the 486 Application Device Identifier (DID). APPiid-DID CDA is less common, 487 since current LPWAN technologies frames contain a single address. 489 The IID value is computed from the Device ID present in the Layer 2 490 header. The computation depends on the technology and the Device ID 491 size. 493 In the downstream direction, these CDA are used to determine the L2 494 addresses used by the LPWAN. 496 5.6. Compute-* 498 These functions are used by the decompressor to compute the 499 compressed field value based on received information. Compressed 500 fields are elided during the compression and reconstructed during the 501 decompression. 503 o compute-length: compute the length assigned to this field. For 504 instance, regarding the field ID, this CDA may be used to compute 505 IPv6 length or UDP length. 507 o compute-checksum: compute a checksum from the information already 508 received by the SCHC C/D. This field may be used to compute UDP 509 checksum. 511 6. Application to IPv6 and UDP headers 513 This section lists the different IPv6 and UDP header fields and how 514 they can be compressed. 516 6.1. IPv6 version field 518 This field always holds the same value, therefore the TV is 6, the MO 519 is "equal" and the CDA "not-sent". 521 6.2. IPv6 Traffic class field 523 If the DiffServ field identified by the rest of the rule do not vary 524 and is known by both sides, the TV should contain this wellknown 525 value, the MO should be "equal" and the CDA must be "not-sent. 527 If the DiffServ field identified by the rest of the rule varies over 528 time or is not known by both sides, then there are two possibilities 529 depending on the variability of the value, the first one there is 530 without compression and the original value is sent, or the sencond 531 where the values can be computed by sending only the LSB bits: 533 o TV is not set, MO is set to "ignore" and CDA is set to "value- 534 sent" 536 o TV contains a stable value, MO is MSB(X) and CDA is set to 537 LSB(8-X) 539 6.3. Flow label field 541 If the Flow Label field identified by the rest of the rule does not 542 vary and is known by both sides, the TV should contain this well- 543 known value, the MO should be "equal" and the CDA should be "not- 544 sent". 546 If the Flow Label field identified by the rest of the rule varies 547 during time or is not known by both sides, there are two 548 possibilities dpending on the variability of the value, the first one 549 is without compression and then the value is sent and the second 550 where only part of the value is sent and the decompressor needs to 551 compute the original value: 553 o TV is not set, MO is set to "ignore" and CDA is set to "value- 554 sent" 556 o TV contains a stable value, MO is MSB(X) and CDA is set to 557 LSB(20-X) 559 6.4. Payload Length field 561 If the LPWAN technology does not add padding, this field can be 562 elided for the transmission on the LPWAN network. The SCHC C/D 563 recompute the original payload length value. The TV is not set, the 564 MO is set to "ignore" and the CDA is "compute-IPv6-length". 566 If the payload is small, the TV can be set to 0x0000, the MO set to 567 "MSB (16-s)" and the CDA to "LSB (s)". The 's' parameter depends on 568 the maximum packet length. 570 On other cases, the payload length field must be sent and the CDA is 571 replaced by "value-sent". 573 6.5. Next Header field 575 If the Next Header field identified by the rest of the rule does not 576 vary and is known by both sides, the TV should contain this Next 577 Header value, the MO should be "equal" and the CDA should be "not- 578 sent". 580 If the Next header field identified by the rest of the rule varies 581 during time or is not known by both sides, then TV is not set, MO is 582 set to "ignore" and CDA is set to "value-sent". A matching-list may 583 also be used. 585 6.6. Hop Limit field 587 The End System is generally a host and does not forward packets, 588 therefore the Hop Limit value is constant. So the TV is set with a 589 default value, the MO is set to "equal" and the CDA is set to "not- 590 sent". 592 Otherwise the value is sent on the LPWAN: TV is not set, MO is set to 593 ignore and CDA is set to "value-sent". 595 Note that the field behavior differs in upstream and downstream. In 596 upstream, since there is no IP forwarding between the DEV and the 597 SCHC C/D, the value is relatively constant. On the other hand, the 598 downstream value depends of Internet routing and may change more 599 frequently. One solution could be to use the Direction Indicator 600 (DI) to distinguish both directions to elide the field in the 601 upstream direction and send the value in the downstream direction. 603 6.7. IPv6 addresses fields 605 As in 6LoWPAN [RFC4944], IPv6 addresses are split into two 64-bit 606 long fields; one for the prefix and one for the Interface Identifier 607 (IID). These fields should be compressed. To allow a single rule, 608 these values are identified by their role (DEV or APP) and not by 609 their position in the frame (source or destination). The SCHC C/D 610 must be aware of the traffic direction (upstream, downstream) to 611 select the appropriate field. 613 6.7.1. IPv6 source and destination prefixes 615 Both ends must be synchronized with the appropriate prefixes. For a 616 specific flow, the source and destination prefix can be unique and 617 stored in the context. It can be either a link-local prefix or a 618 global prefix. In that case, the TV for the source and destination 619 prefixes contains the values, the MO is set to "equal" and the CDA is 620 set to "not-sent". 622 In case the rule allows several prefixes, mapping-list must be used. 623 The different prefixes are listed in the TV associated with a short 624 ID. The MO is set to "match-mapping" and the CDA is set to "mapping- 625 sent". 627 Otherwise the TV contains the prefix, the MO is set to "equal" and 628 the CDA is set to value-sent. 630 6.7.2. IPv6 source and destination IID 632 If the DEV or APP IID are based on an LPWAN address, then the IID can 633 be reconstructed with information coming from the LPWAN header. In 634 that case, the TV is not set, the MO is set to "ignore" and the CDA 635 is set to "DEViid-DID" or "APPiid-DID". Note that the LPWAN 636 technology is generally carrying a single device identifier 637 corresponding to the DEV. The SCHC C/D may also not be aware of 638 these values. 640 For privacy reasons or if the DEV address is changing over time, it 641 maybe better to use a static value. In that case, the TV contains 642 the value, the MO operator is set to "equal" and the CDA is set to 643 "not-sent". 645 If several IIDs are possible, then the TV contains the list of 646 possible IID, the MO is set to "match-mapping" and the CDA is set to 647 "mapping-sent". 649 Otherwise the value variation of the IID may be reduced to few bytes. 650 In that case, the TV is set to the stable part of the IID, the MO is 651 set to MSB and the CDF is set to LSB. 653 Finally, the IID can be sent on the LPWAN. In that case, the TV is 654 not set, the MO is set to "ignore" and the CDA is set to "value- 655 sent". 657 6.8. IPv6 extensions 659 No extension rules are currently defined. They can be based on the 660 MOs and CDAs described above. 662 6.9. UDP source and destination port 664 To allow a single rule, the UDP port values are identified by their 665 role (DEV or APP) and not by their position in the frame (source or 666 destination). The SCHC C/D must be aware of the traffic direction 667 (upstream, downstream) to select the appropriate field. The 668 following rules apply for DEV and APP port numbers. 670 If both ends knows the port number, it can be elided. The TV 671 contains the port number, the MO is set to "equal" and the CDA is set 672 to "not-sent". 674 If the port variation is on few bits, the TV contains the stable part 675 of the port number, the MO is set to "MSB" and the CDA is set to 676 "LSB". 678 If some well-known values are used, the TV can contain the list of 679 this values, the MO is set to "match-mapping" and the CDA is set to 680 "mapping-sent". 682 Otherwise the port numbers are sent on the LPWAN. The TV is not set, 683 the MO is set to "ignore" and the CDA is set to "value-sent". 685 6.10. UDP length field 687 If the LPWAN technology does not introduce padding, the UDP length 688 can be computed from the received data. In that case the TV is not 689 set, the MO is set to "ignore" and the CDA is set to "compute-UDP- 690 length". 692 If the payload is small, the TV can be set to 0x0000, the MO set to 693 "MSB" and the CDA to "LSB". 695 On other cases, the length must be sent and the CDA is replaced by 696 "value-sent". 698 6.11. UDP Checksum field 700 IPv6 mandates a checksum in the protocol above IP. Nevertheless, if 701 a more efficient mechanism such as L2 CRC or MIC is carried by or 702 over the L2 (such as in the LPWAN fragmentation process (see XXXX)), 703 the UDP checksum transmission can be avoided. In that case, the TV 704 is not set, the MO is set to "ignore" and the CDA is set to "compute- 705 UDP-checksum". 707 In other cases the checksum must be explicitly sent. The TV is not 708 set, the MO is set to "ignore" and the CDF is set to "value-sent". 710 7. Examples 712 This section gives some scenarios of the compression mechanism for 713 IPv6/UDP. The goal is to illustrate the SCHC behavior. 715 7.1. IPv6/UDP compression 717 The most common case using the mechanisms defined in this document 718 will be a LPWAN DEV that embeds some applications running over CoAP. 719 In this example, three flows are considered. The first flow is for 720 the device management based on CoAP using Link Local IPv6 addresses 721 and UDP ports 123 and 124 for DEV and APP, respectively. The second 722 flow will be a CoAP server for measurements done by the Device (using 723 ports 5683) and Global IPv6 Address prefixes alpha::IID/64 to 724 beta::1/64. The last flow is for legacy applications using different 725 ports numbers, the destination IPv6 address prefix is gamma::1/64. 727 Figure 5 presents the protocol stack for this Device. IPv6 and UDP 728 are represented with dotted lines since these protocols are 729 compressed on the radio link. 731 Managment Data 732 +----------+---------+---------+ 733 | CoAP | CoAP | legacy | 734 +----||----+---||----+---||----+ 735 . UDP . UDP | UDP | 736 ................................ 737 . IPv6 . IPv6 . IPv6 . 738 +------------------------------+ 739 | SCHC Header compression | 740 | and fragmentation | 741 +------------------------------+ 742 | LPWAN L2 technologies | 743 +------------------------------+ 744 DEV or NGW 746 Figure 5: Simplified Protocol Stack for LP-WAN 748 Note that in some LPWAN technologies, only the DEVs have a device ID. 749 Therefore, when such technologie are used, it is necessary to define 750 statically an IID for the Link Local address for the SCHC C/D. 752 Rule 0 753 +----------------+---------+--------+-------------++------+ 754 | Field | Value | Match | Function || Sent | 755 +----------------+---------+----------------------++------+ 756 |IPv6 version |6 | equal | not-sent || | 757 |IPv6 DiffServ |0 | equal | not-sent || | 758 |IPv6 Flow Label |0 | equal | not-sent || | 759 |IPv6 Length | | ignore | comp-length || | 760 |IPv6 Next Header|17 | equal | not-sent || | 761 |IPv6 Hop Limit |255 | ignore | not-sent || | 762 |IPv6 DEVprefix |FE80::/64| equal | not-sent || | 763 |IPv6 DEViid | | ignore | DEViid-DID || | 764 |IPv6 APPprefix |FE80::/64| equal | not-sent || | 765 |IPv6 APPiid |::1 | equal | not-sent || | 766 +================+=========+========+=============++======+ 767 |UDP DEVport |123 | equal | not-sent || | 768 |UDP APPport |124 | equal | not-sent || | 769 |UDP Length | | ignore | comp-length || | 770 |UDP checksum | | ignore | comp-chk || | 771 +================+=========+========+=============++======+ 773 Rule 1 774 +----------------+---------+--------+-------------++------+ 775 | Field | Value | Match | Function || Sent | 776 +----------------+---------+--------+-------------++------+ 777 |IPv6 version |6 | equal | not-sent || | 778 |IPv6 DiffServ |0 | equal | not-sent || | 779 |IPv6 Flow Label |0 | equal | not-sent || | 780 |IPv6 Length | | ignore | comp-length || | 781 |IPv6 Next Header|17 | equal | not-sent || | 782 |IPv6 Hop Limit |255 | ignore | not-sent || | 783 |IPv6 DEVprefix |alpha/64 | equal | not-sent || | 784 |IPv6 DEViid | | ignore | DEViid-DID || | 785 |IPv6 APPprefix |beta/64 | equal | not-sent || | 786 |IPv6 APPiid |::1000 | equal | not-sent || | 787 +================+=========+========+=============++======+ 788 |UDP DEVport |5683 | equal | not-sent || | 789 |UDP APPport |5683 | equal | not-sent || | 790 |UDP Length | | ignore | comp-length || | 791 |UDP checksum | | ignore | comp-chk || | 792 +================+=========+========+=============++======+ 794 Rule 2 795 +----------------+---------+--------+-------------++------+ 796 | Field | Value | Match | Function || Sent | 797 +----------------+---------+--------+-------------++------+ 798 |IPv6 version |6 | equal | not-sent || | 799 |IPv6 DiffServ |0 | equal | not-sent || | 800 |IPv6 Flow Label |0 | equal | not-sent || | 801 |IPv6 Length | | ignore | comp-length || | 802 |IPv6 Next Header|17 | equal | not-sent || | 803 |IPv6 Hop Limit |255 | ignore | not-sent || | 804 |IPv6 DEVprefix |alpha/64 | equal | not-sent || | 805 |IPv6 DEViid | | ignore | DEViid-DID || | 806 |IPv6 APPprefix |gamma/64 | equal | not-sent || | 807 |IPv6 APPiid |::1000 | equal | not-sent || | 808 +================+=========+========+=============++======+ 809 |UDP DEVport |8720 | MSB(12)| LSB(4) || lsb | 810 |UDP APPport |8720 | MSB(12)| LSB(4) || lsb | 811 |UDP Length | | ignore | comp-length || | 812 |UDP checksum | | ignore | comp-chk || | 813 +================+=========+========+=============++======+ 815 Figure 6: Context rules 817 All the fields described in the three rules Figure 6 are present in 818 the IPv6 and UDP headers. The DEViid-DID value is found in the L2 819 header. 821 The second and third rules use global addresses. The way the DEV 822 learns the prefix is not in the scope of the document. 824 The third rule compresses port numbers to 4 bits. 826 8. Fragmentation 828 8.1. Overview 830 Fragmentation support in LPWAN is mandatory when the underlying LPWAN 831 technology is not capable of fulfilling the IPv6 MTU requirement. 832 Fragmentation is used if, after SCHC header compression, the size of 833 the resulting IPv6 packet is larger than the L2 data unit maximum 834 payload. Fragmentation is also used if SCHC header compression has 835 not been able to compress an IPv6 packet that is larger than the L2 836 data unit maximum payload. In LPWAN technologies, the L2 data unit 837 size typically varies from tens to hundreds of bytes. If the entire 838 IPv6 datagram fits within a single L2 data unit, the fragmentation 839 mechanism is not used and the packet is sent unfragmented. 840 If the datagram does not fit within a single L2 data unit, it SHALL 841 be broken into fragments. 843 Moreover, LPWAN technologies impose some strict limitations on 844 traffic; therefore it is desirable to enable optional fragment 845 retransmission, while a single fragment loss should not lead to 846 retransmitting the full IPv6 datagram. On the other hand, in order 847 to preserve energy, Things (End Systems) are sleeping most of the 848 time and may receive data during a short period of time after 849 transmission. In order to adapt to the capabilities of various LPWAN 850 technologies, this specification allows for a gradation of fragment 851 delivery reliability. This document does not make any decision with 852 regard to which fragment delivery reliability option is used over a 853 specific LPWAN technology. 855 An important consideration is that LPWAN networks typically follow 856 the star topology, and therefore data unit reordering is not expected 857 in such networks. This specification assumes that reordering will 858 not happen between the entity performing fragmentation and the entity 859 performing reassembly. This assumption allows to reduce complexity 860 and overhead of the fragmentation mechanism. 862 8.2. Reliability options: definition 864 This specification defines the following five fragment delivery 865 reliability options: 867 o No ACK 869 o Packet mode - ACK "always" 871 o Packet mode - ACK on error 873 o Window mode - ACK "always" 875 o Window mode - ACK on error 877 The same reliability option MUST be used for all fragments of a 878 packet. It is up to the underlying LPWAN technology to decide which 879 reliability option to use and whether the same reliability option 880 applies to all IPv6 packets. Note that the reliability option to be 881 used is not necessarily tied to the particular characteristics of the 882 underlying L2 LPWAN technology (e.g. a reliability option without 883 receiver feedback may be used on top of an L2 LPWAN technology with 884 symmetric characteristics for uplink and downlink). 886 In the No ACK option, the receiver MUST NOT issue acknowledgments 887 (ACK). 889 In Packet mode - ACK "always", the receiver transmits one ACK after 890 all fragments carrying an IPv6 packet have been transmitted. The ACK 891 informs the sender about received and/or missing fragments from the 892 IPv6 packet. 894 In Packet mode - ACK on error, the receiver transmits one ACK after 895 all fragments carrying an IPv6 packet have been transmitted, only if 896 at least one of those fragments has been lost. The ACK informs the 897 sender about received and/or missing fragments from the IPv6 packet. 899 In Window mode - ACK "always", an ACK is transmitted by the fragment 900 receiver after a window of fragments have been sent. A window of 901 fragments is a subset of the full set of fragments needed to carry an 902 IPv6 packet. In this mode, the ACK informs the sender about received 903 and/or missing fragments from the window of fragments. 905 In Window mode - ACK on error, an ACK is transmitted by the fragment 906 receiver after a window of fragments have been sent, only if at least 907 one of the fragments in the window has been lost. In this mode, the 908 ACK informs the sender about received and/or missing fragments from 909 the window of fragments. 911 In Packet or Window mode, upon receipt of an ACK that informs about 912 any lost fragments, the sender retransmits the lost fragments, up to 913 a maximum number of ACK and retransmission rounds that is TBD. 915 This document does not make any decision as to which fragment 916 delivery reliability option(s) need to be supported over a specific 917 LPWAN technology. 919 Examples of the different reliability options described are provided 920 in Appendix A. 922 8.3. Reliability options: discussion 924 This section discusses the properties of each fragment delivery 925 reliability option defined in the previous section. Figure Figure 7 926 summarizes advantages and disadvantages of the reliability options 927 that provide receiver feedback. 929 No ACK is the most simple fragment delivery reliability option. With 930 this option, the receiver does not generate overhead in the form of 931 ACKs. However, this option does not enhance delivery reliability 932 beyond that offered by the underlying LPWAN technology. 934 ACK on error options are based on the optimistic expectation that the 935 underlying links will offer relatively low L2 data unit loss 936 probability. ACK on error reduces the number of ACKs transmitted by 937 the fragment receiver compared to ACK "always" options. This may be 938 especially beneficial in asymmetric scenarios, e.g. where fragmented 939 data are sent uplink and the underlying LPWAN technology downlink 940 capacity or message rate is lower than the uplink one. 942 The Packet mode - ACK on error option provides reliability with low 943 ACK overhead. However, if an ACK is lost, the sender assumes that 944 all fragments carrying the IPv6 datagram have been successfully 945 delivered. In contrast, the Packet mode - ACK "always" option does 946 not suffer that issue, at the expense of a moderate ACK overhead. An 947 issue with any of the Packet modes is that detection of a long burst 948 of lost frames is only possible after relatively long time (i.e. at 949 the end of the transmission of all fragments carrying an IPv6 950 datagram). 952 In contrast with Packet modes, the Window mode - ACK "always" option 953 provides flow control. In addition, it is able to better handle long 954 bursts of lost fragments, since detection of such events can be done 955 earlier than with any of the Packet modes. However, the benefits of 956 Window mode - ACK "always" come at the expense of higher ACK 957 overhead. 959 With regard to the Window mode - ACK on error option, there is no 960 known use case for it at the time of the writing. 962 +-----------------------+------------------------+ 963 | Packet mode | Window mode | 964 +-----------------+-----------------------+------------------------+ 965 | | + Low ACK overhead | | 966 | ACK on error | - Long loss burst | (Use case unknown) | 967 | | - No flow control | | 968 +-----------------+-----------------------+------------------------+ 969 | | + Moderate ACK overh. | + Flow control | 970 | ACK "always" | - Long loss burst | + Long loss burst | 971 | | - No flow control | - Higher ACK overhead | 972 +-----------------+-----------------------+------------------------+ 974 Figure 7: Summary of fragment delivery options that provide receiver 975 feedback, and their main advantages (+) and disadvantages (-). 977 8.4. Fragment format 979 A fragment comprises a fragmentation header and a fragment payload, 980 and conforms to the format shown in Figure 8. The fragment payload 981 carries a subset of either the IPv6 packet after header compression 982 or an IPv6 packet which could not be compressed. A fragment is the 983 payload in the L2 protocol data unit (PDU). 985 +---------------+-----------------------+ 986 | Fragm. Header | Fragment payload | 987 +---------------+-----------------------+ 989 Figure 8: Fragment format. 991 8.5. Fragmentation header formats 993 In any of the Window modes, fragments except the last one SHALL 994 contain the fragmentation header as defined in Figure 9. The total 995 size of this fragmentation header is R bits. 997 <------------ R ----------> 998 <--T--> 1 <--N--> 999 +-- ... --+- ... -+-+- ... -+ 1000 | Rule ID | DTag |W| CFN | 1001 +-- ... --+- ... -+-+- ... -+ 1003 Figure 9: Fragmentation Header for Fragments except the Last One, 1004 Window mode 1006 In any of the Packet modes, fragments (except the last one) that are 1007 transmitted for the first time SHALL contain the fragmentation header 1008 shown in Figure 10. The total size of this fragmentation header is R 1009 bits. 1011 <------------- R ------------> 1012 <- T -> <- N -> 1013 +---- ... ---+- ... -+- ... -+ 1014 | Rule ID | DTag | CFN | 1015 +---- ... ---+- ... -+- ... -+ 1017 Figure 10: Fragmentation Header for Fragments except the Last One, in 1018 a Packet mode; first transmission attempt 1020 In any of the Packet modes, fragments (except the last one) that are 1021 retransmitted SHALL 1022 contain the fragmentation header as defined in Figure 11. 1024 <------------- R ------------> 1025 <- T -> <----- A ----> 1026 +---- ... ---+- ... -+----- ... ----+ 1027 | Rule ID | DTag | AFN | 1028 +---- ... ---+- ... -+----- ... ----+ 1030 Figure 11: Fragmentation Header for Retransmitted Fragments (Except 1031 the Last One) in a Packet mode 1033 The last fragment of an IPv6 datagram, regardless of whether a Packet 1034 mode or Window mode is in use, SHALL contain a fragmentation header 1035 that conforms to the format shown in Figure 12. The total size of 1036 this fragmentation header is R+M bits. 1038 <------------- R ------------> 1039 <- T -> <- N -> <---- M -----> 1040 +---- ... ---+- ... -+- ... -+---- ... ----+ 1041 | Rule ID | DTag | 11..1 | MIC | 1042 +---- ... ---+- ... -+- ... -+---- ... ----+ 1044 Figure 12: Fragmentation Header for the Last Fragment 1046 o Rule ID: this field has a size of R - T - N - 1 bits in all 1047 fragments that are not the last one, when Window mode is used. In 1048 all other fragments, the Rule ID field has a size of R - T - N 1049 bits. The Rule ID in a fragment is set to a value that indicates 1050 that the data unit being carried is a fragment. This also allows 1051 to interleave non-fragmented IPv6 datagrams with fragments that 1052 carry a larger IPv6 datagram. Rule ID may be used to signal which 1053 reliability option is in use. In any of the Packet modes, Rule ID 1054 is also used to indicate whether the fragment is a first 1055 transmission or a retransmission. 1057 o DTag: DTag stands for Datagram Tag. The size of the DTag field is 1058 T bits, which may be set to a value greater than or equal to 0 1059 bits. The DTag field in all fragments that carry the same IPv6 1060 datagram MUST be set to the same value. The DTag field allows to 1061 interleave fragments that correspond to different IPv6 datagrams. 1062 DTag MUST be set sequentially increasing from 0 to 2^T - 1, and 1063 MUST wrap back from 2^T - 1 to 0. 1065 o CFN: CFN stands for Compressed Fragment Number. The size of the 1066 CFN field is N bits. In the No ACK option, N=1. For the rest of 1067 options, 1068 N equal to or greater than 3 is recommended. This field is an 1069 unsigned integer that carries a non-absolute fragment number. The 1070 CFN MUST be set sequentially decreasing from 2^N - 2 for the first 1071 fragment, and MUST wrap from 0 back to 2^N - 2 (e.g. for N=3, the 1072 first fragment has CFN=6, subsequent CFNs are set sequentially and 1073 in decreasing order, and CFN will wrap from 0 back to 6). The CFN 1074 for the last fragment has all bits set to 1. Note that, by this 1075 definition, the CFN value of 2^N - 1 is only used to identify a 1076 fragment as the last fragment carrying a subset of the IPv6 packet 1077 being transported, and thus the CFN does not strictly correspond 1078 to the N least significant bits of the actual absolute fragment 1079 number. It is also important to note that, for N=1, the last 1080 fragment of the packet will carry a CFN equal to 1, while all 1081 previous fragments will carry a CFN of 0. 1083 o W: W is a 1-bit flag that is used in Window mode. Its purpose is 1084 avoiding possible ambiguity for the receiver that might arise 1085 under certain conditions. This flag carries the same value for 1086 all fragments of a window, and it is set to the other value for 1087 the next window. The initial value for this flag is 1. 1089 o AFN: AFN stands for Absolute Fragment Number. This field has a 1090 size of A bits. 'A' may be greater than N. The AFN is an 1091 unsigned integer that carries the absolute fragment number that 1092 corresponds to a fragment from an IPv6 packet. The AFN MUST be 1093 set sequentially and in increasing order, starting from 0. 1095 o MIC: MIC stands for Message Integrity Check. This field has a 1096 size of M bits. It is computed by the sender over the complete 1097 IPv6 packet before fragmentation by using the TBD algorithm. The 1098 MIC allows to check for errors in the reassembled IPv6 packet, 1099 while it also enables compressing the UDP checksum by use of SCHC. 1101 The values for R, N, A and M are not specified in this document, 1102 and have to be determined by the underlying LPWAN technology. 1104 8.6. ACK format 1106 The format of an ACK is shown in Figure 13: 1108 <------- R ------> 1109 <- T -> 1110 +---- ... --+-... -+----- ... ---+ 1111 | Rule ID | DTag | bitmap | 1112 +---- ... --+-... -+----- ... ---+ 1114 Figure 13: Format of an ACK 1116 Rule ID: In all ACKs, Rule ID has a size of R bits and SHALL be set 1117 to TBD_ACK to signal that the message is an ACK. 1119 DTag: DTag has a size of T bits. DTag carries the same value as the 1120 DTag field in the fragments carrying the IPv6 datagram for which this 1121 ACK is intended. 1123 bitmap: size of the bitmap field of an ACK can be equal to 0 or 1124 Ceiling(Number_of_Fragments/8) octets, where Number_of_Fragments 1125 denotes the number of fragments of a window (in Window mode) or the 1126 number of fragments that carry the IPv6 packet (in Packet mode). The 1127 bitmap is a sequence of bits, where the n-th bit signals whether the 1128 n-th fragment transmitted has been correctly received (n-th bit set 1129 to 1) or not (n-th bit set to 0). Remaining bits with bit order 1130 greater than the number of fragments sent (as determined by the 1131 receiver) are set to 0, except for the last bit in the bitmap, which 1132 is set to 1 if the last fragment (carrying the MIC) has been 1133 correctly received, and 0 otherwise. Absence of the bitmap in an ACK 1134 confirms correct reception of all fragments to be acknowledged by 1135 means of the ACK. 1137 Figure 14 shows an example of an ACK in Packet mode, where the bitmap 1138 indicates that the second and the ninth fragments have not been 1139 correctly received. In this example, the IPv6 packet is carried by 1140 eleven fragments in total, therefore the bitmap has a size of two 1141 bytes. 1143 <------ R ------> 1 1144 <- T -> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 1145 +---- ... --+-... -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1146 | Rule ID | DTag |1|0|1|1|1|1|1|1|0|1|1|0|0|0|0|1| 1147 +---- ... --+-... -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1149 Figure 14: Example of the Bitmap in an ACK 1151 Figure 15 shows an example of an ACK in Window mode (N=3), where the 1152 bitmap indicates that the second and the fifth fragments have not 1153 been correctly received. 1155 <------ R ------> 1156 <- T -> 0 1 2 3 4 5 6 7 1157 +---- ... --+-... -+-+-+-+-+-+-+-+-+ 1158 | Rule ID | DTag |1|0|1|1|0|1|1|1| 1159 +---- ... --+-... -+-+-+-+-+-+-+-+-+ 1161 Figure 15: Example of the bitmap in an ACK (in Window mode, for N=3) 1163 Figure 16 illustrates an ACK without bitmap. 1165 <------ R ------> 1166 <- T -> 1167 +---- ... --+-... -+ 1168 | Rule ID | DTag | 1169 +---- ... --+-... -+ 1171 Figure 16: Example of an ACK without bitmap 1173 8.7. Baseline mechanism 1175 The receiver of link fragments SHALL use (1) the sender's L2 source 1176 address (if present), (2) the destination's L2 address (if present), 1177 (3) Rule ID and (4) DTag to identify all the fragments that belong to 1178 a Given IPv6 datagram. The fragment receiver may determine the 1179 fragment delivery reliability option in use for the fragment based on 1180 the Rule ID field in that fragment. 1182 Upon receipt of a link fragment, the receiver starts constructing the 1183 original unfragmented packet. It uses the CFN and the order of 1184 arrival of each fragment to determine the location of the individual 1185 fragments within the original unfragmented packet. For example, it 1186 may place the data payload of the fragments within a payload datagram 1187 reassembly buffer at the location determined from the CFN and order 1188 of arrival of the fragments, and the fragment payload sizes. In 1189 Window mode, the fragment receiver also uses the W flag in the 1190 received fragments. Note that the size of the original, unfragmented 1191 IPv6 packet cannot be determined from fragmentation headers. 1193 When ACK on error is used (for either Packet mode or Window mode), 1194 the fragment receiver starts a timer (denoted "ACK on Error Timer") 1195 upon reception of the first fragment for an IPv6 datagram. The 1196 initial value for this timer is not provided by this specification, 1197 and is expected to be defined in additional documents. This timer is 1198 reset every time that a new fragment carrying data from the same IPv6 1199 datagram is received. In Packet mode - ACK on error, upon timer 1200 expiration, if the last fragment of the IPv6 datagram (i.e. carrying 1201 all CFN bits set to 1) has not been received, an ACK MUST be 1202 transmitted by the fragment receiver to indicate received and not 1203 received fragments for that IPv6 datagram. 1204 In Window mode - ACK on error, upon timer expiration, if neither the 1205 last fragment of the IPv6 datagram nor the last fragment of the 1206 current window (with CFN=0) have been received, an ACK MUST be 1207 transmitted by the fragment receiver to indicate received and not 1208 received fragments for the current window. 1210 Note that, in Window mode, the first fragment of the window is the 1211 one sent with CFN=2^N-2. Also note that, in Window mode, the 1212 fragment with CFN=0 is considered the last fragment of its window, 1213 except for the last fragment of the whole packet (with all CFN bits 1214 set to 1), which is also the last fragment of the last window. Upon 1215 receipt of the last fragment of a window, if Window mode - ACK 1216 "Always" is used, the fragment receiver MUST send an ACK to the 1217 fragment sender. The ACK provides feedback on the fragments received 1218 and lost that correspond to the last window. 1220 If the recipient receives the last fragment of an IPv6 datagram, it 1221 checks for the integrity of the reassembled IPv6 datagram, based on 1222 the MIC received. In No ACK mode, if the integrity check indicates 1223 that the reassembled IPv6 datagram does not match the original IPv6 1224 datagram (prior to fragmentation), the reassembled IPv6 datagram MUST 1225 be discarded. If ACK "Always" is used, the recipient MUST transmit 1226 an ACK to the fragment sender. The ACK 1227 provides feedback on the whole set of fragments sent that carry the 1228 complete IPv6 packet (Packet mode) or on the fragments that 1229 correspond to the last window (Window mode). If ACK on error is 1230 used, the recipient MUST NOT transmit an ACK to the sender if no 1231 losses have been detected for the whole IPv6 packet (Packet mode) or 1232 in the last window (Window mode). If losses have been detected, the 1233 recipient MUST then transmit an ACK to the sender to provide feedback 1234 on the whole IPv6 packet (Packet mode) or in the last window (Window 1235 mode). 1237 When ACK "Always" is used (in either Packet mode or Window mode), the 1238 fragment sender starts a timer (denoted "ACK Always Timer") after 1239 transmitting the last fragment of a fragmented IPv6 datagram. The 1240 initial value for this timer is not provided by this specification, 1241 and is expected to be defined in additional documents. Upon 1242 expiration of the timer, if no ACK has been received for this IPv6 1243 datagram, the sender retransmits the last fragment, and it 1244 reinitializes and restarts the timer. In Window mode - ACK "Always", 1245 the fragment sender also starts the ACK Always Timer after 1246 transmitting the last fragment of a window. Upon expiration of the 1247 timer, if no ACK has been received for this window, the sender 1248 retransmits the last fragment, and it reinitializes and restarts the 1249 timer. Note that retransmitting the last fragment of a packet or a 1250 window as described serves as an ACK request. The maximum number of 1251 ACK requests in Packet mode or in Window mode is TBD. 1253 In all reliability options, except for the No ACK option, the 1254 fragment sender retransmits any lost fragments reported in an ACK. 1255 In Packet modes, in order to minimize the probability of ambiguity 1256 with the CFN of different retransmitted fragments, the fragment 1257 sender 1258 renumbers the CFNs of the fragments to be retransmitted by following 1259 the same approach as for a sequence of new fragments: the CFN for 1260 retransmitted fragments is set sequentially decreasing from 2^N - 2 1261 for the first fragment, and MUST wrap from 0 back to 2^N - 2. 1262 However, the last fragment of the set of retransmitted fragments only 1263 carries a CFN with all bits set to 1 if it is actually a 1264 retransmission of the last fragment of the packet (i.e. the last 1265 fragment had been lost in the first place). Examples of fragment 1266 renumbering for retransmitted fragments in Packet modes can be found 1267 in Appendix A. 1269 A maximum of TBD iterations of ACK and fragment retransmission rounds 1270 are allowed per-window or per-IPv6-packet in Window mode or in Packet 1271 mode, respectively. 1273 If a fragment recipient disassociates from its L2 network, the 1274 recipient MUST discard all link fragments of all partially 1275 reassembled payload datagrams, and fragment senders MUST discard all 1276 not yet transmitted link fragments of all partially transmitted 1277 payload (e.g., IPv6) datagrams. Similarly, when a node first 1278 receives a fragment of a packet, it starts a reassembly timer. When 1279 this time expires, if the entire packet has not been reassembled, the 1280 existing fragments MUST be discarded and the reassembly state MUST be 1281 flushed. The value for this timer is not provided by this 1282 specification, and is expected to be defined in technology-specific 1283 profile documents. 1285 8.8. Aborting a fragmented IPv6 datagram transmission 1287 For several reasons, a fragment sender or a fragment receiver may 1288 want to abort the transmission of a fragmented IPv6 datagram. 1290 If the fragment sender triggers abortion, it transmits to the 1291 receiver a format equivalent to a fragmentation header (with the 1292 format for a fragment that is not the last one), with the Rule ID 1293 field (of size R - T - N bits) set to TBD_ABORT_TX and all CFN bits 1294 set to 1. No data is carried along with this fragmentation header. 1296 If the fragment receiver triggers abortion, it transmits to the 1297 fragment sender a Rule ID (of size R bits) set to TBD_ABORT_RX. The 1298 entity that triggers abortion (either a fragment sender or a fragment 1299 receiver) MUST release any resources allocated for the fragmented 1300 IPv6 datagram transmission being aborted. 1302 When a fragment receiver receives an L2 frame containing a Rule ID 1303 set to TBD ABORT_TX and a CFN field with all bits set to 1, the 1304 receiver MUST release any resources allocated for the fragmented IPv6 1305 datagram transmission being aborted. 1307 When a fragment sender receives an L2 frame containing a Rule ID set 1308 to TBD_ABORT_RX, the fragment sender MUST abort transmission of the 1309 fragmented IPv6 datagram being transmitted, and MUST release any 1310 resources allocated for the fragmented IPv6 datagram transmission 1311 being aborted. 1313 A further Rule ID value may be used by an entity to signal abortion 1314 of all on- going, possibly interleaved, fragmented IPv6 datagram 1315 transmissions. 1317 8.9. Downlink fragment transmission 1319 In some LPWAN technologies, as part of energy-saving techniques, 1320 downlink transmission is only possible immediately after an uplink 1321 transmission. In order to avoid potentially high delay for 1322 fragmented IPv6 datagram transmission in the downlink, the fragment 1323 receiver MAY perform an uplink transmission as soon as possible after 1324 reception of a fragment that is not the last one. Such uplink 1325 transmission may be triggered by the L2 (e.g. an L2 ACK sent in 1326 response to a fragment encapsulated in a L2 frame that requires an L2 1327 ACK) or it may be triggered from an upper layer. 1329 9. Security considerations 1331 9.1. Security considerations for header compression 1333 TBD 1335 9.2. Security considerations for fragmentation 1337 This subsection describes potential attacks to LPWAN fragmentation 1338 and proposes countermeasures, based on existing analysis of attacks 1339 to 6LoWPAN fragmentation {HHWH}. 1341 A node can perform a buffer reservation attack by sending a first 1342 fragment to a target. Then, the receiver will reserve buffer space 1343 for the whole packet on the basis of the datagram size announced in 1344 that first fragment. Other incoming fragmented packets will be 1345 dropped while the reassembly buffer is occupied during the reassembly 1346 timeout. Once that timeout expires, the attacker can repeat the same 1347 procedure, and iterate, thus creating a denial of service attack. 1348 The (low) cost to mount this attack is linear with the number of 1349 buffers at the target node. However, the cost for an attacker can be 1350 increased if individual fragments of multiple packets can be stored 1351 in the reassembly buffer. To further increase the attack cost, the 1352 reassembly buffer can be split into fragment-sized buffer slots. 1353 Once a packet is complete, it is processed normally. If buffer 1354 overload occurs, a receiver can discard packets based on the sender 1355 behavior, which may help identify which fragments have been sent by 1356 an attacker. 1358 In another type of attack, the malicious node is required to have 1359 overhearing capabilities. If an attacker can overhear a fragment, it 1360 can send a spoofed duplicate (e.g. with random payload) to the 1361 destination. A receiver cannot distinguish legitimate from spoofed 1362 fragments. Therefore, the original IPv6 packet will be considered 1363 corrupt and will be dropped. To protect resource-constrained nodes 1364 from this attack, it has been proposed to establish a binding among 1365 the fragments to be transmitted by a node, by applying content- 1366 chaining to the different fragments, based on cryptographic hash 1367 functionality. The aim of this technique is to allow a receiver to 1368 identify illegitimate fragments. 1370 Further attacks may involve sending overlapped fragments (i.e. 1371 comprising some overlapping parts of the original IPv6 datagram). 1372 Implementers should make sure that correct operation is not affected 1373 by such event. 1375 10. Acknowledgements 1377 Thanks to Dominique Barthel, Carsten Bormann, Philippe Clavier, 1378 Arunprabhu Kandasamy, Antony Markovski, Alexander Pelov, Pascal 1379 Thubert, Juan Carlos Zuniga for useful design consideration. 1381 11. References 1383 11.1. Normative References 1385 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1386 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1387 December 1998, . 1389 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1390 "Transmission of IPv6 Packets over IEEE 802.15.4 1391 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 1392 . 1394 11.2. Informative References 1396 [I-D.ietf-lpwan-overview] 1397 Farrell, S., "LPWAN Overview", draft-ietf-lpwan- 1398 overview-01 (work in progress), February 2017. 1400 [I-D.minaburo-lp-wan-gap-analysis] 1401 Minaburo, A., Pelov, A., and L. Toutain, "LP-WAN GAP 1402 Analysis", draft-minaburo-lp-wan-gap-analysis-01 (work in 1403 progress), February 2016. 1405 Appendix A. Fragmentation examples 1407 This section provides examples of different fragment delivery 1408 reliability options possible on the basis of this specification. 1410 Figure 17 illustrates the transmission of an IPv6 packet that needs 1411 11 fragments in the No ACK option. 1413 Sender Receiver 1414 |-------CFN=0-------->| 1415 |-------CFN=0-------->| 1416 |-------CFN=0-------->| 1417 |-------CFN=0-------->| 1418 |-------CFN=0-------->| 1419 |-------CFN=0-------->| 1420 |-------CFN=0-------->| 1421 |-------CFN=0-------->| 1422 |-------CFN=0-------->| 1423 |-------CFN=0-------->| 1424 |-------CFN=1-------->|MIC checked => 1426 Figure 17: Transmission of an IPv6 packet carried by 11 fragments in 1427 the No ACK option 1429 Figure 18 illustrates the transmission of an IPv6 packet that needs 1430 11 fragments in Packet mode - ACK on error, for N=3, without losses. 1432 Sender Receiver 1433 |-------CFN=6-------->| 1434 |-------CFN=5-------->| 1435 |-------CFN=4-------->| 1436 |-------CFN=3-------->| 1437 |-------CFN=2-------->| 1438 |-------CFN=1-------->| 1439 |-------CFN=0-------->| 1440 |-------CFN=6-------->| 1441 |-------CFN=5-------->| 1442 |-------CFN=4-------->| 1443 |-------CFN=7-------->|MIC checked => 1444 (no ACK) 1446 Figure 18: Transmission of an IPv6 packet carried by 11 fragments in 1447 Packet mode - ACK on error, for N=3, no losses. 1449 Figure 19 illustrates the transmission of an IPv6 packet that needs 1450 11 fragments in Packet mode - ACK on error, for N=3, with three 1451 losses. 1453 Sender Receiver 1454 (AFN=0) |-------CFN=6-------->| 1455 (AFN=1) |-------CFN=5-------->| 1456 (AFN=2) |-------CFN=4---X---->| 1457 (AFN=3) |-------CFN=3-------->| 1458 (AFN=4) |-------CFN=2---X---->| 1459 (AFN=5) |-------CFN=1-------->| 1460 (AFN=6) |-------CFN=0-------->| 1461 (AFN=7) |-------CFN=6-------->| 1462 (AFN=8) |-------CFN=5-------->| 1463 (AFN=9) |-------CFN=4---X---->| 1464 |-------CFN=7-------->|MIC checked 1465 |<-------ACK----------|Bitmap:1101011110100001 1466 |-------AFN=2-------->| 1467 |-------AFN=4-------->| 1468 |-------AFN=9-------->|MIC checked => 1469 (no ACK) 1471 Figure 19: Transmission of an IPv6 packet carried by 11 fragments in 1472 Packet mode - ACK on error, for N=3, three losses. In the figure, 1473 (AFN=x) indicates the AFN value computed by the sender for each 1474 fragment. 1476 Figure 20 illustrates the transmission of an IPv6 packet that needs 1477 11 fragments in Window mode - ACK on error, for N=3, without losses. 1479 Sender Receiver 1480 |-----W=1, CFN=6----->| 1481 |-----W=1, CFN=5----->| 1482 |-----W=1, CFN=4----->| 1483 |-----W=1, CFN=3----->| 1484 |-----W=1, CFN=2----->| 1485 |-----W=1, CFN=1----->| 1486 |-----W=1, CFN=0----->| 1487 (no ACK) 1488 |-----W=0, CFN=6----->| 1489 |-----W=0, CFN=5----->| 1490 |-----W=0, CFN=4----->| 1491 |-----W=0, CFN=7----->|MIC checked => 1492 (no ACK) 1494 Figure 20: Transmission of an IPv6 packet carried by 11 fragments in 1495 Window mode - ACK on error, for N=3, without losses. 1497 Figure 21 illustrates the transmission of an IPv6 packet that needs 1498 11 fragments in Window mode - ACK on error, for N=3, with three 1499 losses. 1501 Sender Receiver 1502 |-----W=1, CFN=6----->| 1503 |-----W=1, CFN=5----->| 1504 |-----W=1, CFN=4--X-->| 1505 |-----W=1, CFN=3----->| 1506 |-----W=1, CFN=2--X-->| 1507 |-----W=1, CFN=1----->| 1508 |-----W=1, CFN=0----->| 1509 |<-------ACK----------|Bitmap:11010111 1510 |-----W=1, CFN=4----->| 1511 |-----W=1, CFN=2----->| 1512 (no ACK) 1513 |-----W=0, CFN=6----->| 1514 |-----W=0, CFN=5----->| 1515 |-----W=0, CFN=4--X-->| 1516 |-----W=0, CFN=7----->|MIC checked 1517 |<-------ACK----------|Bitmap:11010001 1518 |-----W=0, CFN=4----->|MIC checked => 1519 (no ACK) 1521 Figure 21: Transmission of an IPv6 packet carried by 11 fragments in 1522 Window mode - ACK on error, for N=3, three losses. 1524 Figure 22 illustrates the transmission of an IPv6 packet that needs 1525 11 fragments in Packet mode - ACK "Always", for N=3, without losses. 1527 Sender Receiver 1528 |-------CFN=6-------->| 1529 |-------CFN=5-------->| 1530 |-------CFN=4-------->| 1531 |-------CFN=3-------->| 1532 |-------CFN=2-------->| 1533 |-------CFN=1-------->| 1534 |-------CFN=0-------->| 1535 |-------CFN=6-------->| 1536 |-------CFN=5-------->| 1537 |-------CFN=4-------->| 1538 |-------CFN=7-------->|MIC checked => 1539 |<-------ACK----------|no bitmap 1540 (End) 1542 Figure 22: Transmission of an IPv6 packet carried by 11 fragments in 1543 Packet mode - ACK "Always", for N=3, no losses. 1545 Figure 23 illustrates the transmission of an IPv6 packet that needs 1546 11 fragments in Packet mode - ACK "Always", for N=3, with three 1547 losses. 1549 Sender Receiver 1550 (AFN=0) |-------CFN=6-------->| 1551 (AFN=1) |-------CFN=5-------->| 1552 (AFN=2) |-------CFN=4---X---->| 1553 (AFN=3) |-------CFN=3-------->| 1554 (AFN=4) |-------CFN=2---X---->| 1555 (AFN=5) |-------CFN=1-------->| 1556 (AFN=6) |-------CFN=0-------->| 1557 (AFN=7) |-------CFN=6-------->| 1558 (AFN=8) |-------CFN=5-------->| 1559 (AFN=9) |-------CFN=4---X---->| 1560 |-------CFN=7-------->|MIC checked 1561 |<-------ACK----------|bitmap:1101011110100001 1562 |-------AFN=2-------->| 1563 |-------AFN=4-------->| 1564 |-------AFN=9-------->|MIC checked => 1565 |<-------ACK----------|no bitmap 1566 (End) 1568 Figure 23: Transmission of an IPv6 packet carried by 11 fragments in 1569 Packet mode - ACK "Always", for N=3, with three losses. 1571 Figure 24 illustrates the transmission of an IPv6 packet that needs 1572 11 fragments in Window mode - ACK "Always", for N=3, without losses. 1573 Note: in Window mode, an additional bit will be needed to number 1574 windows. 1576 Sender Receiver 1577 |-----W=1, CFN=6----->| 1578 |-----W=1, CFN=5----->| 1579 |-----W=1, CFN=4----->| 1580 |-----W=1, CFN=3----->| 1581 |-----W=1, CFN=2----->| 1582 |-----W=1, CFN=1----->| 1583 |-----W=1, CFN=0----->| 1584 |<-------ACK----------|no bitmap 1585 |-----W=0, CFN=6----->| 1586 |-----W=0, CFN=5----->| 1587 |-----W=0, CFN=4----->| 1588 |-----W=0, CFN=7----->|MIC checked => 1589 |<-------ACK----------|no bitmap 1590 (End) 1592 Figure 24: Transmission of an IPv6 packet carried by 11 fragments in 1593 Window mode - ACK "Always", for N=3, no losses. 1595 Figure 25 illustrates the transmission of an IPv6 packet that needs 1596 11 fragments in Window mode - ACK "Always", for N=3, with three 1597 losses. 1599 Sender Receiver 1600 |-----W=1, CFN=6----->| 1601 |-----W=1, CFN=5----->| 1602 |-----W=1, CFN=4--X-->| 1603 |-----W=1, CFN=3----->| 1604 |-----W=1, CFN=2--X-->| 1605 |-----W=1, CFN=1----->| 1606 |-----W=1, CFN=0----->| 1607 |<-------ACK----------|bitmap:11010111 1608 |-----W=1, CFN=4----->| 1609 |-----W=1, CFN=2----->| 1610 |<-------ACK----------|no bitmap 1611 |-----W=0, CFN=6----->| 1612 |-----W=0, CFN=5----->| 1613 |-----W=0, CFN=4--X-->| 1614 |-----W=0, CFN=7----->|MIC checked 1615 |<-------ACK----------|bitmap:11010001 1616 |-----W=0, CFN=4----->|MIC checked => 1617 |<-------ACK----------|no bitmap 1618 (End) 1620 Figure 25: Transmission of an IPv6 packet carried by 11 fragments in 1621 Window mode - ACK "Always", for N=3, with three losses. 1623 Appendix B. Note 1625 Carles Gomez has been funded in part by the Spanish Government 1626 (Ministerio de Educacion, Cultura y Deporte) through the Jose 1627 Castillejo grant CAS15/00336, and by the ERDF and the Spanish 1628 Government through project TEC2016-79988-P. Part of his contribution 1629 to this work has been carried out during his stay as a visiting 1630 scholar at the Computer Laboratory of the University of Cambridge. 1632 Authors' Addresses 1634 Ana Minaburo 1635 Acklio 1636 2bis rue de la Chataigneraie 1637 35510 Cesson-Sevigne Cedex 1638 France 1640 Email: ana@ackl.io 1641 Laurent Toutain 1642 IMT-Atlantique 1643 2 rue de la Chataigneraie 1644 CS 17607 1645 35576 Cesson-Sevigne Cedex 1646 France 1648 Email: Laurent.Toutain@imt-atlantique.fr 1650 Carles Gomez 1651 Universitat Politecnica de Catalunya 1652 C/Esteve Terradas, 7 1653 08860 Castelldefels 1654 Spain 1656 Email: carlesgo@entel.upc.edu