idnits 2.17.1 draft-ietf-lpwan-ipv6-static-context-hc-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 940: '...within a single L2 data unit, it SHALL...' RFC 2119 keyword, line 973: '...liability option MUST be used for all ...' RFC 2119 keyword, line 983: '...on, the receiver MUST NOT issue acknow...' RFC 2119 keyword, line 1101: '... except the last one SHALL contain the...' RFC 2119 keyword, line 1115: '... SHALL...' (19 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 16, 2017) is 2503 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Looks like a reference, but probably isn't: '1' on line 878 -- Looks like a reference, but probably isn't: '2' on line 881 -- Looks like a reference, but probably isn't: '8' on line 903 -- Looks like a reference, but probably isn't: '4' on line 910 ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) == Outdated reference: A later version (-10) exists of draft-ietf-lpwan-overview-04 Summary: 3 errors (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 lpwan Working Group A. Minaburo 3 Internet-Draft Acklio 4 Intended status: Informational L. Toutain 5 Expires: December 18, 2017 IMT-Atlantique 6 C. Gomez 7 Universitat Politecnica de Catalunya 8 June 16, 2017 10 LPWAN Static Context Header Compression (SCHC) and fragmentation for 11 IPv6 and UDP 12 draft-ietf-lpwan-ipv6-static-context-hc-04 14 Abstract 16 This document describes a header compression scheme and fragmentation 17 functionality for very low bandwidth networks. These techniques are 18 especially tailored for LPWAN (Low Power Wide Area Network) networks. 20 The Static Context Header Compression (SCHC) offers a great level of 21 flexibility when processing the header fields and must be used for 22 this kind of networks. A common context stored in a LPWAN device and 23 in the network is used. This context stores information that will 24 not be transmitted in the constrained network. Static context means 25 that information stored in the context which describes field values, 26 does not change during packet transmission, avoiding complex 27 resynchronization mechanisms, incompatible with LPWAN 28 characteristics. In most of the cases, IPv6/UDP headers are reduced 29 to a small identifier called Rule ID. But sometimes the SCHC header 30 compression will not be enough to send the packet in one L2 PDU, so 31 this document also describes a Fragmentation protocol that must be 32 used when needed. 34 This document describes the generic compression/decompression 35 mechanism and applies it to IPv6/UDP headers. Similar mechanisms for 36 other protocols such as CoAP will be described in separate documents. 37 Moreover, this document specifies fragmentation and reassembly 38 mechanims for SCHC compressed packets exceeding the L2 PDU size and 39 for the case where the SCHC compression is not possible then the 40 IPv6/UDP packet is sent using the fragmentation protocol. 42 Status of This Memo 44 This Internet-Draft is submitted in full conformance with the 45 provisions of BCP 78 and BCP 79. 47 Internet-Drafts are working documents of the Internet Engineering 48 Task Force (IETF). Note that other groups may also distribute 49 working documents as Internet-Drafts. The list of current Internet- 50 Drafts is at http://datatracker.ietf.org/drafts/current/. 52 Internet-Drafts are draft documents valid for a maximum of six months 53 and may be updated, replaced, or obsoleted by other documents at any 54 time. It is inappropriate to use Internet-Drafts as reference 55 material or to cite them other than as "work in progress." 57 This Internet-Draft will expire on December 18, 2017. 59 Copyright Notice 61 Copyright (c) 2017 IETF Trust and the persons identified as the 62 document authors. All rights reserved. 64 This document is subject to BCP 78 and the IETF Trust's Legal 65 Provisions Relating to IETF Documents 66 (http://trustee.ietf.org/license-info) in effect on the date of 67 publication of this document. Please review these documents 68 carefully, as they describe your rights and restrictions with respect 69 to this document. Code Components extracted from this document must 70 include Simplified BSD License text as described in Section 4.e of 71 the Trust Legal Provisions and are provided without warranty as 72 described in the Simplified BSD License. 74 Table of Contents 76 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 77 2. LPWAN Architecture . . . . . . . . . . . . . . . . . . . . . 4 78 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 79 4. Static Context Header Compression . . . . . . . . . . . . . . 6 80 4.1. SCHC Rules . . . . . . . . . . . . . . . . . . . . . . . 7 81 4.2. Rule ID . . . . . . . . . . . . . . . . . . . . . . . . . 9 82 4.3. Packet processing . . . . . . . . . . . . . . . . . . . . 9 83 5. Matching operators . . . . . . . . . . . . . . . . . . . . . 10 84 6. Compression Decompression Actions (CDA) . . . . . . . . . . . 11 85 6.1. not-sent CDA . . . . . . . . . . . . . . . . . . . . . . 12 86 6.2. value-sent CDA . . . . . . . . . . . . . . . . . . . . . 12 87 6.3. mapping-sent . . . . . . . . . . . . . . . . . . . . . . 12 88 6.4. LSB CDA . . . . . . . . . . . . . . . . . . . . . . . . . 13 89 6.5. DEViid, APPiid CDA . . . . . . . . . . . . . . . . . . . 13 90 6.6. Compute-* . . . . . . . . . . . . . . . . . . . . . . . . 13 91 7. Application to IPv6 and UDP headers . . . . . . . . . . . . . 14 92 7.1. IPv6 version field . . . . . . . . . . . . . . . . . . . 14 93 7.2. IPv6 Traffic class field . . . . . . . . . . . . . . . . 14 94 7.3. Flow label field . . . . . . . . . . . . . . . . . . . . 14 95 7.4. Payload Length field . . . . . . . . . . . . . . . . . . 15 96 7.5. Next Header field . . . . . . . . . . . . . . . . . . . . 15 97 7.6. Hop Limit field . . . . . . . . . . . . . . . . . . . . . 15 98 7.7. IPv6 addresses fields . . . . . . . . . . . . . . . . . . 16 99 7.7.1. IPv6 source and destination prefixes . . . . . . . . 16 100 7.7.2. IPv6 source and destination IID . . . . . . . . . . . 16 101 7.8. IPv6 extensions . . . . . . . . . . . . . . . . . . . . . 17 102 7.9. UDP source and destination port . . . . . . . . . . . . . 17 103 7.10. UDP length field . . . . . . . . . . . . . . . . . . . . 17 104 7.11. UDP Checksum field . . . . . . . . . . . . . . . . . . . 18 105 8. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 18 106 8.1. IPv6/UDP compression . . . . . . . . . . . . . . . . . . 18 107 9. Fragmentation . . . . . . . . . . . . . . . . . . . . . . . . 21 108 9.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 21 109 9.2. Reliability options: definition . . . . . . . . . . . . . 22 110 9.3. Reliability options: discussion . . . . . . . . . . . . . 23 111 9.4. Tools . . . . . . . . . . . . . . . . . . . . . . . . . . 23 112 9.5. Formats . . . . . . . . . . . . . . . . . . . . . . . . . 24 113 9.5.1. Fragment format . . . . . . . . . . . . . . . . . . . 24 114 9.5.2. Fragmentation header formats . . . . . . . . . . . . 24 115 9.5.3. ACK format . . . . . . . . . . . . . . . . . . . . . 26 116 9.6. Baseline mechanism . . . . . . . . . . . . . . . . . . . 28 117 9.7. Supporting multiple window sizes . . . . . . . . . . . . 29 118 9.8. Aborting fragmented IPv6 datagram transmissions . . . . . 30 119 9.9. Downlink fragment transmission . . . . . . . . . . . . . 30 120 10. Security considerations . . . . . . . . . . . . . . . . . . . 30 121 10.1. Security considerations for header compression . . . . . 30 122 10.2. Security considerations for fragmentation . . . . . . . 31 123 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 124 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 125 12.1. Normative References . . . . . . . . . . . . . . . . . . 32 126 12.2. Informative References . . . . . . . . . . . . . . . . . 32 127 Appendix A. Fragmentation examples . . . . . . . . . . . . . . . 32 128 Appendix B. Rule IDs for fragmentation . . . . . . . . . . . . . 35 129 Appendix C. Note . . . . . . . . . . . . . . . . . . . . . . . . 36 130 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 132 1. Introduction 134 Header compression is mandatory to efficiently bring Internet 135 connectivity to the node within a LPWAN network. Some LPWAN networks 136 properties can be exploited for an efficient header compression: 138 o Topology is star-oriented, therefore all the packets follow the 139 same path. For the needs of this draft, the architecture can be 140 summarized to Devices (Dev) exchanging information with LPWAN 141 Application Server (App) through a Network Gateway (NGW). 143 o Traffic flows are mostly known in advance, since devices embed 144 built-in applications. Contrary to computers or smartphones, new 145 applications cannot be easily installed. 147 The Static Context Header Compression (SCHC) is defined for this 148 environment. SCHC uses a context where header information is kept in 149 the header format order. This context is static (the values on the 150 header fields do not change over time) avoiding complex 151 resynchronization mechanisms, incompatible with LPWAN 152 characteristics. In most of the cases, IPv6/UDP headers are reduced 153 to a small context identifier. 155 The SCHC header compression mechanism is independent of the specific 156 LPWAN technology over which it will be used. 158 LPWAN technologies are also characterized, among others, by a very 159 reduced data unit and/or payload size [I-D.ietf-lpwan-overview]. 160 However, some of these technologies do not support layer two 161 fragmentation, therefore the only option for these to support the 162 IPv6 MTU requirement of 1280 bytes [RFC2460] is the use of a 163 fragmentation protocol at the adaptation layer below IPv6. This 164 draft defines also a fragmentation functionality to support the IPv6 165 MTU requirements over LPWAN technologies. Such functionality has 166 been designed under the assumption that data unit reordering will not 167 happen between the entity performing fragmentation and the entity 168 performing reassembly. 170 2. LPWAN Architecture 172 LPWAN technologies have similar architectures but different 173 terminology. We can identify different types of entities in a 174 typical LPWAN network, see Figure 1: 176 o Devices (Dev) are the end-devices or hosts (e.g. sensors, 177 actuators, etc.). There can be a high density of devices per radio 178 gateway. 180 o The Radio Gateway (RG), which is the end point of the constrained 181 link. 183 o The Network Gateway (NGW) is the interconnection node between the 184 Radio Gateway and the Internet. 186 o LPWAN-AAA Server, which controls the user authentication, the 187 applications. We use the term LPWAN-AAA server because we are not 188 assuming that this entity speaks RADIUS or Diameter as many/most AAA 189 servers do, but equally we don't want to rule that out, as the 190 functionality will be similar. 192 o Application Server (App) 194 +------+ 195 () () () | |LPWAN-| 196 () () () () / \ +---------+ | AAA | 197 () () () () () () / \=======| ^ |====|Server| +-----------+ 198 () () () | | <--|--> | +------+ |APPLICATION| 199 () () () () / \============| v |==============| (App) | 200 () () () / \ +---------+ +-----------+ 201 Dev Radio Gateways NGW 203 Figure 1: LPWAN Architecture 205 3. Terminology 207 This section defines the terminology and acronyms used in this 208 document. 210 o CDA: Compression/Decompression Action. An action that is perfomed 211 for both functionnalities to compress a header field or to recover 212 its original value in the decompression phase. 214 o Context: A set of rules used to compress/decompress headers 216 o Dev: Device. Node connected to the LPWAN. A Dev may implement 217 SCHC. 219 o App: LPWAN Application. An application sending/receiving IPv6 220 packets to/from the Device. 222 o SCHC C/D: LPWAN Compressor/Decompressor. A process in the network 223 to achieve compression/decompressing headers. SCHC C/D uses SCHC 224 rules to perform compression and decompression. 226 o MO: Matching Operator. An operator used to match a value 227 contained in a header field with a value contained in a Rule. 229 o Rule: A set of header field values. 231 o Rule ID: An identifier for a rule, SCHC C/D and Dev share the same 232 Rule ID for a specific flow. 234 o TV: Target value. A value contained in the Rule that will be 235 matched with the value of a header field. 237 o FID: Field Indentifier is an index to describe the header fields 238 in the Rule 240 o FP: Field Position is a list of possible correct values that a 241 field may use 243 o DI: Direction Indicator is a differentiator for matching in order 244 to be able to have different values for both sides. 246 o IID: Interface Identifier. See the IPv6 addressing architecture 247 [RFC7136] 249 o Dev-IID: Device Interface Identifier. Second part of the IPv6 250 address to identify the device interface 252 o APP-IID: Application Interface Identifier. Second part of the 253 IPv6 address to identify the application interface 255 o Dw: Down Link direction for compression, from SCHC C/D to Dev 257 o Up: Up Link direction for compression, from Dev to SCHC C/D 259 o Bi: Bidirectional, it can be used in both senses 261 4. Static Context Header Compression 263 Static Context Header Compression (SCHC) avoids context 264 synchronization, which is the most bandwidth-consuming operation in 265 other header compression mechanisms such as RoHC [RFC5795]. Based on 266 the fact that the nature of data flows is highly predictable in LPWAN 267 networks, a static context may be stored on the Device (Dev). The 268 context must be stored in both ends, and it can either be learned by 269 a provisioning protocol or by out of band means or it can be pre- 270 provosioned, etc. The way the context is learned on both sides is 271 out of the scope of this document. 273 Dev App 274 +---------------+ +---------------+ 275 | APP1 APP2 APP3| |APP1 APP2 APP3| 276 | | | | 277 | UDP | | UDP | 278 | IPv6 | | IPv6 | 279 | | | | 280 | SCHC C/D | | | 281 | (context) | | | 282 +--------+------+ +-------+-------+ 283 | +--+ +----+ +---------+ . 284 +~~ |RG| === |NGW | === |SCHC C/D |... Internet ... 285 +--+ +----+ |(context)| 286 +---------+ 288 Figure 2: Architecture 290 Figure 2 based on [I-D.ietf-lpwan-overview] terminology represents 291 the architecture for compression/decompression. The Device is 292 sending applications flows using IPv6 or IPv6/UDP protocols. These 293 flows are compressed by an Static Context Header Compression 294 Compressor/Decompressor (SCHC C/D) to reduce headers size. Resulting 295 information is sent on a layer two (L2) frame to the LPWAN Radio 296 Network to a Radio Gateway (RG) which forwards the frame to a Network 297 Gateway (NGW). The NGW sends the data to a SCHC C/D for 298 decompression which shares the same rules with the Dev. The SCHC C/D 299 can be located on the Network Gateway (NGW) or in another place as 300 long as a tunnel is established between the NGW and the SCHC C/D. 301 SCHC C/D in both sides must share the same set of Rules. After 302 decompression, the packet can be sent on the Internet to one or 303 several LPWAN Application Servers (App). 305 The SCHC C/D process is bidirectional, so the same principles can be 306 applied in the other direction. 308 4.1. SCHC Rules 310 The main idea of the SCHC compression scheme is to send the Rule id 311 to the other end that match as much as possible the original packet 312 values instead of sending known field values. When a value is known 313 by both ends, it is not necessary sent through the LPWAN network. 315 The context contains a list of rules (cf. Figure 3). Each Rule 316 contains itself a list of fields descriptions composed of a field 317 identifier (FID), a field position (FP), a direction indicator (DI), 318 a target value (TV), a matching operator (MO) and a Compression/ 319 Decompression Action (CDA). 321 /--------------------------------------------------------------\ 322 | Rule N | 323 /--------------------------------------------------------------\| 324 | Rule i || 325 /--------------------------------------------------------------\|| 326 | (FID) Rule 1 ||| 327 |+-------+--+--+------------+-----------------+---------------+||| 328 ||Field 1|FP|DI|Target Value|Matching Operator|Comp/Decomp Act|||| 329 |+-------+--+--+------------+-----------------+---------------+||| 330 ||Field 2|FP|DI|Target Value|Matching Operator|Comp/Decomp Act|||| 331 |+-------+--+--+------------+-----------------+---------------+||| 332 ||... |..|..| ... | ... | ... |||| 333 |+-------+--+--+------------+-----------------+---------------+||/ 334 ||Field N|FP|DI|Target Value|Matching Operator|Comp/Decomp Act||| 335 |+-------+--+--+------------+-----------------+---------------+|/ 336 | | 337 \--------------------------------------------------------------/ 339 Figure 3: Compression/Decompression Context 341 The Rule does not describe the original packet format which must be 342 known from the compressor/decompressor. The rule just describes the 343 compression/decompression behavior for the header fields. In the 344 rule, the description of the header field must be performed in the 345 format packet order. 347 The Rule describes also the compressed header fields which are 348 transmitted regarding their position in the rule which is used for 349 data serialization on the compressor side and data deserialization on 350 the decompressor side. 352 The Context describes the header fields and its values with the 353 following entries: 355 o A Field ID (FID) is a unique value to define the header field. 357 o A Field Position (FP) indicating if several instances of the field 358 exist in the headers which one is targeted. The default position 359 is 1 361 o A direction indicator (DI) indicating the packet direction. Three 362 values are possible: 364 * UP LINK (Up) when the field or the value is only present in 365 packets sent by the Dev to the App, 367 * DOWN LINK (Dw) when the field or the value is only present in 368 packet sent from the App to the Dev and 370 * BIDIRECTIONAL (Bi) when the field or the value is present 371 either upstream or downstream. 373 o A Target Value (TV) is the value used to make the comparison with 374 the packet header field. The Target Value can be of any type 375 (integer, strings,...). For instance, it can be a single value or 376 a more complex structure (array, list,...), such as a JSON or a 377 CBOR structure. 379 o A Matching Operator (MO) is the operator used to make the 380 comparison between the Field Value and the Target Value. The 381 Matching Operator may require some parameters. MO is only used 382 during the compression phase. 384 o A Compression Decompression Action (CDA) is used to describe the 385 compression and the decompression process. The CDA may require 386 some parameters, CDA are used in both compression and 387 decompression phases. 389 4.2. Rule ID 391 Rule IDs are sent between both compression/decompression elements. 392 The size of the Rule ID is not specified in this document, it is 393 implementation-specific and can vary regarding the LPWAN technology, 394 the number of flows, among others. 396 Some values in the Rule ID space may be reserved for goals other than 397 header compression as fragmentation. (See Section 9). 399 Rule IDs are specific to a Dev. Two Devs may use the same Rule ID for 400 different header compression. To identify the correct Rule ID, the 401 SCHC C/D needs to combine the Rule ID with the Dev L2 identifier to 402 find the appropriate Rule. 404 4.3. Packet processing 406 The compression/decompression process follows several steps: 408 o compression Rule selection: The goal is to identify which Rule(s) 409 will be used to compress the packet's headers. When doing 410 compression from Dw to Up the SCHC C/D needs to find the correct 411 Rule to use by identifying its Dev-ID and the Rule-ID. In the Up 412 situation only the Rule-ID is used. The next step is to choose 413 the fields by their direction, using the direction indicator (DI), 414 so the fields that does not correspond to the appropiated DI will 415 be excluded. Next, then fields are identified according to their 416 field identifier (FID) and field position (FP). If the field 417 position does not correspond then the Rule is not use and the SCHC 418 take next Rule. Once the DI and the FP correspond to the header 419 information, each field's value is then compared to the 420 corresponding target value (TV) stored in the Rule for that 421 specific field using the matching operator (MO). If all the 422 fields in the packet's header satisfy all the matching operators 423 (MOs) of a Rule (i.e. all results are True), the fields of the 424 header are then processed according to the Compression/ 425 Decompession Actions (CDAs) and a compressed header is obtained. 426 Otherwise the next rule is tested. If no eligible rule is found, 427 then the header must be sent without compression, in which case 428 the fragmentation process must be required. 430 o sending: The Rule ID is sent to the other end followed by 431 information resulting from the compression of header fields. This 432 information is sent in the order expressed in the Rule for the 433 matching fields. The way the Rule ID is sent depends on the 434 specific LPWAN layer two technology and will be specified in a 435 specific document, and is out of the scope of this document. For 436 example, it can be either included in a Layer 2 header or sent in 437 the first byte of the L2 payload. (cf. Figure 4). 439 o decompression: In both directions, The receiver identifies the 440 sender through its device-id (e.g. MAC address) and selects the 441 appropriate Rule through the Rule ID. This Rule gives the 442 compressed header format and associates these values to header 443 fields. It applies the CDA action to reconstruct the original 444 header fields. The CDA application order can be different of the 445 order given by the Rule. For instance Compute-* may be applied at 446 end, after the other CDAs. 448 +--- ... ---+-------------- ... --------------+ 449 | Rule ID |Compressed Hdr Fields information| 450 +--- ... ---+-------------- ... --------------+ 452 Figure 4: LPWAN Compressed Format Packet 454 5. Matching operators 456 Matching Operators (MOs) are functions used by both SCHC C/D 457 endpoints involved in the header compression/decompression. They are 458 not typed and can be applied indifferently to integer, string or any 459 other data type. The result of the operation can either be True or 460 False. MOs are defined as follows: 462 o equal: A field value in a packet matches with a TV in a Rule if 463 they are equal. 465 o ignore: No check is done between a field value in a packet and a 466 TV in the Rule. The result of the matching is always true. 468 o MSB(length): A matching is obtained if the most significant bits 469 of the length field value bits of the header are equal to the TV 470 in the rule. The MSB Matching Operator needs a parameter, 471 indicating the number of bits, to proceed to the matching. 473 o match-mapping: The goal of mapping-sent is to reduce the size of a 474 field by allocating a shorter value. The Target Value contains a 475 list of values. Each value is idenfied by a short ID (or index). 476 This operator matches if a field value is equal to one of those 477 target values. 479 6. Compression Decompression Actions (CDA) 481 The Compression Decompression Actions (CDA) describes the action 482 taken during the compression of headers fields, and inversely, the 483 action taken by the decompressor to restore the original value. 485 /--------------------+-------------+----------------------------\ 486 | Action | Compression | Decompression | 487 | | | | 488 +--------------------+-------------+----------------------------+ 489 |not-sent |elided |use value stored in ctxt | 490 |value-sent |send |build from received value | 491 |mapping-sent |send index |value from index on a table | 492 |LSB(length) |send LSB |TV OR received value | 493 |compute-length |elided |compute length | 494 |compute-checksum |elided |compute UDP checksum | 495 |Deviid |elided |build IID from L2 Dev addr | 496 |Appiid |elided |build IID from L2 App addr | 497 \--------------------+-------------+----------------------------/ 499 Figure 5: Compression and Decompression Functions 501 Figure 5 sumarizes the basics functions defined to compress and 502 decompress a field. The first column gives the action's name. The 503 second and third columns outlines the compression/decompression 504 behavior. 506 Compression is done in the rule order and compressed values are sent 507 in that order in the compressed message. The receiver must be able 508 to find the size of each compressed field which can be given by the 509 rule or may be sent with the compressed header. 511 If the field is identified as variable, then its size must be sent 512 first using the following coding: 514 o If the size is between 0 and 14 bytes it is sent using 4 bits. 516 o For values between 15 and 255, the first 4 bit sent are set to 1 517 and the size is sent using 8 bits. 519 o For higher value, the first 12 bytes are set to 1 and the size is 520 sent on 2 bytes. 522 6.1. not-sent CDA 524 Not-sent function is generally used when the field value is specified 525 in the rule and therefore known by the both Compressor and 526 Decompressor. This action is generally used with the "equal" MO. If 527 MO is "ignore", there is a risk to have a decompressed field value 528 different from the compressed field. 530 The compressor does not send any value on the compressed header for 531 the field on which compression is applied. 533 The decompressor restores the field value with the target value 534 stored in the matched rule. 536 6.2. value-sent CDA 538 The value-sent action is generally used when the field value is not 539 known by both Compressor and Decompressor. The value is sent in the 540 compressed message header. Both Compressor and Decompressor must 541 know the size of the field, either implicitly (the size is known by 542 both sides) or explicitly in the compressed header field by 543 indicating the length. This function is generally used with the 544 "ignore" MO. 546 The compressor sends the Target Value stored on the rule in the 547 compressed header message. The decompressor restores the field value 548 with the one received from the LPWAN 550 6.3. mapping-sent 552 mapping-sent is used to send a smaller index associated to the list 553 of values in the Target Value. This function is used together with 554 the "match-mapping" MO. 556 The compressor looks in the TV to find the field value and send the 557 corresponding index. The decompressor uses this index to restore the 558 field value. 560 The number of bits sent is the minimal size to code all the possible 561 indexes. 563 6.4. LSB CDA 565 LSB action is used to avoid sendind the known part of the packet 566 field header to the other end. This action is used together with the 567 "MSB" MO. A length can be specified in the rule to indicate how many 568 bits have to be sent. If not length is specified, the number of bits 569 sent are the field length minus the bits length specified in the MSB 570 MO. 572 The compressor sends the "length" Least Significant Bits. The 573 decompressor combines the value received with the Target Value. 575 If this action is made on a variable length field, the remaning size 576 in byte has to be sent before. 578 6.5. DEViid, APPiid CDA 580 These functions are used to process respectively the Dev and the App 581 Interface Identifiers (Deviid and Appiid) of the IPv6 addresses. 582 Appiid CDA is less common, since current LPWAN technologies frames 583 contain a single address. 585 The IID value can be computed from the Device ID present in the Layer 586 2 header. The computation is specific for each LPWAN technology and 587 depends on the Device ID size. 589 In the downstream direction, these CDA are used to determine the L2 590 addresses used by the LPWAN. 592 6.6. Compute-* 594 Thes classes of functions are used by the decompressor to compute the 595 compressed field value based on received information. Compressed 596 fields are elided during compression and reconstructed during 597 decompression. 599 o compute-length: compute the length assigned to this field. For 600 instance, regarding the field ID, this CDA may be used to compute 601 IPv6 length or UDP length. 603 o compute-checksum: compute a checksum from the information already 604 received by the SCHC C/D. This field may be used to compute UDP 605 checksum. 607 7. Application to IPv6 and UDP headers 609 This section lists the different IPv6 and UDP header fields and how 610 they can be compressed. 612 7.1. IPv6 version field 614 This field always holds the same value, therefore the TV is 6, the MO 615 is "equal" and the "CDA "not-sent"". 617 7.2. IPv6 Traffic class field 619 If the DiffServ field identified by the rest of the rule do not vary 620 and is known by both sides, the TV should contain this well-known 621 value, the MO should be "equal" and the CDA must be "not-sent. 623 If the DiffServ field identified by the rest of the rule varies over 624 time or is not known by both sides, then there are two possibilities 625 depending on the variability of the value, the first one is to do not 626 compressed the field and sends the original value, or the second 627 where the values can be computed by sending only the LSB bits: 629 o TV is not set to any value, MO is set to "ignore" and CDA is set 630 to "value-sent" 632 o TV contains a stable value, MO is MSB(X) and CDA is set to LSB 634 7.3. Flow label field 636 If the Flow Label field identified by the rest of the rule does not 637 vary and is known by both sides, the TV should contain this well- 638 known value, the MO should be "equal" and the CDA should be "not- 639 sent". 641 If the Flow Label field identified by the rest of the rule varies 642 during time or is not known by both sides, there are two 643 possibilities depending on the variability of the value, the first 644 one is without compression and then the value is sent and the second 645 where only part of the value is sent and the decompressor needs to 646 compute the original value: 648 o TV is not set, MO is set to "ignore" and CDA is set to "value- 649 sent" 651 o TV contains a stable value, MO is MSB(X) and CDA is set to LSB 653 7.4. Payload Length field 655 If the LPWAN technology does not add padding, this field can be 656 elided for the transmission on the LPWAN network. The SCHC C/D 657 recomputes the original payload length value. The TV is not set, the 658 MO is set to "ignore" and the CDA is "compute-IPv6-length". 660 If the payload length needs to be sent and does not need to be coded 661 in 16 bits, the TV can be set to 0x0000, the MO set to "MSB (16-s)" 662 and the CDA to "LSB". The 's' parameter depends on the expected 663 maximum packet length. 665 On other cases, the payload length field must be sent and the CDA is 666 replaced by "value-sent". 668 7.5. Next Header field 670 If the Next Header field identified by the rest of the rule does not 671 vary and is known by both sides, the TV should contain this Next 672 Header value, the MO should be "equal" and the CDA should be "not- 673 sent". 675 If the Next header field identified by the rest of the rule varies 676 during time or is not known by both sides, then TV is not set, MO is 677 set to "ignore" and CDA is set to "value-sent". A matching-list may 678 also be used. 680 7.6. Hop Limit field 682 The End System is generally a device and does not forward packets, 683 therefore the Hop Limit value is constant. So the TV is set with a 684 default value, the MO is set to "equal" and the CDA is set to "not- 685 sent". 687 Otherwise the value is sent on the LPWAN: TV is not set, MO is set to 688 ignore and CDA is set to "value-sent". 690 Note that the field behavior differs in upstream and downstream. In 691 upstream, since there is no IP forwarding between the Dev and the 692 SCHC C/D, the value is relatively constant. On the other hand, the 693 downstream value depends of Internet routing and may change more 694 frequently. One solution could be to use the Direction Indicator 695 (DI) to distinguish both directions to elide the field in the 696 upstream direction and send the value in the downstream direction. 698 7.7. IPv6 addresses fields 700 As in 6LoWPAN [RFC4944], IPv6 addresses are split into two 64-bit 701 long fields; one for the prefix and one for the Interface Identifier 702 (IID). These fields should be compressed. To allow a single rule, 703 these values are identified by their role (DEV or APP) and not by 704 their position in the frame (source or destination). The SCHC C/D 705 must be aware of the traffic direction (upstream, downstream) to 706 select the appropriate field. 708 7.7.1. IPv6 source and destination prefixes 710 Both ends must be synchronized with the appropriate prefixes. For a 711 specific flow, the source and destination prefix can be unique and 712 stored in the context. It can be either a link-local prefix or a 713 global prefix. In that case, the TV for the source and destination 714 prefixes contains the values, the MO is set to "equal" and the CDA is 715 set to "not-sent". 717 In case the rule allows several prefixes, mapping-list must be used. 718 The different prefixes are listed in the TV associated with a short 719 ID. The MO is set to "match-mapping" and the CDA is set to "mapping- 720 sent". 722 Otherwise the TV contains the prefix, the MO is set to "equal" and 723 the CDA is set to value-sent. 725 7.7.2. IPv6 source and destination IID 727 If the DEV or APP IID are based on an LPWAN address, then the IID can 728 be reconstructed with information coming from the LPWAN header. In 729 that case, the TV is not set, the MO is set to "ignore" and the CDA 730 is set to "DEViid" or "APPiid". Note that the LPWAN technology is 731 generally carrying a single device identifier corresponding to the 732 DEV. The SCHC C/D may also not be aware of these values. 734 If the DEV address has a static value that is not derivated from the 735 EUI-64, then TV contains the value, the MO operator is set to "equal" 736 and the CDA is set to "not-sent". 738 If several IIDs are possible, then the TV contains the list of 739 possible IIDs, the MO is set to "match-mapping" and the CDA is set to 740 "mapping-sent". 742 Otherwise the value variation of the IID may be reduced to few bytes. 743 In that case, the TV is set to the stable part of the IID, the MO is 744 set to MSB and the CDA is set to LSB. 746 Finally, the IID can be sent on the LPWAN. In that case, the TV is 747 not set, the MO is set to "ignore" and the CDA is set to "value- 748 sent". 750 7.8. IPv6 extensions 752 No extension rules are currently defined. They can be based on the 753 MOs and CDAs described above. 755 7.9. UDP source and destination port 757 To allow a single rule, the UDP port values are identified by their 758 role (DEV or APP) and not by their position in the frame (source or 759 destination). The SCHC C/D must be aware of the traffic direction 760 (upstream, downstream) to select the appropriate field. The 761 following rules apply for DEV and APP port numbers. 763 If both ends know the port number, it can be elided. The TV contains 764 the port number, the MO is set to "equal" and the CDA is set to "not- 765 sent". 767 If the port variation is on few bits, the TV contains the stable part 768 of the port number, the MO is set to "MSB" and the CDA is set to 769 "LSB". 771 If some well-known values are used, the TV can contain the list of 772 this values, the MO is set to "match-mapping" and the CDA is set to 773 "mapping-sent". 775 Otherwise the port numbers are sent on the LPWAN. The TV is not set, 776 the MO is set to "ignore" and the CDA is set to "value-sent". 778 7.10. UDP length field 780 If the LPWAN technology does not introduce padding, the UDP length 781 can be computed from the received data. In that case the TV is not 782 set, the MO is set to "ignore" and the CDA is set to "compute-UDP- 783 length". 785 If the payload is small, the TV can be set to 0x0000, the MO set to 786 "MSB" and the CDA to "LSB". 788 On other cases, the length must be sent and the CDA is replaced by 789 "value-sent". 791 7.11. UDP Checksum field 793 IPv6 mandates a checksum in the protocol above IP. Nevertheless, if 794 a more efficient mechanism such as L2 CRC or MIC is carried by or 795 over the L2 (such as in the LPWAN fragmentation process (see section 796 Section 9)), the UDP checksum transmission can be avoided. In that 797 case, the TV is not set, the MO is set to "ignore" and the CDA is set 798 to "compute-UDP-checksum". 800 In other cases the checksum must be explicitly sent. The TV is not 801 set, the MO is set to "ignore" and the CDF is set to "value-sent". 803 8. Examples 805 This section gives some scenarios of the compression mechanism for 806 IPv6/UDP. The goal is to illustrate the SCHC behavior. 808 8.1. IPv6/UDP compression 810 The most common case using the mechanisms defined in this document 811 will be a LPWAN Dev that embeds some applications running over CoAP. 812 In this example, three flows are considered. The first flow is for 813 the device management based on CoAP using Link Local IPv6 addresses 814 and UDP ports 123 and 124 for Dev and App, respectively. The second 815 flow will be a CoAP server for measurements done by the Device (using 816 ports 5683) and Global IPv6 Address prefixes alpha::IID/64 to 817 beta::1/64. The last flow is for legacy applications using different 818 ports numbers, the destination IPv6 address prefix is gamma::1/64. 820 Figure 6 presents the protocol stack for this Device. IPv6 and UDP 821 are represented with dotted lines since these protocols are 822 compressed on the radio link. 824 Managment Data 825 +----------+---------+---------+ 826 | CoAP | CoAP | legacy | 827 +----||----+---||----+---||----+ 828 . UDP . UDP | UDP | 829 ................................ 830 . IPv6 . IPv6 . IPv6 . 831 +------------------------------+ 832 | SCHC Header compression | 833 | and fragmentation | 834 +------------------------------+ 835 | LPWAN L2 technologies | 836 +------------------------------+ 837 DEV or NGW 839 Figure 6: Simplified Protocol Stack for LP-WAN 841 Note that in some LPWAN technologies, only the Devs have a device ID. 842 Therefore, when such technologies are used, it is necessary to define 843 statically an IID for the Link Local address for the SCHC C/D. 845 Rule 0 846 +----------------+--+--+---------+--------+-------------++------+ 847 | Field |FP|DI| Value | Match | Comp Decomp || Sent | 848 | | | | | Opera. | Action ||[bits]| 849 +----------------+--+--+---------+----------------------++------+ 850 |IPv6 version |1 |Bi|6 | equal | not-sent || | 851 |IPv6 DiffServ |1 |Bi|0 | equal | not-sent || | 852 |IPv6 Flow Label |1 |Bi|0 | equal | not-sent || | 853 |IPv6 Length |1 |Bi| | ignore | comp-length || | 854 |IPv6 Next Header|1 |Bi|17 | equal | not-sent || | 855 |IPv6 Hop Limit |1 |Bi|255 | ignore | not-sent || | 856 |IPv6 DEVprefix |1 |Bi|FE80::/64| equal | not-sent || | 857 |IPv6 DEViid |1 |Bi| | ignore | DEViid || | 858 |IPv6 APPprefix |1 |Bi|FE80::/64| equal | not-sent || | 859 |IPv6 APPiid |1 |Bi|::1 | equal | not-sent || | 860 +================+==+==+=========+========+=============++======+ 861 |UDP DEVport |1 |Bi|123 | equal | not-sent || | 862 |UDP APPport |1 |Bi|124 | equal | not-sent || | 863 |UDP Length |1 |Bi| | ignore | comp-length || | 864 |UDP checksum |1 |Bi| | ignore | comp-chk || | 865 +================+==+==+=========+========+=============++======+ 867 Rule 1 868 +----------------+--+--+---------+--------+-------------++------+ 869 | Field |FP|DI| Value | Match | Action || Sent | 870 | | | | | Opera. | Action ||[bits]| 871 +----------------+--+--+---------+--------+-------------++------+ 872 |IPv6 version |1 |Bi|6 | equal | not-sent || | 873 |IPv6 DiffServ |1 |Bi|0 | equal | not-sent || | 874 |IPv6 Flow Label |1 |Bi|0 | equal | not-sent || | 875 |IPv6 Length |1 |Bi| | ignore | comp-length || | 876 |IPv6 Next Header|1 |Bi|17 | equal | not-sent || | 877 |IPv6 Hop Limit |1 |Bi|255 | ignore | not-sent || | 878 |IPv6 DEVprefix |1 |Bi|[alpha/64, match- | mapping-sent|| [1] | 879 | |1 |Bi|fe80::/64] mapping| || | 880 |IPv6 DEViid |1 |Bi| | ignore | DEViid || | 881 |IPv6 APPprefix |1 |Bi|[beta/64,| match- | mapping-sent|| [2] | 882 | | | |alpha/64,| mapping| || | 883 | | | |fe80::64]| | || | 884 |IPv6 APPiid |1 |Bi|::1000 | equal | not-sent || | 885 +================+==+==+=========+========+=============++======+ 886 |UDP DEVport |1 |Bi|5683 | equal | not-sent || | 887 |UDP APPport |1 |Bi|5683 | equal | not-sent || | 888 |UDP Length |1 |Bi| | ignore | comp-length || | 889 |UDP checksum |1 |Bi| | ignore | comp-chk || | 890 +================+==+==+=========+========+=============++======+ 892 Rule 2 893 +----------------+--+--+---------+--------+-------------++------+ 894 | Field |FP|DI| Value | Match | Action || Sent | 895 | | | | | Opera. | Action ||[bits]| 896 +----------------+--+--+---------+--------+-------------++------+ 897 |IPv6 version |1 |Bi|6 | equal | not-sent || | 898 |IPv6 DiffServ |1 |Bi|0 | equal | not-sent || | 899 |IPv6 Flow Label |1 |Bi|0 | equal | not-sent || | 900 |IPv6 Length |1 |Bi| | ignore | comp-length || | 901 |IPv6 Next Header|1 |Bi|17 | equal | not-sent || | 902 |IPv6 Hop Limit |1 |Up|255 | ignore | not-sent || | 903 |IPv6 Hop Limit |1 |Dw| | ignore | value-sent || [8] | 904 |IPv6 DEVprefix |1 |Bi|alpha/64 | equal | not-sent || | 905 |IPv6 DEViid |1 |Bi| | ignore | DEViid || | 906 |IPv6 APPprefix |1 |Bi|gamma/64 | equal | not-sent || | 907 |IPv6 APPiid |1 |Bi|::1000 | equal | not-sent || | 908 +================+==+==+=========+========+=============++======+ 909 |UDP DEVport |1 |Bi|8720 | MSB(12)| LSB(4) || [4] | 910 |UDP APPport |1 |Bi|8720 | MSB(12)| LSB(4) || [4] | 911 |UDP Length |1 |Bi| | ignore | comp-length || | 912 |UDP checksum |1 |Bi| | ignore | comp-chk || | 913 +================+==+==+=========+========+=============++======+ 915 Figure 7: Context rules 917 All the fields described in the three rules depicted on Figure 7 are 918 present in the IPv6 and UDP headers. The DEViid-DID value is found 919 in the L2 header. 921 The second and third rules use global addresses. The way the Dev 922 learns the prefix is not in the scope of the document. 924 The third rule compresses port numbers to 4 bits. 926 9. Fragmentation 928 9.1. Overview 930 Fragmentation support in LPWAN is mandatory when the underlying LPWAN 931 technology is not capable of fulfilling the IPv6 MTU requirement. 932 Fragmentation is used if, after SCHC header compression, the size of 933 the resulting IPv6 packet is larger than the L2 data unit maximum 934 payload. Fragmentation is also used if SCHC header compression has 935 not been able to compress an IPv6 packet that is larger than the L2 936 data unit maximum payload. In LPWAN technologies, the L2 data unit 937 size typically varies from tens to hundreds of bytes. If the entire 938 IPv6 datagram fits within a single L2 data unit, the fragmentation 939 mechanism is not used and the packet is sent unfragmented. 940 If the datagram does not fit within a single L2 data unit, it SHALL 941 be broken into fragments. 943 Moreover, LPWAN technologies impose some strict limitations on 944 traffic; therefore it is desirable to enable optional fragment 945 retransmission, while a single fragment loss should not lead to 946 retransmitting the full IPv6 datagram. On the other hand, in order 947 to preserve energy, Devices are sleeping most of the time and may 948 receive data during a short period of time after transmission. In 949 order to adapt to the capabilities of various LPWAN technologies, 950 this specification allows for a gradation of fragment delivery 951 reliability. This document does not make any decision with regard to 952 which fragment delivery reliability option is used over a specific 953 LPWAN technology. 955 An important consideration is that LPWAN networks typically follow 956 the star topology, and therefore data unit reordering is not expected 957 in such networks. This specification assumes that reordering will 958 not happen between the entity performing fragmentation and the entity 959 performing reassembly. This assumption allows to reduce complexity 960 and overhead of the fragmentation mechanism. 962 9.2. Reliability options: definition 964 This specification defines the following three fragment delivery 965 reliability options: 967 o No ACK 969 o Window mode - ACK "always" 971 o Window mode - ACK on error 973 The same reliability option MUST be used for all fragments of a 974 packet. It is up to implementers and/or representatives of the 975 underlying LPWAN technology to decide which reliability option to use 976 and whether the same reliability option applies to all IPv6 packets 977 or not. Note that the reliability option to be used is not 978 necessarily tied to the particular characteristics of the underlying 979 L2 LPWAN technology (e.g. the No ACK reliability option may be used 980 on top of an L2 LPWAN technology with symmetric characteristics for 981 uplink and downlink). 983 In the No ACK option, the receiver MUST NOT issue acknowledgments 984 (ACK). 986 In Window mode - ACK "always", an ACK is transmitted by the fragment 987 receiver after a window of fragments have been sent. A window of 988 fragments is a subset of the full set of fragments needed to carry an 989 IPv6 packet. In this mode, the ACK informs the sender about received 990 and/or missing fragments from the window of fragments. 992 In Window mode - ACK on error, an ACK is transmitted by the fragment 993 receiver after a window of fragments have been sent, only if at least 994 one of the fragments in the window has been lost. In this mode, the 995 ACK informs the sender about received and/or missing fragments from 996 the window of fragments. 998 In Window mode, upon receipt of an ACK that informs about any lost 999 fragments, the sender retransmits the lost fragments. The maximum 1000 number of ACKs to be sent by the receiver for a specific window, 1001 denoted MAX_ACKS_PER_WINDOW, is not stated in this document, and it 1002 is expected to be defined in other documents (e.g. technology- 1003 specific profiles). 1005 This document does not make any decision as to which fragment 1006 delivery reliability option(s) need to be supported over a specific 1007 LPWAN technology. 1009 Examples of the different reliability options described are provided 1010 in Appendix A. 1012 9.3. Reliability options: discussion 1014 This section discusses the properties of each fragment delivery 1015 reliability option defined in the previous section. 1017 No ACK is the most simple fragment delivery reliability option. With 1018 this option, the receiver does not generate overhead in the form of 1019 ACKs. However, this option does not enhance delivery reliability 1020 beyond that offered by the underlying LPWAN technology. 1022 The Window mode - ACK on error option is based on the optimistic 1023 expectation that the underlying links will offer relatively low L2 1024 data unit loss probability. This option reduces the number of ACKs 1025 transmitted by the fragment receiver compared to the Window mode - 1026 ACK "always" option. This may be especially beneficial in asymmetric 1027 scenarios, e.g. where fragmented data are sent uplink and the 1028 underlying LPWAN technology downlink capacity or message rate is 1029 lower than the uplink one. However, if an ACK is lost, the sender 1030 assumes that all fragments covered by the ACK have been successfully 1031 delivered. In contrast, the Window mode - ACK "always" option does 1032 not suffer that issue, at the expense of an ACK overhead increase. 1034 The Window mode - ACK "always" option provides flow control. In 1035 addition, it is able to handle long bursts of lost fragments, since 1036 detection of such events can be done before end of the IPv6 packet 1037 transmission, as long as the window size is short enough. However, 1038 such benefit comes at the expense of higher ACK overhead. 1040 9.4. Tools 1042 This subsection describes the different tools that are used to enable 1043 the described fragmentation functionality and the different 1044 reliability options supported. Each tool has a corresponding header 1045 field format that is defined in the next subsection. The list of 1046 tools follows: 1048 o Rule ID. The Rule ID is used in fragments and in ACKs. The Rule 1049 ID in a fragment is set to a value that indicates that the data unit 1050 being carried is a fragment. This also allows to interleave non- 1051 fragmented IPv6 datagrams with fragments that carry a larger IPv6 1052 datagram. Rule ID may also be used to signal which reliability 1053 option is in use for the IPv6 packet being carried. In an ACK, the 1054 Rule ID signals that the message this Rule ID is prepended to is an 1055 ACK. 1057 o Compressed Fragment Number (CFN). The CFN is included in all 1058 fragments. This field can be understood as a truncated, efficient 1059 representation of a larger-sized fragment number, and does not 1060 necessarily carry an absolute fragment number. A special CFN value 1061 signals the last fragment that carries a fragmented IPv6 packet. In 1062 Window mode, the CFN is augmented with the W bit, which has the 1063 purpose of avoiding possible ambiguity for the receiver that might 1064 arise under certain conditions 1066 o Datagram Tag (DTag). The DTag field, if present, is set to the 1067 same value for all fragments carrying the same IPv6 datagram, allows 1068 to interleave fragments that correspond to different IPv6 datagrams. 1070 o Message Integrity Check (MIC). It is computed by the sender over 1071 the complete IPv6 packet before fragmentation by using the TBD 1072 algorithm. The MIC allows the receiver to check for errors in the 1073 reassembled IPv6 packet, while it also enables compressing the UDP 1074 checksum by use of SCHC. 1076 o Bitmap. The bitmap is a sequence of bits included in the ACK for a 1077 given window, that provides feedback on whether each fragment of the 1078 current window has been received or not. 1080 9.5. Formats 1082 This section defines the fragment format, the fragmentation header 1083 formats, and the ACK format. 1085 9.5.1. Fragment format 1087 A fragment comprises a fragmentation header and a fragment payload, 1088 and conforms to the format shown in Figure 8. The fragment payload 1089 carries a subset of either the IPv6 packet after header compression 1090 or an IPv6 packet which could not be compressed. A fragment is the 1091 payload in the L2 protocol data unit (PDU). 1093 +---------------+-----------------------+ 1094 | Fragm. Header | Fragment payload | 1095 +---------------+-----------------------+ 1097 Figure 8: Fragment format. 1099 9.5.2. Fragmentation header formats 1101 In the No ACK option, fragments except the last one SHALL contain the 1102 fragmentation header as defined in Figure 9. The total size of this 1103 fragmentation header is R bits. 1105 <------------ R ----------> 1106 <--T--> <--N--> 1107 +-- ... --+- ... -+- ... -+ 1108 | Rule ID | DTag | CFN | 1109 +-- ... --+- ... -+- ... -+ 1111 Figure 9: Fragmentation Header for Fragments except the Last One, No 1112 ACK option 1114 In any of the Window mode options, fragments except the last one 1115 SHALL 1116 contain the fragmentation header as defined in Figure 10. The total 1117 size of this fragmentation header is R bits. 1119 <------------ R ----------> 1120 <--T--> 1 <--N--> 1121 +-- ... --+- ... -+-+- ... -+ 1122 | Rule ID | DTag |W| CFN | 1123 +-- ... --+- ... -+-+- ... -+ 1125 Figure 10: Fragmentation Header for Fragments except the Last One, 1126 Window mode 1128 The last fragment of an IPv6 datagram SHALL contain a fragmentation 1129 header that conforms to the format shown in Figure 11. The total 1130 size of this fragmentation header is R+M bits. 1132 <------------- R ------------> 1133 <- T -> <- N -> <---- M -----> 1134 +---- ... ---+- ... -+- ... -+---- ... ----+ 1135 | Rule ID | DTag | 11..1 | MIC | 1136 +---- ... ---+- ... -+- ... -+---- ... ----+ 1138 Figure 11: Fragmentation Header for the Last Fragment 1140 o Rule ID: This field has a size of R - T - N - 1 bits in all 1141 fragments that are not the last one, when Window mode is used. In 1142 all other fragments, the Rule ID field has a size of R - T - N 1143 bits. 1145 o DTag: The size of the DTag field is T bits, which may be set to a 1146 value greater than or equal to 0 bits. The DTag field in all 1147 fragments that carry the same IPv6 datagram MUST be set to the 1148 same value. DTag MUST be set sequentially increasing from 0 to 1149 2^T - 1, and MUST wrap back from 2^T - 1 to 0. 1151 o CFN: This field is an unsigned integer, with a size of N bits, 1152 that carries the CFN of the fragment. In the No ACK option, N=1. 1153 For the rest of options, N equal to or greater than 3 is 1154 recommended. The CFN MUST be set sequentially decreasing from the 1155 highest CFN in the window (which will be used for the first 1156 fragment), and MUST wrap from 0 back to the highest CFN in the 1157 window. The highest CFN in the window MUST be a value equal to or 1158 smaller than 2^N-2. (Example 1: for N=5, the highest CFN value 1159 may be configured to be 30, then subsequent CFNs are set 1160 sequentially and in decreasing order, and CFN will wrap from 0 1161 back to 30. Example 2: for N=5, the highest CFN value may be set 1162 to 23, then subsequent CFNs are set sequentially and in decreasing 1163 order, and the CFN will wrap from 0 back to 23). The CFN for the 1164 last fragment has all bits set to 1. Note that, by this 1165 definition, the CFN value of 2^N - 1 is only used to identify a 1166 fragment as the last fragment carrying a subset of the IPv6 packet 1167 being transported, and thus the CFN does not strictly correspond 1168 to the N least significant bits of the actual absolute fragment 1169 number. It is also important to note that, for N=1, the last 1170 fragment of the packet will carry a CFN equal to 1, while all 1171 previous fragments will carry a CFN of 0. 1173 o W: W is a 1-bit field. This field carries the same value for all 1174 fragments of a window, and it is complemented for the next window. 1175 The initial value for this field is 1. 1177 o MIC: This field, which has a size of M bits, carries the MIC for 1178 the IPv6 packet. 1180 The values for R, N, T and M are not specified in this document, and 1181 have to be determined in other documents (e.g. technology-specific 1182 profile documents). 1184 9.5.3. ACK format 1186 The format of an ACK is shown in Figure 12: 1188 <-------- R -------> 1189 <- T -> 1 1190 +---- ... --+-... -+-+----- ... ---+ 1191 | Rule ID | DTag |W| bitmap | 1192 +---- ... --+-... -+-+----- ... ---+ 1194 Figure 12: Format of an ACK 1196 Rule ID: In all ACKs, Rule ID has a size of R - T - 1 bits. 1198 DTag: DTag has a size of T bits. DTag carries the same value as the 1199 DTag field in the fragments carrying the IPv6 datagram for which this 1200 ACK is intended. 1202 W: This field has a size of 1 bit. In all ACKs, the W bit carries 1203 the same value as the W bit carried by the fragments whose reception 1204 is being positively or negatively acknowledged by the ACK. 1206 bitmap: This field carries the bitmap sent by the receiver to inform 1207 the sender about whether fragments in the current window have been 1208 received or not. Size of the bitmap field of an ACK can be equal to 1209 0 or Ceiling(Number_of_Fragments/8) octets, where Number_of_Fragments 1210 denotes the number of fragments of a window. The bitmap is a 1211 sequence of bits, where the n-th bit signals whether the n-th 1212 fragment transmitted in the current window has been correctly 1213 received (n-th bit set to 1) or not (n-th bit set to 0). Remaining 1214 bits with bit order greater than the number of fragments sent (as 1215 determined by the receiver) are set to 0, except for the last bit in 1216 the bitmap, which is set to 1 if the last fragment of the window has 1217 been correctly received, and 0 otherwise. Feedback on reception of 1218 the fragment with CFN = 2^N - 1 (last fragment carrying an IPv6 1219 packet) is only given by the last bit of the corresponding window. 1220 Absence of the bitmap in an ACK confirms correct reception of all 1221 fragments to be acknowledged by means of the ACK. 1223 Figure 13 shows an example of an ACK (N=3), where the bitmap 1224 indicates that the second and the fifth fragments have not been 1225 correctly received. 1227 <------- R -------> 1228 <- T -> 0 1 2 3 4 5 6 7 1229 +---- ... --+-... -+-+-+-+-+-+-+-+-+-+ 1230 | Rule ID | DTag |W|1|0|1|1|0|1|1|1| 1231 +---- ... --+-... -+-+-+-+-+-+-+-+-+-+ 1233 Figure 13: Example of the bitmap in an ACK (in Window mode, for N=3) 1235 Figure 14 illustrates an ACK without a bitmap. 1237 <------- R -------> 1238 <- T -> 1239 +---- ... --+-... -+-+ 1240 | Rule ID | DTag |W| 1241 +---- ... --+-... -+-+ 1243 Figure 14: Example of an ACK without a bitmap 1245 Note that, in order to exploit the available L2 payload space to the 1246 fullest, a bitmap may have a size smaller than 2^N bits. In that 1247 case, the window in use will have a size lower than 2^N-1 fragments. 1248 For example, if the maximum available space for a bitmap is 56 bits, 1249 N can be set to 6, and the window size can be set to a maximum of 56 1250 fragments. 1252 9.6. Baseline mechanism 1254 The receiver of link fragments SHALL use (1) the sender's L2 source 1255 address (if present), (2) the destination's L2 address (if present), 1256 (3) Rule ID and (4) DTag to identify all the fragments that belong to 1257 a given IPv6 datagram. The fragment receiver may determine the 1258 fragment delivery reliability option in use for the fragment based on 1259 the Rule ID field in that fragment. 1261 Upon receipt of a link fragment, the receiver starts constructing the 1262 original unfragmented packet. It uses the CFN and the order of 1263 arrival of each fragment to determine the location of the individual 1264 fragments within the original unfragmented packet. For example, it 1265 may place the data payload of the fragments within a payload datagram 1266 reassembly buffer at the location determined from the CFN and order 1267 of arrival of the fragments, and the fragment payload sizes. In 1268 Window mode, the fragment receiver also uses the W bit in the 1269 received fragments. Note that the size of the original, unfragmented 1270 IPv6 packet cannot be determined from fragmentation headers. 1272 When Window mode - ACK on error is used, the fragment receiver starts 1273 a timer (denoted "ACK on Error Timer") upon reception of the first 1274 fragment for an IPv6 datagram. The initial value for this timer is 1275 not provided by this specification, and is expected to be defined in 1276 additional documents. This timer is reset every time that a new 1277 fragment carrying data from the same IPv6 datagram is received. In 1278 Window mode - ACK on error, upon timer expiration, if neither the 1279 last fragment of the IPv6 datagram nor the last fragment of the 1280 current window (i.e. with CFN=0) have been received, an ACK MUST be 1281 transmitted by the fragment receiver to indicate received and not 1282 received fragments for the current window. 1284 Note that, in Window mode, the first fragment of the window is the 1285 one sent with CFN=2^N-2. Also note that, in Window mode, the 1286 fragment with CFN=0 is considered the last fragment of its window, 1287 except for the last fragment of the whole packet (with all CFN bits 1288 set to 1), which is also the last fragment of the last window. Upon 1289 receipt of the last fragment of a window, if Window mode - ACK 1290 "Always" is used, the fragment receiver MUST send an ACK to the 1291 fragment sender. The ACK provides feedback on the fragments received 1292 and lost that correspond to the last window. 1294 If the recipient receives the last fragment of an IPv6 datagram, it 1295 checks for the integrity of the reassembled IPv6 datagram, based on 1296 the MIC received. In No ACK mode, if the integrity check indicates 1297 that the reassembled IPv6 datagram does not match the original IPv6 1298 datagram (prior to fragmentation), the reassembled IPv6 datagram MUST 1299 be discarded. If Window mode - ACK "Always" is used, the recipient 1300 MUST transmit an ACK to the fragment sender. The ACK provides 1301 feedback on the fragments that correspond to the last window. If 1302 Window mode - ACK on error is used, the recipient MUST NOT transmit 1303 an ACK to the sender if no losses have been detected for the last 1304 window. If losses have been detected, the recipient MUST then 1305 transmit an ACK to the sender to provide feedback on the last window. 1307 When Window mode - ACK "Always" is used, the fragment sender starts a 1308 timer (denoted "ACK Always Timer") after transmitting the last 1309 fragment of a fragmented IPv6 datagram. The fragment sender also 1310 starts the ACK Always Timer after transmitting the last fragment of a 1311 window. The initial value for this timer is not provided by this 1312 specification, and is expected to be defined in additional documents. 1313 Upon expiration of the timer, if no ACK has been received for the 1314 current window, the sender retransmits the last fragment, and it 1315 reinitializes and restarts the timer. Note that retransmitting the 1316 last fragment of a window as described serves as an ACK request. The 1317 maximum number of requests for a specific ACK, denoted 1318 MAX_ACK_REQUESTS, is not stated in this document, and it is expected 1319 to be defined in other documents (e.g. technology-specific profiles). 1321 In all Window mode options, the fragment sender retransmits any lost 1322 fragments reported in an ACK. 1324 If a fragment recipient disassociates from its L2 network, the 1325 recipient MUST discard all link fragments of all partially 1326 reassembled payload datagrams, and fragment senders MUST discard all 1327 not yet transmitted link fragments of all partially transmitted 1328 payload (e.g., IPv6) datagrams. Similarly, when a node first 1329 receives a fragment of a packet, it starts a reassembly timer. When 1330 this time expires, if the entire packet has not been reassembled, the 1331 existing fragments MUST be discarded and the reassembly state MUST be 1332 flushed. The value for this timer is not provided by this 1333 specification, and is expected to be defined in technology-specific 1334 profile documents. 1336 9.7. Supporting multiple window sizes 1338 For Window mode operation, implementers may opt to support a single 1339 window size or multiple window sizes. The latter, when feasible, may 1340 provide performance optimizations. For example, a large window size 1341 may be used for IPv6 packets that need to be carried by a large 1342 number of fragments. However, when the number of fragments required 1343 to carry an IPv6 packet is low, a smaller window size, and thus a 1344 shorter bitmap, may be sufficient to provide feedback on all 1345 fragments. If multiple window sizes are supported, the Rule ID may 1346 be used to signal the window size in use for a specific IPv6 packet 1347 transmission. 1349 9.8. Aborting fragmented IPv6 datagram transmissions 1351 For several reasons, a fragment sender or a fragment receiver may 1352 want to abort the on-going transmission of one or several fragmented 1353 IPv6 datagrams. The entity (either the fragment sender or the 1354 fragment receiver) that triggers abortion transmits to the other 1355 endpoint a format that only comprises a Rule ID (of size R bits), 1356 which signals abortion of all on-going fragmented IPv6 packet 1357 transmissions. The specific value to be used for the Rule ID of this 1358 abortion signal is not defined in this document, and is expected to 1359 be defined in future documents. 1361 Upon transmission or reception of the abortion signal, both entities 1362 MUST release any resources allocated for the fragmented IPv6 datagram 1363 transmissions being aborted. 1365 9.9. Downlink fragment transmission 1367 In some LPWAN technologies, as part of energy-saving techniques, 1368 downlink transmission is only possible immediately after an uplink 1369 transmission. In order to avoid potentially high delay for 1370 fragmented IPv6 datagram transmission in the downlink, the fragment 1371 receiver MAY perform an uplink transmission as soon as possible after 1372 reception of a fragment that is not the last one. Such uplink 1373 transmission may be triggered by the L2 (e.g. an L2 ACK sent in 1374 response to a fragment encapsulated in a L2 frame that requires an L2 1375 ACK) or it may be triggered from an upper layer. 1377 10. Security considerations 1379 10.1. Security considerations for header compression 1381 A malicious header compression could cause the reconstruction of a 1382 wrong packet that does not match with the original one, such 1383 corruption may be detected with end-to-end authentication and 1384 integrity mechanisms. Denial of Service may be produced but its 1385 arise other security problems that may be solved with or without 1386 header compression. 1388 10.2. Security considerations for fragmentation 1390 This subsection describes potential attacks to LPWAN fragmentation 1391 and suggests possible countermeasures. 1393 A node can perform a buffer reservation attack by sending a first 1394 fragment to a target. Then, the receiver will reserve buffer space 1395 for the IPv6 packet. Other incoming fragmented packets will be 1396 dropped while the reassembly buffer is occupied during the reassembly 1397 timeout. Once that timeout expires, the attacker can repeat the same 1398 procedure, and iterate, thus creating a denial of service attack. 1399 The (low) cost to mount this attack is linear with the number of 1400 buffers at the target node. However, the cost for an attacker can be 1401 increased if individual fragments of multiple packets can be stored 1402 in the reassembly buffer. To further increase the attack cost, the 1403 reassembly buffer can be split into fragment-sized buffer slots. 1404 Once a packet is complete, it is processed normally. If buffer 1405 overload occurs, a receiver can discard packets based on the sender 1406 behavior, which may help identify which fragments have been sent by 1407 an attacker. 1409 In another type of attack, the malicious node is required to have 1410 overhearing capabilities. If an attacker can overhear a fragment, it 1411 can send a spoofed duplicate (e.g. with random payload) to the 1412 destination. A receiver cannot distinguish legitimate from spoofed 1413 fragments. Therefore, the original IPv6 packet will be considered 1414 corrupt and will be dropped. To protect resource-constrained nodes 1415 from this attack, it has been proposed to establish a binding among 1416 the fragments to be transmitted by a node, by applying content- 1417 chaining to the different fragments, based on cryptographic hash 1418 functionality. The aim of this technique is to allow a receiver to 1419 identify illegitimate fragments. 1421 Further attacks may involve sending overlapped fragments (i.e. 1422 comprising some overlapping parts of the original IPv6 datagram). 1423 Implementers should make sure that correct operation is not affected 1424 by such event. 1426 11. Acknowledgements 1428 Thanks to Dominique Barthel, Carsten Bormann, Philippe Clavier, 1429 Arunprabhu Kandasamy, Antony Markovski, Alexander Pelov, Pascal 1430 Thubert, Juan Carlos Zuniga and Diego Dujovne for useful design 1431 consideration and comments. 1433 12. References 1435 12.1. Normative References 1437 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1438 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1439 December 1998, . 1441 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D. Culler, 1442 "Transmission of IPv6 Packets over IEEE 802.15.4 1443 Networks", RFC 4944, DOI 10.17487/RFC4944, September 2007, 1444 . 1446 [RFC5795] Sandlund, K., Pelletier, G., and L-E. Jonsson, "The RObust 1447 Header Compression (ROHC) Framework", RFC 5795, 1448 DOI 10.17487/RFC5795, March 2010, 1449 . 1451 [RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6 1452 Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136, 1453 February 2014, . 1455 12.2. Informative References 1457 [I-D.ietf-lpwan-overview] 1458 Farrell, S., "LPWAN Overview", draft-ietf-lpwan- 1459 overview-04 (work in progress), June 2017. 1461 Appendix A. Fragmentation examples 1463 This section provides examples of different fragment delivery 1464 reliability options possible on the basis of this specification. 1466 Figure 15 illustrates the transmission of an IPv6 packet that needs 1467 11 fragments in the No ACK option. 1469 Sender Receiver 1470 |-------CFN=0-------->| 1471 |-------CFN=0-------->| 1472 |-------CFN=0-------->| 1473 |-------CFN=0-------->| 1474 |-------CFN=0-------->| 1475 |-------CFN=0-------->| 1476 |-------CFN=0-------->| 1477 |-------CFN=0-------->| 1478 |-------CFN=0-------->| 1479 |-------CFN=0-------->| 1480 |-------CFN=1-------->|MIC checked => 1482 Figure 15: Transmission of an IPv6 packet carried by 11 fragments in 1483 the No ACK option 1485 Figure 16 illustrates the transmission of an IPv6 packet that needs 1486 11 fragments in Window mode - ACK on error, for N=3, without losses. 1488 Sender Receiver 1489 |-----W=1, CFN=6----->| 1490 |-----W=1, CFN=5----->| 1491 |-----W=1, CFN=4----->| 1492 |-----W=1, CFN=3----->| 1493 |-----W=1, CFN=2----->| 1494 |-----W=1, CFN=1----->| 1495 |-----W=1, CFN=0----->| 1496 (no ACK) 1497 |-----W=0, CFN=6----->| 1498 |-----W=0, CFN=5----->| 1499 |-----W=0, CFN=4----->| 1500 |-----W=0, CFN=7----->|MIC checked => 1501 (no ACK) 1503 Figure 16: Transmission of an IPv6 packet carried by 11 fragments in 1504 Window mode - ACK on error, for N=3, without losses. 1506 Figure 17 illustrates the transmission of an IPv6 packet that needs 1507 11 fragments in Window mode - ACK on error, for N=3, with three 1508 losses. 1510 Sender Receiver 1511 |-----W=1, CFN=6----->| 1512 |-----W=1, CFN=5----->| 1513 |-----W=1, CFN=4--X-->| 1514 |-----W=1, CFN=3----->| 1515 |-----W=1, CFN=2--X-->| 1516 |-----W=1, CFN=1----->| 1517 |-----W=1, CFN=0----->| 1518 |<-----ACK, W=1-------|Bitmap:11010111 1519 |-----W=1, CFN=4----->| 1520 |-----W=1, CFN=2----->| 1521 (no ACK) 1522 |-----W=0, CFN=6----->| 1523 |-----W=0, CFN=5----->| 1524 |-----W=0, CFN=4--X-->| 1525 |-----W=0, CFN=7----->|MIC checked 1526 |<-----ACK, W=0-------|Bitmap:11000001 1527 |-----W=0, CFN=4----->|MIC checked => 1528 (no ACK) 1530 Figure 17: Transmission of an IPv6 packet carried by 11 fragments in 1531 Window mode - ACK on error, for N=3, three losses. 1533 Figure 18 illustrates the transmission of an IPv6 packet that needs 1534 11 fragments in Window mode - ACK "always", for N=3, without losses. 1535 Note: in Window mode, an additional bit will be needed to number 1536 windows. 1538 Sender Receiver 1539 |-----W=1, CFN=6----->| 1540 |-----W=1, CFN=5----->| 1541 |-----W=1, CFN=4----->| 1542 |-----W=1, CFN=3----->| 1543 |-----W=1, CFN=2----->| 1544 |-----W=1, CFN=1----->| 1545 |-----W=1, CFN=0----->| 1546 |<-----ACK, W=1-------|no bitmap 1547 |-----W=0, CFN=6----->| 1548 |-----W=0, CFN=5----->| 1549 |-----W=0, CFN=4----->| 1550 |-----W=0, CFN=7----->|MIC checked => 1551 |<-----ACK, W=0-------|no bitmap 1552 (End) 1554 Figure 18: Transmission of an IPv6 packet carried by 11 fragments in 1555 Window mode - ACK "always", for N=3, no losses. 1557 Figure 19 illustrates the transmission of an IPv6 packet that needs 1558 11 fragments in Window mode - ACK "always", for N=3, with three 1559 losses. 1561 Sender Receiver 1562 |-----W=1, CFN=6----->| 1563 |-----W=1, CFN=5----->| 1564 |-----W=1, CFN=4--X-->| 1565 |-----W=1, CFN=3----->| 1566 |-----W=1, CFN=2--X-->| 1567 |-----W=1, CFN=1----->| 1568 |-----W=1, CFN=0----->| 1569 |<-----ACK, W=1-------|bitmap:11010111 1570 |-----W=1, CFN=4----->| 1571 |-----W=1, CFN=2----->| 1572 |<-----ACK, W=1-------|no bitmap 1573 |-----W=0, CFN=6----->| 1574 |-----W=0, CFN=5----->| 1575 |-----W=0, CFN=4--X-->| 1576 |-----W=0, CFN=7----->|MIC checked 1577 |<-----ACK, W=0-------|bitmap:11000001 1578 |-----W=0, CFN=4----->|MIC checked => 1579 |<-----ACK, W=0-------|no bitmap 1580 (End) 1582 Figure 19: Transmission of an IPv6 packet carried by 11 fragments in 1583 Window mode - ACK "Always", for N=3, with three losses. 1585 Appendix B. Rule IDs for fragmentation 1587 Different Rule IDs may be used for different aspects of fragmentation 1588 functionality as per this document. A summary of such Rule IDs 1589 follows: 1591 o A fragment, and the reliability option in use for the IPv6 1592 datagram being carried: i) No ACK, ii) Window mode - ACK on error, 1593 iii) Window mode - ACK "always". In Window mode, a specific Rule 1594 ID may be used for each supported window size. 1596 o An ACK message. 1598 o A message to abort all on-going transmissions. 1600 Appendix C. Note 1602 Carles Gomez has been funded in part by the Spanish Government 1603 (Ministerio de Educacion, Cultura y Deporte) through the Jose 1604 Castillejo grant CAS15/00336, and by the ERDF and the Spanish 1605 Government through project TEC2016-79988-P. Part of his contribution 1606 to this work has been carried out during his stay as a visiting 1607 scholar at the Computer Laboratory of the University of Cambridge. 1609 Authors' Addresses 1611 Ana Minaburo 1612 Acklio 1613 2bis rue de la Chataigneraie 1614 35510 Cesson-Sevigne Cedex 1615 France 1617 Email: ana@ackl.io 1619 Laurent Toutain 1620 IMT-Atlantique 1621 2 rue de la Chataigneraie 1622 CS 17607 1623 35576 Cesson-Sevigne Cedex 1624 France 1626 Email: Laurent.Toutain@imt-atlantique.fr 1628 Carles Gomez 1629 Universitat Politecnica de Catalunya 1630 C/Esteve Terradas, 7 1631 08860 Castelldefels 1632 Spain 1634 Email: carlesgo@entel.upc.edu