idnits 2.17.1 draft-ietf-mboned-ieee802-mcast-problems-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 3, 2018) is 2272 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'ICMPv6' is mentioned on line 528, but not defined == Outdated reference: A later version (-23) exists of draft-ietf-6lo-ap-nd-05 == Outdated reference: A later version (-20) exists of draft-ietf-6lo-backbone-router-05 == Outdated reference: A later version (-21) exists of draft-ietf-6lo-rfc6775-update-11 == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-13 Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Area C. Perkins 3 Internet-Draft M. McBride 4 Intended status: Informational Futurewei 5 Expires: August 7, 2018 D. Stanley 6 HPE 7 W. Kumari 8 Google 9 JC. Zuniga 10 SIGFOX 11 February 3, 2018 13 Multicast Considerations over IEEE 802 Wireless Media 14 draft-ietf-mboned-ieee802-mcast-problems-01 16 Abstract 18 Well-known issues with multicast have prevented the deployment of 19 multicast in 802.11 [dot11], [mc-props], [mc-prob-stmt], and other 20 local-area wireless environments. IETF multicast experts have been 21 meeting together to discuss these issues and provide IEEE updates. 22 The mboned working group is chartered to receive regular reports on 23 the current state of the deployment of multicast technology, create 24 "practice and experience" documents that capture the experience of 25 those who have deployed and are deploying various multicast 26 technologies, and provide feedback to other relevant working groups. 27 This document offers guidance on known limitations and problems with 28 wireless multicast. Also described are various multicast enhancement 29 features that have been specified at IETF and IEEE 802 for wireless 30 media, as well as some operational chioces that can be taken to 31 improve the performace of the network. Finally, some recommendations 32 are provided about the usage and combination of these features and 33 operational choices. 35 Status of This Memo 37 This Internet-Draft is submitted in full conformance with the 38 provisions of BCP 78 and BCP 79. 40 Internet-Drafts are working documents of the Internet Engineering 41 Task Force (IETF). Note that other groups may also distribute 42 working documents as Internet-Drafts. The list of current Internet- 43 Drafts is at https://datatracker.ietf.org/drafts/current/. 45 Internet-Drafts are draft documents valid for a maximum of six months 46 and may be updated, replaced, or obsoleted by other documents at any 47 time. It is inappropriate to use Internet-Drafts as reference 48 material or to cite them other than as "work in progress." 49 This Internet-Draft will expire on August 7, 2018. 51 Copyright Notice 53 Copyright (c) 2018 IETF Trust and the persons identified as the 54 document authors. All rights reserved. 56 This document is subject to BCP 78 and the IETF Trust's Legal 57 Provisions Relating to IETF Documents 58 (https://trustee.ietf.org/license-info) in effect on the date of 59 publication of this document. Please review these documents 60 carefully, as they describe your rights and restrictions with respect 61 to this document. Code Components extracted from this document must 62 include Simplified BSD License text as described in Section 4.e of 63 the Trust Legal Provisions and are provided without warranty as 64 described in the Simplified BSD License. 66 Table of Contents 68 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 69 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 70 3. Identified mulitcast issues . . . . . . . . . . . . . . . . . 5 71 3.1. Issues at Layer 2 and Below . . . . . . . . . . . . . . . 5 72 3.1.1. Multicast reliability . . . . . . . . . . . . . . . . 5 73 3.1.2. Lower and Variable Data Rate . . . . . . . . . . . . 5 74 3.1.3. High Interference . . . . . . . . . . . . . . . . . . 6 75 3.1.4. Power-save Effects on Multicast . . . . . . . . . . . 6 76 3.2. Issues at Layer 3 and Above . . . . . . . . . . . . . . . 7 77 3.2.1. IPv4 issues . . . . . . . . . . . . . . . . . . . . . 7 78 3.2.2. IPv6 issues . . . . . . . . . . . . . . . . . . . . . 7 79 3.2.3. MLD issues . . . . . . . . . . . . . . . . . . . . . 8 80 3.2.4. Spurious Neighbor Discovery . . . . . . . . . . . . . 8 81 4. Multicast protocol optimizations . . . . . . . . . . . . . . 9 82 4.1. Proxy ARP in 802.11-2012 . . . . . . . . . . . . . . . . 9 83 4.2. IPv6 Address Registration and Proxy Neighbor Discovery . 10 84 4.3. Buffering to improve Power-Save . . . . . . . . . . . . . 11 85 4.4. IPv6 support in 802.11-2012 . . . . . . . . . . . . . . . 12 86 4.5. Conversion of multicast to unicast . . . . . . . . . . . 12 87 4.6. Directed Multicast Service (DMS) . . . . . . . . . . . . 12 88 4.7. GroupCast with Retries (GCR) . . . . . . . . . . . . . . 13 89 5. Operational optimizations . . . . . . . . . . . . . . . . . . 14 90 5.1. Mitigating Problems from Spurious Neighbor Discovery . . 14 91 6. Multicast Considerations for Other Wireless Media . . . . . . 16 92 7. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 16 93 8. Discussion Items . . . . . . . . . . . . . . . . . . . . . . 16 94 9. Security Considerations . . . . . . . . . . . . . . . . . . . 17 95 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 96 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 17 97 12. Informative References . . . . . . . . . . . . . . . . . . . 17 98 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 100 1. Introduction 102 Performance issues have been observed when multicast packet 103 transmissions of IETF protocols are used over IEEE 802 wireless 104 media. Even though enhamcements for multicast transmissions have 105 been designed at both IETF and IEEE 802, incompatibilities still 106 exist between specifications, implementations and configuration 107 choices. 109 Many IETF protocols depend on multicast/broadcast for delivery of 110 control messages to multiple receivers. Multicast is used for 111 various purposes such as neighborhood discovery, network flooding, 112 address resolution, as well minimizing media occupancy for the 113 transmission of data that is intended for multiple receivers. In 114 addition to protocol use of broadcast/multicast for control messages, 115 more applications, such as push to talk in hospitals, video in 116 enterprises and lectures in Universities, are streaming over wifi. 117 Many types of end devices are increasingly using wifi for their 118 connectivity. 120 IETF protocols typically rely on network protocol layering in order 121 to reduce or eliminate any dependence of higher level protocols on 122 the specific nature of the MAC layer protocols or the physical media. 123 In the case of multicast transmissions, higher level protocols have 124 traditionally been designed as if transmitting a packet to an IP 125 address had the same cost in interference and network media access, 126 regardless of whether the destination IP address is a unicast address 127 or a multicast or broadcast address. This model was reasonable for 128 networks where the physical medium was wired, like Ethernet. 129 Unfortunately, for many wireless media, the costs to access the 130 medium can be quite different. Multicast over wifi has often been 131 plagued by such poor performance that it is disallowed. Some 132 enhancements have been designed in IETF protocols that are assumed to 133 work primarily over wireless media. However, these enhancements are 134 usually implemented in limited deployments and not widespread on most 135 wireless networks. 137 IEEE 802 wireless protocols have been designed with certain features 138 to support multicast traffic. For instance, lower modulations are 139 used to transmit multicast frames, so that these can be received by 140 all stations in the cell, regardless of the distance or path 141 attenuation from the base station or access point. However, these 142 lower modulation transmissions occupy the medium longer; they hamper 143 efficient transmission of traffic using higher order modulations to 144 nearby stations. For these and other reasons, IEEE 802 working 145 groups such as 802.11 have designed features to improve the 146 performance of multicast transmissions at Layer 2 [ietf_802-11]. In 147 addition to protocol design features, certain operational and 148 configuration enhancements can ameliorate the network performance 149 issues created by multicast traffic. as described in Section 5. 151 In discussing these issues over email, and in a side meeting at IETF 152 99, it has been generally agreed that these problems will not be 153 fixed anytime soon primarily because it's expensive to do so and 154 multicast is unreliable. A big problem is that multicast is somewhat 155 a second class citizen, to unicast, over wifi. There are many 156 protocols using multicast and there needs to be something provided in 157 order to make them more reliable. The problem of IPv6 neighbor 158 discovery saturating the wifi link is only part of the problem. Wifi 159 traffic classes may help. We need to determine what problem should 160 be solved by the IETF and what problem should be solved by the IEEE 161 (see Section 8). A "multicast over wifi" IETF mailing list has been 162 formed (mcast-wifi@ietf.org) for further discussion. This draft will 163 be updated according to the current state of discussion. 165 This Internet Draft details various problems caused by multicast 166 transmission over wireless networks, including high packet error 167 rates, no acknowledgements, and low data rate. It also explains some 168 enhancements that have been designed at IETF and IEEE 802, as well as 169 the operational choices that can be taken, to ameliorate the effects 170 of multicast traffic. Recommendations about how to use and combine 171 these enhancements are also provided. 173 2. Terminology 175 This document uses the following definitions: 177 AP 178 IEEE 802.11 Access Point. 180 basic rate 181 The "lowest common denominator" data rate at which multicast and 182 broadcast traffic is generally transmitted. 184 DTIM 185 Delivery Traffic Indication Map (DTIM): An information element 186 that advertises whether or not any associated stations have 187 buffered multicast or broadcast frames. 189 MCS 190 Modulation and Coding Scheme. 192 STA 193 802.11 station (e.g. handheld device). 195 TIM 196 Traffic Indication Map (TIM): An information element that 197 advertises whether or not any associated stations have buffered 198 unicast frames. 200 3. Identified mulitcast issues 202 3.1. Issues at Layer 2 and Below 204 In this section we describe some of the issues related to the use of 205 multicast transmissions over IEEE 802 wireless technologies. 207 3.1.1. Multicast reliability 209 Multicast traffic is typically much less reliable than unicast 210 traffic. Since multicast makes point-to-multipoint communications, 211 multiple acknowledgements would be needed to guarantee reception at 212 all recipients. Since typically there are no ACKs for multicast 213 packets, it is not possible for the Access Point (AP) to know whether 214 or not a retransmission is needed. Even in the wired Internet, this 215 characteristic often causes undesirably high error rates. This has 216 contributed to the relatively slow uptake of multicast applications 217 even though the protocols have long been available. The situation 218 for wireless links is much worse, and is quite sensitive to the 219 presence of background traffic. Consequently, there can be a high 220 packet error rate (PER) due to lack of retransmission, and because 221 the sender never backs off. It is not uncommon for there to be a 222 packet loss rate of 5% or more, which is particularly troublesome for 223 video and other environments where high data rates and high 224 reliability are required. 226 3.1.2. Lower and Variable Data Rate 228 One big difference between multicast over wired versus multicast over 229 wired is that transmission over wired links often occurs at a fixed 230 rate. Wifi, on the other hand, has a transmission rate which varies 231 depending upon the clients proximity to the AP. The throughput of 232 video flows, and the capacity of the broader wifi network, will 233 change and will impact the ability for QoS solutions to effectively 234 reserve bandwidth and provide admission control. 236 For wireless stations associated with an Access Points, the power 237 necessary for good reception can vary from station to station. For 238 unicast, the goal is to minimize power requirements while maximizing 239 the data rate to the destination. For multicast, the goal is simply 240 to maximize the number of receivers that will correctly receive the 241 multicast packet; generally the Access Point has to use a much lower 242 data rate at a power level high enough for even the farthest station 243 to receive the packet. Consequently, the data rate of a video 244 stream, for instance, would be constrained by the environmental 245 considerations of the least reliable receiver associated with the 246 Access Point. 248 Because more robust modulation and coding schemes (MCSs) have longer 249 range but also lower data rate, multicast / broadcast traffic is 250 generally transmitted at the lowest common denominator rate, also 251 known as the basic rate. Depending on the specific 802.11 252 technology, and the configured choice for the base data rate for 253 multicast transmission from the Access Point, the amount of 254 additional interference can range from a factor of ten, to a factor 255 thousands for 802.11ac. 257 Wired multicast also affects wireless LANs when the AP extends the 258 wired segment; in that case, multicast / broadcast frames on the 259 wired LAN side are copied to WLAN. Since broadcast messages are 260 transmitted at the most robust MCS, many large frames are sent at a 261 slow rate over the air. 263 3.1.3. High Interference 265 Transmissions at a lower rate require longer occupancy of the 266 wireless medium and thus take away from the airtime of other 267 communications and degrade the overall capacity. Furthermore, 268 transmission at higher power, as is required to reach all multicast 269 clients associated to the AP, proportionately increases the area of 270 interference. 272 3.1.4. Power-save Effects on Multicast 274 One of the characteristics of multicast transmission is that every 275 station has to be configured to wake up to receive the multicast, 276 even though the received packet may ultimately be discarded. This 277 process can have a large effect on the power consumption by the 278 multicast receiver station. 280 Multicast can work poorly with the power-save mechanisms defined in 281 IEEE 802.11e, for the following reasons. 283 o Clients may be unable to stay in sleep mode due to multicast 284 control packets frequently waking them up. 285 o Both unicast and multicast traffic can be delayed by power-saving 286 mechanisms. 288 o A unicast packet is delayed until a STA wakes up and requests it. 289 Unicast traffic may also be delayed to improve power save, 290 efficiency and increase probability of aggregation. 291 o Multicast traffic is delayed in a wireless network if any of the 292 STAs in that network are power savers. All STAs associated to the 293 AP have to be awake at a known time to receive multicast traffic. 294 o Packets can also be discarded due to buffer limitations in the AP 295 and non-AP STA. 297 3.2. Issues at Layer 3 and Above 299 This section identifies some representative IETF protocols, and 300 describes possible negative effects due to performance degradation 301 when using multicast transmissions for control messages. Common uses 302 of multicast include: 304 o Control plane for IPv4 and IPv6 305 o ARP and Neighbor Discovery 306 o Service discovery 307 o Applications (video delivery, stock data etc) 308 o Other L3 protocols (non-IP) 310 3.2.1. IPv4 issues 312 The following list contains a few representative IPv4 protocols using 313 multicast. 315 o ARP 316 o DHCP 317 o mDNS 319 After initial configuration, ARP and DHCP occur much less commonly. 320 But service discovery can occur at any time. Apple's Bonjour 321 protocol, for instance, provides service discovery (for printing) 322 that utilizes multicast. It's the first thing operators drop. Even 323 if multicast snooping is utilized, many devices register at once 324 using Bonjour, causing serious network degradation. 326 3.2.2. IPv6 issues 328 IPv6 makes much more extensive use of multicast, including the 329 following: 331 o DHCPv6 332 o IPv6 Neighbor Discovery Protocol (NDP) is not very tolerant of 333 packet losses. In particular, the Duplicate Address Detection 334 (DAD) process fails when the owner of an address does not receive 335 the multicast DAD message from another node that wishes to own 336 that same address. This can result in an address being duplicated 337 in the subnet, breaking a basic assumption of IPv6 connectivity. 338 o IPv6 NDP Neighbor Solicitation (NS) messages used in DAD and 339 Address Lookup make use of Link-Scope multicast. In contrast to 340 IPv4, an IPv6 Node will typically use multiple addresses, and may 341 change them often for privacy reasons. This multiplies the impact 342 of multicast messages that are associated to the mobility of a 343 Node. Router advertisement (RA) messages are also periodically 344 multicasted over the Link. 345 o Neighbors may be considered lost if several consecutive packets 346 fail. 348 Address Resolution 350 Service Discovery 352 Route Discovery 354 Decentralized Address Assignment 356 Geographic routing 358 3.2.3. MLD issues 360 Multicast Listener Discovery(MLD) [RFC4541] is often used to identify 361 members of a multicast group that are connected to the ports of a 362 switch. Forwarding multicast frames into a WiFi-enabled area can use 363 such switch support for hardware forwarding state information. 364 However, since IPv6 makes heavy use of multicast, each STA with an 365 IPv6 address will require state on the switch for several and 366 possibly many multicast solicited-node addresses. Multicast 367 addresses that do not have forwarding state installed (perhaps due to 368 hardware memory limitations on the switch) cause frames to be flooded 369 on all ports of the switch. 371 3.2.4. Spurious Neighbor Discovery 373 On the Internet there is a "background radiation" of scanning traffic 374 (people scanning for vulnerable machines) and backscatter (responses 375 from spoofed traffic, etc). This means that routers very often 376 receive packets destined for machines whose IP addresses may or may 377 not be in use. In the cases where the IP is assigned to a host, the 378 router broadcasts an ARP request, gets back an ARP reply, and caches 379 it; then traffic can be delivered to the host. When the IP address 380 is not in use, the router broadcasts one (or more) ARP requests, and 381 never gets a reply. This means that it does not populate the ARP 382 cache, and the next time there is traffic for that IP address the 383 router will rebroadcast the ARP requests. 385 The rate of these ARP requests is proportional to the size of the 386 subnets, the rate of scanning and backscatter, and how long the 387 router keeps state on non-responding ARPs. As it turns out, this 388 rate is inversely proportional to how occupied the subnet is (valid 389 ARPs end up in a cache, stopping the broadcasting; unused IPs never 390 respond, and so cause more broadcasts). Depending on the address 391 space in use, the time of day, how occupied the subnet is, and other 392 unknown factors, on the order of 2000 broadcasts per second have been 393 observed at the IETF NOCs. 395 On a wired network, there is not a huge difference amongst unicast, 396 multicast and broadcast traffic; but this is not true in the wireless 397 realm. Wireless equipment often is unable to send this amount of 398 broadcast and multicast traffic. Consequently, on the wireless 399 networks, we observe a significant amount of dropped broadcast and 400 multicast packets. This, in turn, means that when a host connects it 401 is often not able to complete DHCP, and IPv6 RAs get dropped, leading 402 to users being unable to use the network. 404 4. Multicast protocol optimizations 406 This section lists some optimizations that have been specified in 407 IEEE 802 and IETF that are aimed at reducing or eliminating the 408 issues discussed in Section 3. 410 4.1. Proxy ARP in 802.11-2012 412 The AP knows the MAC address and IP address for all associated STAs. 413 In this way, the AP acts as the central "manager" for all the 802.11 414 STAs in its BSS. Proxy ARP is easy to implement at the AP, and 415 offers the following advantages: 417 o Reduced broadcast traffic (transmitted at low MCS) on the wireless 418 medium 419 o STA benefits from extended power save in sleep mode, as ARP 420 requests for STA's IP address are handled instead by the AP. 421 o ARP frames are kept off the wireless medium. 422 o No changes are needed to STA implementation. 424 Here is the specification language as described in clause 10.23.13 of 425 [dot11-proxyarp]: 427 When the AP supports Proxy ARP "[...] the AP shall maintain a 428 Hardware Address to Internet Address mapping for each associated 429 station, and shall update the mapping when the Internet Address of 430 the associated station changes. When the IPv4 address being 431 resolved in the ARP request packet is used by a non-AP STA 432 currently associated to the BSS, the proxy ARP service shall 433 respond on behalf of the non-AP STA" 435 4.2. IPv6 Address Registration and Proxy Neighbor Discovery 437 As used in this section, a Low-Power Wireless Personal Area Network 438 (6LoWPAN) denotes a low power lossy network (LLN) that supports 439 6LoWPAN Header Compression (HC) [RFC6282]. A 6TiSCH network 440 [I-D.ietf-6tisch-architecture] is an example of a 6LowPAN. In order 441 to control the use of IPv6 multicast over 6LoWPANs, the 6LoWPAN 442 Neighbor Discovery (6LoWPAN ND) [RFC6775] standard defines an address 443 registration mechanism that relies on a central registry to assess 444 address uniqueness, as a substitute to the inefficient Duplicate 445 Address Detection (DAD) mechanism found in the mainstream IPv6 446 Neighbor Discovery Protocol (NDP) [RFC4861][RFC4862]. 448 The 6lo Working Group is now completing an update 449 [I-D.ietf-6lo-rfc6775-update] to RFC6775. The update enables the 450 registration to a Backbone Router [I-D.ietf-6lo-backbone-router], 451 which proxies for the registered addresses with the mainstream IPv6 452 NDP running on a high speed aggragating backbone. The update also 453 enables a proxy registration on behalf of the registered node, e.g. 454 by a 6LoWPAN router to which the mobile node is attached. 456 The general idea behind the backbone router concept is that in a 457 variety of Wireless Local Area Networks (WLANs) and Wireless Personal 458 Area Networks (WPANs), the broadcast/multicast domain should be 459 controlled, and connectivity to a particular link that provides the 460 subnet should be left to Layer-3. The model for the Backbone Router 461 operation is represented in Figure 1. 463 | 464 +-----+ 465 | | Gateway (default) router 466 | | 467 +-----+ 468 | 469 | Backbone Link 470 +--------------------+------------------+ 471 | | | 472 +-----+ +-----+ +-----+ 473 | | Backbone | | Backbone | | Backbone 474 | | router | | router | | router 475 +-----+ +-----+ +-----+ 476 o o o o o o 477 o o o o o o o o o o o o o o 478 o o o o o o o o o o o o o o o 479 o o o o o o o o o o 480 o o o o o o o 482 LLN LLN LLN 484 Figure 1: Backbone Link and Backbone Routers 486 LLN nodes can move freely from an LLN anchored at one IPv6 Backbone 487 Router to an LLN anchored at another Backbone Router on the same 488 backbone, keeping any of the IPv6 addresses they have configured. 489 The Backbone Routers maintain a Binding Table of their Registered 490 Nodes, which serves as a distributed database of all the LLN Nodes. 491 An extension to the Neighbor Discovery Protocol is introduced to 492 exchange that information across the Backbone Link in the reactive 493 fashion of mainstream IPv6 Neighbor Discovery. 495 RFC6775 and follow-on work (e.g., [I-D.ietf-6lo-ap-nd], are designed 496 to address the needs of LLNs, but the techniques are likely to be 497 valuable on any type of link where sleeping devices are attached, or 498 where the use of broadcast and multicast operations should be 499 limited. 501 4.3. Buffering to improve Power-Save 503 Methods have been developed to help save battery life; for example, a 504 device might not wake up when the AP receives a multicast packet. 505 The AP acts on behalf of STAs in various ways. In order to improve 506 the power-saving feature for STAs in its BSS, the AP buffers frames 507 for delivery to the STA at the time when the STA is scheduled for 508 reception. If an AP, for instance, expresses a DTIM of 3 then it 509 will send a multicast packet every 3 packets. But the reality is 510 that most AP's will send a multicast every 30 packets. For unicast 511 there's a TIM. But because multicast is going to everyone, the AP 512 sends a broadcast to everyone. DTIM does power management but 513 clients can choose whether or not to wake up or not and whether or 514 not to drop the packet. Unfortunately, without proper administrative 515 control, such clients may no longer be able to determine why their 516 multicast operations do not work. 518 4.4. IPv6 support in 802.11-2012 520 IPv6 uses Neighbor Discovery Protocol (NDP) instead of ARP. Every 521 IPv6 node subscribes to a special multicast address for this purpose. 523 Here is the specification language from clause 10.23.13 of 524 [dot11-proxyarp]: 526 "When an IPv6 address is being resolved, the Proxy Neighbor 527 Discovery service shall respond with a Neighbor Advertisement 528 message [...] on behalf of an associated STA to an [ICMPv6] 529 Neighbor Solicitation message [...]. When MAC address mappings 530 change, the AP may send unsolicited Neighbor Advertisement 531 Messages on behalf of a STA." 533 NDP may be used to request additional information 535 o Maximum Transmission Unit 536 o Router Solicitation 537 o Router Advertisement, etc. 539 NDP messages are sent as group addressed (broadcast) frames in 540 802.11. Using the proxy operation helps to keep NDP messages off the 541 wireless medium. 543 4.5. Conversion of multicast to unicast 545 It is often possible to transmit multicast control and data messages 546 by using unicast transmissions to each station individually. 548 4.6. Directed Multicast Service (DMS) 550 There are situations where more is needed than simply converting 551 multicast to unicast. For these purposes, DMS enables a client to 552 request that the AP transmit multicast group addressed frames 553 destined to the requesting clients as individually addressed frames 554 [i.e., convert multicast to unicast]. Here are some characteristics 555 of DMS: 557 o Requires 802.11n A-MSDUs 558 o Individually addressed frames are acknowledged and are buffered 559 for power save clients 560 o The requesting STA may specify traffic characteristics for DMS 561 traffic 562 o DMS was defined in IEEE Std 802.11v-2011 563 o DMS requires changes to both AP and STA implementation. 565 DMS is not currently implemented in products. 567 4.7. GroupCast with Retries (GCR) 569 GCR (defined in [dot11aa]) provides greater reliability by using 570 either unsolicited retries or a block acknowledgement mechanism. GCR 571 increases probability of broadcast frame reception success, but still 572 does not guarantee success. 574 For the block acknowledgement mechanism, the AP transmits each group 575 addressed frame as conventional group addressed transmission. 576 Retransmissions are group addressed, but hidden from non-11aa 577 clients. A directed block acknowledgement scheme is used to harvest 578 reception status from receivers; retransmissions are based upon these 579 responses. 581 GCR is suitable for all group sizes including medium to large groups. 582 As the number of devices in the group increases, GCR can send block 583 acknowledgement requests to only a small subset of the group. GCR 584 does require changes to both AP and STA implementation. 586 GCR may introduce unacceptable latency. After sending a group of 587 data frames to the group, the AP has do the following: 589 o unicast a Block Ack Request (BAR) to a subset of members. 590 o wait for the corresponding Block Ack (BA). 591 o retransmit any missed frames. 592 o resume other operations which may have been delayed. 594 This latency may not be acceptable for some traffic. 596 There are ongoing extensions in 802.11 to improve GCR performance. 598 o BAR is sent using downlink MU-MIMO (note that downlink MU-MIMO is 599 already specified in 802.11-REVmc 4.3). 600 o BA is sent using uplink MU-MIMO (which is a .11ax feature). 601 o Additional 802.11ax extensions are under consideration; see 602 [mc-ack-mux] 603 o Latency may also be reduced by simultaneously receiving BA 604 information from multiple clients. 606 5. Operational optimizations 608 This section lists some operational optimizations that can be 609 implemented when deploying wireless IEEE 802 networks to mitigate the 610 issues discussed in Section 3. 612 5.1. Mitigating Problems from Spurious Neighbor Discovery 614 ARP Sponges 616 An ARP Sponge sits on a network and learn which IPs addresses 617 are actually in use. It also listen for ARP requests, and, if 618 it sees an ARP for an IP address which it believes is not used, 619 it will reply with its own MAC address. This means that the 620 router now has an IP to MAC mapping, which it caches. If that 621 IP is later assigned to an machine (e.g using DHCP), the ARP 622 sponge will see this, and will stop replying for that address. 623 Gratuitous ARPs (or the machine ARPing for its gateway) will 624 replace the sponged address in the router ARP table. This 625 technique is quite effective; but, unfortunately, the ARP 626 sponge daemons were not really designed for this use (the 627 standard one [arpsponge], was designed to deal with the 628 disappearance of participants from an IXP) and so are not 629 optimized for this purpose. We have to run one daemon per 630 subnet, the tuning is tricky (the scanning rate versus the 631 population rate versus retires, etc.) and sometimes the daemons 632 just seem to stop, requiring a restart of the daemon and 633 causing disruption. 635 Router mitigations 637 Some routers (often those based on Linux) implement a "negative 638 ARP cache" daemon. Simply put, if the router does not see a 639 reply to an ARP it can be configured to cache this information 640 for some interval. Unfortunately, the core routers which we 641 are using do not support this. When a host connects to network 642 and gets an IP address, it will ARP for its default gateway 643 (the router). The router will update its cache with the IP to 644 host MAC mapping learnt from the request (passive ARP 645 learning). 647 Firewall unused space 649 The distribution of users on wireless networks / subnets 650 changes from meeting to meeting (e.g the "IETF-secure" SSID was 651 renamed to "IETF", fewer users use "IETF-legacy", etc). This 652 utilization is difficult to predict ahead of time, but we can 653 monitor the usage as attendees use the different networks. By 654 configuring multiple DHCP pools per subnet, and enabling them 655 sequentially, we can have a large subnet, but only assign 656 addresses from the lower portions of it. This means that we 657 can apply input IP access lists, which deny traffic to the 658 upper, unused portions. This means that the router does not 659 attempt to forward packets to the unused portions of the 660 subnets, and so does not ARP for it. This method has proven to 661 be very effective, but is somewhat of a blunt axe, is fairly 662 labor intensive, and requires coordination. 664 Disabling/filtering ARP requests 666 In general, the router does not need to ARP for hosts; when a 667 host connects, the router can learn the IP to MAC mapping from 668 the ARP request sent by that host. This means that we should 669 be able to disable and / or filter ARP requests from the 670 router. Unfortunately, ARP is a very low level / fundamental 671 part of the IP stack, and is often offloaded from the normal 672 control plane. While many routers can filter layer-2 traffic, 673 this is usually implemented as an input filter and / or has 674 limited ability to filter output broadcast traffic. This means 675 that the simple "just disable ARP or filter it outbound" seems 676 like a really simple (and obvious) solution, but 677 implementations / architectural issues make this difficult or 678 awkward in practice. 680 NAT 682 The broadcasts are overwhelmingly being caused by outside 683 scanning / backscatter traffic. This means that, if we were to 684 NAT the entire (or a large portion) of the attendee networks, 685 there would be no NAT translation entries for unused addresses, 686 and so the router would never ARP for them. The IETF NOC has 687 discussed NATing the entire (or large portions) attendee 688 address space, but a: elegance and b: flaming torches and 689 pitchfork concerns means we have not attempted this yet. 691 Stateful firewalls 693 Another obvious solution would be to put a stateful firewall 694 between the wireless network and the Internet. This firewall 695 would block incoming traffic not associated with an outbound 696 request. The IETF philosophy has been to have the network as 697 open as possible / honor the end-to-end principle. An attendee 698 on the meeting network should be an Internet host, and should 699 be able to receive unsolicited requests. Unfortunately, 700 keeping the network working and stable is the first priority 701 and a stateful firewall may be required in order to achieve 702 this. 704 6. Multicast Considerations for Other Wireless Media 706 Many of the causes of performance degradation described in earlier 707 sections are also observable for wireless media other than 802.11. 709 For instance, problems with power save, excess media occupancy, and 710 poor reliability will also affect 802.15.3 and 802.15.4. However, 711 802.15 media specifications do not include mechanisms similar to 712 those developed for 802.11. In fact, the design philosophy for 713 802.15 is oriented towards minimality, with the result that many such 714 functions would more likely be relegated to operation within higher 715 layer protocols. This leads to a patchwork of non-interoperable and 716 vendor-specific solutions. See [uli] for some additional discussion, 717 and a proposal for a task group to resolve similar issues, in which 718 the multicast problems might be considered for mitigation. 720 7. Recommendations 722 This section will provide some recommendations about the usage and 723 combinations of the multicast enhancements described in Section 4 and 724 Section 5. 726 (FFS) 728 8. Discussion Items 730 This section will suggest some discussion items for further 731 resolution. 733 The IETF may need to decide that broadcast is more expensive so 734 multicast needs to be sent wired. For example, 802.1ak works on 735 ethernet and wifi. 802.1ak has been pulled into 802.1Q as of 802.1Q- 736 2011. 802.1Q-2014 can be looked at here: http://www.ieee802.org/1/ 737 pages/802.1Q-2014.html. If a generic solution is not found, 738 guidelines for multicast over wifi should be established. 740 To provide an idea going forward, perhaps a reliable registration to 741 Layer-2 multicast groups and a reliable multicast operation at 742 Layer-2 could provide a generic solution. There is no need to 743 support 2^24 groups to get solicited node multicast working: it is 744 possible to simply select a number of trailing bits that make sense 745 for a given network size to limit the amount of unwanted deliveries 746 to reasonable levels. IEEE 802.1, 802.11, and 802.15 should be 747 encouraged to revisit L2 multicast issues. In particular, Wi-Fi 748 provides a broadcast service, not a multicast one; at the PHY level, 749 all frames are broadcast except in very unusual cases in which 750 special beamforming transmitters are used. Unicast offers the 751 advantage of being much faster (2 orders of magnitude) and much more 752 reliable (L2 ARQ). 754 9. Security Considerations 756 This document does not introduce any security mechanisms, and does 757 not have affect existing security mechanisms. 759 10. IANA Considerations 761 This document does not specify any IANA actions. 763 11. Acknowledgements 765 This document has benefitted from discussions with the following 766 people, in alphabetical order: Pascal Thubert 768 12. Informative References 770 [arpsponge] 771 Arien Vijn, Steven Bakker, "Arp Sponge", March 2015. 773 [dot11] P802.11, "Part 11: Wireless LAN Medium Access Control 774 (MAC) and Physical Layer (PHY) Specifications", March 775 2012. 777 [dot11-proxyarp] 778 P802.11, "Proxy ARP in 802.11ax", September 2015. 780 [dot11aa] P802.11, "Part 11: Wireless LAN Medium Access Control 781 (MAC) and Physical Layer (PHY) Specifications Amendment 2: 782 MAC Enhancements for Robust Audio Video Streaming", March 783 2012. 785 [I-D.ietf-6lo-ap-nd] 786 Thubert, P., Sarikaya, B., and M. Sethi, "Address 787 Protected Neighbor Discovery for Low-power and Lossy 788 Networks", draft-ietf-6lo-ap-nd-05 (work in progress), 789 January 2018. 791 [I-D.ietf-6lo-backbone-router] 792 Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- 793 backbone-router-05 (work in progress), January 2018. 795 [I-D.ietf-6lo-rfc6775-update] 796 Thubert, P., Nordmark, E., Chakrabarti, S., and C. 797 Perkins, "An Update to 6LoWPAN ND", draft-ietf-6lo- 798 rfc6775-update-11 (work in progress), December 2017. 800 [I-D.ietf-6tisch-architecture] 801 Thubert, P., "An Architecture for IPv6 over the TSCH mode 802 of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work 803 in progress), November 2017. 805 [ietf_802-11] 806 Dorothy Stanley, "IEEE 802.11 multicast capabilities", Nov 807 2015. 809 [mc-ack-mux] 810 Yusuke Tanaka et al., "Multiplexing of Acknowledgements 811 for Multicast Transmission", July 2015. 813 [mc-prob-stmt] 814 Mikael Abrahamsson and Adrian Stephens, "Multicast on 815 802.11", March 2015. 817 [mc-props] 818 Adrian Stephens, "IEEE 802.11 multicast properties", March 819 2015. 821 [RFC4541] Christensen, M., Kimball, K., and F. Solensky, 822 "Considerations for Internet Group Management Protocol 823 (IGMP) and Multicast Listener Discovery (MLD) Snooping 824 Switches", RFC 4541, DOI 10.17487/RFC4541, May 2006, 825 . 827 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 828 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 829 DOI 10.17487/RFC4861, September 2007, 830 . 832 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 833 Address Autoconfiguration", RFC 4862, 834 DOI 10.17487/RFC4862, September 2007, 835 . 837 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 838 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 839 DOI 10.17487/RFC6282, September 2011, 840 . 842 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 843 Bormann, "Neighbor Discovery Optimization for IPv6 over 844 Low-Power Wireless Personal Area Networks (6LoWPANs)", 845 RFC 6775, DOI 10.17487/RFC6775, November 2012, 846 . 848 [uli] Pat Kinney, "LLC Proposal for 802.15.4", Nov 2015. 850 Authors' Addresses 852 Charles E. Perkins 853 Futurewei Inc. 854 2330 Central Expressway 855 Santa Clara, CA 95050 856 USA 858 Phone: +1-408-330-4586 859 Email: charliep@computer.org 861 Mike McBride 862 Futurewei Inc. 863 2330 Central Expressway 864 Santa Clara, CA 95055 865 USA 867 Email: michael.mcbride@huawei.com 869 Dorothy Stanley 870 Hewlett Packard Enterprise 871 2000 North Naperville Rd. 872 Naperville, IL 60566 873 USA 875 Phone: +1 630 979 1572 876 Email: dstanley@arubanetworks.com 878 Warren Kumari 879 Google 880 1600 Amphitheatre Parkway 881 Mountain View, CA 94043 882 USA 884 Email: warren@kumari.net 885 Juan Carlos Zuniga 886 SIGFOX 887 425 rue Jean Rostand 888 Labege 31670 889 France 891 Email: j.c.zuniga@ieee.org