idnits 2.17.1 draft-thubert-6lo-rfc6775-update-reqs-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 2) being 60 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (August 22, 2014) is 3535 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC3775' is defined on line 675, but no explicit reference was found in the text == Unused Reference: 'RFC4291' is defined on line 678, but no explicit reference was found in the text == Unused Reference: 'RFC4443' is defined on line 684, but no explicit reference was found in the text == Unused Reference: 'I-D.hong-6lo-ipv6-over-nfc' is defined on line 736, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6lo-dect-ule' is defined on line 753, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6tisch-terminology' is defined on line 765, but no explicit reference was found in the text == Unused Reference: 'RFC3963' is defined on line 780, but no explicit reference was found in the text == Unused Reference: 'RFC3972' is defined on line 787, but no explicit reference was found in the text == Unused Reference: 'RFC4389' is defined on line 790, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 3775 (Obsoleted by RFC 6275) ** Obsolete normative reference: RFC 6830 (Obsoleted by RFC 9300, RFC 9301) == Outdated reference: A later version (-07) exists of draft-chakrabarti-nordmark-6man-efficient-nd-04 == Outdated reference: A later version (-03) exists of draft-hong-6lo-ipv6-over-nfc-01 == Outdated reference: A later version (-08) exists of draft-ietf-6lo-6lobac-00 == Outdated reference: A later version (-17) exists of draft-ietf-6lo-btle-02 == Outdated reference: A later version (-09) exists of draft-ietf-6lo-dect-ule-00 == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-01 == Outdated reference: A later version (-10) exists of draft-ietf-6tisch-terminology-00 Summary: 3 errors (**), 0 flaws (~~), 18 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6Lo P. Thubert, Ed. 3 Internet-Draft cisco 4 Intended status: Standards Track August 22, 2014 5 Expires: February 21, 2015 7 Requirements for an update to 6LoWPAN ND 8 draft-thubert-6lo-rfc6775-update-reqs-04 10 Abstract 12 Work presented at the ROLL, 6lo, 6TiSCH and 6MAN Working Groups 13 suggest that enhancements to the 6LoWPAN ND mechanism are now needed. 14 This document elaborates on those requirements and suggests 15 approaches to serve them. 17 Status of this Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at http://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on February 21, 2015. 34 Copyright Notice 36 Copyright (c) 2014 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents (http://trustee.ietf.org/ 41 license-info) in effect on the date of publication of this document. 42 Please review these documents carefully, as they describe your rights 43 and restrictions with respect to this document. Code Components 44 extracted from this document must include Simplified BSD License text 45 as described in Section 4.e of the Trust Legal Provisions and are 46 provided without warranty as described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 51 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 52 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 53 3.1. RPL Leaf Support in 6LoWPAN ND . . . . . . . . . . . . . . 5 54 3.2. registration Failures Due to Movement . . . . . . . . . . 6 55 3.3. Proxy registration . . . . . . . . . . . . . . . . . . . . 6 56 3.4. Target Registration . . . . . . . . . . . . . . . . . . . 6 57 3.5. RPL root vs. 6LBR . . . . . . . . . . . . . . . . . . . . 7 58 3.6. Securing the Registration . . . . . . . . . . . . . . . . 7 59 4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 8 60 4.1. Requirements Related to Mobility . . . . . . . . . . . . . 8 61 4.2. Requirements Related to Routing Protocols . . . . . . . . 9 62 4.3. Requirements Related to the Variety of Low-Power Link types 9 63 4.4. Requirements Related to Proxy Operations . . . . . . . . . 10 64 4.5. Requirements Related to Security . . . . . . . . . . . . . 10 65 4.6. Requirements Related to Low-Power devices . . . . . . . . 11 66 5. Suggested Changes to Protocol Elements . . . . . . . . . . . . 11 67 5.1. ND Neighbor Solicitation (NS) . . . . . . . . . . . . . . 11 68 5.2. ND Router Advertisement (RA) . . . . . . . . . . . . . . . 12 69 5.3. RPL DODAG Information Object (DIO) . . . . . . . . . . . . 12 70 5.4. ND Enhanced Address Registration Option (EARO) . . . . . . 12 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 75 9.1. Normative References . . . . . . . . . . . . . . . . . . . 14 76 9.2. Informative References . . . . . . . . . . . . . . . . . . 15 77 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 16 79 1. Introduction 81 A number of use cases, including the Industrial Internet, require a 82 large scale deployment of sensors that can not be realized with wires 83 and is only feasible over wireless Low power and Lossy Network (LLN) 84 technologies. When simpler hub-and-spoke topologies are not 85 sufficient for the expected throughput and density, mesh networks 86 must be deployed, which implies the concepts of hosts and routers, 87 whether operated at Layer-2 or Layer-3. 89 The IETF has designed the LLN host-to-router and router-to-router 90 protocol that supports address assignment and the router-to-router 91 protocol that supports reachability across Route-Over LLNs in 92 different Areas. It was clear for both efforts that the scalability 93 requirements could only be met with IPv6 [RFC2460], and there is no 94 fundamental contradiction between those protocols to that regard. 96 While DHCPv6 is still a viable option in LLNs, the new IETF standard 97 that supports address assignment specifically for LLNs is 6LoWPAN ND, 98 the Neighbor Discovery Optimization for Low-power and Lossy Networks 99 [RFC6775]. 6LoWPAN ND was designed as a stand-alone mechanism 100 separately from its IETF routing counterpart, the IPv6 Routing 101 Protocol for Low power and Lossy Networks [RFC6550] (RPL), and the 102 interaction between the 2 protocols was not defined. 104 The 6TiSCH WG is now considering an architecture [I-D.ietf-6tisch- 105 architecture] whereby a 6LowPAN ND host could connect to the Internet 106 via a RPL Network, but this requires additions to the protocol to 107 support mobility and reachability in a secured and manageable 108 environment. 110 At the same time, new work at 6MAN on Efficiency aware IPv6 Neighbor 111 Discovery Optimizations [I-D.chakrabarti-nordmark-6man-efficient-nd] 112 suggests that 6LoWPAN ND can be extended to other types of networks 113 on top of the Low power and Lossy Networks (LLNs) for which it was 114 already defined. The value of such extension is especially apparent 115 in the case of mobile wireless devices, to reduce the multicast 116 operations that are related to classical ND ([RFC4861], [RFC4862]) 117 and plague the wireless medium. In this context also, there is a 118 need for additions to the protocol. 120 The Optimistic Duplicate Address Detection [RFC4429] (ODAD) 121 specification details how an address can be used before a Duplicate 122 Address Detection (DAD) is complete, and insists that an address that 123 is TENTATIVE should not be associated to a Source Link-Layer Address 124 Option in a Neighbor Solicitation message. As we expect the 6LoWPAN 125 ND protocol for a more general use, it can make sense to keep 126 respecting that rule, which is another change to the specification. 128 This document suggests a limited evolution to [RFC6775] so as to 129 allow operation of a 6LoWPAN ND node as a leaf in a RPL network. It 130 also suggests a more generalized use of the information in the ARO 131 option outside of the strict LLN domain, for instance over a 132 converged backbone. 134 2. Terminology 136 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 137 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 138 document are to be interpreted as described in [RFC2119]. 140 Readers are expected to be familiar with all the terms and concepts 141 that are discussed in "Neighbor Discovery for IP version 6" 142 [RFC4861], "IPv6 Stateless Address Autoconfiguration" [RFC4862], 143 "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 144 Overview, Assumptions, Problem Statement, and Goals" [RFC4919], 145 Neighbor Discovery Optimization for Low-power and Lossy Networks 146 [RFC6775] and "Transmission of IPv6 Packets over IEEE 802.15.4 147 Networks" [RFC4944]. 149 Additionally, this document uses terminology from 6TiSCH [I-D.ietf- 150 6tisch-terminology] and ROLL [RFC7102]. 152 3. Overview 154 The 6TiSCH architecture [I-D.ietf-6tisch-architecture] expects that 155 a 6LoWPAN device can connect as a leaf to a RPL network, where the 156 leaf support is the minimal functionality to connect as a host to a 157 RPL network without the need to participate to the full routing 158 protocol. The support of leaf can be implemented as a minor 159 increment to 6LoWPAN ND, with the additional capability to carry a 160 sequence number that is used to track the movements of the device, 161 and optionally some information about the RPL topology that this 162 device will join. 164 The scope of the 6TiSCH Architecture is a Backbone Link that 165 federates multiple LLNs as a single IPv6 Multi-Link Subnet. Each LLN 166 in the subnet is anchored at a Backbone Router (6BBR). The Backbone 167 Routers interconnect the LLNs over the Backbone Link and emulate that 168 the LLN nodes are present on the Backbone by proxy-ND operations. An 169 LLN node can move freely from an LLN Route-Over mesh anchored at a 170 Backbone Router to another anchored at a same or a different Backbone 171 Router inside the Multi-Link Subnet and conserve its addresses. 173 ---+------------------------ 174 | Plant Network 175 | 176 +-----+ 177 | | Gateway 178 | | 179 +-----+ 180 | 181 | Backbone Link (with VLANs) 182 +--------------------+------------------+ 183 | | | 184 +-----+ +-----+ +-----+ 185 | | Backbone | | Backbone | | Backbone 186 | | router | | router | | router 187 +-----+ +-----+ +-----+ 188 | | | | | | 189 0 0 0 0 0 (6LBR == RPL root) 190 o o o o o o o o o o o o o o 191 o o o o o o o o o o (6LR == RPL router) 192 o o o o o o o z 193 o o o o o z 194 RPL Instances (6LoWPAN Host == RPL leaf) 196 The root of the RPL topology is logically separated from the 6BBR 197 that is used to connect the RPL topology to the backbone. The RPL 198 root can use Efficient ND as the interface to register an LLN node in 199 its topology to the 6BBR for whatever operation the 6BBR performs, 200 such as ND proxy operations, or injection in a routing protocol. It 201 results that, as illustrated in Figure 2, the periodic signaling 202 could start at the leaf node with 6LoWPAN ND, then would be carried 203 over RPL to the RPL root, and then with Efficient-ND to the 6BBR. 205 Efficient ND being an adaptation of 6LoWPAN ND, it makes sense to 206 keep those two homogeneous in the way they use the source and the 207 target addresses in the Neighbor Solicitation (NS) messages for 208 registration, as well as in the options that they use for that 209 process. 211 6LoWPAN Node 6LR 6LBR 6BBR 212 (RPL leaf) (router) (root) 213 | | | | 214 | 6LoWPAN ND |6LoWPAN ND+RPL | Efficient ND | IPv6 ND 215 | LLN link |Route-Over mesh| IPv6 link | Backbone 216 | | | | 217 | NS(ARO) | | | 218 |-------------->| | | 219 | 6LoWPAN ND | DAR (then DAO)| | 220 | |-------------->| | 221 | | | NS(ARO) | 222 | | |-------------->| 223 | | | | DAD 224 | | | |------> 225 | | | | 226 | | | NA(ARO) | 227 | | |<--------------| 228 | | DAC | | 229 | |<--------------| | 230 | NA(ARO) | | | 231 |<--------------| | | 233 As the network builds up, a node should start as a leaf to join the 234 RPL network, and may later turn into both a RPL-capable router and a 235 6LR, so as to accept leaf nodes to recursively join the network. 237 3.1. RPL Leaf Support in 6LoWPAN ND 239 RPL needs a set of information in order to advertise a leaf node 240 through a DAO message and establish reachability. 242 At the bare minimum the leaf device must provide a sequence number 243 that matches the RPL specification in section 7. [I-D.chakrabarti- 244 nordmark-6man-efficient-nd] section "4.1. Address Registration 245 Option" (ARO) already incorporates that addition with a new field in 246 the option called the Transaction ID. 248 If for some reason the node is aware of RPL topologies, then 249 providing the RPL InstanceID for the instances to which the node 250 wishes to participate would be a welcome addition. In the absence of 251 such information, the RPL router must infer the proper instanceID 252 from external rules and policies. 254 On the backbone, the InstanceID is expected to be mapped onto a 255 VLANID. Neither WiFi nor Efficient ND do provide a mapping to 256 VLANIDs, and it is unclear, when a wireless node attaches to a 257 backbone where VLANs are defined, which VLAN the wireless device 258 attaches to. Considering that a VLAN is effectively the IP link on 259 the backbone, adding the InstanceID to both specifications could be a 260 welcome addition. 262 3.2. registration Failures Due to Movement 264 Registration to the 6LBR through DAR/DAC messages [RFC6775] may 265 percolate slowly through an LLN mesh, and it might happen that in the 266 meantime, the 6LoWPAN node moves and registers somewhere else. Both 267 RPL and 6LoWPAN ND lack the capability to indicate that the same node 268 is registered elsewhere, so as to invalidate states down the 269 deprecated path. 271 In its current expression and functionality, 6LoWPAN ND considers 272 that the registration is used for the purpose of DAD only as opposed 273 to that of achieving reachability, and as long as the same node 274 registers the IPv6 address, the protocol is functional. In order to 275 act as a RPL leaf registration protocol and achieve reachability, the 276 device must use the same TID for all its concurrent registrations, 277 and registrations with a past TID should be declined. The state for 278 an obsolete registration in the 6LR, as well as the RPL routers on 279 the way, should be invalidated. This can only be achieved with the 280 addition of a new Status in the DAC message, and a new error/clean-up 281 flow in RPL. 283 3.3. Proxy registration 285 The 6BBR provides the capability to defend an address that is owned 286 by a 6LoWPAN Node, and attract packets to that address, whether it is 287 done by proxying ND over a MultiLink Subnet, redistributing the 288 address in a routing protocol or advertising it through an alternate 289 proxy registration such as the Locator/ID Separation Protocol 290 [RFC6830] (LISP) or Mobility Support in IPv6 [RFC6275] (MIPv6). In a 291 LLN, it makes sense to piggyback the request to proxy/defend an 292 address with its registration. 294 3.4. Target Registration 295 In their current incarnations, both 6LoWPAN ND and Efficient ND 296 expect that the address being registered is the source of the NS(ARO) 297 message and thus impose that a Source Link-Layer Address (SLLA) 298 option be present in the message. In a mesh scenario where the 6LBR 299 is physically separated from the 6LoWPAN Node, the 6LBR does not own 300 the address being registered. This suggests that [I-D.chakrabarti- 301 nordmark-6man-efficient-nd] should evolve to register the Target of 302 the NS message as opposed to the Source Address. From another 303 perspective, it may happen, in the use case of a Star topology, that 304 the 6LR, 6LBR and 6BBR are effectively collapsed and should support 305 6LoWPAN ND clients. The convergence of efficient ND and 6LoWPAN ND 306 into a single protocol is thus highly desirable. 308 In any case, as long as the DAD process is not complete for the 309 address used as source of the packet, it is against the current 310 practice to advertise the SLLA, since this may corrupt the ND cache 311 of the destination node, as discussed in the Optimistic DAD 312 specification [RFC4429] with regards to the TENTATIVE state. 314 This may look like a chicken and an egg problem, but in fact 6LoWPAN 315 ND acknowledges that the Link-Local Address that is based on an 316 EUI-64 address of a LLN node may be autoconfigured without the need 317 for DAD. It results that a node could use that Address as source, 318 with an SSLA option in the message if required, to register any other 319 addresses, either Global or Unique-Local Addresses, which would be 320 indicated in the Target. 322 The suggested change is to register the target of the NS message, and 323 use Target Link-Layer Address (TLLA) in the NS as opposed to the SLLA 324 in order to install a Neighbor Cache Entry. This would apply to both 325 Efficient ND and 6LoWPAN ND in a very same manner, with the caveat 326 that depending on the nature of the link between the 6LBR and the 327 6BBR, the 6LBR may resort to classical ND or DHCPv6 to obtain the 328 address that it uses to source the NS registration messages, whether 329 for itself or on behalf of LLN nodes. 331 3.5. RPL root vs. 6LBR 333 6LoWPAN ND is unclear on how the 6LBR is discovered, and how the 334 liveliness of the 6LBR is asserted over time. On the other hand, the 335 discovery and liveliness of the RPL root are obtained through the RPL 336 protocol. 338 When 6LoWPAN ND is coupled with RPL, it makes sense to collocate the 339 6LBR and the RPL root functionalities. The DAR/DAC exchange becomes 340 a preamble to the DAO messages that are used from then on to 341 reconfirm the registration, thus eliminating a duplication of 342 functionality between DAO and DAR messages. 344 3.6. Securing the Registration 345 A typical attack against IPv6 ND is address spoofing, whereby a rogue 346 node claims the IPv6 Address of another node in and hijacks its 347 traffic. 349 SEcure Neighbor Discovery (SEND) [RFC3971] is designed to protect 350 each individual ND lookup/advertisement in a peer to peer model where 351 each lookup may be between different parties. This is not the case 352 in a 6LoWPAN ND LLN where, as illustrated in Figure 2, the 6LBR 353 terminates all the flows and may store security information for later 354 validation. 356 Additionally SEND requires considerably enlarged ND messages to carry 357 cryptographic material, and requires that each protected address is 358 generated cryptographically, which implies the computation of a 359 different key for each Cryptographically Generated Address (CGA). 360 SEND as defined in [RFC3971] is thus largely unsuitable for 361 application in a LLN. 363 Once an Address is registered, the 6LBR maintains a state for that 364 Address and is in position to bind securely the first registration 365 with the Node that placed it, whether the Address is CGA or not. It 366 should thus be possible to protect the ownership of all the addresses 367 of a 6LoWPAN Node with a single key, and there should not be a need 368 to carry the cryptographic material more than once to the 6LBR. 370 The energy constraint is usually a foremost factor, and attention 371 should be paid to minimize the burden on the CPU. Hardware-assisted 372 support of variants of the Counter with CBC-MAC [RFC3610] (CCM) 373 authenticated encryption block cipher mode such as CCM* are common in 374 LowPower ship-set implementations, and 6LoWPAN ND security mechanism 375 should be capable to reuse them when applicable. 377 Finally, the code footprint in the device being also an issue, the 378 capability to reuse not only hardware-assist mechanisms but also 379 software across layers has to be considered. For instance, if code 380 has to be present for upper-layer operations, e.g AES-CCM Cipher 381 Suites for Transport Layer Security (TLS) [RFC6655], then the 382 capability to reuse that code should be considered. 384 4. Requirements 386 4.1. Requirements Related to Mobility 388 Due to the nature of LLN networks, even a fixed 6LoWPAN Node may 389 change its point of attachment (a 6LR) and may not be able to notify 390 the 6LR that it has disconnected from. It results that the previous 391 6LR may still attract traffic that it cannot deliver any more. When 392 the 6LR changes, there is thus a need to identify stale states and 393 restore reachability timely. 395 Req1.1: Upon a change of point of attachment, connectivity via a new 396 6LR MUST be restored timely without the need to de-register from the 397 previous 6LR. 399 Req1.2: For that purpose, the protocol MUST enable to differentiate 400 multiple registrations from a same 6LoWPAN Node from two different 401 6LoWPAN Nodes claiming a same address. 403 Req1.3: This information MUST be passed from the 6LR to the 6LBR, and 404 the 6LBR SHOULD be able to clean up the stale state asynchronously in 405 the previous 6LR. 407 Req1.4: A 6LoWPAN Node SHOULD also be capable to register a same 408 Address to multiple 6LRs, and this, concurrently. 410 4.2. Requirements Related to Routing Protocols 412 The point of attachment of a 6LoWPAN Node may be a 6LR in an LLN 413 mesh. An LLN route-over mesh is typically based on RPL, which is the 414 routing protocol that was defined at the IETF for this particular 415 purpose. It derives that in this scenario, the 6LR would classically 416 support RPL. One goal is that a 6LoWPAN Node attached via ND to a 417 RPL-capable 6LR would not need to participate to the RPL protocol to 418 obtain reachability via the 6LR. An additional goal would be to 419 obtain reachability via other routing protocols through a same ND- 420 based abstraction. 422 Related requirements are: 424 Req2.1: The ND registration method SHOULD be extended in such a 425 fashion that the 6LR MAY advertise the Address of a 6LoWPAN Node over 426 RPL and obtain reachability to that Address over the RPL domain. 428 Req2.2: The Address Registration Option that is used in the ND 429 registration SHOULD be extended to carry enough information to 430 generate a DAO message as specified in [RFC6550] section 6.4, in 431 particular the capability to compute a DAOSequence and, as an option, 432 a RPLInstanceID. 434 Req2.3: Depending on their applicability to LLNs, other standard mesh 435 /MANET protocols MAY be considered as well. 437 4.3. Requirements Related to the Variety of Low-Power Link types 439 6LoWPAN ND [RFC6775] was defined with a focus on IEEE802.15.4 and in 440 particular the capability to derive a unique Identifier from a 441 globally unique MAC-64 address. At this point, the 6lo Working Group 442 is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique 443 to other link types ITU-T G.9959 [I-D.brandt-6man-lowpanz], Master- 444 Slave/Token-Passing [I-D.ietf-6lo-6lobac], DECT Ultra Low Energy [I-D 445 .ietf-6lo-dect-ule], Near Field Communication [I-D.hong-6lo-ipv6 446 -over-nfc], as well as IEEE1901.2 Narrowband Powerline Communication 447 Networks [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] and 448 BLUETOOTH(R) Low Energy [I-D.ietf-6lo-btle]. 450 Related requirements are: 452 Req3.1: The support of the registration mechanism SHOULD be extended 453 to more LLN links, matching at least the links that are considered by 454 6lo as well as other popular Low-Power links such as Low-Power Wi-Fi. 456 Req3.2: As part of this extension, a mechanism to compute a unique 457 Identifier should be provided, with the capability to form a Link- 458 Local Address that can not be a duplicate. The Identifier SHOULD be 459 unique at least to the domain where an Address formed by this device 460 may be advertised through ND mechanisms. 462 Req3.3: The Address Registration Option used in the ND registration 463 SHOULD be extended to carry the relevant forms of unique Identifier. 465 4.4. Requirements Related to Proxy Operations 467 Sleeping devices may not be able to answer themselves to a lookup 468 from a node that uses classical ND on a backbone and may need a proxy 469 operation by a 6BBR. Additionally, the device may need to rely on the 470 6LBR to perform that registration to the 6BBR. 472 Related requirements are: 474 Req4.1: The registration mechanism SHOULD enable a third party to 475 proxy register an Address on behalf of a 6LoWPAN node that may be 476 sleeping or located deeper in an LLN mesh. 478 4.5. Requirements Related to Security 480 In order to guarantee the operations of the 6LoWPAN ND flows, the 481 spoofing of the 6LR, 6LBR and 6BBRs roles should be avoided. Once a 482 node successfully registers an address, 6LoWPAN ND should provide 483 energy-efficient means to protect that ownership even if the node is 484 sleeping. In particular, the 6LR and the 6LBR then should be able to 485 verify whether a subsequent registration for a same Address comes 486 from a same node or is a duplicate. 488 Related requirements are: 490 Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 491 the 6LR, 6LBR and 6BBR to authenticate and authorize one another for 492 their respective roles, as well as with the 6LoWPAN Node for the role 493 of 6LR. 495 Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 496 the 6LR and the 6LBR to validate whether a new registration 497 corresponds to a same 6LoWPAN Node, and, if not, determine the 498 rightful owner, and deny or clean-up the registration that is deemed 499 in excess. 501 Req5.3: 6LoWPAN ND security mechanisms SHOULD lead to small packet 502 sizes. In particular, the NS, NA, DAR and DAC messages for a re- 503 registration flow SHOULD NOT exceed 80 octets so as to fit in a 504 secured IEEE802.15.4 frame. 506 Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be 507 computationally intensive on the LoWPAN Node CPU. When a Key hash 508 calculation is employed, a mechanism lighter than SHA-1 SHOULD be 509 preferred. 511 Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate 512 SHOULD be minimized. 514 Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable CCM* for use 515 at both Layer 2 and Layer 3, and SHOULD enable the reuse of security 516 code that has to be present on the device for upper layer security 517 such as TLS. 519 Req5.7: Public key and signature sizes SHOULD be minimized while 520 maintaining adequate confidentiality and data origin authentication 521 for multiple types of applications with various degrees of 522 criticality. 524 4.6. Requirements Related to Low-Power devices 526 The ND registration method is designed to save energy on Low-Power 527 devices, and in particular enable duty-cycled devices that are 528 sleeping most of the time and not capable to defend their own 529 Addresses against always-on devices. 531 Related requirements are: 533 Req6.1: The registration mechanism SHOULD be applicable to a Low- 534 Power device regardless of the link type, and enable a 6BBR to 535 operate as a proxy to defend the registered Addresses on its behalf. 537 5. Suggested Changes to Protocol Elements 539 5.1. ND Neighbor Solicitation (NS) 541 The NS message used for registration should use a source address that 542 respects the rules in [RFC6775], [RFC4861], and [RFC4429] for DAD. 543 The SLLA Option may be present but only if the address passed DAD, 544 and it is used to allow the 6LR to respond as opposed to as a 545 registration mechanism. 547 The address that is being registered is the target address in the NS 548 message and the TLLA Option must be present. 550 5.2. ND Router Advertisement (RA) 552 [I-D.chakrabarti-nordmark-6man-efficient-nd] adds an 'E' bit in the 553 Router Advertisement flag, as well as a new Registrar Address Option 554 (RAO). These fields are probably pertinent to LLNs inclusion into a 555 revised 6LoWPAN ND should be studied. If the new 6LoWPAN flows 556 require a change of behaviour (e.g. registering the Target of the NS 557 message) then the RA must indicate that the router supports the new 558 capability, and the NS must indicate that the Target is registered as 559 opposed to the Source in an unequivocal fashion. 561 There is some amount of duplication between the options in the RPL 562 DIO [RFC6550] and the options in the ND RA messages. At the same 563 time, there are a number of options, including the 6LoWPAN Context 564 Option (6CO) [RFC6775], the MTU and the SLLA Options [RFC4861] that 565 can only be found in the RA messages. Considering that these options 566 are useful for a joining node, the recommendation would be to 567 associate the RA messages to the join beacon, and make them rare when 568 the network is stable. On the other hand, the DIO message is to be 569 used as the propagated heartbeat of the RPL network and provide the 570 sense of time and liveliness. 572 RAs should also be issued and the information therein propagated when 573 a change occurs in the information therein, such as a router or a 574 prefix lifetime. 576 5.3. RPL DODAG Information Object (DIO) 578 If the RPL root serves as 6LBR, it makes sense to add at least a bit 579 of information in the DIO to signal so. A Registrar Address Option 580 (RAO) may also be considered for addition. 582 5.4. ND Enhanced Address Registration Option (EARO) 584 The ARO option contains a Unique ID that is supposed to identify the 585 device across multiple registrations. It is envisioned that the 586 device could form a single CGA-based Unique Interface ID (CUID) to 587 securely bind all of its addresses. The CUID would be used as Unique 588 Interface Identifier in the ARO option and to form a Link-Local 589 address that would be deemed unique regardless of the Link type. 590 Provided that the relevant cryptographic material is passed to the 591 6LBR upon the first registration or on-demand at a later time, the 592 6LBR can validate that a Node is effectively the owner of a CUID, and 593 ensure that the ownership of an Address stays with the CUID that 594 registered it first. 596 This option is designed to be used with standard NS and NA messages 597 between backbone Routers as well as between nodes and 6LRs over the 598 LLN and between the 6LBR and the 6BBR over whatever IP link they use 599 to communicate. 601 0 1 2 3 602 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 603 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 604 | Type | Length | Status | RPLInstanceID | 605 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 606 |Res|P|N| IDS |T| TID | Registration Lifetime | 607 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 608 | | 609 ~ Unique Interface Identifier (variable length) ~ 610 | | 611 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 613 The representation above is based on [I-D.chakrabarti-nordmark-6man- 614 efficient-nd]. Only the proposed changes from that specification are 615 discussed below but the expectation is that 6LoWPAN ND and Efficient 616 ND converge on the ARO format. 618 Status: 8-bit integer. A new value of 3 is suggested to indicate a 619 rejection due to an obsolete TID, typically an indication of a 620 movement. 622 RPLInstanceID: 8-bit integer. This field is set to 0 when unused. 623 Otherwise it contains the RPLInstanceID for which this address is 624 registered, as specified in RPL [RFC6550], and discussed in 625 particular in section 3.1.2. 627 P: One bit flag. When the bit is set, the address being registered 628 is Target of the NS as opposed to the Source, for instance to 629 enable ND proxy operation. 631 N: One bit flag. Set if the device moved. If not set, the 6BBR will 632 refrain from sending gratuitous NA(O) or other form of distributed 633 ND cache clean-up over the backbone. For instance, the flag 634 should be reset after the DAD operation upon address formation. 636 6. Security Considerations 638 This specification expects that the link layer is sufficiently 639 protected, either by means of physical or IP security for the 640 Backbone Link or MAC sublayer cryptography. In particular, it is 641 expected that the LLN MAC provides secure unicast to/from the 642 Backbone Router and secure broadcast from the Backbone Router in a 643 way that prevents tempering with or replaying the RA messages. 644 Still, Section 4.5 has a requirement for a mutual authentication and 645 authorization for a role for 6LRs, 6LBRs and 6BBRs. 647 This documents also suggests in Section 5.4 that a 6LoWPAN Node could 648 form a single Unique Interface ID (CUID) based on cryptographic 649 techniques similar to CGA. The CUID would be used as Unique 650 Interface Identifier in the ARO option and new Secure ND procedures 651 would be proposed to use it as opposed to the source IPv6 address to 652 secure the binding between an Address and its owning Node, and 653 enforce First/Come-First/Serve at the 6LBR. 655 7. IANA Considerations 657 A new type is requested for an ND option. 659 8. Acknowledgments 661 The author wishes acknowledge the contributions by Samita 662 Chakrabarti, Erik Normark, JP Vasseur, Eric Levy-Abegnoli, Patrick 663 Wetterwald, Thomas Watteyne, and Behcet Sarikaya. 665 9. References 667 9.1. Normative References 669 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 670 Requirement Levels", BCP 14, RFC 2119, March 1997. 672 [RFC2460] Deering, S.E. and R.M. Hinden, "Internet Protocol, Version 673 6 (IPv6) Specification", RFC 2460, December 1998. 675 [RFC3775] Johnson, D., Perkins, C. and J. Arkko, "Mobility Support 676 in IPv6", RFC 3775, June 2004. 678 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 679 Architecture", RFC 4291, February 2006. 681 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) 682 for IPv6", RFC 4429, April 2006. 684 [RFC4443] Conta, A., Deering, S. and M. Gupta, "Internet Control 685 Message Protocol (ICMPv6) for the Internet Protocol 686 Version 6 (IPv6) Specification", RFC 4443, March 2006. 688 [RFC4861] Narten, T., Nordmark, E., Simpson, W. and H. Soliman, 689 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 690 September 2007. 692 [RFC4862] Thomson, S., Narten, T. and T. Jinmei, "IPv6 Stateless 693 Address Autoconfiguration", RFC 4862, September 2007. 695 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J. and D. Culler, 696 "Transmission of IPv6 Packets over IEEE 802.15.4 697 Networks", RFC 4944, September 2007. 699 [RFC6275] Perkins, C., Johnson, D. and J. Arkko, "Mobility Support 700 in IPv6", RFC 6275, July 2011. 702 [RFC6282] Hui, J. and P. Thubert, "Compression Format for IPv6 703 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 704 September 2011. 706 [RFC6550] Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., 707 Levis, P., Pister, K., Struik, R., Vasseur, JP. and R. 708 Alexander, "RPL: IPv6 Routing Protocol for Low-Power and 709 Lossy Networks", RFC 6550, March 2012. 711 [RFC6655] McGrew, D. and D. Bailey, "AES-CCM Cipher Suites for 712 Transport Layer Security (TLS)", RFC 6655, July 2012. 714 [RFC6775] Shelby, Z., Chakrabarti, S., Nordmark, E. and C. Bormann, 715 "Neighbor Discovery Optimization for IPv6 over Low-Power 716 Wireless Personal Area Networks (6LoWPANs)", RFC 6775, 717 November 2012. 719 [RFC6830] Farinacci, D., Fuller, V., Meyer, D. and D. Lewis, "The 720 Locator/ID Separation Protocol (LISP)", RFC 6830, January 721 2013. 723 9.2. Informative References 725 [I-D.brandt-6man-lowpanz] 726 Brandt, A. and J. Buron, "Transmission of IPv6 packets 727 over ITU-T G.9959 Networks", Internet-Draft draft-brandt- 728 6man-lowpanz-02, June 2013. 730 [I-D.chakrabarti-nordmark-6man-efficient-nd] 731 Chakrabarti, S., Nordmark, E., Thubert, P. and M. 732 Wasserman, "Wired and Wireless IPv6 Neighbor Discovery 733 Optimizations", Internet-Draft draft-chakrabarti-nordmark- 734 6man-efficient-nd-04, October 2013. 736 [I-D.hong-6lo-ipv6-over-nfc] 737 Hong, Y., Choi, Y., Youn, J., Kim, D. and J. Choi, 738 "Transmission of IPv6 Packets over Near Field 739 Communication", Internet-Draft draft-hong-6lo-ipv6-over- 740 nfc-01, August 2014. 742 [I-D.ietf-6lo-6lobac] 743 Lynn, K., Martocci, J., Neilson, C. and S. Donaldson, 744 "Transmission of IPv6 over MS/TP Networks", Internet-Draft 745 draft-ietf-6lo-6lobac-00, July 2014. 747 [I-D.ietf-6lo-btle] 748 Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 749 Shelby, Z. and C. Gomez, "Transmission of IPv6 Packets 750 over BLUETOOTH(R) Low Energy", Internet-Draft draft-ietf- 751 6lo-btle-02, June 2014. 753 [I-D.ietf-6lo-dect-ule] 754 Mariager, P., Petersen, J., Shelby, Z., Logt, M. and D. 755 Barthel, "Transmission of IPv6 Packets over DECT Ultra Low 756 Energy", Internet-Draft draft-ietf-6lo-dect-ule-00, June 757 2014. 759 [I-D.ietf-6tisch-architecture] 760 Thubert, P., Watteyne, T. and R. Assimiti, "An 761 Architecture for IPv6 over the TSCH mode of IEEE 762 802.15.4e", Internet-Draft draft-ietf-6tisch- 763 architecture-01, February 2014. 765 [I-D.ietf-6tisch-terminology] 766 Palattella, M., Thubert, P., Watteyne, T. and Q. Wang, 767 "Terminology in IPv6 over the TSCH mode of IEEE 768 802.15.4e", Internet-Draft draft-ietf-6tisch- 769 terminology-00, November 2013. 771 [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] 772 Popa, D. and J. Hui, "6LoPLC: Transmission of IPv6 Packets 773 over IEEE 1901.2 Narrowband Powerline Communication 774 Networks", Internet-Draft draft-popa-6lo-6loplc-ipv6-over- 775 ieee19012-networks-00, March 2014. 777 [RFC3610] Whiting, D., Housley, R. and N. Ferguson, "Counter with 778 CBC-MAC (CCM)", RFC 3610, September 2003. 780 [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A. and P. 781 Thubert, "Network Mobility (NEMO) Basic Support Protocol", 782 RFC 3963, January 2005. 784 [RFC3971] Arkko, J., Kempf, J., Zill, B. and P. Nikander, "SEcure 785 Neighbor Discovery (SEND)", RFC 3971, March 2005. 787 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 788 RFC 3972, March 2005. 790 [RFC4389] Thaler, D., Talwar, M. and C. Patel, "Neighbor Discovery 791 Proxies (ND Proxy)", RFC 4389, April 2006. 793 [RFC4919] Kushalnagar, N., Montenegro, G. and C. Schumacher, "IPv6 794 over Low-Power Wireless Personal Area Networks (6LoWPANs): 795 Overview, Assumptions, Problem Statement, and Goals", RFC 796 4919, August 2007. 798 [RFC7102] Vasseur, JP., "Terms Used in Routing for Low-Power and 799 Lossy Networks", RFC 7102, January 2014. 801 Author's Address 802 Pascal Thubert, editor 803 Cisco Systems, Inc 804 Building D 805 45 Allee des Ormes - BP1200 806 MOUGINS - Sophia Antipolis, 06254 807 FRANCE 809 Phone: +33 497 23 26 34 810 Email: pthubert@cisco.com