draft-ietf-6lo-rfc6775-update-13.txt   draft-ietf-6lo-rfc6775-update-14.txt 
6lo P. Thubert, Ed. 6lo P. Thubert, Ed.
Internet-Draft cisco Internet-Draft cisco
Updates: 6775 (if approved) E. Nordmark Updates: 6775 (if approved) E. Nordmark
Intended status: Standards Track Zededa Intended status: Standards Track Zededa
Expires: August 26, 2018 S. Chakrabarti Expires: August 27, 2018 S. Chakrabarti
Verizon Verizon
C. Perkins C. Perkins
Futurewei Futurewei
February 22, 2018 February 23, 2018
An Update to 6LoWPAN ND Registration Extensions for 6LoWPAN Neighbor Discovery
draft-ietf-6lo-rfc6775-update-13 draft-ietf-6lo-rfc6775-update-14
Abstract Abstract
This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to
clarify the role of the protocol as a registration technique, clarify the role of the protocol as a registration technique,
simplify the registration operation in 6LoWPAN routers, as well as to simplify the registration operation in 6LoWPAN routers, as well as to
provide enhancements to the registration capabilities and mobility provide enhancements to the registration capabilities and mobility
detection for different network topologies including the backbone detection for different network topologies including the backbone
routers performing proxy Neighbor Discovery in a low power network. routers performing proxy Neighbor Discovery in a low power network.
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 26, 2018. This Internet-Draft will expire on August 27, 2018.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Applicability of Address Registration Options . . . . . . . . 5 3. Applicability of Address Registration Options . . . . . . . . 4
4. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 5 4. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 5
4.1. Extended Address Registration Option (EARO) . . . . . . . 7 4.1. Extended Address Registration Option (EARO) . . . . . . . 6
4.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 7 4.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 7
4.2.1. Comparing TID values . . . . . . . . . . . . . . . . 7 4.2.1. Comparing TID values . . . . . . . . . . . . . . . . 8
4.3. Registration Unique ID . . . . . . . . . . . . . . . . . 9 4.3. Registration Unique ID . . . . . . . . . . . . . . . . . 9
4.4. Extended Duplicate Address Messages . . . . . . . . . . . 10 4.4. Extended Duplicate Address Messages . . . . . . . . . . . 10
4.5. Registering the Target Address . . . . . . . . . . . . . 10 4.5. Registering the Target Address . . . . . . . . . . . . . 10
4.6. Link-Local Addresses and Registration . . . . . . . . . . 11 4.6. Link-Local Addresses and Registration . . . . . . . . . . 11
4.7. Maintaining the Registration States . . . . . . . . . . . 12 4.7. Maintaining the Registration States . . . . . . . . . . . 12
5. Detecting Enhanced ARO Capability Support . . . . . . . . . . 14 5. Detecting Enhanced ARO Capability Support . . . . . . . . . . 14
6. Extended ND Options And Messages . . . . . . . . . . . . . . 14 6. Extended ND Options And Messages . . . . . . . . . . . . . . 14
6.1. Enhanced Address Registration Option (EARO) . . . . . . . 14 6.1. Enhanced Address Registration Option (EARO) . . . . . . . 14
6.2. Extended Duplicate Address Message Formats . . . . . . . 16 6.2. Extended Duplicate Address Message Formats . . . . . . . 17
6.3. New 6LoWPAN Capability Bits in the Capability Indication 6.3. New 6LoWPAN Capability Bits in the Capability Indication
Option . . . . . . . . . . . . . . . . . . . . . . . . . 17 Option . . . . . . . . . . . . . . . . . . . . . . . . . 18
7. Backward Compatibility . . . . . . . . . . . . . . . . . . . 18 7. Backward Compatibility . . . . . . . . . . . . . . . . . . . 18
7.1. Discovering the capabilities of an ND peer . . . . . . . 18 7.1. Discovering the capabilities of an ND peer . . . . . . . 19
7.1.1. Using the "E" Flag in the 6CIO . . . . . . . . . . . 18 7.1.1. Using the "E" Flag in the 6CIO . . . . . . . . . . . 19
7.1.2. Using the "T" Flag in the EARO . . . . . . . . . . . 18 7.1.2. Using the "T" Flag in the EARO . . . . . . . . . . . 19
7.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 19 7.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 20
7.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 19 7.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 20
7.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 20 7.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 21
8. Security Considerations . . . . . . . . . . . . . . . . . . . 20 8. Security Considerations . . . . . . . . . . . . . . . . . . . 21
9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 22 9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 22
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
10.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . 23 10.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . 23
10.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 23 10.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 24
10.3. New ARO Status values . . . . . . . . . . . . . . . . . 24 10.3. New ARO Status values . . . . . . . . . . . . . . . . . 25
10.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . 24 10.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . 25
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 25 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 26
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 26
12.1. Normative References . . . . . . . . . . . . . . . . . . 25 12.1. Normative References . . . . . . . . . . . . . . . . . . 26
12.2. Informative References . . . . . . . . . . . . . . . . . 26 12.2. Informative References . . . . . . . . . . . . . . . . . 27
12.3. External Informative References . . . . . . . . . . . . 30 12.3. External Informative References . . . . . . . . . . . . 31
Appendix A. Applicability and Requirements Served . . . . . . . 30 Appendix A. Applicability and Requirements Served . . . . . . . 31
Appendix B. Requirements . . . . . . . . . . . . . . . . . . . . 31 Appendix B. Requirements . . . . . . . . . . . . . . . . . . . . 32
B.1. Requirements Related to Mobility . . . . . . . . . . . . 31 B.1. Requirements Related to Mobility . . . . . . . . . . . . 32
B.2. Requirements Related to Routing Protocols . . . . . . . . 32 B.2. Requirements Related to Routing Protocols . . . . . . . . 33
B.3. Requirements Related to the Variety of Low-Power Link B.3. Requirements Related to the Variety of Low-Power Link
types . . . . . . . . . . . . . . . . . . . . . . . . . . 33 types . . . . . . . . . . . . . . . . . . . . . . . . . . 34
B.4. Requirements Related to Proxy Operations . . . . . . . . 34 B.4. Requirements Related to Proxy Operations . . . . . . . . 35
B.5. Requirements Related to Security . . . . . . . . . . . . 34 B.5. Requirements Related to Security . . . . . . . . . . . . 35
B.6. Requirements Related to Scalability . . . . . . . . . . . 35 B.6. Requirements Related to Scalability . . . . . . . . . . . 36
B.7. Requirements Related to Operations and Management . . . . 36 B.7. Requirements Related to Operations and Management . . . . 37
B.8. Matching Requirements with Specifications . . . . . . . . 36 B.8. Matching Requirements with Specifications . . . . . . . . 38
Appendix C. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . 38 Appendix C. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . 39
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39
1. Introduction 1. Introduction
The scope of this draft is an IPv6 Low Power Networks including star The scope of this draft is an IPv6 Low Power Network including star
and mesh topologies. This specification modifies and extends the and mesh topologies. This specification modifies and extends the
behavior and protocol elements of "Neighbor Discovery Optimization behavior and protocol elements of "Neighbor Discovery Optimization
for IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND) for IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND)
[RFC6775] to enable additional capabilities and enhancements such as: [RFC6775] to enable additional capabilities and enhancements such as:
o Support for indicating mobility vs retry (T-bit) o determining the freshest location in case of mobility (T-bit)
o Simplify the registration flow for link-local addresses o Simplifying the registration flow for link-local addresses
o Enhancement to Address Registration Option (ARO) o Support of a Leaf node in a route-over network
o Permitting registration of a target address o Proxy registration in a route-over network
o Clarification of support of privacy and temporary addresses o Registration to a IPv6 ND proxy over a Backbone Link
o Clarification of support for privacy and temporary addresses
The applicability of 6LoWPAN ND registration is discussed in
Section 3, and new extensions and updates to [RFC6775] are presented
in Section 4. Considerations on Backward Compatibility, Security and
Privacy are also elaborated upon in Section 7, Section 8 and in
Section 9, respectively.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
The Terminology used in this document is consistent with and The Terminology used in this document is consistent with and
incorporates that described in Terms Used in Routing for Low-Power incorporates that described in Terms Used in Routing for Low-Power
and Lossy Networks (LLNs). [RFC7102]. and Lossy Networks (LLNs). [RFC7102].
Other terms in use in LLNs are found in Terminology for Constrained- Other terms in use in LLNs are found in Terminology for Constrained-
Node Networks [RFC7228]. Node Networks [RFC7228].
A glossary of some classical 6LoWPAN acronyms such as ARO, 6LN, 6LBR
and 6CIO is given in Appendix C.
Readers are expected to be familiar with all the terms and concepts Readers are expected to be familiar with all the terms and concepts
that are discussed in that are discussed in
o "Neighbor Discovery for IP version 6" [RFC4861], o "Neighbor Discovery for IP version 6" [RFC4861],
o "IPv6 Stateless Address Autoconfiguration" [RFC4862], o "IPv6 Stateless Address Autoconfiguration" [RFC4862],
o "Problem Statement and Requirements for IPv6 over Low-Power o "Problem Statement and Requirements for IPv6 over Low-Power
Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606],
o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs):
Overview, Assumptions, Problem Statement, and Goals" [RFC4919], Overview, Assumptions, Problem Statement, and Goals" [RFC4919] and
o "Neighbor Discovery Optimization for Low-power and Lossy Networks" o "Neighbor Discovery Optimization for Low-power and Lossy Networks"
[RFC6775] and [RFC6775].
o "Multi-link Subnet Support in IPv6"
[I-D.ietf-ipv6-multilink-subnets],
as well as the following terminology: as well as the following terminology:
Backbone Link: An IPv6 transit link that interconnects two or more Backbone Link: An IPv6 transit link that interconnects two or more
Backbone Routers. It is expected to be of high speed compared Backbone Routers. It is expected to be of high speed compared
to the LLN in order to carry the traffic that is required to to the LLN in order to carry the traffic that is required to
federate multiple segments of the potentially large LLN into a federate multiple segments of the potentially large LLN into a
single IPv6 subnet. single IPv6 subnet.
Backbone Router: A logical network function in an IPv6 router that Backbone Router: A logical network function in an IPv6 router that
federates a LLN over a Backbone Link. In order to do so, the federates a LLN over a Backbone Link. In order to do so, the
Backbone Router (6BBR) proxies the 6LoWPAN ND operations Backbone Router (6BBR) proxies the 6LoWPAN ND operations
detailed in the document onto the matching operations that run detailed in this document onto the matching operations that run
over the backbone, typically IPv6 ND. Note that 6BBR is a over the backbone, typically IPv6 ND. Note that 6BBR is a
logical function, just like 6LR and 6LBR, and that a same logical function, just like 6LR and 6LBR, and that the same
physical router may operate all three. physical router may operate all three.
Extended LLN: The aggregation of multiple LLNs as defined in Extended LLN: The aggregation of multiple LLNs as defined in
[RFC4919], interconnected by a Backbone Link via Backbone [RFC4919], interconnected by a Backbone Link via Backbone
Routers, and forming a single IPv6 MultiLink Subnet. Routers, and forming a single IPv6 MultiLink Subnet.
Registration: The process during which a 6LN registers its Registration: The process during which a 6LN registers its
address(es) with the Border Router so the 6BBR can serve as address(es) with the Border Router so the 6BBR can serve as
proxy for ND operations over the Backbone. proxy for ND operations over the Backbone.
Binding: The association between an IP address with a MAC address, a Binding: The association between an IP address and a MAC address, a
port and/or other information about the node that owns the IP port and/or other information about the node that owns the IP
address. address.
Registered Node: The node for which the registration is performed, Registered Node: The node for which the registration is performed,
and which owns the fields in the EARO option. and which owns the fields in the Extended ARO option.
Registering Node: The node that performs the registration to the Registering Node: The node that performs the registration to the
6BBR, which may proxy for the registered node. 6BBR, which may proxy for the registered node.
Registered Address: An address owned by the Registered Node node Registered Address: An address owned by the Registered Node that was
that was or is being registered. or is being registered.
RFC6775-only: Applied to a type of node or a type of message, this RFC6775-only: Applied to a type of node or a type of message, this
adjective indicates a behavior that is strictly as specified by adjective indicates a behavior that is strictly as specified by
[RFC6775] as opposed to updated with this specification. [RFC6775] as opposed to updated with this specification.
updated: a 6LN, a 6LR or a 6LBR that supports this specification. updated: Qualifies a 6LN, a 6LR or a 6LBR that supports this
specification.
3. Applicability of Address Registration Options 3. Applicability of Address Registration Options
The purpose of the Address Registration Option (ARO) in [RFC6775] is The purpose of the Address Registration Option (ARO) in [RFC6775] is
to facilitate duplicate address detection (DAD) for hosts as well as to facilitate duplicate address detection (DAD) for hosts as well as
populate Neighbor Cache Entries (NCE) [RFC4861] in the routers. This to populate Neighbor Cache Entries (NCEs) [RFC4861] in the routers.
reduces the reliance on multicast operations, which are often as
This reduces the reliance on multicast operations, which are often as
intrusive as broadcast, in IPv6 ND operations. intrusive as broadcast, in IPv6 ND operations.
With this specification, a failed or useless registration can be With this specification, a failed or useless registration can be
detected by a 6LR or a 6LBR for reasons other than address detected by a 6LR or a 6LBR for reasons other than address
duplication. Examples include: the router having run out of space; a duplication. Examples include: the router having run out of space; a
registration bearing a stale sequence number perhaps denoting a registration bearing a stale sequence number perhaps denoting a
movement of the host after the registration was placed; a host movement of the host after the registration was placed; a host
misbehaving and attempting to register an invalid address such as the misbehaving and attempting to register an invalid address such as the
unspecified address [RFC4291]; or a host using an address which is unspecified address [RFC4291]; or a host using an address that is not
not topologically correct on that link. topologically correct on that link.
In such cases the host will receive an error to help diagnose the In such cases the host will receive an error to help diagnose the
issue and may retry, possibly with a different address, and possibly issue and may retry, possibly with a different address, and possibly
registering to a different router, depending on the returned error. registering to a different router, depending on the returned error.
The ability to return errors to address registrations is not intended The ability to return errors to address registrations is not intended
to be used to restrict the ability of hosts to form and use multiple to be used to restrict the ability of hosts to form and use multiple
addresses, as recommended in "Host Address Availability addresses. Rather, the intention is to conform to "Host Address
Recommendations" [RFC7934]. Availability Recommendations" [RFC7934].
In particular, the freedom to form and register addresses is needed In particular, the freedom to form and register addresses is needed
for enhanced privacy; each host may register a number of addresses for enhanced privacy; each host may register a number of addresses
using mechanisms such as "Privacy Extensions for Stateless Address using mechanisms such as "Privacy Extensions for Stateless Address
Autoconfiguration (SLAAC) in IPv6" [RFC4941]. Autoconfiguration (SLAAC) in IPv6" [RFC4941].
In IPv6 ND [RFC4861], a router must have enough storage to hold In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for
neighbor cache entries for all the addresses to which it may forward. all the addresses to which it can currently forward packets. A
A router using the Address Registration mechanism also needs enough router using the Address Registration mechanism also needs enough
storage to hold NCEs for all the addresses that may be registered to storage to hold NCEs for all the addresses that may be registered to
it, regardless of whether or not they are actively communicating. it, regardless of whether or not they are actively communicating.
The number of registrations supported by a 6LoWPAN Router (6LR) or The number of registrations supported by a 6LoWPAN Router (6LR) or
6LoWPAN Border Router (6LBR) must be clearly documented. 6LoWPAN Border Router (6LBR) MUST be clearly documented by the vendor
and the dynamic use of associated resources SHOULD be made available
to the network operator, e.g. to a management console.
A network administrator should deploy updated 6LR/6LBRs to support A network administrator MUST deploy updated 6LR/6LBRs to support the
the number and type of devices in their network, based on the number number and type of devices in their network, based on the number of
of IPv6 addresses that those devices require and their address IPv6 addresses that those devices require and their address renewal
renewal rate and behavior. rate and behavior.
4. Updating RFC 6775 4. Updating RFC 6775
This specification introduces the Extended Address Registration This specification introduces the Extended Address Registration
Option (EARO) based on the ARO as defined [RFC6775]; in particular a Option (EARO) based on the ARO as defined [RFC6775]; in particular a
"T" flag is added that MUST be set in NS messages when this "T" flag is added that MUST be set in NS messages when this
specification is used, and echoed in NA messages to confirm that the specification is used, and echoed in NA messages to confirm that the
protocol is supported. protocol is supported.
The extensions to the ARO option are used in the Duplicate Address The extensions to the ARO option are used in the Duplicate Address
Request (DAR) and Duplicate Address Confirmation (DAC) messages, so Request (DAR) and Duplicate Address Confirmation (DAC) messages, so
as to convey the additional information all the way to the 6LBR. In as to convey the additional information all the way to the 6LBR. In
turn the 6LBR may proxy the registration using IPv6 ND over a turn the 6LBR may proxy the registration using IPv6 ND over a
Backbone Link as illustrated in Figure 1. Note that this Backbone Link as illustrated in Figure 1. Note that this
specification avoids the extended DAR flow for Link Local Addresses specification avoids the extended DAR flow for Link Local Addresses
in a Route-Over [RFC6606] mesh. in a Route-Over [RFC6606] topology.
6LN 6LR 6LBR 6BBR 6LN 6LR 6LBR 6BBR
| | | | | | | |
| NS(EARO) | | | | NS(EARO) | | |
|--------------->| | | |--------------->| | |
| | Extended DAR | | | | Extended DAR | |
| |-------------->| | | |-------------->| |
| | | | | | | |
| | | proxy NS(EARO) | | | | proxy NS(EARO) |
| | |--------------->| | | |--------------->|
skipping to change at page 6, line 40 skipping to change at page 6, line 38
| | Extended DAC | | | | Extended DAC | |
| |<--------------| | | |<--------------| |
| NA(EARO) | | | | NA(EARO) | | |
|<---------------| | | |<---------------| | |
| | | | | | | |
Figure 1: (Re-)Registration Flow Figure 1: (Re-)Registration Flow
In order to support various types of link layers, it is RECOMMENDED In order to support various types of link layers, it is RECOMMENDED
to allow multiple registrations, including for privacy / temporary to allow multiple registrations, including for privacy / temporary
addresses, and provide new mechanisms to help clean up stale addresses. It is also RECOMMENDED to provide new mechanisms to help
registration states as soon as possible. clean up stale registration state as soon as possible.
Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface
and locates available 6LRs; a Registering Node SHOULD prefer and locates available 6LRs; a Registering Node SHOULD prefer
registering to a 6LR that is found to support this specification, as registering to a 6LR that is found to support this specification, as
discussed in Section 7.1, over a RFC6775-only one. discussed in Section 7.1, over an RFC6775-only one.
4.1. Extended Address Registration Option (EARO) 4.1. Extended Address Registration Option (EARO)
The Extended ARO (EARO) deprecates the ARO and is backward compatible The Extended ARO (EARO) replaces the ARO and is backward compatible
with it. More details on backward compatibility can be found in with it. More details on backward compatibility can be found in
Section 7. Section 7.
The semantics of the ARO are modified as follows: The semantics of the ARO are modified as follows:
o The address that is being registered with a Neighbor Solicitation o The address that is being registered with a Neighbor Solicitation
(NS) with an EARO is now the Target Address, as opposed to the (NS) with an EARO is now the Target Address, as opposed to the
Source Address as specified in [RFC6775] (see Section 4.5). This Source Address as specified in [RFC6775] (see Section 4.5). This
change enables a 6LBR to use one of its addresses as source to the change enables a 6LBR to use one of its addresses as source to the
proxy-registration of an address that belongs to a LLN Node to a proxy-registration of an address that belongs to a LLN Node to a
6BBR. This also limits the use of an address as source address 6BBR. This also limits the use of an address as source address
before it is registered and the associated DAD process is before it is registered and the associated DAD process is
complete. complete.
o The Unique ID in the EARO Option is not required to be a MAC o The Unique ID in the EARO Option is not required to be a MAC
address (see Section 4.3). address (see Section 4.3).
o This document specifies a new flag in the EARO option, the 'R'
flag, used by a 6LN, when registering, to indicate that this 6LN
is not a router and that it will not handle its own reachability.
If the 'R' flag is set, the registering node expects that the 6LR
ensures reachability for the registered address by means of
routing or proxying ND. A host SHOULD set the 'R' flag. When not
set, the 'R' flag indicates that the Registering Node is a router,
which for instance participates to a route-over routing protocol
such as RPL [RFC6550], and which will take care of injecting the
address over the routing protocol by itself. A router SHOULD NOT
set the 'R' flag.
o The specification introduces a Transaction ID (TID) field in the o The specification introduces a Transaction ID (TID) field in the
EARO (see Section 4.2). The TID MUST be provided by a node that EARO (see Section 4.2). The TID MUST be provided by a node that
supports this specification and a new "T" flag MUST be set to supports this specification and a new "T" flag MUST be set to
indicate so. indicate so.
o Finally, this specification introduces new status codes to help o Finally, this specification introduces new status codes to help
diagnose the cause of a registration failure (see Table 1). diagnose the cause of a registration failure (see Table 1).
4.2. Transaction ID 4.2. Transaction ID
The Transaction ID (TID) is a sequence number that is incremented The Transaction ID (TID) is a sequence number that is incremented
with each re-registration. The TID is used to detect the freshness with each re-registration. The TID is used to detect the freshness
of the registration request and useful to detect one single of the registration request and to detect one single registration by
registration by multiple 6LoWPAN border routers (e.g., 6LBRs and multiple 6LoWPAN border routers (e.g., 6LBRs and 6BBRs) supporting
6BBRs) supporting the same 6LoWPAN. The TID may also be used by the the same 6LoWPAN. The TID may also be used by the network to track
network to track the sequence of movements of a node in order to the sequence of movements of a node in order to route to the current
route to the current (freshest known) location of a moving node. (freshest known) location of a moving node.
When a Registered Node is registered with multiple 6BBRs in parallel, When a Registered Node is registered with multiple 6BBRs in parallel,
the same TID SHOULD be used, to enable the 6BBRs to determine that the same TID SHOULD be used. This enables the 6BBRs to determine
the registrations are the same, and distinguish that situation from a that the registrations are the same, and distinguish that situation
movement. from a movement (see section 4 of [I-D.ietf-6lo-backbone-router] and
Section 4.7 below).
4.2.1. Comparing TID values 4.2.1. Comparing TID values
The TID is a sequence counter and its operation is the exact match of The TID is a sequence counter and its operation is the exact match of
the path sequence specified in RPL, the IPv6 Routing Protocol for the path sequence specified in RPL, the IPv6 Routing Protocol for
Low-Power and Lossy Networks [RFC6550] specification. Low-Power and Lossy Networks [RFC6550] specification.
In order to keep this document self-contained and yet compatible, the In order to keep this document self-contained and yet compatible, the
text below is an exact copy from section 7.2. "Sequence Counter text below is an exact copy from section 7.2. "Sequence Counter
Operation" of [RFC6550]. Operation" of [RFC6550].
skipping to change at page 9, line 29 skipping to change at page 9, line 37
numbers are not comparable. numbers are not comparable.
4. If two sequence numbers are determined to be not comparable, i.e. 4. If two sequence numbers are determined to be not comparable, i.e.
the results of the comparison are not defined, then a node should the results of the comparison are not defined, then a node should
give precedence to the sequence number that was most recently give precedence to the sequence number that was most recently
incremented. Failing this, the node should select the sequence incremented. Failing this, the node should select the sequence
number in order to minimize the resulting changes to its own number in order to minimize the resulting changes to its own
state. state.
4.3. Registration Unique ID 4.3. Registration Unique ID
The Registration Unique ID (RUID) enables a duplicate address The Registration Unique ID (RUID) generalizes the EUI-64 field of the
registration to be distinguished from a double registration or a ARO in [RFC6775]. It is unique to a registration and enables to
movement. An ND message from the 6BBR over the Backbone Link that is identify the tentative to register a duplicate address, which is
proxied on behalf of a Registered Node must carry the most recent characterized by a different RUID in the conflicting registrations
EARO option seen for that node. A NS/NA with an EARO and a NS/NA (more in Section 4.6)
without a EARO thus represent different nodes; if they relate to a
same target then an address duplication is likely.
The Registration Unique ID in [RFC6775] is a EUI-64 globally unique
address configured at a Lower Layer, under the assumption that
duplicate EUI-64 addresses are avoided.
With this specification, the Registration Unique ID is allowed to be With this specification, the Registration Unique ID is allowed to be
extended to different types of identifier, as long as the type is extended to different types of identifier, as long as the type is
clearly indicated. For instance, the type can be a cryptographic clearly indicated. For instance, the type can be a cryptographic
string and used to prove the ownership of the registration as string and used to prove the ownership of the registration as
discussed in "Address Protected Neighbor Discovery for Low-power and discussed in "Address Protected Neighbor Discovery for Low-power and
Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to support the flows Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to support the flows
related to the proof of ownership, this specification introduces new related to the proof of ownership, this specification introduces new
status codes "Validation Requested" and "Validation Failed" in the status codes "Validation Requested" and "Validation Failed" in the
EARO. EARO.
skipping to change at page 10, line 19 skipping to change at page 10, line 19
4.4. Extended Duplicate Address Messages 4.4. Extended Duplicate Address Messages
In order to map the new EARO content in the DAR/DAC messages, a new In order to map the new EARO content in the DAR/DAC messages, a new
TID field is added to the Extended DAR (EDAR) and the Extended DAC TID field is added to the Extended DAR (EDAR) and the Extended DAC
(EDAC) messages as a replacement to a Reserved field, and an odd (EDAC) messages as a replacement to a Reserved field, and an odd
value of the ICMP Code indicates support for the TID, to transport value of the ICMP Code indicates support for the TID, to transport
the "T" flag. the "T" flag.
In order to prepare for future extensions, and though no option has In order to prepare for future extensions, and though no option has
been defined for the Duplicate Address messages, implementations been defined for the Duplicate Address messages, implementations MUST
SHOULD expect ND options after the main body, and SHOULD ignore them. expect ND options after the main body, and MUST ignore them.
As for the EARO, the Extended Duplicate Address messages are backward As for the EARO, the Extended Duplicate Address messages are backward
compatible with the RFC6775-only versions, and remarks concerning compatible with the RFC6775-only versions, and remarks concerning
backwards compatibility for the protocol between the 6LN and the 6LR backwards compatibility for the protocol between the 6LN and the 6LR
apply similarly between a 6LR and a 6LBR. apply similarly between a 6LR and a 6LBR.
4.5. Registering the Target Address 4.5. Registering the Target Address
The Registering Node is the node that performs the registration to The Registering Node is the node that performs the registration to
the 6BBR. As in [RFC6775], it may be the Registered Node as well, in the 6BBR. As in [RFC6775], it may be the Registered Node as well, in
which case it registers one of its own addresses, and indicates its which case it registers one of its own addresses, and indicates its
own MAC Address as Source Link Layer Address (SLLA) in the NS(EARO). own MAC Address as Source Link Layer Address (SLLA) in the NS(EARO).
This specification adds the capability to proxy the registration This specification adds the capability to proxy the registration
operation on behalf of a Registered Node that is reachable over a LLN operation on behalf of a Registered Node that is reachable over a LLN
mesh. In that case, if the Registered Node is reachable from the mesh. In that case, if the Registered Node is reachable from the
6BBR over a Mesh-Under mesh, the Registering Node indicates the MAC 6BBR over a Mesh-Under mesh, the Registering Node indicates the MAC
Address of the Registered Node as SLLA in the NS(EARO). If the Address of the Registered Node as the SLLA in the NS(EARO). If the
Registered Node is reachable over a Route-Over mesh from the Registered Node is reachable over a Route-Over mesh from the
Registering Node, the SLLA in the NS(ARO) is that of the Registering Registering Node, the SLLA in the NS(ARO) is that of the Registering
Node. This enables the Registering Node to attract the packets from Node. This enables the Registering Node to attract the packets from
the 6BBR and route them over the LLN to the Registered Node. the 6BBR and route them over the LLN to the Registered Node.
In order to enable the latter operation, this specification changes In order to enable the latter operation, this specification changes
the behavior of the 6LN and the 6LR so that the Registered Address is the behavior of the 6LN and the 6LR so that the Registered Address is
found in the Target Address field of the NS and NA messages as found in the Target Address field of the NS and NA messages as
opposed to the Source Address. With this convention, a TLLA option opposed to the Source Address. With this convention, a TLLA option
indicates the link-layer address of the 6LN that owns the address, indicates the link-layer address of the 6LN that owns the address,
skipping to change at page 11, line 19 skipping to change at page 11, line 19
RFC6775-only 6LoWPAN ND [RFC6775]. RFC6775-only 6LoWPAN ND [RFC6775].
4.6. Link-Local Addresses and Registration 4.6. Link-Local Addresses and Registration
Considering that LLN nodes are often not wired and may move, there is Considering that LLN nodes are often not wired and may move, there is
no guarantee that a Link-Local address stays unique between a no guarantee that a Link-Local address stays unique between a
potentially variable and unbounded set of neighboring nodes. potentially variable and unbounded set of neighboring nodes.
Compared to [RFC6775], this specification only requires that a Link- Compared to [RFC6775], this specification only requires that a Link-
Local address is unique from the perspective of the two nodes that Local address is unique from the perspective of the two nodes that
use it to communicate (e.g. the 6LN and the 6LR in an NS/NA use it to communicate (e.g., the 6LN and the 6LR in an NS/NA
exchange). This simplifies the DAD process in Route-Over Mode for exchange). This simplifies the DAD process in a Route-Over topology
Link-Local addresses, and there is no exchange of Duplicate Address for Link-Local addresses, by avoiding an exchange of Duplicate
messages between the 6LR and a 6LBR for Link-Local addresses. Address messages between the 6LR and a 6LBR for those addresses.
In more details: In more details:
An exchange between two nodes using Link-Local addresses implies that An exchange between two nodes using Link-Local addresses implies that
they are reachable over one hop and that at least one of the 2 nodes they are reachable over one hop and that at least one of the 2 nodes
acts as a 6LR. A node MUST register a Link-Local address to a 6LR in acts as a 6LR. A node MUST register a Link-Local address to a 6LR in
order to obtain reachability from that 6LR beyond the current order to obtain reachability from that 6LR beyond the current
exchange, and in particular to use the Link-Local address as source exchange, and in particular to use the Link-Local address as source
address to register other addresses, e.g. global addresses. address to register other addresses, e.g., global addresses.
If there is no collision with an address previously registered to If there is no collision with an address previously registered to
this 6LR by another 6LN, then the Link-Local address is unique from this 6LR by another 6LN, then the Link-Local address is unique from
the standpoint of this 6LR and the registration is acceptable. the standpoint of this 6LR and the registration is acceptable.
Alternatively, two different 6LRs might expose the same Link-Local Alternatively, two different 6LRs might expose the same Link-Local
address but different link-layer addresses. In that case, a 6LN MUST address but different link-layer addresses. In that case, a 6LN MUST
only interact with at most one of the 6LRs. only interact with at most one of the 6LRs.
The DAD process between the 6LR and a 6LBR, which is based on an The DAD process between the 6LR and a 6LBR, which is based on an
exchange of Duplicate Address messages, does not need to take place exchange of Duplicate Address messages, does not need to take place
for Link-Local addresses. for Link-Local addresses.
When registering to a 6LR that conforms this specification, a node When registering to a 6LR that conforms to this specification, a node
MUST use a Link-Local address as the source address of the MUST use a Link-Local address as the source address of the
registration, whatever the type of IPv6 address that is being registration, whatever the type of IPv6 address that is being
registered. That Link-Local Address MUST be either an address that registered. That Link-Local Address MUST be either an address that
is already registered to the 6LR, or the address that is being is already registered to the 6LR, or the address that is being
registered. registered.
When a Registering Node does not have an already-Registered Address, When a Registering Node does not have an already-Registered Address,
it MUST register a Link-Local address, using it as both the Source it MUST register a Link-Local address, using it as both the Source
and the Target Address of an NS(EARO) message. In that case, it is and the Target Address of an NS(EARO) message. In that case, it is
RECOMMENDED to use a Link-Local address that is (expected to be) RECOMMENDED to use a Link-Local address that is (expected to be)
skipping to change at page 12, line 19 skipping to change at page 12, line 19
Since there is no Duplicate Address exchange for Link-Local Since there is no Duplicate Address exchange for Link-Local
addresses, the 6LR may answer immediately to the registration of a addresses, the 6LR may answer immediately to the registration of a
Link-Local address, based solely on its existing state and the Source Link-Local address, based solely on its existing state and the Source
Link-Layer Option that MUST be placed in the NS(EARO) message as Link-Layer Option that MUST be placed in the NS(EARO) message as
required in [RFC6775]. required in [RFC6775].
A node needs to register its IPv6 Global Unicast IPv6 Addresses A node needs to register its IPv6 Global Unicast IPv6 Addresses
(GUAs) to a 6LR in order to establish global reachability for these (GUAs) to a 6LR in order to establish global reachability for these
addresses via that 6LR. When registering with an updated 6LR, a addresses via that 6LR. When registering with an updated 6LR, a
Registering Node does not use its GUA as Source Address, in contrast Registering Node does not use a GUA as Source Address, in contrast to
to a node that complies to [RFC6775]. For non-Link-Local addresses, a node that complies to [RFC6775]. For non-Link-Local addresses, the
the Duplicate Address exchange MUST conform to [RFC6775], but the Duplicate Address exchange MUST conform to [RFC6775], but the
extended formats described in this specification for the DAR and the extended formats described in this specification for the DAR and the
DAC are used to relay the extended information in the case of an DAC are used to relay the extended information in the case of an
EARO. EARO.
An ND message from the 6BBR over the Backbone Link that is proxied on
behalf of a Registered Node MUST carry the most recent EARO option
seen for that node. A NS/NA with an EARO and a NS/NA without a EARO
thus represent different nodes; this is considered as an address
duplication and the first owner wins. If the first owner is the
registration (i.e. with an NS(EARO)) then the 6BBR defends the
address over the Backbone Link as prescribed by [RFC4862]. If the
first owner is a node over the Backbone Link (no ARO), then the 6BBR
rejects the proxy-registration with a Status of "Duplicate Address".
4.7. Maintaining the Registration States 4.7. Maintaining the Registration States
This section discusses protocol actions that involve the Registering This section discusses protocol actions that involve the Registering
Node, the 6LR and the 6LBR. It must be noted that the portion that Node, the 6LR and the 6LBR. It must be noted that the portion that
deals with a 6LBR only applies to those addresses that are registered deals with a 6LBR only applies to those addresses that are registered
to it; as discussed in Section 4.6, this is not the case for Link- to it; as discussed in Section 4.6, this is not the case for Link-
Local addresses. The registration state includes all data that is Local addresses. The registration state includes all data that is
stored in the router relative to that registration, in particular, stored in the router relative to that registration, in particular,
but not limited to, an NCE in a 6LR. 6LBRs and 6BBRs may store but not limited to, an NCE in a 6LR. 6LBRs and 6BBRs may store
additional registration information in more complex data structures additional registration information in more complex data structures
and use protocols that are out of scope of this document to keep them and use protocols that are out of scope of this document to keep them
synchronized when they are distributed. synchronized when they are distributed.
When its Neighbor Cache is full, a 6LR cannot accept a new When its resource available for Neighbor Cache Entries are exhausted,
registration. In that situation, the EARO is returned in a NA a 6LR cannot accept a new registration. In that situation, the EARO
message with a Status of 2, and the Registering Node may attempt to is returned in a NA message with a Status Code of "Neighbor Cache
register to another 6LR. Full", and the Registering Node may attempt to register to another
6LR.
If the registry in the 6LBR is saturated, then the LBR cannot decide If the registry in the 6LBR is saturated, then the LBR cannot decide
whether a new address is a duplicate. In that case, the 6LBR replies whether a new address is a duplicate. In that case, the 6LBR replies
to a EDAR message with a EDAC message that carries a new Status Code to a EDAR message with an EDAC message that carries a new Status Code
indicating "6LBR Registry saturated" Table 1. Note: this code is indicating "6LBR Registry saturated" Table 1. Note: this code is
used by 6LBRs instead of Status 2 when responding to a Duplicate used by 6LBRs instead of "Neighbor Cache Full" when responding to a
Address message exchange and passed on to the Registering Node by the Duplicate Address message exchange and is passed on to the
6LR. There is no point for the node to retry this registration Registering Node by the 6LR. There is no point for the node to retry
immediately via another 6LR, since the problem is global to the this registration immediately via another 6LR, since the problem is
network. The node may either abandon that address, de-register other global to the network. The node may either abandon that address, de-
addresses first to make room, or keep the address in TENTATIVE state register other addresses first to make room, or keep the address in
and retry later. TENTATIVE state and retry later.
A node renews an existing registration by sending a new NS(EARO) A node renews an existing registration by sending a new NS(EARO)
message for the Registered Address. In order to refresh the message for the Registered Address. In order to refresh the
registration state in the 6LBR, the registration MUST be reported to registration state in the 6LBR, the registration MUST be reported to
the 6LBR. the 6LBR.
A node that ceases to use an address SHOULD attempt to de-register A node that ceases to use an address SHOULD attempt to de-register
that address from all the 6LRs to which it has registered the that address from all the 6LRs to which it has registered the
address, which is achieved using an NS(EARO) message with a address, which is achieved using an NS(EARO) message with a
Registration Lifetime of 0. Registration Lifetime of 0.
A node that moves away from a particular 6LR SHOULD attempt to de- A node that moves away from a particular 6LR SHOULD attempt to de-
register all of its addresses registered to that 6LR and register to register all of its addresses registered to that 6LR and register to
a new 6LR with an incremented TID. When/if the node shows up a new 6LR with an incremented TID. When/if the node shows up
elsewhere, an asynchronous NA(EARO) or EDAC message with a status of elsewhere, an asynchronous NA(EARO) or EDAC message with a Status
3 "Moved" SHOULD be used to clean up the state in the previous Code of "Moved" SHOULD be used to clean up the state in the previous
location. For instance, as described in location. For instance, as described in
[I-D.ietf-6lo-backbone-router], the "Moved" status can be used by a [I-D.ietf-6lo-backbone-router], the "Moved" status can be used by a
6BBR in a NA(EARO) message to indicate that the ownership of the 6BBR in an NA(EARO) message to indicate that the ownership of the
proxy state on the Backbone Link was transferred to another 6BBR, as proxy state on the Backbone Link was transferred to another 6BBR, as
the consequence of a movement of the device. The receiver of the the consequence of a movement of the device. If the receiver of the
message SHOULD propagate the status down the chain towards the message has a state corresponding to the related address, it SHOULD
Registered node (e.g. reversing an existing RPL [RFC6550] path) and propagate the status down the forwarding path to the Registered node
then clean up its state. (e.g. reversing an existing RPL [RFC6550] path as prescribed in
[I-D.ietf-roll-efficient-npdao]) and whether it could or not do so,
the receiver MUST clean up the said state.
Upon receiving a NS(EARO) message with a Registration Lifetime of 0 Upon receiving an NS(EARO) message with a Registration Lifetime of 0
and determining that this EARO is the freshest for a given NCE (see and determining that this EARO is the freshest for a given NCE (see
Section 4.2), a 6LR cleans up its NCE. If the address was registered Section 4.2), a 6LR cleans up its NCE. If the address was registered
to the 6LBR, then the 6LR MUST report to the 6LBR, through a to the 6LBR, then the 6LR MUST report to the 6LBR, through a
Duplicate Address exchange with the 6LBR, indicating the null Duplicate Address exchange with the 6LBR, indicating the null
Registration Lifetime and the latest TID that this 6LR is aware of. Registration Lifetime and the latest TID that this 6LR is aware of.
Upon receiving the Extended DAR message, the 6LBR evaluates if this Upon receiving the Extended DAR message, the 6LBR evaluates if this
is the most recent TID it has received for that particular registry is the most recent TID it has received for that particular registry
entry. If so, then the entry is scheduled to be removed, and the entry. If so, then the entry is scheduled to be removed, and the
EDAR is answered with a EDAC message bearing a Status of 0 EDAR is answered with an EDAC message bearing a Status of "Success".
("Success"). Otherwise, a Status 3 ("Moved") is returned instead, Otherwise, a Status Code of "Moved" is returned instead, and the
and the existing entry is maintained. existing entry is maintained.
When an address is scheduled to be removed, the 6LBR SHOULD keep its When an address is scheduled to be removed, the 6LBR SHOULD keep its
entry in a DELAY state for a configurable period of time, so as to entry in a DELAY state for a configurable period of time, so as to
protect a mobile node that de-registered from one 6LR and did not protect a mobile node that de-registered from one 6LR and did not
register yet to a new one, or the new registration did not reach yet register yet to a new one, or the new registration did not reach yet
the 6LBR due to propagation delays in the network. Once the DELAY the 6LBR due to propagation delays in the network. Once the DELAY
time is passed, the 6LBR silently removes its entry. time is passed, the 6LBR silently removes its entry.
5. Detecting Enhanced ARO Capability Support 5. Detecting Enhanced ARO Capability Support
skipping to change at page 14, line 30 skipping to change at page 14, line 44
Advertisement (NA) messages. Advertisement (NA) messages.
6. Extended ND Options And Messages 6. Extended ND Options And Messages
This specification does not introduce new options, but it modifies This specification does not introduce new options, but it modifies
existing ones and updates the associated behaviors as specified in existing ones and updates the associated behaviors as specified in
the following subsections. the following subsections.
6.1. Enhanced Address Registration Option (EARO) 6.1. Enhanced Address Registration Option (EARO)
The Address Registration Option (ARO) is defined in section 4.1. of The Address Registration Option (ARO) is defined in section 4.1 of
[RFC6775]. [RFC6775].
The Enhanced Address Registration Option (EARO) updates the ARO The Enhanced Address Registration Option (EARO) updates the ARO
option within Neighbor Discovery NS and NA messages between a 6LN and option within Neighbor Discovery NS and NA messages between a 6LN and
its 6LR. On the other hand, the Extended Duplicate Address messages, its 6LR. On the other hand, the Extended Duplicate Address messages,
EDAR and EDAC, replace the DAR and DAC messages so as to transport EDAR and EDAC, replace the DAR and DAC messages so as to transport
the new information between 6LRs and 6LBRs across LLN meshes such as the new information between 6LRs and 6LBRs across LLN meshes such as
6TiSCH networks. 6TiSCH networks.
An NS message with an EARO option is a registration if and only if it An NS message with an EARO option is a registration if and only if it
skipping to change at page 15, line 10 skipping to change at page 15, line 23
the Target Address field of the NS and NA messages. the Target Address field of the NS and NA messages.
The EARO extends the ARO and is indicated by the "T" flag set. The The EARO extends the ARO and is indicated by the "T" flag set. The
format of the EARO option is as follows: format of the EARO option is as follows:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length = 2 | Status | Reserved | | Type | Length = 2 | Status | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |T| TID | Registration Lifetime | | Reserved |R|T| TID | Registration Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ Registration Unique ID (EUI-64 or equivalent) + + Registration Unique ID (EUI-64 or equivalent) +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: EARO Figure 2: EARO
Option Fields Option Fields
skipping to change at page 16, line 14 skipping to change at page 16, line 27
| | removed, for instance due to a movement of the device. | | | removed, for instance due to a movement of the device. |
| | | | | |
| 6 | Duplicate Source Address: The address used as source of | | 6 | Duplicate Source Address: The address used as source of |
| | the NS(ARO) conflicts with an existing registration. | | | the NS(ARO) conflicts with an existing registration. |
| | | | | |
| 7 | Invalid Source Address: The address used as source of the | | 7 | Invalid Source Address: The address used as source of the |
| | NS(ARO) is not a Link-Local address as prescribed by this | | | NS(ARO) is not a Link-Local address as prescribed by this |
| | document. | | | document. |
| | | | | |
| 8 | Registered Address topologically incorrect: The address | | 8 | Registered Address topologically incorrect: The address |
| | being registered is not usable on this link, e.g. it is | | | being registered is not usable on this link, e.g., it is |
| | not topologically correct | | | not topologically correct |
| | | | | |
| 9 | 6LBR Registry saturated: A new registration cannot be | | 9 | 6LBR Registry saturated: A new registration cannot be |
| | accepted because the 6LBR Registry is saturated. Note: | | | accepted because the 6LBR Registry is saturated. Note: |
| | this code is used by 6LBRs instead of Status 2 when | | | this code is used by 6LBRs instead of Status 2 when |
| | responding to a Duplicate Address message exchange and | | | responding to a Duplicate Address message exchange and is |
| | passed on to the Registering Node by the 6LR. | | | passed on to the Registering Node by the 6LR. |
| | | | | |
| 10 | Validation Failed: The proof of ownership of the | | 10 | Validation Failed: The proof of ownership of the |
| | registered address is not correct. | | | registered address is not correct. |
+-------+-----------------------------------------------------------+ +-------+-----------------------------------------------------------+
Table 1: EARO Status Table 1: EARO Status
Reserved: This field is unused. It MUST be initialized to zero Reserved: This field is unused. It MUST be initialized to zero
by the sender and MUST be ignored by the receiver. by the sender and MUST be ignored by the receiver.
R: If the 'R' flag is set, the registering node expects
that the 6LR ensures reachability for the registered
address, e.g. by injecting the address in a route-
over routing protocol or proxying ND over a Backbone
Link.
T: One bit flag. Set if the next octet is used as a T: One bit flag. Set if the next octet is used as a
TID. TID.
TID: 1-byte integer; a transaction id that is maintained TID: 1-byte integer; a transaction id that is maintained
by the node and incremented with each transaction. by the node and incremented with each transaction.
The node SHOULD maintain the TID in a persistent The node SHOULD maintain the TID in a persistent
storage. storage.
Registration Lifetime: 16-bit integer; expressed in minutes. 0 Registration Lifetime: 16-bit integer; expressed in minutes. 0
means that the registration has ended and the means that the registration has ended and the
associated state should be removed. associated state should be removed.
Registration Unique IDentifier (RUID): A globally unique identifier Registration Unique IDentifier (RUID): A globally unique identifier
for the node associated. This can be the EUI-64 for the node associated. This can be the EUI-64
derived IID of an interface, or some provable ID derived IID of an interface, or some provable ID
skipping to change at page 18, line 48 skipping to change at page 19, line 24
If the Registering Node receives a 6CIO in a Router Advertisement If the Registering Node receives a 6CIO in a Router Advertisement
message, then the setting of the "E" Flag indicates whether or not message, then the setting of the "E" Flag indicates whether or not
this specification is supported. this specification is supported.
7.1.2. Using the "T" Flag in the EARO 7.1.2. Using the "T" Flag in the EARO
One alternate way for a 6LN to discover the router's capabilities is One alternate way for a 6LN to discover the router's capabilities is
to start by registering a Link Local address, placing the same to start by registering a Link Local address, placing the same
address in the Source and Target Address fields of the NS message, address in the Source and Target Address fields of the NS message,
and setting the "T" Flag. The node may for instance register an and setting the "T" Flag. The node may for instance register an
address that is based on EUI-64. For such an address, DAD is not address that is based on an EUI-64. For such an address, DAD is not
required and using the SLLAO option in the NS is actually more required and using the SLLAO option in the NS is actually more
consistent with existing ND specifications such as the "Optimistic consistent with existing ND specifications such as the "Optimistic
Duplicate Address Detection (ODAD) for IPv6" [RFC4429]. Duplicate Address Detection (ODAD) for IPv6" [RFC4429].
Once its first registration is complete, the node knows from the Once its first registration is complete, the node knows from the
setting of the "T" Flag in the response whether the router supports setting of the "T" Flag in the response whether the router supports
this specification. If support is verified, the node may register this specification. If support is verified, the node may register
other addresses that it owns, or proxy-register addresses on behalf other addresses that it owns, or proxy-register addresses on behalf
some another node, indicating those addresses being registered in the of some another node, indicating those addresses being registered in
Target Address field of the NS messages, while using one of its own the Target Address field of the NS messages, while using one of its
previously registered addresses as source. own previously registered addresses as source.
A node that supports this specification MUST always use an EARO as a A node that supports this specification MUST always use an EARO as a
replacement to an ARO in its registration to a router. This is replacement to an ARO in its registration to a router. This is
harmless since the "T" flag and TID field are reserved in [RFC6775], harmless since the "T" flag and TID field are reserved in [RFC6775],
and are ignored by a RFC6775-only router. A router that supports and are ignored by an RFC6775-only router. A router that supports
this specification answers an ARO with an ARO and answers an EARO this specification answers an ARO with an ARO and answers an EARO
with an EARO. with an EARO.
This specification changes the behavior of the peers in a This specification changes the behavior of the peers in a
registration flow. To enable backward compatibility, a 6LN that registration flow. To enable backward compatibility, a 6LN that
registers to a 6LR that is not known to support this specification registers to a 6LR that is not known to support this specification
MUST behave in a manner that is compatible with [RFC6775]. A 6LN can MUST behave in a manner that is compatible with [RFC6775]. A 6LN can
achieve that by sending a NS(EARO) message with a Link-Local Address achieve that by sending a NS(EARO) message with a Link-Local Address
used as both Source and Target Address, as described in Section 4.6. used as both Source and Target Address, as described in Section 4.6.
Once the 6LR is known to support this specification, the 6LN MUST Once the 6LR is known to support this specification, the 6LN MUST
obey this specification. obey this specification.
7.2. RFC6775-only 6LoWPAN Node 7.2. RFC6775-only 6LoWPAN Node
A RFC6775-only 6LN will use the Registered Address as source and will an RFC6775-only 6LN will use the Registered Address as source and
not use an EARO option. An updated 6LR MUST accept that registration will not use an EARO option. An updated 6LR MUST accept that
if it is valid per [RFC6775], and it MUST manage the binding cache registration if it is valid per [RFC6775], and it MUST manage the
accordingly. The updated 6LR MUST then use the RFC6775-only binding cache accordingly. The updated 6LR MUST then use the
Duplicate Address messages as specified in [RFC6775] to indicate to RFC6775-only Duplicate Address messages as specified in [RFC6775] to
the 6LBR that the TID is not present in the messages. indicate to the 6LBR that the TID is not present in the messages.
The main difference with [RFC6775] is that Duplicate Address exchange The main difference from [RFC6775] is that the Duplicate Address
for DAD is avoided for Link-Local addresses. In any case, the 6LR exchange for DAD is avoided for Link-Local addresses. In any case,
SHOULD use an EARO in the reply, and may use any of the Status codes the 6LR SHOULD use an EARO in the reply, and can use any of the
defined in this specification. Status codes defined in this specification.
7.3. RFC6775-only 6LoWPAN Router 7.3. RFC6775-only 6LoWPAN Router
The first registration by an updated 6LN MUST be for a Link-Local The first registration by an updated 6LN MUST be for a Link-Local
address, using that Link-Local address as source. A RFC6775-only 6LR address, using that Link-Local address as source. an RFC6775-only 6LR
will not make a difference and treat that registration as if the 6LN will treat that registration as if the 6LN was an RFC6775-only node.
was a RFC6775-only node.
An updated 6LN will always use an EARO option in the registration NS An updated 6LN will always use an EARO option in the registration NS
message, whereas a RFC6775-only 6LR will always reply with an ARO message, whereas an RFC6775-only 6LR will always reply with an ARO
option in the NA message. From that first registration, the updated option in the NA message. From that first registration, the updated
6LN can determine whether or not the 6LR supports this specification. 6LN can determine whether or not the 6LR supports this specification.
After detecting a RFC6775-only 6LR, an updated 6LN SHOULD attempt to After detecting an RFC6775-only 6LR, an updated 6LN SHOULD attempt to
find an alternate 6LR that is updated for a reasonable time that find an alternate 6LR that is updated for a reasonable time that
depends on the type of device and the expected deployment. depends on the type of device and the expected deployment.
An updated 6LN SHOULD use an EARO in the request regardless of the An updated 6LN SHOULD use an EARO in the request regardless of the
type of 6LR, RFC6775-only or updated, which implies that the "T" flag type of 6LR, RFC6775-only or updated, which implies that the "T" flag
is set. is set.
If an updated 6LN moves from an updated 6LR to a RFC6775-only 6LR, If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR,
the RFC6775-only 6LR will send a RFC6775-only DAR message, which can the RFC6775-only 6LR will send an RFC6775-only DAR message, which can
not be compared with an updated one for freshness. not be compared with an updated one for freshness.
Allowing RFC6775-only DAR messages to replace a state established by Allowing RFC6775-only DAR messages to replace a state established by
the updated protocol in the 6LBR would be an attack vector and that the updated protocol in the 6LBR would be an attack vector and that
cannot be the default behavior. cannot be the default behavior.
But if RFC6775-only and updated 6LRs coexist temporarily in a But if RFC6775-only and updated 6LRs coexist temporarily in a
network, then it makes sense for an administrator to install a policy network, then it makes sense for an administrator to install a policy
that allows so, and the capability to install such a policy should be that allows so, and the capability to install such a policy should be
configurable in a 6LBR though it is out of scope for this document. configurable in a 6LBR though it is out of scope for this document.
7.4. RFC6775-only 6LoWPAN Border Router 7.4. RFC6775-only 6LoWPAN Border Router
With this specification, the Duplicate Address messages are extended With this specification, the Duplicate Address messages are extended
to transport the EARO information. Similarly to the NS/NA exchange, to transport the EARO information. Similarly to the NS/NA exchange,
updated 6LBR devices always use the Extended Duplicate Address updated 6LBR devices always use the Extended Duplicate Address
messages and all the associated behavior so they can always be messages and all the associated behavior so they can always be
differentiated from RFC6775-only ones. differentiated from RFC6775-only ones.
Note that a RFC6775-only 6LBR will accept and process an EDAR message Note that an RFC6775-only 6LBR will accept and process an EDAR
as if it was a RFC6775-only DAR, so the support of DAD is preserved. message as if it were an RFC6775-only DAR, so the support of DAD is
preserved.
8. Security Considerations 8. Security Considerations
This specification extends [RFC6775], and the security section of This specification extends [RFC6775], and the security section of
that standard also applies to this as well. In particular, it is that standard also applies to this as well. In particular, it is
expected that the link layer is sufficiently protected to prevent a expected that the link layer is sufficiently protected to prevent a
rogue access, either by means of physical or IP security on the rogue access, either by means of physical or IP security on the
Backbone Link and link layer cryptography on the LLN. Backbone Link and link layer cryptography on the LLN.
This specification also expects that the LLN MAC provides secure This specification also expects that the LLN MAC provides secure
unicast to/from the Backbone Router and secure Broadcast from the unicast to/from the Backbone Router and secure Broadcast or Multicast
Backbone Router in a way that prevents tampering with or replaying from the Backbone Router in a way that prevents tampering with or
the RA messages. replaying the RA messages.
This specification recommends using privacy techniques (see This specification recommends using privacy techniques (see
Section 9), and protection against address theft such as provided by Section 9), and protection against address theft such as provided by
"Address Protected Neighbor Discovery for Low-power and Lossy "Address Protected Neighbor Discovery for Low-power and Lossy
Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the
Registered Address using a cryptographic RUID. Registered Address using a cryptographic RUID.
The registration mechanism may be used by a rogue node to attack the The registration mechanism may be used by a rogue node to attack the
6LR or the 6LBR with a Denial-of-Service attack against the registry. 6LR or the 6LBR with a Denial-of-Service attack against the registry.
It may also happen that the registry of a 6LR or a 6LBR is saturated It may also happen that the registry of a 6LR or a 6LBR is saturated
and cannot take any more registration, which effectively denies the and cannot take any more registrations, which effectively denies the
requesting node the capability to use a new address. In order to requesting node the capability to use a new address. In order to
alleviate those concerns, Section 4.7 provides a number of alleviate those concerns, Section 4.7 provides a number of
recommendations that ensure that a stale registration is removed as recommendations that ensure that a stale registration is removed as
soon as possible from the 6LR and 6LBR. In particular, this soon as possible from the 6LR and 6LBR. In particular, this
specification recommends that: specification recommends that:
o A node that ceases to use an address SHOULD attempt to de-register o A node that ceases to use an address SHOULD attempt to de-register
that address from all the 6LRs to which it is registered. See that address from all the 6LRs to which it is registered. See
Section 4.2 for the mechanism to avoid replay attacks and avoiding Section 4.2 for the mechanism to avoid replay attacks and avoiding
the use of stale registration information. the use of stale registration information.
o The Registration lifetimes SHOULD be individually configurable for o The Registration lifetimes SHOULD be individually configurable for
each address or group of addresses. The nodes SHOULD be each address or group of addresses. The nodes SHOULD be
configured with a Registration Lifetime that reflects their configured with a Registration Lifetime that reflects their
expectation of how long they will use the address with the 6LR to expectation of how long they will use the address with the 6LR to
which it is registered. In particular, use cases that involve which it is registered. In particular, use cases that involve
mobility or rapid address changes SHOULD use lifetimes that are mobility or rapid address changes SHOULD use lifetimes that are
larger yet of a same order as the duration of the expectation of larger yet of a same order as the duration of the expectation of
presence. presence.
o The router (6LR or 6LBR) SHOULD be configurable so as to limit the o The router (6LR or 6LBR) SHOULD be configurable so as to limit the
number of addresses that can be registered by a single node, as number of addresses that can be registered by a single node, but
identified at least by MAC address and preferably by security as a protective measure only. A node may be identified by MAC
credentials. When that maximum is reached, the router should use address, but a stringer identification (e.g., by security
a Least-Recently-Used (LRU) algorithm to clean up the addresses, credentials) is RECOMMENDED. When that maximum is reached, the
keeping at least one Link-Local address. The router SHOULD router should use a Least-Recently-Used (LRU) algorithm to clean
attempt to keep one or more stable addresses if stability can be up the addresses, keeping at least one Link-Local address. The
determined, e.g. from the way the IID is formed or because they router SHOULD attempt to keep one or more stable addresses if
are used over a much longer time span than other (privacy, stability can be determined, e.g., because they are used over a
shorter-lived) addresses. Address lifetimes SHOULD be much longer time span than other (privacy, shorter-lived)
individually configurable. addresses. Address lifetimes SHOULD be individually configurable.
o In order to avoid denial of registration for the lack of o In order to avoid denial of registration for the lack of
resources, administrators should take great care to deploy resources, administrators should take great care to deploy
adequate numbers of 6LRs to cover the needs of the nodes in their adequate numbers of 6LRs to cover the needs of the nodes in their
range, so as to avoid a situation of starving nodes. It is range, so as to avoid a situation of starving nodes. It is
expected that the 6LBR that serves a LLN is a more capable node expected that the 6LBR that serves a LLN is a more capable node
then the average 6LR, but in a network condition where it may then the average 6LR, but in a network condition where it may
become saturated, a particular deployment should distribute the become saturated, a particular deployment should distribute the
6LBR functionality, for instance by leveraging a high speed 6LBR functionality, for instance by leveraging a high speed
Backbone Link and Backbone Routers to aggregate multiple LLNs into Backbone Link and Backbone Routers to aggregate multiple LLNs into
a larger subnet. a larger subnet.
skipping to change at page 22, line 18 skipping to change at page 22, line 42
trust model must be put in place to ensure that the right devices are trust model must be put in place to ensure that the right devices are
acting in these roles, so as to avoid threats such as black-holing, acting in these roles, so as to avoid threats such as black-holing,
or bombing attack whereby an impersonated 6LBR would destroy state in or bombing attack whereby an impersonated 6LBR would destroy state in
the network by using the "Removed" Status code. This trust model the network by using the "Removed" Status code. This trust model
could be at a minimum based on a Layer-2 access control, or could could be at a minimum based on a Layer-2 access control, or could
provide role validation as well (see Req5.1 in Appendix B.5). provide role validation as well (see Req5.1 in Appendix B.5).
9. Privacy Considerations 9. Privacy Considerations
As indicated in Section 3, this protocol does not aim at limiting the As indicated in Section 3, this protocol does not aim at limiting the
number of IPv6 addresses that a device can form. A host should be number of IPv6 addresses that a device can form and if placed, a
able to form and register any address that is topologically correct limit should be a protective measure only, that is high enough not to
in the subnet(s) advertised by the 6LR/6LBR. interfere with the normal behavior of devices in the network. A host
should be able to form and register any address that is topologically
correct in the subnet(s) advertised by the 6LR/6LBR.
This specification does not mandate any particular way for forming This specification does not mandate any particular way for forming
IPv6 addresses, but it discourages using EUI-64 for forming the IPv6 addresses, but it discourages using EUI-64 for forming the
Interface ID in the Link-Local address because this method prevents Interface ID in the Link-Local address because this method prevents
the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971] and the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971] and
"Cryptographically Generated Addresses (CGA)" [RFC3972], and that of "Cryptographically Generated Addresses (CGA)" [RFC3972], and that of
address privacy techniques. address privacy techniques.
"Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms"
[RFC8065] explains why privacy is important and how to form privacy- [RFC8065] explains why privacy is important and how to form privacy-
aware addresses. All implementations and deployment must consider aware addresses. All implementations and deployment must consider
the option of privacy addresses in their own environment. the option of privacy addresses in their own environment.
The IPv6 address of the 6LN in the IPv6 header can be compressed The IPv6 address of the 6LN in the IPv6 header can be compressed
statelessly when the Interface Identifier in the IPv6 address can be statelessly when the Interface Identifier in the IPv6 address can be
derived from the Lower Layer address. When it is not critical to derived from the Lower Layer address. When it is not critical to
benefit from that compression, e.g. the address can be compressed benefit from that compression, e.g. the address can be compressed
statefully, or it is rarely used and/or it is used only over one hop, statefully, or it is rarely used and/or it is used only over one hop,
then privacy concerns should be considered. In particular, new then privacy concerns should be considered. In particular, new
implementations should follow the IETF "Recommendation on Stable IPv6 implementations should follow the IETF "Recommendation on Stable IPv6
Interface Identifiers" [RFC8064] This RFC recommends the use of "A Interface Identifiers" [RFC8064] [RFC8064] recommends the use of "A
Method for Generating Semantically Opaque Interface Identifiers with Method for Generating Semantically Opaque Interface Identifiers with
IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for
generating Interface Identifiers to be used in SLAAC. generating Interface Identifiers to be used in SLAAC.
10. IANA Considerations 10. IANA Considerations
Note to RFC Editor: please replace "This RFC" throughout this Note to RFC Editor: please replace "This RFC" throughout this
document by the RFC number for this specification once it is document by the RFC number for this specification once it is
attributed. attributed.
skipping to change at page 27, line 8 skipping to change at page 28, line 8
6man-efficient-nd-07 (work in progress), February 2015. 6man-efficient-nd-07 (work in progress), February 2015.
[I-D.delcarpio-6lo-wlanah] [I-D.delcarpio-6lo-wlanah]
Vega, L., Robles, I., and R. Morabito, "IPv6 over Vega, L., Robles, I., and R. Morabito, "IPv6 over
802.11ah", draft-delcarpio-6lo-wlanah-01 (work in 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in
progress), October 2015. progress), October 2015.
[I-D.ietf-6lo-ap-nd] [I-D.ietf-6lo-ap-nd]
Thubert, P., Sarikaya, B., and M. Sethi, "Address Thubert, P., Sarikaya, B., and M. Sethi, "Address
Protected Neighbor Discovery for Low-power and Lossy Protected Neighbor Discovery for Low-power and Lossy
Networks", draft-ietf-6lo-ap-nd-05 (work in progress), Networks", draft-ietf-6lo-ap-nd-06 (work in progress),
January 2018. February 2018.
[I-D.ietf-6lo-backbone-router] [I-D.ietf-6lo-backbone-router]
Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo-
backbone-router-05 (work in progress), January 2018. backbone-router-06 (work in progress), February 2018.
[I-D.ietf-6lo-nfc] [I-D.ietf-6lo-nfc]
Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi,
"Transmission of IPv6 Packets over Near Field "Transmission of IPv6 Packets over Near Field
Communication", draft-ietf-6lo-nfc-09 (work in progress), Communication", draft-ietf-6lo-nfc-09 (work in progress),
January 2018. January 2018.
[I-D.ietf-6tisch-architecture] [I-D.ietf-6tisch-architecture]
Thubert, P., "An Architecture for IPv6 over the TSCH mode Thubert, P., "An Architecture for IPv6 over the TSCH mode
of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work
skipping to change at page 27, line 37 skipping to change at page 28, line 37
Thaler, D. and C. Huitema, "Multi-link Subnet Support in Thaler, D. and C. Huitema, "Multi-link Subnet Support in
IPv6", draft-ietf-ipv6-multilink-subnets-00 (work in IPv6", draft-ietf-ipv6-multilink-subnets-00 (work in
progress), July 2002. progress), July 2002.
[I-D.ietf-mboned-ieee802-mcast-problems] [I-D.ietf-mboned-ieee802-mcast-problems]
Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. Perkins, C., McBride, M., Stanley, D., Kumari, W., and J.
Zuniga, "Multicast Considerations over IEEE 802 Wireless Zuniga, "Multicast Considerations over IEEE 802 Wireless
Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work
in progress), February 2018. in progress), February 2018.
[I-D.ietf-roll-efficient-npdao]
Jadhav, R., Sahoo, R., and Z. Cao, "No-Path DAO
modifications", draft-ietf-roll-efficient-npdao-01 (work
in progress), October 2017.
[I-D.perkins-intarea-multicast-ieee802] [I-D.perkins-intarea-multicast-ieee802]
Perkins, C., Stanley, D., Kumari, W., and J. Zuniga, Perkins, C., Stanley, D., Kumari, W., and J. Zuniga,
"Multicast Considerations over IEEE 802 Wireless Media", "Multicast Considerations over IEEE 802 Wireless Media",
draft-perkins-intarea-multicast-ieee802-03 (work in draft-perkins-intarea-multicast-ieee802-03 (work in
progress), July 2017. progress), July 2017.
[I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks]
Popa, D. and J. Hui, "6LoPLC: Transmission of IPv6 Packets Popa, D. and J. Hui, "6LoPLC: Transmission of IPv6 Packets
over IEEE 1901.2 Narrowband Powerline Communication over IEEE 1901.2 Narrowband Powerline Communication
Networks", draft-popa-6lo-6loplc-ipv6-over- Networks", draft-popa-6lo-6loplc-ipv6-over-
ieee19012-networks-00 (work in progress), March 2014. ieee19012-networks-00 (work in progress), March 2014.
[I-D.struik-lwip-curve-representations] [I-D.struik-lwip-curve-representations]
Struik, R., "Alternative Elliptic Curve Representations", Struik, R., "Alternative Elliptic Curve Representations",
draft-struik-lwip-curve-representations-00 (work in draft-struik-lwip-curve-representations-00 (work in
progress), October 2017. progress), October 2017.
[RFC1558] Howes, T., "A String Representation of LDAP Search [RFC1958] Carpenter, B., Ed., "Architectural Principles of the
Filters", RFC 1558, DOI 10.17487/RFC1558, December 1993, Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996,
<https://www.rfc-editor.org/info/rfc1558>. <https://www.rfc-editor.org/info/rfc1958>.
[RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982,
DOI 10.17487/RFC1982, August 1996, DOI 10.17487/RFC1982, August 1996,
<https://www.rfc-editor.org/info/rfc1982>. <https://www.rfc-editor.org/info/rfc1982>.
[RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with
CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September
2003, <https://www.rfc-editor.org/info/rfc3610>. 2003, <https://www.rfc-editor.org/info/rfc3610>.
[RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener
skipping to change at page 30, line 39 skipping to change at page 31, line 43
[Perlman83] [Perlman83]
Perlman, R., "Fault-Tolerant Broadcast of Routing Perlman, R., "Fault-Tolerant Broadcast of Routing
Information", North-Holland Computer Networks 7: 395-405, Information", North-Holland Computer Networks 7: 395-405,
1983, <http://www.cs.illinois.edu/~pbg/courses/cs598fa09/ 1983, <http://www.cs.illinois.edu/~pbg/courses/cs598fa09/
readings/p83.pdf>. readings/p83.pdf>.
Appendix A. Applicability and Requirements Served Appendix A. Applicability and Requirements Served
This specification extends 6LoWPAN ND to provide a sequence number to This specification extends 6LoWPAN ND to provide a sequence number to
the registration and serves the requirements expressed Appendix B.1 the registration and serves the requirements expressed in
by enabling the mobility of devices from one LLN to the next based on Appendix B.1 by enabling the mobility of devices from one LLN to the
the complementary work in the "IPv6 Backbone Router" next based on the complementary work in the "IPv6 Backbone Router"
[I-D.ietf-6lo-backbone-router] specification. [I-D.ietf-6lo-backbone-router] specification.
In the context of the the TimeSlotted Channel Hopping (TSCH) mode of In the context of the TimeSlotted Channel Hopping (TSCH) mode of IEEE
IEEE Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture"
[I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could [I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could
connect to the Internet via a RPL mesh Network, but this requires connect to the Internet via a RPL mesh Network, but this requires
additions to the 6LoWPAN ND protocol to support mobility and additions to the 6LoWPAN ND protocol to support mobility and
reachability in a secured and manageable environment. This reachability in a secured and manageable environment. This
specification details the new operations that are required to specification details the new operations that are required to
implement the 6TiSCH architecture and serves the requirements listed implement the 6TiSCH architecture and serves the requirements listed
in Appendix B.2. in Appendix B.2.
The term LLN is used loosely in this specification to cover multiple The term LLN is used loosely in this specification to cover multiple
types of WLANs and WPANs, including Low-Power Wi-Fi, BLUETOOTH(R) Low types of WLANs and WPANs, including Low-Power Wi-Fi, BLUETOOTH(R) Low
skipping to change at page 31, line 36 skipping to change at page 32, line 40
packets is not sufficiently efficient in terms of delivery ratio or packets is not sufficiently efficient in terms of delivery ratio or
energy consumption in the end devices, in particular to enable energy consumption in the end devices, in particular to enable
energy-constrained sleeping nodes. The value of such extension is energy-constrained sleeping nodes. The value of such extension is
especially apparent in the case of mobile wireless nodes, to reduce especially apparent in the case of mobile wireless nodes, to reduce
the multicast operations that are related to IPv6 ND ([RFC4861], the multicast operations that are related to IPv6 ND ([RFC4861],
[RFC4862]) and affect the operation of the wireless medium [RFC4862]) and affect the operation of the wireless medium
[I-D.ietf-mboned-ieee802-mcast-problems] [I-D.ietf-mboned-ieee802-mcast-problems]
[I-D.perkins-intarea-multicast-ieee802]. This serves the scalability [I-D.perkins-intarea-multicast-ieee802]. This serves the scalability
requirements listed in Appendix B.6. requirements listed in Appendix B.6.
Finally Appendix B.8 provides a matching of requirements with the
specifications that serves them.
Appendix B. Requirements Appendix B. Requirements
This section lists requirements that were discussed at 6lo for an This section lists requirements that were discussed at 6lo for an
update to 6LoWPAN ND. This specification meets most of them, but update to 6LoWPAN ND. How those requirements are matched with
those listed in Appendix B.5 which are deferred to a different existing specifications at the time of this writing is shown in
specification such as [I-D.ietf-6lo-ap-nd], and those related to Appendix B.8 .
multicast.
B.1. Requirements Related to Mobility B.1. Requirements Related to Mobility
Due to the unstable nature of LLN links, even in a LLN of immobile Due to the unstable nature of LLN links, even in a LLN of immobile
nodes a 6LN may change its point of attachment to a 6LR, say 6LR-a, nodes a 6LN may change its point of attachment to a 6LR, say 6LR-a,
and may not be able to notify 6LR-a. Consequently, 6LR-a may still and may not be able to notify 6LR-a. Consequently, 6LR-a may still
attract traffic that it cannot deliver any more. When links to a 6LR attract traffic that it cannot deliver any more. When links to a 6LR
change state, there is thus a need to identify stale states in a 6LR change state, there is thus a need to identify stale states in a 6LR
and restore reachability in a timely fashion. and restore reachability in a timely fashion.
Req1.1: Upon a change of point of attachment, connectivity via a new Req1.1: Upon a change of point of attachment, connectivity via a new
6LR MUST be restored in a timely fashion without the need to de- 6LR MUST be restored in a timely fashion without the need to de-
register from the previous 6LR. register from the previous 6LR.
Req1.2: For that purpose, the protocol MUST enable to differentiate Req1.2: For that purpose, the protocol MUST enable differentiating
between multiple registrations from one 6LoWPAN Node and between multiple registrations from one 6LoWPAN Node and
registrations from different 6LoWPAN Nodes claiming the same address. registrations from different 6LoWPAN Nodes claiming the same address.
Req1.3: Stale states MUST be cleaned up in 6LRs. Req1.3: Stale states MUST be cleaned up in 6LRs.
Req1.4: A 6LoWPAN Node SHOULD also be capable to register its Address Req1.4: A 6LoWPAN Node SHOULD also be able to register its Address
concurrently to multiple 6LRs. concurrently to multiple 6LRs.
B.2. Requirements Related to Routing Protocols B.2. Requirements Related to Routing Protocols
The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6
routing in a LLN can be based on RPL, which is the routing protocol routing in a LLN can be based on RPL, which is the routing protocol
that was defined at the IETF for this particular purpose. Other that was defined at the IETF for this particular purpose. Other
routing protocols than RPL are also considered by Standard Defining routing protocols are also considered by Standard Development
Organizations (SDO) on the basis of the expected network Organizations (SDO) on the basis of the expected network
characteristics. It is required that a 6LoWPAN Node attached via ND characteristics. It is required that a 6LoWPAN Node attached via ND
to a 6LR would need to participate in the selected routing protocol to a 6LR would need to participate in the selected routing protocol
to obtain reachability via the 6LR. to obtain reachability via the 6LR.
Next to the 6LBR unicast address registered by ND, other addresses Next to the 6LBR unicast address registered by ND, other addresses
including multicast addresses are needed as well. For example a including multicast addresses are needed as well. For example a
routing protocol often uses a multicast address to register changes routing protocol often uses a multicast address to register changes
to established paths. ND needs to register such a multicast address to established paths. ND needs to register such a multicast address
to enable routing concurrently with discovery. to enable routing concurrently with discovery.
Multicast is needed for groups. Groups may be formed by device type Multicast is needed for groups. Groups may be formed by device type
(e.g. routers, street lamps), location (Geography, RPL sub-tree), or (e.g., routers, street lamps), location (Geography, RPL sub-tree), or
both. both.
The Bit Index Explicit Replication (BIER) Architecture [RFC8279] The Bit Index Explicit Replication (BIER) Architecture [RFC8279]
proposes an optimized technique to enable multicast in a LLN with a proposes an optimized technique to enable multicast in a LLN with a
very limited requirement for routing state in the nodes. very limited requirement for routing state in the nodes.
Related requirements are: Related requirements are:
Req2.1: The ND registration method SHOULD be extended so that the 6LR Req2.1: The ND registration method SHOULD be extended so that the 6LR
is able to advertise the Address of a 6LoWPAN Node over the selected is able to advertise the Address of a 6LoWPAN Node over the selected
skipping to change at page 33, line 21 skipping to change at page 34, line 21
Req2.3: Multicast operations SHOULD be supported and optimized, for Req2.3: Multicast operations SHOULD be supported and optimized, for
instance using BIER or MPL. Whether ND is appropriate for the instance using BIER or MPL. Whether ND is appropriate for the
registration to the 6BBR is to be defined, considering the additional registration to the 6BBR is to be defined, considering the additional
burden of supporting the Multicast Listener Discovery Version 2 burden of supporting the Multicast Listener Discovery Version 2
[RFC3810] (MLDv2) for IPv6. [RFC3810] (MLDv2) for IPv6.
B.3. Requirements Related to the Variety of Low-Power Link types B.3. Requirements Related to the Variety of Low-Power Link types
6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4 6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4
and in particular the capability to derive a unique Identifier from a and in particular the capability to derive a unique Identifier from a
globally unique MAC-64 address. At this point, the 6lo Working Group globally unique EUI-64 address. At this point, the 6lo Working Group
is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique
to other link types ITU-T G.9959 [RFC7428], Master-Slave/Token- to other link types ITU-T G.9959 [RFC7428], Master-Slave/Token-
Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field
Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah
[I-D.delcarpio-6lo-wlanah], as well as IEEE1901.2 Narrowband [I-D.delcarpio-6lo-wlanah], as well as IEEE1901.2 Narrowband
Powerline Communication Networks Powerline Communication Networks
[I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] and BLUETOOTH(R) [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] and BLUETOOTH(R)
Low Energy [RFC7668]. Low Energy [RFC7668].
Related requirements are: Related requirements are:
skipping to change at page 33, line 46 skipping to change at page 34, line 46
Low-Power Wi-Fi. Low-Power Wi-Fi.
Req3.2: As part of this extension, a mechanism to compute a unique Req3.2: As part of this extension, a mechanism to compute a unique
Identifier should be provided, with the capability to form a Link- Identifier should be provided, with the capability to form a Link-
Local Address that SHOULD be unique at least within the LLN connected Local Address that SHOULD be unique at least within the LLN connected
to a 6LBR discovered by ND in each node within the LLN. to a 6LBR discovered by ND in each node within the LLN.
Req3.3: The Address Registration Option used in the ND registration Req3.3: The Address Registration Option used in the ND registration
SHOULD be extended to carry the relevant forms of unique Identifier. SHOULD be extended to carry the relevant forms of unique Identifier.
Req3.4: The Neighbour Discovery should specify the formation of a Req3.4: The Neighbor Discovery should specify the formation of a
site-local address that follows the security recommendations from site-local address that follows the security recommendations from
[RFC7217]. [RFC7217].
B.4. Requirements Related to Proxy Operations B.4. Requirements Related to Proxy Operations
Duty-cycled devices may not be able to answer themselves to a lookup Duty-cycled devices may not be able to answer themselves to a lookup
from a node that uses IPv6 ND on a Backbone Link and may need a from a node that uses IPv6 ND on a Backbone Link and may need a
proxy. Additionally, the duty-cycled device may need to rely on the proxy. Additionally, the duty-cycled device may need to rely on the
6LBR to perform registration to the 6BBR. 6LBR to perform registration to the 6BBR.
skipping to change at page 34, line 41 skipping to change at page 35, line 41
In order to guarantee the operations of the 6LoWPAN ND flows, the In order to guarantee the operations of the 6LoWPAN ND flows, the
spoofing of the 6LR, 6LBR and 6BBRs roles should be avoided. Once a spoofing of the 6LR, 6LBR and 6BBRs roles should be avoided. Once a
node successfully registers an address, 6LoWPAN ND should provide node successfully registers an address, 6LoWPAN ND should provide
energy-efficient means for the 6LBR to protect that ownership even energy-efficient means for the 6LBR to protect that ownership even
when the node that registered the address is sleeping. when the node that registered the address is sleeping.
In particular, the 6LR and the 6LBR then should be able to verify In particular, the 6LR and the 6LBR then should be able to verify
whether a subsequent registration for a given address comes from the whether a subsequent registration for a given address comes from the
original node. original node.
In a LLN it makes sense to base security on layer-2 security. During In an LLN it makes sense to base security on layer-2 security.
bootstrap of the LLN, nodes join the network after authorization by a During bootstrap of the LLN, nodes join the network after
Joining Assistant (JA) or a Commissioning Tool (CT). After joining authorization by a Joining Assistant (JA) or a Commissioning Tool
nodes communicate with each other via secured links. The keys for (CT). After joining nodes communicate with each other via secured
the layer-2 security are distributed by the JA/CT. The JA/CT can be links. The keys for the layer-2 security are distributed by the JA/
part of the LLN or be outside the LLN. In both cases it is needed CT. The JA/CT can be part of the LLN or be outside the LLN. In both
that packets are routed between JA/CT and the joining node. cases it is needed that packets are routed between JA/CT and the
joining node.
Related requirements are: Related requirements are:
Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for
the 6LR, 6LBR and 6BBR to authenticate and authorize one another for the 6LR, 6LBR and 6BBR to authenticate and authorize one another for
their respective roles, as well as with the 6LoWPAN Node for the role their respective roles, as well as with the 6LoWPAN Node for the role
of 6LR. of 6LR.
Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for
the 6LR and the 6LBR to validate new registration of authorized the 6LR and the 6LBR to validate new registration of authorized
skipping to change at page 35, line 41 skipping to change at page 36, line 44
for multiple types of applications with various degrees of for multiple types of applications with various degrees of
criticality. criticality.
Req5.8: Routing of packets should continue when links pass from the Req5.8: Routing of packets should continue when links pass from the
unsecured to the secured state. unsecured to the secured state.
Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for
the 6LR and the 6LBR to validate whether a new registration for a the 6LR and the 6LBR to validate whether a new registration for a
given address corresponds to the same 6LoWPAN Node that registered it given address corresponds to the same 6LoWPAN Node that registered it
initially, and, if not, determine the rightful owner, and deny or initially, and, if not, determine the rightful owner, and deny or
clean-up the registration that is duplicate. clean up the registration that is duplicate.
B.6. Requirements Related to Scalability B.6. Requirements Related to Scalability
Use cases from Automatic Meter Reading (AMR, collection tree Use cases from Automatic Meter Reading (AMR, collection tree
operations) and Advanced Metering Infrastructure (AMI, bi-directional operations) and Advanced Metering Infrastructure (AMI, bi-directional
communication to the meters) indicate the needs for a large number of communication to the meters) indicate the needs for a large number of
LLN nodes pertaining to a single RPL DODAG (e.g. 5000) and connected LLN nodes pertaining to a single RPL DODAG (e.g., 5000) and connected
to the 6LBR over a large number of LLN hops (e.g. 15). to the 6LBR over a large number of LLN hops (e.g., 15).
Related requirements are: Related requirements are:
Req6.1: The registration mechanism SHOULD enable a single 6LBR to Req6.1: The registration mechanism SHOULD enable a single 6LBR to
register multiple thousands of devices. register multiple thousands of devices.
Req6.2: The timing of the registration operation should allow for a Req6.2: The timing of the registration operation should allow for a
large latency such as found in LLNs with ten and more hops. large latency such as found in LLNs with ten and more hops.
B.7. Requirements Related to Operations and Management B.7. Requirements Related to Operations and Management
Section 3.8 of "Architectural Principles of the Internet" [RFC1558] Section 3.8 of "Architectural Principles of the Internet" [RFC1958]
recommends to : "avoid options and parameters whenever possible. Any recommends to : "avoid options and parameters whenever possible. Any
options and parameters should be configured or negotiated dynamically options and parameters should be configured or negotiated dynamically
rather than manually". This is especially true in LLNs where the rather than manually". This is especially true in LLNs where the
number of devices may be large and manual configuration is number of devices may be large and manual configuration is
infeasible. Capabilities for a dynamic configuration of LLN devices infeasible. Capabilities for a dynamic configuration of LLN devices
can also be constrained by the network and power limitation. can also be constrained by the network and power limitation.
A Network Administrator should be able to validate that the network A Network Administrator should be able to validate that the network
is operating within capacity, and that in particular a 6LBR does not is operating within capacity, and that in particular a 6LBR does not
get overloaded with an excessive amount of registration, so he can get overloaded with an excessive amount of registration, so he can
skipping to change at page 38, line 20 skipping to change at page 39, line 26
| | | | | |
| Req7.3 | | | Req7.3 | |
| | | | | |
| Req7.4 | | | Req7.4 | |
+-------------+-----------------------------------------+ +-------------+-----------------------------------------+
Table 7: Work Addressing requirements Table 7: Work Addressing requirements
Appendix C. Subset of a 6LoWPAN Glossary Appendix C. Subset of a 6LoWPAN Glossary
This document often uses the followng acronyms: This document often uses the following acronyms:
6BBR: 6LoWPAN Backbone Router (proxy for the registration) 6BBR: 6LoWPAN Backbone Router (proxy for the registration)
6LBR: 6LoWPAN Border Router (authoritative on DAD) 6LBR: 6LoWPAN Border Router (authoritative on DAD)
6LN: 6LoWPAN Node 6LN: 6LoWPAN Node
6LR: 6LoWPAN Router (relay to the registration process) 6LR: 6LoWPAN Router (relay to the registration process)
6CIO: Capability Indication Option 6CIO: Capability Indication Option
(E)ARO: (Extended) Address Registration Option (E)ARO: (Extended) Address Registration Option
DAD: Duplicate Address Detection DAD: Duplicate Address Detection
LLN: Low Power Lossy Network (a typical IoT network) LLN: Low Power Lossy Network (a typical IoT network)
NA: Neighbor Advertisement
NCE: Neighbor Cache Entry NCE: Neighbor Cache Entry
ND: Neighbor Discovery
NDP: Neighbor Discovery Protocol
NS: Neighbor Solicitation
RUID: Registration Unique ID RUID: Registration Unique ID
TSCH: TimeSlotted Channel Hopping TSCH: TimeSlotted Channel Hopping
TID: Transaction ID (a sequence counter in the EARO) TID: Transaction ID (a sequence counter in the EARO)
Authors' Addresses Authors' Addresses
Pascal Thubert (editor) Pascal Thubert (editor)
Cisco Systems, Inc Cisco Systems, Inc
Building D (Regus) 45 Allee des Ormes Building D (Regus) 45 Allee des Ormes
Mougins - Sophia Antipolis Mougins - Sophia Antipolis
France France
Phone: +33 4 97 23 26 34 Phone: +33 4 97 23 26 34
Email: pthubert@cisco.com Email: pthubert@cisco.com
Erik Nordmark Erik Nordmark
Zededa Zededa
Santa Clara, CA Santa Clara, CA
United States of America United States of America
Email: nordmark@sonic.net Email: nordmark@sonic.net
Samita Chakrabarti Samita Chakrabarti
Verizon Verizon
San Jose, CA San Jose, CA
 End of changes. 98 change blocks. 
217 lines changed or deleted 251 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/