draft-ietf-roll-efficient-npdao-12.txt   draft-ietf-roll-efficient-npdao-13.txt 
ROLL R. Jadhav, Ed. ROLL R. Jadhav, Ed.
Internet-Draft Huawei Internet-Draft Huawei
Intended status: Standards Track P. Thubert Intended status: Standards Track P. Thubert
Expires: December 5, 2019 Cisco Expires: January 1, 2020 Cisco
R. Sahoo R. Sahoo
Z. Cao Z. Cao
Huawei Huawei
June 3, 2019 June 30, 2019
Efficient Route Invalidation Efficient Route Invalidation
draft-ietf-roll-efficient-npdao-12 draft-ietf-roll-efficient-npdao-13
Abstract Abstract
This document describes the problems associated with No-Path This document explains the problems associated with the current use
Destination Advertisement Object (NPDAO) messaging used in Routing of NPDAO messaging and also discusses the requirements for an
Protocol for Low power and lossy networks (RPL) for route optimized route invalidation messaging scheme. Further a new
invalidation and signaling changes to improve route invalidation proactive route invalidation message called as "Destination Cleanup
efficiency. Object" (DCO) is specified which fulfills requirements of an
optimized route invalidation messaging.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 5, 2019. This Internet-Draft will expire on January 1, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 15
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements Language and Terminology . . . . . . . . . . 3 1.1. Requirements Language and Terminology . . . . . . . . . . 3
1.2. Current NPDAO messaging . . . . . . . . . . . . . . . . . 4 1.2. Current NPDAO messaging . . . . . . . . . . . . . . . . . 4
1.3. Why NPDAO is important? . . . . . . . . . . . . . . . . . 5 1.3. Why Is NPDAO Important? . . . . . . . . . . . . . . . . . 5
2. Problems with current NPDAO messaging . . . . . . . . . . . . 6 2. Problems with current NPDAO messaging . . . . . . . . . . . . 6
2.1. Lost NPDAO due to link break to the previous parent . . . 6 2.1. Lost NPDAO due to link break to the previous parent . . . 6
2.2. Invalidate routes of dependent nodes . . . . . . . . . . 6 2.2. Invalidate Routes of Dependent Nodes . . . . . . . . . . 6
2.3. Possible route downtime caused by async operation of 2.3. Possible route downtime caused by asynchronous operation
NPDAO and DAO . . . . . . . . . . . . . . . . . . . . . . 6 of NPDAO and DAO . . . . . . . . . . . . . . 6
3. Requirements for the NPDAO Optimization . . . . . . . . . . . 6 3. Requirements for the NPDAO Optimization . . . . . . . . . . . 6
3.1. Req#1: Remove messaging dependency on link to the 3.1. Req#1: Remove messaging dependency on link to the
previous parent . . . . . . . . . . . . . . . . . . . . . 6 previous parent . . . . . . . . . . . . . . . . . . . . . 6
3.2. Req#2: Dependent nodes route invalidation on parent 3.2. Req#2: Dependent nodes route invalidation on parent
switching . . . . . . . . . . . . . . . . . . . . . . . . 7 switching . . . . . . . . . . . . . . . . . . . . . . . . 7
3.3. Req#3: Route invalidation should not impact data traffic 7 3.3. Req#3: Route invalidation should not impact data traffic 7
4. Changes to RPL signaling . . . . . . . . . . . . . . . . . . 7 4. Changes to RPL signaling . . . . . . . . . . . . . . . . . . 7
4.1. Change in RPL route invalidation semantics . . . . . . . 7 4.1. Change in RPL route invalidation semantics . . . . . . . 7
4.2. Transit Information Option changes . . . . . . . . . . . 8 4.2. Transit Information Option changes . . . . . . . . . . . 8
4.3. Destination Cleanup Object (DCO) . . . . . . . . . . . . 9 4.3. Destination Cleanup Object (DCO) . . . . . . . . . . . . 9
4.3.1. Secure DCO . . . . . . . . . . . . . . . . . . . . . 10 4.3.1. Secure DCO . . . . . . . . . . . . . . . . . . . . . 10
4.3.2. DCO Options . . . . . . . . . . . . . . . . . . . . . 10 4.3.2. DCO Options . . . . . . . . . . . . . . . . . . . . . 10
4.3.3. Path Sequence number in the DCO . . . . . . . . . . . 10 4.3.3. Path Sequence number in the DCO . . . . . . . . . . . 10
4.3.4. Destination Cleanup Option Acknowledgment (DCO-ACK) . 10 4.3.4. Destination Cleanup Option Acknowledgment (DCO-ACK) . 11
4.3.5. Secure DCO-ACK . . . . . . . . . . . . . . . . . . . 11 4.3.5. Secure DCO-ACK . . . . . . . . . . . . . . . . . . . 12
4.4. DCO Base Rules . . . . . . . . . . . . . . . . . . . . . 12 4.4. DCO Base Rules . . . . . . . . . . . . . . . . . . . . . 12
4.5. Unsolicited DCO . . . . . . . . . . . . . . . . . . . . . 12 4.5. Unsolicited DCO . . . . . . . . . . . . . . . . . . . . . 12
4.6. Other considerations . . . . . . . . . . . . . . . . . . 13 4.6. Other considerations . . . . . . . . . . . . . . . . . . 13
4.6.1. Dependent Nodes invalidation . . . . . . . . . . . . 13 4.6.1. Dependent Nodes invalidation . . . . . . . . . . . . 13
4.6.2. NPDAO and DCO in the same network . . . . . . . . . . 13 4.6.2. NPDAO and DCO in the same network . . . . . . . . . . 13
4.6.3. DCO with multiple preferred parents . . . . . . . . . 14 4.6.3. DCO with multiple preferred parents . . . . . . . . . 14
5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 14 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
6.1. New Registry for the Destination Cleanup Object (DCO) 6.1. New Registry for the Destination Cleanup Object (DCO)
Flags . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Flags . . . . . . . . . . . . . . . . . . . . . . . . . . 15
6.2. New Registry for the Destination Cleanup Object 6.2. New Registry for the Destination Cleanup Object
Acknowledgment (DCO-ACK) Status field . . . . . . . . . . 16 Acknowledgment (DCO-ACK) Status field . . . . . . . . . . 16
6.3. New Registry for the Destination Cleanup Object (DCO) 6.3. New Registry for the Destination Cleanup Object (DCO)
Acknowledgment Flags . . . . . . . . . . . . . . . . . . 16 Acknowledgment Flags . . . . . . . . . . . . . . . . . . 16
7. Security Considerations . . . . . . . . . . . . . . . . . . . 17 7. Security Considerations . . . . . . . . . . . . . . . . . . . 17
8. Normative References . . . . . . . . . . . . . . . . . . . . 18 8. Normative References . . . . . . . . . . . . . . . . . . . . 18
Appendix A. Example Messaging . . . . . . . . . . . . . . . . . 18 Appendix A. Example Messaging . . . . . . . . . . . . . . . . . 18
A.1. Example DCO Messaging . . . . . . . . . . . . . . . . . . 18 A.1. Example DCO Messaging . . . . . . . . . . . . . . . . . . 19
A.2. Example DCO Messaging with multiple preferred parents . . 19 A.2. Example DCO Messaging with multiple preferred parents . . 20
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction 1. Introduction
RPL [RFC6550] (Routing Protocol for Low power and lossy networks) RPL [RFC6550] (Routing Protocol for Low power and lossy networks)
specifies a proactive distance-vector based routing scheme. RPL has specifies a proactive distance-vector based routing scheme. RPL has
an optional messaging in the form of DAO (Destination Advertisement optional messaging in the form of DAO (Destination Advertisement
Object) messages, which the 6LBR (6Lo Border Router) and 6LR (6Lo Object) messages, which the 6LBR (6Lo Border Router) and 6LR (6Lo
Router) can use to learn a route towards the downstream nodes. In Router) can use to learn a route towards the downstream nodes. In
storing mode, DAO messages would result in routing entries being storing mode, DAO messages would result in routing entries being
created on all intermediate 6LRs from the node's parent all the way created on all intermediate 6LRs from the node's parent all the way
towards the 6LBR. towards the 6LBR.
RPL allows the use of No-Path DAO (NPDAO) messaging to invalidate a RPL allows the use of No-Path DAO (NPDAO) messaging to invalidate a
routing path corresponding to the given target, thus releasing routing path corresponding to the given target, thus releasing
resources utilized on that path. A NPDAO is a DAO message with route resources utilized on that path. A NPDAO is a DAO message with route
lifetime of zero, originates at the target node and always flows lifetime of zero, originates at the target node and always flows
upstream towards the 6LBR. This document explains the problems upstream towards the 6LBR. This document explains the problems
associated with the current use of NPDAO messaging and also discusses associated with the current use of NPDAO messaging and also discusses
the requirements for an optimized route invalidation messaging the requirements for an optimized route invalidation messaging
scheme. Further a new pro-active route invalidation message called scheme. Further a new proactive route invalidation message called as
as "Destination Cleanup Object" (DCO) is specified which fulfills "Destination Cleanup Object" (DCO) is specified which fulfills
requirements of an optimized route invalidation messaging. requirements of an optimized route invalidation messaging.
The document only caters to the RPL's storing mode of operation The document only caters to the RPL's storing mode of operation
(MOP). The non-storing MOP does not require use of NPDAO for route (MOP). The non-storing MOP does not require use of NPDAO for route
invalidation since routing entries are not maintained on 6LRs. invalidation since routing entries are not maintained on 6LRs.
1.1. Requirements Language and Terminology 1.1. Requirements Language and Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
This specification requires readers to be familiar with all the terms This specification requires readers to be familiar with all the terms
and concepts that are discussed in "RPL: IPv6 Routing Protocol for and concepts that are discussed in "RPL: IPv6 Routing Protocol for
Low-Power and Lossy Networks" [RFC6550]. Low-Power and Lossy Networks" [RFC6550].
Low Power and Lossy Networks (LLN):
Network in which both the routers and their interconnect are
constrained. LLN routers typically operate with constraints on
processing power, memory, and energy (batter power). Their
interconnects are characterized by high loss rates, low data
rates, and instability.
6LoWPAN Router (6LR): 6LoWPAN Router (6LR):
An intermediate router that is able to send and receive Router An intermediate router that is able to send and receive Router
Advertisements (RAs) and Router Solicitations (RSs) as well as Advertisements (RAs) and Router Solicitations (RSs) as well as
forward and route IPv6 packets. forward and route IPv6 packets.
Directed Acyclic Graph (DAG): Directed Acyclic Graph (DAG):
A directed graph having the property that all edges are oriented A directed graph having the property that all edges are oriented
in such a way that no cycles exist. in such a way that no cycles exist.
Destination-Oriented DAG (DODAG): Destination-Oriented DAG (DODAG):
A DAG rooted at a single destination, i.e., at a single DAG root A DAG rooted at a single destination, i.e., at a single DAG root
with no outgoing edges. with no outgoing edges.
6LoWPAN Border Router (6LBR): 6LoWPAN Border Router (6LBR):
A border router which is a DODAG root and is the edge node for A border router which is a DODAG root and is the edge node for
traffic flowing in and out of the 6LoWPAN network. traffic flowing in and out of the 6LoWPAN network.
Destination Advertisement Object (DAO): Destination Advertisement Object (DAO):
DAO messaging allows downstream routes to the nodes to be DAO messaging allows downstream routes to the nodes to be
skipping to change at page 4, line 26 skipping to change at page 4, line 32
DODAG Information Object (DIO): DODAG Information Object (DIO):
DIO messaging allows upstream routes to the 6LBR to be DIO messaging allows upstream routes to the 6LBR to be
established. DIO messaging is initiated at the DAO root. established. DIO messaging is initiated at the DAO root.
Common Ancestor node Common Ancestor node
6LR/6LBR node which is the first common node between two paths of 6LR/6LBR node which is the first common node between two paths of
a target node. a target node.
No-Path DAO (NPDAO): No-Path DAO (NPDAO):
A DAO message which has target with lifetime 0 used for the A DAO message which has target with lifetime 0 used for the
purpose of route invalidation. purpose of route invalidation.
Destination Cleanup Object (DCO): Destination Cleanup Object (DCO):
A new RPL control message type defined by this document. DCO A new RPL control message code defined by this document. DCO
messaging improves proactive route invalidation in RPL. messaging improves proactive route invalidation in RPL.
Regular DAO: Regular DAO:
A DAO message with non-zero lifetime. Routing adjacencies are A DAO message with non-zero lifetime. Routing adjacencies are
created or updated based on this message. created or updated based on this message.
Target node: Target node:
The node switching its parent whose routing adjacencies are The node switching its parent whose routing adjacencies are
updated (created/removed). updated (created/removed).
1.2. Current NPDAO messaging 1.2. Current NPDAO messaging
RPL uses NPDAO messaging in the storing mode so that the node RPL uses NPDAO messaging in the storing mode so that the node
changing it routing adjacencies can invalidate the previous route. changing its routing adjacencies can invalidate the previous route.
This is needed so that nodes along the previous path can release any This is needed so that nodes along the previous path can release any
resources (such as the routing entry) it maintains on behalf of resources (such as the routing entry) they maintain on behalf of
target node. target node.
For the rest of this document consider the following topology: For the rest of this document consider the following topology:
(6LBR) (6LBR)
| |
| |
| |
(A) (A)
/ \ / \
skipping to change at page 5, line 34 skipping to change at page 5, line 34
/ \ / \
(E) (F) (E) (F)
Figure 1: Sample topology Figure 1: Sample topology
Node (D) is connected via preferred parent (B). (D) has an alternate Node (D) is connected via preferred parent (B). (D) has an alternate
path via (C) towards the 6LBR. Node (A) is the common ancestor for path via (C) towards the 6LBR. Node (A) is the common ancestor for
(D) for paths through (B)-(G) and (C)-(H). When (D) switches from (D) for paths through (B)-(G) and (C)-(H). When (D) switches from
(B) to (C), RPL allows sending NPDAO to (B) and regular DAO to (C). (B) to (C), RPL allows sending NPDAO to (B) and regular DAO to (C).
1.3. Why NPDAO is important? 1.3. Why Is NPDAO Important?
Nodes in LLNs may be resource constrained. There is limited memory Nodes in LLNs may be resource constrained. There is limited memory
available and routing entry records are one of the primary elements available and routing entry records are one of the primary elements
occupying dynamic memory in the nodes. Route invalidation helps 6LR occupying dynamic memory in the nodes. Route invalidation helps 6LR
nodes to decide which entries could be discarded to better achieve nodes to decide which entries could be discarded to better optimize
resource utilization. Thus it becomes necessary to have an efficient resource utilization. Thus it becomes necessary to have an efficient
route invalidation mechanism. Also note that a single parent switch route invalidation mechanism. Also note that a single parent switch
may result in a "sub-tree" switching from one parent to another. may result in a "sub-tree" switching from one parent to another.
Thus the route invalidation needs to be done on behalf of the sub- Thus the route invalidation needs to be done on behalf of the sub-
tree and not the switching node alone. In the above example, when tree and not the switching node alone. In the above example, when
Node (D) switches parent, the route updates needs to be done for the Node (D) switches parent, the route updates needs to be done for the
routing tables entries of (C),(H),(A),(G), and (B) with destination routing tables entries of (C),(H),(A),(G), and (B) with destination
(D),(E) and (F). Without efficient route invalidation, a 6LR may (D),(E) and (F). Without efficient route invalidation, a 6LR may
have to hold a lot of stale route entries. have to hold a lot of stale route entries.
2. Problems with current NPDAO messaging 2. Problems with current NPDAO messaging
2.1. Lost NPDAO due to link break to the previous parent 2.1. Lost NPDAO due to link break to the previous parent
When a node switches its parent, the NPDAO is to be sent to its When a node switches its parent, the NPDAO is to be sent to its
previous parent and a regular DAO to its new parent. In cases where previous parent and a regular DAO to its new parent. In cases where
the node switches its parent because of transient or permanent parent the node switches its parent because of transient or permanent parent
link/node failure then the NPDAO message is bound to fail. link/node failure then the NPDAO message is bound to fail.
2.2. Invalidate routes of dependent nodes 2.2. Invalidate Routes of Dependent Nodes
RPL does not specify how route invalidation will work for dependent RPL does not specify how route invalidation will work for dependent
nodes rooted at the switching node, resulting in stale routing nodes rooted at the switching node, resulting in stale routing
entries of the dependent nodes. The only way for 6LR to invalidate entries of the dependent nodes. The only way for 6LR to invalidate
the route entries for dependent nodes would be to use route lifetime the route entries for dependent nodes would be to use route lifetime
expiry which could be substantially high for LLNs. expiry which could be substantially high for LLNs.
In the example topology, when Node (D) switches its parent, Node (D) In the example topology, when Node (D) switches its parent, Node (D)
generates an NPDAO on its behalf. There is no NPDAO generated by the generates an NPDAO on its behalf. There is no NPDAO generated by the
dependent child nodes (E) and (F), through the previous path via (D) dependent child nodes (E) and (F), through the previous path via (D)
to (B) and (G), resulting in stale entries on nodes (B) and (G) for to (B) and (G), resulting in stale entries on nodes (B) and (G) for
nodes (E) and (F). nodes (E) and (F).
2.3. Possible route downtime caused by async operation of NPDAO and DAO 2.3. Possible route downtime caused by asynchronous operation of NPDAO
and DAO
A switching node may generate both an NPDAO and DAO via two different A switching node may generate both an NPDAO and DAO via two different
paths at almost the same time. There is a possibility that an NPDAO paths at almost the same time. There is a possibility that an NPDAO
generated may invalidate the previous route and the regular DAO sent generated may invalidate the previous route and the regular DAO sent
via the new path gets lost on the way. This may result in route via the new path gets lost on the way. This may result in route
downtime impacting downward traffic for the switching node. downtime impacting downward traffic for the switching node.
In the example topology, consider Node (D) switches from parent (B) In the example topology, consider Node (D) switches from parent (B)
to (C). An NPDAO sent via the previous route may invalidate the to (C). An NPDAO sent via the previous route may invalidate the
previous route whereas there is no way to determine whether the new previous route whereas there is no way to determine whether the new
skipping to change at page 7, line 26 skipping to change at page 7, line 26
Therefore, it is desirable that the route invalidation is Therefore, it is desirable that the route invalidation is
synchronized with the DAO to avoid the risk of route downtime. synchronized with the DAO to avoid the risk of route downtime.
4. Changes to RPL signaling 4. Changes to RPL signaling
4.1. Change in RPL route invalidation semantics 4.1. Change in RPL route invalidation semantics
As described in Section 1.2, the NPDAO originates at the node As described in Section 1.2, the NPDAO originates at the node
changing to a new parent and traverses upstream towards the root. In changing to a new parent and traverses upstream towards the root. In
order to solve the problems as mentioned in Section 2, the document order to solve the problems as mentioned in Section 2, the document
adds a new pro-active route invalidation message called "Destination adds a new proactive route invalidation message called "Destination
Cleanup Object" (DCO) that originates at a common ancestor node and Cleanup Object" (DCO) that originates at a common ancestor node and
flows downstream between the new and old path. The common ancestor flows downstream between the new and old path. The common ancestor
node generates a DCO in response to the change in the next-hop on node generates a DCO in response to the change in the next-hop on
receiving a regular DAO with updated Path Sequence for the target. receiving a regular DAO with updated Path Sequence for the target.
The 6LRs in the path for DCO take action such as route invalidation The 6LRs in the path for DCO take action such as route invalidation
based on the DCO information and subsequently send another DCO with based on the DCO information and subsequently send another DCO with
the same information downstream to the next hop. This operation is the same information downstream to the next hop. This operation is
similar to how the DAOs are handled on intermediate 6LRs in storing similar to how the DAOs are handled on intermediate 6LRs in storing
MOP in [RFC6550]. Just like DAO in storing MOP, the DCO is sent MOP in [RFC6550]. Just like DAO in storing MOP, the DCO is sent
using link-local unicast source and destination IPv6 address. Unlike using link-local unicast source and destination IPv6 address. Unlike
DAO, which always travels upstream, the DCO always travels DAO, which always travels upstream, the DCO always travels
downstream. downstream.
In Figure 1, when node D decides to switch the path from B to C, it In Figure 1, when node D decides to switch the path from B to C, it
sends a regular DAO to node C with reachability information sends a regular DAO to node C with reachability information
containing target as address of D and an incremented Path Sequence. containing the address of D as the target and an incremented Path
Node C will update the routing table based on the reachability Sequence. Node C will update the routing table based on the
information in the DAO and in turn generate another DAO with the same reachability information in the DAO and in turn generate another DAO
reachability information and forward it to H. Node H also follows with the same reachability information and forward it to H. Node H
the same procedure as Node C and forwards it to node A. When node A also follows the same procedure as Node C and forwards it to node A.
receives the regular DAO, it finds that it already has a routing When node A receives the regular DAO, it finds that it already has a
table entry on behalf of the target address of node D. It finds routing table entry on behalf of the target address of node D. It
however that the next hop information for reaching node D has changed finds however that the next hop information for reaching node D has
i.e., node D has decided to change the paths. In this case, Node A changed i.e., node D has decided to change the paths. In this case,
which is the common ancestor node for node D along the two paths Node A which is the common ancestor node for node D along the two
(previous and new), should generate a DCO which traverses downwards paths (previous and new), should generate a DCO which traverses
in the network. downwards in the network. Node A handles normal DAO forwarding to
6LBR as required by [RFC6550].
4.2. Transit Information Option changes 4.2. Transit Information Option changes
Every RPL message is divided into base message fields and additional Every RPL message is divided into base message fields and additional
Options as described in Section 6 of [RFC6550]. The base fields Options as described in Section 6 of [RFC6550]. The base fields
apply to the message as a whole and options are appended to add apply to the message as a whole and options are appended to add
message/use-case specific attributes. As an example, a DAO message message/use-case specific attributes. As an example, a DAO message
may be attributed by one or more "RPL Target" options which specify may be attributed by one or more "RPL Target" options which specify
the reachability information for the given targets. Similarly, a the reachability information for the given targets. Similarly, a
Transit Information option may be associated with a set of RPL Target Transit Information option may be associated with a set of RPL Target
options. options.
This document specifies a change in the Transit Information Option to This document specifies a change in the Transit Information Option to
contain the "Invalidate previous route" (I) flag. This I-flag contain the "Invalidate previous route" (I) flag. This I-flag
signals the common ancestor node to generate a DCO on behalf of the signals the common ancestor node to generate a DCO on behalf of the
target node. The I-flag is carried in the Transit Information Option target node. The I-flag is carried in the Transit Information Option
which augments the reachability information for a given set of RPL which augments the reachability information for a given set of RPL
Target(s). Transit Information Option should be carried in the DAO Target(s). Transit Information Option with I-flag set should be
message with I-flag set in case route invalidation is sought for the carried in the DAO message when route invalidation is sought for the
corresponding target(s). corresponding target(s).
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type = 0x06 | Option Length |E|I| Flags | Path Control | | Type = 0x06 | Option Length |E|I| Flags | Path Control |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Path Sequence | Path Lifetime | | Path Sequence | Path Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Updated Transit Information Option (New I flag added) Figure 2: Updated Transit Information Option (New I flag added)
I (Invalidate previous route) flag: The 'I' flag is set by the target I (Invalidate previous route) flag: The 'I' flag is set by the target
node to indicate to the common ancestor node that it wishes to node to indicate to the common ancestor node that it wishes to
invalidate any previous route between the two paths. invalidate any previous route between the two paths.
[RFC6550] allows parent address to be sent in the Transit Information [RFC6550] allows the parent address to be sent in the Transit
Option depending on the mode of operation. In case of storing mode Information Option depending on the mode of operation. In case of
of operation the field is usually not needed. In case of DCO, the storing mode of operation the field is usually not needed. In case
parent address field MUST NOT be included. of DCO, the parent address field MUST NOT be included.
The common ancestor node SHOULD generate a DCO message in response to The common ancestor node SHOULD generate a DCO message in response to
this I-flag when it sees that the routing adjacencies have changed this I-flag when it sees that the routing adjacencies have changed
for the target. I-flag governs the ownership of the DCO message in a for the target. The I-flag is intended to give the target node
way that the target node is still in control of its own route control over its own route invalidation, serving as a signal to
invalidation. request DCO generation.
4.3. Destination Cleanup Object (DCO) 4.3. Destination Cleanup Object (DCO)
A new ICMPv6 RPL control message type is defined by this A new ICMPv6 RPL control message code is defined by this
specification called as "Destination Cleanup Object" (DCO), which is specification and is referred to as "Destination Cleanup Object"
used for proactive cleanup of state and routing information held on (DCO), which is used for proactive cleanup of state and routing
behalf of the target node by 6LRs. The DCO message always traverses information held on behalf of the target node by 6LRs. The DCO
downstream and cleans up route information and other state message always traverses downstream and cleans up route information
information associated with the given target. and other state information associated with the given target.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RPLInstanceID |K|D| Flags | Reserved | DCOSequence | | RPLInstanceID |K|D| Flags | Reserved | DCOSequence |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ + + +
| | | |
+ DODAGID(optional) + + DODAGID(optional) +
skipping to change at page 9, line 39 skipping to change at page 9, line 39
Figure 3: DCO base object Figure 3: DCO base object
RPLInstanceID: 8-bit field indicating the topology instance RPLInstanceID: 8-bit field indicating the topology instance
associated with the DODAG, as learned from the DIO. associated with the DODAG, as learned from the DIO.
K: The 'K' flag indicates that the recipient of DCO message is K: The 'K' flag indicates that the recipient of DCO message is
expected to send a DCO-ACK back. If the DCO-ACK is not received even expected to send a DCO-ACK back. If the DCO-ACK is not received even
after setting the 'K' flag, an implementation may retry the DCO at a after setting the 'K' flag, an implementation may retry the DCO at a
later time. The number of retries are implementation and deployment later time. The number of retries are implementation and deployment
dependent. A node receiving a DCO message without the 'K' flag set dependent and are expected to be kept similar with those used in DAO
MAY respond with a DCO-ACK, especially to report an error condition. retries in [RFC6550]. A node receiving a DCO message without the 'K'
An example error condition could be that the node sending the DCO-ACK flag set MAY respond with a DCO-ACK, especially to report an error
does not find the routing entry for the indicated target. condition. An example error condition could be that the node sending
the DCO-ACK does not find the routing entry for the indicated target.
When the sender does not set the 'K' flag it is an indication that
the sender does not expect a response, and the sender SHOULD NOT
retry the DCO.
D: The 'D' flag indicates that the DODAGID field is present. This D: The 'D' flag indicates that the DODAGID field is present. This
flag MUST be set when a local RPLInstanceID is used. flag MUST be set when a local RPLInstanceID is used.
Flags: The 6 bits remaining unused in the Flags field are reserved Flags: The 6 bits remaining unused in the Flags field are reserved
for future use. These bits MUST be initialized to zero by the sender for future use. These bits MUST be initialized to zero by the sender
and MUST be ignored by the receiver. and MUST be ignored by the receiver.
Reserved: 8-bit unused field. The field MUST be initialized to zero Reserved: 8-bit unused field. The field MUST be initialized to zero
by the sender and MUST be ignored by the receiver. by the sender and MUST be ignored by the receiver.
DCOSequence: Incremented at each unique DCO message from a node and DCOSequence: 8-bit field incremented at each unique DCO message from
echoed in the DCO-ACK message. The initial DCOSequence can be chosen a node and echoed in the DCO-ACK message. The initial DCOSequence
randomly by the node. can be chosen randomly by the node. Section 4.4 explains the
handling of the DCOSequence.
DODAGID (optional): 128-bit unsigned integer set by a DODAG root that DODAGID (optional): 128-bit unsigned integer set by a DODAG root that
uniquely identifies a DODAG. This field MUST be present when the 'D' uniquely identifies a DODAG. This field MUST be present when the 'D'
flag is set. DODAGID is used when a local RPLInstanceID is in use, flag is set and MUST NOT be present if 'D' flag is not set. DODAGID
in order to identify the DODAGID that is associated with the is used when a local RPLInstanceID is in use, in order to identify
RPLInstanceID. the DODAGID that is associated with the RPLInstanceID.
4.3.1. Secure DCO 4.3.1. Secure DCO
A Secure DCO message follows the format in [RFC6550] Figure 7, where A Secure DCO message follows the format in [RFC6550] Figure 7, where
the base message format is the DCO message shown in Figure 3. the base message format is the DCO message shown in Figure 3.
4.3.2. DCO Options 4.3.2. DCO Options
The DCO message MUST carry at least one RPL Target and the Transit The DCO message MUST carry at least one RPL Target and the Transit
Information Option and MAY carry other valid options. This Information Option and MAY carry other valid options. This
specification allows for the DCO message to carry the following specification allows for the DCO message to carry the following
options: options:
0x00 Pad1 0x00 Pad1
0x01 PadN 0x01 PadN
0x05 RPL Target 0x05 RPL Target
0x06 Transit Information 0x06 Transit Information
0x09 RPL Target Descriptor 0x09 RPL Target Descriptor
Section 6.7 of [RFC6550] defines all the above mentioned options.
The DCO carries an RPL Target Option and an associated Transit The DCO carries an RPL Target Option and an associated Transit
Information Option with a lifetime of 0x00000000 to indicate a loss Information Option with a lifetime of 0x00000000 to indicate a loss
of reachability to that Target. of reachability to that Target.
4.3.3. Path Sequence number in the DCO 4.3.3. Path Sequence number in the DCO
A DCO message may contain a Path Sequence in the Transit Information A DCO message may contain a Path Sequence in the Transit Information
Option to identify the freshness of the DCO message. The Path Option to identify the freshness of the DCO message. The Path
Sequence in the DCO MUST use the same Path Sequence number present in Sequence in the DCO MUST use the same Path Sequence number present in
the regular DAO message when the DCO is generated in response to a the regular DAO message when the DCO is generated in response to a
DAO message. Thus if a DCO is received by a 6LR and subsequently a DAO message. Thus if a DCO is received by a 6LR and subsequently a
DAO is received with an old seqeunce number, then the DAO MUST be DAO is received with an old sequence number, then the DAO MUST be
ignored. ignored. When the DCO is generated in response to a DCO from
upstream parent, the Path Sequence MUST be copied from the received
DCO.
4.3.4. Destination Cleanup Option Acknowledgment (DCO-ACK) 4.3.4. Destination Cleanup Option Acknowledgment (DCO-ACK)
The DCO-ACK message SHOULD be sent as a unicast packet by a DCO The DCO-ACK message SHOULD be sent as a unicast packet by a DCO
recipient in response to a unicast DCO message with 'K' flag set. If recipient in response to a unicast DCO message with 'K' flag set. If
'K' flag is not set then the receiver of the DCO message MAY send a 'K' flag is not set then the receiver of the DCO message MAY send a
DCO-ACK to signal an error condition. DCO-ACK, especially to report an error condition.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RPLInstanceID |D| Reserved | DCOSequence | Status | | RPLInstanceID |D| Flags | DCOSequence | Status |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
+ + + +
| | | |
+ DODAGID(optional) + + DODAGID(optional) +
| | | |
+ + + +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: DCO-ACK base object Figure 4: DCO-ACK base object
RPLInstanceID: 8-bit field indicating the topology instance RPLInstanceID: 8-bit field indicating the topology instance
associated with the DODAG, as learned from the DIO. associated with the DODAG, as learned from the DIO.
D: The 'D' flag indicates that the DODAGID field is present. This D: The 'D' flag indicates that the DODAGID field is present. This
flag MUST be set when a local RPLInstanceID is used. flag MUST be set when a local RPLInstanceID is used.
Reserved: 7-bit unused field. The field MUST be initialized to zero Flags: 7-bit unused field. The field MUST be initialized to zero by
by the sender and MUST be ignored by the receiver. the sender and MUST be ignored by the receiver.
DCOSequence: The DCOSequence in DCO-ACK is copied from the DCOSequence: 8-bit field. The DCOSequence in DCO-ACK is copied from
DCOSequence received in the DCO message. the DCOSequence received in the DCO message.
Status: Indicates the completion. Status 0 is defined as unqualified Status: Indicates the completion. Status 0 is defined as unqualified
acceptance in this specification. Status 1 is defined as "No acceptance in this specification. Status 1 is defined as "No
routing-entry for the Target found". The remaining status values are routing-entry for the Target found". The remaining status values are
reserved as rejection codes. reserved as rejection codes.
DODAGID (optional): 128-bit unsigned integer set by a DODAG root that DODAGID (optional): 128-bit unsigned integer set by a DODAG root that
uniquely identifies a DODAG. This field MUST be present when the 'D' uniquely identifies a DODAG. This field MUST be present when the 'D'
flag is set. DODAGID is used when a local RPLInstanceID is in use, flag is set and MUST NOT be present when 'D' flag is not set.
in order to identify the DODAGID that is associated with the
RPLInstanceID. DODAGID is used when a local RPLInstanceID is in use, in order to
identify the DODAGID that is associated with the RPLInstanceID.
4.3.5. Secure DCO-ACK 4.3.5. Secure DCO-ACK
A Secure DCO-ACK message follows the format in [RFC6550] Figure 7, A Secure DCO-ACK message follows the format in [RFC6550] Figure 7,
where the base message format is the DCO-ACK message shown in where the base message format is the DCO-ACK message shown in
Figure 4. Figure 4.
4.4. DCO Base Rules 4.4. DCO Base Rules
1. If a node sends a DCO message with newer or different information 1. If a node sends a DCO message with newer or different information
than the prior DCO message transmission, it MUST increment the than the prior DCO message transmission, it MUST increment the
DCOSequence field by at least one. A DCO message transmission DCOSequence field by at least one. A DCO message transmission
that is identical to the prior DCO message transmission MAY that is identical to the prior DCO message transmission MAY
increment the DCOSequence field. increment the DCOSequence field. The DCOSequence counter follows
the sequence counter operation as defined in Section 7.2 of
[RFC6550].
2. The RPLInstanceID and DODAGID fields of a DCO message MUST be the 2. The RPLInstanceID and DODAGID fields of a DCO message MUST be the
same value as that of the DAO message in response to which the same value as that of the DAO message in response to which the
DCO is generated on the common ancestor node. DCO is generated on the common ancestor node.
3. A node MAY set the 'K' flag in a unicast DCO message to solicit a 3. A node MAY set the 'K' flag in a unicast DCO message to solicit a
unicast DCO-ACK in response in order to confirm the attempt. unicast DCO-ACK in response in order to confirm the attempt.
4. A node receiving a unicast DCO message with the 'K' flag set 4. A node receiving a unicast DCO message with the 'K' flag set
SHOULD respond with a DCO-ACK. A node receiving a DCO message SHOULD respond with a DCO-ACK. A node receiving a DCO message
without the 'K' flag set MAY respond with a DCO-ACK, especially without the 'K' flag set MAY respond with a DCO-ACK, especially
to report an error condition. to report an error condition.
5. A node receiving a unicast DCO message MUST verify the stored 5. A node receiving a unicast DCO message MUST verify the stored
Path Sequence in context to the given target. If the stored Path Path Sequence in context to the given target. If the stored Path
Sequence is more fresh i.e., newer than the Path Sequence Sequence is more fresh, newer than the Path Sequence received in
received in the DCO, then the DCO MUST be dropped. the DCO, then the DCO MUST be dropped.
6. A node that sets the 'K' flag in a unicast DCO message but does 6. A node that sets the 'K' flag in a unicast DCO message but does
not receive DCO-ACK in response MAY reschedule the DCO message not receive DCO-ACK in response MAY reschedule the DCO message
transmission for another attempt, up until an implementation transmission for another attempt, up until an implementation
specific number of retries. specific number of retries.
7. A node receiving a unicast DCO message with its own address in 7. A node receiving a unicast DCO message with its own address in
the RPL Target Option MUST strip-off that Target Option. If this the RPL Target Option MUST strip-off that Target Option. If this
Target Option is the only one in the DCO message then the DCO Target Option is the only one in the DCO message then the DCO
message MUST be dropped. message MUST be dropped.
The scope of DCOSequence values is unique to each node. The scope of DCOSequence values is unique to the node which generates
it.
4.5. Unsolicited DCO 4.5. Unsolicited DCO
A 6LR may generate an unsolicited DCO to unilaterally cleanup the A 6LR may generate an unsolicited DCO to unilaterally cleanup the
path on behalf of the target entry. The 6LR has all the state path on behalf of the target entry. The 6LR has all the state
information namely, the Target address and the Path Sequence, information, namely, the Target address and the Path Sequence,
required for generating DCO in its routing table. The conditions why required for generating DCO in its routing table. The conditions why
6LR may generate an unsolicited DCO are beyond the scope of this 6LR may generate an unsolicited DCO are beyond the scope of this
document but some possible reasons could be: document but some possible reasons could be:
1. On route expiry of an entry, a 6LR may decide to graciously 1. On route expiry of an entry, a 6LR may decide to graciously
cleanup the entry by initiating DCO. cleanup the entry by initiating DCO.
2. 6LR needs to entertain higher priority entries in case the 2. 6LR needs to entertain higher priority entries in case the
routing table is full thus resulting in an eviction of existing routing table is full, thus resulting in eviction of an existing
routing entry. In this case the eviction can be handled routing entry. In this case the eviction can be handled
graciously using DCO. graciously using DCO.
Note that if the 6LR initiates a unilateral path cleanup using DCO Note that if the 6LR initiates a unilateral path cleanup using DCO
and if it has the latest state for the target then the DCO would and if it has the latest state for the target then the DCO would
finally reach the target node. Thus the target node would be finally reach the target node. Thus the target node would be
informed of its invalidation. informed of its invalidation.
4.6. Other considerations 4.6. Other considerations
skipping to change at page 13, line 23 skipping to change at page 13, line 33
Current RPL [RFC6550] does not provide a mechanism for route Current RPL [RFC6550] does not provide a mechanism for route
invalidation for dependent nodes. This document allows the dependent invalidation for dependent nodes. This document allows the dependent
nodes invalidation. Dependent nodes will generate their respective nodes invalidation. Dependent nodes will generate their respective
DAOs to update their paths, and the previous route invalidation for DAOs to update their paths, and the previous route invalidation for
those nodes should work in the similar manner described for switching those nodes should work in the similar manner described for switching
node. The dependent node may set the I-flag in the Transit node. The dependent node may set the I-flag in the Transit
Information Option as part of regular DAO so as to request Information Option as part of regular DAO so as to request
invalidation of previous route from the common ancestor node. invalidation of previous route from the common ancestor node.
Dependent nodes do not have any indication regarding if any of its Dependent nodes do not have any indication regarding if any of their
parent nodes in turn have decided to switch their parent. Thus for parents in turn have decided to switch their parent. Thus for route
route invalidation the dependent nodes may choose to always set the invalidation the dependent nodes may choose to always set the 'I'
'I' flag in all its DAO message's Transit Information Option. Note flag in all its DAO message's Transit Information Option. Note that
that setting the I-flag is not counter productive even if there is no setting the I-flag is not counterproductive even if there is no
previous route to be invalidated. previous route to be invalidated.
4.6.2. NPDAO and DCO in the same network 4.6.2. NPDAO and DCO in the same network
Even with the changed semantics, the current NPDAO mechanism in The current NPDAO mechanism in [RFC6550] can still be used in the
[RFC6550] can still be used, for example, when the route lifetime same network where DCO is used. The NPDAO messaging can be used, for
expiry of the target happens or when the node simply decides to example, on route lifetime expiry of the target or when the node
gracefully terminate the RPL session on graceful node shutdown. simply decides to gracefully terminate the RPL session on graceful
Moreover a deployment can have a mix of nodes supporting the DCO and node shutdown. Moreover, a deployment can have a mix of nodes
the existing NPDAO mechanism. It is also possible that the same node supporting the DCO and the existing NPDAO mechanism. It is also
supports both the NPDAO and DCO signaling. possible that the same node supports both the NPDAO and DCO signaling
for route invalidation.
Section 9.8 of [RFC6550] states, "When a node removes a node from its Section 9.8 of [RFC6550] states, "When a node removes a node from its
DAO parent set, it SHOULD send a No-Path DAO message to that removed DAO parent set, it SHOULD send a No-Path DAO message to that removed
DAO parent to invalidate the existing router". This document DAO parent to invalidate the existing router". This document
introduces an alternate and more optimized way of route invalidation introduces an alternative and more optimized way of route
but it also allows existing NPDAO messaging to work. Thus an invalidation but it also allows existing NPDAO messaging to work.
implementation has two choices to make when a route invalidation is Thus an implementation has two choices to make when a route
to be initiated: invalidation is to be initiated:
1. Use NPDAO to invalidate the previous route and send regular DAO 1. Use NPDAO to invalidate the previous route and send regular DAO
on the new path. on the new path.
2. Send regular DAO on the new path with the 'I' flag set in the 2. Send regular DAO on the new path with the 'I' flag set in the
Transit Information Option such that the common ancestor node Transit Information Option such that the common ancestor node
initiates the DCO message downstream to invalidate the previous initiates the DCO message downstream to invalidate the previous
route. route.
This document recommends using option 2 for reasons specified in This document recommends using option 2 for reasons specified in
Section 3 in this document. Section 3 in this document.
skipping to change at page 14, line 33 skipping to change at page 14, line 46
it initiates a DCO. With multiple preferred parents, this handling it initiates a DCO. With multiple preferred parents, this handling
does not change. But in this case it is recommended that an does not change. But in this case it is recommended that an
implementation initiates a DCO after a time period (DelayDCO) such implementation initiates a DCO after a time period (DelayDCO) such
that the common ancestor node may receive updated DAOs from all that the common ancestor node may receive updated DAOs from all
possible next-hops. This will help to reduce DCO control overhead possible next-hops. This will help to reduce DCO control overhead
i.e., the common ancestor can wait for updated DAOs from all possible i.e., the common ancestor can wait for updated DAOs from all possible
directions before initiating a DCO for route invalidation. After directions before initiating a DCO for route invalidation. After
timeout, the DCO needs to be generated for all the next-hops for whom timeout, the DCO needs to be generated for all the next-hops for whom
the route invalidation needs to be done. the route invalidation needs to be done.
This documents recommends using a DelayDCO timer value of 1sec. This This document recommends using a DelayDCO timer value of 1sec. This
value is inspired by the default DelayDAO value of 1sec in [RFC6550]. value is inspired by the default DelayDAO value of 1sec in [RFC6550].
Here the hypothesis is that the DAOs from all possible parent set Here the hypothesis is that the DAOs from all possible parent sets
would be received on the common ancestor within this time period. would be received on the common ancestor within this time period.
Note that there is no requirement of synchronization between DCO and Note that there is no requirement for synchronization between DCO and
DAOs. The DelayDCO timer simply ensures that the DCO control DAOs. The DelayDCO timer simply ensures that the DCO control
overhead can be reduced and is only needed when the network contains overhead can be reduced and is only needed when the network contains
nodes using multiple preferred parent. nodes using multiple preferred parent.
5. Acknowledgments 5. Acknowledgments
Many thanks to Alvaro Retana, Cenk Gundogan, Simon Duquennoy, Many thanks to Alvaro Retana, Cenk Gundogan, Simon Duquennoy,
Georgios Papadopoulous, Peter Van Der Stok for their review and Georgios Papadopoulous, Peter Van Der Stok for their review and
comments. Alvaro Retana helped shape this document's final version comments. Alvaro Retana helped shape this document's final version
with critical review comments. with critical review comments.
skipping to change at page 16, line 20 skipping to change at page 16, line 29
should be located in existing category of "Routing Protocol for Low should be located in existing category of "Routing Protocol for Low
Power and Lossy Networks (RPL)". Power and Lossy Networks (RPL)".
New Status values may be allocated only by an IETF Review. Each New Status values may be allocated only by an IETF Review. Each
value is tracked with the following qualities: value is tracked with the following qualities:
o Status Code o Status Code
o Description o Description
o Defining RFC o Defining RFC
The following bits are currently defined: The following values are currently defined:
+------------+----------------------------------------+-------------+ +------------+----------------------------------------+-------------+
| Status | Description | Reference | | Status | Description | Reference |
| Code | | | | Code | | |
+------------+----------------------------------------+-------------+ +------------+----------------------------------------+-------------+
| 0 | Unqualified acceptance | This | | 0 | Unqualified acceptance | This |
| | | document | | | | document |
| 1 | No routing-entry for the indicated | This | | 1 | No routing-entry for the indicated | This |
| | Target found | document | | | Target found | document |
+------------+----------------------------------------+-------------+ +------------+----------------------------------------+-------------+
skipping to change at page 17, line 17 skipping to change at page 17, line 23
+------------+------------------------------+---------------+ +------------+------------------------------+---------------+
| 0 | DODAGID field is present (D) | This document | | 0 | DODAGID field is present (D) | This document |
+------------+------------------------------+---------------+ +------------+------------------------------+---------------+
DCO-ACK Base Flags DCO-ACK Base Flags
7. Security Considerations 7. Security Considerations
This document introduces the ability for a common ancestor node to This document introduces the ability for a common ancestor node to
invalidate a route on behalf of the target node. The common ancestor invalidate a route on behalf of the target node. The common ancestor
node is directed to do so by the target node using the 'I' flag in node could be directed to do so by the target node using the I-flag
DCO's Transit Information Option. However, the common ancestor node in DCO's Transit Information Option. However, the common ancestor
is in a position to unilaterally initiate the route invalidation node is in a position to unilaterally initiate the route invalidation
since it possesses all the required state information, namely, the since it possesses all the required state information, namely, the
Target address and the corresponding Path Sequence. Thus a rogue Target address and the corresponding Path Sequence. Thus a rogue
common ancestor node could initiate such an invalidation and impact common ancestor node could initiate such an invalidation and impact
the traffic to the target node. the traffic to the target node.
This document also introduces an I-flag which is set by the target This document also introduces an I-flag which is set by the target
node and used by the ancestor node to initiate a DCO if the ancestor node and used by the ancestor node to initiate a DCO if the ancestor
nodes sees an update in the route adjacency. However, this flag sees an update in the route adjacency. However, this flag could be
could be spoofed by a malicious 6LR in the path and can cause spoofed by a malicious 6LR in the path and can cause invalidation of
invalidation of an existing active path. Note that invalidation will an existing active path. Note that invalidation will happen only if
happen only if the other conditions such as Path Sequence condition the other conditions such as Path Sequence condition is also met.
is also met. Having said that a malicious 6LR may spoof a DAO on Having said that, such a malicious 6LR may spoof a DAO on behalf of
behalf of the (sub) child with the I-flag set and can cause route the (sub) child with the I-flag set and can cause route invalidation
invalidation on behalf of the (sub) child node. on behalf of the (sub) child node. Note that, using existing
mechanisms offered by [RFC6550], a malicious 6LR might also spoof a
DAO with lifetime of zero or otherwise cause denial of service by
dropping traffic entirely, so the new mechanism described in this
document does not present a substantially increased risk of
disruption.
This document assumes that the security mechanisms as defined in This document assumes that the security mechanisms as defined in
[RFC6550] are followed, which means that the common ancestor node and [RFC6550] are followed, which means that the common ancestor node and
all the 6LRs are part of the RPL network because they have the all the 6LRs are part of the RPL network because they have the
required credentials. A non-secure RPL network needs to take into required credentials. A non-secure RPL network needs to take into
consideration the risks highlighted in this section. consideration the risks highlighted in this section as well as those
highlighted in [RFC6550].
All RPL messages support a secure version of messages which allows All RPL messages support a secure version of messages which allows
integrity protection using either a MAC or a signature. Optionally, integrity protection using either a MAC or a signature. Optionally,
secured RPL messages also have encryption protection for secured RPL messages also have encryption protection for
confidentiality. confidentiality.
The document adds new messages (DCO, DCO-ACK) which are syntactically The document adds new messages (DCO, DCO-ACK) which are syntactically
similar to existing RPL messages such as DAO, DAO-ACK. Secure similar to existing RPL messages such as DAO, DAO-ACK. Secure
versions of DCO and DCO-ACK are added similar to other RPL messages versions of DCO and DCO-ACK are added similar to other RPL messages
(such as DAO, DAO-ACK). (such as DAO, DAO-ACK).
skipping to change at page 19, line 22 skipping to change at page 19, line 37
DAO(tgt=D,pathseq=x+1,I_flag=1). DAO(tgt=D,pathseq=x+1,I_flag=1).
5. Node A receives the DAO(tgt=D,pathseq=x+1,I_flag=1), and checks 5. Node A receives the DAO(tgt=D,pathseq=x+1,I_flag=1), and checks
for a routing entry on behalf of D. It finds a routing entry but for a routing entry on behalf of D. It finds a routing entry but
checks that the next hop for target D is different (i.e., Node checks that the next hop for target D is different (i.e., Node
G). Node A checks the I_flag and generates G). Node A checks the I_flag and generates
DCO(tgt=D,pathseq=x+1) to previous next hop for target D which is DCO(tgt=D,pathseq=x+1) to previous next hop for target D which is
G. Subsequently, Node A updates the routing entry and forwards G. Subsequently, Node A updates the routing entry and forwards
the reachability information of target D upstream the reachability information of target D upstream
DAO(tgt=D,pathseq=x+1,I_flag=1). DAO(tgt=D,pathseq=x+1,I_flag=1).
6. Node G receives the DCO(tgt=D,pathseq=x+1). It checks if the 6. Node G receives the DCO(tgt=D,pathseq=x+1). It checks if the
received path sequence is latest as compared to the stored path received path sequence is later than the stored path sequence.
sequence. If it is latest, Node G invalidates routing entry of If it is later, Node G invalidates the routing entry of target D
target D and forwards the (un)reachability information downstream and forwards the (un)reachability information downstream to B in
to B in DCO(tgt=D,pathseq=x+1). DCO(tgt=D,pathseq=x+1).
7. Similarly, B processes the DCO(tgt=D,pathseq=x+1) by invalidating 7. Similarly, B processes the DCO(tgt=D,pathseq=x+1) by invalidating
the routing entry of target D and forwards the (un)reachability the routing entry of target D and forwards the (un)reachability
information downstream to D. information downstream to D.
8. D ignores the DCO(tgt=D,pathseq=x+1) since the target is itself. 8. D ignores the DCO(tgt=D,pathseq=x+1) since the target is itself.
9. The propagation of the DCO will stop at any node where the node 9. The propagation of the DCO will stop at any node where the node
does not have an routing information associated with the target. does not have an routing information associated with the target.
If the routing information is present and its Path Sequence is If cached routing information is present and the cached Path
higher, then still the DCO is dropped. Sequence is higher than the value in the DCO, then the DCO is
dropped.
A.2. Example DCO Messaging with multiple preferred parents A.2. Example DCO Messaging with multiple preferred parents
(6LBR) (6LBR)
| |
| |
| |
(N11) (N11)
/ \ / \
/ \ / \
/ \ / \
(N21) (N22) (N21) (N22)
/ / \ / / \
 End of changes. 55 change blocks. 
121 lines changed or deleted 150 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/