idnits 2.17.00 (12 Aug 2021) /tmp/idnits15791/draft-ietf-6lo-rfc6775-update-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 3 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 22, 2018) is 1549 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'Perlman83' is mentioned on line 1392, but not defined == Missing Reference: 'IEEEstd802154' is mentioned on line 1615, but not defined == Outdated reference: draft-ietf-6lo-ap-nd has been published as RFC 8928 == Outdated reference: draft-ietf-6lo-backbone-router has been published as RFC 8929 == Outdated reference: A later version (-17) exists of draft-ietf-6lo-nfc-09 == Outdated reference: draft-ietf-6tisch-architecture has been published as RFC 9030 == Outdated reference: draft-ietf-mboned-ieee802-mcast-problems has been published as RFC 9119 -- Obsolete informational reference (is this intentional?): RFC 1558 (Obsoleted by RFC 1960) -- Obsolete informational reference (is this intentional?): RFC 4941 (Obsoleted by RFC 8981) Summary: 1 error (**), 0 flaws (~~), 8 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo P. Thubert, Ed. 3 Internet-Draft cisco 4 Updates: 6775 (if approved) E. Nordmark 5 Intended status: Standards Track Zededa 6 Expires: August 26, 2018 S. Chakrabarti 7 Verizon 8 C. Perkins 9 Futurewei 10 February 22, 2018 12 An Update to 6LoWPAN ND 13 draft-ietf-6lo-rfc6775-update-13 15 Abstract 17 This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to 18 clarify the role of the protocol as a registration technique, 19 simplify the registration operation in 6LoWPAN routers, as well as to 20 provide enhancements to the registration capabilities and mobility 21 detection for different network topologies including the backbone 22 routers performing proxy Neighbor Discovery in a low power network. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on August 26, 2018. 41 Copyright Notice 43 Copyright (c) 2018 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 3. Applicability of Address Registration Options . . . . . . . . 5 61 4. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 5 62 4.1. Extended Address Registration Option (EARO) . . . . . . . 7 63 4.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 7 64 4.2.1. Comparing TID values . . . . . . . . . . . . . . . . 7 65 4.3. Registration Unique ID . . . . . . . . . . . . . . . . . 9 66 4.4. Extended Duplicate Address Messages . . . . . . . . . . . 10 67 4.5. Registering the Target Address . . . . . . . . . . . . . 10 68 4.6. Link-Local Addresses and Registration . . . . . . . . . . 11 69 4.7. Maintaining the Registration States . . . . . . . . . . . 12 70 5. Detecting Enhanced ARO Capability Support . . . . . . . . . . 14 71 6. Extended ND Options And Messages . . . . . . . . . . . . . . 14 72 6.1. Enhanced Address Registration Option (EARO) . . . . . . . 14 73 6.2. Extended Duplicate Address Message Formats . . . . . . . 16 74 6.3. New 6LoWPAN Capability Bits in the Capability Indication 75 Option . . . . . . . . . . . . . . . . . . . . . . . . . 17 76 7. Backward Compatibility . . . . . . . . . . . . . . . . . . . 18 77 7.1. Discovering the capabilities of an ND peer . . . . . . . 18 78 7.1.1. Using the "E" Flag in the 6CIO . . . . . . . . . . . 18 79 7.1.2. Using the "T" Flag in the EARO . . . . . . . . . . . 18 80 7.2. RFC6775-only 6LoWPAN Node . . . . . . . . . . . . . . . . 19 81 7.3. RFC6775-only 6LoWPAN Router . . . . . . . . . . . . . . . 19 82 7.4. RFC6775-only 6LoWPAN Border Router . . . . . . . . . . . 20 83 8. Security Considerations . . . . . . . . . . . . . . . . . . . 20 84 9. Privacy Considerations . . . . . . . . . . . . . . . . . . . 22 85 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 86 10.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . 23 87 10.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 23 88 10.3. New ARO Status values . . . . . . . . . . . . . . . . . 24 89 10.4. New 6LoWPAN capability Bits . . . . . . . . . . . . . . 24 90 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 25 91 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 92 12.1. Normative References . . . . . . . . . . . . . . . . . . 25 93 12.2. Informative References . . . . . . . . . . . . . . . . . 26 94 12.3. External Informative References . . . . . . . . . . . . 30 95 Appendix A. Applicability and Requirements Served . . . . . . . 30 96 Appendix B. Requirements . . . . . . . . . . . . . . . . . . . . 31 97 B.1. Requirements Related to Mobility . . . . . . . . . . . . 31 98 B.2. Requirements Related to Routing Protocols . . . . . . . . 32 99 B.3. Requirements Related to the Variety of Low-Power Link 100 types . . . . . . . . . . . . . . . . . . . . . . . . . . 33 101 B.4. Requirements Related to Proxy Operations . . . . . . . . 34 102 B.5. Requirements Related to Security . . . . . . . . . . . . 34 103 B.6. Requirements Related to Scalability . . . . . . . . . . . 35 104 B.7. Requirements Related to Operations and Management . . . . 36 105 B.8. Matching Requirements with Specifications . . . . . . . . 36 106 Appendix C. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . 38 107 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 109 1. Introduction 111 The scope of this draft is an IPv6 Low Power Networks including star 112 and mesh topologies. This specification modifies and extends the 113 behavior and protocol elements of "Neighbor Discovery Optimization 114 for IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND) 115 [RFC6775] to enable additional capabilities and enhancements such as: 117 o Support for indicating mobility vs retry (T-bit) 118 o Simplify the registration flow for link-local addresses 119 o Enhancement to Address Registration Option (ARO) 120 o Permitting registration of a target address 121 o Clarification of support of privacy and temporary addresses 123 The applicability of 6LoWPAN ND registration is discussed in 124 Section 3, and new extensions and updates to [RFC6775] are presented 125 in Section 4. Considerations on Backward Compatibility, Security and 126 Privacy are also elaborated upon in Section 7, Section 8 and in 127 Section 9, respectively. 129 2. Terminology 131 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 132 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 133 document are to be interpreted as described in [RFC2119]. 135 The Terminology used in this document is consistent with and 136 incorporates that described in Terms Used in Routing for Low-Power 137 and Lossy Networks (LLNs). [RFC7102]. 139 Other terms in use in LLNs are found in Terminology for Constrained- 140 Node Networks [RFC7228]. 142 Readers are expected to be familiar with all the terms and concepts 143 that are discussed in 144 o "Neighbor Discovery for IP version 6" [RFC4861], 145 o "IPv6 Stateless Address Autoconfiguration" [RFC4862], 146 o "Problem Statement and Requirements for IPv6 over Low-Power 147 Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], 148 o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 149 Overview, Assumptions, Problem Statement, and Goals" [RFC4919], 150 o "Neighbor Discovery Optimization for Low-power and Lossy Networks" 151 [RFC6775] and 152 o "Multi-link Subnet Support in IPv6" 153 [I-D.ietf-ipv6-multilink-subnets], 155 as well as the following terminology: 157 Backbone Link: An IPv6 transit link that interconnects two or more 158 Backbone Routers. It is expected to be of high speed compared 159 to the LLN in order to carry the traffic that is required to 160 federate multiple segments of the potentially large LLN into a 161 single IPv6 subnet. 162 Backbone Router: A logical network function in an IPv6 router that 163 federates a LLN over a Backbone Link. In order to do so, the 164 Backbone Router (6BBR) proxies the 6LoWPAN ND operations 165 detailed in the document onto the matching operations that run 166 over the backbone, typically IPv6 ND. Note that 6BBR is a 167 logical function, just like 6LR and 6LBR, and that a same 168 physical router may operate all three. 169 Extended LLN: The aggregation of multiple LLNs as defined in 170 [RFC4919], interconnected by a Backbone Link via Backbone 171 Routers, and forming a single IPv6 MultiLink Subnet. 172 Registration: The process during which a 6LN registers its 173 address(es) with the Border Router so the 6BBR can serve as 174 proxy for ND operations over the Backbone. 175 Binding: The association between an IP address with a MAC address, a 176 port and/or other information about the node that owns the IP 177 address. 178 Registered Node: The node for which the registration is performed, 179 and which owns the fields in the EARO option. 180 Registering Node: The node that performs the registration to the 181 6BBR, which may proxy for the registered node. 182 Registered Address: An address owned by the Registered Node node 183 that was or is being registered. 184 RFC6775-only: Applied to a type of node or a type of message, this 185 adjective indicates a behavior that is strictly as specified by 186 [RFC6775] as opposed to updated with this specification. 187 updated: a 6LN, a 6LR or a 6LBR that supports this specification. 189 3. Applicability of Address Registration Options 191 The purpose of the Address Registration Option (ARO) in [RFC6775] is 192 to facilitate duplicate address detection (DAD) for hosts as well as 193 populate Neighbor Cache Entries (NCE) [RFC4861] in the routers. This 194 reduces the reliance on multicast operations, which are often as 195 intrusive as broadcast, in IPv6 ND operations. 197 With this specification, a failed or useless registration can be 198 detected by a 6LR or a 6LBR for reasons other than address 199 duplication. Examples include: the router having run out of space; a 200 registration bearing a stale sequence number perhaps denoting a 201 movement of the host after the registration was placed; a host 202 misbehaving and attempting to register an invalid address such as the 203 unspecified address [RFC4291]; or a host using an address which is 204 not topologically correct on that link. 206 In such cases the host will receive an error to help diagnose the 207 issue and may retry, possibly with a different address, and possibly 208 registering to a different router, depending on the returned error. 209 The ability to return errors to address registrations is not intended 210 to be used to restrict the ability of hosts to form and use multiple 211 addresses, as recommended in "Host Address Availability 212 Recommendations" [RFC7934]. 214 In particular, the freedom to form and register addresses is needed 215 for enhanced privacy; each host may register a number of addresses 216 using mechanisms such as "Privacy Extensions for Stateless Address 217 Autoconfiguration (SLAAC) in IPv6" [RFC4941]. 219 In IPv6 ND [RFC4861], a router must have enough storage to hold 220 neighbor cache entries for all the addresses to which it may forward. 221 A router using the Address Registration mechanism also needs enough 222 storage to hold NCEs for all the addresses that may be registered to 223 it, regardless of whether or not they are actively communicating. 224 The number of registrations supported by a 6LoWPAN Router (6LR) or 225 6LoWPAN Border Router (6LBR) must be clearly documented. 227 A network administrator should deploy updated 6LR/6LBRs to support 228 the number and type of devices in their network, based on the number 229 of IPv6 addresses that those devices require and their address 230 renewal rate and behavior. 232 4. Updating RFC 6775 234 This specification introduces the Extended Address Registration 235 Option (EARO) based on the ARO as defined [RFC6775]; in particular a 236 "T" flag is added that MUST be set in NS messages when this 237 specification is used, and echoed in NA messages to confirm that the 238 protocol is supported. 240 The extensions to the ARO option are used in the Duplicate Address 241 Request (DAR) and Duplicate Address Confirmation (DAC) messages, so 242 as to convey the additional information all the way to the 6LBR. In 243 turn the 6LBR may proxy the registration using IPv6 ND over a 244 Backbone Link as illustrated in Figure 1. Note that this 245 specification avoids the extended DAR flow for Link Local Addresses 246 in a Route-Over [RFC6606] mesh. 248 6LN 6LR 6LBR 6BBR 249 | | | | 250 | NS(EARO) | | | 251 |--------------->| | | 252 | | Extended DAR | | 253 | |-------------->| | 254 | | | | 255 | | | proxy NS(EARO) | 256 | | |--------------->| 257 | | | | NS(DAD) 258 | | | | ------> 259 | | | | 260 | | | | 261 | | | proxy NA(EARO) | 262 | | |<---------------| 263 | | Extended DAC | | 264 | |<--------------| | 265 | NA(EARO) | | | 266 |<---------------| | | 267 | | | | 269 Figure 1: (Re-)Registration Flow 271 In order to support various types of link layers, it is RECOMMENDED 272 to allow multiple registrations, including for privacy / temporary 273 addresses, and provide new mechanisms to help clean up stale 274 registration states as soon as possible. 276 Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface 277 and locates available 6LRs; a Registering Node SHOULD prefer 278 registering to a 6LR that is found to support this specification, as 279 discussed in Section 7.1, over a RFC6775-only one. 281 4.1. Extended Address Registration Option (EARO) 283 The Extended ARO (EARO) deprecates the ARO and is backward compatible 284 with it. More details on backward compatibility can be found in 285 Section 7. 287 The semantics of the ARO are modified as follows: 289 o The address that is being registered with a Neighbor Solicitation 290 (NS) with an EARO is now the Target Address, as opposed to the 291 Source Address as specified in [RFC6775] (see Section 4.5). This 292 change enables a 6LBR to use one of its addresses as source to the 293 proxy-registration of an address that belongs to a LLN Node to a 294 6BBR. This also limits the use of an address as source address 295 before it is registered and the associated DAD process is 296 complete. 297 o The Unique ID in the EARO Option is not required to be a MAC 298 address (see Section 4.3). 299 o The specification introduces a Transaction ID (TID) field in the 300 EARO (see Section 4.2). The TID MUST be provided by a node that 301 supports this specification and a new "T" flag MUST be set to 302 indicate so. 303 o Finally, this specification introduces new status codes to help 304 diagnose the cause of a registration failure (see Table 1). 306 4.2. Transaction ID 308 The Transaction ID (TID) is a sequence number that is incremented 309 with each re-registration. The TID is used to detect the freshness 310 of the registration request and useful to detect one single 311 registration by multiple 6LoWPAN border routers (e.g., 6LBRs and 312 6BBRs) supporting the same 6LoWPAN. The TID may also be used by the 313 network to track the sequence of movements of a node in order to 314 route to the current (freshest known) location of a moving node. 316 When a Registered Node is registered with multiple 6BBRs in parallel, 317 the same TID SHOULD be used, to enable the 6BBRs to determine that 318 the registrations are the same, and distinguish that situation from a 319 movement. 321 4.2.1. Comparing TID values 323 The TID is a sequence counter and its operation is the exact match of 324 the path sequence specified in RPL, the IPv6 Routing Protocol for 325 Low-Power and Lossy Networks [RFC6550] specification. 327 In order to keep this document self-contained and yet compatible, the 328 text below is an exact copy from section 7.2. "Sequence Counter 329 Operation" of [RFC6550]. 331 A TID is deemed to be fresher than another when its value is greater 332 per the operations detailed in this section. 334 The TID range is subdivided in a 'lollipop' fashion ([Perlman83]), 335 where the values from 128 and greater are used as a linear sequence 336 to indicate a restart and bootstrap the counter, and the values less 337 than or equal to 127 used as a circular sequence number space of size 338 128 as in [RFC1982]. Consideration is given to the mode of operation 339 when transitioning from the linear region to the circular region. 340 Finally, when operating in the circular region, if sequence numbers 341 are detected to be too far apart then they are not comparable, as 342 detailed below. 344 A window of comparison, SEQUENCE_WINDOW = 16, is configured based on 345 a value of 2^N, where N is defined to be 4 in this specification. 347 For a given sequence counter, 349 1. The sequence counter SHOULD be initialized to an implementation 350 defined value which is 128 or greater prior to use. A 351 recommended value is 240 (256 - SEQUENCE_WINDOW). 352 2. When a sequence counter increment would cause the sequence 353 counter to increment beyond its maximum value, the sequence 354 counter MUST wrap back to zero. When incrementing a sequence 355 counter greater than or equal to 128, the maximum value is 255. 356 When incrementing a sequence counter less than 128, the maximum 357 value is 127. 358 3. When comparing two sequence counters, the following rules MUST be 359 applied: 361 1. When a first sequence counter A is in the interval [128..255] 362 and a second sequence counter B is in [0..127]: 364 1. If (256 + B - A) is less than or equal to 365 SEQUENCE_WINDOW, then B is greater than A, A is less than 366 B, and the two are not equal. 367 2. If (256 + B - A) is greater than SEQUENCE_WINDOW, then A 368 is greater than B, B is less than A, and the two are not 369 equal. 371 For example, if A is 240, and B is 5, then (256 + 5 - 240) is 372 21. 21 is greater than SEQUENCE_WINDOW (16), thus 240 is 373 greater than 5. As another example, if A is 250 and B is 5, 374 then (256 + 5 - 250) is 11. 11 is less than SEQUENCE_WINDOW 375 (16), thus 250 is less than 5. 376 2. In the case where both sequence counters to be compared are 377 less than or equal to 127, and in the case where both 378 sequence counters to be compared are greater than or equal to 379 128: 381 1. If the absolute magnitude of difference between the two 382 sequence counters is less than or equal to 383 SEQUENCE_WINDOW, then a comparison as described in 384 [RFC1982] is used to determine the relationships greater 385 than, less than, and equal. 386 2. If the absolute magnitude of difference of the two 387 sequence counters is greater than SEQUENCE_WINDOW, then a 388 desynchronization has occurred and the two sequence 389 numbers are not comparable. 390 4. If two sequence numbers are determined to be not comparable, i.e. 391 the results of the comparison are not defined, then a node should 392 give precedence to the sequence number that was most recently 393 incremented. Failing this, the node should select the sequence 394 number in order to minimize the resulting changes to its own 395 state. 397 4.3. Registration Unique ID 399 The Registration Unique ID (RUID) enables a duplicate address 400 registration to be distinguished from a double registration or a 401 movement. An ND message from the 6BBR over the Backbone Link that is 402 proxied on behalf of a Registered Node must carry the most recent 403 EARO option seen for that node. A NS/NA with an EARO and a NS/NA 404 without a EARO thus represent different nodes; if they relate to a 405 same target then an address duplication is likely. 407 The Registration Unique ID in [RFC6775] is a EUI-64 globally unique 408 address configured at a Lower Layer, under the assumption that 409 duplicate EUI-64 addresses are avoided. 411 With this specification, the Registration Unique ID is allowed to be 412 extended to different types of identifier, as long as the type is 413 clearly indicated. For instance, the type can be a cryptographic 414 string and used to prove the ownership of the registration as 415 discussed in "Address Protected Neighbor Discovery for Low-power and 416 Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to support the flows 417 related to the proof of ownership, this specification introduces new 418 status codes "Validation Requested" and "Validation Failed" in the 419 EARO. 421 The Registering Node SHOULD store the unique ID, or a way to generate 422 that ID, in persistent memory. Otherwise, if a reboot causes a loss 423 of memory, re-registering the same address could be impossible until 424 the 6LBR times out the previous registration. 426 4.4. Extended Duplicate Address Messages 428 In order to map the new EARO content in the DAR/DAC messages, a new 429 TID field is added to the Extended DAR (EDAR) and the Extended DAC 430 (EDAC) messages as a replacement to a Reserved field, and an odd 431 value of the ICMP Code indicates support for the TID, to transport 432 the "T" flag. 434 In order to prepare for future extensions, and though no option has 435 been defined for the Duplicate Address messages, implementations 436 SHOULD expect ND options after the main body, and SHOULD ignore them. 438 As for the EARO, the Extended Duplicate Address messages are backward 439 compatible with the RFC6775-only versions, and remarks concerning 440 backwards compatibility for the protocol between the 6LN and the 6LR 441 apply similarly between a 6LR and a 6LBR. 443 4.5. Registering the Target Address 445 The Registering Node is the node that performs the registration to 446 the 6BBR. As in [RFC6775], it may be the Registered Node as well, in 447 which case it registers one of its own addresses, and indicates its 448 own MAC Address as Source Link Layer Address (SLLA) in the NS(EARO). 450 This specification adds the capability to proxy the registration 451 operation on behalf of a Registered Node that is reachable over a LLN 452 mesh. In that case, if the Registered Node is reachable from the 453 6BBR over a Mesh-Under mesh, the Registering Node indicates the MAC 454 Address of the Registered Node as SLLA in the NS(EARO). If the 455 Registered Node is reachable over a Route-Over mesh from the 456 Registering Node, the SLLA in the NS(ARO) is that of the Registering 457 Node. This enables the Registering Node to attract the packets from 458 the 6BBR and route them over the LLN to the Registered Node. 460 In order to enable the latter operation, this specification changes 461 the behavior of the 6LN and the 6LR so that the Registered Address is 462 found in the Target Address field of the NS and NA messages as 463 opposed to the Source Address. With this convention, a TLLA option 464 indicates the link-layer address of the 6LN that owns the address, 465 whereas the SLLA Option in a NS message indicates that of the 466 Registering Node, which can be the owner device, or a proxy. 468 The Registering Node is reachable from the 6LR, and is also the one 469 expecting packets for the 6LN. Therefore, it MUST place its own Link 470 Layer Address in the SLLA Option that MUST always be placed in a 471 registration NS(EARO) message. This maintains compatibility with 472 RFC6775-only 6LoWPAN ND [RFC6775]. 474 4.6. Link-Local Addresses and Registration 476 Considering that LLN nodes are often not wired and may move, there is 477 no guarantee that a Link-Local address stays unique between a 478 potentially variable and unbounded set of neighboring nodes. 480 Compared to [RFC6775], this specification only requires that a Link- 481 Local address is unique from the perspective of the two nodes that 482 use it to communicate (e.g. the 6LN and the 6LR in an NS/NA 483 exchange). This simplifies the DAD process in Route-Over Mode for 484 Link-Local addresses, and there is no exchange of Duplicate Address 485 messages between the 6LR and a 6LBR for Link-Local addresses. 487 In more details: 489 An exchange between two nodes using Link-Local addresses implies that 490 they are reachable over one hop and that at least one of the 2 nodes 491 acts as a 6LR. A node MUST register a Link-Local address to a 6LR in 492 order to obtain reachability from that 6LR beyond the current 493 exchange, and in particular to use the Link-Local address as source 494 address to register other addresses, e.g. global addresses. 496 If there is no collision with an address previously registered to 497 this 6LR by another 6LN, then the Link-Local address is unique from 498 the standpoint of this 6LR and the registration is acceptable. 499 Alternatively, two different 6LRs might expose the same Link-Local 500 address but different link-layer addresses. In that case, a 6LN MUST 501 only interact with at most one of the 6LRs. 503 The DAD process between the 6LR and a 6LBR, which is based on an 504 exchange of Duplicate Address messages, does not need to take place 505 for Link-Local addresses. 507 When registering to a 6LR that conforms this specification, a node 508 MUST use a Link-Local address as the source address of the 509 registration, whatever the type of IPv6 address that is being 510 registered. That Link-Local Address MUST be either an address that 511 is already registered to the 6LR, or the address that is being 512 registered. 514 When a Registering Node does not have an already-Registered Address, 515 it MUST register a Link-Local address, using it as both the Source 516 and the Target Address of an NS(EARO) message. In that case, it is 517 RECOMMENDED to use a Link-Local address that is (expected to be) 518 globally unique, e.g., derived from a globally unique hardware MAC 519 address. An EARO option in the response NA indicates that the 6LR 520 supports this specification. 522 Since there is no Duplicate Address exchange for Link-Local 523 addresses, the 6LR may answer immediately to the registration of a 524 Link-Local address, based solely on its existing state and the Source 525 Link-Layer Option that MUST be placed in the NS(EARO) message as 526 required in [RFC6775]. 528 A node needs to register its IPv6 Global Unicast IPv6 Addresses 529 (GUAs) to a 6LR in order to establish global reachability for these 530 addresses via that 6LR. When registering with an updated 6LR, a 531 Registering Node does not use its GUA as Source Address, in contrast 532 to a node that complies to [RFC6775]. For non-Link-Local addresses, 533 the Duplicate Address exchange MUST conform to [RFC6775], but the 534 extended formats described in this specification for the DAR and the 535 DAC are used to relay the extended information in the case of an 536 EARO. 538 4.7. Maintaining the Registration States 540 This section discusses protocol actions that involve the Registering 541 Node, the 6LR and the 6LBR. It must be noted that the portion that 542 deals with a 6LBR only applies to those addresses that are registered 543 to it; as discussed in Section 4.6, this is not the case for Link- 544 Local addresses. The registration state includes all data that is 545 stored in the router relative to that registration, in particular, 546 but not limited to, an NCE in a 6LR. 6LBRs and 6BBRs may store 547 additional registration information in more complex data structures 548 and use protocols that are out of scope of this document to keep them 549 synchronized when they are distributed. 551 When its Neighbor Cache is full, a 6LR cannot accept a new 552 registration. In that situation, the EARO is returned in a NA 553 message with a Status of 2, and the Registering Node may attempt to 554 register to another 6LR. 556 If the registry in the 6LBR is saturated, then the LBR cannot decide 557 whether a new address is a duplicate. In that case, the 6LBR replies 558 to a EDAR message with a EDAC message that carries a new Status Code 559 indicating "6LBR Registry saturated" Table 1. Note: this code is 560 used by 6LBRs instead of Status 2 when responding to a Duplicate 561 Address message exchange and passed on to the Registering Node by the 562 6LR. There is no point for the node to retry this registration 563 immediately via another 6LR, since the problem is global to the 564 network. The node may either abandon that address, de-register other 565 addresses first to make room, or keep the address in TENTATIVE state 566 and retry later. 568 A node renews an existing registration by sending a new NS(EARO) 569 message for the Registered Address. In order to refresh the 570 registration state in the 6LBR, the registration MUST be reported to 571 the 6LBR. 573 A node that ceases to use an address SHOULD attempt to de-register 574 that address from all the 6LRs to which it has registered the 575 address, which is achieved using an NS(EARO) message with a 576 Registration Lifetime of 0. 578 A node that moves away from a particular 6LR SHOULD attempt to de- 579 register all of its addresses registered to that 6LR and register to 580 a new 6LR with an incremented TID. When/if the node shows up 581 elsewhere, an asynchronous NA(EARO) or EDAC message with a status of 582 3 "Moved" SHOULD be used to clean up the state in the previous 583 location. For instance, as described in 584 [I-D.ietf-6lo-backbone-router], the "Moved" status can be used by a 585 6BBR in a NA(EARO) message to indicate that the ownership of the 586 proxy state on the Backbone Link was transferred to another 6BBR, as 587 the consequence of a movement of the device. The receiver of the 588 message SHOULD propagate the status down the chain towards the 589 Registered node (e.g. reversing an existing RPL [RFC6550] path) and 590 then clean up its state. 592 Upon receiving a NS(EARO) message with a Registration Lifetime of 0 593 and determining that this EARO is the freshest for a given NCE (see 594 Section 4.2), a 6LR cleans up its NCE. If the address was registered 595 to the 6LBR, then the 6LR MUST report to the 6LBR, through a 596 Duplicate Address exchange with the 6LBR, indicating the null 597 Registration Lifetime and the latest TID that this 6LR is aware of. 599 Upon receiving the Extended DAR message, the 6LBR evaluates if this 600 is the most recent TID it has received for that particular registry 601 entry. If so, then the entry is scheduled to be removed, and the 602 EDAR is answered with a EDAC message bearing a Status of 0 603 ("Success"). Otherwise, a Status 3 ("Moved") is returned instead, 604 and the existing entry is maintained. 606 When an address is scheduled to be removed, the 6LBR SHOULD keep its 607 entry in a DELAY state for a configurable period of time, so as to 608 protect a mobile node that de-registered from one 6LR and did not 609 register yet to a new one, or the new registration did not reach yet 610 the 6LBR due to propagation delays in the network. Once the DELAY 611 time is passed, the 6LBR silently removes its entry. 613 5. Detecting Enhanced ARO Capability Support 615 The "Generic Header Compression for IPv6 over 6LoWPANs" [RFC7400] 616 introduces the 6LoWPAN Capability Indication Option (6CIO) to 617 indicate a node's capabilities to its peers. 619 Section 6.3 defines new flags for the 6CIO to signal support for 620 EARO, as well as the node's capability to act as a 6LR, 6LBR and 621 6BBR. Section 7.1.1 specifies how the "E" flag can be used to 622 provide backward compatibility. 624 The 6CIO is typically sent in a Router Solicitation (RS) message. 625 When used to signal capabilities per this specification, the 6CIO is 626 typically present in Router Advertisement (RA) messages but can also 627 be present in RS, Neighbor Solicitation (NS) and Neighbor 628 Advertisement (NA) messages. 630 6. Extended ND Options And Messages 632 This specification does not introduce new options, but it modifies 633 existing ones and updates the associated behaviors as specified in 634 the following subsections. 636 6.1. Enhanced Address Registration Option (EARO) 638 The Address Registration Option (ARO) is defined in section 4.1. of 639 [RFC6775]. 641 The Enhanced Address Registration Option (EARO) updates the ARO 642 option within Neighbor Discovery NS and NA messages between a 6LN and 643 its 6LR. On the other hand, the Extended Duplicate Address messages, 644 EDAR and EDAC, replace the DAR and DAC messages so as to transport 645 the new information between 6LRs and 6LBRs across LLN meshes such as 646 6TiSCH networks. 648 An NS message with an EARO option is a registration if and only if it 649 also carries an SLLAO option. The EARO option also used in NS and NA 650 messages between Backbone Routers [I-D.ietf-6lo-backbone-router] over 651 the Backbone Link to sort out the distributed registration state; in 652 that case, it does not carry the SLLAO option and is not confused 653 with a registration. 655 When using the EARO option, the address being registered is found in 656 the Target Address field of the NS and NA messages. 658 The EARO extends the ARO and is indicated by the "T" flag set. The 659 format of the EARO option is as follows: 661 0 1 2 3 662 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 663 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 664 | Type | Length = 2 | Status | Reserved | 665 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 666 | Reserved |T| TID | Registration Lifetime | 667 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 668 | | 669 + Registration Unique ID (EUI-64 or equivalent) + 670 | | 671 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 673 Figure 2: EARO 675 Option Fields 677 Type: 33 678 Length: 8-bit unsigned integer. The length of the option in 679 units of 8 bytes. Always 2. 680 Status: 8-bit unsigned integer. Indicates the status of a 681 registration in the NA response. MUST be set to 0 in 682 NS messages. See Table 1 below. 684 +-------+-----------------------------------------------------------+ 685 | Value | Description | 686 +-------+-----------------------------------------------------------+ 687 | 0..2 | See [RFC6775]. Note: a Status of 1 "Duplicate Address" | 688 | | applies to the Registered Address. If the Source Address | 689 | | conflicts with an existing registration, "Duplicate | 690 | | Source Address" should be used. | 691 | | | 692 | 3 | Moved: The registration failed because it is not the | 693 | | freshest. This Status indicates that the registration is | 694 | | rejected because another more recent registration was | 695 | | done, as indicated by a same RUID and a more recent TID. | 696 | | One possible cause is a stale registration that has | 697 | | progressed slowly in the network and was passed by a more | 698 | | recent one. It could also indicate a RUID collision. | 699 | | | 700 | 4 | Removed: The binding state was removed. This may be | 701 | | placed in an asynchronous NS(ARO) message, or as the | 702 | | rejection of a proxy registration to a Backbone Router | 703 | | | 704 | 5 | Validation Requested: The Registering Node is challenged | 705 | | for owning the Registered Address or for being an | 706 | | acceptable proxy for the registration. This Status is | 707 | | expected in asynchronous messages from a registrar (6LR, | 708 | | 6LBR, 6BBR) to indicate that the registration state is | 709 | | removed, for instance due to a movement of the device. | 710 | | | 711 | 6 | Duplicate Source Address: The address used as source of | 712 | | the NS(ARO) conflicts with an existing registration. | 713 | | | 714 | 7 | Invalid Source Address: The address used as source of the | 715 | | NS(ARO) is not a Link-Local address as prescribed by this | 716 | | document. | 717 | | | 718 | 8 | Registered Address topologically incorrect: The address | 719 | | being registered is not usable on this link, e.g. it is | 720 | | not topologically correct | 721 | | | 722 | 9 | 6LBR Registry saturated: A new registration cannot be | 723 | | accepted because the 6LBR Registry is saturated. Note: | 724 | | this code is used by 6LBRs instead of Status 2 when | 725 | | responding to a Duplicate Address message exchange and | 726 | | passed on to the Registering Node by the 6LR. | 727 | | | 728 | 10 | Validation Failed: The proof of ownership of the | 729 | | registered address is not correct. | 730 +-------+-----------------------------------------------------------+ 732 Table 1: EARO Status 734 Reserved: This field is unused. It MUST be initialized to zero 735 by the sender and MUST be ignored by the receiver. 736 T: One bit flag. Set if the next octet is used as a 737 TID. 738 TID: 1-byte integer; a transaction id that is maintained 739 by the node and incremented with each transaction. 740 The node SHOULD maintain the TID in a persistent 741 storage. 742 Registration Lifetime: 16-bit integer; expressed in minutes. 0 743 means that the registration has ended and the 744 associated state should be removed. 745 Registration Unique IDentifier (RUID): A globally unique identifier 746 for the node associated. This can be the EUI-64 747 derived IID of an interface, or some provable ID 748 obtained cryptographically. 750 6.2. Extended Duplicate Address Message Formats 752 The Duplicate Address Request (DAR) and the Duplicate Address 753 Confirmation (DAC) messages are defined in section 4.4 of [RFC6775]. 754 Those messages follow a common base format, which enables information 755 from the ARO to be transported over multiple hops. 757 The Duplicate Address Messages are extended to adapt to the Extended 758 ARO format, as follows: 760 0 1 2 3 761 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 762 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 763 | Type | Code | Checksum | 764 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 765 | Status | TID | Registration Lifetime | 766 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 767 | | 768 + Registration Unique ID (EUI-64 or equivalent) + 769 | | 770 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 771 | | 772 + + 773 | | 774 + Registered Address + 775 | | 776 + + 777 | | 778 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 780 Figure 3: Duplicate Address Messages Format 782 Modified Message Fields 784 Code: The ICMP Code as defined in [RFC4443]. The ICMP Code 785 MUST be set to 1 with this specification. An odd 786 value of the ICMP Code indicates that the TID field 787 is present and obeys this specification. 788 TID: 1-byte integer; same definition and processing as the 789 TID in the EARO option as defined in Section 6.1. 790 Registration Unique IDentifier (RUID): 8 bytes; same definition and 791 processing as the RUID in the EARO option as defined 792 in Section 6.1. 794 6.3. New 6LoWPAN Capability Bits in the Capability Indication Option 796 This specification defines new capability bits for use in the 6CIO, 797 which was introduced by [RFC7400] for use in IPv6 ND RA messages. 799 Routers that support this specification MUST set the "E" flag and 6LN 800 SHOULD favor 6LR routers that support this specification over those 801 that do not. Routers that are capable of acting as 6LR, 6LBR and 802 6BBR SHOULD set the "L", "B" and "P" flags, respectively. In 803 particular, the function 6LR is often collocated with that of 6LBR. 805 Those flags are not mutually exclusive and if a router is capable of 806 performing multiple functions, it SHOULD set all the related flags. 808 0 1 2 3 809 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 810 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 811 | Type | Length = 1 | Reserved |L|B|P|E|G| 812 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 813 | Reserved | 814 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 816 Figure 4: New capability Bits L, B, P, E in the 6CIO 818 Option Fields 820 Type: 36 821 L: Node is a 6LR, it can take registrations. 822 B: Node is a 6LBR. 823 P: Node is a 6BBR, proxying for nodes on this link. 824 E: This specification is supported and applied. 826 7. Backward Compatibility 828 7.1. Discovering the capabilities of an ND peer 830 7.1.1. Using the "E" Flag in the 6CIO 832 If the 6CIO is used in an ND message and the sending node supports 833 this specification, then the "E" Flag MUST be set. 835 A router that supports this specification SHOULD indicate that with a 836 6CIO. 838 If the Registering Node receives a 6CIO in a Router Advertisement 839 message, then the setting of the "E" Flag indicates whether or not 840 this specification is supported. 842 7.1.2. Using the "T" Flag in the EARO 844 One alternate way for a 6LN to discover the router's capabilities is 845 to start by registering a Link Local address, placing the same 846 address in the Source and Target Address fields of the NS message, 847 and setting the "T" Flag. The node may for instance register an 848 address that is based on EUI-64. For such an address, DAD is not 849 required and using the SLLAO option in the NS is actually more 850 consistent with existing ND specifications such as the "Optimistic 851 Duplicate Address Detection (ODAD) for IPv6" [RFC4429]. 853 Once its first registration is complete, the node knows from the 854 setting of the "T" Flag in the response whether the router supports 855 this specification. If support is verified, the node may register 856 other addresses that it owns, or proxy-register addresses on behalf 857 some another node, indicating those addresses being registered in the 858 Target Address field of the NS messages, while using one of its own 859 previously registered addresses as source. 861 A node that supports this specification MUST always use an EARO as a 862 replacement to an ARO in its registration to a router. This is 863 harmless since the "T" flag and TID field are reserved in [RFC6775], 864 and are ignored by a RFC6775-only router. A router that supports 865 this specification answers an ARO with an ARO and answers an EARO 866 with an EARO. 868 This specification changes the behavior of the peers in a 869 registration flow. To enable backward compatibility, a 6LN that 870 registers to a 6LR that is not known to support this specification 871 MUST behave in a manner that is compatible with [RFC6775]. A 6LN can 872 achieve that by sending a NS(EARO) message with a Link-Local Address 873 used as both Source and Target Address, as described in Section 4.6. 874 Once the 6LR is known to support this specification, the 6LN MUST 875 obey this specification. 877 7.2. RFC6775-only 6LoWPAN Node 879 A RFC6775-only 6LN will use the Registered Address as source and will 880 not use an EARO option. An updated 6LR MUST accept that registration 881 if it is valid per [RFC6775], and it MUST manage the binding cache 882 accordingly. The updated 6LR MUST then use the RFC6775-only 883 Duplicate Address messages as specified in [RFC6775] to indicate to 884 the 6LBR that the TID is not present in the messages. 886 The main difference with [RFC6775] is that Duplicate Address exchange 887 for DAD is avoided for Link-Local addresses. In any case, the 6LR 888 SHOULD use an EARO in the reply, and may use any of the Status codes 889 defined in this specification. 891 7.3. RFC6775-only 6LoWPAN Router 893 The first registration by an updated 6LN MUST be for a Link-Local 894 address, using that Link-Local address as source. A RFC6775-only 6LR 895 will not make a difference and treat that registration as if the 6LN 896 was a RFC6775-only node. 898 An updated 6LN will always use an EARO option in the registration NS 899 message, whereas a RFC6775-only 6LR will always reply with an ARO 900 option in the NA message. From that first registration, the updated 901 6LN can determine whether or not the 6LR supports this specification. 903 After detecting a RFC6775-only 6LR, an updated 6LN SHOULD attempt to 904 find an alternate 6LR that is updated for a reasonable time that 905 depends on the type of device and the expected deployment. 907 An updated 6LN SHOULD use an EARO in the request regardless of the 908 type of 6LR, RFC6775-only or updated, which implies that the "T" flag 909 is set. 911 If an updated 6LN moves from an updated 6LR to a RFC6775-only 6LR, 912 the RFC6775-only 6LR will send a RFC6775-only DAR message, which can 913 not be compared with an updated one for freshness. 915 Allowing RFC6775-only DAR messages to replace a state established by 916 the updated protocol in the 6LBR would be an attack vector and that 917 cannot be the default behavior. 919 But if RFC6775-only and updated 6LRs coexist temporarily in a 920 network, then it makes sense for an administrator to install a policy 921 that allows so, and the capability to install such a policy should be 922 configurable in a 6LBR though it is out of scope for this document. 924 7.4. RFC6775-only 6LoWPAN Border Router 926 With this specification, the Duplicate Address messages are extended 927 to transport the EARO information. Similarly to the NS/NA exchange, 928 updated 6LBR devices always use the Extended Duplicate Address 929 messages and all the associated behavior so they can always be 930 differentiated from RFC6775-only ones. 932 Note that a RFC6775-only 6LBR will accept and process an EDAR message 933 as if it was a RFC6775-only DAR, so the support of DAD is preserved. 935 8. Security Considerations 937 This specification extends [RFC6775], and the security section of 938 that standard also applies to this as well. In particular, it is 939 expected that the link layer is sufficiently protected to prevent a 940 rogue access, either by means of physical or IP security on the 941 Backbone Link and link layer cryptography on the LLN. 943 This specification also expects that the LLN MAC provides secure 944 unicast to/from the Backbone Router and secure Broadcast from the 945 Backbone Router in a way that prevents tampering with or replaying 946 the RA messages. 948 This specification recommends using privacy techniques (see 949 Section 9), and protection against address theft such as provided by 950 "Address Protected Neighbor Discovery for Low-power and Lossy 951 Networks" [I-D.ietf-6lo-ap-nd], which guarantees the ownership of the 952 Registered Address using a cryptographic RUID. 954 The registration mechanism may be used by a rogue node to attack the 955 6LR or the 6LBR with a Denial-of-Service attack against the registry. 956 It may also happen that the registry of a 6LR or a 6LBR is saturated 957 and cannot take any more registration, which effectively denies the 958 requesting node the capability to use a new address. In order to 959 alleviate those concerns, Section 4.7 provides a number of 960 recommendations that ensure that a stale registration is removed as 961 soon as possible from the 6LR and 6LBR. In particular, this 962 specification recommends that: 964 o A node that ceases to use an address SHOULD attempt to de-register 965 that address from all the 6LRs to which it is registered. See 966 Section 4.2 for the mechanism to avoid replay attacks and avoiding 967 the use of stale registration information. 968 o The Registration lifetimes SHOULD be individually configurable for 969 each address or group of addresses. The nodes SHOULD be 970 configured with a Registration Lifetime that reflects their 971 expectation of how long they will use the address with the 6LR to 972 which it is registered. In particular, use cases that involve 973 mobility or rapid address changes SHOULD use lifetimes that are 974 larger yet of a same order as the duration of the expectation of 975 presence. 976 o The router (6LR or 6LBR) SHOULD be configurable so as to limit the 977 number of addresses that can be registered by a single node, as 978 identified at least by MAC address and preferably by security 979 credentials. When that maximum is reached, the router should use 980 a Least-Recently-Used (LRU) algorithm to clean up the addresses, 981 keeping at least one Link-Local address. The router SHOULD 982 attempt to keep one or more stable addresses if stability can be 983 determined, e.g. from the way the IID is formed or because they 984 are used over a much longer time span than other (privacy, 985 shorter-lived) addresses. Address lifetimes SHOULD be 986 individually configurable. 987 o In order to avoid denial of registration for the lack of 988 resources, administrators should take great care to deploy 989 adequate numbers of 6LRs to cover the needs of the nodes in their 990 range, so as to avoid a situation of starving nodes. It is 991 expected that the 6LBR that serves a LLN is a more capable node 992 then the average 6LR, but in a network condition where it may 993 become saturated, a particular deployment should distribute the 994 6LBR functionality, for instance by leveraging a high speed 995 Backbone Link and Backbone Routers to aggregate multiple LLNs into 996 a larger subnet. 998 The LLN nodes depend on the 6LBR and the 6BBR for their operation. A 999 trust model must be put in place to ensure that the right devices are 1000 acting in these roles, so as to avoid threats such as black-holing, 1001 or bombing attack whereby an impersonated 6LBR would destroy state in 1002 the network by using the "Removed" Status code. This trust model 1003 could be at a minimum based on a Layer-2 access control, or could 1004 provide role validation as well (see Req5.1 in Appendix B.5). 1006 9. Privacy Considerations 1008 As indicated in Section 3, this protocol does not aim at limiting the 1009 number of IPv6 addresses that a device can form. A host should be 1010 able to form and register any address that is topologically correct 1011 in the subnet(s) advertised by the 6LR/6LBR. 1013 This specification does not mandate any particular way for forming 1014 IPv6 addresses, but it discourages using EUI-64 for forming the 1015 Interface ID in the Link-Local address because this method prevents 1016 the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971] and 1017 "Cryptographically Generated Addresses (CGA)" [RFC3972], and that of 1018 address privacy techniques. 1020 "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" 1021 [RFC8065] explains why privacy is important and how to form privacy- 1022 aware addresses. All implementations and deployment must consider 1023 the option of privacy addresses in their own environment. 1025 The IPv6 address of the 6LN in the IPv6 header can be compressed 1026 statelessly when the Interface Identifier in the IPv6 address can be 1027 derived from the Lower Layer address. When it is not critical to 1028 benefit from that compression, e.g. the address can be compressed 1029 statefully, or it is rarely used and/or it is used only over one hop, 1030 then privacy concerns should be considered. In particular, new 1031 implementations should follow the IETF "Recommendation on Stable IPv6 1032 Interface Identifiers" [RFC8064] This RFC recommends the use of "A 1033 Method for Generating Semantically Opaque Interface Identifiers with 1034 IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for 1035 generating Interface Identifiers to be used in SLAAC. 1037 10. IANA Considerations 1039 Note to RFC Editor: please replace "This RFC" throughout this 1040 document by the RFC number for this specification once it is 1041 attributed. 1043 IANA is requested to make a number of changes under the "Internet 1044 Control Message Protocol version 6 (ICMPv6) Parameters" registry, as 1045 follows. 1047 10.1. ARO Flags 1049 IANA is requested to create a new subregistry for "ARO Flags". This 1050 specification defines 8 positions, bit 0 to bit 7, and assigns bit 7 1051 for the "T" flag in Section 6.1. The policy is "IETF Review" or 1052 "IESG Approval" [RFC8126]. The initial content of the registry is as 1053 shown in Table 2. 1055 New subregistry for ARO Flags under the "Internet Control Message 1056 Protocol version 6 (ICMPv6) [RFC4443] Parameters" 1058 +-------------+--------------+-----------+ 1059 | ARO Status | Description | Document | 1060 +-------------+--------------+-----------+ 1061 | 0..6 | Unassigned | | 1062 | | | | 1063 | 7 | "T" Flag | This RFC | 1064 +-------------+--------------+-----------+ 1066 Table 2: new ARO Flags 1068 10.2. ICMP Codes 1070 IANA is requested to create a new entry in the ICMPv6 "Code" Fields 1071 subregistry of the Internet Control Message Protocol version 6 1072 (ICMPv6) Parameters for the ICMP codes related to the ICMP type 157 1073 and 158 Duplicate Address Request (shown in Table 3) and Confirmation 1074 (shown in Table 4), respectively, as follows: 1076 New entries for ICMP types 157 DAR message 1078 +-------+----------------------+------------+ 1079 | Code | Name | Reference | 1080 +-------+----------------------+------------+ 1081 | 0 | Original DAR message | RFC 6775 | 1082 | | | | 1083 | 1 | Extended DAR message | This RFC | 1084 +-------+----------------------+------------+ 1086 Table 3: new ICMPv6 Code Fields 1088 New entries for ICMP types 158 DAC message 1090 +-------+----------------------+------------+ 1091 | Code | Name | Reference | 1092 +-------+----------------------+------------+ 1093 | 0 | Original DAC message | RFC 6775 | 1094 | | | | 1095 | 1 | Extended DAC message | This RFC | 1096 +-------+----------------------+------------+ 1098 Table 4: new ICMPv6 Code Fields 1100 10.3. New ARO Status values 1102 IANA is requested to make additions to the Address Registration 1103 Option Status Values Registry as follows: 1105 Address Registration Option Status Values Registry 1107 +-------------+-----------------------------------------+-----------+ 1108 | ARO Status | Description | Document | 1109 +-------------+-----------------------------------------+-----------+ 1110 | 3 | Moved | This RFC | 1111 | | | | 1112 | 4 | Removed | This RFC | 1113 | | | | 1114 | 5 | Validation Requested | This RFC | 1115 | | | | 1116 | 6 | Duplicate Source Address | This RFC | 1117 | | | | 1118 | 7 | Invalid Source Address | This RFC | 1119 | | | | 1120 | 8 | Registered Address topologically | This RFC | 1121 | | incorrect | | 1122 | | | | 1123 | 9 | 6LBR registry saturated | This RFC | 1124 | | | | 1125 | 10 | Validation Failed | This RFC | 1126 +-------------+-----------------------------------------+-----------+ 1128 Table 5: New ARO Status values 1130 10.4. New 6LoWPAN capability Bits 1132 IANA is requested to make additions to the Subregistry for "6LoWPAN 1133 capability Bits" as follows: 1135 Subregistry for "6LoWPAN capability Bits" under the "Internet Control 1136 Message Protocol version 6 (ICMPv6) Parameters" 1138 +-----------------+----------------------+-----------+ 1139 | Capability Bit | Description | Document | 1140 +-----------------+----------------------+-----------+ 1141 | 11 | 6LR capable (L bit) | This RFC | 1142 | | | | 1143 | 12 | 6LBR capable (B bit) | This RFC | 1144 | | | | 1145 | 13 | 6BBR capable (P bit) | This RFC | 1146 | | | | 1147 | 14 | EARO support (E bit) | This RFC | 1148 +-----------------+----------------------+-----------+ 1150 Table 6: New 6LoWPAN capability Bits 1152 11. Acknowledgments 1154 Kudos to Eric Levy-Abegnoli who designed the First Hop Security 1155 infrastructure upon which the first backbone router was implemented. 1156 Many thanks to Sedat Gormus, Rahul Jadhav, Tim Chown, Juergen 1157 Schoenwaelder, Chris Lonvick and Lorenzo Colitti for their various 1158 contributions and reviews. Also many thanks to Thomas Watteyne for 1159 his early implementation of a 6LN that was instrumental to the early 1160 tests of the 6LR, 6LBR and Backbone Router. 1162 12. References 1164 12.1. Normative References 1166 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1167 Requirement Levels", BCP 14, RFC 2119, 1168 DOI 10.17487/RFC2119, March 1997, 1169 . 1171 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 1172 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 1173 2006, . 1175 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1176 Control Message Protocol (ICMPv6) for the Internet 1177 Protocol Version 6 (IPv6) Specification", STD 89, 1178 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1179 . 1181 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1182 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1183 DOI 10.17487/RFC4861, September 2007, 1184 . 1186 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 1187 Address Autoconfiguration", RFC 4862, 1188 DOI 10.17487/RFC4862, September 2007, 1189 . 1191 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1192 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1193 DOI 10.17487/RFC6282, September 2011, 1194 . 1196 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1197 Bormann, "Neighbor Discovery Optimization for IPv6 over 1198 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1199 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1200 . 1202 [RFC7400] Bormann, C., "6LoWPAN-GHC: Generic Header Compression for 1203 IPv6 over Low-Power Wireless Personal Area Networks 1204 (6LoWPANs)", RFC 7400, DOI 10.17487/RFC7400, November 1205 2014, . 1207 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1208 Writing an IANA Considerations Section in RFCs", BCP 26, 1209 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1210 . 1212 12.2. Informative References 1214 [I-D.chakrabarti-nordmark-6man-efficient-nd] 1215 Chakrabarti, S., Nordmark, E., Thubert, P., and M. 1216 Wasserman, "IPv6 Neighbor Discovery Optimizations for 1217 Wired and Wireless Networks", draft-chakrabarti-nordmark- 1218 6man-efficient-nd-07 (work in progress), February 2015. 1220 [I-D.delcarpio-6lo-wlanah] 1221 Vega, L., Robles, I., and R. Morabito, "IPv6 over 1222 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in 1223 progress), October 2015. 1225 [I-D.ietf-6lo-ap-nd] 1226 Thubert, P., Sarikaya, B., and M. Sethi, "Address 1227 Protected Neighbor Discovery for Low-power and Lossy 1228 Networks", draft-ietf-6lo-ap-nd-05 (work in progress), 1229 January 2018. 1231 [I-D.ietf-6lo-backbone-router] 1232 Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- 1233 backbone-router-05 (work in progress), January 2018. 1235 [I-D.ietf-6lo-nfc] 1236 Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, 1237 "Transmission of IPv6 Packets over Near Field 1238 Communication", draft-ietf-6lo-nfc-09 (work in progress), 1239 January 2018. 1241 [I-D.ietf-6tisch-architecture] 1242 Thubert, P., "An Architecture for IPv6 over the TSCH mode 1243 of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work 1244 in progress), November 2017. 1246 [I-D.ietf-ipv6-multilink-subnets] 1247 Thaler, D. and C. Huitema, "Multi-link Subnet Support in 1248 IPv6", draft-ietf-ipv6-multilink-subnets-00 (work in 1249 progress), July 2002. 1251 [I-D.ietf-mboned-ieee802-mcast-problems] 1252 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 1253 Zuniga, "Multicast Considerations over IEEE 802 Wireless 1254 Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work 1255 in progress), February 2018. 1257 [I-D.perkins-intarea-multicast-ieee802] 1258 Perkins, C., Stanley, D., Kumari, W., and J. Zuniga, 1259 "Multicast Considerations over IEEE 802 Wireless Media", 1260 draft-perkins-intarea-multicast-ieee802-03 (work in 1261 progress), July 2017. 1263 [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] 1264 Popa, D. and J. Hui, "6LoPLC: Transmission of IPv6 Packets 1265 over IEEE 1901.2 Narrowband Powerline Communication 1266 Networks", draft-popa-6lo-6loplc-ipv6-over- 1267 ieee19012-networks-00 (work in progress), March 2014. 1269 [I-D.struik-lwip-curve-representations] 1270 Struik, R., "Alternative Elliptic Curve Representations", 1271 draft-struik-lwip-curve-representations-00 (work in 1272 progress), October 2017. 1274 [RFC1558] Howes, T., "A String Representation of LDAP Search 1275 Filters", RFC 1558, DOI 10.17487/RFC1558, December 1993, 1276 . 1278 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 1279 DOI 10.17487/RFC1982, August 1996, 1280 . 1282 [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with 1283 CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 1284 2003, . 1286 [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener 1287 Discovery Version 2 (MLDv2) for IPv6", RFC 3810, 1288 DOI 10.17487/RFC3810, June 2004, 1289 . 1291 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 1292 "SEcure Neighbor Discovery (SEND)", RFC 3971, 1293 DOI 10.17487/RFC3971, March 2005, 1294 . 1296 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 1297 RFC 3972, DOI 10.17487/RFC3972, March 2005, 1298 . 1300 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) 1301 for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, 1302 . 1304 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 1305 over Low-Power Wireless Personal Area Networks (6LoWPANs): 1306 Overview, Assumptions, Problem Statement, and Goals", 1307 RFC 4919, DOI 10.17487/RFC4919, August 2007, 1308 . 1310 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 1311 Extensions for Stateless Address Autoconfiguration in 1312 IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007, 1313 . 1315 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 1316 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 1317 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 1318 Low-Power and Lossy Networks", RFC 6550, 1319 DOI 10.17487/RFC6550, March 2012, 1320 . 1322 [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem 1323 Statement and Requirements for IPv6 over Low-Power 1324 Wireless Personal Area Network (6LoWPAN) Routing", 1325 RFC 6606, DOI 10.17487/RFC6606, May 2012, 1326 . 1328 [RFC7102] Vasseur, JP., "Terms Used in Routing for Low-Power and 1329 Lossy Networks", RFC 7102, DOI 10.17487/RFC7102, January 1330 2014, . 1332 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 1333 Interface Identifiers with IPv6 Stateless Address 1334 Autoconfiguration (SLAAC)", RFC 7217, 1335 DOI 10.17487/RFC7217, April 2014, 1336 . 1338 [RFC7228] Bormann, C., Ersue, M., and A. Keranen, "Terminology for 1339 Constrained-Node Networks", RFC 7228, 1340 DOI 10.17487/RFC7228, May 2014, 1341 . 1343 [RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets 1344 over ITU-T G.9959 Networks", RFC 7428, 1345 DOI 10.17487/RFC7428, February 2015, 1346 . 1348 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1349 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1350 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1351 . 1353 [RFC7934] Colitti, L., Cerf, V., Cheshire, S., and D. Schinazi, 1354 "Host Address Availability Recommendations", BCP 204, 1355 RFC 7934, DOI 10.17487/RFC7934, July 2016, 1356 . 1358 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 1359 "Recommendation on Stable IPv6 Interface Identifiers", 1360 RFC 8064, DOI 10.17487/RFC8064, February 2017, 1361 . 1363 [RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation- 1364 Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065, 1365 February 2017, . 1367 [RFC8105] Mariager, P., Petersen, J., Ed., Shelby, Z., Van de Logt, 1368 M., and D. Barthel, "Transmission of IPv6 Packets over 1369 Digital Enhanced Cordless Telecommunications (DECT) Ultra 1370 Low Energy (ULE)", RFC 8105, DOI 10.17487/RFC8105, May 1371 2017, . 1373 [RFC8163] Lynn, K., Ed., Martocci, J., Neilson, C., and S. 1374 Donaldson, "Transmission of IPv6 over Master-Slave/Token- 1375 Passing (MS/TP) Networks", RFC 8163, DOI 10.17487/RFC8163, 1376 May 2017, . 1378 [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., 1379 Przygienda, T., and S. Aldrin, "Multicast Using Bit Index 1380 Explicit Replication (BIER)", RFC 8279, 1381 DOI 10.17487/RFC8279, November 2017, 1382 . 1384 12.3. External Informative References 1386 [IEEEstd802154] 1387 IEEE, "IEEE Standard for Low-Rate Wireless Networks", 1388 IEEE Standard 802.15.4, DOI 10.1109/IEEE 1389 P802.15.4-REVd/D01, June 2017, 1390 . 1392 [Perlman83] 1393 Perlman, R., "Fault-Tolerant Broadcast of Routing 1394 Information", North-Holland Computer Networks 7: 395-405, 1395 1983, . 1398 Appendix A. Applicability and Requirements Served 1400 This specification extends 6LoWPAN ND to provide a sequence number to 1401 the registration and serves the requirements expressed Appendix B.1 1402 by enabling the mobility of devices from one LLN to the next based on 1403 the complementary work in the "IPv6 Backbone Router" 1404 [I-D.ietf-6lo-backbone-router] specification. 1406 In the context of the the TimeSlotted Channel Hopping (TSCH) mode of 1407 IEEE Std. 802.15.4 [IEEEstd802154], the "6TiSCH architecture" 1408 [I-D.ietf-6tisch-architecture] introduces how a 6LoWPAN ND host could 1409 connect to the Internet via a RPL mesh Network, but this requires 1410 additions to the 6LoWPAN ND protocol to support mobility and 1411 reachability in a secured and manageable environment. This 1412 specification details the new operations that are required to 1413 implement the 6TiSCH architecture and serves the requirements listed 1414 in Appendix B.2. 1416 The term LLN is used loosely in this specification to cover multiple 1417 types of WLANs and WPANs, including Low-Power Wi-Fi, BLUETOOTH(R) Low 1418 Energy, IEEE Std.802.11AH and IEEE Std.802.15.4 wireless meshes, so 1419 as to address the requirements discussed in Appendix B.3. 1421 This specification can be used by any wireless node to associate at 1422 Layer-3 with a 6BBR and register its IPv6 addresses to obtain routing 1423 services including proxy-ND operations over a Backbone Link, 1424 effectively providing a solution to the requirements expressed in 1425 Appendix B.4. 1427 This specification is extended by "Address Protected Neighbor 1428 Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd] to 1429 providing a solution to some of the security-related requirements 1430 expressed in Appendix B.5. 1432 "Efficiency aware IPv6 Neighbor Discovery Optimizations" 1433 [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND 1434 [RFC6775] can be extended to other types of links beyond IEEE Std. 1435 802.15.4 for which it was defined. The registration technique is 1436 beneficial when the Link-Layer technique used to carry IPv6 multicast 1437 packets is not sufficiently efficient in terms of delivery ratio or 1438 energy consumption in the end devices, in particular to enable 1439 energy-constrained sleeping nodes. The value of such extension is 1440 especially apparent in the case of mobile wireless nodes, to reduce 1441 the multicast operations that are related to IPv6 ND ([RFC4861], 1442 [RFC4862]) and affect the operation of the wireless medium 1443 [I-D.ietf-mboned-ieee802-mcast-problems] 1444 [I-D.perkins-intarea-multicast-ieee802]. This serves the scalability 1445 requirements listed in Appendix B.6. 1447 Finally Appendix B.8 provides a matching of requirements with the 1448 specifications that serves them. 1450 Appendix B. Requirements 1452 This section lists requirements that were discussed at 6lo for an 1453 update to 6LoWPAN ND. This specification meets most of them, but 1454 those listed in Appendix B.5 which are deferred to a different 1455 specification such as [I-D.ietf-6lo-ap-nd], and those related to 1456 multicast. 1458 B.1. Requirements Related to Mobility 1460 Due to the unstable nature of LLN links, even in a LLN of immobile 1461 nodes a 6LN may change its point of attachment to a 6LR, say 6LR-a, 1462 and may not be able to notify 6LR-a. Consequently, 6LR-a may still 1463 attract traffic that it cannot deliver any more. When links to a 6LR 1464 change state, there is thus a need to identify stale states in a 6LR 1465 and restore reachability in a timely fashion. 1467 Req1.1: Upon a change of point of attachment, connectivity via a new 1468 6LR MUST be restored in a timely fashion without the need to de- 1469 register from the previous 6LR. 1471 Req1.2: For that purpose, the protocol MUST enable to differentiate 1472 between multiple registrations from one 6LoWPAN Node and 1473 registrations from different 6LoWPAN Nodes claiming the same address. 1475 Req1.3: Stale states MUST be cleaned up in 6LRs. 1477 Req1.4: A 6LoWPAN Node SHOULD also be capable to register its Address 1478 concurrently to multiple 6LRs. 1480 B.2. Requirements Related to Routing Protocols 1482 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 1483 routing in a LLN can be based on RPL, which is the routing protocol 1484 that was defined at the IETF for this particular purpose. Other 1485 routing protocols than RPL are also considered by Standard Defining 1486 Organizations (SDO) on the basis of the expected network 1487 characteristics. It is required that a 6LoWPAN Node attached via ND 1488 to a 6LR would need to participate in the selected routing protocol 1489 to obtain reachability via the 6LR. 1491 Next to the 6LBR unicast address registered by ND, other addresses 1492 including multicast addresses are needed as well. For example a 1493 routing protocol often uses a multicast address to register changes 1494 to established paths. ND needs to register such a multicast address 1495 to enable routing concurrently with discovery. 1497 Multicast is needed for groups. Groups may be formed by device type 1498 (e.g. routers, street lamps), location (Geography, RPL sub-tree), or 1499 both. 1501 The Bit Index Explicit Replication (BIER) Architecture [RFC8279] 1502 proposes an optimized technique to enable multicast in a LLN with a 1503 very limited requirement for routing state in the nodes. 1505 Related requirements are: 1507 Req2.1: The ND registration method SHOULD be extended so that the 6LR 1508 is able to advertise the Address of a 6LoWPAN Node over the selected 1509 routing protocol and obtain reachability to that Address using the 1510 selected routing protocol. 1512 Req2.2: Considering RPL, the Address Registration Option that is used 1513 in the ND registration SHOULD be extended to carry enough information 1514 to generate a DAO message as specified in [RFC6550] section 6.4, in 1515 particular the capability to compute a Path Sequence and, as an 1516 option, a RPLInstanceID. 1518 Req2.3: Multicast operations SHOULD be supported and optimized, for 1519 instance using BIER or MPL. Whether ND is appropriate for the 1520 registration to the 6BBR is to be defined, considering the additional 1521 burden of supporting the Multicast Listener Discovery Version 2 1522 [RFC3810] (MLDv2) for IPv6. 1524 B.3. Requirements Related to the Variety of Low-Power Link types 1526 6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4 1527 and in particular the capability to derive a unique Identifier from a 1528 globally unique MAC-64 address. At this point, the 6lo Working Group 1529 is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique 1530 to other link types ITU-T G.9959 [RFC7428], Master-Slave/Token- 1531 Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field 1532 Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah 1533 [I-D.delcarpio-6lo-wlanah], as well as IEEE1901.2 Narrowband 1534 Powerline Communication Networks 1535 [I-D.popa-6lo-6loplc-ipv6-over-ieee19012-networks] and BLUETOOTH(R) 1536 Low Energy [RFC7668]. 1538 Related requirements are: 1540 Req3.1: The support of the registration mechanism SHOULD be extended 1541 to more LLN links than IEEE Std.802.15.4, matching at least the LLN 1542 links for which an "IPv6 over foo" specification exists, as well as 1543 Low-Power Wi-Fi. 1545 Req3.2: As part of this extension, a mechanism to compute a unique 1546 Identifier should be provided, with the capability to form a Link- 1547 Local Address that SHOULD be unique at least within the LLN connected 1548 to a 6LBR discovered by ND in each node within the LLN. 1550 Req3.3: The Address Registration Option used in the ND registration 1551 SHOULD be extended to carry the relevant forms of unique Identifier. 1553 Req3.4: The Neighbour Discovery should specify the formation of a 1554 site-local address that follows the security recommendations from 1555 [RFC7217]. 1557 B.4. Requirements Related to Proxy Operations 1559 Duty-cycled devices may not be able to answer themselves to a lookup 1560 from a node that uses IPv6 ND on a Backbone Link and may need a 1561 proxy. Additionally, the duty-cycled device may need to rely on the 1562 6LBR to perform registration to the 6BBR. 1564 The ND registration method SHOULD defend the addresses of duty-cycled 1565 devices that are sleeping most of the time and not capable to defend 1566 their own Addresses. 1568 Related requirements are: 1570 Req4.1: The registration mechanism SHOULD enable a third party to 1571 proxy register an Address on behalf of a 6LoWPAN node that may be 1572 sleeping or located deeper in an LLN mesh. 1574 Req4.2: The registration mechanism SHOULD be applicable to a duty- 1575 cycled device regardless of the link type, and enable a 6BBR to 1576 operate as a proxy to defend the Registered Addresses on its behalf. 1578 Req4.3: The registration mechanism SHOULD enable long sleep 1579 durations, in the order of multiple days to a month. 1581 B.5. Requirements Related to Security 1583 In order to guarantee the operations of the 6LoWPAN ND flows, the 1584 spoofing of the 6LR, 6LBR and 6BBRs roles should be avoided. Once a 1585 node successfully registers an address, 6LoWPAN ND should provide 1586 energy-efficient means for the 6LBR to protect that ownership even 1587 when the node that registered the address is sleeping. 1589 In particular, the 6LR and the 6LBR then should be able to verify 1590 whether a subsequent registration for a given address comes from the 1591 original node. 1593 In a LLN it makes sense to base security on layer-2 security. During 1594 bootstrap of the LLN, nodes join the network after authorization by a 1595 Joining Assistant (JA) or a Commissioning Tool (CT). After joining 1596 nodes communicate with each other via secured links. The keys for 1597 the layer-2 security are distributed by the JA/CT. The JA/CT can be 1598 part of the LLN or be outside the LLN. In both cases it is needed 1599 that packets are routed between JA/CT and the joining node. 1601 Related requirements are: 1603 Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1604 the 6LR, 6LBR and 6BBR to authenticate and authorize one another for 1605 their respective roles, as well as with the 6LoWPAN Node for the role 1606 of 6LR. 1608 Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1609 the 6LR and the 6LBR to validate new registration of authorized 1610 nodes. Joining of unauthorized nodes MUST be prevented. 1612 Req5.3: 6LoWPAN ND security mechanisms SHOULD lead to small packet 1613 sizes. In particular, the NS, NA, DAR and DAC messages for a re- 1614 registration flow SHOULD NOT exceed 80 octets so as to fit in a 1615 secured IEEE Std.802.15.4 [IEEEstd802154] frame. 1617 Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be 1618 computationally intensive on the LoWPAN Node CPU. When a Key hash 1619 calculation is employed, a mechanism lighter than SHA-1 SHOULD be 1620 preferred. 1622 Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate 1623 SHOULD be minimized. 1625 Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the 1626 variation of CCM [RFC3610] called CCM* for use at both Layer 2 and 1627 Layer 3, and SHOULD enable the reuse of security code that has to be 1628 present on the device for upper layer security such as TLS. 1630 Req5.7: Public key and signature sizes SHOULD be minimized while 1631 maintaining adequate confidentiality and data origin authentication 1632 for multiple types of applications with various degrees of 1633 criticality. 1635 Req5.8: Routing of packets should continue when links pass from the 1636 unsecured to the secured state. 1638 Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1639 the 6LR and the 6LBR to validate whether a new registration for a 1640 given address corresponds to the same 6LoWPAN Node that registered it 1641 initially, and, if not, determine the rightful owner, and deny or 1642 clean-up the registration that is duplicate. 1644 B.6. Requirements Related to Scalability 1646 Use cases from Automatic Meter Reading (AMR, collection tree 1647 operations) and Advanced Metering Infrastructure (AMI, bi-directional 1648 communication to the meters) indicate the needs for a large number of 1649 LLN nodes pertaining to a single RPL DODAG (e.g. 5000) and connected 1650 to the 6LBR over a large number of LLN hops (e.g. 15). 1652 Related requirements are: 1654 Req6.1: The registration mechanism SHOULD enable a single 6LBR to 1655 register multiple thousands of devices. 1657 Req6.2: The timing of the registration operation should allow for a 1658 large latency such as found in LLNs with ten and more hops. 1660 B.7. Requirements Related to Operations and Management 1662 Section 3.8 of "Architectural Principles of the Internet" [RFC1558] 1663 recommends to : "avoid options and parameters whenever possible. Any 1664 options and parameters should be configured or negotiated dynamically 1665 rather than manually". This is especially true in LLNs where the 1666 number of devices may be large and manual configuration is 1667 infeasible. Capabilities for a dynamic configuration of LLN devices 1668 can also be constrained by the network and power limitation. 1670 A Network Administrator should be able to validate that the network 1671 is operating within capacity, and that in particular a 6LBR does not 1672 get overloaded with an excessive amount of registration, so he can 1673 take actions such as adding a Backbone Link with additional 6LBRs and 1674 6BBRs to his network. 1676 Related requirements are: 1678 Req7.1: A management model SHOULD be provided providing access to the 1679 6LBR and its capacity. It is recommended that the 6LBR be reachable 1680 over a non-LLN link. 1682 Req7.2: A management model SHOULD be provided providing access to the 1683 6LR and its capacity to host additional NCE. This management model 1684 SHOULD avoid polling individual 6LRs n a way that could disrupt the 1685 operation of the LLN. 1687 Req7.3: information on successful and failed registration SHOULD be 1688 provided, including information such as the RUID of the 6LN, the 1689 Registered Address, the Address of the 6LR and the duration of the 1690 registration flow. 1692 Req7.4: In case of a failed registration, information on the failure 1693 including the identification of the node that rejected the 1694 registration and the status in the EARO SHOULD be provided 1696 B.8. Matching Requirements with Specifications 1698 I-drafts/RFCs addressing requirements 1700 +-------------+-----------------------------------------+ 1701 | Requirement | Document | 1702 +-------------+-----------------------------------------+ 1703 | Req1.1 | [I-D.ietf-6lo-backbone-router] | 1704 | | | 1705 | Req1.2 | [RFC6775] | 1706 | | | 1707 | Req1.3 | [RFC6775] | 1708 | | | 1709 | Req1.4 | This RFC | 1710 | | | 1711 | Req2.1 | This RFC | 1712 | | | 1713 | Req2.2 | This RFC | 1714 | | | 1715 | Req2.3 | | 1716 | | | 1717 | Req3.1 | Technology Dependant | 1718 | | | 1719 | Req3.2 | Technology Dependant | 1720 | | | 1721 | Req3.3 | Technology Dependant | 1722 | | | 1723 | Req3.4 | Technology Dependant | 1724 | | | 1725 | Req4.1 | This RFC | 1726 | | | 1727 | Req4.2 | This RFC | 1728 | | | 1729 | Req4.3 | [RFC6775] | 1730 | | | 1731 | Req5.1 | | 1732 | | | 1733 | Req5.2 | [I-D.ietf-6lo-ap-nd] | 1734 | | | 1735 | Req5.3 | | 1736 | | | 1737 | Req5.4 | | 1738 | | | 1739 | Req5.5 | [I-D.ietf-6lo-ap-nd] | 1740 | | | 1741 | Req5.6 | [I-D.struik-lwip-curve-representations] | 1742 | | | 1743 | Req5.7 | [I-D.ietf-6lo-ap-nd] | 1744 | | | 1745 | Req5.8 | | 1746 | | | 1747 | Req5.9 | [I-D.ietf-6lo-ap-nd] | 1748 | | | 1749 | Req6.1 | This RFC | 1750 | | | 1751 | Req6.2 | This RFC | 1752 | | | 1753 | Req7.1 | | 1754 | | | 1755 | Req7.2 | | 1756 | | | 1757 | Req7.3 | | 1758 | | | 1759 | Req7.4 | | 1760 +-------------+-----------------------------------------+ 1762 Table 7: Work Addressing requirements 1764 Appendix C. Subset of a 6LoWPAN Glossary 1766 This document often uses the followng acronyms: 1768 6BBR: 6LoWPAN Backbone Router (proxy for the registration) 1769 6LBR: 6LoWPAN Border Router (authoritative on DAD) 1770 6LN: 6LoWPAN Node 1771 6LR: 6LoWPAN Router (relay to the registration process) 1772 6CIO: Capability Indication Option 1773 (E)ARO: (Extended) Address Registration Option 1774 DAD: Duplicate Address Detection 1775 LLN: Low Power Lossy Network (a typical IoT network) 1776 NCE: Neighbor Cache Entry 1777 RUID: Registration Unique ID 1778 TSCH: TimeSlotted Channel Hopping 1779 TID: Transaction ID (a sequence counter in the EARO) 1781 Authors' Addresses 1783 Pascal Thubert (editor) 1784 Cisco Systems, Inc 1785 Building D (Regus) 45 Allee des Ormes 1786 Mougins - Sophia Antipolis 1787 France 1789 Phone: +33 4 97 23 26 34 1790 Email: pthubert@cisco.com 1791 Erik Nordmark 1792 Zededa 1793 Santa Clara, CA 1794 United States of America 1796 Email: nordmark@sonic.net 1798 Samita Chakrabarti 1799 Verizon 1800 San Jose, CA 1801 United States of America 1803 Email: samitac.ietf@gmail.com 1805 Charles E. Perkins 1806 Futurewei 1807 2330 Central Expressway 1808 Santa Clara 95050 1809 United States of America 1811 Email: charliep@computer.org