idnits 2.17.00 (12 Aug 2021) /tmp/idnits22567/draft-ietf-6lo-rfc6775-update-20.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 6, 2018) is 1445 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC4919' is mentioned on line 1425, but not defined == Missing Reference: 'RFC6606' is mentioned on line 1431, but not defined == Missing Reference: 'Perlman83' is mentioned on line 1593, but not defined == Missing Reference: 'IEEEstd802154' is mentioned on line 1823, but not defined == Outdated reference: A later version (-05) exists of draft-hou-6lo-plc-03 == Outdated reference: draft-ietf-6lo-ap-nd has been published as RFC 8928 == Outdated reference: draft-ietf-6lo-backbone-router has been published as RFC 8929 == Outdated reference: A later version (-17) exists of draft-ietf-6lo-nfc-09 == Outdated reference: draft-ietf-6tisch-architecture has been published as RFC 9030 == Outdated reference: draft-ietf-mboned-ieee802-mcast-problems has been published as RFC 9119 == Outdated reference: draft-ietf-roll-efficient-npdao has been published as RFC 9009 == Outdated reference: A later version (-07) exists of draft-thubert-roll-unaware-leaves-05 -- Obsolete informational reference (is this intentional?): RFC 4941 (Obsoleted by RFC 8981) Summary: 0 errors (**), 0 flaws (~~), 13 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo P. Thubert, Ed. 3 Internet-Draft Cisco 4 Updates: 6775 (if approved) E. Nordmark 5 Intended status: Standards Track Zededa 6 Expires: December 8, 2018 S. Chakrabarti 7 Verizon 8 C. Perkins 9 Futurewei 10 June 6, 2018 12 Registration Extensions for 6LoWPAN Neighbor Discovery 13 draft-ietf-6lo-rfc6775-update-20 15 Abstract 17 This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to 18 clarify the role of the protocol as a registration technique, 19 simplify the registration operation in 6LoWPAN routers, as well as to 20 provide enhancements to the registration capabilities and mobility 21 detection for different network topologies including the backbone 22 routers performing proxy Neighbor Discovery in a low power network. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on December 8, 2018. 41 Copyright Notice 43 Copyright (c) 2018 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents 48 (https://trustee.ietf.org/license-info) in effect on the date of 49 publication of this document. Please review these documents 50 carefully, as they describe your rights and restrictions with respect 51 to this document. Code Components extracted from this document must 52 include Simplified BSD License text as described in Section 4.e of 53 the Trust Legal Provisions and are provided without warranty as 54 described in the Simplified BSD License. 56 Table of Contents 58 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 59 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 60 2.1. BCP 14 . . . . . . . . . . . . . . . . . . . . . . . . . 4 61 2.2. References . . . . . . . . . . . . . . . . . . . . . . . 4 62 2.3. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 4 63 2.4. Subset of a 6LoWPAN Glossary . . . . . . . . . . . . . . 5 64 3. Applicability of Address Registration Options . . . . . . . . 6 65 4. Extended ND Options and Messages . . . . . . . . . . . . . . 7 66 4.1. Extended Address Registration Option (EARO) . . . . . . . 7 67 4.2. Extended Duplicate Address Message Formats . . . . . . . 11 68 4.3. New 6LoWPAN Capability Bits in the Capability Indication 69 Option . . . . . . . . . . . . . . . . . . . . . . . . . 12 70 5. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 13 71 5.1. Extending the Address Registration Option . . . . . . . . 14 72 5.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 15 73 5.2.1. Comparing TID values . . . . . . . . . . . . . . . . 15 74 5.3. Registration Ownership Verifier (ROVR) . . . . . . . . . 17 75 5.4. Extended Duplicate Address Messages . . . . . . . . . . . 18 76 5.5. Registering the Target Address . . . . . . . . . . . . . 18 77 5.6. Link-Local Addresses and Registration . . . . . . . . . . 19 78 5.7. Maintaining the Registration States . . . . . . . . . . . 20 79 6. Backward Compatibility . . . . . . . . . . . . . . . . . . . 22 80 6.1. Signaling EARO Capability Support . . . . . . . . . . . . 23 81 6.2. RFC6775-only 6LN . . . . . . . . . . . . . . . . . . . . 23 82 6.3. RFC6775-only 6LR . . . . . . . . . . . . . . . . . . . . 23 83 6.4. RFC6775-only 6LBR . . . . . . . . . . . . . . . . . . . . 24 84 7. Security Considerations . . . . . . . . . . . . . . . . . . . 24 85 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 26 86 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 87 9.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . . 27 88 9.2. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 27 89 9.3. New ARO Status values . . . . . . . . . . . . . . . . . . 29 90 9.4. New 6LoWPAN Capability Bits . . . . . . . . . . . . . . . 29 91 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 30 92 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 30 93 11.1. Normative References . . . . . . . . . . . . . . . . . . 30 94 11.2. Terminology Related References . . . . . . . . . . . . . 31 95 11.3. Informative References . . . . . . . . . . . . . . . . . 32 96 11.4. External Informative References . . . . . . . . . . . . 35 98 Appendix A. Applicability and Requirements Served (Not 99 Normative) . . . . . . . . . . . . . . . . . . . . . 35 100 Appendix B. Requirements (Not Normative) . . . . . . . . . . . . 36 101 B.1. Requirements Related to Mobility . . . . . . . . . . . . 36 102 B.2. Requirements Related to Routing Protocols . . . . . . . . 37 103 B.3. Requirements Related to the Variety of Low-Power Link 104 types . . . . . . . . . . . . . . . . . . . . . . . . . . 38 105 B.4. Requirements Related to Proxy Operations . . . . . . . . 39 106 B.5. Requirements Related to Security . . . . . . . . . . . . 39 107 B.6. Requirements Related to Scalability . . . . . . . . . . . 41 108 B.7. Requirements Related to Operations and Management . . . . 41 109 B.8. Matching Requirements with Specifications . . . . . . . . 42 110 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 112 1. Introduction 114 IPv6 Low-Power Lossy Networks (LLNs) support star and mesh 115 topologies. For such networks, "Neighbor Discovery Optimization for 116 IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND) 117 [RFC6775] defines a registration mechanism and a central registrar to 118 assure unique addresses. The 6LoWPAN ND mechanism reduces the 119 dependency of the IPv6 Neighbor Discovery Protocol (IPv6 ND) 120 [RFC4861][RFC4862] on network-layer multicast and link-layer 121 broadcast operations. 123 This specification updates 6LoWPAN ND to simplify and generalize 124 registration in 6LoWPAN routers (6LRs). In particular, this 125 specification modifies and extends the behavior and protocol elements 126 of 6LoWPAN ND to enable the following actions: 128 o Determine the freshest location in case of node mobility 130 o Simplify the registration flow for Link-Local Addresses 132 o Support of a Leaf Node in a Route-Over network 134 o Proxy registration in a Route-Over network 136 o Associate the registration with a variable-length Registration 137 Ownership Verifier (ROVR) 139 o Registration via an IPv6 ND proxy over a Backbone Link (6BBR) 141 o Better support for privacy and temporary addresses 143 These features satisfy requirements as listed in Appendix B. 145 2. Terminology 147 2.1. BCP 14 149 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 150 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 151 "OPTIONAL" in this document are to be interpreted as described in BCP 152 14 [RFC2119][RFC8174] when, and only when, they appear in all 153 capitals, as shown here. 155 2.2. References 157 In this document, readers will encounter terms and concepts that are 158 discussed in the following documents: 160 o "Cryptographically Generated Addresses (CGA)" [RFC3972], 162 o "Neighbor Discovery for IP version 6" [RFC4861], 164 o "IPv6 Stateless Address Autoconfiguration" [RFC4862], 166 o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 167 Overview, Assumptions, Problem Statement, and Goals" [RFC4919], 169 o "Problem Statement and Requirements for IPv6 over Low-Power 170 Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], and 172 o "Neighbor Discovery Optimization for Low-power and Lossy Networks" 173 [RFC6775], 175 2.3. New Terms 177 Backbone Link: An IPv6 transit link that interconnects two or more 178 Backbone Routers. 180 Backbone Router (6BBR): A logical network function in an IPv6 router 181 that proxies the 6LoWPAN ND operations specified in this 182 document to assure address uniqueness and other functions 183 required so that multiple LLNs can operate as a single IPv6 184 network. 186 Binding: The association between an IP address, a MAC address, and 187 other information about the node that owns the IP Address. 189 Registration: The process by which a 6LN registers an IPv6 Address 190 with a 6LR in order to establish connectivity to the LLN. In a 191 Route-Over network, a 6LBR may register the 6LN to the 6BBR. 193 Registered Node: The 6LN for which the registration is performed, 194 and which owns the fields in the Extended ARO option. 196 Registering Node: The node that performs the registration; either 197 the Registered Node or a proxy. 199 Registered Address: An address registered for the Registered Node. 201 RFC6775-only: An implementation, a type of node, or a message that 202 behaves only as specified by [RFC6775], as opposed to the 203 behavior specified in this document. 205 Route-Over network: A network for which connectivity provided at the 206 IP layer. 208 updated: A 6LN, a 6LR, or a 6LBR that supports this specification, 209 in contrast to an RFC6775-only device. 211 2.4. Subset of a 6LoWPAN Glossary 213 This document often uses the following acronyms: 215 6BBR: 6LoWPAN Backbone Router 217 6LBR: 6LoWPAN Border Router 219 6LN: 6LoWPAN Node 221 6LR: 6LoWPAN Router 223 6CIO: Capability Indication Option 225 EARO: (Extended) Address Registration Option -- (E)ARO 227 EDAR: (Extended) Duplicate Address Request -- (E)DAR 229 EDAC: (Extended) Duplicate Address Confirmation -- (E)DAC 231 DAD: Duplicate Address Detection 233 DODAG: Destination-Oriented Directed Acyclic Graph 235 LLN: Low-Power and Lossy Network 237 NA: Neighbor Advertisement 239 NCE: Neighbor Cache Entry 240 ND: Neighbor Discovery 242 NDP: Neighbor Discovery Protocol 244 NS: Neighbor Solicitation 246 ROVR: Registration Ownership Verifier (pronounced rover) 248 RPL: IPv6 Routing Protocol for LLNs (pronounced ripple) [RFC6550] 250 RA: Router Advertisement 252 RS: Router Solicitation 254 TID: Transaction ID (a sequence counter in the EARO) 256 3. Applicability of Address Registration Options 258 The Address Registration Option (ARO) in [RFC6775] facilitates 259 Duplicate Address Detection (DAD) for hosts and populates Neighbor 260 Cache Entries (NCEs) [RFC4861] in the routers. This reduces the 261 reliance on multicast operations, which are often as intrusive as 262 broadcast, in IPv6 ND operations (see 263 [I-D.ietf-mboned-ieee802-mcast-problems]). 265 With this specification, a failed or useless registration can be 266 rejected by a 6LR or a 6LBR for reasons other than address 267 duplication. Examples include: 269 o the router having run out of space; 271 o a registration bearing a stale sequence number perhaps denoting a 272 movement of the host after the registration was placed; 274 o a host misbehaving and attempting to register an invalid address 275 such as the unspecified address [RFC4291]; 277 o a host using an address that is not topologically correct on that 278 link. 280 In such cases the host will receive an error to help diagnose the 281 issue and may retry, possibly with a different address, and possibly 282 registering to a different router, depending on the returned error. 283 The ability to return errors to address registrations is not intended 284 to be used to restrict the ability of hosts to form and use multiple 285 addresses. Each host may form and register a number of addresses for 286 enhanced privacy, using mechanisms such as "Privacy Extensions for 287 Stateless Address Autoconfiguration (SLAAC) in IPv6" [RFC4941], and 288 SHOULD conform to "Host Address Availability Recommendations" 289 [RFC7934]. 291 In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for 292 all directly connected addresses to which it is currently forwarding 293 packets (unused entries may be flushed). In contrast, a router 294 serving the Address Registration mechanism needs enough storage to 295 hold NCEs for all the addresses that may be registered to it, 296 regardless of whether or not they are actively communicating. The 297 number of registrations supported by a 6LoWPAN Router (6LR) or 298 6LoWPAN Border Router (6LBR) MUST be clearly documented by the vendor 299 and the dynamic use of associated resources SHOULD be made available 300 to the network operator, e.g., to a management console. Network 301 administrators need to ensure that 6LR/6LBRs in their network support 302 the number and type of devices that can register to them, based on 303 the number of IPv6 addresses that those devices require and their 304 address renewal rate and behavior. 306 4. Extended ND Options and Messages 308 This specification does not introduce new options; it modifies 309 existing options and updates the associated behaviors. 311 4.1. Extended Address Registration Option (EARO) 313 The Address Registration Option (ARO) is defined in section 4.1 of 314 [RFC6775]. 316 This specification introduces the Extended Address Registration 317 Option (EARO) based on the ARO for use in NS and NA messages. The 318 EARO includes a sequence counter called Transaction ID (TID) that is 319 used to determine the latest location of a registering mobile device. 320 A new 'T' flag indicates the presence of the TID field is populated 321 and that the option is an EARO. A 6LN requests routing or proxy 322 services from a 6LR using a new 'R' flag in the EARO. 324 The EUI-64 field is redefined and renamed ROVR in order to carry 325 different types of information, e.g., cryptographic information of 326 variable size. A larger ROVR size MAY be used if and only if 327 backward compatibility is not an issue in the particular deployment. 328 The length of the ROVR field expressed in units of 8 bytes is the 329 Length of the option minus 1. 331 Section 5.1 discusses those changes in depth. 333 The format of the EARO is shown in Figure 1: 335 0 1 2 3 336 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 337 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 338 | Type | Length | Status | Opaque | 339 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 340 | Rsvd | I |R|T| TID | Registration Lifetime | 341 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 342 | | 343 ... Registration Ownership Verifier ... 344 | | 345 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 347 Figure 1: EARO Option Format 349 Option Fields: 351 Type: 33 353 Length: 8-bit unsigned integer. The length of the option in 354 units of 8 bytes. 356 Status: 8-bit unsigned integer. Indicates the status of a 357 registration in the NA response. MUST be set to 0 in 358 NS messages. See Table 1 below. 360 Opaque: An octet opaque to ND; the 6LN MAY pass it 361 transparently to another process. It MUST be set to 362 zero when not used. 364 Rsvd (Reserved): This field is unused. It MUST be initialized to 365 zero by the sender and MUST be ignored by the 366 receiver. 368 I: Two-bit Integer: A value of zero indicates that the 369 Opaque field carries an abstract index that is used 370 to decide in which routing topology the address is 371 expected to be injected. In that case, the Opaque 372 field is passed to a routing process with the 373 indication that it carries topology information, and 374 the value of 0 indicates default. All other values 375 of "I" are reserved and MUST NOT be used. 377 R: The Registering Node sets the 'R' flag to request 378 reachability for the registered address, e.g., by 379 advertising the address in a Route-Over routing 380 protocol or proxying ND over a Backbone Link. 382 T: One-bit flag. Set if the next octet is used as a 383 TID. 385 TID: One-byte integer; a Transaction ID that is maintained 386 by the node and incremented with each transaction of 387 one or more registrations performed at the same time 388 to one or more respective 6LRs. This field MUST be 389 ignored if the 'T' flag is not set. 391 Registration Lifetime: 16-bit integer; expressed in minutes. A 392 value of 0 indicates that the registration has ended 393 and that the associated state MUST be removed. 395 Registration Ownership Verifier (ROVR): Enables the correlation 396 between multiple attempts to register a same IPv6 397 Address. The ROVR size MUST be 64 bits when backward 398 compatibility is needed; otherwise the size MAY be 399 128, 192, or 256 bits. 401 +-------+-----------------------------------------------------------+ 402 | Value | Description | 403 +-------+-----------------------------------------------------------+ 404 | 0..2 | As defined in [RFC6775]. Note: a Status of 1 ("Duplicate | 405 | | Address") applies to the Registered Address. If the | 406 | | Source Address conflicts with an existing registration, | 407 | | "Duplicate Source Address" MUST be used. | 408 | | | 409 | 3 | Moved: The registration failed because it is not the | 410 | | freshest. This Status indicates that the registration is | 411 | | rejected because another more recent registration was | 412 | | done, as indicated by a same ROVR and a more recent TID. | 413 | | One possible cause is a stale registration that has | 414 | | progressed slowly in the network and was passed by a more | 415 | | recent one. It could also indicate a ROVR collision. | 416 | | | 417 | 4 | Removed: The binding state was removed. This status MAY | 418 | | be placed in an NA(EARO) message that is sent as the | 419 | | rejection of a proxy registration to a Backbone Router, | 420 | | or in an asynchronous NA(EARO) at any time. | 421 | | | 422 | 5 | Validation Requested: The Registering Node is challenged | 423 | | for owning the Registered Address or for being an | 424 | | acceptable proxy for the registration. A registrar (6LR, | 425 | | 6LBR, 6BBR) MAY place this Status in asynchronous DAC or | 426 | | NA messages. | 427 | | | 428 | 6 | Duplicate Source Address: The address used as source of | 429 | | the NS(EARO) conflicts with an existing registration. | 430 | | | 431 | 7 | Invalid Source Address: The address used as source of the | 432 | | NS(EARO) is not a Link-Local Address. | 433 | | | 434 | 8 | Registered Address topologically incorrect: The address | 435 | | being registered is not usable on this link. | 436 | | | 437 | 9 | 6LBR Registry saturated: A new registration cannot be | 438 | | accepted because the 6LBR Registry is saturated. Note: | 439 | | this code is used by 6LBRs instead of Status 2 when | 440 | | responding to a Duplicate Address message exchange and is | 441 | | passed on to the Registering Node by the 6LR. | 442 | | | 443 | 10 | Validation Failed: The proof of ownership of the | 444 | | registered address is not correct. | 445 +-------+-----------------------------------------------------------+ 447 Table 1: EARO Status 449 4.2. Extended Duplicate Address Message Formats 451 The DAR and DAC messages share a common base format as defined in 452 section 4.4 of [RFC6775]. Those messages enable information from the 453 ARO to be transported over multiple hops. The DAR and DAC are 454 extended as shown in Figure 2: 456 0 1 2 3 457 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 458 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 459 | Type |CodePfx|CodeSfx| Checksum | 460 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 461 | Status | TID | Registration Lifetime | 462 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 463 | | 464 ... Registration Ownership Verifier ... 465 | | 466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 467 | | 468 + + 469 | | 470 + Registered Address + 471 | | 472 + + 473 | | 474 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 476 Figure 2: Duplicate Address Messages Format 478 Modified Message Fields: 480 Code: The ICMP Code [RFC4443] for Duplicate Address 481 Messages is split in two 4-bit fields, the Code 482 Prefix and the Code Suffix. The Code Prefix MUST be 483 set to zero by the sender and MUST be ignored by the 484 receiver. A non-null value of the Code Suffix 485 indicates support for this specification. It MUST be 486 set to 1 when operating in a backward-compatible 487 mode, indicating a ROVR size of 64 bits. It MAY be 488 2, 3 or 4, denoting a ROVR size of 128, 192, and 256 489 bits, respectively. 491 TID: 1-byte integer; same definition and processing as the 492 TID in the EARO as defined in Section 4.1. This 493 field MUST be ignored if the ICMP Code is null. 495 Registration Ownership Verifier (ROVR): The size of the ROVR is 496 known from the ICMP Code Suffix. This field has the 497 same definition and processing as the ROVR in the 498 EARO option as defined in Section 4.1. 500 4.3. New 6LoWPAN Capability Bits in the Capability Indication Option 502 This specification defines 5 new capability bits for use in the 6CIO, 503 defined by [RFC7400] for use in IPv6 ND messages. 505 The "E" flag indicates that EARO can be used in a registration. A 506 6LR that supports this specification MUST set the "E" flag. 508 The "D" flag indicates that the 6LBR supports EDA Messages. A 6LR 509 that learns the "D" flag from advertisements can then exchange EDAR 510 and EDAC messages with the 6LBR, and it also sets the "D" flag as 511 well as the "L" flag in the 6CIO in its own advertisements. In this 512 way, 6LNs will be able to prefer registration with a 6LR that can 513 make use of new 6LBR features. 515 The new "L", "B", and "P" flags, indicate whether a router is capable 516 of acting as 6LR, 6LBR, and 6BBR, respectively. These flags are not 517 mutually exclusive; an updated node can advertise multiple collocated 518 functions. 520 0 1 2 3 521 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 522 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 523 | Type | Length = 1 | Reserved |D|L|B|P|E|G| 524 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 525 | Reserved | 526 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 528 Figure 3: New Capability Bits in the 6CIO 530 Option Fields: 532 Type: 36 534 L: Node is a 6LR. 536 B: Node is a 6LBR. 538 P: Node is a 6BBR. 540 E: Node supports registrations based on EARO. 542 D: 6LBR supports EDA messages. 544 5. Updating RFC 6775 546 The Extended Address Registration Option (EARO) (see Section 4.1) 547 updates the ARO used within Neighbor Discovery NS and NA messages 548 between a 6LN and its 6LR. Similarly, EDAR and EDAC update the DAR 549 and DAC messages so as to transport the new information between 6LRs 550 and 6LBRs across an LLN mesh. 552 The extensions to the ARO option are the Duplicate Address Request 553 (DAR) and Duplicate Address Confirmation (DAC), used in the Duplicate 554 Address messages. They convey the additional information all the way 555 to the 6LBR. In turn the 6LBR may proxy the registration using IPv6 556 ND over a Backbone Link as illustrated in Figure 4. This 557 specification avoids the Duplicate Address message flow for Link- 558 Local Addresses in a Route-Over [RFC6606] topology (see Section 5.6). 560 6LN 6LR 6LBR 6BBR 561 | | | | 562 | NS(EARO) | | | 563 |--------------->| | | 564 | | Extended DAR | | 565 | |-------------->| | 566 | | | | 567 | | | proxy NS(EARO) | 568 | | |--------------->| 569 | | | | NS(DAD) 570 | | | | ------> 571 | | | | 572 | | | | 573 | | | proxy NA(EARO) | 574 | | |<---------------| 575 | | Extended DAC | | 576 | |<--------------| | 577 | NA(EARO) | | | 578 |<---------------| | | 579 | | | | 581 Figure 4: (Re-)Registration Flow 583 This specification allows multiple registrations, including for 584 privacy / temporary addresses and provides a mechanism to help clean 585 up stale registration state as soon as possible, e.g., after a 586 movement (see Section 7). 588 Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface 589 and locates available 6LRs. A Registering Node SHOULD register to a 590 6LR that supports this specification if one is found, as discussed in 591 Section 6.1, instead of registering to an RFC6775-only one; otherwise 592 the Registering Node operates in a backward-compatible fashion when 593 attaching to an RFC6775-only 6LR. 595 5.1. Extending the Address Registration Option 597 The Extended ARO (EARO) updates the ARO and is backward compatible 598 with the ARO if and only if the Length of the option is set to 2. 599 Its format is presented in Section 4.1. More details on backward 600 compatibility can be found in Section 6. 602 The Neighbor Solicitation (NS) and the ARO are modified as follows: 604 o The Target Address in the NS containing the EARO is now the field 605 that indicates the address that is being registered, as opposed to 606 the Source Address field as specified in [RFC6775] (see 607 Section 5.5). This change enables a 6LBR to use one of its 608 addresses as source of the proxy-registration of an address that 609 belongs to a LLN Node to a 6BBR. This change also avoids in most 610 cases the use of an address as source address before it is 611 registered. 613 o The EUI-64 field in the ARO Option is renamed Registration 614 Ownership Verifier (ROVR) and is not required to be derived from a 615 MAC address (see Section 5.3). 617 o The option Length MAY be different than 2 and take a value between 618 3 and 5, in which case the EARO is not backward compatible with an 619 ARO. The increase of size corresponds to a larger ROVR field, so 620 the size of the ROVR is inferred from the option Length. 622 o A new Opaque field is introduced to carry opaque information in 623 case the registration is relayed to another process, e.g., to be 624 advertised by a routing protocol. A new "I" field provides a type 625 for the opaque information, and indicates the other process to 626 which the 6LN passes the opaque value. A value of Zero for I 627 indicates topological information to be passed to a routing 628 process if the registration is redistributed. In that case, a 629 value of Zero for the Opaque field is backward-compatible with the 630 reserved fields that are overloaded, and the meaning is to use the 631 default topology. 633 o This document specifies a new flag in the EARO, the 'R' flag. If 634 the 'R' flag is set, the Registering Node requests the 6LR to 635 ensure reachability for the Registered Address, e.g., by means of 636 routing or proxying ND. Conversely, when it is not set, the 'R' 637 flag indicates that the Registering Node is a router, and that it 638 will advertise reachability to the Registered Address via a 639 routing protocol (such as RPL [RFC6550]). 641 o A node that supports this specification MUST be provide a 642 Transaction ID (TID) field in the EARO, and set the 'T' flag to 643 indicate the presence of the TID (see Section 5.2). 645 o Finally, this specification introduces new status codes to help 646 diagnose the cause of a registration failure (see Table 1). 648 A 6LN that acts only as a host, when registering, MUST set the 'R' 649 flag to indicate that it is not a router and that it will not handle 650 its own reachability. A 6LR that manages its reachability SHOULD NOT 651 set the 'R' flag; if it does, routes towards this router may be 652 installed on its behalf and may interfere with those it advertises. 654 5.2. Transaction ID 656 The TID is a sequence number that is incremented by the 6LN with each 657 re-registration to a 6LR. The TID is used to determine the freshness 658 of the registration request. The network uses the most recent TID to 659 determine the current (most recent known) location(s) of a moving 660 6LN. When a Registered Node is registered with multiple 6LRs in 661 parallel, the same TID MUST be used. This enables the 6LBRs and/or 662 6BBRs to determine whether the registrations are the same, and to 663 distinguish that situation from a movement (see section 4 of 664 [I-D.ietf-6lo-backbone-router] and Section 5.7 below). 666 5.2.1. Comparing TID values 668 The operation of the TID is fully compatible with that of the RPL 669 Path Sequence counter as described in the "Sequence Counter 670 Operation" section of the "IPv6 Routing Protocol for Low-Power and 671 Lossy Networks" [RFC6550] specification. 673 A TID is deemed to be fresher than another when its value is greater 674 as determined by the operations detailed in this section. 676 The TID range is subdivided in a 'lollipop' fashion ([Perlman83]), 677 where the values from 128 and greater are used as a linear sequence 678 to indicate a restart and bootstrap the counter, and the values less 679 than or equal to 127 used as a circular sequence number space of size 680 128 as in [RFC1982]. Consideration is given to the mode of operation 681 when transitioning from the linear region to the circular region. 682 Finally, when operating in the circular region, if sequence numbers 683 are determined to be too far apart then they are not comparable, as 684 detailed below. 686 A window of comparison, SEQUENCE_WINDOW = 16, is configured based on 687 a value of 2^N, where N is defined to be 4 in this specification. 689 For a given sequence counter, 691 1. The sequence counter SHOULD be initialized to an implementation 692 defined value which is 128 or greater prior to use. A 693 recommended value is 240 (256 - SEQUENCE_WINDOW). 695 2. When a sequence counter increment would cause the sequence 696 counter to increment beyond its maximum value, the sequence 697 counter MUST wrap back to zero. When incrementing a sequence 698 counter greater than or equal to 128, the maximum value is 255. 699 When incrementing a sequence counter less than 128, the maximum 700 value is 127. 702 3. When comparing two sequence counters, the following rules MUST be 703 applied: 705 1. When a first sequence counter A is in the interval [128..255] 706 and a second sequence counter B is in [0..127]: 708 1. If (256 + B - A) is less than or equal to 709 SEQUENCE_WINDOW, then B is greater than A, A is less than 710 B, and the two are not equal. 712 2. If (256 + B - A) is greater than SEQUENCE_WINDOW, then A 713 is greater than B, B is less than A, and the two are not 714 equal. 716 For example, if A is 240, and B is 5, then (256 + 5 - 240) is 717 21. 21 is greater than SEQUENCE_WINDOW (16), thus 240 is 718 greater than 5. As another example, if A is 250 and B is 5, 719 then (256 + 5 - 250) is 11. 11 is less than SEQUENCE_WINDOW 720 (16), thus 250 is less than 5. 722 2. In the case where both sequence counters to be compared are 723 less than or equal to 127, and in the case where both 724 sequence counters to be compared are greater than or equal to 725 128: 727 1. If the absolute magnitude of difference between the two 728 sequence counters is less than or equal to 729 SEQUENCE_WINDOW, then a comparison as described in 730 [RFC1982] is used to determine the relationships greater 731 than, less than, and equal. 733 2. If the absolute magnitude of difference of the two 734 sequence counters is greater than SEQUENCE_WINDOW, then a 735 desynchronization has occurred and the two sequence 736 numbers are not comparable. 738 4. If two sequence numbers are determined to be not comparable, 739 i.e., the results of the comparison are not defined, then a node 740 should give precedence to the sequence number that was most 741 recently incremented. Failing this, the node should select the 742 sequence number in order to minimize the resulting changes to its 743 own state. 745 5.3. Registration Ownership Verifier (ROVR) 747 The ROVR field replaces the EUI-64 field of the ARO defined in 748 [RFC6775]. It is associated in the 6LR and the 6LBR with the 749 registration state. The ROVR can be a unique ID of the Registering 750 Node, such as the EUI-64 address of an interface. This can also be a 751 token obtained with cryptographic methods which can be used in 752 additional protocol exchanges to associate a cryptographic identity 753 (key) with this registration to ensure that only the owner can modify 754 it later, if the proof-of-ownership of the ROVR can be obtained (more 755 in Section 5.6). The scope of a ROVR is the registration of a 756 particular IPv6 Address and it MUST NOT be used to correlate 757 registrations of different addresses. 759 The ROVR can be of different types; the type is signaled in the 760 message that carries the new type. For instance, the type can be a 761 cryptographic string and used to prove the ownership of the 762 registration as specified in "Address Protected Neighbor Discovery 763 for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to 764 support the flows related to the proof-of-ownership, this 765 specification introduces new status codes "Validation Requested" and 766 "Validation Failed" in the EARO. 768 Note on ROVR collision: different techniques for forming the ROVR 769 will operate in different name-spaces. [RFC6775] operates on EUI- 770 64(TM) addresses. [I-D.ietf-6lo-ap-nd] generates cryptographic 771 tokens. While collisions are not expected in the EUI-64 name-space 772 only, they may happen in the case of [I-D.ietf-6lo-ap-nd] and in a 773 mixed situation. An implementation that understands the name-space 774 MUST consider that ROVRs from different name-spaces are different 775 even if they have the same value. An RFC6775-only 6LR or 6LBR will 776 confuse the name-spaces, which slightly increases the risk of a ROVR 777 collision. A collision of ROVR has no effect if the two Registering 778 Nodes register different addresses, since the ROVR is only 779 significant within the context of one registration. A ROVR is not 780 expected to be unique to one registration, as this specification 781 allows a node to use the same ROVR to register multiple IPv6 782 addresses. This is why the ROVR MUST NOT be used as a key to 783 identify the Registering Node, or as an index to the registration. 784 It is only used as a match to ensure that the node that updates a 785 registration for an IPv6 address is the node that made the original 786 registration for that IPv6 address. Also, when the ROVR is not an 787 EUI-64 address, then it MUST NOT be used as the interface ID of the 788 Registered Address. This way, a registration that uses that ROVR 789 will not collide with that of an IPv6 Address derived from EUI-64 and 790 using the EUI-64 as ROVR per [RFC6775]. 792 The Registering Node SHOULD store the ROVR, or enough information to 793 regenerate it, in persistent memory. If this is not done and an 794 event such as a reboot causes a loss of state, re-registering the 795 same address could be impossible until the 6LRs and the 6LBR time out 796 the previous registration, or a management action is taken to clear 797 the relevant state in the network. 799 5.4. Extended Duplicate Address Messages 801 In order to map the new EARO content in the Extended Duplicate 802 Address (EDA) messages, a new TID field is added to the Extended DAR 803 (EDAR) and the Extended DAC (EDAC) messages as a replacement of the 804 Reserved field, and a non-null value of the ICMP Code indicates 805 support for this specification. The format of the EDA messages is 806 presented in Section 4.2. 808 As with the EARO, the Extended Duplicate Address messages are 809 backward compatible with the RFC6775-only versions as long as the 810 ROVR field is 64 bits long. Remarks concerning backwards 811 compatibility for the protocol between the 6LN and the 6LR apply 812 similarly between a 6LR and a 6LBR. 814 5.5. Registering the Target Address 816 An NS message with an EARO is a registration if and only if it also 817 carries an SLLA Option [RFC6775]. The EARO is also used in NS and NA 818 messages between Backbone Routers [I-D.ietf-6lo-backbone-router] over 819 the Backbone Link to sort out the distributed registration state; in 820 that case, it does not carry the SLLA Option and is not confused with 821 a registration. 823 The Registering Node is the node that performs the registration to 824 the 6BBR. As in [RFC6775], it may be the Registered Node as well, in 825 which case it registers one of its own addresses and indicates its 826 own MAC Address as Source Link Layer Address (SLLA) in the NS(EARO). 828 This specification adds the capability to proxy the registration 829 operation on behalf of a Registered Node that is reachable over an 830 LLN mesh. In that case, if the Registered Node is reachable from the 831 6BBR over a Mesh-Under mesh, the Registering Node indicates the MAC 832 Address of the Registered Node as the SLLA in the NS(EARO). If the 833 Registered Node is reachable over a Route-Over mesh from the 834 Registering Node, the SLLA in the NS(ARO) is that of the Registering 835 Node. This enables the Registering Node to attract the packets from 836 the 6BBR and route them over the LLN to the Registered Node. 838 In order to enable the latter operation, this specification changes 839 the behavior of the 6LN and the 6LR so that the Registered Address is 840 found in the Target Address field of the NS and NA messages as 841 opposed to the Source Address field. With this convention, a TLLA 842 option indicates the link-layer address of the 6LN that owns the 843 address. 845 A Registering Node (e.g., a 6LBR also acting as RPL Root) that 846 advertises reachability for the 6LN MUST place its own Link Layer 847 Address in the SLLA Option of the registration NS(EARO) message. 848 This maintains compatibility with RFC6775-only 6LoWPAN ND [RFC6775]. 850 5.6. Link-Local Addresses and Registration 852 LLN nodes are often not wired and may move. There is no guarantee 853 that a Link-Local Address remain unique among a huge and potentially 854 variable set of neighboring nodes. 856 Compared to [RFC6775], this specification only requires that a Link- 857 Local Address be unique from the perspective of the two nodes that 858 use it to communicate (e.g., the 6LN and the 6LR in an NS/NA 859 exchange). This simplifies the DAD process in a Route-Over topology 860 for Link-Local Addresses by avoiding an exchange of EDA messages 861 between the 6LR and a 6LBR for those addresses. 863 An exchange between two nodes using Link-Local Addresses implies that 864 they are reachable over one hop. A node MUST register a Link-Local 865 Address to a 6LR in order to obtain further reachability by way of 866 that 6LR, and in particular to use the Link-Local Address as source 867 address to register other addresses, e.g., global addresses. 869 If there is no collision with a previously registered address, then 870 the Link-Local Address is unique from the standpoint of this 6LR and 871 the registration is not a duplicate. Two different 6LRs might claim 872 the same Link-Local Address but different link-layer addresses. In 873 that case, a 6LN MUST only interact with at most one of the 6LRs. 875 The exchange of EDA messages between the 6LR and a 6LBR, which 876 ensures that an address is unique across the domain covered by the 877 6LBR, does not need to take place for Link-Local Addresses. 879 When sending an NS(EARO) to a 6LR, a 6LN MUST use a Link-Local 880 Address as the source address of the registration, whatever the type 881 of IPv6 address that is being registered. That Link-Local Address 882 MUST be either an address that is already registered to the 6LR, or 883 the address that is being registered. 885 When a 6LN starts up, it typically multicasts a RS and receives one 886 or more unicast RA messages from 6LRs. If the 6LR can process EARO 887 messages, then it places a 6CIO in its RA message with the "E" Flag 888 set as required in Section 6.1. 890 When a Registering Node does not have an already-registered Address, 891 it MUST register a Link-Local Address, using it as both the Source 892 and the Target Address of an NS(EARO) message. In that case, it is 893 RECOMMENDED to use an address for which DAD is not required (see 894 [RFC6775]), e.g., derived from a globally unique EUI-64 address; 895 using the SLLA Option in the NS is consistent with existing ND 896 specifications such as the "Optimistic Duplicate Address Detection 897 (ODAD) for IPv6" [RFC4429]. The 6LN MAY then use that address to 898 register one or more other addresses. 900 A 6LR that supports this specification replies with an NA(EARO), 901 setting the appropriate status. Since there is no exchange of EDA 902 messages for Link-Local Addresses, the 6LR may answer immediately to 903 the registration of a Link-Local Address, based solely on its 904 existing state and the Source Link-Layer Option that is placed in the 905 NS(EARO) message as required in [RFC6775]. 907 A node registers its IPv6 Global Unicast Addresses (GUAs) to a 6LR in 908 order to establish global reachability for these addresses via that 909 6LR. When registering with an updated 6LR, a Registering Node does 910 not use a GUA as Source Address, in contrast to a node that complies 911 to [RFC6775]. For non-Link-Local Addresses, the exchange of EDA 912 messages MUST conform to [RFC6775], but the extended formats 913 described in this specification for the DAR and the DAC are used to 914 relay the extended information in the case of an EARO. 916 5.7. Maintaining the Registration States 918 This section discusses protocol actions that involve the Registering 919 Node, the 6LR, and the 6LBR. It must be noted that the portion that 920 deals with a 6LBR only applies to those addresses that are registered 921 to it; as discussed in Section 5.6, this is not the case for Link- 922 Local Addresses. The registration state includes all data that is 923 stored in the router relative to that registration, in particular, 924 but not limited to, an NCE. 6LBRs and 6BBRs may store additional 925 registration information and use synchronization protocols that are 926 out of scope of this document. 928 A 6LR cannot accept a new registration when its registration storage 929 space is exhausted. In that situation, the EARO is returned in an NA 930 message with a Status Code of "Neighbor Cache Full" (Table 1), and 931 the Registering Node may attempt to register to another 6LR. 933 If the registry in the 6LBR is full, then the 6LBR cannot decide 934 whether a registration for a new address is a duplicate. In that 935 case, the 6LBR replies to an EDAR message with an EDAC message that 936 carries a new Status Code indicating "6LBR Registry Saturated" 937 (Table 1). Note: this code is used by 6LBRs instead of "Neighbor 938 Cache Full" when responding to a Duplicate Address message exchange 939 and is passed on to the Registering Node by the 6LR. There is no 940 point for the node to retry this registration via another 6LR, since 941 the problem is network-wide. The node may either abandon that 942 address, de-register other addresses first to make room, or keep the 943 address in TENTATIVE state and retry later. 945 A node renews an existing registration by sending a new NS(EARO) 946 message for the Registered Address, and the 6LR MUST report the new 947 registration to the 6LBR. 949 A node that ceases to use an address SHOULD attempt to de-register 950 that address from all the 6LRs to which it has registered the 951 address. This is achieved using an NS(EARO) message with a 952 Registration Lifetime of 0. If this is not done, the associated 953 state will remain in the network till the current Registration 954 Lifetime expires and this may lead to a situation where the 6LR 955 resources become saturated, even if they are correctly planned to 956 start with. The 6LR may then take defensive measures that may 957 prevent this node or some other nodes from owning as many addresses 958 as they request (see Section 7). 960 A node that moves away from a particular 6LR SHOULD attempt to de- 961 register all of its addresses registered to that 6LR and register to 962 a new 6LR with an incremented TID. When/if the node appears 963 elsewhere, an asynchronous NA(EARO) or EDAC message with a Status 964 Code of "Moved" SHOULD be used to clean up the state in the previous 965 location. As described in [I-D.ietf-6lo-backbone-router], the 966 "Moved" status can be used by a 6BBR in an NA(EARO) message to 967 indicate that the ownership of the proxy state on the Backbone Link 968 was transferred to another 6BBR as the consequence of a movement of 969 the device. If the receiver of the message has registration state 970 corresponding to the related address, it SHOULD propagate the status 971 down the forwarding path to the Registered node (e.g., reversing an 972 existing RPL [RFC6550] path as prescribed in 973 [I-D.ietf-roll-efficient-npdao]). Whether it could do so or not, the 974 receiver MUST clean up said state. 976 Upon receiving an NS(EARO) message with a Registration Lifetime of 0 977 and determining that this EARO is the freshest for a given NCE (see 978 Section 5.2), a 6LR cleans up its NCE. If the address was registered 979 to the 6LBR, then the 6LR MUST report to the 6LBR, through a 980 Duplicate Address exchange with the 6LBR, indicating the null 981 Registration Lifetime and the latest TID that this 6LR is aware of. 983 Upon receiving the EDAR message, the 6LBR evaluates if this is the 984 most recent TID it has received for that particular registry entry. 985 If so, then the EDAR is answered with an EDAC message bearing a 986 Status of "Success" and the entry is scheduled to be removed. 987 Otherwise, a Status Code of "Moved" is returned instead, and the 988 existing entry is maintained. 990 When an address is scheduled to be removed, the 6LBR SHOULD keep its 991 NCE in a DELAY state [RFC4861] for a configurable period of time, so 992 as to protect a mobile node that de-registered from one 6LR and did 993 not register yet to a new one, or the new registration did not yet 994 reach the 6LBR due to propagation delays in the network. Once the 995 DELAY time is passed, the 6LBR silently removes its entry. 997 6. Backward Compatibility 999 This specification changes the behavior of the peers in a 1000 registration flow. To enable backward compatibility, a 6LN that 1001 registers to a 6LR that is not known to support this specification 1002 MUST behave in a manner that is backward-compatible with [RFC6775]. 1003 On the contrary, if the 6LR is found to support this specification, 1004 then the 6LN MUST conform to this specification when communicating 1005 with that 6LR. 1007 A 6LN that supports this specification MUST always use an EARO as a 1008 replacement for an ARO in its registration to a router. This is 1009 backward-compatible since the 'T' flag and TID field are reserved in 1010 [RFC6775], and are ignored by an RFC6775-only router. A router that 1011 supports this specification MUST answer an NS(ARO) and an NS(EARO) 1012 with an NA(EARO). A router that does not support this specification 1013 will consider the ROVR as an EUI-64 address and treat it the same, 1014 which has no consequence if the Registered Addresses are different. 1016 6.1. Signaling EARO Capability Support 1018 "Generic Header Compression for IPv6 over 6LoWPANs" [RFC7400] 1019 specifies the 6LoWPAN Capability Indication Option (6CIO) to indicate 1020 a node's capabilities to its peers. The 6CIO MUST be present in both 1021 Router Solicitation (RS) and Router Advertisement (RA) messages, 1022 unless the 6CIO information was already shared in recent exchanges, 1023 or pre-configured in all nodes in a network. In any case, a 6CIO 1024 MUST be placed in an RA message that is sent in response to an RS 1025 with a 6CIO. 1027 Section 4.3 defines a new flag for the 6CIO to signal support for 1028 EARO by the issuer of the message. New flags are also added to the 1029 6CIO to signal the sender's capability to act as a 6LR, 6LBR, and 1030 6BBR (see Section 4.3). 1032 Section 4.3 also defines a new flag that indicates the support of EDA 1033 messages by the 6LBR. This flag is valid in RA messages but not in 1034 RS messages. More information on the 6LBR is found in a separate 1035 Authoritative Border Router Option (ABRO). The ABRO is placed in RA 1036 messages as prescribed by [RFC6775]; in particular, it MUST be placed 1037 in an RA message that is sent in response to an RS with a 6CIO 1038 indicating the capability to act as a 6LR, since the RA propagates 1039 information between routers. 1041 6.2. RFC6775-only 6LN 1043 An RFC6775-only 6LN will use the Registered Address as the source 1044 address of the NS message and will not use an EARO. An updated 6LR 1045 MUST accept that registration if it is valid per [RFC6775], and it 1046 MUST manage the binding cache accordingly. The updated 6LR MUST then 1047 use the RFC6775-only DAR and DAC messages as specified in [RFC6775] 1048 to indicate to the 6LBR that the TID is not present in the messages. 1050 The main difference from [RFC6775] is that the exchange of EDA 1051 messages for the purpose of DAD is avoided for Link-Local Addresses. 1052 In any case, the 6LR MUST use an EARO in the reply, and can use any 1053 of the Status codes defined in this specification. 1055 6.3. RFC6775-only 6LR 1057 An updated 6LN discovers the capabilities of the 6LR in the 6CIO in 1058 RA messages from that 6LR; if the 6CIO was not present in the RA, 1059 then the 6LR is assumed to be a RFC6775-only 6LR. 1061 An updated 6LN MUST use an EARO in the request regardless of the type 1062 of 6LR, RFC6775-only or updated, which implies that the 'T' flag is 1063 set. It MUST use a ROVR of 64 bits if the 6LR is an RFC6775-only 1064 6LR. 1066 If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR, 1067 the RFC6775-only 6LR will send an RFC6775-only DAR message, which 1068 cannot be compared with an updated one for freshness. Allowing 1069 RFC6775-only DAR messages to update a state established by the 1070 updated protocol in the 6LBR would be an attack vector and that 1071 cannot be the default behavior. But if RFC6775-only and updated 6LRs 1072 coexist temporarily in a network, then it makes sense for an 1073 administrator to install a policy that allows this, using some method 1074 out of scope for this document. 1076 6.4. RFC6775-only 6LBR 1078 With this specification, the Duplicate Address messages are extended 1079 to transport the EARO information. Similarly to the NS/NA exchange, 1080 an updated 6LBR MUST always use the EDA messages. 1082 Note that an RFC6775-only 6LBR will accept and process an EDAR 1083 message as if it were an RFC6775-only DAR, as long as the ROVR is 64 1084 bits long. An updated 6LR discovers the capabilities of the 6LBR in 1085 the 6CIO in RA messages from the 6LR; if the 6CIO was not present in 1086 any RA, then the 6LBR is assumed to be a RFC6775-only 6LBR. 1088 If the 6LBR is RFC6775-only, the 6LR MUST use only the 64 leftmost 1089 bits of the ROVR, and place the result in the EDAR message to 1090 maintain compatibility. This way, the support of DAD is preserved. 1092 7. Security Considerations 1094 This specification extends [RFC6775], and the security section of 1095 that document also applies to this document. In particular, the link 1096 layer SHOULD be sufficiently protected to prevent rogue access. 1098 [RFC6775] does not protect the content of its messages and expects a 1099 lower layer encryption to defeat potential attacks. This 1100 specification requires the LLN MAC to provide secure unicast to/from 1101 the Backbone Router and secure Broadcast or Multicast from the 1102 Backbone Router in a way that prevents tampering with or replaying 1103 the Neighbor Discovery messages. 1105 This specification recommends using privacy techniques (see 1106 Section 8), and protecting against address theft by methods outside 1107 the scope of this document. For instance, "Address Protected 1108 Neighbor Discovery for Low-power and Lossy Networks" 1109 [I-D.ietf-6lo-ap-nd] guarantees the ownership of the Registered 1110 Address using a cryptographic ROVR. 1112 The registration mechanism may be used by a rogue node to attack the 1113 6LR or the 6LBR with a Denial-of-Service attack against the registry. 1114 It may also happen that the registry of a 6LR or a 6LBR is saturated 1115 and cannot take any more registrations, which effectively denies the 1116 requesting node the capability to use a new address. In order to 1117 alleviate those concerns, Section 5.7 provides a number of 1118 recommendations that ensure that a stale registration is removed as 1119 soon as possible from the 6LR and 6LBR. In particular, this 1120 specification recommends that: 1122 o A node that ceases to use an address SHOULD attempt to de-register 1123 that address from all the 6LRs to which it is registered. See 1124 Section 5.2 for the mechanism to avoid replay attacks and avoiding 1125 the use of stale registration information. 1127 o The Registration lifetimes SHOULD be individually configurable for 1128 each address or group of addresses. The nodes SHOULD be 1129 configured with a Registration Lifetime that reflects their 1130 expectation of how long they will use the address with the 6LR to 1131 which it is registered. In particular, use cases that involve 1132 mobility or rapid address changes SHOULD use lifetimes that are 1133 larger yet of a same order as the duration of the expectation of 1134 presence. 1136 o The router (6LR or 6LBR) SHOULD be configurable so as to limit the 1137 number of addresses that can be registered by a single node, but 1138 as a protective measure only. In any case, a router MUST be able 1139 to keep a minimum number of addresses per node. That minimum 1140 depends on the type of device and ranges between 3 for a very 1141 constrained LLN and 10 for a larger device. A node may be 1142 identified by its MAC address, as long as it is not obfuscated by 1143 privacy measures. A stronger identification (e.g., by security 1144 credentials) is RECOMMENDED. When the maximum is reached, the 1145 router SHOULD use a Least-Recently-Used (LRU) algorithm to clean 1146 up the addresses, keeping at least one Link-Local Address. The 1147 router SHOULD attempt to keep one or more stable addresses if 1148 stability can be determined, e.g., because they are used over a 1149 much longer time span than other (privacy, shorter-lived) 1150 addresses. 1152 o In order to avoid denial of registration for the lack of 1153 resources, administrators should take great care to deploy 1154 adequate numbers of 6LRs to cover the needs of the nodes in their 1155 range, so as to avoid a situation of starving nodes. It is 1156 expected that the 6LBR that serves an LLN is a more capable node 1157 than the average 6LR, but in a network condition where it may 1158 become saturated, a particular deployment should distribute the 1159 6LBR functionality, for instance by leveraging a high speed 1160 Backbone Link and Backbone Routers to aggregate multiple LLNs into 1161 a larger subnet. 1163 The LLN nodes depend on the 6LBR and the 6BBR for their operation. A 1164 trust model MUST be put in place to ensure that only authorized 1165 devices are acting in these roles so as to avoid threats such as 1166 black-holing or bombing attack whereby an impersonated 6LBR would 1167 destroy state in the network by using the "Removed" Status code. 1168 This trust model could be at a minimum based on a Layer-2 access 1169 control, or could provide role validation as well (see Req5.1 in 1170 Appendix B.5). 1172 8. Privacy Considerations 1174 As indicated in Section 3, this protocol does not limit the number of 1175 IPv6 addresses that each device can form. However, to mitigate 1176 denial-of-service attacks, it can be useful as a protective measure 1177 to have a limit that is high enough not to interfere with the normal 1178 behavior of devices in the network. A host should be able to form 1179 and register any address that is topologically correct in the 1180 subnet(s) advertised by the 6LR/6LBR. 1182 This specification does not mandate any particular way for forming 1183 IPv6 addresses, but it discourages using EUI-64 for forming the 1184 Interface ID in the Link-Local Address because this method prevents 1185 the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971], 1186 "Cryptographically Generated Addresses (CGA)" [RFC3972], and other 1187 address privacy techniques. 1189 "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" 1190 [RFC8065] explains why privacy is important and how to form privacy- 1191 aware addresses. All implementations and deployments must consider 1192 the option of privacy addresses in their own environments. 1194 The IPv6 address of the 6LN in the IPv6 header can be compressed 1195 statelessly when the Interface Identifier in the IPv6 address can be 1196 derived from the Lower Layer address. When it is not critical to 1197 benefit from that compression, e.g., the address can be compressed 1198 statefully, or it is rarely used and/or it is used only over one hop, 1199 then privacy concerns should be considered. In particular, new 1200 implementations should follow the IETF "Recommendation on Stable IPv6 1201 Interface Identifiers" [RFC8064]. [RFC8064] recommends the use of "A 1202 Method for Generating Semantically Opaque Interface Identifiers with 1203 IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for 1204 generating Interface Identifiers to be used in SLAAC. 1206 9. IANA Considerations 1208 Note to RFC Editor, to be removed: please replace "This RFC" 1209 throughout this document by the RFC number for this specification 1210 once it is allocated. 1212 IANA is requested to make a number of changes under the "Internet 1213 Control Message Protocol version 6 (ICMPv6) Parameters" registry, as 1214 follows. 1216 9.1. ARO Flags 1218 IANA is requested to create a new subregistry for "ARO Flags" under 1219 the "Internet Control Message Protocol version 6 (ICMPv6) [RFC4443] 1220 Parameters". This specification defines 8 positions, bit 0 to bit 7, 1221 and assigns bit 6 for the 'R' flag and bit 7 for the 'T' flag (see 1222 Section 4.1). The policy is "IETF Review" or "IESG Approval" 1223 [RFC8126]. The initial content of the registry is as shown in 1224 Table 2. 1226 New subregistry for ARO Flags 1228 +-------------+--------------+-----------+ 1229 | ARO Status | Description | Document | 1230 +-------------+--------------+-----------+ 1231 | 0..5 | Unassigned | | 1232 | | | | 1233 | 6 | 'R' Flag | This RFC | 1234 | | | | 1235 | 7 | 'T' Flag | This RFC | 1236 +-------------+--------------+-----------+ 1238 Table 2: New ARO Flags 1240 9.2. ICMP Codes 1242 IANA is requested to create 2 new subregistries of the ICMPv6 "Code" 1243 Fields registry, which itself is a subregistry of the Internet 1244 Control Message Protocol version 6 (ICMPv6) Parameters for the ICMP 1245 codes. The new subregistries relate to the ICMP type 157, Duplicate 1246 Address Request (shown in Table 3), and 158, Duplicate Address 1247 Confirmation (shown in Table 4), respectively. For those ICMP types, 1248 the ICMP Code field is split in 2 subfields, the "Code Prefix" and 1249 the "Code Suffix". The new subregistries relate to the "Code Suffix" 1250 portion of the ICMP Code. The range of "Code Suffix" is 0..15 in all 1251 cases. The policy is "IETF Review" or "IESG Approval" [RFC8126] for 1252 both subregistries. The new subregistries are to be initialized as 1253 follows: 1255 New Code Suffixes for ICMP types 157 DAR message 1257 +--------------+---------------------------------------+------------+ 1258 | Code Suffix | Meaning | Reference | 1259 +--------------+---------------------------------------+------------+ 1260 | 0 | RFC6775 DAR message | RFC 6775 | 1261 | | | | 1262 | 1 | EDAR message with 64bits-long ROVR | This RFC | 1263 | | field | | 1264 | | | | 1265 | 2 | EDAR message with 128bits-long ROVR | This RFC | 1266 | | field | | 1267 | | | | 1268 | 3 | EDAR message with 192bits-long ROVR | This RFC | 1269 | | field | | 1270 | | | | 1271 | 4 | EDAR message with 256bits-long ROVR | This RFC | 1272 | | field | | 1273 | | | | 1274 | 5...15 | Unassigned | | 1275 +--------------+---------------------------------------+------------+ 1277 Table 3: New Code Suffixes for the DAR message 1279 New Code Suffixes for ICMP types 158 DAC message 1281 +-------------+----------------------------------------+------------+ 1282 | Code Suffix | Meaning | Reference | 1283 +-------------+----------------------------------------+------------+ 1284 | 0 | RFC6775 DAC message | RFC 6775 | 1285 | | | | 1286 | 1 | EDAC message with 64bits-long ROVR | This RFC | 1287 | | field | | 1288 | | | | 1289 | 2 | EDAC message with 128bits-long ROVR | This RFC | 1290 | | field | | 1291 | | | | 1292 | 3 | EDAC message with 192bits-long ROVR | This RFC | 1293 | | field | | 1294 | | | | 1295 | 4 | EDAC message with 256bits-long ROVR | This RFC | 1296 | | field | | 1297 | | | | 1298 | 5...15 | Unassigned | | 1299 +-------------+----------------------------------------+------------+ 1301 Table 4: New Code Suffixes for the DAC message 1303 9.3. New ARO Status values 1305 IANA is requested to make additions to the Address Registration 1306 Option Status Values Registry as follows: 1308 Address Registration Option Status Values Registry 1310 +-------------+-----------------------------------------+-----------+ 1311 | ARO Status | Description | Document | 1312 +-------------+-----------------------------------------+-----------+ 1313 | 3 | Moved | This RFC | 1314 | | | | 1315 | 4 | Removed | This RFC | 1316 | | | | 1317 | 5 | Validation Requested | This RFC | 1318 | | | | 1319 | 6 | Duplicate Source Address | This RFC | 1320 | | | | 1321 | 7 | Invalid Source Address | This RFC | 1322 | | | | 1323 | 8 | Registered Address topologically | This RFC | 1324 | | incorrect | | 1325 | | | | 1326 | 9 | 6LBR Registry saturated | This RFC | 1327 | | | | 1328 | 10 | Validation Failed | This RFC | 1329 +-------------+-----------------------------------------+-----------+ 1331 Table 5: New ARO Status values 1333 9.4. New 6LoWPAN Capability Bits 1335 IANA is requested to make additions to the Subregistry for "6LoWPAN 1336 Capability Bits" as follows: 1338 Subregistry for "6LoWPAN Capability Bits" under the "Internet Control 1339 Message Protocol version 6 (ICMPv6) Parameters" 1341 +-----------------+----------------------+-----------+ 1342 | Capability Bit | Description | Document | 1343 +-----------------+----------------------+-----------+ 1344 | 10 | EDA Support (D bit) | This RFC | 1345 | | | | 1346 | 11 | 6LR capable (L bit) | This RFC | 1347 | | | | 1348 | 12 | 6LBR capable (B bit) | This RFC | 1349 | | | | 1350 | 13 | 6BBR capable (P bit) | This RFC | 1351 | | | | 1352 | 14 | EARO support (E bit) | This RFC | 1353 +-----------------+----------------------+-----------+ 1355 Table 6: New 6LoWPAN Capability Bits 1357 10. Acknowledgments 1359 Kudos to Eric Levy-Abegnoli who designed the First Hop Security 1360 infrastructure upon which the first backbone router was implemented. 1361 Many thanks to Sedat Gormus, Rahul Jadhav, Tim Chown, Juergen 1362 Schoenwaelder, Chris Lonvick, Dave Thaler, Adrian Farrel, Peter Yee, 1363 Warren Kumari, Benjamin Kaduk, Mirja Kuhlewind, Ben Campbell, Eric 1364 Rescorla, and Lorenzo Colitti for their various contributions and 1365 reviews. Also, many thanks to Thomas Watteyne for the world first 1366 implementation of a 6LN that was instrumental to the early tests of 1367 the 6LR, 6LBR and Backbone Router. 1369 11. References 1371 11.1. Normative References 1373 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1374 Requirement Levels", BCP 14, RFC 2119, 1375 DOI 10.17487/RFC2119, March 1997, 1376 . 1378 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 1379 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 1380 2006, . 1382 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1383 Control Message Protocol (ICMPv6) for the Internet 1384 Protocol Version 6 (IPv6) Specification", STD 89, 1385 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1386 . 1388 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1389 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1390 DOI 10.17487/RFC4861, September 2007, 1391 . 1393 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 1394 Address Autoconfiguration", RFC 4862, 1395 DOI 10.17487/RFC4862, September 2007, 1396 . 1398 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1399 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1400 DOI 10.17487/RFC6282, September 2011, 1401 . 1403 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1404 Bormann, "Neighbor Discovery Optimization for IPv6 over 1405 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1406 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1407 . 1409 [RFC7400] Bormann, C., "6LoWPAN-GHC: Generic Header Compression for 1410 IPv6 over Low-Power Wireless Personal Area Networks 1411 (6LoWPANs)", RFC 7400, DOI 10.17487/RFC7400, November 1412 2014, . 1414 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1415 Writing an IANA Considerations Section in RFCs", BCP 26, 1416 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1417 . 1419 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1420 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1421 May 2017, . 1423 11.2. Terminology Related References 1425 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 1426 over Low-Power Wireless Personal Area Networks (6LoWPANs): 1427 Overview, Assumptions, Problem Statement, and Goals", 1428 RFC 4919, DOI 10.17487/RFC4919, August 2007, 1429 . 1431 [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem 1432 Statement and Requirements for IPv6 over Low-Power 1433 Wireless Personal Area Network (6LoWPAN) Routing", 1434 RFC 6606, DOI 10.17487/RFC6606, May 2012, 1435 . 1437 11.3. Informative References 1439 [I-D.chakrabarti-nordmark-6man-efficient-nd] 1440 Chakrabarti, S., Nordmark, E., Thubert, P., and M. 1441 Wasserman, "IPv6 Neighbor Discovery Optimizations for 1442 Wired and Wireless Networks", draft-chakrabarti-nordmark- 1443 6man-efficient-nd-07 (work in progress), February 2015. 1445 [I-D.delcarpio-6lo-wlanah] 1446 Vega, L., Robles, I., and R. Morabito, "IPv6 over 1447 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in 1448 progress), October 2015. 1450 [I-D.hou-6lo-plc] 1451 Hou, J., Hong, Y., and X. Tang, "Transmission of IPv6 1452 Packets over PLC Networks", draft-hou-6lo-plc-03 (work in 1453 progress), December 2017. 1455 [I-D.ietf-6lo-ap-nd] 1456 Thubert, P., Sarikaya, B., and M. Sethi, "Address 1457 Protected Neighbor Discovery for Low-power and Lossy 1458 Networks", draft-ietf-6lo-ap-nd-06 (work in progress), 1459 February 2018. 1461 [I-D.ietf-6lo-backbone-router] 1462 Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- 1463 backbone-router-06 (work in progress), February 2018. 1465 [I-D.ietf-6lo-nfc] 1466 Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, 1467 "Transmission of IPv6 Packets over Near Field 1468 Communication", draft-ietf-6lo-nfc-09 (work in progress), 1469 January 2018. 1471 [I-D.ietf-6tisch-architecture] 1472 Thubert, P., "An Architecture for IPv6 over the TSCH mode 1473 of IEEE 802.15.4", draft-ietf-6tisch-architecture-14 (work 1474 in progress), April 2018. 1476 [I-D.ietf-mboned-ieee802-mcast-problems] 1477 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 1478 Zuniga, "Multicast Considerations over IEEE 802 Wireless 1479 Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work 1480 in progress), February 2018. 1482 [I-D.ietf-roll-efficient-npdao] 1483 Jadhav, R., Thubert, P., Sahoo, R., and Z. Cao, "Efficient 1484 Route Invalidation", draft-ietf-roll-efficient-npdao-03 1485 (work in progress), March 2018. 1487 [I-D.struik-lwip-curve-representations] 1488 Struik, R., "Alternative Elliptic Curve Representations", 1489 draft-struik-lwip-curve-representations-00 (work in 1490 progress), October 2017. 1492 [I-D.thubert-roll-unaware-leaves] 1493 Thubert, P., "Routing for RPL Leaves", draft-thubert-roll- 1494 unaware-leaves-05 (work in progress), May 2018. 1496 [RFC1958] Carpenter, B., Ed., "Architectural Principles of the 1497 Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996, 1498 . 1500 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 1501 DOI 10.17487/RFC1982, August 1996, 1502 . 1504 [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with 1505 CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 1506 2003, . 1508 [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener 1509 Discovery Version 2 (MLDv2) for IPv6", RFC 3810, 1510 DOI 10.17487/RFC3810, June 2004, 1511 . 1513 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 1514 "SEcure Neighbor Discovery (SEND)", RFC 3971, 1515 DOI 10.17487/RFC3971, March 2005, 1516 . 1518 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 1519 RFC 3972, DOI 10.17487/RFC3972, March 2005, 1520 . 1522 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) 1523 for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, 1524 . 1526 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 1527 Extensions for Stateless Address Autoconfiguration in 1528 IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007, 1529 . 1531 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 1532 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 1533 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 1534 Low-Power and Lossy Networks", RFC 6550, 1535 DOI 10.17487/RFC6550, March 2012, 1536 . 1538 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 1539 Interface Identifiers with IPv6 Stateless Address 1540 Autoconfiguration (SLAAC)", RFC 7217, 1541 DOI 10.17487/RFC7217, April 2014, 1542 . 1544 [RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets 1545 over ITU-T G.9959 Networks", RFC 7428, 1546 DOI 10.17487/RFC7428, February 2015, 1547 . 1549 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1550 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1551 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1552 . 1554 [RFC7934] Colitti, L., Cerf, V., Cheshire, S., and D. Schinazi, 1555 "Host Address Availability Recommendations", BCP 204, 1556 RFC 7934, DOI 10.17487/RFC7934, July 2016, 1557 . 1559 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 1560 "Recommendation on Stable IPv6 Interface Identifiers", 1561 RFC 8064, DOI 10.17487/RFC8064, February 2017, 1562 . 1564 [RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation- 1565 Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065, 1566 February 2017, . 1568 [RFC8105] Mariager, P., Petersen, J., Ed., Shelby, Z., Van de Logt, 1569 M., and D. Barthel, "Transmission of IPv6 Packets over 1570 Digital Enhanced Cordless Telecommunications (DECT) Ultra 1571 Low Energy (ULE)", RFC 8105, DOI 10.17487/RFC8105, May 1572 2017, . 1574 [RFC8163] Lynn, K., Ed., Martocci, J., Neilson, C., and S. 1575 Donaldson, "Transmission of IPv6 over Master-Slave/Token- 1576 Passing (MS/TP) Networks", RFC 8163, DOI 10.17487/RFC8163, 1577 May 2017, . 1579 [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., 1580 Przygienda, T., and S. Aldrin, "Multicast Using Bit Index 1581 Explicit Replication (BIER)", RFC 8279, 1582 DOI 10.17487/RFC8279, November 2017, 1583 . 1585 11.4. External Informative References 1587 [IEEEstd802154] 1588 IEEE, "IEEE Standard for Low-Rate Wireless Networks", 1589 IEEE Standard 802.15.4, DOI 10.1109/IEEE 1590 P802.15.4-REVd/D01, June 2017, 1591 . 1593 [Perlman83] 1594 Perlman, R., "Fault-Tolerant Broadcast of Routing 1595 Information", North-Holland Computer Networks 7: 395-405, 1596 1983, . 1599 Appendix A. Applicability and Requirements Served (Not Normative) 1601 This specification extends 6LoWPAN ND to provide a sequence number to 1602 the registration and serves the requirements expressed in 1603 Appendix B.1 by enabling the mobility of devices from one LLN to the 1604 next based on the complementary work in the "IPv6 Backbone Router" 1605 [I-D.ietf-6lo-backbone-router] specification. 1607 "6TiSCH architecture" [I-D.ietf-6tisch-architecture] describes how a 1608 6LoWPAN ND host using the Timeslotted Channel Hopping (TSCH) mode of 1609 IEEE Std. 802.15.4 [IEEEstd802154] can connect to the Internet via a 1610 RPL mesh network. Doing so requires additions to the 6LoWPAN ND 1611 protocol to support mobility and reachability in a secure and 1612 manageable network environment. This document specifies those new 1613 operations, and fulfills the requirements listed in Appendix B.2. 1615 The term LLN is used loosely in this document, and intended to cover 1616 multiple types of WLANs and WPANs, including Low-Power IEEE Std. 1617 802.11 networking, Bluetooth Low Energy, IEEE Std. 802.11ah, and IEEE 1618 Std. 802.15.4 wireless meshes, so as to address the requirements 1619 discussed in Appendix B.3. 1621 This specification can be used by any wireless node to associate at 1622 Layer-3 with a 6BBR and register its IPv6 addresses to obtain routing 1623 services including proxy-ND operations over a Backbone Link, 1624 effectively providing a solution to the requirements expressed in 1625 Appendix B.4. 1627 This specification is extended by "Address Protected Neighbor 1628 Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd] to 1629 providing a solution to some of the security-related requirements 1630 expressed in Appendix B.5. 1632 "Efficiency aware IPv6 Neighbor Discovery Optimizations" 1633 [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND 1634 [RFC6775] can be extended to other types of links beyond IEEE Std. 1635 802.15.4 for which it was defined. The registration technique is 1636 beneficial when the Link-Layer technique used to carry IPv6 multicast 1637 packets is not sufficiently efficient in terms of delivery ratio or 1638 energy consumption in the end devices, in particular to enable 1639 energy-constrained sleeping nodes. The value of such extension is 1640 especially apparent in the case of mobile wireless nodes, to reduce 1641 the multicast operations that are related to IPv6 ND ([RFC4861], 1642 [RFC4862]) and affect the operation of the wireless medium 1643 [I-D.ietf-mboned-ieee802-mcast-problems]. This serves the 1644 scalability requirements listed in Appendix B.6. 1646 Appendix B. Requirements (Not Normative) 1648 This section lists requirements that were discussed by the 6lo WG for 1649 an update to 6LoWPAN ND. How those requirements are matched with 1650 existing specifications at the time of this writing is shown in 1651 Appendix B.8. 1653 B.1. Requirements Related to Mobility 1655 Due to the unstable nature of LLN links, even in an LLN of immobile 1656 nodes, a 6LN may change its point of attachment from 6LR-a to 6LR-b, 1657 and may not be able to notify 6LR-a. Consequently, 6LR-a may still 1658 attract traffic that it cannot deliver any more. When links to a 6LR 1659 change state, there is thus a need to identify stale states in a 6LR 1660 and restore reachability in a timely fashion, e.g., by using some 1661 signaling upon the detection of the movement, or using a keep-alive 1662 mechanism with a period that is consistent with the application 1663 needs. 1665 Req1.1: Upon a change of point of attachment, connectivity via a new 1666 6LR MUST be restored in a timely fashion without the need to de- 1667 register from the previous 6LR. 1669 Req1.2: For that purpose, the protocol MUST enable differentiating 1670 between multiple registrations from one 6LoWPAN Node and 1671 registrations from different 6LoWPAN Nodes claiming the same address. 1673 Req1.3: Stale states MUST be cleaned up in 6LRs. 1675 Req1.4: A 6LoWPAN Node SHOULD also be able to register its Address 1676 concurrently to multiple 6LRs. 1678 B.2. Requirements Related to Routing Protocols 1680 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 1681 routing in an LLN can be based on RPL, which is the routing protocol 1682 that was defined by the IETF for this particular purpose. Other 1683 routing protocols are also considered by Standards Development 1684 Organizations (SDO) on the basis of the expected network 1685 characteristics. It is required that a 6LN attached via ND to a 6LR 1686 indicates whether it participates in the selected routing protocol to 1687 obtain reachability via the 6LR, or whether it expects the 6LR to 1688 manage its reachability. 1690 The specified updates enable other specifications to define new 1691 services such as Source Address Validation (SAVI) with 1692 [I-D.ietf-6lo-ap-nd], participation as an unaware leaf to a routing 1693 protocol such as the "Routing Protocol for Low Power and Lossy 1694 Networks" [RFC6550] (RPL) with [I-D.thubert-roll-unaware-leaves], and 1695 registration to a backbone routers performing proxy Neighbor 1696 Discovery in a Low-Power and Lossy Network (LLN) with 1697 [I-D.ietf-6lo-backbone-router]. 1699 Beyond the 6LBR unicast address registered by ND, other addresses 1700 including multicast addresses are needed as well. For example, a 1701 routing protocol often uses a multicast address to register changes 1702 to established paths. ND needs to register such a multicast address 1703 to enable routing concurrently with discovery. 1705 Multicast is needed for groups. Groups may be formed by device type 1706 (e.g., routers, street lamps), location (Geography, RPL sub-tree), or 1707 both. 1709 The Bit Index Explicit Replication (BIER) Architecture [RFC8279] 1710 proposes an optimized technique to enable multicast in an LLN with a 1711 very limited requirement for routing state in the nodes. 1713 Related requirements are: 1715 Req2.1: The ND registration method SHOULD be extended so that the 6LR 1716 is instructed whether to advertise the Address of a 6LN over the 1717 selected routing protocol and obtain reachability to that Address 1718 using the selected routing protocol. 1720 Req2.2: Considering RPL, the Address Registration Option that is used 1721 in the ND registration SHOULD be extended to carry enough information 1722 to generate a DAO message as specified in section 6.4 of [RFC6550], 1723 in particular the capability to compute a Path Sequence and, as an 1724 option, a RPLInstanceID. 1726 Req2.3: Multicast operations SHOULD be supported and optimized, for 1727 instance, using BIER or MPL. Whether ND is appropriate for the 1728 registration to the 6BBR is to be defined, considering the additional 1729 burden of supporting the Multicast Listener Discovery Version 2 1730 [RFC3810] (MLDv2) for IPv6. 1732 B.3. Requirements Related to the Variety of Low-Power Link types 1734 6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4 1735 and in particular the capability to derive a unique identifier from a 1736 globally unique EUI-64 address. At this point, the 6lo Working Group 1737 is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique 1738 to other link types including ITU-T G.9959 [RFC7428], Master-Slave/ 1739 Token-Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field 1740 Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah 1741 [I-D.delcarpio-6lo-wlanah], as well as Bluetooth(R) Low Energy 1742 [RFC7668], and Power Line Communication (PLC) [I-D.hou-6lo-plc] 1743 Networks. 1745 Related requirements are: 1747 Req3.1: The support of the registration mechanism SHOULD be extended 1748 to more LLN links than IEEE Std.802.15.4, matching at least the LLN 1749 links for which an "IPv6 over foo" specification exists, as well as 1750 Low-Power Wi-Fi. 1752 Req3.2: As part of this extension, a mechanism to compute a unique 1753 identifier should be provided, with the capability to form a Link- 1754 Local Address that SHOULD be unique at least within the LLN connected 1755 to a 6LBR discovered by ND in each node within the LLN. 1757 Req3.3: The Address Registration Option used in the ND registration 1758 SHOULD be extended to carry the relevant forms of unique Identifier. 1760 Req3.4: The Neighbor Discovery should specify the formation of a 1761 site-local address that follows the security recommendations from 1762 [RFC7217]. 1764 B.4. Requirements Related to Proxy Operations 1766 Duty-cycled devices may not be able to answer themselves to a lookup 1767 from a node that uses IPv6 ND on a Backbone Link and may need a 1768 proxy. Additionally, the duty-cycled device may need to rely on the 1769 6LBR to perform registration to the 6BBR. 1771 The ND registration method SHOULD defend the addresses of duty-cycled 1772 devices that are sleeping most of the time and not capable to defend 1773 their own addresses. 1775 Related requirements are: 1777 Req4.1: The registration mechanism SHOULD enable a third party to 1778 proxy register an address on behalf of a 6LoWPAN node that may be 1779 sleeping or located deeper in an LLN mesh. 1781 Req4.2: The registration mechanism SHOULD be applicable to a duty- 1782 cycled device regardless of the link type and SHOULD enable a 6BBR to 1783 operate as a proxy to defend the Registered Addresses on its behalf. 1785 Req4.3: The registration mechanism SHOULD enable long sleep 1786 durations, on the order of multiple days to a month. 1788 B.5. Requirements Related to Security 1790 In order to guarantee the operations of the 6LoWPAN ND flows, the 1791 spoofing of the 6LR, 6LBR, and 6BBRs roles should be avoided. Once a 1792 node successfully registers an address, 6LoWPAN ND should provide 1793 energy-efficient means for the 6LBR to protect that ownership even 1794 when the node that registered the address is sleeping. 1796 In particular, the 6LR and the 6LBR then should be able to verify 1797 whether a subsequent registration for a given address comes from the 1798 original node. 1800 In an LLN it makes sense to base security on Layer-2 security. 1801 During bootstrap of the LLN, nodes join the network after 1802 authorization by a Joining Assistant (JA) or a Commissioning Tool 1803 (CT). After joining, nodes communicate with each other via secured 1804 links. The keys for the Layer-2 security are distributed by the JA/ 1805 CT. The JA/CT can be part of the LLN or be outside the LLN. In both 1806 cases it is needed that packets are routed between JA/CT and the 1807 joining node. 1809 Related requirements are: 1811 Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1812 the 6LR, 6LBR, and 6BBR to authenticate and authorize one another for 1813 their respective roles, as well as with the 6LoWPAN Node for the role 1814 of 6LR. 1816 Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1817 the 6LR and the 6LBR to validate new registration of authorized 1818 nodes. Joining of unauthorized nodes MUST be prevented. 1820 Req5.3: 6LoWPAN ND security mechanisms SHOULD NOT lead to large 1821 packet sizes. In particular, the NS, NA, DAR, and DAC messages for a 1822 re-registration flow SHOULD NOT exceed 80 octets so as to fit in a 1823 secured IEEE Std.802.15.4 [IEEEstd802154] frame. 1825 Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be 1826 computationally intensive on the LoWPAN Node CPU. When a Key hash 1827 calculation is employed, a mechanism lighter than SHA-1 SHOULD be 1828 used. 1830 Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate 1831 SHOULD be minimized. 1833 Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the 1834 variation of CCM [RFC3610] called CCM* for use at both Layer 2 and 1835 Layer 3, and SHOULD enable the reuse of security code that has to be 1836 present on the device for upper layer security such as TLS. 1837 Algorithm agility and support for large keys (e.g., 256-bit key 1838 sizes) is also desirable, following at Layer-3 the introduction of 1839 those capabilities at Layer-2. 1841 Req5.7: Public key and signature sizes SHOULD be minimized while 1842 maintaining adequate confidentiality and data origin authentication 1843 for multiple types of applications with various degrees of 1844 criticality. 1846 Req5.8: Routing of packets should continue when links pass from the 1847 unsecured to the secured state. 1849 Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1850 the 6LR and the 6LBR to validate whether a new registration for a 1851 given address corresponds to the same 6LN that registered it 1852 initially, and, if not, determine the rightful owner and deny or 1853 clean up the registration that is duplicate. 1855 B.6. Requirements Related to Scalability 1857 Use cases from Automatic Meter Reading (AMR, collection tree 1858 operations) and Advanced Metering Infrastructure (AMI, bi-directional 1859 communication to the meters) indicate the needs for a large number of 1860 LLN nodes pertaining to a single RPL DODAG (e.g., 5000) and connected 1861 to the 6LBR over a large number of LLN hops (e.g., 15). 1863 Related requirements are: 1865 Req6.1: The registration mechanism SHOULD enable a single 6LBR to 1866 register multiple thousands of devices. 1868 Req6.2: The timing of the registration operation should allow for a 1869 large latency such as found in LLNs with ten to more hops. 1871 B.7. Requirements Related to Operations and Management 1873 Section 3.8 of "Architectural Principles of the Internet" [RFC1958] 1874 recommends to: "avoid options and parameters whenever possible. Any 1875 options and parameters should be configured or negotiated dynamically 1876 rather than manually". This is especially true in LLNs where the 1877 number of devices may be large and manual configuration is 1878 infeasible. Capabilities for a dynamic configuration of LLN devices 1879 can also be constrained by the network and power limitation. 1881 A Network Administrator should be able to validate that the network 1882 is operating within capacity, and that in particular a 6LBR does not 1883 get overloaded with an excessive amount of registration, so the 1884 administrator can take actions such as adding a Backbone Link with 1885 additional 6LBRs and 6BBRs to the network. 1887 Related requirements are: 1889 Req7.1: A management model SHOULD be provided that enables access to 1890 the 6LBR, monitor its usage vs. capacity, and alert in case of 1891 congestion. It is recommended that the 6LBR be reachable over a non- 1892 LLN link. 1894 Req7.2: A management model SHOULD be provided that enables access to 1895 the 6LR and its capacity to host additional NCE. This management 1896 model SHOULD avoid polling individual 6LRs in a way that could 1897 disrupt the operation of the LLN. 1899 Req7.3: Information on successful and failed registration SHOULD be 1900 provided, including information such as the ROVR of the 6LN, the 1901 Registered Address, the address of the 6LR, and the duration of the 1902 registration flow. 1904 Req7.4: In case of a failed registration, information on the failure 1905 including the identification of the node that rejected the 1906 registration and the status in the EARO SHOULD be provided. 1908 B.8. Matching Requirements with Specifications 1910 I-drafts/RFCs addressing requirements 1912 +-------------+-----------------------------------------+ 1913 | Requirement | Document | 1914 +-------------+-----------------------------------------+ 1915 | Req1.1 | [I-D.ietf-6lo-backbone-router] | 1916 | | | 1917 | Req1.2 | [RFC6775] | 1918 | | | 1919 | Req1.3 | [RFC6775] | 1920 | | | 1921 | Req1.4 | This RFC | 1922 | | | 1923 | Req2.1 | This RFC | 1924 | | | 1925 | Req2.2 | This RFC | 1926 | | | 1927 | Req2.3 | | 1928 | | | 1929 | Req3.1 | Technology Dependent | 1930 | | | 1931 | Req3.2 | Technology Dependent | 1932 | | | 1933 | Req3.3 | Technology Dependent | 1934 | | | 1935 | Req3.4 | Technology Dependent | 1936 | | | 1937 | Req4.1 | This RFC | 1938 | | | 1939 | Req4.2 | This RFC | 1940 | | | 1941 | Req4.3 | [RFC6775] | 1942 | | | 1943 | Req5.1 | | 1944 | | | 1945 | Req5.2 | [I-D.ietf-6lo-ap-nd] | 1946 | | | 1947 | Req5.3 | | 1948 | | | 1949 | Req5.4 | | 1950 | | | 1951 | Req5.5 | [I-D.ietf-6lo-ap-nd] | 1952 | | | 1953 | Req5.6 | [I-D.struik-lwip-curve-representations] | 1954 | | | 1955 | Req5.7 | [I-D.ietf-6lo-ap-nd] | 1956 | | | 1957 | Req5.8 | | 1958 | | | 1959 | Req5.9 | [I-D.ietf-6lo-ap-nd] | 1960 | | | 1961 | Req6.1 | This RFC | 1962 | | | 1963 | Req6.2 | This RFC | 1964 | | | 1965 | Req7.1 | | 1966 | | | 1967 | Req7.2 | | 1968 | | | 1969 | Req7.3 | | 1970 | | | 1971 | Req7.4 | | 1972 +-------------+-----------------------------------------+ 1974 Table 7: Work Addressing requirements 1976 Authors' Addresses 1978 Pascal Thubert (editor) 1979 Cisco Systems, Inc 1980 Building D (Regus) 45 Allee des Ormes 1981 Mougins - Sophia Antipolis 1982 France 1984 Phone: +33 4 97 23 26 34 1985 Email: pthubert@cisco.com 1987 Erik Nordmark 1988 Zededa 1989 Santa Clara, CA 1990 United States of America 1992 Email: nordmark@sonic.net 1993 Samita Chakrabarti 1994 Verizon 1995 San Jose, CA 1996 United States of America 1998 Email: samitac.ietf@gmail.com 2000 Charles E. Perkins 2001 Futurewei 2002 2330 Central Expressway 2003 Santa Clara 95050 2004 United States of America 2006 Email: charliep@computer.org