idnits 2.17.00 (12 Aug 2021) /tmp/idnits9093/draft-ietf-6lo-rfc6775-update-21.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 19, 2018) is 1425 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC4919' is mentioned on line 1464, but not defined == Missing Reference: 'RFC6606' is mentioned on line 1470, but not defined == Missing Reference: 'Perlman83' is mentioned on line 1632, but not defined == Missing Reference: 'IEEEstd802154' is mentioned on line 1892, but not defined == Outdated reference: A later version (-05) exists of draft-hou-6lo-plc-03 == Outdated reference: draft-ietf-6lo-ap-nd has been published as RFC 8928 == Outdated reference: draft-ietf-6lo-backbone-router has been published as RFC 8929 == Outdated reference: A later version (-17) exists of draft-ietf-6lo-nfc-09 == Outdated reference: draft-ietf-6tisch-architecture has been published as RFC 9030 == Outdated reference: draft-ietf-mboned-ieee802-mcast-problems has been published as RFC 9119 == Outdated reference: draft-ietf-roll-efficient-npdao has been published as RFC 9009 == Outdated reference: A later version (-07) exists of draft-thubert-roll-unaware-leaves-05 -- Obsolete informational reference (is this intentional?): RFC 4941 (Obsoleted by RFC 8981) Summary: 0 errors (**), 0 flaws (~~), 13 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo P. Thubert, Ed. 3 Internet-Draft Cisco 4 Updates: 6775 (if approved) E. Nordmark 5 Intended status: Standards Track Zededa 6 Expires: December 21, 2018 S. Chakrabarti 7 Verizon 8 C. Perkins 9 Futurewei 10 June 19, 2018 12 Registration Extensions for 6LoWPAN Neighbor Discovery 13 draft-ietf-6lo-rfc6775-update-21 15 Abstract 17 This specification updates RFC 6775 - 6LoWPAN Neighbor Discovery, to 18 clarify the role of the protocol as a registration technique, 19 simplify the registration operation in 6LoWPAN routers, as well as to 20 provide enhancements to the registration capabilities and mobility 21 detection for different network topologies including the Routing 22 Registrars performing routing for host routes and/or proxy Neighbor 23 Discovery in a low power network. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on December 21, 2018. 42 Copyright Notice 44 Copyright (c) 2018 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 61 2.1. BCP 14 . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 2.2. References . . . . . . . . . . . . . . . . . . . . . . . 4 63 2.3. Acronym Definitions . . . . . . . . . . . . . . . . . . . 4 64 2.4. New Terms . . . . . . . . . . . . . . . . . . . . . . . . 5 65 3. Applicability of Address Registration Options . . . . . . . . 6 66 4. Extended Neighbor Discovery Options and Messages . . . . . . 7 67 4.1. Extended Address Registration Option (EARO) . . . . . . . 7 68 4.2. Extended Duplicate Address Message Formats . . . . . . . 11 69 4.3. Extensions to the Capability Indication Option . . . . . 12 70 5. Updating RFC 6775 . . . . . . . . . . . . . . . . . . . . . . 13 71 5.1. Extending the Address Registration Option . . . . . . . . 14 72 5.2. Transaction ID . . . . . . . . . . . . . . . . . . . . . 16 73 5.2.1. Comparing TID values . . . . . . . . . . . . . . . . 16 74 5.3. Registration Ownership Verifier (ROVR) . . . . . . . . . 17 75 5.4. Extended Duplicate Address Messages . . . . . . . . . . . 19 76 5.5. Registering the Target Address . . . . . . . . . . . . . 19 77 5.6. Link-Local Addresses and Registration . . . . . . . . . . 20 78 5.7. Maintaining the Registration States . . . . . . . . . . . 21 79 6. Backward Compatibility . . . . . . . . . . . . . . . . . . . 23 80 6.1. Signaling EARO Support . . . . . . . . . . . . . . . . . 23 81 6.2. RFC6775-only 6LN . . . . . . . . . . . . . . . . . . . . 24 82 6.3. RFC6775-only 6LR . . . . . . . . . . . . . . . . . . . . 24 83 6.4. RFC6775-only 6LBR . . . . . . . . . . . . . . . . . . . . 24 84 7. Security Considerations . . . . . . . . . . . . . . . . . . . 25 85 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 26 86 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 87 9.1. ARO Flags . . . . . . . . . . . . . . . . . . . . . . . . 27 88 9.2. EARO I-Field . . . . . . . . . . . . . . . . . . . . . . 28 89 9.3. ICMP Codes . . . . . . . . . . . . . . . . . . . . . . . 28 90 9.4. New ARO Status values . . . . . . . . . . . . . . . . . . 29 91 9.5. New 6LoWPAN Capability Bits . . . . . . . . . . . . . . . 30 92 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31 93 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 31 94 11.1. Normative References . . . . . . . . . . . . . . . . . . 31 95 11.2. Terminology Related References . . . . . . . . . . . . . 32 96 11.3. Informative References . . . . . . . . . . . . . . . . . 32 97 11.4. External Informative References . . . . . . . . . . . . 35 98 Appendix A. Applicability and Requirements Served (Not 99 Normative) . . . . . . . . . . . . . . . . . . . . . 36 100 Appendix B. Requirements (Not Normative) . . . . . . . . . . . . 37 101 B.1. Requirements Related to Mobility . . . . . . . . . . . . 37 102 B.2. Requirements Related to Routing Protocols . . . . . . . . 38 103 B.3. Requirements Related to the Variety of Low-Power Link 104 types . . . . . . . . . . . . . . . . . . . . . . . . . . 39 105 B.4. Requirements Related to Proxy Operations . . . . . . . . 40 106 B.5. Requirements Related to Security . . . . . . . . . . . . 40 107 B.6. Requirements Related to Scalability . . . . . . . . . . . 42 108 B.7. Requirements Related to Operations and Management . . . . 42 109 B.8. Matching Requirements with Specifications . . . . . . . . 43 110 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 112 1. Introduction 114 IPv6 Low-Power Lossy Networks (LLNs) support star and mesh 115 topologies. For such networks, "Neighbor Discovery Optimization for 116 IPv6 over Low-Power Wireless Personal Area Networks" (6LoWPAN ND) 117 [RFC6775] defines a registration mechanism and a central IPv6 ND 118 Registrar to assure unique addresses. The 6LoWPAN ND mechanism 119 reduces the dependency of the IPv6 Neighbor Discovery Protocol (IPv6 120 ND) [RFC4861][RFC4862] on network-layer multicast and link-layer 121 broadcast operations. 123 This specification updates 6LoWPAN ND to simplify and generalizes 124 registration in 6LoWPAN routers (6LRs). In particular, this 125 specification modifies and extends the behavior and protocol elements 126 of 6LoWPAN ND to enable the following actions: 128 o Determine the most recent location in case of node mobility 130 o Simplify the registration flow for Link-Local Addresses 132 o Support a routing-unaware Leaf Node in a Route-Over network 134 o Proxy registration in a Route-Over network 136 o Enable verification for the registration, using the Registration 137 Ownership Verifier (ROVR) 139 o Registration to an IPv6 ND proxy (e.g., a Routing Registrar) 141 o Better support for privacy and temporary addresses 143 These features satisfy requirements as listed in Appendix B. 145 2. Terminology 147 2.1. BCP 14 149 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 150 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 151 "OPTIONAL" in this document are to be interpreted as described in BCP 152 14 [RFC2119][RFC8174] when, and only when, they appear in all 153 capitals, as shown here. 155 2.2. References 157 In this document, readers will encounter terms and concepts that are 158 discussed in the following documents: 160 o "Neighbor Discovery for IP version 6" [RFC4861], 162 o "IPv6 Stateless Address Autoconfiguration" [RFC4862], 164 o "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): 165 Overview, Assumptions, Problem Statement, and Goals" [RFC4919], 167 o "Problem Statement and Requirements for IPv6 over Low-Power 168 Wireless Personal Area Network (6LoWPAN) Routing" [RFC6606], and 170 o "Neighbor Discovery Optimization for Low-power and Lossy Networks" 171 [RFC6775], 173 2.3. Acronym Definitions 175 This document uses the following acronyms: 177 6BBR: 6LoWPAN Backbone Router 179 6LBR: 6LoWPAN Border Router 181 6LN: 6LoWPAN Node 183 6LR: 6LoWPAN Router 185 6CIO: Capability Indication Option 187 EARO: (Extended) Address Registration Option -- (E)ARO 189 EDAR: (Extended) Duplicate Address Request -- (E)DAR 191 EDAC: (Extended) Duplicate Address Confirmation -- (E)DAC 192 DAD: Duplicate Address Detection 194 DODAG: Destination-Oriented Directed Acyclic Graph 196 LLN: Low-Power and Lossy Network 198 NA: Neighbor Advertisement 200 NCE: Neighbor Cache Entry 202 ND: Neighbor Discovery 204 NDP: Neighbor Discovery Protocol 206 NS: Neighbor Solicitation 208 ROVR: Registration Ownership Verifier (pronounced rover) 210 RPL: IPv6 Routing Protocol for LLNs (pronounced ripple) [RFC6550] 212 RA: Router Advertisement 214 RS: Router Solicitation 216 TID: Transaction ID (a sequence counter in the EARO) 218 2.4. New Terms 220 Backbone Link: An IPv6 transit link that interconnects two or more 221 Backbone Routers. 223 Binding: The association between an IP address, a MAC address, and 224 other information about the node that owns the IP Address. 226 Registration: The process by which a 6LN registers an IPv6 Address 227 with a 6LR in order to establish connectivity to the LLN. 229 Registered Node: The 6LN for which the registration is performed, 230 according to the fields in the Extended ARO option. 232 Registering Node: The node that performs the registration; either 233 the Registered Node or a proxy. 235 IPv6 ND Registrar: A node that can process a registration in either 236 NS(EARO) or EDAR messages, and consequently respond with an NA 237 or EDAC message containing the EARO and appropriate status for 238 the registration. 240 Registered Address: An address registered for the Registered Node. 242 RFC6775-only: An implementation, a type of node, or a message that 243 behaves only as specified by [RFC6775], as opposed to the 244 behavior specified in this document. 246 Route-Over network: A network for which connectivity provided at the 247 IP layer. 249 Routing Registrar: An IPv6 ND Registrar that also provides 250 reachability services for the Registered Address, including 251 Duplicate Address Detection and proxy Neighbor Advertisement. 253 Backbone Router (6BBR): A Routing Registrar that proxies the 6LoWPAN 254 ND operations specified in this document to assure that 255 multiple LLNs federated by a backbone link operate as a single 256 IPv6 subnetwork. 258 updated: A 6LN, a 6LR, or a 6LBR that supports this specification, 259 in contrast to an RFC6775-only device. 261 3. Applicability of Address Registration Options 263 The Address Registration Option (ARO) in [RFC6775] facilitates 264 Duplicate Address Detection (DAD) for hosts and populates Neighbor 265 Cache Entries (NCEs) [RFC4861] in the routers. This reduces the 266 reliance on multicast operations, which are often as intrusive as 267 broadcast, in IPv6 ND operations (see 268 [I-D.ietf-mboned-ieee802-mcast-problems]). 270 This document specifies new status codes for registrations rejected 271 by a 6LR or a 6LBR for reasons other than address duplication. 272 Examples include: 274 o the router running out of space; 276 o a registration bearing a stale sequence number which could happen 277 if the host moves after the registration was placed; 279 o a host misbehaving and attempting to register an invalid address 280 such as the unspecified address [RFC4291]; 282 o a host using an address that is not topologically correct on that 283 link. 285 In such cases the host will receive an error to help diagnose the 286 issue and may retry, possibly with a different address, and possibly 287 registering to a different router, depending on the returned error. 289 The ability to return errors to address registrations is not intended 290 to be used to restrict the ability of hosts to form and use multiple 291 addresses. Each host may form and register a number of addresses for 292 enhanced privacy, using mechanisms such as "Privacy Extensions for 293 Stateless Address Autoconfiguration (SLAAC) in IPv6" [RFC4941], and 294 SHOULD conform to "Host Address Availability Recommendations" 295 [RFC7934]. 297 In IPv6 ND [RFC4861], a router needs enough storage to hold NCEs for 298 all directly connected addresses to which it is currently forwarding 299 packets (unused entries may be flushed). In contrast, a router 300 serving the Address Registration mechanism needs enough storage to 301 hold NCEs for all the addresses that may be registered to it, 302 regardless of whether or not they are actively communicating. The 303 number of registrations supported by a 6LoWPAN Router (6LR) or 304 6LoWPAN Border Router (6LBR) MUST be clearly documented by the vendor 305 and the dynamic use of associated resources SHOULD be made available 306 to the network operator, e.g., to a management console. Network 307 administrators need to ensure that 6LR/6LBRs in their network support 308 the number and type of devices that can register to them, based on 309 the number of IPv6 addresses that those devices require and their 310 address renewal rate and behavior. 312 4. Extended Neighbor Discovery Options and Messages 314 This specification does not introduce new options; it modifies 315 existing options and updates the associated behaviors. 317 4.1. Extended Address Registration Option (EARO) 319 The Address Registration Option (ARO) is defined in section 4.1 of 320 [RFC6775]. 322 This specification introduces the Extended Address Registration 323 Option (EARO) based on the ARO for use in NS and NA messages. The 324 EARO includes a sequence counter called Transaction ID (TID) that is 325 used to determine the latest location of a registering mobile device. 326 A new 'T' flag indicates the presence of the TID field is populated 327 and that the option is an EARO. A 6LN requests routing or proxy 328 services from a 6LR using a new 'R' flag in the EARO. 330 The EUI-64 field is redefined and renamed ROVR in order to carry 331 different types of information, e.g., cryptographic information of 332 variable size. A larger ROVR size MAY be used if and only if 333 backward compatibility is not an issue in the particular LLN. The 334 length of the ROVR field expressed in units of 8 bytes is the Length 335 of the option minus 1. 337 Section 5.1 discusses those changes in depth. 339 The format of the EARO is shown in Figure 1: 341 0 1 2 3 342 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 343 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 344 | Type | Length | Status | Opaque | 345 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 346 | Rsvd | I |R|T| TID | Registration Lifetime | 347 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 348 | | 349 ... Registration Ownership Verifier (ROVR) ... 350 | | 351 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 353 Figure 1: EARO Option Format 355 Option Fields: 357 Type: 33 359 Length: 8-bit unsigned integer. The length of the option in 360 units of 8 bytes. 362 Status: 8-bit unsigned integer. Indicates the status of a 363 registration in the NA response. MUST be set to 0 in 364 NS messages. See Table 1 below. 366 Opaque: An octet opaque to ND; the 6LN MAY pass it 367 transparently to another process. It MUST be set to 368 zero when not used. 370 Rsvd (Reserved): This field is unused. It MUST be initialized to 371 zero by the sender and MUST be ignored by the 372 receiver. 374 I: Two-bit Integer: A value of zero indicates that the 375 Opaque field carries an abstract index that is used 376 to decide in which routing topology the address is 377 expected to be injected. In that case, the Opaque 378 field is passed to a routing process with the 379 indication that it carries topology information, and 380 the value of 0 indicates default. All other values 381 of "I" are reserved and MUST NOT be used. 383 R: The Registering Node sets the 'R' flag to request 384 reachability services for the registered address from 385 a Routing Registrar. 387 T: One-bit flag. Set if the next octet is used as a 388 TID. 390 TID: One-byte unsigned integer; a Transaction ID that is 391 maintained by the node and incremented with each 392 transaction of one or more registrations performed at 393 the same time to one or more 6LRs. This field MUST 394 be ignored if the 'T' flag is not set. 396 Registration Lifetime: 16-bit integer; expressed in minutes. A 397 value of 0 indicates that the registration has ended 398 and that the associated state MUST be removed. 400 Registration Ownership Verifier (ROVR): Enables the correlation 401 between multiple attempts to register a same IPv6 402 Address. The ROVR size MUST be 64 bits when backward 403 compatibility is needed; otherwise the size MAY be 404 128, 192, or 256 bits. 406 +-------+-----------------------------------------------------------+ 407 | Value | Description | 408 +-------+-----------------------------------------------------------+ 409 | 0..2 | As defined in [RFC6775]. Note: a Status of 1 ("Duplicate | 410 | | Address") applies to the Registered Address. If the | 411 | | Source Address conflicts with an existing registration, | 412 | | "Duplicate Source Address" MUST be used. | 413 | | | 414 | 3 | Moved: The registration failed because it is not the most | 415 | | recent. This Status indicates that the registration is | 416 | | rejected because another more recent registration was | 417 | | done, as indicated by a same ROVR and a more recent TID. | 418 | | One possible cause is a stale registration that has | 419 | | progressed slowly in the network and was passed by a more | 420 | | recent one. It could also indicate a ROVR collision. | 421 | | | 422 | 4 | Removed: The binding state was removed. This status MAY | 423 | | be placed in an NA(EARO) message that is sent as the | 424 | | rejection of a proxy registration to an IPv6 ND | 425 | | Registrar, or in an asynchronous NA(EARO) at any time. | 426 | | | 427 | 5 | Validation Requested: The Registering Node is challenged | 428 | | for owning the Registered Address or for being an | 429 | | acceptable proxy for the registration. An IPv6 ND | 430 | | Registrar MAY place this Status in asynchronous DAC or NA | 431 | | messages. | 432 | | | 433 | 6 | Duplicate Source Address: The address used as source of | 434 | | the NS(EARO) conflicts with an existing registration. | 435 | | | 436 | 7 | Invalid Source Address: The address used as source of the | 437 | | NS(EARO) is not a Link-Local Address. | 438 | | | 439 | 8 | Registered Address topologically incorrect: The address | 440 | | being registered is not usable on this link. | 441 | | | 442 | 9 | 6LBR Registry saturated: A new registration cannot be | 443 | | accepted because the 6LBR Registry is saturated. Note: | 444 | | this code is used by 6LBRs instead of Status 2 when | 445 | | responding to a Duplicate Address message exchange and is | 446 | | passed on to the Registering Node by the 6LR. | 447 | | | 448 | 10 | Validation Failed: The proof of ownership of the | 449 | | registered address is not correct. | 450 +-------+-----------------------------------------------------------+ 452 Table 1: EARO Status 454 4.2. Extended Duplicate Address Message Formats 456 The DAR and DAC messages share a common base format as defined in 457 section 4.4 of [RFC6775]. Those messages enable information from the 458 ARO to be transported over multiple hops. The DAR and DAC are 459 extended as shown in Figure 2: 461 0 1 2 3 462 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 463 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 464 | Type |CodePfx|CodeSfx| Checksum | 465 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 466 | Status | TID | Registration Lifetime | 467 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 468 | | 469 ... Registration Ownership Verifier (ROVR) ... 470 | | 471 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 472 | | 473 + + 474 | | 475 + Registered Address + 476 | | 477 + + 478 | | 479 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 481 Figure 2: Duplicate Address Messages Format 483 Modified Message Fields: 485 Code: The ICMP Code [RFC4443] for Duplicate Address 486 Messages is split in two 4-bit fields, the Code 487 Prefix and the Code Suffix. The Code Prefix MUST be 488 set to zero by the sender and MUST be ignored by the 489 receiver. A non-null value of the Code Suffix 490 indicates support for this specification. It MUST be 491 set to 1 when operating in a backward-compatible 492 mode, indicating a ROVR size of 64 bits. It MAY be 493 2, 3 or 4, denoting a ROVR size of 128, 192, and 256 494 bits, respectively. 496 TID: 1-byte integer; same definition and processing as the 497 TID in the EARO as defined in Section 4.1. This 498 field MUST be ignored if the ICMP Code is null. 500 Registration Ownership Verifier (ROVR): The size of the ROVR is 501 known from the ICMP Code Suffix. This field has the 502 same definition and processing as the ROVR in the 503 EARO option as defined in Section 4.1. 505 4.3. Extensions to the Capability Indication Option 507 This specification defines 5 new capability bits for use in the 6CIO, 508 defined by [RFC7400] for use in IPv6 ND messages. 510 The "E" flag indicates that EARO can be used in a registration. A 511 6LR that supports this specification MUST set the "E" flag. 513 The "D" flag indicates that the 6LBR supports EDAR and EDAC messages. 514 A 6LR that learns the "D" flag from advertisements can then exchange 515 EDAR and EDAC messages with the 6LBR, and it also sets the "D" flag 516 as well as the "L" flag in the 6CIO in its own advertisements. In 517 this way, 6LNs will be able to prefer registration with a 6LR that 518 can make use of new 6LBR features. 520 The new "L", "B", and "P" flags, indicate whether a router is capable 521 of acting as 6LR, 6LBR, and Routing Registrar (e.g., 6BBR), 522 respectively. These flags are not mutually exclusive; an updated 523 node can advertise multiple collocated functions. 525 0 1 2 3 526 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 527 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 528 | Type | Length = 1 | Reserved |D|L|B|P|E|G| 529 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 530 | Reserved | 531 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 533 Figure 3: New Capability Bits in the 6CIO 535 Option Fields: 537 Type: 36 539 L: Node is a 6LR. 541 B: Node is a 6LBR. 543 P: Node is a Routing Registrar. 545 E: Node is an IPv6 ND Registrar -- i.e., it supports registrations 546 based on EARO. 548 D: 6LBR supports EDAR and EDAC messages. 550 5. Updating RFC 6775 552 The Extended Address Registration Option (EARO) (see Section 4.1) 553 updates the ARO used within NS and NA messages between a 6LN and a 554 6LR. The update enables a registration to a Routing Registrar in 555 order to obtain additional services, such as return routability to 556 the Registered Address by such means as routing and/or proxy Neighbor 557 Discovery, as illustrated in Figure 4. 559 Routing 560 6LN Registrar 561 | | 562 | NS(EARO) | 563 |--------------->| 564 | | 565 | | Inject / Maintain 566 | | Host Route or 567 | | IPv6 ND proxy state 568 | | <-----------------> 569 | NA(EARO) | 570 |<---------------| 571 | | 573 Figure 4: (Re-)Registration Flow 575 Similarly, EDAR and EDAC update the DAR and DAC messages so as to 576 transport the new information between 6LRs and 6LBRs across an LLN 577 mesh. The extensions to the ARO option are the Duplicate Address 578 Request (DAR) and Duplicate Address Confirmation (DAC), used in the 579 Duplicate Address messages. They convey the additional information 580 all the way to the 6LBR. 582 In turn the 6LBR may proxy the registration to obtain reachability 583 services from a Routing Registrar such as a 6BBR, as illustrated in 584 Figure 5. This specification avoids the Duplicate Address message 585 flow for Link-Local Addresses in a Route-Over [RFC6606] topology (see 586 Section 5.6). 588 Routing 589 6LN 6LR 6LBR Registrar 590 | | | | 591 || || 592 | | | | 593 | NS(EARO) | | | 594 |----------->| | | 595 | | Extended DAR | | 596 | |------------->| | 597 | | | proxy | 598 | | | NS(EARO) | 599 | | |----------->| 600 | | | | Inject / maintain 601 | | | | Host Route or 602 | | | | IPv6 ND proxy state 603 | | | | <-----------------> 604 | | | proxy | 605 | | | NA(EARO) | 606 | | Extended DAC |<-----------| 607 | |<-------------| | 608 | NA(EARO) | | | 609 |<-----------| | | 610 | | | | 612 Figure 5: (Re-)Registration Flow 614 This specification allows multiple registrations, including for 615 privacy / temporary addresses and provides a mechanism to help clean 616 up stale registration state as soon as possible, e.g., after a 617 movement (see Section 7). 619 Section 5 of [RFC6775] specifies how a 6LN bootstraps an interface 620 and locates available 6LRs. A Registering Node SHOULD register to a 621 6LR that supports this specification if one is found, as discussed in 622 Section 6.1, instead of registering to an RFC6775-only one; otherwise 623 the Registering Node operates in a backward-compatible fashion when 624 attaching to an RFC6775-only 6LR. 626 5.1. Extending the Address Registration Option 628 The Extended ARO (EARO) updates the ARO and is backward compatible 629 with the ARO if and only if the Length of the option is set to 2. 630 Its format is presented in Section 4.1. More details on backward 631 compatibility can be found in Section 6. 633 The Neighbor Solicitation (NS) and the ARO are modified as follows: 635 o The Target Address in the NS containing the EARO is now the field 636 that indicates the address that is being registered, as opposed to 637 the Source Address field as specified in [RFC6775] (see 638 Section 5.5). This change enables a 6LBR to send a proxy 639 registration for a 6LN's address to a Routing Registrar, and also 640 avoids in most cases the use of an address as source address 641 before it is registered. 643 o The EUI-64 field in the ARO Option is renamed Registration 644 Ownership Verifier (ROVR) and is not required to be derived from a 645 MAC address (see Section 5.3). 647 o The option Length MAY be different than 2 and take a value between 648 3 and 5, in which case the EARO is not backward compatible with an 649 ARO. The increase of size corresponds to a larger ROVR field, so 650 the size of the ROVR is inferred from the option Length. 652 o A new Opaque field is introduced to carry opaque information in 653 case the registration is relayed to another process, e.g., to be 654 advertised by a routing protocol. A new "I" field provides a type 655 for the opaque information, and indicates the other process to 656 which the 6LN passes the opaque value. A value of Zero for I 657 indicates topological information to be passed to a routing 658 process if the registration is redistributed. In that case, a 659 value of Zero for the Opaque field is backward-compatible with the 660 reserved fields that are overloaded, and the meaning is to use the 661 default topology. 663 o This document specifies a new flag in the EARO, the 'R' flag. If 664 the 'R' flag is set, the Registering Node requests the 6LR to 665 ensure reachability for the Registered Address, e.g., by means of 666 routing or proxying ND. Conversely, when it is not set, the 'R' 667 flag indicates that the Registering Node is a router, and that it 668 will advertise reachability to the Registered Address via a 669 routing protocol (such as RPL [RFC6550]). 671 o A node that supports this specification MUST be provide a 672 Transaction ID (TID) field in the EARO, and set the 'T' flag to 673 indicate the presence of the TID (see Section 5.2). 675 o Finally, this specification introduces new status codes to help 676 diagnose the cause of a registration failure (see Table 1). 678 A 6LN that acts only as a host, when registering, MUST set the 'R' 679 flag to indicate that it is not a router and that it will not handle 680 its own reachability. A 6LR that manages its reachability SHOULD NOT 681 set the 'R' flag; if it does, routes towards this router may be 682 installed on its behalf and may interfere with those it advertises. 684 5.2. Transaction ID 686 The TID is a sequence number that is incremented by the 6LN with each 687 re-registration to a 6LR. The TID is used to determine the recency 688 of the registration request. The network uses the most recent TID to 689 determine the most recent known location(s) of a moving 6LN. When a 690 Registered Node is registered with multiple 6LRs in parallel, the 691 same TID MUST be used. This enables the 6LBRs and/or Routing 692 Registrars to determine whether the registrations are identical, and 693 to distinguish that situation from a movement (for example, see 694 Appendix A and Section 5.7). 696 5.2.1. Comparing TID values 698 The operation of the TID is fully compatible with that of the RPL 699 Path Sequence counter as described in the "Sequence Counter 700 Operation" section of the "IPv6 Routing Protocol for Low-Power and 701 Lossy Networks" [RFC6550] specification. 703 A TID is deemed to be more recent than another when its value is 704 greater as determined by the operations detailed in this section. 706 The TID range is subdivided in a 'lollipop' fashion ([Perlman83]), 707 where the values from 128 and greater are used as a linear sequence 708 to indicate a restart and bootstrap the counter, and the values less 709 than or equal to 127 used as a circular sequence number space of size 710 128 as in [RFC1982]. Consideration is given to the mode of operation 711 when transitioning from the linear region to the circular region. 712 Finally, when operating in the circular region, if sequence numbers 713 are determined to be too far apart then they are not comparable, as 714 detailed below. 716 A window of comparison, SEQUENCE_WINDOW = 16, is configured based on 717 a value of 2^N, where N is defined to be 4 in this specification. 719 For a given sequence counter, 721 1. The sequence counter SHOULD be initialized to an implementation 722 defined value which is 128 or greater prior to use. A 723 recommended value is 240 (256 - SEQUENCE_WINDOW). 725 2. When a sequence counter increment would cause the sequence 726 counter to increment beyond its maximum value, the sequence 727 counter MUST wrap back to zero. When incrementing a sequence 728 counter greater than or equal to 128, the maximum value is 255. 729 When incrementing a sequence counter less than 128, the maximum 730 value is 127. 732 3. When comparing two sequence counters, the following rules MUST be 733 applied: 735 1. When a first sequence counter A is in the interval [128..255] 736 and a second sequence counter B is in [0..127]: 738 1. If (256 + B - A) is less than or equal to 739 SEQUENCE_WINDOW, then B is greater than A, A is less than 740 B, and the two are not equal. 742 2. If (256 + B - A) is greater than SEQUENCE_WINDOW, then A 743 is greater than B, B is less than A, and the two are not 744 equal. 746 For example, if A is 240, and B is 5, then (256 + 5 - 240) is 747 21. 21 is greater than SEQUENCE_WINDOW (16), thus 240 is 748 greater than 5. As another example, if A is 250 and B is 5, 749 then (256 + 5 - 250) is 11. 11 is less than SEQUENCE_WINDOW 750 (16), thus 250 is less than 5. 752 2. In the case where both sequence counters to be compared are 753 less than or equal to 127, and in the case where both 754 sequence counters to be compared are greater than or equal to 755 128: 757 1. If the absolute magnitude of difference between the two 758 sequence counters is less than or equal to 759 SEQUENCE_WINDOW, then a comparison as described in 760 [RFC1982] is used to determine the relationships greater 761 than, less than, and equal. 763 2. If the absolute magnitude of difference of the two 764 sequence counters is greater than SEQUENCE_WINDOW, then a 765 desynchronization has occurred and the two sequence 766 numbers are not comparable. 768 4. If two sequence numbers are determined to be not comparable, 769 i.e., the results of the comparison are not defined, then a node 770 should give precedence to the sequence number that was most 771 recently incremented. Failing this, the node should select the 772 sequence number in order to minimize the resulting changes to its 773 own state. 775 5.3. Registration Ownership Verifier (ROVR) 777 The ROVR field replaces the EUI-64 field of the ARO defined in 778 [RFC6775]. It is associated in the 6LR and the 6LBR with the 779 registration state. The ROVR can be a unique ID of the Registering 780 Node, such as the EUI-64 address of an interface. This can also be a 781 token obtained with cryptographic methods which can be used in 782 additional protocol exchanges to associate a cryptographic identity 783 (key) with this registration to ensure that only the owner can modify 784 it later, if the proof-of-ownership of the ROVR can be obtained (more 785 in Section 5.6). The scope of a ROVR is the registration of a 786 particular IPv6 Address and it MUST NOT be used to correlate 787 registrations of different addresses. 789 The ROVR can be of different types; the type is signaled in the 790 message that carries the new type. For instance, the type can be a 791 cryptographic string and used to prove the ownership of the 792 registration as specified in "Address Protected Neighbor Discovery 793 for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd]. In order to 794 support the flows related to the proof-of-ownership, this 795 specification introduces new status codes "Validation Requested" and 796 "Validation Failed" in the EARO. 798 Note on ROVR collision: different techniques for forming the ROVR 799 will operate in different name-spaces. [RFC6775] operates on EUI- 800 64(TM) addresses. [I-D.ietf-6lo-ap-nd] generates cryptographic 801 tokens. While collisions are not expected in the EUI-64 name-space 802 only, they may happen in the case of [I-D.ietf-6lo-ap-nd] and in a 803 mixed situation. An implementation that understands the name-space 804 MUST consider that ROVRs from different name-spaces are different 805 even if they have the same value. An RFC6775-only 6LR or 6LBR will 806 confuse the name-spaces, which slightly increases the risk of a ROVR 807 collision. A collision of ROVR has no effect if the two Registering 808 Nodes register different addresses, since the ROVR is only 809 significant within the context of one registration. A ROVR is not 810 expected to be unique to one registration, as this specification 811 allows a node to use the same ROVR to register multiple IPv6 812 addresses. This is why the ROVR MUST NOT be used as a key to 813 identify the Registering Node, or as an index to the registration. 814 It is only used as a match to ensure that the node that updates a 815 registration for an IPv6 address is the node that made the original 816 registration for that IPv6 address. Also, when the ROVR is not an 817 EUI-64 address, then it MUST NOT be used as the interface ID of the 818 Registered Address. This way, a registration that uses that ROVR 819 will not collide with that of an IPv6 Address derived from EUI-64 and 820 using the EUI-64 as ROVR per [RFC6775]. 822 The Registering Node SHOULD store the ROVR, or enough information to 823 regenerate it, in persistent memory. If this is not done and an 824 event such as a reboot causes a loss of state, re-registering the 825 same address could be impossible until the 6LRs and the 6LBR time out 826 the previous registration, or a management action is taken to clear 827 the relevant state in the network. 829 5.4. Extended Duplicate Address Messages 831 In order to map the new EARO content in the Extended Duplicate 832 Address (EDA) messages, a new TID field is added to the Extended DAR 833 (EDAR) and the Extended DAC (EDAC) messages as a replacement of the 834 Reserved field, and a non-null value of the ICMP Code indicates 835 support for this specification. The format of the EDAR and EDAC 836 messages is presented in Section 4.2. 838 As with the EARO, the Extended Duplicate Address messages are 839 backward compatible with the RFC6775-only versions as long as the 840 ROVR field is 64 bits long. Remarks concerning backwards 841 compatibility for the protocol between the 6LN and the 6LR apply 842 similarly between a 6LR and a 6LBR. 844 5.5. Registering the Target Address 846 An NS message with an EARO is a registration if and only if it also 847 carries an SLLA Option [RFC6775]. The EARO can also be used in NS 848 and NA messages between Routing Registrars to determine the 849 distributed registration state; in that case, it does not carry the 850 SLLA Option and is not confused with a registration. 852 The Registering Node is the node that performs the registration to 853 the Routing Registrar. As in [RFC6775], it may be the Registered 854 Node as well, in which case it registers one of its own addresses and 855 indicates its own MAC Address as Source Link Layer Address (SLLA) in 856 the NS(EARO). 858 This specification adds the capability to proxy the registration 859 operation on behalf of a Registered Node that is reachable over an 860 LLN mesh. In that case, if the Registered Node is reachable from the 861 Routing Registrar via a Mesh-Under mesh, the Registering Node 862 indicates the MAC Address of the Registered Node as the SLLA in the 863 NS(EARO). If the Registered Node is reachable over a Route-Over mesh 864 from the Registering Node, the SLLA in the NS(ARO) is that of the 865 Registering Node. This enables the Registering Node to attract the 866 packets from the Routing Registrar and route them over the LLN to the 867 Registered Node. 869 In order to enable the latter operation, this specification changes 870 the behavior of the 6LN and the 6LR so that the Registered Address is 871 found in the Target Address field of the NS and NA messages as 872 opposed to the Source Address field. With this convention, a TLLA 873 option indicates the link-layer address of the 6LN that owns the 874 address. 876 A Registering Node (e.g., a 6LBR also acting as RPL Root) that 877 advertises reachability for the 6LN MUST place its own Link Layer 878 Address in the SLLA Option of the registration NS(EARO) message. 879 This maintains compatibility with RFC6775-only 6LoWPAN ND [RFC6775]. 881 5.6. Link-Local Addresses and Registration 883 LLN nodes are often not wired and may move. There is no guarantee 884 that a Link-Local Address remain unique among a huge and potentially 885 variable set of neighboring nodes. 887 Compared to [RFC6775], this specification only requires that a Link- 888 Local Address be unique from the perspective of the two nodes that 889 use it to communicate (e.g., the 6LN and the 6LR in an NS/NA 890 exchange). This simplifies the DAD process in a Route-Over topology 891 for Link-Local Addresses by avoiding an exchange of EDA messages 892 between the 6LR and a 6LBR for those addresses. 894 An exchange between two nodes using Link-Local Addresses implies that 895 they are reachable over one hop. A node MUST register a Link-Local 896 Address to a 6LR in order to obtain further reachability by way of 897 that 6LR, and in particular to use the Link-Local Address as source 898 address to register other addresses, e.g., global addresses. 900 If there is no collision with a previously registered address, then 901 the Link-Local Address is unique from the standpoint of this 6LR and 902 the registration is not a duplicate. Two different 6LRs might claim 903 the same Link-Local Address but different link-layer addresses. In 904 that case, a 6LN MUST only interact with at most one of the 6LRs. 906 The exchange of EDAR and EDAC messages between the 6LR and a 6LBR, 907 which ensures that an address is unique across the domain covered by 908 the 6LBR, does not need to take place for Link-Local Addresses. 910 When sending an NS(EARO) to a 6LR, a 6LN MUST use a Link-Local 911 Address as the source address of the registration, whatever the type 912 of IPv6 address that is being registered. That Link-Local Address 913 MUST be either an address that is already registered to the 6LR, or 914 the address that is being registered. 916 When a 6LN starts up, it typically multicasts a RS and receives one 917 or more unicast RA messages from 6LRs. If the 6LR can process EARO 918 messages, then it places a 6CIO in its RA message with the "E" Flag 919 set as required in Section 6.1. 921 When a Registering Node does not have an already-registered Address, 922 it MUST register a Link-Local Address, using it as both the Source 923 and the Target Address of an NS(EARO) message. In that case, it is 924 RECOMMENDED to use an address for which DAD is not required (see 925 [RFC6775]), e.g., derived from a globally unique EUI-64 address; 926 using the SLLA Option in the NS is consistent with existing ND 927 specifications such as the "Optimistic Duplicate Address Detection 928 (ODAD) for IPv6" [RFC4429]. The 6LN MAY then use that address to 929 register one or more other addresses. 931 A 6LR that supports this specification replies with an NA(EARO), 932 setting the appropriate status. Since there is no exchange of EDAR 933 or EDAC messages for Link-Local Addresses, the 6LR may answer 934 immediately to the registration of a Link-Local Address, based solely 935 on its existing state and the Source Link-Layer Option that is placed 936 in the NS(EARO) message as required in [RFC6775]. 938 A node registers its IPv6 Global Unicast Addresses (GUAs) to a 6LR in 939 order to establish global reachability for these addresses via that 940 6LR. When registering with an updated 6LR, a Registering Node does 941 not use a GUA as Source Address, in contrast to a node that complies 942 to [RFC6775]. For non-Link-Local Addresses, the exchange of EDAR and 943 EDAC messages MUST conform to [RFC6775], but the extended formats 944 described in this specification for the DAR and the DAC are used to 945 relay the extended information in the case of an EARO. 947 5.7. Maintaining the Registration States 949 This section discusses protocol actions that involve the Registering 950 Node, the 6LR, and the 6LBR. It must be noted that the portion that 951 deals with a 6LBR only applies to those addresses that are registered 952 to it; as discussed in Section 5.6, this is not the case for Link- 953 Local Addresses. The registration state includes all data that is 954 stored in the router relative to that registration, in particular, 955 but not limited to, an NCE. 6LBRs and Routing Registrars may store 956 additional registration information and use synchronization protocols 957 that are out of scope of this document. 959 A 6LR cannot accept a new registration when its registration storage 960 space is exhausted. In that situation, the EARO is returned in an NA 961 message with a Status Code of "Neighbor Cache Full" (Table 1), and 962 the Registering Node may attempt to register to another 6LR. 964 If the registry in the 6LBR is full, then the 6LBR cannot decide 965 whether a registration for a new address is a duplicate. In that 966 case, the 6LBR replies to an EDAR message with an EDAC message that 967 carries a new Status Code indicating "6LBR Registry Saturated" 968 (Table 1). Note: this code is used by 6LBRs instead of "Neighbor 969 Cache Full" when responding to a Duplicate Address message exchange 970 and is passed on to the Registering Node by the 6LR. There is no 971 point for the node to retry this registration via another 6LR, since 972 the problem is network-wide. The node may either abandon that 973 address, de-register other addresses first to make room, or keep the 974 address in TENTATIVE state and retry later. 976 A node renews an existing registration by sending a new NS(EARO) 977 message for the Registered Address, and the 6LR MUST report the new 978 registration to the 6LBR. 980 A node that ceases to use an address SHOULD attempt to de-register 981 that address from all the 6LRs to which it has registered the 982 address. This is achieved using an NS(EARO) message with a 983 Registration Lifetime of 0. If this is not done, the associated 984 state will remain in the network till the current Registration 985 Lifetime expires and this may lead to a situation where the 6LR 986 resources become saturated, even if they are correctly planned to 987 start with. The 6LR may then take defensive measures that may 988 prevent this node or some other nodes from owning as many addresses 989 as they request (see Section 7). 991 A node that moves away from a particular 6LR SHOULD attempt to de- 992 register all of its addresses registered to that 6LR and register to 993 a new 6LR with an incremented TID. When/if the node appears 994 elsewhere, an asynchronous NA(EARO) or EDAC message with a Status 995 Code of "Moved" SHOULD be used to clean up the state in the previous 996 location. The "Moved" status can be used by a Routing Registrar in 997 an NA(EARO) message to indicate that the ownership of the proxy state 998 was transferred to another Routing Registrar due to movement of the 999 device. If the receiver of the message has registration state 1000 corresponding to the related address, it SHOULD propagate the status 1001 down the forwarding path to the Registered Node (e.g., reversing an 1002 existing RPL [RFC6550] path as prescribed in 1003 [I-D.ietf-roll-efficient-npdao]). Whether it could do so or not, the 1004 receiver MUST clean up said state. 1006 Upon receiving an NS(EARO) message with a Registration Lifetime of 0 1007 and determining that this EARO is the most recent for a given NCE 1008 (see Section 5.2), a 6LR cleans up its NCE. If the address was 1009 registered to the 6LBR, then the 6LR MUST report to the 6LBR, through 1010 a Duplicate Address exchange with the 6LBR, indicating the null 1011 Registration Lifetime and the latest TID that this 6LR is aware of. 1013 Upon receiving the EDAR message, the 6LBR evaluates if this is the 1014 most recent TID it has received for that particular registry entry. 1015 If so, then the EDAR is answered with an EDAC message bearing a 1016 Status of "Success" and the entry is scheduled to be removed. 1017 Otherwise, a Status Code of "Moved" is returned instead, and the 1018 existing entry is maintained. 1020 When an address is scheduled to be removed, the 6LBR SHOULD keep its 1021 NCE in a DELAY state [RFC4861] for a configurable period of time, so 1022 as to protect a mobile node that de-registered from one 6LR and did 1023 not register yet to a new one, or the new registration did not yet 1024 reach the 6LBR due to propagation delays in the network. Once the 1025 DELAY time is passed, the 6LBR silently removes its entry. 1027 6. Backward Compatibility 1029 This specification changes the behavior of the peers in a 1030 registration flow. To enable backward compatibility, a 6LN that 1031 registers to a 6LR that is not known to support this specification 1032 MUST behave in a manner that is backward-compatible with [RFC6775]. 1033 On the contrary, if the 6LR is found to support this specification, 1034 then the 6LN MUST conform to this specification when communicating 1035 with that 6LR. 1037 A 6LN that supports this specification MUST always use an EARO as a 1038 replacement for an ARO in its registration to a router. This is 1039 backward-compatible since the 'T' flag and TID field are reserved in 1040 [RFC6775], and are ignored by an RFC6775-only router. A router that 1041 supports this specification MUST answer an NS(ARO) and an NS(EARO) 1042 with an NA(EARO). A router that does not support this specification 1043 will consider the ROVR as an EUI-64 address and treat it the same, 1044 which has no consequence if the Registered Addresses are different. 1046 6.1. Signaling EARO Support 1048 "Generic Header Compression for IPv6 over 6LoWPANs" [RFC7400] 1049 specifies the 6LoWPAN Capability Indication Option (6CIO) to indicate 1050 a node's capabilities to its peers. The 6CIO MUST be present in both 1051 Router Solicitation (RS) and Router Advertisement (RA) messages, 1052 unless the 6CIO information was already shared in recent exchanges, 1053 or pre-configured in all nodes in a network. In any case, a 6CIO 1054 MUST be placed in an RA message that is sent in response to an RS 1055 with a 6CIO. 1057 Section 4.3 defines a new flag for the 6CIO to signal support for 1058 EARO by the issuer of the message. New flags are also added to the 1059 6CIO to signal the sender's capability to act as a 6LR, 6LBR, and 1060 Routing Registrar (see Section 4.3). 1062 Section 4.3 also defines a new flag that indicates the support of 1063 EDAR and EDAC messages by the 6LBR. This flag is valid in RA 1064 messages but not in RS messages. More information on the 6LBR is 1065 found in a separate Authoritative Border Router Option (ABRO). The 1066 ABRO is placed in RA messages as prescribed by [RFC6775]; in 1067 particular, it MUST be placed in an RA message that is sent in 1068 response to an RS with a 6CIO indicating the capability to act as a 1069 6LR, since the RA propagates information between routers. 1071 6.2. RFC6775-only 6LN 1073 An RFC6775-only 6LN will use the Registered Address as the source 1074 address of the NS message and will not use an EARO. An updated 6LR 1075 MUST accept that registration if it is valid per [RFC6775], and it 1076 MUST manage the binding cache accordingly. The updated 6LR MUST then 1077 use the RFC6775-only DAR and DAC messages as specified in [RFC6775] 1078 to indicate to the 6LBR that the TID is not present in the messages. 1080 The main difference from [RFC6775] is that the exchange of DAR and 1081 DAC messages for the purpose of DAD is avoided for Link-Local 1082 Addresses. In any case, the 6LR MUST use an EARO in the reply, and 1083 can use any of the Status codes defined in this specification. 1085 6.3. RFC6775-only 6LR 1087 An updated 6LN discovers the capabilities of the 6LR in the 6CIO in 1088 RA messages from that 6LR; if the 6CIO was not present in the RA, 1089 then the 6LR is assumed to be a RFC6775-only 6LR. 1091 An updated 6LN MUST use an EARO in the request regardless of the type 1092 of 6LR, RFC6775-only or updated, which implies that the 'T' flag is 1093 set. It MUST use a ROVR of 64 bits if the 6LR is an RFC6775-only 1094 6LR. 1096 If an updated 6LN moves from an updated 6LR to an RFC6775-only 6LR, 1097 the RFC6775-only 6LR will send an RFC6775-only DAR message, which 1098 cannot be compared with an updated one for recency. Allowing 1099 RFC6775-only DAR messages to update a state established by the 1100 updated protocol in the 6LBR would be an attack vector and that 1101 cannot be the default behavior. But if RFC6775-only and updated 6LRs 1102 coexist temporarily in a network, then it makes sense for an 1103 administrator to install a policy that allows this, using some method 1104 out of scope for this document. 1106 6.4. RFC6775-only 6LBR 1108 With this specification, the Duplicate Address messages are extended 1109 to transport the EARO information. As with the NS/NA exchange, an 1110 updated 6LBR MUST always use the EDAR and EDAC messages. 1112 Note that an RFC6775-only 6LBR will accept and process an EDAR 1113 message as if it were an RFC6775-only DAR, as long as the ROVR is 64 1114 bits long. An updated 6LR discovers the capabilities of the 6LBR in 1115 the 6CIO in RA messages from the 6LR; if the 6CIO was not present in 1116 any RA, then the 6LBR is assumed to be a RFC6775-only 6LBR. 1118 If the 6LBR is RFC6775-only, the 6LR MUST use only the 64 leftmost 1119 bits of the ROVR, and place the result in the EDAR message to 1120 maintain compatibility. This way, the support of DAD is preserved. 1122 7. Security Considerations 1124 This specification extends [RFC6775], and the security section of 1125 that document also applies to this document. In particular, the link 1126 layer SHOULD be sufficiently protected to prevent rogue access. 1128 [RFC6775] does not protect the content of its messages and expects a 1129 lower layer encryption to defeat potential attacks. This 1130 specification requires the LLN MAC to provide secure unicast to/from 1131 a Routing Registrar and secure Broadcast or Multicast from the 1132 Routing Registrar in a way that prevents tampering with or replaying 1133 the Neighbor Discovery messages. 1135 This specification recommends using privacy techniques (see 1136 Section 8), and protecting against address theft by methods outside 1137 the scope of this document. As an example, "Address Protected 1138 Neighbor Discovery for Low-power and Lossy Networks" 1139 [I-D.ietf-6lo-ap-nd] guarantees the ownership of the Registered 1140 Address using a cryptographic ROVR. 1142 The registration mechanism may be used by a rogue node to attack the 1143 6LR or the 6LBR with a Denial-of-Service attack against the registry. 1144 It may also happen that the registry of a 6LR or a 6LBR is saturated 1145 and cannot take any more registrations, which effectively denies the 1146 requesting node the capability to use a new address. In order to 1147 alleviate those concerns, Section 5.7 provides a number of 1148 recommendations that ensure that a stale registration is removed as 1149 soon as possible from the 6LR and 6LBR. In particular, this 1150 specification recommends that: 1152 o A node that ceases to use an address SHOULD attempt to de-register 1153 that address from all the 6LRs to which it is registered. See 1154 Section 5.2 for the mechanism to avoid replay attacks and avoiding 1155 the use of stale registration information. 1157 o The Registration lifetimes SHOULD be individually configurable for 1158 each address or group of addresses. The nodes SHOULD be 1159 configured with a Registration Lifetime that reflects their 1160 expectation of how long they will use the address with the 6LR to 1161 which it is registered. In particular, use cases that involve 1162 mobility or rapid address changes SHOULD use lifetimes that are 1163 larger yet of a same order as the duration of the expectation of 1164 presence. 1166 o The router (6LR or 6LBR) SHOULD be configurable so as to limit the 1167 number of addresses that can be registered by a single node, but 1168 as a protective measure only. In any case, a router MUST be able 1169 to keep a minimum number of addresses per node. That minimum 1170 depends on the type of device and ranges between 3 for a very 1171 constrained LLN and 10 for a larger device. A node may be 1172 identified by its MAC address, as long as it is not obfuscated by 1173 privacy measures. A stronger identification (e.g., by security 1174 credentials) is RECOMMENDED. When the maximum is reached, the 1175 router SHOULD use a Least-Recently-Used (LRU) algorithm to clean 1176 up the addresses, keeping at least one Link-Local Address. The 1177 router SHOULD attempt to keep one or more stable addresses if 1178 stability can be determined, e.g., because they are used over a 1179 much longer time span than other (privacy, shorter-lived) 1180 addresses. 1182 o In order to avoid denial of registration for the lack of 1183 resources, administrators should take great care to deploy 1184 adequate numbers of 6LRs to cover the needs of the nodes in their 1185 range, so as to avoid a situation of starving nodes. It is 1186 expected that the 6LBR that serves an LLN is a more capable node 1187 than the average 6LR, but in a network condition where it may 1188 become saturated, a particular LLN should distribute the 6LBR 1189 functionality, for instance by leveraging a high speed Backbone 1190 Link and Routing Registrars to aggregate multiple LLNs into a 1191 larger subnet. 1193 The LLN nodes depend on a 6LBR and may use the services of a routing 1194 Registrar for their operation. A trust model MUST be put in place to 1195 ensure that only authorized devices are acting in these roles so as 1196 to avoid threats such as black-holing or bombing attack whereby an 1197 impersonated 6LBR would destroy state in the network by using the 1198 "Removed" Status code. This trust model could be at a minimum based 1199 on a Layer-2 access control, or could provide role validation as well 1200 (see Req5.1 in Appendix B.5). 1202 8. Privacy Considerations 1204 As indicated in Section 3, this protocol does not limit the number of 1205 IPv6 addresses that each device can form. However, to mitigate 1206 denial-of-service attacks, it can be useful as a protective measure 1207 to have a limit that is high enough not to interfere with the normal 1208 behavior of devices in the network. A host should be able to form 1209 and register any address that is topologically correct in the 1210 subnet(s) advertised by the 6LR/6LBR. 1212 This specification does not mandate any particular way for forming 1213 IPv6 addresses, but it discourages using EUI-64 for forming the 1214 Interface ID in the Link-Local Address because this method prevents 1215 the usage of "SEcure Neighbor Discovery (SEND)" [RFC3971], 1216 "Cryptographically Generated Addresses (CGA)" [RFC3972], and other 1217 address privacy techniques. 1219 "Privacy Considerations for IPv6 Adaptation-Layer Mechanisms" 1220 [RFC8065] explains why privacy is important and how to form privacy- 1221 aware addresses. All implementations and deployments must consider 1222 the option of privacy addresses in their own environments. 1224 The IPv6 address of the 6LN in the IPv6 header can be compressed 1225 statelessly when the Interface Identifier in the IPv6 address can be 1226 derived from the Lower Layer address. When it is not critical to 1227 benefit from that compression, e.g., the address can be compressed 1228 statefully, or it is rarely used and/or it is used only over one hop, 1229 then privacy concerns should be considered. In particular, new 1230 implementations should follow the IETF "Recommendation on Stable IPv6 1231 Interface Identifiers" [RFC8064]. [RFC8064] recommends the use of "A 1232 Method for Generating Semantically Opaque Interface Identifiers with 1233 IPv6 Stateless Address Autoconfiguration (SLAAC)" [RFC7217] for 1234 generating Interface Identifiers to be used in SLAAC. 1236 9. IANA Considerations 1238 Note to RFC Editor, to be removed: please replace "This RFC" 1239 throughout this document by the RFC number for this specification 1240 once it is allocated. 1242 IANA is requested to make a number of changes under the "Internet 1243 Control Message Protocol version 6 (ICMPv6) Parameters" registry, as 1244 follows. 1246 9.1. ARO Flags 1248 IANA is requested to create a new subregistry for "ARO Flags" under 1249 the "Internet Control Message Protocol version 6 (ICMPv6) [RFC4443] 1250 Parameters". 1252 This specification defines 8 positions, bit 0 to bit 7, and assigns 1253 bit 6 for the 'R' flag and bit 7 for the 'T' flag (see Section 4.1). 1254 The policy is "IETF Review" or "IESG Approval" [RFC8126]. 1256 The initial content of the registry is as shown in Table 2. 1258 +-------------+--------------+-----------+ 1259 | ARO Status | Description | Document | 1260 +-------------+--------------+-----------+ 1261 | 0..5 | Unassigned | | 1262 | | | | 1263 | 6 | 'R' Flag | This RFC | 1264 | | | | 1265 | 7 | 'T' Flag | This RFC | 1266 +-------------+--------------+-----------+ 1268 Table 2: New ARO Flags 1270 9.2. EARO I-Field 1272 IANA is requested to create a new subregistry for "ARO Flags" under 1273 the "Internet Control Message Protocol version 6 (ICMPv6) [RFC4443] 1274 Parameters". 1276 This specification defines 4 integer values from 0 to 3, and assigns 1277 value 0 (see Section 4.1). The policy is "IETF Review" or "IESG 1278 Approval" [RFC8126]. 1280 The initial content of the registry is as shown in Table 3. 1282 +--------+---------------------------------------+------------+ 1283 | Value | Meaning | Reference | 1284 +--------+---------------------------------------+------------+ 1285 | 0 | Abstract Index for Topology Selection | This RFC | 1286 | | | | 1287 | 1..3 | Unassigned | | 1288 +--------+---------------------------------------+------------+ 1290 Table 3: New subregistry for the EARO "I" Field 1292 9.3. ICMP Codes 1294 IANA is requested to create 2 new subregistries of the ICMPv6 "Code" 1295 Fields registry, which itself is a subregistry of the Internet 1296 Control Message Protocol version 6 (ICMPv6) Parameters for the ICMP 1297 codes. 1299 The new subregistries relate to the ICMP type 157, Duplicate Address 1300 Request (shown in Table 4), and 158, Duplicate Address Confirmation 1301 (shown in Table 5), respectively. For those two ICMP types, the ICMP 1302 Code field is split into 2 subfields, the "Code Prefix" and the "Code 1303 Suffix". The new subregistries relate to the "Code Suffix" portion 1304 of the ICMP Code. The range of "Code Suffix" is 0..15 in all cases. 1306 The policy is "IETF Review" or "IESG Approval" [RFC8126] for both 1307 subregistries. 1309 The new subregistries are to be initialized as follows: 1311 +--------------+--------------------------------------+------------+ 1312 | Code Suffix | Meaning | Reference | 1313 +--------------+--------------------------------------+------------+ 1314 | 0 | RFC6775 DAR message | RFC 6775 | 1315 | | | | 1316 | 1 | EDAR message with 64-bit ROVR field | This RFC | 1317 | | | | 1318 | 2 | EDAR message with 128-bit ROVR field | This RFC | 1319 | | | | 1320 | 3 | EDAR message with 192-bit ROVR field | This RFC | 1321 | | | | 1322 | 4 | EDAR message with 256-bit ROVR field | This RFC | 1323 | | | | 1324 | 5...15 | Unassigned | | 1325 +--------------+--------------------------------------+------------+ 1327 Table 4: New Code Suffixes for ICMP type 157 DAR message 1329 +--------------+--------------------------------------+------------+ 1330 | Code Suffix | Meaning | Reference | 1331 +--------------+--------------------------------------+------------+ 1332 | 0 | RFC6775 DAC message | RFC 6775 | 1333 | | | | 1334 | 1 | EDAC message with 64-bit ROVR field | This RFC | 1335 | | | | 1336 | 2 | EDAC message with 128-bit ROVR field | This RFC | 1337 | | | | 1338 | 3 | EDAC message with 192-bit ROVR field | This RFC | 1339 | | | | 1340 | 4 | EDAC message with 256-bit ROVR field | This RFC | 1341 | | | | 1342 | 5...15 | Unassigned | | 1343 +--------------+--------------------------------------+------------+ 1345 Table 5: New Code Suffixes for ICMP type 158 DAC message 1347 9.4. New ARO Status values 1349 IANA is requested to make additions to the Address Registration 1350 Option Status Values Registry as follows: 1352 +-------------+-----------------------------------------+-----------+ 1353 | ARO Status | Description | Document | 1354 +-------------+-----------------------------------------+-----------+ 1355 | 3 | Moved | This RFC | 1356 | | | | 1357 | 4 | Removed | This RFC | 1358 | | | | 1359 | 5 | Validation Requested | This RFC | 1360 | | | | 1361 | 6 | Duplicate Source Address | This RFC | 1362 | | | | 1363 | 7 | Invalid Source Address | This RFC | 1364 | | | | 1365 | 8 | Registered Address topologically | This RFC | 1366 | | incorrect | | 1367 | | | | 1368 | 9 | 6LBR Registry saturated | This RFC | 1369 | | | | 1370 | 10 | Validation Failed | This RFC | 1371 +-------------+-----------------------------------------+-----------+ 1373 Table 6: New ARO Status values 1375 9.5. New 6LoWPAN Capability Bits 1377 IANA is requested to make additions to the Subregistry for "6LoWPAN 1378 Capability Bits" as follows: 1380 +-----------------+---------------------------+-----------+ 1381 | Capability Bit | Description | Document | 1382 +-----------------+---------------------------+-----------+ 1383 | 10 | EDA Support (D bit) | This RFC | 1384 | | | | 1385 | 11 | 6LR capable (L bit) | This RFC | 1386 | | | | 1387 | 12 | 6LBR capable (B bit) | This RFC | 1388 | | | | 1389 | 13 | Routing Registrar (P bit) | This RFC | 1390 | | | | 1391 | 14 | EARO support (E bit) | This RFC | 1392 +-----------------+---------------------------+-----------+ 1394 Table 7: New 6LoWPAN Capability Bits 1396 10. Acknowledgments 1398 Kudos to Eric Levy-Abegnoli who designed the First Hop Security 1399 infrastructure upon which the first backbone router was implemented. 1400 Many thanks to Sedat Gormus, Rahul Jadhav, Tim Chown, Juergen 1401 Schoenwaelder, Chris Lonvick, Dave Thaler, Adrian Farrel, Peter Yee, 1402 Warren Kumari, Benjamin Kaduk, Mirja Kuhlewind, Ben Campbell, Eric 1403 Rescorla, and Lorenzo Colitti for their various contributions and 1404 reviews. Also, many thanks to Thomas Watteyne for the world first 1405 implementation of a 6LN that was instrumental to the early tests of 1406 the 6LR, 6LBR and Backbone Router. 1408 11. References 1410 11.1. Normative References 1412 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1413 Requirement Levels", BCP 14, RFC 2119, 1414 DOI 10.17487/RFC2119, March 1997, 1415 . 1417 [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing 1418 Architecture", RFC 4291, DOI 10.17487/RFC4291, February 1419 2006, . 1421 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1422 Control Message Protocol (ICMPv6) for the Internet 1423 Protocol Version 6 (IPv6) Specification", STD 89, 1424 RFC 4443, DOI 10.17487/RFC4443, March 2006, 1425 . 1427 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 1428 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 1429 DOI 10.17487/RFC4861, September 2007, 1430 . 1432 [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless 1433 Address Autoconfiguration", RFC 4862, 1434 DOI 10.17487/RFC4862, September 2007, 1435 . 1437 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 1438 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, 1439 DOI 10.17487/RFC6282, September 2011, 1440 . 1442 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 1443 Bormann, "Neighbor Discovery Optimization for IPv6 over 1444 Low-Power Wireless Personal Area Networks (6LoWPANs)", 1445 RFC 6775, DOI 10.17487/RFC6775, November 2012, 1446 . 1448 [RFC7400] Bormann, C., "6LoWPAN-GHC: Generic Header Compression for 1449 IPv6 over Low-Power Wireless Personal Area Networks 1450 (6LoWPANs)", RFC 7400, DOI 10.17487/RFC7400, November 1451 2014, . 1453 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1454 Writing an IANA Considerations Section in RFCs", BCP 26, 1455 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1456 . 1458 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1459 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1460 May 2017, . 1462 11.2. Terminology Related References 1464 [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 1465 over Low-Power Wireless Personal Area Networks (6LoWPANs): 1466 Overview, Assumptions, Problem Statement, and Goals", 1467 RFC 4919, DOI 10.17487/RFC4919, August 2007, 1468 . 1470 [RFC6606] Kim, E., Kaspar, D., Gomez, C., and C. Bormann, "Problem 1471 Statement and Requirements for IPv6 over Low-Power 1472 Wireless Personal Area Network (6LoWPAN) Routing", 1473 RFC 6606, DOI 10.17487/RFC6606, May 2012, 1474 . 1476 11.3. Informative References 1478 [I-D.chakrabarti-nordmark-6man-efficient-nd] 1479 Chakrabarti, S., Nordmark, E., Thubert, P., and M. 1480 Wasserman, "IPv6 Neighbor Discovery Optimizations for 1481 Wired and Wireless Networks", draft-chakrabarti-nordmark- 1482 6man-efficient-nd-07 (work in progress), February 2015. 1484 [I-D.delcarpio-6lo-wlanah] 1485 Vega, L., Robles, I., and R. Morabito, "IPv6 over 1486 802.11ah", draft-delcarpio-6lo-wlanah-01 (work in 1487 progress), October 2015. 1489 [I-D.hou-6lo-plc] 1490 Hou, J., Hong, Y., and X. Tang, "Transmission of IPv6 1491 Packets over PLC Networks", draft-hou-6lo-plc-03 (work in 1492 progress), December 2017. 1494 [I-D.ietf-6lo-ap-nd] 1495 Thubert, P., Sarikaya, B., and M. Sethi, "Address 1496 Protected Neighbor Discovery for Low-power and Lossy 1497 Networks", draft-ietf-6lo-ap-nd-06 (work in progress), 1498 February 2018. 1500 [I-D.ietf-6lo-backbone-router] 1501 Thubert, P., "IPv6 Backbone Router", draft-ietf-6lo- 1502 backbone-router-06 (work in progress), February 2018. 1504 [I-D.ietf-6lo-nfc] 1505 Choi, Y., Hong, Y., Youn, J., Kim, D., and J. Choi, 1506 "Transmission of IPv6 Packets over Near Field 1507 Communication", draft-ietf-6lo-nfc-09 (work in progress), 1508 January 2018. 1510 [I-D.ietf-6tisch-architecture] 1511 Thubert, P., "An Architecture for IPv6 over the TSCH mode 1512 of IEEE 802.15.4", draft-ietf-6tisch-architecture-14 (work 1513 in progress), April 2018. 1515 [I-D.ietf-mboned-ieee802-mcast-problems] 1516 Perkins, C., McBride, M., Stanley, D., Kumari, W., and J. 1517 Zuniga, "Multicast Considerations over IEEE 802 Wireless 1518 Media", draft-ietf-mboned-ieee802-mcast-problems-01 (work 1519 in progress), February 2018. 1521 [I-D.ietf-roll-efficient-npdao] 1522 Jadhav, R., Thubert, P., Sahoo, R., and Z. Cao, "Efficient 1523 Route Invalidation", draft-ietf-roll-efficient-npdao-03 1524 (work in progress), March 2018. 1526 [I-D.struik-lwip-curve-representations] 1527 Struik, R., "Alternative Elliptic Curve Representations", 1528 draft-struik-lwip-curve-representations-00 (work in 1529 progress), October 2017. 1531 [I-D.thubert-roll-unaware-leaves] 1532 Thubert, P., "Routing for RPL Leaves", draft-thubert-roll- 1533 unaware-leaves-05 (work in progress), May 2018. 1535 [RFC1958] Carpenter, B., Ed., "Architectural Principles of the 1536 Internet", RFC 1958, DOI 10.17487/RFC1958, June 1996, 1537 . 1539 [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, 1540 DOI 10.17487/RFC1982, August 1996, 1541 . 1543 [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with 1544 CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 1545 2003, . 1547 [RFC3810] Vida, R., Ed. and L. Costa, Ed., "Multicast Listener 1548 Discovery Version 2 (MLDv2) for IPv6", RFC 3810, 1549 DOI 10.17487/RFC3810, June 2004, 1550 . 1552 [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, 1553 "SEcure Neighbor Discovery (SEND)", RFC 3971, 1554 DOI 10.17487/RFC3971, March 2005, 1555 . 1557 [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", 1558 RFC 3972, DOI 10.17487/RFC3972, March 2005, 1559 . 1561 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) 1562 for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, 1563 . 1565 [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy 1566 Extensions for Stateless Address Autoconfiguration in 1567 IPv6", RFC 4941, DOI 10.17487/RFC4941, September 2007, 1568 . 1570 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 1571 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 1572 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 1573 Low-Power and Lossy Networks", RFC 6550, 1574 DOI 10.17487/RFC6550, March 2012, 1575 . 1577 [RFC7217] Gont, F., "A Method for Generating Semantically Opaque 1578 Interface Identifiers with IPv6 Stateless Address 1579 Autoconfiguration (SLAAC)", RFC 7217, 1580 DOI 10.17487/RFC7217, April 2014, 1581 . 1583 [RFC7428] Brandt, A. and J. Buron, "Transmission of IPv6 Packets 1584 over ITU-T G.9959 Networks", RFC 7428, 1585 DOI 10.17487/RFC7428, February 2015, 1586 . 1588 [RFC7668] Nieminen, J., Savolainen, T., Isomaki, M., Patil, B., 1589 Shelby, Z., and C. Gomez, "IPv6 over BLUETOOTH(R) Low 1590 Energy", RFC 7668, DOI 10.17487/RFC7668, October 2015, 1591 . 1593 [RFC7934] Colitti, L., Cerf, V., Cheshire, S., and D. Schinazi, 1594 "Host Address Availability Recommendations", BCP 204, 1595 RFC 7934, DOI 10.17487/RFC7934, July 2016, 1596 . 1598 [RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu, 1599 "Recommendation on Stable IPv6 Interface Identifiers", 1600 RFC 8064, DOI 10.17487/RFC8064, February 2017, 1601 . 1603 [RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation- 1604 Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065, 1605 February 2017, . 1607 [RFC8105] Mariager, P., Petersen, J., Ed., Shelby, Z., Van de Logt, 1608 M., and D. Barthel, "Transmission of IPv6 Packets over 1609 Digital Enhanced Cordless Telecommunications (DECT) Ultra 1610 Low Energy (ULE)", RFC 8105, DOI 10.17487/RFC8105, May 1611 2017, . 1613 [RFC8163] Lynn, K., Ed., Martocci, J., Neilson, C., and S. 1614 Donaldson, "Transmission of IPv6 over Master-Slave/Token- 1615 Passing (MS/TP) Networks", RFC 8163, DOI 10.17487/RFC8163, 1616 May 2017, . 1618 [RFC8279] Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A., 1619 Przygienda, T., and S. Aldrin, "Multicast Using Bit Index 1620 Explicit Replication (BIER)", RFC 8279, 1621 DOI 10.17487/RFC8279, November 2017, 1622 . 1624 11.4. External Informative References 1626 [IEEEstd802154] 1627 IEEE, "IEEE Standard for Low-Rate Wireless Networks", 1628 IEEE Standard 802.15.4, DOI 10.1109/IEEE 1629 P802.15.4-REVd/D01, June 2017, 1630 . 1632 [Perlman83] 1633 Perlman, R., "Fault-Tolerant Broadcast of Routing 1634 Information", North-Holland Computer Networks 7: 395-405, 1635 1983, . 1638 Appendix A. Applicability and Requirements Served (Not Normative) 1640 This specification extends 6LoWPAN ND to provide a sequence number to 1641 the registration and serves the requirements expressed in 1642 Appendix B.1 by enabling the mobility of devices from one LLN to the 1643 next. A full specification for enabling mobility based on the use of 1644 the EARO and the registration procedures defined in this document can 1645 be found in a companion document "IPv6 Backbone Router" 1646 [I-D.ietf-6lo-backbone-router]. The 6BBR is an example of a Routing 1647 Registrar that acts as an IPv6 ND proxy over a Backbone Link that 1648 federates multiple LLNs as well as the Backbone Link intself into a 1649 single IPv6 subnet. The expected registration flow in that case is 1650 illustrated in Figure 6, noting that any combination of 6LR, 6LBR and 1651 6BBR may be collocated. 1653 6LN 6LR 6LBR 6BBR 1654 | | | | 1655 | NS(EARO) | | | 1656 |--------------->| | | 1657 | | Extended DAR | | 1658 | |-------------->| | 1659 | | | | 1660 | | | proxy NS(EARO) | 1661 | | |--------------->| 1662 | | | | NS(DAD) 1663 | | | | ------> 1664 | | | | 1665 | | | | 1666 | | | proxy NA(EARO) | 1667 | | |<---------------| 1668 | | Extended DAC | | 1669 | |<--------------| | 1670 | NA(EARO) | | | 1671 |<---------------| | | 1672 | | | | 1674 Figure 6: (Re-)Registration Flow 1676 "6TiSCH architecture" [I-D.ietf-6tisch-architecture] describes how a 1677 6LoWPAN ND host using the Timeslotted Channel Hopping (TSCH) mode of 1678 IEEE Std. 802.15.4 [IEEEstd802154] can connect to the Internet via a 1679 RPL mesh network. Doing so requires additions to the 6LoWPAN ND 1680 protocol to support mobility and reachability in a secure and 1681 manageable network environment. This document specifies those new 1682 operations, and fulfills the requirements listed in Appendix B.2. 1684 The term LLN is used loosely in this document, and intended to cover 1685 multiple types of WLANs and WPANs, including Low-Power IEEE Std. 1686 802.11 networking, Bluetooth Low Energy, IEEE Std. 802.11ah, and IEEE 1687 Std. 802.15.4 wireless meshes, so as to address the requirements 1688 discussed in Appendix B.3. 1690 This specification can be used by any wireless node to register its 1691 IPv6 addresses with a Routing Registrar and to obtain routing 1692 services including proxy-ND operations over a Backbone Link. This 1693 satisfies the the requirements expressed in Appendix B.4. 1695 This specification is extended by "Address Protected Neighbor 1696 Discovery for Low-power and Lossy Networks" [I-D.ietf-6lo-ap-nd] to 1697 provide a solution to some of the security-related requirements 1698 expressed in Appendix B.5. 1700 "Efficiency aware IPv6 Neighbor Discovery Optimizations" 1701 [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND 1702 [RFC6775] can be extended to other types of links beyond IEEE Std. 1703 802.15.4 for which it was defined. The registration technique is 1704 beneficial when the Link-Layer technique used to carry IPv6 multicast 1705 packets is not sufficiently efficient in terms of delivery ratio or 1706 energy consumption in the end devices, in particular to enable 1707 energy-constrained sleeping nodes. The value of such extension is 1708 especially apparent in the case of mobile wireless nodes, to reduce 1709 the multicast operations that are related to IPv6 ND ([RFC4861], 1710 [RFC4862]) and affect the operation of the wireless medium 1711 [I-D.ietf-mboned-ieee802-mcast-problems]. This serves the 1712 scalability requirements listed in Appendix B.6. 1714 Appendix B. Requirements (Not Normative) 1716 This section lists requirements that were discussed by the 6lo WG for 1717 an update to 6LoWPAN ND. How those requirements are matched with 1718 existing specifications at the time of this writing is shown in 1719 Appendix B.8. 1721 B.1. Requirements Related to Mobility 1723 Due to the unstable nature of LLN links, even in an LLN of immobile 1724 nodes, a 6LN may change its point of attachment from 6LR-a to 6LR-b, 1725 and may not be able to notify 6LR-a. Consequently, 6LR-a may still 1726 attract traffic that it cannot deliver any more. When links to a 6LR 1727 change state, there is thus a need to identify stale states in a 6LR 1728 and restore reachability in a timely fashion, e.g., by using some 1729 signaling upon the detection of the movement, or using a keep-alive 1730 mechanism with a period that is consistent with the application 1731 needs. 1733 Req1.1: Upon a change of point of attachment, connectivity via a new 1734 6LR MUST be restored in a timely fashion without the need to de- 1735 register from the previous 6LR. 1737 Req1.2: For that purpose, the protocol MUST enable differentiating 1738 between multiple registrations from one 6LoWPAN Node and 1739 registrations from different 6LoWPAN Nodes claiming the same address. 1741 Req1.3: Stale states MUST be cleaned up in 6LRs. 1743 Req1.4: A 6LoWPAN Node SHOULD also be able to register its Address 1744 concurrently to multiple 6LRs. 1746 B.2. Requirements Related to Routing Protocols 1748 The point of attachment of a 6LN may be a 6LR in an LLN mesh. IPv6 1749 routing in an LLN can be based on RPL, which is the routing protocol 1750 that was defined by the IETF for this particular purpose. Other 1751 routing protocols are also considered by Standards Development 1752 Organizations (SDO) on the basis of the expected network 1753 characteristics. It is required that a 6LN attached via ND to a 6LR 1754 indicates whether it participates in the selected routing protocol to 1755 obtain reachability via the 6LR, or whether it expects the 6LR to 1756 manage its reachability. 1758 The specified updates enable other specifications to define new 1759 services such as Source Address Validation (SAVI) with 1760 [I-D.ietf-6lo-ap-nd], participation as an unaware leaf to a routing 1761 protocol such as the "Routing Protocol for Low Power and Lossy 1762 Networks" [RFC6550] (RPL) with [I-D.thubert-roll-unaware-leaves], and 1763 registration to a backbone routers performing proxy Neighbor 1764 Discovery in a Low-Power and Lossy Network (LLN) with 1765 [I-D.ietf-6lo-backbone-router]. 1767 Beyond the 6LBR unicast address registered by ND, other addresses 1768 including multicast addresses are needed as well. For example, a 1769 routing protocol often uses a multicast address to register changes 1770 to established paths. ND needs to register such a multicast address 1771 to enable routing concurrently with discovery. 1773 Multicast is needed for groups. Groups may be formed by device type 1774 (e.g., routers, street lamps), location (Geography, RPL sub-tree), or 1775 both. 1777 The Bit Index Explicit Replication (BIER) Architecture [RFC8279] 1778 proposes an optimized technique to enable multicast in an LLN with a 1779 very limited requirement for routing state in the nodes. 1781 Related requirements are: 1783 Req2.1: The ND registration method SHOULD be extended so that the 6LR 1784 is instructed whether to advertise the Address of a 6LN over the 1785 selected routing protocol and obtain reachability to that Address 1786 using the selected routing protocol. 1788 Req2.2: Considering RPL, the Address Registration Option that is used 1789 in the ND registration SHOULD be extended to carry enough information 1790 to generate a DAO message as specified in section 6.4 of [RFC6550], 1791 in particular the capability to compute a Path Sequence and, as an 1792 option, a RPLInstanceID. 1794 Req2.3: Multicast operations SHOULD be supported and optimized, for 1795 instance, using BIER or MPL. Whether ND is appropriate for the 1796 registration to the Routing Registrar is to be defined, considering 1797 the additional burden of supporting the Multicast Listener Discovery 1798 Version 2 [RFC3810] (MLDv2) for IPv6. 1800 B.3. Requirements Related to the Variety of Low-Power Link types 1802 6LoWPAN ND [RFC6775] was defined with a focus on IEEE Std.802.15.4 1803 and in particular the capability to derive a unique identifier from a 1804 globally unique EUI-64 address. At this point, the 6lo Working Group 1805 is extending the 6LoWPAN Header Compression (HC) [RFC6282] technique 1806 to other link types including ITU-T G.9959 [RFC7428], Master-Slave/ 1807 Token-Passing [RFC8163], DECT Ultra Low Energy [RFC8105], Near Field 1808 Communication [I-D.ietf-6lo-nfc], IEEE Std. 802.11ah 1809 [I-D.delcarpio-6lo-wlanah], as well as Bluetooth(R) Low Energy 1810 [RFC7668], and Power Line Communication (PLC) [I-D.hou-6lo-plc] 1811 Networks. 1813 Related requirements are: 1815 Req3.1: The support of the registration mechanism SHOULD be extended 1816 to more LLN links than IEEE Std.802.15.4, matching at least the LLN 1817 links for which an "IPv6 over foo" specification exists, as well as 1818 Low-Power Wi-Fi. 1820 Req3.2: As part of this extension, a mechanism to compute a unique 1821 identifier should be provided, with the capability to form a Link- 1822 Local Address that SHOULD be unique at least within the LLN connected 1823 to a 6LBR discovered by ND in each node within the LLN. 1825 Req3.3: The Address Registration Option used in the ND registration 1826 SHOULD be extended to carry the relevant forms of unique Identifier. 1828 Req3.4: The Neighbor Discovery should specify the formation of a 1829 site-local address that follows the security recommendations from 1830 [RFC7217]. 1832 B.4. Requirements Related to Proxy Operations 1834 Duty-cycled devices may not be awake to answer a lookup from a node 1835 that uses IPv6 ND and may need a proxy. Additionally, the duty- 1836 cycled device may rely on the 6LBR to perform registration to the 1837 Routing Registrar. 1839 The ND registration method SHOULD defend the addresses of duty-cycled 1840 devices that are sleeping most of the time and not capable to defend 1841 their own addresses. 1843 Related requirements are: 1845 Req4.1: The registration mechanism SHOULD enable a third party to 1846 proxy register an address on behalf of a 6LoWPAN node that may be 1847 sleeping or located deeper in an LLN mesh. 1849 Req4.2: The registration mechanism SHOULD be applicable to a duty- 1850 cycled device regardless of the link type and SHOULD enable a Routing 1851 Registrar to operate as a proxy to defend the Registered Addresses on 1852 its behalf. 1854 Req4.3: The registration mechanism SHOULD enable long sleep 1855 durations, on the order of multiple days to a month. 1857 B.5. Requirements Related to Security 1859 In order to guarantee the operations of the 6LoWPAN ND flows, 1860 spoofing the roles of the 6LR, 6LBR, and Routing Registrar should be 1861 avoided. Once a node successfully registers an address, 6LoWPAN ND 1862 should provide energy-efficient means for the 6LBR to protect that 1863 ownership even when the node that registered the address is sleeping. 1865 In particular, the 6LR and the 6LBR then should be able to verify 1866 whether a subsequent registration for a given address comes from the 1867 original node. 1869 In an LLN it makes sense to base security on Layer-2 security. 1870 During bootstrap of the LLN, nodes join the network after 1871 authorization by a Joining Assistant (JA) or a Commissioning Tool 1872 (CT). After joining, nodes communicate with each other via secured 1873 links. The keys for the Layer-2 security are distributed by the JA/ 1874 CT. The JA/CT can be part of the LLN or be outside the LLN. In both 1875 cases it is needed that packets are routed between JA/CT and the 1876 joining node. 1878 Related requirements are: 1880 Req5.1: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1881 the 6LR, 6LBR, and Routing Registrar to authenticate and authorize 1882 one another for their respective roles, as well as with the 6LoWPAN 1883 Node for the role of 6LR. 1885 Req5.2: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1886 the 6LR and the 6LBR to validate new registration of authorized 1887 nodes. Joining of unauthorized nodes MUST be prevented. 1889 Req5.3: 6LoWPAN ND security mechanisms SHOULD NOT lead to large 1890 packet sizes. In particular, the NS, NA, DAR, and DAC messages for a 1891 re-registration flow SHOULD NOT exceed 80 octets so as to fit in a 1892 secured IEEE Std.802.15.4 [IEEEstd802154] frame. 1894 Req5.4: Recurrent 6LoWPAN ND security operations MUST NOT be 1895 computationally intensive on the LoWPAN Node CPU. When a Key hash 1896 calculation is employed, a mechanism lighter than SHA-1 SHOULD be 1897 used. 1899 Req5.5: The number of Keys that the 6LoWPAN Node needs to manipulate 1900 SHOULD be minimized. 1902 Req5.6: The 6LoWPAN ND security mechanisms SHOULD enable the 1903 variation of CCM [RFC3610] called CCM* for use at both Layer 2 and 1904 Layer 3, and SHOULD enable the reuse of security code that has to be 1905 present on the device for upper layer security such as TLS. 1906 Algorithm agility and support for large keys (e.g., 256-bit key 1907 sizes) is also desirable, following at Layer-3 the introduction of 1908 those capabilities at Layer-2. 1910 Req5.7: Public key and signature sizes SHOULD be minimized while 1911 maintaining adequate confidentiality and data origin authentication 1912 for multiple types of applications with various degrees of 1913 criticality. 1915 Req5.8: Routing of packets should continue when links pass from the 1916 unsecured to the secured state. 1918 Req5.9: 6LoWPAN ND security mechanisms SHOULD provide a mechanism for 1919 the 6LR and the 6LBR to validate whether a new registration for a 1920 given address corresponds to the same 6LN that registered it 1921 initially, and, if not, determine the rightful owner and deny or 1922 clean up the registration that is duplicate. 1924 B.6. Requirements Related to Scalability 1926 Use cases from Automatic Meter Reading (AMR, collection tree 1927 operations) and Advanced Metering Infrastructure (AMI, bi-directional 1928 communication to the meters) indicate the needs for a large number of 1929 LLN nodes pertaining to a single RPL DODAG (e.g., 5000) and connected 1930 to the 6LBR over a large number of LLN hops (e.g., 15). 1932 Related requirements are: 1934 Req6.1: The registration mechanism SHOULD enable a single 6LBR to 1935 register multiple thousands of devices. 1937 Req6.2: The timing of the registration operation should allow for a 1938 large latency such as found in LLNs with ten to more hops. 1940 B.7. Requirements Related to Operations and Management 1942 Section 3.8 of "Architectural Principles of the Internet" [RFC1958] 1943 recommends to: "avoid options and parameters whenever possible. Any 1944 options and parameters should be configured or negotiated dynamically 1945 rather than manually". This is especially true in LLNs where the 1946 number of devices may be large and manual configuration is 1947 infeasible. Capabilities for a dynamic configuration of LLN devices 1948 can also be constrained by the network and power limitation. 1950 A Network Administrator should be able to validate that the network 1951 is operating within capacity, and that in particular a 6LBR does not 1952 get overloaded with an excessive amount of registration, so the 1953 administrator can take actions such as adding a Backbone Link with 1954 additional 6LBRs and Routing Registrars to the network. 1956 Related requirements are: 1958 Req7.1: A management model SHOULD be provided that enables access to 1959 the 6LBR, monitor its usage vs. capacity, and alert in case of 1960 congestion. It is recommended that the 6LBR be reachable over a non- 1961 LLN link. 1963 Req7.2: A management model SHOULD be provided that enables access to 1964 the 6LR and its capacity to host additional NCE. This management 1965 model SHOULD avoid polling individual 6LRs in a way that could 1966 disrupt the operation of the LLN. 1968 Req7.3: Information on successful and failed registration SHOULD be 1969 provided, including information such as the ROVR of the 6LN, the 1970 Registered Address, the address of the 6LR, and the duration of the 1971 registration flow. 1973 Req7.4: In case of a failed registration, information on the failure 1974 including the identification of the node that rejected the 1975 registration and the status in the EARO SHOULD be provided. 1977 B.8. Matching Requirements with Specifications 1979 I-drafts/RFCs addressing requirements 1981 +-------------+-----------------------------------------+ 1982 | Requirement | Document | 1983 +-------------+-----------------------------------------+ 1984 | Req1.1 | [I-D.ietf-6lo-backbone-router] | 1985 | | | 1986 | Req1.2 | [RFC6775] | 1987 | | | 1988 | Req1.3 | [RFC6775] | 1989 | | | 1990 | Req1.4 | This RFC | 1991 | | | 1992 | Req2.1 | This RFC | 1993 | | | 1994 | Req2.2 | This RFC | 1995 | | | 1996 | Req2.3 | | 1997 | | | 1998 | Req3.1 | Technology Dependent | 1999 | | | 2000 | Req3.2 | Technology Dependent | 2001 | | | 2002 | Req3.3 | Technology Dependent | 2003 | | | 2004 | Req3.4 | Technology Dependent | 2005 | | | 2006 | Req4.1 | This RFC | 2007 | | | 2008 | Req4.2 | This RFC | 2009 | | | 2010 | Req4.3 | [RFC6775] | 2011 | | | 2012 | Req5.1 | | 2013 | | | 2014 | Req5.2 | [I-D.ietf-6lo-ap-nd] | 2015 | | | 2016 | Req5.3 | | 2017 | | | 2018 | Req5.4 | | 2019 | | | 2020 | Req5.5 | [I-D.ietf-6lo-ap-nd] | 2021 | | | 2022 | Req5.6 | [I-D.struik-lwip-curve-representations] | 2023 | | | 2024 | Req5.7 | [I-D.ietf-6lo-ap-nd] | 2025 | | | 2026 | Req5.8 | | 2027 | | | 2028 | Req5.9 | [I-D.ietf-6lo-ap-nd] | 2029 | | | 2030 | Req6.1 | This RFC | 2031 | | | 2032 | Req6.2 | This RFC | 2033 | | | 2034 | Req7.1 | | 2035 | | | 2036 | Req7.2 | | 2037 | | | 2038 | Req7.3 | | 2039 | | | 2040 | Req7.4 | | 2041 +-------------+-----------------------------------------+ 2043 Table 8: Work Addressing requirements 2045 Authors' Addresses 2047 Pascal Thubert (editor) 2048 Cisco Systems, Inc 2049 Building D (Regus) 45 Allee des Ormes 2050 Mougins - Sophia Antipolis 2051 France 2053 Phone: +33 4 97 23 26 34 2054 Email: pthubert@cisco.com 2056 Erik Nordmark 2057 Zededa 2058 Santa Clara, CA 2059 United States of America 2061 Email: nordmark@sonic.net 2062 Samita Chakrabarti 2063 Verizon 2064 San Jose, CA 2065 United States of America 2067 Email: samitac.ietf@gmail.com 2069 Charles E. Perkins 2070 Futurewei 2071 2330 Central Expressway 2072 Santa Clara 95050 2073 United States of America 2075 Email: charliep@computer.org