idnits 2.17.00 (12 Aug 2021) /tmp/idnits35894/draft-richardson-6tisch-enrollment-enhanced-beacon-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([RFC8180]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 173 has weird spacing: '...riority the p...' == Line 181 has weird spacing: '...riority the p...' == Line 190 has weird spacing: '...riority the r...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (April 24, 2018) is 1482 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'I-D.ietf-6tisch-architecture' is defined on line 271, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6tisch-dtsecurity-secure-join' is defined on line 315, but no explicit reference was found in the text == Outdated reference: draft-ietf-6tisch-architecture has been published as RFC 9030 == Outdated reference: draft-ietf-6tisch-minimal-security has been published as RFC 9031 ** Obsolete normative reference: RFC 2461 (Obsoleted by RFC 4861) Summary: 2 errors (**), 0 flaws (~~), 9 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo Working Group D. Dujovne 3 Internet-Draft Universidad Diego Portales 4 Intended status: Informational M. Richardson 5 Expires: October 26, 2018 Sandelman Software Works 6 April 24, 2018 8 IEEE802.15.4 Informational Element encapsulation of 6tisch Join and 9 Enrollment Information 10 draft-richardson-6tisch-enrollment-enhanced-beacon-01 12 Abstract 14 In TSCH mode of IEEE802.15.4, as described by [RFC8180], 15 opportunities for broadcasts are limited to specific times and 16 specific channels. Nodes in a TSCH network typically frequently send 17 Enhanced Beacon (EB) frames to announce the presence of the network. 18 This document provides a mechanism by which small details critical 19 for new nodes (pledges) and long sleeping nodes may be carried within 20 the Enhanced Beacon. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on October 26, 2018. 39 Copyright Notice 41 Copyright (c) 2018 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.2. Layer-2 Synchronization . . . . . . . . . . . . . . . . . 3 59 1.3. Layer-3 synchronization IPv6 Router solicitations and 60 advertisements . . . . . . . . . . . . . . . . . . . . . 3 61 2. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4 62 2.1. Protocol Example . . . . . . . . . . . . . . . . . . . . 5 63 3. Security Considerations . . . . . . . . . . . . . . . . . . . 5 64 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . 6 65 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 66 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 67 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 68 7.1. Normative References . . . . . . . . . . . . . . . . . . 6 69 7.2. Informative References . . . . . . . . . . . . . . . . . 7 70 Appendix A. Change history . . . . . . . . . . . . . . . . . . . 7 71 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 73 1. Introduction 75 [RFC7554] describes the use of the time-slotted channel hopping 76 (TSCH) mode of [ieee802154]. As further details in [RFC8180], an 77 Enhanced Beacon is transmitted during a slot designated a broadcast 78 slot. 80 EDNOTE: Explain why broadcasts are rare, and why we need them. What 81 the Enhanced Beacon is, and what Information Elements are, and how 82 the IETF has a subtype for that area. Explain what kind of things 83 could be placed in Information Elements, how big they could be, and 84 how they could be compressed. 86 1.1. Terminology 88 In this document, the key words "MUST", "MUST NOT", "REQUIRED", 89 "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", 90 and "OPTIONAL" are to be interpreted as described in BCP 14, RFC 2119 91 [RFC2119] and indicate requirement levels for compliant STuPiD 92 implementations. 94 1.2. Layer-2 Synchronization 96 As explained in section 6 of [RFC8180], the Enhanced Beacon has a 97 number of purposes: synchronization of ASN and Join Metric, timeslot 98 template identifier, the channel hopping sequence identifier, TSCH 99 SlotFrame and Link IE. 101 The Enhanced Beacon (EB) is used by nodes already part of a TSCH 102 network to annouce its existance. Receiving an EB allows a Joining 103 Node (pledge) to learn about the network and synchronize to it. The 104 EB may also be used as a means for a node already part of the network 105 to re-synchronize [RFC7554]. 107 There are a limited number of timeslots designated as a broadcast 108 slot by each router. These slots are rare, and with 10ms slots, with 109 a slot-frame length of 100, there may be only 1 slot/s for the 110 beacon. 112 1.3. Layer-3 synchronization IPv6 Router solicitations and 113 advertisements 115 At layer 3, [RFC2461] defines a mechanism by which nodes learn about 116 routers by listening for multicasted Router Advertisements (RA). If 117 no RA is heard within a set time, then a Router Solicitation (RS) may 118 be multicast, to which an RA will be received, usually unicast. 120 Although [RFC6775] reduces the amount of multicast necessary to do 121 address resolution via Neighbor Solicitation messages, it still 122 requires multicast of either RAs or RS. This is an expensive 123 operation for two reasons: there are few multicast timeslots for 124 unsolicited RAs; if a pledge node does not hear an RA, and decides to 125 send a RS (consuming a broadcast aloha slot with unencrypted 126 traffic), many unicast RS may be sent in response. 128 This is a particularly acute issue for the join process for the 129 following reasons: 131 1. use of a multicast slot by even a non-malicious unauthenticated 132 node for a Router Solicitation may overwhelm that time slot. 134 2. it may require many seconds of on-time before a new pledge hears 135 a Router Soliciation that it can use. 137 3. a new pledge may listen to many Enhanced Beacons before it can 138 pick an appropriate network and/or closest Join Assistant to 139 attach to. If it must listen for a RS as well as find the 140 Enhanced Beacon, then the process may take a very long time. 142 2. Protocol Definition 144 [RFC8137] creates a registry for new IETF IE subtypes. This document 145 allocates a new subtype TBD-XXX. 147 This document documents a new IE subtype structure is as follows. As 148 explained in [RFC8137] the length of the Sub-Type Content can be 149 calculated from the container, so no length information is necessary. 151 1 2 3 152 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 154 | TBD-XXX |R|P| res | proxy prio | rank priority | 155 +-+-+-+-+-+-+-+-+-+-------------+-------------+-----------------+ 156 | pan priority | | 157 +---------------+ + 158 | Join Proxy lower-64 | 159 + (present if P=1) + 160 | | 161 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 162 | | | 163 +-+-+-+-+-+-+-+-+ + 164 | network ID | 165 + variable length, up to 16 bytes + 166 ~ ~ 167 + + 168 | | 169 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 170 | | 171 +-+-+-+-+-+-+-+-+ 173 proxy priority the proxy prority value contains a number from 0 to 174 0x7f. Lower numbers are considered to be a higher preference. A 175 priority of 0x7f indicates that the announcer should never be 176 considered as a viable enrollment proxy. Lower value indicates 177 willing to act as a Join Proxy as described in 178 [I-D.ietf-6tisch-minimal-security]. Only unenrolled pledges look 179 at this value. 181 pan priority the pan priority is a value set by the DODAG root to 182 indicate the relative priority of this LLN compared to those with 183 different PANIDs. This value may be used as part of the 184 enrollment priority, but typically is used by devices which have 185 already enrolled, and need to determine which PAN to pick. 186 Unenrolled pledges MAY consider this value when selecting a PAN to 187 join. Enrolled devices MAY consider this value when looking for 188 an eligible parent device. 190 rank priority the rank "priority" is set by the 6LR which sent the 191 beacon and is an indication of how willing this 6LR is to serve as 192 an RPL parent within a particular network ID. This is a local 193 value to be determined in other work. It might be calculated from 194 RPL rank, and it may include some modifications based upon current 195 number of children, or number of neighbor cache entries available. 196 This value MUST be ignored by pledges, it is for enrolled devices 197 only. 199 R the Router Advertisement flag is set if the sending node will act 200 as a Router for host-only nodes that need addressing via unicast 201 Router Solicitation messages. 203 P if the Proxy Address bit is set, then the lower 64-bits of the 204 Join Proxy's Link Layer address follows the network ID. If the 205 Proxy Address bit is not set, then the Link Layer address of the 206 Join Proxy is identical to the Layer-2 8-byte address used to 207 originate this enhanced beacon. In either case, the layer-2 208 address of any IPv6 traffic to the originator of this beacon may 209 use the layer-2 address which was used to originate the beacon. 211 join-proxy lower-64 if the P bit is set, then 64 bits (8 bytes) of 212 address are present. The Link Layer address of the Join Proxy is 213 fe80 (as for any Link Layer address), and the bits given in this 214 field. 216 network ID this is an variable length field, up to 16-bytes in size 217 that uniquely identifies this network, potentially among many 218 networks that are operating in the same frequencies in overlapping 219 physical space. The length of this field can be calculated as 220 being whatever is left in the Information Element. 222 In a 6tisch network, where RPL is used as the mesh routing protocol, 223 the network ID can be constructed from a SHA256 hash of the prefix 224 (/64) of the network. That is just a suggestion for a default value. 225 In some LLNs where multiple PANIDs may lead to the same management 226 device (the JRC), then a common value that is the same across all 227 PANs MUST be configured. 229 2.1. Protocol Example 231 Here will be three examples of processing. 233 3. Security Considerations 235 All of the contents of this Information Element are sent in the 236 clear. The containing Enhanced Beacon is not encrypted. 238 The Enhanced Beagon is authenticated at the layer-2 level using 239 802.15.4 mechanisms using the network-wide keying material. Nodes 240 which are enrolled will have the network-wide keying material and can 241 validate the beacon. 243 Pledges which have not yet enrolled are unable to authenticate the 244 beacons. 246 4. Privacy Considerations 248 The use of a network ID may reveal information about the network. 249 The use of a SHA256 hash of the DODAGID, rather than using the 250 DODAGID directly provides some cover the addresses used within the 251 network. The DODAGID is usually the IPv6 address of the root of the 252 RPL mesh. 254 An interloper with a radio sniffer would be able to use the network 255 ID to map out the extend of the mesh network. 257 5. IANA Considerations 259 Allocate a new number TBD-XXX from Registry IETF IE Sub-type ID. 260 This entry should be called 6tisch-Join-Info. 262 6. Acknowledgements 264 Thomas Watteyne provided extensive editorial comments on the 265 document. 267 7. References 269 7.1. Normative References 271 [I-D.ietf-6tisch-architecture] 272 Thubert, P., "An Architecture for IPv6 over the TSCH mode 273 of IEEE 802.15.4", draft-ietf-6tisch-architecture-13 (work 274 in progress), November 2017. 276 [I-D.ietf-6tisch-minimal-security] 277 Vucinic, M., Simon, J., Pister, K., and M. Richardson, 278 "Minimal Security Framework for 6TiSCH", draft-ietf- 279 6tisch-minimal-security-05 (work in progress), March 2018. 281 [ieee802154] 282 IEEE Standard, ., "802.15.4-2015 - IEEE Standard for Low- 283 Rate Wireless Personal Area Networks (WPANs)", 2015, 284 . 287 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 288 Requirement Levels", BCP 14, RFC 2119, 289 DOI 10.17487/RFC2119, March 1997, 290 . 292 [RFC2461] Narten, T., Nordmark, E., and W. Simpson, "Neighbor 293 Discovery for IP Version 6 (IPv6)", RFC 2461, 294 DOI 10.17487/RFC2461, December 1998, 295 . 297 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 298 Bormann, "Neighbor Discovery Optimization for IPv6 over 299 Low-Power Wireless Personal Area Networks (6LoWPANs)", 300 RFC 6775, DOI 10.17487/RFC6775, November 2012, 301 . 303 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using 304 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the 305 Internet of Things (IoT): Problem Statement", RFC 7554, 306 DOI 10.17487/RFC7554, May 2015, 307 . 309 [RFC8137] Kivinen, T. and P. Kinney, "IEEE 802.15.4 Information 310 Element for the IETF", RFC 8137, DOI 10.17487/RFC8137, May 311 2017, . 313 7.2. Informative References 315 [I-D.ietf-6tisch-dtsecurity-secure-join] 316 Richardson, M., "6tisch Secure Join protocol", draft-ietf- 317 6tisch-dtsecurity-secure-join-01 (work in progress), 318 February 2017. 320 [RFC8180] Vilajosana, X., Ed., Pister, K., and T. Watteyne, "Minimal 321 IPv6 over the TSCH Mode of IEEE 802.15.4e (6TiSCH) 322 Configuration", BCP 210, RFC 8180, DOI 10.17487/RFC8180, 323 May 2017, . 325 Appendix A. Change history 327 The rank priority was expanded to 2 bytes. 329 00: The extension was originally for the use of Pledges only during 330 the enrollment/join process. Additional information was desired for 331 nodes which have already enrolled in order to aid in the joining 332 (selecting of a parent) of an RPL DAG. The term "join" was realized 333 to be ambiguous, meaning different things to different groups, and so 334 the activity where the pledge finds a "Join Proxy" has been named 335 "enrollment" 337 -1: This is an evolution of an earlier proposal which provided for 338 storing an entire IPv6 Router Adverisement in an Informational 339 Element. It was deemed too general a solution, possibly subject to 340 mis-use. This proposal restricts the use to just the key pieces of 341 information required. 343 Authors' Addresses 345 Diego Dujovne (editor) 346 Universidad Diego Portales 347 Escuela de Informatica y Telecomunicaciones, Av. Ejercito 441 348 Santiago, Region Metropolitana 349 Chile 351 Phone: +56 (2) 676-8121 352 Email: diego.dujovne@mail.udp.cl 354 Michael Richardson 355 Sandelman Software Works 357 Email: mcr+ietf@sandelman.ca