6Lo P. Thubert, Ed.
Internet-Draft cisco
Intended status: Standards Track June 19, 2014
Expires: December 21, 2014

Requirements for an update to 6LoWPAN ND
draft-thubert-6lo-rfc6775-update-reqs-01

Abstract

Work presented at the 6TiSCH and 6MAN working groups suggest a number of enhancements to the 6LoWPAN ND mechanism. This document elaborates on such requirements.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on December 21, 2014.

Copyright Notice

Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.


Table of Contents

1. Introduction

A number of use cases, including the Industrial Internet, require a large scale deployment of sensors that can not be realized with wires and is only feasible over wireless Low power and Lossy Network (LLN) technologies. When simpler hub-and-spoke topologies are not sufficient for the expected throughput and density, mesh networks must be deployed, which implies the concepts of hosts and routers, whether operated at Layer-2 or Layer-3.

The IETF has designed the LLN host-to-router and router-to-router protocol that supports address assignment and the router-to-router protocol that supports reachability across Route-Over LLNs in different Areas. It was clear for both efforts that the scalability requirements could only be met with IPv6 [RFC2460], and there is no fundamental contradiction between those protocols to that regard.

While DHCPv6 is still a viable option in LLNs, the new IETF standard that supports address assignment specifically for LLNs is 6LoWPAN ND, the Neighbor Discovery Optimization for Low-power and Lossy Networks [RFC6775]. 6LoWPAN ND was designed as a stand-alone mechanism separately from its IETF routing counterpart, the IPv6 Routing Protocol for Low power and Lossy Networks [RFC6550] (RPL), and the interaction between the 2 protocols was not defined.

The 6TiSCH WG is now considering an architecture [I-D.ietf-6tisch-architecture] whereby a 6LowPAN ND host could connect to the Internet via a RPL Network, but this requires additions to the protocol to support mobility and reachability.

At the same time, new work at 6MAN on Efficiency aware IPv6 Neighbor Discovery Optimizations [I-D.chakrabarti-nordmark-6man-efficient-nd] suggests that 6LoWPAN ND can be extended to other types of networks on top of the Low power and Lossy Networks (LLNs) for which it was already defined. The value of such extension is especially apparent in the case of mobile wireless devices, to reduce the multicast operations that are related to classical ND ([RFC4861], [RFC4862]) and plague the wireless medium. In this context also, there is a need for additions to the protocol.

The"Optimistic Duplicate Address Detection" [RFC4429](ODAD) specification details how an address can be used before a Duplicate Address Detection (DAD) is complete, and insists that an address that is TENTATIVE should not be associated to a Source Link-Layer Address Option in a Neighbor Solicitation message. As we expect the 6LoWPAN ND protocol for a more general use, it can make sense to keep respecting that rule, which is another change to the specification.

This document proposes a limited evolution to [RFC6775] so as to allow operation of a 6LoWPAN ND node as a leaf to a RPL network, and enable a more generalized use of the formats therein outside of the strict LLN domain.

2. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

Readers are expected to be familiar with all the terms and concepts that are discussed in "Neighbor Discovery for IP version 6" [RFC4861], "IPv6 Stateless Address Autoconfiguration" [RFC4862], "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals" [RFC4919], Neighbor Discovery Optimization for Low-power and Lossy Networks [RFC6775] and "Transmission of IPv6 Packets over IEEE 802.15.4 Networks" [RFC4944].

Additionally, this document uses terminology from 6TiSCH [I-D.ietf-6tisch-terminology] and ROLL [I-D.ietf-roll-terminology].

3. Suggested operations

The 6TiSCH architecture expects that a 6LoWPAN device can connect as a leaf to a RPL network, where the leaf support is the minimal functionality to connect as a host to a RPL network without the need to participate to the full routing protocol. The support of leaf can be implemented as a minor increment to 6LoWPAN ND, with the additional capability to carry a sequence number that is used to track the movements of the device, and optionally some information about the RPL topology that this device will join.


            ---+------------------------
               |          Plant Network
               |
            +-----+
            |     | Gateway
            |     |
            +-----+
               |
               |    Backbone Link (with VLANs)
         +--------------------+------------------+
         |                    |                  |
      +-----+             +-----+             +-----+
      |     | Backbone    |     | Backbone    |     | Backbone
      |     | router      |     | router      |     | router
      +-----+             +-----+             +-----+
        | |                | | |                 |
        0 0                0 0 0         (6LBR == RPL root)        
     o o   o  o       o o   o  o  o         o  o  o  o o
    o  o o  o o       o   o  o  o  o     (6LR == RPL router)
    o   o  o  o          o    o  o             z
    o   o o               o  o                  z
           RPL Instances               (6LoWPAN Host == RPL leaf)  

Figure 1: 6TiSCH architecture

The scope of the 6TiSCH Architecture is a Backbone Link that federates multiple LLNs as a single IPv6 Multi-Link Subnet. Each LLN in the subnet is anchored at a Backbone Router (6BBR). The Backbone Routers interconnect the LLNs over the Backbone Link and emulate that the LLN nodes are present on the Backbone by proxy-ND operations. An LLN node can move freely from an LLN Route-Over mesh anchored at a Backbone Router to another anchored at same or a different Backbone Router inside the Multi-Link Subnet and conserve its addresses.


 6LoWPAN Node        6LR             6LBR            6BBR
  (RPL leaf)       (router)         (root)
      |               |               |               |
      |  6LoWPAN ND   |6LoWPAN ND+RPL | Efficient ND  | IPv6 ND
      |   LLN link    |Route-Over mesh|  IPv6 link    | Backbone
      |               |               |               |
      |  NS(ARO)      |               |               |
      |-------------->|               |               |
      | 6LoWPAN ND    | DAR (then DAO)|               |
      |               |-------------->|               | 
      |               |               |  NS(ARO)      |
      |               |               |-------------->|
      |               |               |               | DAD 
      |               |               |               |------>
      |               |               |               |
      |               |               |  NA(ARO)      |
      |               |               |<--------------|
      |               | DAC           |               |
      |               |<--------------|               |               |
      |  NA(ARO)      |               |               |
      |<--------------|               |               |               |

Figure 2: (Re-)Registration Flow over Multi-Link Subnet

The root of the RPL topology is logically separated from the 6BBR that is used to connect the RPL topology to the backbone. Efficient ND is a perfect interface for the RPL root to register the LLN node in its topology to the 6BBR for proxy operations. It results that the signalling would start at the leaf node with 6LoWPAN ND, then would be carried over RPL to the RPL root, and then with Efficient-ND to the 6BBR. Efficient ND being an adaptation of 6LoWPAN ND, it makes sense to keep those two homogeneous in the way they use the source and the target addresses in the Neighbor Solicitation (NS) messages for registration, as well as in the options that they use for that process.

As the network builds up, a node should start as a leaf to join the RPL network, and may later turn into a RPL router and eventually a 6LR as well, so as to accept leaf nodes to recursively join the network.

3.1. RPL Leaf Support in 6LoWPAN ND

RPL needs a set of information in order to advertise a leaf node through a DAO message and establish reachability.

At the bare minimum the leaf device must provide a sequence number that matches the RPL specification in section 7. [I-D.chakrabarti-nordmark-6man-efficient-nd] section "4.1. Address Registration Option" (ARO) already incorporates that addition with a new field in the option called the Transaction ID.

If for some reason the node is aware of RPL topologies, then providing the RPL InstanceID for the instances to which the node wishes to participate would be a welcome addition. In the absence of such information, the RPL router must infer the proper instanceID from external rules and policies.

On the backbone, the InstanceID is expected to be mapped onto a VLANID. Neither WiFi nor Efficient ND do provide a mapping to VLANIDs, and it is unclear, when a wireless node attaches to a backbone where VLANs are defined, which VLAN the wireless device attaches to. Considering that a VLAN is effectively the IP link on the backbone, adding the InstanceID to both specifications could be a welcome addition.

3.2. registration Failures Due to Movement

Registration to the 6LBR through DAR/DAC messages [RFC6775] may percolate slowly through an LLN mesh, and it might happen that in the meantime, the 6LoWPAN node moves and registers somewhere else. Both RPL and 6LoWPAN ND lack the capability to indicate that the same node is registered elsewhere, so as to invalidate states down the deprecated path.

In its current expression and functionality, 6LoWPAN ND considers that the registration is used for the purpose of DAD only as opposed to that of achieving reachability, and as long as the same node registers the IPv6 address, the protocol is functional. In order to act as a RPL leaf registration protocol and achieve reachability, the device must use the same TID for all its concurrent registrations, and registrations with a past TID should be declined. The state for an obsolete registration in the 6LR, as well as the RPL routers on the way, should be invalidated. This can only be achieved with the addition of a new Status in the DAC message, and a new error/clean-up flow in RPL.

3.3. Optimistic registration

In their current incarnations, both 6LoWPAN ND and Efficient ND expect that the address being registered is the source of the NS(ARO) message and thus impose that a Source Link-Layer Address (SLLA) option be present in the message. In the case of Efficient ND, this would cause the root of the RPL network to fake the source address of the packet when registering the leaf node to the 6BBR. .

In any case, as long as the DAD process is not complete for the address used as source of the packet, it is a bad practice to advertise the SLLA, since this may corrupt the ND cache of the destination node, as discussed in the Optimistic DAD specification [RFC4429] regarding the TENTATIVE state.

This may look like a chicken and an egg problem, but in fact 6LoWPAN ND acknowledges that the Link-Local Address that is based on an EUI-64 address of a LLN node may be autoconfigured without the need for DAD. It results that the node could use that address as source to register all the addresses that are expected to be reachable through RPL, meaning either Global or Unique-Local Addresses.

The suggested change is to register the target of the NS message, and use Target Link-Layer Address (TLLA) in the NS as opposed to the SLLA in order to install a Neighbor Cache Entry. This would apply to both Efficient ND and 6LoWPAN ND in a very same manner, with the caveat that depending on the nature of the link between the 6LBR and the 6BBR, the 6LBR may resort to classical ND or DHCPv6 to obtain the address that it uses to source the NS registration messages, whether for itself or on behalf of LLN nodes.

3.4. RPL root vs. 6LBR

6LoWPAN ND is unclear on how the 6LBR is discovered, and how the liveliness of the 6LBR is asserted over time. On the other hand, the discovery and liveliness of the RPL root are obtained through the RPL protocol.

When 6LoWPAN ND is coupled with RPL, it makes sense to collocate the 6LBR functionality and that of the RPL root. The DAR/DAC exchange becomes a preamble to the DAO messages that are used from then on to reconfirm the registration, thus eliminating a duplication of functionality between DAO and DAR messages.

4. Suggested Changes to Protocol Elements

4.1. ND Neighbor Solicitation (NS)

The NS message used for registration should use a source address that respects the rules in [RFC6775], [RFC4861], and [RFC4429] for DAD. The SLLA Option may be present but only if the address passed DAD, and it is used to allow the 6LR to respond as opposed to as a registration mechanism.

The address that is being registered is the target address in the NS message and the TLLA Option must be present.

4.2. ND Router Advertisement (RA)

[I-D.chakrabarti-nordmark-6man-efficient-nd] adds an 'E' bit in the Router Advertisement flag, as well as a new Registrar Address Option (RAO). These fields are probably pertinent to LLNs inclusion into a revised 6LoWPAN ND should be studied.

There is some amount of duplication between the options in the RPL DIO [RFC6550] and the options in the ND RA messages. At the same time, there are a number of options, including the 6LoWPAN Context Option (6CO) [RFC6775], the MTU and the SLLA Options [RFC4861] that can only be found in the RA messages. Considering that these options are useful for a joining node, the recommendation would be to associate the RA messages to the join beacon, and make them rare when the network is stable. On the other hand, the DIO message is to be used as the propagated heartbeat of the RPL network and provide the sense of time and liveliness.

RAs should also be issued and the information therein propagated when a change occurs in the information therein, such as a router or a prefix lifetime.

4.3. RPL DODAG Information Object (DIO)

If the RPL root serves as 6LBR, it makes sense to add at least a bit of information in the DIO to signal so. A Registrar Address Option (RAO) may also be considered for addition.

4.4. ND Enhanced Address Registration Option (EARO)


   0                   1                   2                   3
   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |     Length    |    Status     | RPLInstanceID |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Res|P|N| IDS |T|      TID      |     Registration Lifetime     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   ~         Unique Interface Identifier (variable length)         ~
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 

Figure 3: EARO

This option is designed to be used with standard NS and NA messages between backbone Routers as well as between nodes and 6LRs over the LLN and between the 6LBR and the 6BBR over whatever IP link they use to communicate.

The representation above is based on [I-D.chakrabarti-nordmark-6man-efficient-nd]. Only the proposed changes from that specification are discussed below but the expectation is that 6LoWPAN ND and Efficient ND converge on the ARO format.

Status:
8-bit integer. A new value of 3 is suggested to indicate a rejection due to an obsolete TID, typically an indication of a movement.
RPLInstanceID:
8-bit integer. This field is set to 0 when unused. Otherwise it contains the RPLInstanceID for which this address is registered, as specified in RPL [RFC6550], and discussed in particular in section 3.1.2.
P:
One bit flag. Indicates that the address is to be redistributed to obtain reachability, e.g. into the RPL protocol, or for ND proxy operation.
N:
One bit flag. Set if the device moved. If not set, the 6BBR will refrain from sending gratuitous NA(O) or other form of distributed ND cache clean-up over the backbone. For instance, the flag should be reset after the DAD operation upon address formation.

5. Security Considerations

This specification expects that the link layer is sufficiently protected, either by means of physical or IP security for the Backbone Link or MAC sublayer cryptography. In particular, it is expected that the LLN MAC provides secure unicast to/from the Backbone Router and secure broadcast from the Backbone Router in a way that prevents tempering with or replaying the RA messages.

The use of EUI-64 for forming the Interface ID in the link local address prevents the usage of Secure ND ([RFC3971] and [RFC3972]) and address privacy techniques. Considering the envisioned deployments and the MAC layer security applied, this is not considered an issue at this time. It is envisioned that the device could form a single CGA-based Unique Interface ID (CUID) to securely bind all of its addresses. The CUID would be used as Unique Interface Identifier in the ARO option and the Secure ND procedures would be changed to use it as opposed to the source IPv6 address.

6. IANA Considerations

A new type is requested for an ND option.

7. Acknowledgments

Samita, Erik, JP, Eric, Thomas, you will all recognize your influence in this work...

8. References

8.1. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, December 1998.
[RFC3775] Johnson, D., Perkins, C. and J. Arkko, "Mobility Support in IPv6", RFC 3775, June 2004.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006.
[RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) for IPv6", RFC 4429, April 2006.
[RFC4443] Conta, A., Deering, S. and M. Gupta, "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification", RFC 4443, March 2006.
[RFC4861] Narten, T., Nordmark, E., Simpson, W. and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, September 2007.
[RFC4862] Thomson, S., Narten, T. and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, September 2007.
[RFC4944] Montenegro, G., Kushalnagar, N., Hui, J. and D. Culler, "Transmission of IPv6 Packets over IEEE 802.15.4 Networks", RFC 4944, September 2007.
[RFC6282] Hui, J. and P. Thubert, "Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, September 2011.
[RFC6550] Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, JP. and R. Alexander, "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks", RFC 6550, March 2012.
[RFC6775] Shelby, Z., Chakrabarti, S., Nordmark, E. and C. Bormann, "Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs)", RFC 6775, November 2012.

8.2. Informative References

[I-D.chakrabarti-nordmark-6man-efficient-nd] Chakrabarti, S., Nordmark, E., Thubert, P. and M. Wasserman, "IPv6 Neighbor Discovery Optimizations for Wired and Wireless Networks", Internet-Draft draft-chakrabarti-nordmark-6man-efficient-nd-05, February 2014.
[I-D.ietf-6tisch-architecture] Thubert, P., Watteyne, T. and R. Assimiti, "An Architecture for IPv6 over the TSCH mode of IEEE 802.15.4e", Internet-Draft draft-ietf-6tisch-architecture-02, June 2014.
[I-D.ietf-6tisch-terminology] Palattella, M., Thubert, P., Watteyne, T. and Q. Wang, "Terminology in IPv6 over the TSCH mode of IEEE 802.15.4e", Internet-Draft draft-ietf-6tisch-terminology-01, February 2014.
[I-D.ietf-roll-terminology] Vasseur, J., "Terms used in Routing for Low power And Lossy Networks", Internet-Draft draft-ietf-roll-terminology-13, October 2013.
[RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A. and P. Thubert, "Network Mobility (NEMO) Basic Support Protocol", RFC 3963, January 2005.
[RFC3971] Arkko, J., Kempf, J., Zill, B. and P. Nikander, "SEcure Neighbor Discovery (SEND)", RFC 3971, March 2005.
[RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, March 2005.
[RFC4389] Thaler, D., Talwar, M. and C. Patel, "Neighbor Discovery Proxies (ND Proxy)", RFC 4389, April 2006.
[RFC4919] Kushalnagar, N., Montenegro, G. and C. Schumacher, "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals", RFC 4919, August 2007.

Author's Address

Pascal Thubert (editor) Cisco Systems, Inc Building D 45 Allee des Ormes - BP1200 MOUGINS - Sophia Antipolis, 06254 FRANCE Phone: +33 497 23 26 34 EMail: pthubert@cisco.com