Boeing Research & Technology

P.O. Box 3707 Seattle WA 98124 USA fltemplin@acm.org

I-D Internet-Draft Multihop local area networks such as mobile ad-hoc networks present an interesting challenge for IPv6 addressing due to the indeterminant neighborhood properties of their interfaces. IPv6 nodes must assign IPv6 addresses to their multihop interfaces that are unique within the local area network but must not be propagated to other networks. IPv6 nodes must therefore be able to assign self-generated addresses to their interfaces when there are no IPv6 Internetworking routers present that can coordinate topology-relative IPv6 addresses or prefixes. This document specifies a means for IPv6 nodes to generate and assign address types useful for multihop local area network communications.

When two or more IPv6 nodes come together within a Multihop Local Area Network (MLAN) operating region (e.g., during the formation of a Mobile Ad-hoc Network (MANET)), they must be able to assign unique addresses, discover multihop routes and exchange IPv6 packets with MLAN peers even if there is no Internetworking infrastructure present. MLANs include multiple links connecting IPv6 nodes that configure interfaces with undetermined connectivity using multihop traversal when necessary; these same principles may apply for both wireless and wired-line communications. The transitive property of connectivity for conventional shared links is therefore not assured, while IPv6 nodes must still be able to assign and use IPv6 addresses that are unique within the MLAN. This is true even for nodes that configure multiple interface connections to the same MLAN as a localized multihop forwarding domain with multiple links. By its nature, the term "MLAN" implies logical groupings whereas the historical term "site" suggested physical boundaries such as a building or a campus. In particular, MLANs can self-organize amorphously even if they overlap with other (logical) MLANs, split apart to form multiple smaller MLANs or join together to form larger MLANs. Clustering has been suggested as a means to organize these logical groupings, but MLAN ecosystems are often in a constant state of flux and likely to change over time. An address form that can be used by nodes that float freely between logical MLAN boundaries is therefore necessary. The term "MLAN" used throughout this document extends to include isolated localized IPv6 networks that may require multihop traversal of multiple links whether or not they are particularly mobile or ad hoc. For any isolated MLAN (i.e., one for which IPv6 Internetworking routers are either absent or only intermittently available), a localized IPv6 addressing scheme that allows MLAN nodes to communicate internally is necessary. Therefore, all IPv6 nodes that connect to local networks should be prepared to operate according to the MLAN addressing model when necessary. The MLAN multihop forwarding service appears at an architectural sublayer termed the "adaptation layer" below the IPv6 Internetworking layer but above the true link layer. Multihop forwarding in MLANs is therefore considered an adaptation layer service. Section 6 of the "IP Addressing Model in Ad Hoc Networks" states that: "an IP address configured on this (MANET) interface should be unique, at least within the routing domain" and: "no on-link subnet prefix is configured on this (MANET) interface". The section then continues to explain why IPv6 Link-Local Addresses (LLAs) are of limited utility on links with undetermined connectivity, to the point that they cannot be used exclusively within multihop forwarding domains. suggests that global (aka "GUA") and unique-local (aka "ULA") addresses are MANET addressing candidates. However, provisioning of unique GUAs and ULAs must be coordinated either through administrative actions or through an automated address delegation service coordinated by IPv6 Internetworking routers that connect the MLAN to other networks. Since such routers may not always be available, this document asserts that new forms of self-generated and unique MLAN local IPv6 addresses are needed. The key feature of these MLAN local IPv6 addresses is that they must be assured unique so that there is no chance of conflicting with an address assigned by another node. There is no requirement that the addresses include topologically-oriented prefixes, since the (newly-formed) MLAN may not (yet) connect to any other Internetworking topologies. MLAN nodes must be able to use local IPv6 addresses for continuous local communications and/or to coordinate topologically-oriented addresses for assignment on other interfaces. A new "MLAN local" scope for the IPv6 scoped addressing architecture with scope greater than link-local but lesser than global/unique-local unicast is therefore necessary. This document defines a new unique local unicast address space known as "MLAN-Local Addresses (MLAs)". MLAs use the formerly-deprecated IPv6 site-local prefix fec0::10 according to the address generation procedures specified herein. The document further discusses the utility of the Hierarchical Host Identity Tag (HHIT) specified in for local addressing purposes.

The IPv6 addressing architecture specified in , and defines the supported IPv6 unicast/multicast/anycast address forms with various scopes including link- and site-local. Unique-local and global unicast addresses are typically obtained through Stateless Address AutoConfiguration (SLAAC) and/or the Dynamic Host Configuration Protocol for IPv6 (DHCPv6) , but these services require the presence of IPv6 network infrastructure which may not be immediately available in spontaneously-formed MLANs. A new IPv6 address type known as the Hierarchical Host Identity Tag (HHIT) (aka DRIP Entity Tag (DET)) provides a well-structured address format with exceptional uniqueness properties. A portion of the address includes the node's self-generated Overlay Routable Cryptographic Hash IDentifier (ORCHID) while the remainder of the address includes a well-formed IPv6 prefix plus bits corresponding to an attestation service that supports address proof-of-ownership. Verification of the attestation aspect of the address requires access to network infrastructure, but this may not always be available. Hence, a fully self-generated MLA may be necessary in environments where an HHIT cannot be used. MLAN interfaces have the interesting property that a multihop router R will often need to forward packets between MLAN nodes A and B even though R uses the same interface in the inbound and outbound directions. Since nodes A and B may not be able to communicate directly even though both can communicate directly with R, the link connectivity property is intransitive and the IPv6 Neighbor Discovery (ND) Redirect service cannot be used. Conversely, R may need to forward packets between nodes A and B via different MLAN interfaces within a single MLAN that includes multiple distinct links/regions. Due to these indeterminant (multi-)link properties, exclusive use of IPv6 Link Local Addresses (LLAs) is also out of scope. This document therefore introduces the MLA as a fully self-generated IPv6 unicast address type that can be used either instead of or in addition to other IPv6 unicast address types. MLAs use the formerly-deprecated Site-Local IPv6 Address prefix fec0::10 according to the modified format shown in :

The node sets the first 10 bits of the MLA to the constant string '1111111011' then sets the 11th bit (i.e., the "(L)ocal" bit) to 1. The node next sets subnet ID to a 53 bit random value calculated the same as specified in Section 3.2.1 of for the Unique Local Address Global ID. The node finally generates and assigns a semantically opaque interface ID based on this self-generated prefix as specified in ; the resulting 128-bit MLA then has the proper format of an IPv6 address with a 64-bit "prefix" followed by a 64-bit interface identifier as required by the IPv6 addressing architecture. For example: fee7:6c29:de12:4b74:884e:9d2a:73fc:2d94 After a node creates an MLA, it can use the address within the context of spontaneously-organized local networks in which two or more nodes come together in the absence of stable supporting infrastructure and can still exchange IPv6 packets with little or no chance of address collisions. The use could be limited to bootstrapping the assignment of topologically correct IPv6 addresses through other means mentioned earlier, or it could extend to longer term usage patterns such as sustained communications with single-hop neighbors on a local link or even between multi-hop peers within an MLAN. Note: the above MLA generation procedures apply when the L bit is set to 1; MLA generation procedures for L=0 may be specified by future documents.

IPv6 MLAs and HHITS have no topological orientation and can therefore be assigned to any of a node's IPv6 interfaces with a /128 prefix length (i.e., as a singleton address). The node can then begin to use MLAs or HHITs as the source/destination addresses of IPv6 packets that are forwarded over the interface within an MLAN multihop forwarding region. The node can assign the same MLA or HHIT to multiple interfaces all members of the same MLAN, but must assign a different MLA or HHIT to the interfaces of each interface set connected to other MLANs. MLAs and HHITs may then serve as a basis for multihop forwarding over an IPv6 interface and/or for local neighborhood discovery over other IPv6 interface types. Due to their uniqueness properties, the node can assign an IPv6 MLA or HHIT to an interface without invoking pre-service Duplicate Address Detection (DAD), however it should deprecate an address if it detects in-service duplication.

Returning to a debate from more than 20 years ago, this document now proposes to reclaim the deprecated prefix "fec0::/10" for use as the MLA top-level prefix. documents the reasons for deprecation including the assertion that "Site is an Ill-Defined Concept". However, the concept of an MLAN is a logical one based on time-varying (multihop) connectivity and not necessarily one constrained by physical boundaries. For example, an IPv6 node may connect to multiple distinct MLANs with a first set of interfaces connected to MLAN "A", a second set of interfaces connected to MLAN "B", etc. According to the scoped IPv6 addressing architecture, the node would assign a separate MLA for each interface set A, B, etc. and maintain separate MLAN multihop routing protocol instances for each set. MLAs A, B, etc. then become the router IDs for the separate routing protocol instances, but the IPv6 node may elect to redistribute discovered MLA routes between the instances. The uniqueness properties of MLAs and HHITs therefore transcends logical MLAN boundaries but without "leaking" into external networks. The MLA prefix (formerly known as "Site-Local") has the distinct advantage that it is reserved and available for reclamation by a future standards track publication, for which this document qualifies. Upon publication as a standards track RFC, the RFC Editor is instructed to update , , and to reflect this new use for "fec0::/10".

IPv6 nodes assign MLAs and/or HHITs to their IPv6 interfaces for use only within the scope of their locally connected MLANs. MLAs and HHITs can appear in MLAN multihop routing protocol control messages and can also appear as the source and destination addresses for IPv6 packets forwarded within the locally connected MLANs. MLAs and HHITs cannot appear in the source or destination addresses for IPv6 packets forwarded beyond the locally connected MLANs, however, where an IPv6 Globally-Unique (GUA) and possibly also a companion Unique-Local (ULA) address is necessary. In order to support communications beyond the MLAN local scope, each IPv6 node is required to obtain an IPv6 GUA/ULA pair through an IPv6 Internetworking border router or proxy that connects the MLAN to other networks. Since the border router/proxy may be multiple adaptation layer hops away, however, the IPv6 node configures and engages an Overlay Multilink Network (OMNI) Interface as specified in . The IPv6 node assigns the GUA/ULA to the OMNI interface which forwards original packets by inserting an adaptation layer IPv6 encapsulation header that uses MLAs or HHITs as the source/destination addresses while the original packet uses GUAs/ULAs. The IPv6 Internetworking border router/proxy may be configured as an IPv6-to-IPv6 Network Prefix Translation (NPTv6) gateway that maintains a 1:1 relationship between the ULA on the "inside" and a GUA on the "outside" as discussed in . The NPTv6 gateway will then statelessly translate each ULA into its corresponding GUA (and vice versa) for IPv6 packets that transit between the inside and outside domains. The gateway provides service per the "ULA-Only" or "ULA+PA" connected network models. The IPv6 node can then use the ULA for local-scoped communications with internal peers and the GUA for global-scoped communications with external peers via the gateway as either a "NPTv6 translator" or "NPTv6 pass-through". IPv6 nodes can then select address pair combinations according to IPv6 default address selection rules . After receiving a ULA+PA GUA delegation, IPv6 nodes that require Provider-Independent (PI) GUAs can use the OMNI interface in conjunction with the Automatic Extended Route Optimization (AERO) global distributed mobility management service to request and maintain IPv6 and/or IPv4 PI prefixes from the mobility service. The IPv6 node can then sub-delegate GUAs from the PI prefixes to its attached downstream local networks which may in turn engage an arbitrarily large IPv6 and/or IPv4 "Internet of Things".

"Default Address Selection for Internet Protocol Version 6 (IPv6)" provides a policy table that specifies precedence values and preferred source prefixes for destination prefixes. "Preference for IPv6 ULAs over IPv4 addresses in RFC6724" updates the policy table entries for ULAs, IPv4 addresses and the 6to4 prefix (2002::/16). This document proposes a further update to the policy table for IPv6 MLAs (prefix fec0::/10) and HHITs (prefix 2001:30::/28). The proposed updates appear in the table below:

With the proposed updates, IPv6 HHITs now appear as a lesser precedence than IPv6 GUAs, IPv6 ULAs and IPv4 addresses but as a greater precedence than IPv6 MLAs. IPv6 MLAs now appear as a greater precedence than deprecated IPv6 prefixes but a lesser precedence than all other address types.

IPv6 nodes MAY assign self-generated IPv6 MLAs and/or HHITs to their interface connections to MLANs. If the node becomes aware that the address is already in use by another node, it instead generates and assigns a new MLA/HHIT. IPv6 multihop routers MAY forward IPv6 packets with MLA/HHIT source or destination addresses over multiple hops within the same MLAN as an adaptation layer function. IPv6 Internetworking routers MUST NOT forward packets with MLA/HHIT source or destination addresses to a link outside the packet's MLAN of origin. IPv6 Internetworking routers MUST NOT advertise the prefix fec0::/10 (or any IPv6 prefixes reserved for HHITs) in routing protocol exchanges with correspondents outside the MLAN. The default behavior of exterior routing protocol sessions between administrative routing regions must be to ignore receipt of and not advertise prefixes in the fee0::/11 block. At the present time, AAAA and PTR records for MLAs in the fee0::/11 block are not recommended to be installed in the global DNS.

In progress.

instructed IANA to mark the fec0::/10 prefix as "deprecated", and as such it does not appear in the IANA IPv6 Special-Purpose Address Registry. Upon publication, IANA is instructed to add the prefix fec0::/10 to the 'iana-ipv6-special-registry' registry with the name "MLAN-Local Unicast" and with RFC set to "[RFCXXXX]" (i.e., this document).

IPv6 MLAs include very large uniquely-assigned bit strings in both the prefix and interface identifier components which together provide strong uniqueness properties. With the random prefix generation procedures specified in and the semantically opaque interface identifier generation procedures specified in the only apparent opportunity for MLA duplication would be through either intentional or unintentional misconfiguration. A an IPv6 node that generates an MLA and assigns it to an interface should therefore be prepared to deprecate the MLA and generate/assign a new one if it detects a legitimate duplicate. Security considerations for HHITs are documented in .

This work was inspired by continued investigations into 5G MANET operations in cooperation with the Virginia Tech National Security Institute (VTNSI). Emerging discussions on the IPv6 maintenance (6man) mailing list continue to shape updated versions of this document. The author acknowledges all those whose useful comments have helped further the understanding of this proposal. Honoring life, liberty and the pursuit of happiness.

<< RFC Editor - remove prior to publication >> Differences from earlier versions: First draft publication.