Boeing Research & Technology

P.O. Box 3707 Seattle WA 98124 USA fltemplin@acm.org

I-D Internet-Draft Ad Hoc networks often present a challenging environment for IPv6 addressing due to the undetermined neighborhood properties of their interfaces. IPv6 nodes assign IPv6 addresses to their Ad Hoc networks that must be locally unique. IPv6 nodes must therefore be able to assign topology-independent addresses when topology-oriented IPv6 address delegation services are either absent or only intermittently available. This document introduces a new IPv6 address type that a node can autonomously assign for each of its Ad-Hoc networks.

When two or more IPv6 nodes come together within an Ad Hoc network operating region, they must be able to assign unique addresses and exchange IPv6 packets with peers even if there is no Internetworking infrastructure present. A classical example is a Mobile Ad-hoc Network (MANET) where wireless nodes within a common radio frequency locality discover multihop routes to support peer-to-peer communications. However, arbitrary collections of fixed nodes interconnected by a potentially sparse collection of links are also examples. See for further explanation of what is meant by an Ad Hoc network. Ad Hoc networks often include IPv6 nodes that configure interface connections to links with undetermined connectivity properties such that multihop traversal may be necessary to span the network. The transitive property of connectivity for conventional shared media links is therefore not assured, while nodes must still be able to configure IPv6 addresses that are unique within the local Ad Hoc network. This is true even for nodes that configure multiple interface connections to the same Ad Hoc network as a localized multihop forwarding domain with multiple links. By its nature, the term "Ad Hoc network" implies logical groupings whereas the historical term "site" suggested physical boundaries such as a building or a campus. In particular, Ad Hoc networks can self-organize amorphously even if they overlap with other (logical) networks, split apart to form multiple smaller networks or join together to form larger networks. Clustering has been suggested as a means to organize these logical groupings, but Ad Hoc network ecosystems are often in a constant state of flux and likely to change over time. An address type that can be used by nodes that float freely between logical Ad Hoc network boundaries is therefore necessary. The term "Ad Hoc" used throughout this document extends to include isolated local IPv6 networks where peer to peer communications may require multihop traversal of multiple links regardless of whether the network is particularly mobile and/or spontaneously organized. For any such isolated network (i.e., one for which IPv6 Internetworking routers are either absent or only intermittently available), a topology-independent IPv6 addressing scheme that allows peer nodes to communicate internally is necessary. Therefore, all nodes that connect to such isolated IPv6 networks should be prepared to operate according to this multilink Ad Hoc addressing model when necessary. Each node then coordinates multihop forwarding services at an IPv6-based architectural sublayer termed the "adaptation layer" below the Internetworking layer but above the true link layer. Section 6 of the "IP Addressing Model in Ad Hoc Networks" states that: "an IP address configured on this (Ad Hoc) interface should be unique, at least within the routing domain" and: "no on-link subnet prefix is configured on this (Ad Hoc) interface". The section then continues to explain why IPv6 Link-Local Addresses (LLAs) are of limited utility on links with undetermined connectivity, to the point that they cannot be used exclusively within Ad Hoc network domains. (Note that provides IANA allocations for MANET protocols as a complementary publication.) suggests Global Unicast (aka "GUA") and Unique-Local (aka "ULA") addresses as Ad Hoc network addressing candidates. However, GUAs and ULAs are topology-oriented address types that must be obtained through either administrative actions or an address autoconfiguration service based on IPv6 Internetworking routers that connect the Ad Hoc network to other networks. (In particular topology-oriented address types are typically obtained through DHCPv6 messages and/or Router Advertisement Prefix Information Options with prefix length shorter than 128.) Since such Internetworking services may not always be available, however, this document asserts that a topology-independent and unique Ad Hoc network local IPv6 address type is needed. The address type may include multiple sub-types, some of which may be coordinated with an address attestation service and others that may be partially or fully self-generated. The key feature of these Ad Hoc network adaptation layer IPv6 addresses is that they must have excellent statistical uniqueness properties such that there is little/no chance of conflicting with an address assigned by another node. The addresses need not include topology-oriented prefixes, since the (newly-formed) Ad Hoc networks may not (yet) connect to established Internetworking topologies. Ad Hoc network nodes must be able to use adaptation layer IPv6 addresses for continuous local communications and/or to coordinate topology-oriented addresses for assignment on other interfaces. A new "Multilink Local" scope for the IPv6 scoped addressing architecture with scope greater than LLA but lesser than ULA/GUA is therefore needed. This document therefore defines a new unique local unicast address variant known as "Multilink Local Addresses (MLAs)".

The IPv6 addressing architecture specified in , and defines the supported IPv6 unicast/multicast/anycast address forms with various scopes. ULAs and GUAs are typically obtained through Stateless Address AutoConfiguration (SLAAC) and/or the Dynamic Host Configuration Protocol for IPv6 (DHCPv6) , but these services require the presence of IPv6 network infrastructure which may not be immediately available in spontaneously-formed Ad Hoc networks. Interface connections to Ad Hoc networks have the interesting property that a multihop router R will often need to forward packets between nodes A and B even though R uses the same interface in the inbound and outbound directions. Since nodes A and B may not be able to communicate directly even though both can communicate directly with R, the transitive property for link connectivity does not apply and the IPv6 Neighbor Discovery (ND) Redirect service cannot be used. Conversely, R may need to forward packets between nodes A and B via different interfaces within a single Ad Hoc network that includes multiple distinct links/regions. Due to these indeterminant multilink properties, exclusive use of IPv6 LLAs is also out of scope. This document therefore introduces a new IPv6 MLA address type based on one or more well-formed IPv6 prefixes "TBD::/N" (see IANA Considerations). After a node creates an MLA, it can use the address within the context of spontaneously-organized Ad Hoc networks in which two or more nodes come together in the absence of stable supporting infrastructure and can still exchange IPv6 packets with little or no chance of address collisions. The node can limit MLA usage to bootstrapping the assignment of topology-oriented IPv6 addresses through other means mentioned earlier. The node can instead extend its MLA usage to longer term patterns such as sustained communications with single-hop neighbors on a local link or even between Ad Hoc network multihop peers.

IPv6 MLAs are topology-independent and can therefore be assigned to a virtual interface of the node with a /128 prefix length (i.e., as a singleton address). The node can then begin to use an MLA as the source/destination address of IPv6 packets that are forwarded over an interface connection to an Ad Hoc network multihop forwarding region. A node can specifically assign an MLA to a loopback interface to support the operation of an Ad Hoc network routing protocol while also assigning the MLA to an Overlay Multilink Network (OMNI) Interface . In that case, MLAs based on a global unicast (or special-use) IPv6 prefix can support extended communications with remote peers over the OMNI link overlay network. MLAs may then serve as a basis for multihop forwarding and/or for local neighborhood discovery over other IPv6 interface types. Due to their uniqueness properties, the node can assign MLAs as optimistic addresses per , however it should take actions to deconflict if it detects in-service duplication.

Returning to a debate from more than 20 years ago, a case could be made for reclaiming the deprecated site-local address prefix "fec0::/10" for use as a top-level MLA prefix. However, some implementations still honor the deprecation and continue to regard the prefix as a non-functional historical artifact. documents the deprecation rationale including the assertion that "Site is an Ill-Defined Concept". However, the concept of an Ad Hoc network is a coherent logical one based on time-varying (multilink) connectivity and not necessarily one constrained by physical boundaries. Especially in Ad Hoc networks that employ a proactive local routing protocol the list of available adaptation layer addresses in each network is continuously updated for temporal consistency. For example, an IPv6 node may connect to multiple distinct Ad Hoc networks with a first set of interfaces connected to network "A", a second set of interfaces connected to network "B", etc. According to the scoped IPv6 addressing architecture , the node would assign a separate MLA to virtual interfaces associated with each Ad Hoc network interface set A, B, etc. and maintain separate Ad Hoc network multihop routing protocol instances for each set. MLAs A, B, etc. then become the router IDs for the separate routing protocol instances, but the IPv6 node may elect to redistribute discovered adaptation layer routes between the instances. The uniqueness properties of MLAs therefore transcend logical Ad Hoc network boundaries but without "leaking" into external networks. A means for entering Ad Hoc network local IPv6 Zone Identifiers in user interfaces is necessary according to . Examples of an Ad Hoc network local unicast address qualified by a zone identifier are as follows: TBD::884e:9d2a:73fc:2d94%netA TBD::c63d:9724:fca:1237%netB This document updates the IPv6 scoped addressing architecture by introducing a "Multilink-Local" unicast addressing scope. In particular, this document adds a third unicast address scope to Section 4 of as follows: Multilink-Local scope, for uniquely identifying a node's attached Ad Hoc networks. The size relationship among scopes is further updated as: For unicast scopes, link-local is a smaller scope than Multilink-Local, which is a smaller scope than global. In , Section 5 under: "Zones of the different scopes are instantiated as follows", add the new bullet: Each Ad Hoc network and the interfaces attached to that Ad Hoc network comprise a single zone of Multilink-Local scope (for unicast).

This document updates to add a new address type "Multilink-Local" to the list of IPv6 address types found in Section 1 as: For IPv6, these addresses may be global [RFC3587], Unique-Local [RFC4193], Multilink-Local [RFCXXXX] or Link-Local [RFC4291].

IPv6 nodes assign MLAs to an IPv6 virtual interface for use only within the scope of locally connected networks. These MLAs can appear in Ad Hoc network multihop routing protocol control messages and can also appear as the source and destination addresses for IPv6 packets forwarded within the locally connected Ad Hoc networks. In order to support communications beyond the Ad Hoc local scope, each IPv6 node is required to obtain an IPv6 ULA/GUA pair through an IPv6 Internetworking border router or proxy that connects the Ad Hoc network to other networks. Since the border router/proxy may be multiple adaptation layer hops away, however, the IPv6 node configures and engages an OMNI Interface as specified in . The IPv6 node assigns the ULA/GUA to the OMNI interface which forwards original packets by inserting an adaptation layer IPv6 encapsulation header that uses MLAs as source/destination addresses while the original packet uses GUAs/ULAs. The IPv6 Internetworking border router/proxy may be configured as an IPv6-to-IPv6 Network Prefix Translation (NPTv6) gateway that maintains a 1:1 relationship between the ULA on the "inside" and a GUA on the "outside" as discussed in . The NPTv6 gateway will then statelessly translate each ULA into its corresponding GUA (and vice versa) for IPv6 packets that transit between the inside and outside domains. The gateway provides service per the "ULA-Only" or "ULA+PA" connected network models. The IPv6 node can then use the ULA for local-scoped communications with internal peers and the GUA for global-scoped communications with external peers via the gateway as either a "NPTv6 translator" or "NPTv6 pass-through". IPv6 nodes can then select address pair combinations according to IPv6 default address selection rules . After receiving a ULA+PA GUA delegation, IPv6 nodes that require Provider-Independent (PI) GUAs can use the OMNI interface in conjunction with the Automatic Extended Route Optimization (AERO) global distributed mobility management service to request and maintain IPv6 and/or IPv4 PI prefixes from the mobility service. The IPv6 node can then sub-delegate GUAs from the PI prefixes to its attached downstream local networks which may in turn engage an arbitrarily large IPv6 and/or IPv4 "Internet of Things".

"Default Address Selection for Internet Protocol Version 6 (IPv6)" provides a policy table that specifies precedence values and preferred source prefixes for destination prefixes. "Preference for IPv6 ULAs over IPv4 addresses in RFC6724" updates the policy table entries for ULAs, IPv4 addresses and the 6to4 prefix (2002::/16). This document proposes a further update to the policy table for IPv6 MLAs. The proposed update appears in the table below:

With the proposed updates, this new MLA address type appears as a lesser precedence than IPv6 GUAs, IPv6 ULAs and IPv4 addresses but as a greater precedence than deprecated IPv6 prefixes.

IPv6 nodes MUST assign unique MLAs to an IPv6 virtual interface associated with each distinct Ad Hoc network. If the node becomes aware that an MLA is already in use by another node, it instead generates and assigns a new MLA. IPv6 routers MAY forward IPv6 packets with MLA source or destination addresses over multiple hops within the same Ad Hoc network as an adaptation layer function. IPv6 routers MUST NOT forward packets with MLA source or destination addresses to a link outside the packet's Ad Hoc network of origin as an adaptation layer service. IPv6 nodes MAY assign MLAs to the OMNI interface allowing routers to forward original packets with MLA addresses at the IPv6 layer. In that case, the MLAs appear as /128 routes in the OMNI link IPv6 routing service.

In progress.

IANA considerations will be updated with specific requirements for MLA delegations prior to publication.

IPv6 MLAs include very large uniquely-assigned bit strings in both the prefix and interface identifier components which together provide strong uniqueness properties. With the random generation procedures expected for the various MLA types, the only apparent opportunity for MLA duplication would be through either intentional or unintentional misconfiguration. Certain MLA types may have cryptographically generated portions tied to the node's public key while other portions of the address identify a remote attestation service where address proof-of-ownership can be verified. This stands in contrast to fully self-generated MLAs that rely on purely statistical uniqueness properties. An IPv6 node that configures an MLA and assigns it to a virtual interface with an optimistic expectation of uniqueness should therefore be prepared to deconflict with peer nodes if it detects a legitimate duplication.

This work was inspired by continued investigations into 5G MANET operations in cooperation with the Virginia Tech National Security Institute (VTNSI). Emerging discussions both in-person and on the IPv6 maintenance (6man) and MANET mailing lists continue to shape updated versions of this document. The author acknowledges all those whose useful comments have helped further the understanding of this proposal. Honoring life, liberty and the pursuit of happiness.

<< RFC Editor - remove prior to publication >> Differences from earlier versions: Stress address deconfliction instead of deprecation when address duplication is detected. Security considerations for MLA types that support remote attestation. Discussion of site as an ill-defined concept in contrast to "Multilink Local Scope". Change reference to RFC6296. Added more explanation about Ad Hoc Networks. MLAs now assigned only to a virtual interface associated with the Ad-Hoc network and not the physical interfaces themselves. Added specifics of how this document updates other RFCs.