summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc6550.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc6550.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc6550.txt')
-rw-r--r--doc/rfc/rfc6550.txt8795
1 files changed, 8795 insertions, 0 deletions
diff --git a/doc/rfc/rfc6550.txt b/doc/rfc/rfc6550.txt
new file mode 100644
index 0000000..aadf889
--- /dev/null
+++ b/doc/rfc/rfc6550.txt
@@ -0,0 +1,8795 @@
+
+
+
+
+
+
+Internet Engineering Task Force (IETF) T. Winter, Ed.
+Request for Comments: 6550
+Category: Standards Track P. Thubert, Ed.
+ISSN: 2070-1721 Cisco Systems
+ A. Brandt
+ Sigma Designs
+ J. Hui
+ Arch Rock Corporation
+ R. Kelsey
+ Ember Corporation
+ P. Levis
+ Stanford University
+ K. Pister
+ Dust Networks
+ R. Struik
+ Struik Security Consultancy
+ JP. Vasseur
+ Cisco Systems
+ R. Alexander
+ Cooper Power Systems
+ March 2012
+
+
+ RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks
+
+Abstract
+
+ Low-Power and Lossy Networks (LLNs) are a class of network in which
+ both the routers and their interconnect are constrained. LLN routers
+ typically operate with constraints on processing power, memory, and
+ energy (battery power). Their interconnects are characterized by
+ high loss rates, low data rates, and instability. LLNs are comprised
+ of anything from a few dozen to thousands of routers. Supported
+ traffic flows include point-to-point (between devices inside the
+ LLN), point-to-multipoint (from a central control point to a subset
+ of devices inside the LLN), and multipoint-to-point (from devices
+ inside the LLN towards a central control point). This document
+ specifies the IPv6 Routing Protocol for Low-Power and Lossy Networks
+ (RPL), which provides a mechanism whereby multipoint-to-point traffic
+ from devices inside the LLN towards a central control point as well
+ as point-to-multipoint traffic from the central control point to the
+ devices inside the LLN are supported. Support for point-to-point
+ traffic is also available.
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 1]
+
+RFC 6550 RPL March 2012
+
+
+Status of This Memo
+
+ This is an Internet Standards Track document.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Further information on
+ Internet Standards is available in Section 2 of RFC 5741.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ http://www.rfc-editor.org/info/rfc6550.
+
+Copyright Notice
+
+ Copyright (c) 2012 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 2]
+
+RFC 6550 RPL March 2012
+
+
+Table of Contents
+
+ 1. Introduction ....................................................8
+ 1.1. Design Principles ..........................................8
+ 1.2. Expectations of Link-Layer Type ...........................10
+ 2. Terminology ....................................................10
+ 3. Protocol Overview ..............................................13
+ 3.1. Topologies ................................................13
+ 3.1.1. Constructing Topologies ............................13
+ 3.1.2. RPL Identifiers ....................................14
+ 3.1.3. Instances, DODAGs, and DODAG Versions ..............14
+ 3.2. Upward Routes and DODAG Construction ......................16
+ 3.2.1. Objective Function (OF) ............................17
+ 3.2.2. DODAG Repair .......................................17
+ 3.2.3. Security ...........................................17
+ 3.2.4. Grounded and Floating DODAGs .......................18
+ 3.2.5. Local DODAGs .......................................18
+ 3.2.6. Administrative Preference ..........................18
+ 3.2.7. Data-Path Validation and Loop Detection ............18
+ 3.2.8. Distributed Algorithm Operation ....................19
+ 3.3. Downward Routes and Destination Advertisement .............19
+ 3.4. Local DODAGs Route Discovery ..............................20
+ 3.5. Rank Properties ...........................................20
+ 3.5.1. Rank Comparison (DAGRank()) ........................21
+ 3.5.2. Rank Relationships .................................22
+ 3.6. Routing Metrics and Constraints Used by RPL ...............23
+ 3.7. Loop Avoidance ............................................24
+ 3.7.1. Greediness and Instability .........................24
+ 3.7.2. DODAG Loops ........................................26
+ 3.7.3. DAO Loops ..........................................27
+ 4. Traffic Flows Supported by RPL .................................27
+ 4.1. Multipoint-to-Point Traffic ...............................27
+ 4.2. Point-to-Multipoint Traffic ...............................27
+ 4.3. Point-to-Point Traffic ....................................27
+ 5. RPL Instance ...................................................28
+ 5.1. RPL Instance ID ...........................................29
+ 6. ICMPv6 RPL Control Message .....................................30
+ 6.1. RPL Security Fields .......................................32
+ 6.2. DODAG Information Solicitation (DIS) ......................38
+ 6.2.1. Format of the DIS Base Object ......................38
+ 6.2.2. Secure DIS .........................................38
+ 6.2.3. DIS Options ........................................38
+ 6.3. DODAG Information Object (DIO) ............................38
+ 6.3.1. Format of the DIO Base Object ......................39
+ 6.3.2. Secure DIO .........................................41
+ 6.3.3. DIO Options ........................................41
+ 6.4. Destination Advertisement Object (DAO) ....................41
+ 6.4.1. Format of the DAO Base Object ......................42
+
+
+
+Winter, et al. Standards Track [Page 3]
+
+RFC 6550 RPL March 2012
+
+
+ 6.4.2. Secure DAO .........................................43
+ 6.4.3. DAO Options ........................................43
+ 6.5. Destination Advertisement Object Acknowledgement
+ (DAO-ACK) .................................................43
+ 6.5.1. Format of the DAO-ACK Base Object ..................44
+ 6.5.2. Secure DAO-ACK .....................................45
+ 6.5.3. DAO-ACK Options ....................................45
+ 6.6. Consistency Check (CC) ....................................45
+ 6.6.1. Format of the CC Base Object .......................46
+ 6.6.2. CC Options .........................................47
+ 6.7. RPL Control Message Options ...............................47
+ 6.7.1. RPL Control Message Option Generic Format ..........47
+ 6.7.2. Pad1 ...............................................48
+ 6.7.3. PadN ...............................................48
+ 6.7.4. DAG Metric Container ...............................49
+ 6.7.5. Route Information ..................................50
+ 6.7.6. DODAG Configuration ................................52
+ 6.7.7. RPL Target .........................................54
+ 6.7.8. Transit Information ................................55
+ 6.7.9. Solicited Information ..............................58
+ 6.7.10. Prefix Information ................................59
+ 6.7.11. RPL Target Descriptor .............................63
+ 7. Sequence Counters ..............................................63
+ 7.1. Sequence Counter Overview .................................63
+ 7.2. Sequence Counter Operation ................................64
+ 8. Upward Routes ..................................................66
+ 8.1. DIO Base Rules ............................................67
+ 8.2. Upward Route Discovery and Maintenance ....................67
+ 8.2.1. Neighbors and Parents within a DODAG Version .......67
+ 8.2.2. Neighbors and Parents across DODAG Versions ........68
+ 8.2.3. DIO Message Communication ..........................73
+ 8.3. DIO Transmission ..........................................74
+ 8.3.1. Trickle Parameters .................................75
+ 8.4. DODAG Selection ...........................................75
+ 8.5. Operation as a Leaf Node ..................................75
+ 8.6. Administrative Rank .......................................76
+ 9. Downward Routes ................................................77
+ 9.1. Destination Advertisement Parents .........................77
+ 9.2. Downward Route Discovery and Maintenance ..................78
+ 9.2.1. Maintenance of Path Sequence .......................79
+ 9.2.2. Generation of DAO Messages .........................79
+ 9.3. DAO Base Rules ............................................80
+ 9.4. Structure of DAO Messages .................................80
+ 9.5. DAO Transmission Scheduling ...............................83
+ 9.6. Triggering DAO Messages ...................................83
+ 9.7. Non-Storing Mode ..........................................84
+ 9.8. Storing Mode ..............................................85
+ 9.9. Path Control ..............................................86
+
+
+
+Winter, et al. Standards Track [Page 4]
+
+RFC 6550 RPL March 2012
+
+
+ 9.9.1. Path Control Example ...............................88
+ 9.10. Multicast Destination Advertisement Messages .............89
+ 10. Security Mechanisms ...........................................90
+ 10.1. Security Overview ........................................90
+ 10.2. Joining a Secure Network .................................91
+ 10.3. Installing Keys ..........................................92
+ 10.4. Consistency Checks .......................................93
+ 10.5. Counters .................................................93
+ 10.6. Transmission of Outgoing Packets .........................94
+ 10.7. Reception of Incoming Packets ............................95
+ 10.7.1. Timestamp Key Checks ..............................97
+ 10.8. Coverage of Integrity and Confidentiality ................97
+ 10.9. Cryptographic Mode of Operation ..........................98
+ 10.9.1. CCM Nonce .........................................98
+ 10.9.2. Signatures ........................................99
+ 11. Packet Forwarding and Loop Avoidance/Detection ................99
+ 11.1. Suggestions for Packet Forwarding ........................99
+ 11.2. Loop Avoidance and Detection ............................101
+ 11.2.1. Source Node Operation ............................102
+ 11.2.2. Router Operation .................................102
+ 12. Multicast Operation ..........................................104
+ 13. Maintenance of Routing Adjacency .............................105
+ 14. Guidelines for Objective Functions ...........................106
+ 14.1. Objective Function Behavior .............................106
+ 15. Suggestions for Interoperation with Neighbor Discovery .......108
+ 16. Summary of Requirements for Interoperable Implementations ....109
+ 16.1. Common Requirements .....................................109
+ 16.2. Operation as a RPL Leaf Node (Only) .....................110
+ 16.3. Operation as a RPL Router ...............................110
+ 16.3.1. Support for Upward Routes (Only) .................110
+ 16.3.2. Support for Upward Routes and Downward
+ Routes in Non-Storing ............................110
+ 16.3.3. Support for Upward Routes and Downward
+ Routes in Storing Mode ...........................111
+ 16.4. Items for Future Specification ..........................111
+ 17. RPL Constants and Variables ..................................112
+ 18. Manageability Considerations .................................113
+ 18.1. Introduction ............................................114
+ 18.2. Configuration Management ................................115
+ 18.2.1. Initialization Mode ..............................115
+ 18.2.2. DIO and DAO Base Message and Options
+ Configuration ....................................115
+ 18.2.3. Protocol Parameters to Be Configured on
+ Every Router in the LLN ..........................116
+ 18.2.4. Protocol Parameters to Be Configured on
+ Every Non-DODAG-Root .............................117
+ 18.2.5. Parameters to Be Configured on the DODAG Root ....117
+
+
+
+
+Winter, et al. Standards Track [Page 5]
+
+RFC 6550 RPL March 2012
+
+
+ 18.2.6. Configuration of RPL Parameters Related
+ to DAO-Based Mechanisms ..........................118
+ 18.2.7. Configuration of RPL Parameters Related
+ to Security Mechanisms ...........................119
+ 18.2.8. Default Values ...................................119
+ 18.3. Monitoring of RPL Operation .............................120
+ 18.3.1. Monitoring a DODAG Parameters ....................120
+ 18.3.2. Monitoring a DODAG Inconsistencies and
+ Loop Detection ...................................121
+ 18.4. Monitoring of the RPL Data Structures ...................121
+ 18.4.1. Candidate Neighbor Data Structure ................121
+ 18.4.2. Destination-Oriented Directed Acyclic
+ Graph (DODAG) Table ..............................122
+ 18.4.3. Routing Table and DAO Routing Entries ............122
+ 18.5. Fault Management ........................................123
+ 18.6. Policy ..................................................124
+ 18.7. Fault Isolation .........................................125
+ 18.8. Impact on Other Protocols ...............................125
+ 18.9. Performance Management ..................................126
+ 18.10. Diagnostics ............................................126
+ 19. Security Considerations ......................................126
+ 19.1. Overview ................................................126
+ 20. IANA Considerations ..........................................128
+ 20.1. RPL Control Message .....................................128
+ 20.2. New Registry for RPL Control Codes ......................128
+ 20.3. New Registry for the Mode of Operation (MOP) ............129
+ 20.4. RPL Control Message Option ..............................130
+ 20.5. Objective Code Point (OCP) Registry .....................131
+ 20.6. New Registry for the Security Section Algorithm .........131
+ 20.7. New Registry for the Security Section Flags .............132
+ 20.8. New Registry for Per-KIM Security Levels ................132
+ 20.9. New Registry for DODAG Informational
+ Solicitation (DIS) Flags ................................133
+ 20.10. New Registry for the DODAG Information Object
+ (DIO) Flags ............................................134
+ 20.11. New Registry for the Destination Advertisement
+ Object (DAO) Flags .....................................134
+ 20.12. New Registry for the Destination Advertisement
+ Object (DAO) Flags .....................................135
+ 20.13. New Registry for the Consistency Check (CC) Flags ......135
+ 20.14. New Registry for the DODAG Configuration Option Flags ..136
+ 20.15. New Registry for the RPL Target Option Flags ...........136
+ 20.16. New Registry for the Transit Information Option Flags ..137
+ 20.17. New Registry for the Solicited Information
+ Option Flags ...........................................137
+ 20.18. ICMPv6: Error in Source Routing Header .................138
+ 20.19. Link-Local Scope Multicast Address .....................138
+ 21. Acknowledgements .............................................138
+
+
+
+Winter, et al. Standards Track [Page 6]
+
+RFC 6550 RPL March 2012
+
+
+ 22. Contributors .................................................139
+ 23. References ...................................................139
+ 23.1. Normative References ....................................139
+ 23.2. Informative References ..................................140
+ Appendix A. Example Operation ....................................143
+ A.1. Example Operation in Storing Mode with Node-Owned
+ Prefixes .................................................143
+ A.1.1. DIO Messages and PIO ..............................144
+ A.1.2. DAO Messages ......................................145
+ A.1.3. Routing Information Base ..........................145
+ A.2. Example Operation in Storing Mode with Subnet-Wide
+ Prefix ...................................................146
+ A.2.1. DIO Messages and PIO ..............................147
+ A.2.2. DAO Messages ......................................148
+ A.2.3. Routing Information Base ..........................148
+ A.3. Example Operation in Non-Storing Mode with Node-Owned
+ Prefixes .................................................149
+ A.3.1. DIO Messages and PIO ..............................150
+ A.3.2. DAO Messages ......................................150
+ A.3.3. Routing Information Base ..........................151
+ A.4. Example Operation in Non-Storing Mode with
+ Subnet-Wide Prefix .......................................151
+ A.4.1. DIO Messages and PIO ..............................152
+ A.4.2. DAO Messages ......................................153
+ A.4.3. Routing Information Base ..........................153
+ A.5. Example with External Prefixes ...........................154
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 7]
+
+RFC 6550 RPL March 2012
+
+
+1. Introduction
+
+ Low-power and Lossy Networks (LLNs) consist largely of constrained
+ nodes (with limited processing power, memory, and sometimes energy
+ when they are battery operated or energy scavenging). These routers
+ are interconnected by lossy links, typically supporting only low data
+ rates, that are usually unstable with relatively low packet delivery
+ rates. Another characteristic of such networks is that the traffic
+ patterns are not simply point-to-point, but in many cases point-to-
+ multipoint or multipoint-to-point. Furthermore, such networks may
+ potentially comprise up to thousands of nodes. These characteristics
+ offer unique challenges to a routing solution: the IETF ROLL working
+ group has defined application-specific routing requirements for a
+ Low-power and Lossy Network (LLN) routing protocol, specified in
+ [RFC5867], [RFC5826], [RFC5673], and [RFC5548].
+
+ This document specifies the IPv6 Routing Protocol for LLNs (RPL).
+ Note that although RPL was specified according to the requirements
+ set forth in the aforementioned requirement documents, its use is in
+ no way limited to these applications.
+
+1.1. Design Principles
+
+ RPL was designed with the objective to meet the requirements spelled
+ out in [RFC5867], [RFC5826], [RFC5673], and [RFC5548].
+
+ A network may run multiple instances of RPL concurrently. Each such
+ instance may serve different and potentially antagonistic constraints
+ or performance criteria. This document defines how a single instance
+ operates.
+
+ In order to be useful in a wide range of LLN application domains, RPL
+ separates packet processing and forwarding from the routing
+ optimization objective. Examples of such objectives include
+ minimizing energy, minimizing latency, or satisfying constraints.
+ This document describes the mode of operation of RPL. Other
+ companion documents specify routing Objective Functions. A RPL
+ implementation, in support of a particular LLN application, will
+ include the necessary Objective Function(s) as required by the
+ application.
+
+ RPL operations require bidirectional links. In some LLN scenarios,
+ those links may exhibit asymmetric properties. It is required that
+ the reachability of a router be verified before the router can be
+ used as a parent. RPL expects an external mechanism to be triggered
+ during the parent selection phase in order to verify link properties
+ and neighbor reachability. Neighbor Unreachability Detection (NUD)
+ is such a mechanism, but alternates are possible, including
+
+
+
+Winter, et al. Standards Track [Page 8]
+
+RFC 6550 RPL March 2012
+
+
+ Bidirectional Forwarding Detection (BFD) [RFC5881] and hints from
+ lower layers via Layer 2 (L2) triggers like [RFC5184]. In a general
+ fashion, a detection mechanism that is reactive to traffic is favored
+ in order to minimize the cost of monitoring links that are not being
+ used.
+
+ RPL also expects an external mechanism to access and transport some
+ control information, referred to as the "RPL Packet Information", in
+ data packets. The RPL Packet Information is defined in Section 11.2
+ and enables the association of a data packet with a RPL Instance and
+ the validation of RPL routing states. The RPL option [RFC6553] is an
+ example of such mechanism. The mechanism is required for all packets
+ except when strict source routing is used (that is for packets going
+ Downward in Non-Storing mode as detailed further in Section 9), which
+ by nature prevents endless loops and alleviates the need for the RPL
+ Packet Information. Future companion specifications may propose
+ alternate ways to carry the RPL Packet Information in the IPv6
+ packets and may extend the RPL Packet Information to support
+ additional features.
+
+ RPL provides a mechanism to disseminate information over the
+ dynamically formed network topology. This dissemination enables
+ minimal configuration in the nodes, allowing nodes to operate mostly
+ autonomously. This mechanism uses Trickle [RFC6206] to optimize the
+ dissemination as described in Section 8.3.
+
+ In some applications, RPL assembles topologies of routers that own
+ independent prefixes. Those prefixes may or may not be aggregatable
+ depending on the origin of the routers. A prefix that is owned by a
+ router is advertised as on-link.
+
+ RPL also introduces the capability to bind a subnet together with a
+ common prefix and to route within that subnet. A source can inject
+ information about the subnet to be disseminated by RPL, and that
+ source is authoritative for that subnet. Because many LLN links have
+ non-transitive properties, a common prefix that RPL disseminates over
+ the subnet must not be advertised as on-link.
+
+ In particular, RPL may disseminate IPv6 Neighbor Discovery (ND)
+ information such as the [RFC4861] Prefix Information Option (PIO) and
+ the [RFC4191] Route Information Option (RIO). ND information that is
+ disseminated by RPL conserves all its original semantics for router
+ to host, with limited extensions for router to router, though it is
+ not to be confused with routing advertisements and it is never to be
+ directly redistributed in another routing protocol. A RPL node often
+ combines host and router behaviors. As a host, it will process the
+ options as specified in [RFC4191], [RFC4861], [RFC4862], and
+ [RFC6275]. As a router, the RPL node may advertise the information
+
+
+
+Winter, et al. Standards Track [Page 9]
+
+RFC 6550 RPL March 2012
+
+
+ from the options as required for the specific link, for instance, in
+ an ND Router Advertisement (RA) message, though the exact operation
+ is out of scope.
+
+ A set of companion documents to this specification will provide
+ further guidance in the form of applicability statements specifying a
+ set of operating points appropriate to the Building Automation, Home
+ Automation, Industrial, and Urban application scenarios.
+
+1.2. Expectations of Link-Layer Type
+
+ In compliance with the layered architecture of IP, RPL does not rely
+ on any particular features of a specific link-layer technology. RPL
+ is designed to be able to operate over a variety of different link
+ layers, including ones that are constrained, potentially lossy, or
+ typically utilized in conjunction with highly constrained host or
+ router devices, such as but not limited to, low-power wireless or PLC
+ (Power Line Communication) technologies.
+
+ Implementers may find [RFC3819] a useful reference when designing a
+ link-layer interface between RPL and a particular link-layer
+ technology.
+
+2. Terminology
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+ "OPTIONAL" in this document are to be interpreted as described in RFC
+ 2119 [RFC2119].
+
+ Additionally, this document uses terminology from [ROLL-TERMS], and
+ introduces the following terminology:
+
+ DAG: Directed Acyclic Graph. A directed graph having the property
+ that all edges are oriented in such a way that no cycles exist.
+ All edges are contained in paths oriented toward and
+ terminating at one or more root nodes.
+
+ DAG root: A DAG root is a node within the DAG that has no outgoing
+ edge. Because the graph is acyclic, by definition, all DAGs
+ must have at least one DAG root and all paths terminate at a
+ DAG root.
+
+ Destination-Oriented DAG (DODAG): A DAG rooted at a single
+ destination, i.e., at a single DAG root (the DODAG root) with
+ no outgoing edges.
+
+
+
+
+
+Winter, et al. Standards Track [Page 10]
+
+RFC 6550 RPL March 2012
+
+
+ DODAG root: A DODAG root is the DAG root of a DODAG. The DODAG root
+ may act as a border router for the DODAG; in particular, it may
+ aggregate routes in the DODAG and may redistribute DODAG routes
+ into other routing protocols.
+
+ Virtual DODAG root: A Virtual DODAG root is the result of two or more
+ RPL routers, for instance, 6LoWPAN Border Routers (6LBRs),
+ coordinating to synchronize DODAG state and act in concert as
+ if they are a single DODAG root (with multiple interfaces),
+ with respect to the LLN. The coordination most likely occurs
+ between powered devices over a reliable transit link, and the
+ details of that scheme are out of scope for this specification
+ (to be defined in future companion specifications).
+
+ Up: Up refers to the direction from leaf nodes towards DODAG roots,
+ following DODAG edges. This follows the common terminology
+ used in graphs and depth-first-search, where vertices further
+ from the root are "deeper" or "down" and vertices closer to the
+ root are "shallower" or "up".
+
+ Down: Down refers to the direction from DODAG roots towards leaf
+ nodes, in the reverse direction of DODAG edges. This follows
+ the common terminology used in graphs and depth-first-search,
+ where vertices further from the root are "deeper" or "down" and
+ vertices closer to the root are "shallower" or "up".
+
+ Rank: A node's Rank defines the node's individual position relative
+ to other nodes with respect to a DODAG root. Rank strictly
+ increases in the Down direction and strictly decreases in the
+ Up direction. The exact way Rank is computed depends on the
+ DAG's Objective Function (OF). The Rank may analogously track
+ a simple topological distance, may be calculated as a function
+ of link metrics, and may consider other properties such as
+ constraints.
+
+ Objective Function (OF): An OF defines how routing metrics,
+ optimization objectives, and related functions are used to
+ compute Rank. Furthermore, the OF dictates how parents in the
+ DODAG are selected and, thus, the DODAG formation.
+
+ Objective Code Point (OCP): An OCP is an identifier that indicates
+ which Objective Function the DODAG uses.
+
+ RPLInstanceID: A RPLInstanceID is a unique identifier within a
+ network. DODAGs with the same RPLInstanceID share the same
+ Objective Function.
+
+
+
+
+
+Winter, et al. Standards Track [Page 11]
+
+RFC 6550 RPL March 2012
+
+
+ RPL Instance: A RPL Instance is a set of one or more DODAGs that
+ share a RPLInstanceID. At most, a RPL node can belong to one
+ DODAG in a RPL Instance. Each RPL Instance operates
+ independently of other RPL Instances. This document describes
+ operation within a single RPL Instance.
+
+ DODAGID: A DODAGID is the identifier of a DODAG root. The DODAGID is
+ unique within the scope of a RPL Instance in the LLN. The
+ tuple (RPLInstanceID, DODAGID) uniquely identifies a DODAG.
+
+ DODAG Version: A DODAG Version is a specific iteration ("Version") of
+ a DODAG with a given DODAGID.
+
+ DODAGVersionNumber: A DODAGVersionNumber is a sequential counter that
+ is incremented by the root to form a new Version of a DODAG. A
+ DODAG Version is identified uniquely by the (RPLInstanceID,
+ DODAGID, DODAGVersionNumber) tuple.
+
+ Goal: The Goal is an application-specific goal that is defined
+ outside the scope of RPL. Any node that roots a DODAG will
+ need to know about this Goal to decide whether or not the Goal
+ can be satisfied. A typical Goal is to construct the DODAG
+ according to a specific Objective Function and to keep
+ connectivity to a set of hosts (e.g., to use an Objective
+ Function that minimizes a metric and is connected to a specific
+ database host to store the collected data).
+
+ Grounded: A DODAG is grounded when the DODAG root can satisfy the
+ Goal.
+
+ Floating: A DODAG is floating if it is not grounded. A floating
+ DODAG is not expected to have the properties required to
+ satisfy the goal. It may, however, provide connectivity to
+ other nodes within the DODAG.
+
+ DODAG parent: A parent of a node within a DODAG is one of the
+ immediate successors of the node on a path towards the DODAG
+ root. A DODAG parent's Rank is lower than the node's. (See
+ Section 3.5.1).
+
+ Sub-DODAG: The sub-DODAG of a node is the set of other nodes whose
+ paths to the DODAG root pass through that node. Nodes in the
+ sub-DODAG of a node have a greater Rank than that node. (See
+ Section 3.5.1).
+
+ Local DODAG: Local DODAGs contain one and only one root node, and
+ they allow that single root node to allocate and manage a RPL
+ Instance, identified by a local RPLInstanceID, without
+
+
+
+Winter, et al. Standards Track [Page 12]
+
+RFC 6550 RPL March 2012
+
+
+ coordination with other nodes. Typically, this is done in
+ order to optimize routes to a destination within the LLN. (See
+ Section 5).
+
+ Global DODAG: A Global DODAG uses a global RPLInstanceID that may be
+ coordinated among several other nodes. (See Section 5).
+
+ DIO: DODAG Information Object (see Section 6.3)
+
+ DAO: Destination Advertisement Object (see Section 6.4)
+
+ DIS: DODAG Information Solicitation (see Section 6.2)
+
+ CC: Consistency Check (see Section 6.6)
+
+ As they form networks, LLN devices often mix the roles of host and
+ router when compared to traditional IP networks. In this document,
+ "host" refers to an LLN device that can generate but does not forward
+ RPL traffic; "router" refers to an LLN device that can forward as
+ well as generate RPL traffic; and "node" refers to any RPL device,
+ either a host or a router.
+
+3. Protocol Overview
+
+ The aim of this section is to describe RPL in the spirit of
+ [RFC4101]. Protocol details can be found in further sections.
+
+3.1. Topologies
+
+ This section describes the basic RPL topologies that may be formed,
+ and the rules by which these are constructed, i.e., the rules
+ governing DODAG formation.
+
+3.1.1. Constructing Topologies
+
+ LLNs, such as Radio Networks, do not typically have predefined
+ topologies, for example, those imposed by point-to-point wires, so
+ RPL has to discover links and then select peers sparingly.
+
+ In many cases, because Layer 2 ranges overlap only partially, RPL
+ forms non-transitive / Non-Broadcast Multi-Access (NBMA) network
+ topologies upon which it computes routes.
+
+ RPL routes are optimized for traffic to or from one or more roots
+ that act as sinks for the topology. As a result, RPL organizes a
+ topology as a Directed Acyclic Graph (DAG) that is partitioned into
+
+
+
+
+
+Winter, et al. Standards Track [Page 13]
+
+RFC 6550 RPL March 2012
+
+
+ one or more Destination Oriented DAGs (DODAGs), one DODAG per sink.
+ If the DAG has multiple roots, then it is expected that the roots are
+ federated by a common backbone, such as a transit link.
+
+3.1.2. RPL Identifiers
+
+ RPL uses four values to identify and maintain a topology:
+
+ o The first is a RPLInstanceID. A RPLInstanceID identifies a set of
+ one or more Destination Oriented DAGs (DODAGs). A network may
+ have multiple RPLInstanceIDs, each of which defines an independent
+ set of DODAGs, which may be optimized for different Objective
+ Functions (OFs) and/or applications. The set of DODAGs identified
+ by a RPLInstanceID is called a RPL Instance. All DODAGs in the
+ same RPL Instance use the same OF.
+
+ o The second is a DODAGID. The scope of a DODAGID is a RPL
+ Instance. The combination of RPLInstanceID and DODAGID uniquely
+ identifies a single DODAG in the network. A RPL Instance may have
+ multiple DODAGs, each of which has an unique DODAGID.
+
+ o The third is a DODAGVersionNumber. The scope of a
+ DODAGVersionNumber is a DODAG. A DODAG is sometimes reconstructed
+ from the DODAG root, by incrementing the DODAGVersionNumber. The
+ combination of RPLInstanceID, DODAGID, and DODAGVersionNumber
+ uniquely identifies a DODAG Version.
+
+ o The fourth is Rank. The scope of Rank is a DODAG Version. Rank
+ establishes a partial order over a DODAG Version, defining
+ individual node positions with respect to the DODAG root.
+
+3.1.3. Instances, DODAGs, and DODAG Versions
+
+ A RPL Instance contains one or more DODAG roots. A RPL Instance may
+ provide routes to certain destination prefixes, reachable via the
+ DODAG roots or alternate paths within the DODAG. These roots may
+ operate independently, or they may coordinate over a network that is
+ not necessarily as constrained as an LLN.
+
+ A RPL Instance may comprise:
+
+ o a single DODAG with a single root
+
+ * For example, a DODAG optimized to minimize latency rooted at a
+ single centralized lighting controller in a Home Automation
+ application.
+
+
+
+
+
+Winter, et al. Standards Track [Page 14]
+
+RFC 6550 RPL March 2012
+
+
+ o multiple uncoordinated DODAGs with independent roots (differing
+ DODAGIDs)
+
+ * For example, multiple data collection points in an urban data
+ collection application that do not have suitable connectivity
+ to coordinate with each other or that use the formation of
+ multiple DODAGs as a means to dynamically and autonomously
+ partition the network.
+
+ o a single DODAG with a virtual root that coordinates LLN sinks
+ (with the same DODAGID) over a backbone network.
+
+ * For example, multiple border routers operating with a reliable
+ transit link, e.g., in support of an IPv6 Low-Power Wireless
+ Personal Area Network (6LoWPAN) application, that are capable
+ of acting as logically equivalent interfaces to the sink of the
+ same DODAG.
+
+ o a combination of the above as suited to some application scenario.
+
+ Each RPL packet is associated with a particular RPLInstanceID (see
+ Section 11.2) and, therefore, RPL Instance (Section 5). The
+ provisioning or automated discovery of a mapping between a
+ RPLInstanceID and a type or service of application traffic is out of
+ scope for this specification (to be defined in future companion
+ specifications).
+
+ Figure 1 depicts an example of a RPL Instance comprising three DODAGs
+ with DODAG roots R1, R2, and R3. Each of these DODAG roots
+ advertises the same RPLInstanceID. The lines depict connectivity
+ between parents and children.
+
+ Figure 2 depicts how a DODAGVersionNumber increment leads to a new
+ DODAG Version. This depiction illustrates a DODAGVersionNumber
+ increment that results in a different DODAG topology. Note that a
+ new DODAG Version does not always imply a different DODAG topology.
+ To accommodate certain topology changes requires a new DODAG Version,
+ as described later in this specification.
+
+ In the following examples, please note that tree-like structures are
+ depicted for simplicity, although the DODAG structure allows for each
+ node to have multiple parents when the connectivity supports it.
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 15]
+
+RFC 6550 RPL March 2012
+
+
+ +----------------------------------------------------------------+
+ | |
+ | +--------------+ |
+ | | | |
+ | | (R1) | (R2) (R3) |
+ | | / \ | /| \ / | \ |
+ | | / \ | / | \ / | \ |
+ | | (A) (B) | (C) | (D) ... (F) (G) (H) |
+ | | /|\ |\ | / | / |\ |\ | | |
+ | | : : : : : | : (E) : : : `: : |
+ | | | / \ |
+ | +--------------+ : : |
+ | DODAG |
+ | |
+ +----------------------------------------------------------------+
+ RPL Instance
+
+ Figure 1: RPL Instance
+
+ +----------------+ +----------------+
+ | | | |
+ | (R1) | | (R1) |
+ | / \ | | / |
+ | / \ | | / |
+ | (A) (B) | \ | (A) |
+ | /|\ / |\ | ------\ | /|\ |
+ | : : (C) : : | \ | : : (C) |
+ | | / | \ |
+ | | ------/ | \ |
+ | | / | (B) |
+ | | | |\ |
+ | | | : : |
+ | | | |
+ +----------------+ +----------------+
+ Version N Version N+1
+
+ Figure 2: DODAG Version
+
+3.2. Upward Routes and DODAG Construction
+
+ RPL provisions routes Up towards DODAG roots, forming a DODAG
+ optimized according to an Objective Function (OF). RPL nodes
+ construct and maintain these DODAGs through DODAG Information Object
+ (DIO) messages.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 16]
+
+RFC 6550 RPL March 2012
+
+
+3.2.1. Objective Function (OF)
+
+ The Objective Function (OF) defines how RPL nodes select and optimize
+ routes within a RPL Instance. The OF is identified by an Objective
+ Code Point (OCP) within the DIO Configuration option. An OF defines
+ how nodes translate one or more metrics and constraints, which are
+ themselves defined in [RFC6551], into a value called Rank, which
+ approximates the node's distance from a DODAG root. An OF also
+ defines how nodes select parents. Further details may be found in
+ Section 14, [RFC6551], [RFC6552], and related companion
+ specifications.
+
+3.2.2. DODAG Repair
+
+ A DODAG root institutes a global repair operation by incrementing the
+ DODAGVersionNumber. This initiates a new DODAG Version. Nodes in
+ the new DODAG Version can choose a new position whose Rank is not
+ constrained by their Rank within the old DODAG Version.
+
+ RPL also supports mechanisms that may be used for local repair within
+ the DODAG Version. The DIO message specifies the necessary
+ parameters as configured from and controlled by policy at the DODAG
+ root.
+
+3.2.3. Security
+
+ RPL supports message confidentiality and integrity. It is designed
+ such that link-layer mechanisms can be used when available and
+ appropriate; yet, in their absence, RPL can use its own mechanisms.
+ RPL has three basic security modes.
+
+ In the first, called "unsecured", RPL control messages are sent
+ without any additional security mechanisms. Unsecured mode does not
+ imply that the RPL network is unsecure: it could be using other
+ present security primitives (e.g., link-layer security) to meet
+ application security requirements.
+
+ In the second, called "preinstalled", nodes joining a RPL Instance
+ have preinstalled keys that enable them to process and generate
+ secured RPL messages.
+
+ The third mode is called "authenticated". In authenticated mode,
+ nodes have preinstalled keys as in preinstalled mode, but the
+ preinstalled key may only be used to join a RPL Instance as a leaf.
+ Joining an authenticated RPL Instance as a router requires obtaining
+ a key from an authentication authority. The process by which this
+ key is obtained is out of scope for this specification. Note that
+ this specification alone does not provide sufficient detail for a RPL
+
+
+
+Winter, et al. Standards Track [Page 17]
+
+RFC 6550 RPL March 2012
+
+
+ implementation to securely operate in authenticated mode. For a RPL
+ implementation to operate securely in authenticated mode, it is
+ necessary for a future companion specification to detail the
+ mechanisms by which a node obtains/requests the authentication
+ material (e.g., key, certificate) and to determine from where that
+ material should be obtained. See also Section 10.3.
+
+3.2.4. Grounded and Floating DODAGs
+
+ DODAGs can be grounded or floating: the DODAG root advertises which
+ is the case. A grounded DODAG offers connectivity to hosts that are
+ required for satisfying the application-defined goal. A floating
+ DODAG is not expected to satisfy the goal; in most cases, it only
+ provides routes to nodes within the DODAG. Floating DODAGs may be
+ used, for example, to preserve interconnectivity during repair.
+
+3.2.5. Local DODAGs
+
+ RPL nodes can optimize routes to a destination within an LLN by
+ forming a Local DODAG whose DODAG root is the desired destination.
+ Unlike global DAGs, which can consist of multiple DODAGs, local DAGs
+ have one and only one DODAG and therefore one DODAG root. Local
+ DODAGs can be constructed on demand.
+
+3.2.6. Administrative Preference
+
+ An implementation/deployment may specify that some DODAG roots should
+ be used over others through an administrative preference.
+ Administrative preference offers a way to control traffic and
+ engineer DODAG formation in order to better support application
+ requirements or needs.
+
+3.2.7. Data-Path Validation and Loop Detection
+
+ The low-power and lossy nature of LLNs motivates RPL's use of on-
+ demand loop detection using data packets. Because data traffic can
+ be infrequent, maintaining a routing topology that is constantly up
+ to date with the physical topology can waste energy. Typical LLNs
+ exhibit variations in physical connectivity that are transient and
+ innocuous to traffic, but that would be costly to track closely from
+ the control plane. Transient and infrequent changes in connectivity
+ need not be addressed by RPL until there is data to send. This
+ aspect of RPL's design draws from existing, highly used LLN protocols
+ as well as extensive experimental and deployment evidence on its
+ efficacy.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 18]
+
+RFC 6550 RPL March 2012
+
+
+ The RPL Packet Information that is transported with data packets
+ includes the Rank of the transmitter. An inconsistency between the
+ routing decision for a packet (Upward or Downward) and the Rank
+ relationship between the two nodes indicates a possible loop. On
+ receiving such a packet, a node institutes a local repair operation.
+
+ For example, if a node receives a packet flagged as moving in the
+ Upward direction, and if that packet records that the transmitter is
+ of a lower (lesser) Rank than the receiving node, then the receiving
+ node is able to conclude that the packet has not progressed in the
+ Upward direction and that the DODAG is inconsistent.
+
+3.2.8. Distributed Algorithm Operation
+
+ A high-level overview of the distributed algorithm, which constructs
+ the DODAG, is as follows:
+
+ o Some nodes are configured to be DODAG roots, with associated DODAG
+ configurations.
+
+ o Nodes advertise their presence, affiliation with a DODAG, routing
+ cost, and related metrics by sending link-local multicast DIO
+ messages to all-RPL-nodes.
+
+ o Nodes listen for DIOs and use their information to join a new
+ DODAG (thus, selecting DODAG parents), or to maintain an existing
+ DODAG, according to the specified Objective Function and Rank of
+ their neighbors.
+
+ o Nodes provision routing table entries, for the destinations
+ specified by the DIO message, via their DODAG parents in the DODAG
+ Version. Nodes that decide to join a DODAG can provision one or
+ more DODAG parents as the next hop for the default route and a
+ number of other external routes for the associated instance.
+
+3.3. Downward Routes and Destination Advertisement
+
+ RPL uses Destination Advertisement Object (DAO) messages to establish
+ Downward routes. DAO messages are an optional feature for
+ applications that require point-to-multipoint (P2MP) or point-to-
+ point (P2P) traffic. RPL supports two modes of Downward traffic:
+ Storing (fully stateful) or Non-Storing (fully source routed); see
+ Section 9. Any given RPL Instance is either storing or non-storing.
+ In both cases, P2P packets travel Up toward a DODAG root then Down to
+ the final destination (unless the destination is on the Upward
+ route). In the Non-Storing case, the packet will travel all the way
+ to a DODAG root before traveling Down. In the Storing case, the
+
+
+
+
+Winter, et al. Standards Track [Page 19]
+
+RFC 6550 RPL March 2012
+
+
+ packet may be directed Down towards the destination by a common
+ ancestor of the source and the destination prior to reaching a DODAG
+ root.
+
+ As of the writing of this specification, no implementation is
+ expected to support both Storing and Non-Storing modes of operation.
+ Most implementations are expected to support either no Downward
+ routes, Non-Storing mode only, or Storing mode only. Other modes of
+ operation, such as a hybrid mix of Storing and Non-Storing mode, are
+ out of scope for this specification and may be described in other
+ companion specifications.
+
+ This specification describes a basic mode of operation in support of
+ P2P traffic. Note that more optimized P2P solutions may be described
+ in companion specifications.
+
+3.4. Local DODAGs Route Discovery
+
+ Optionally, a RPL network can support on-demand discovery of DODAGs
+ to specific destinations within an LLN. Such Local DODAGs behave
+ slightly differently than Global DODAGs: they are uniquely defined by
+ the combination of DODAGID and RPLInstanceID. The RPLInstanceID
+ denotes whether a DODAG is a Local DODAG.
+
+3.5. Rank Properties
+
+ The Rank of a node is a scalar representation of the location of that
+ node within a DODAG Version. The Rank is used to avoid and detect
+ loops and, as such, must demonstrate certain properties. The exact
+ calculation of the Rank is left to the Objective Function. Even
+ though the specific computation of the Rank is left to the Objective
+ Function, the Rank must implement generic properties regardless of
+ the Objective Function.
+
+ In particular, the Rank of the nodes must monotonically decrease as
+ the DODAG Version is followed towards the DODAG destination. In that
+ regard, the Rank can be considered a scalar representation of the
+ location or radius of a node within a DODAG Version.
+
+ The details of how the Objective Function computes Rank are out of
+ scope for this specification, although that computation may depend,
+ for example, on parents, link metrics, node metrics, and the node
+ configuration and policies. See Section 14 for more information.
+
+ The Rank is not a path cost, although its value can be derived from
+ and influenced by path metrics. The Rank has properties of its own
+ that are not necessarily those of all metrics:
+
+
+
+
+Winter, et al. Standards Track [Page 20]
+
+RFC 6550 RPL March 2012
+
+
+ Type: The Rank is an abstract numeric value.
+
+ Function: The Rank is the expression of a relative position within a
+ DODAG Version with regard to neighbors, and it is not
+ necessarily a good indication or a proper expression of a
+ distance or a path cost to the root.
+
+ Stability: The stability of the Rank determines the stability of the
+ routing topology. Some dampening or filtering is RECOMMENDED
+ to keep the topology stable; thus, the Rank does not
+ necessarily change as fast as some link or node metrics would.
+ A new DODAG Version would be a good opportunity to reconcile
+ the discrepancies that might form over time between metrics and
+ Ranks within a DODAG Version.
+
+ Properties: The Rank is incremented in a strictly monotonic fashion,
+ and it can be used to validate a progression from or towards
+ the root. A metric, like bandwidth or jitter, does not
+ necessarily exhibit this property.
+
+ Abstract: The Rank does not have a physical unit, but rather a range
+ of increment per hop, where the assignment of each increment is
+ to be determined by the Objective Function.
+
+ The Rank value feeds into DODAG parent selection, according to the
+ RPL loop-avoidance strategy. Once a parent has been added, and a
+ Rank value for the node within the DODAG has been advertised, the
+ node's further options with regard to DODAG parent selection and
+ movement within the DODAG are restricted in favor of loop avoidance.
+
+3.5.1. Rank Comparison (DAGRank())
+
+ Rank may be thought of as a fixed-point number, where the position of
+ the radix point between the integer part and the fractional part is
+ determined by MinHopRankIncrease. MinHopRankIncrease is the minimum
+ increase in Rank between a node and any of its DODAG parents. A
+ DODAG root provisions MinHopRankIncrease. MinHopRankIncrease creates
+ a trade-off between hop cost precision and the maximum number of hops
+ a network can support. A very large MinHopRankIncrease, for example,
+ allows precise characterization of a given hop's effect on Rank but
+ cannot support many hops.
+
+ When an Objective Function computes Rank, the Objective Function
+ operates on the entire (i.e., 16-bit) Rank quantity. When Rank is
+ compared, e.g., for determination of parent relationships or loop
+ detection, the integer portion of the Rank is to be used. The
+
+
+
+
+
+Winter, et al. Standards Track [Page 21]
+
+RFC 6550 RPL March 2012
+
+
+ integer portion of the Rank is computed by the DAGRank() macro as
+ follows, where floor(x) is the function that evaluates to the
+ greatest integer less than or equal to x:
+
+ DAGRank(rank) = floor(rank/MinHopRankIncrease)
+
+ For example, if a 16-bit Rank quantity is decimal 27, and the
+ MinHopRankIncrease is decimal 16, then DAGRank(27) = floor(1.6875) =
+ 1. The integer part of the Rank is 1 and the fractional part is
+ 11/16.
+
+ Following the conventions in this document, using the macro
+ DAGRank(node) may be interpreted as DAGRank(node.rank), where
+ node.rank is the Rank value as maintained by the node.
+
+ A Node A has a Rank less than the Rank of a Node B if DAGRank(A) is
+ less than DAGRank(B).
+
+ A Node A has a Rank equal to the Rank of a Node B if DAGRank(A) is
+ equal to DAGRank(B).
+
+ A Node A has a Rank greater than the Rank of a Node B if DAGRank(A)
+ is greater than DAGRank(B).
+
+3.5.2. Rank Relationships
+
+ Rank computations maintain the following properties for any nodes M
+ and N that are neighbors in the LLN:
+
+ DAGRank(M) is less than DAGRank(N):
+
+ In this case, the position of M is closer to the DODAG root than
+ the position of N. Node M may safely be a DODAG parent for Node N
+ without risk of creating a loop. Further, for a Node N, all
+ parents in the DODAG parent set must be of a Rank less than
+ DAGRank(N). In other words, the Rank presented by a Node N MUST
+ be greater than that presented by any of its parents.
+
+ DAGRank(M) equals DAGRank(N):
+
+ In this case, the positions of M and N within the DODAG and with
+ respect to the DODAG root are similar or identical. Routing
+ through a node with equal Rank may cause a routing loop (i.e., if
+ that node chooses to route through a node with equal Rank as
+ well).
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 22]
+
+RFC 6550 RPL March 2012
+
+
+ DAGRank(M) is greater than DAGRank(N):
+
+ In this case, the position of M is farther from the DODAG root
+ than the position of N. Further, Node M may in fact be in the
+ sub-DODAG of Node N. If Node N selects Node M as DODAG parent,
+ there is a risk of creating a loop.
+
+ As an example, the Rank could be computed in such a way so as to
+ closely track ETX (expected transmission count, a fairly common
+ routing metric used in LLN and defined in [RFC6551]) when the metric
+ that an Objective Function minimizes is ETX, or latency, or in a more
+ complicated way as appropriate to the Objective Function being used
+ within the DODAG.
+
+3.6. Routing Metrics and Constraints Used by RPL
+
+ Routing metrics are used by routing protocols to compute shortest
+ paths. Interior Gateway Protocols (IGPs) such as IS-IS ([RFC5120])
+ and OSPF ([RFC4915]) use static link metrics. Such link metrics can
+ simply reflect the bandwidth or can also be computed according to a
+ polynomial function of several metrics defining different link
+ characteristics. Some routing protocols support more than one
+ metric: in the vast majority of the cases, one metric is used per
+ (sub-)topology. Less often, a second metric may be used as a
+ tiebreaker in the presence of Equal Cost Multiple Paths (ECMPs). The
+ optimization of multiple metrics is known as an NP-complete problem
+ and is sometimes supported by some centralized path computation
+ engine.
+
+ In contrast, LLNs do require the support of both static and dynamic
+ metrics. Furthermore, both link and node metrics are required. In
+ the case of RPL, it is virtually impossible to define one metric, or
+ even a composite metric, that will satisfy all use cases.
+
+ In addition, RPL supports constraint-based routing where constraints
+ may be applied to both link and nodes. If a link or a node does not
+ satisfy a required constraint, it is "pruned" from the candidate
+ neighbor set, thus leading to a constrained shortest path.
+
+ An Objective Function specifies the objectives used to compute the
+ (constrained) path. Furthermore, nodes are configured to support a
+ set of metrics and constraints and select their parents in the DODAG
+ according to the metrics and constraints advertised in the DIO
+ messages. Upstream and Downstream metrics may be merged or
+ advertised separately depending on the OF and the metrics. When they
+ are advertised separately, it may happen that the set of DIO parents
+
+
+
+
+
+Winter, et al. Standards Track [Page 23]
+
+RFC 6550 RPL March 2012
+
+
+ is different from the set of DAO parents (a DAO parent is a node to
+ which unicast DAO messages are sent). Yet, all are DODAG parents
+ with regard to the rules for Rank computation.
+
+ The Objective Function is decoupled from the routing metrics and
+ constraints used by RPL. Whereas the OF dictates rules such as DODAG
+ parent selection, load balancing, and so on, the set of metrics
+ and/or constraints used, and thus those that determine the preferred
+ path, are based on the information carried within the DAG container
+ option in DIO messages.
+
+ The set of supported link/node constraints and metrics is specified
+ in [RFC6551].
+
+ Example 1: Shortest path: path offering the shortest end-to-end
+ delay.
+
+ Example 2: Shortest Constrained path: the path that does not traverse
+ any battery-operated node and that optimizes the path
+ reliability.
+
+3.7. Loop Avoidance
+
+ RPL tries to avoid creating loops when undergoing topology changes
+ and includes Rank-based data-path validation mechanisms for detecting
+ loops when they do occur (see Section 11 for more details). In
+ practice, this means that RPL guarantees neither loop-free path
+ selection nor tight delay convergence times, but it can detect and
+ repair a loop as soon as it is used. RPL uses this loop detection to
+ ensure that packets make forward progress within the DODAG Version
+ and trigger repairs when necessary.
+
+3.7.1. Greediness and Instability
+
+ A node is greedy if it attempts to move deeper (increase Rank) in the
+ DODAG Version in order to increase the size of the parent set or
+ improve some other metric. Once a node has joined a DODAG Version,
+ RPL disallows certain behaviors, including greediness, in order to
+ prevent resulting instabilities in the DODAG Version.
+
+ Suppose a node is willing to receive and process a DIO message from a
+ node in its own sub-DODAG and, in general, a node deeper than itself.
+ In this case, a possibility exists that a feedback loop is created,
+ wherein two or more nodes continue to try and move in the DODAG
+ Version while attempting to optimize against each other. In some
+ cases, this will result in instability. It is for this reason that
+ RPL limits the cases where a node may process DIO messages from
+ deeper nodes to some form of local repair. This approach creates an
+
+
+
+Winter, et al. Standards Track [Page 24]
+
+RFC 6550 RPL March 2012
+
+
+ "event horizon", whereby a node cannot be influenced beyond some
+ limit into an instability by the action of nodes that may be in its
+ own sub-DODAG.
+
+3.7.1.1. Example: Greedy Parent Selection and Instability
+
+ (A) (A) (A)
+ |\ |\ |\
+ | `-----. | `-----. | `-----.
+ | \ | \ | \
+ (B) (C) (B) \ | (C)
+ \ | | /
+ `-----. | | .-----'
+ \| |/
+ (C) (B)
+
+ -1- -2- -3-
+
+ Figure 3: Greedy DODAG Parent Selection
+
+ Figure 3 depicts a DODAG in three different configurations. A usable
+ link between (B) and (C) exists in all three configurations. In
+ Figure 3-1, Node (A) is a DODAG parent for Nodes (B) and (C). In
+ Figure 3-2, Node (A) is a DODAG parent for Nodes (B) and (C), and
+ Node (B) is also a DODAG parent for Node (C). In Figure 3-3, Node
+ (A) is a DODAG parent for Nodes (B) and (C), and Node (C) is also a
+ DODAG parent for Node (B).
+
+ If a RPL node is too greedy, in that it attempts to optimize for an
+ additional number of parents beyond its most preferred parents, then
+ an instability can result. Consider the DODAG illustrated in
+ Figure 3-1. In this example, Nodes (B) and (C) may most prefer Node
+ (A) as a DODAG parent, but we will consider the case when they are
+ operating under the greedy condition that will try to optimize for
+ two parents.
+
+ o Let Figure 3-1 be the initial condition.
+
+ o Suppose Node (C) first is able to leave the DODAG and rejoin at a
+ lower Rank, taking both Nodes (A) and (B) as DODAG parents as
+ depicted in Figure 3-2. Now Node (C) is deeper than both Nodes
+ (A) and (B), and Node (C) is satisfied to have two DODAG parents.
+
+ o Suppose Node (B), in its greediness, is willing to receive and
+ process a DIO message from Node (C) (against the rules of RPL),
+ and then Node (B) leaves the DODAG and rejoins at a lower Rank,
+
+
+
+
+
+Winter, et al. Standards Track [Page 25]
+
+RFC 6550 RPL March 2012
+
+
+ taking both Nodes (A) and (C) as DODAG parents. Now Node (B) is
+ deeper than both Nodes (A) and (C) and is satisfied with two DAG
+ parents.
+
+ o Then, Node (C), because it is also greedy, will leave and rejoin
+ deeper, to again get two parents and have a lower Rank then both
+ of them.
+
+ o Next, Node (B) will again leave and rejoin deeper, to again get
+ two parents.
+
+ o Again, Node (C) leaves and rejoins deeper.
+
+ o The process will repeat, and the DODAG will oscillate between
+ Figure 3-2 and Figure 3-3 until the nodes count to infinity and
+ restart the cycle again.
+
+ o This cycle can be averted through mechanisms in RPL:
+
+ * Nodes (B) and (C) stay at a Rank sufficient to attach to their
+ most preferred parent (A) and don't go for any deeper (worse)
+ alternate parents (Nodes are not greedy).
+
+ * Nodes (B) and (C) do not process DIO messages from nodes deeper
+ than themselves (because such nodes are possibly in their own
+ sub-DODAGs).
+
+ These mechanisms are further described in Section 8.2.2.4.
+
+3.7.2. DODAG Loops
+
+ A DODAG loop may occur when a node detaches from the DODAG and
+ reattaches to a device in its prior sub-DODAG. In particular, this
+ may happen when DIO messages are missed. Strict use of the
+ DODAGVersionNumber can eliminate this type of loop, but this type of
+ loop may possibly be encountered when using some local repair
+ mechanisms.
+
+ For example, consider the local repair mechanism that allows a node
+ to detach from the DODAG, advertise a Rank of INFINITE_RANK (in order
+ to poison its routes / inform its sub-DODAG), and then reattach to
+ the DODAG. In some of these cases, the node may reattach to its own
+ prior-sub-DODAG, causing a DODAG loop, because the poisoning may fail
+ if the INFINITE_RANK advertisements are lost in the LLN environment.
+ (In this case, the Rank-based data-path validation mechanisms would
+ eventually detect and trigger correction of the loop).
+
+
+
+
+
+Winter, et al. Standards Track [Page 26]
+
+RFC 6550 RPL March 2012
+
+
+3.7.3. DAO Loops
+
+ A DAO loop may occur when the parent has a route installed upon
+ receiving and processing a DAO message from a child, but the child
+ has subsequently cleaned up the related DAO state. This loop happens
+ when a No-Path (a DAO message that invalidates a previously announced
+ prefix, see Section 6.4.3) was missed and persists until all state
+ has been cleaned up. RPL includes an optional mechanism to
+ acknowledge DAO messages, which may mitigate the impact of a single
+ DAO message being missed. RPL includes loop detection mechanisms
+ that mitigate the impact of DAO loops and trigger their repair. (See
+ Section 11.2.2.3.)
+
+4. Traffic Flows Supported by RPL
+
+ RPL supports three basic traffic flows: multipoint-to-point (MP2P),
+ point-to-multipoint (P2MP), and point-to-point (P2P).
+
+4.1. Multipoint-to-Point Traffic
+
+ Multipoint-to-point (MP2P) is a dominant traffic flow in many LLN
+ applications ([RFC5867], [RFC5826], [RFC5673], and [RFC5548]). The
+ destinations of MP2P flows are designated nodes that have some
+ application significance, such as providing connectivity to the
+ larger Internet or core private IP network. RPL supports MP2P
+ traffic by allowing MP2P destinations to be reached via DODAG roots.
+
+4.2. Point-to-Multipoint Traffic
+
+ Point-to-multipoint (P2MP) is a traffic pattern required by several
+ LLN applications ([RFC5867], [RFC5826], [RFC5673], and [RFC5548]).
+ RPL supports P2MP traffic by using a destination advertisement
+ mechanism that provisions Down routes toward destinations (prefixes,
+ addresses, or multicast groups), and away from roots. Destination
+ advertisements can update routing tables as the underlying DODAG
+ topology changes.
+
+4.3. Point-to-Point Traffic
+
+ RPL DODAGs provide a basic structure for point-to-point (P2P)
+ traffic. For a RPL network to support P2P traffic, a root must be
+ able to route packets to a destination. Nodes within the network may
+ also have routing tables to destinations. A packet flows towards a
+ root until it reaches an ancestor that has a known route to the
+ destination. As pointed out later in this document, in the most
+ constrained case (when nodes cannot store routes), that common
+ ancestor may be the DODAG root. In other cases, it may be a node
+ closer to both the source and destination.
+
+
+
+Winter, et al. Standards Track [Page 27]
+
+RFC 6550 RPL March 2012
+
+
+ RPL also supports the case where a P2P destination is a 'one-hop'
+ neighbor.
+
+ RPL neither specifies nor precludes additional mechanisms for
+ computing and installing potentially more optimal routes to support
+ arbitrary P2P traffic.
+
+5. RPL Instance
+
+ Within a given LLN, there may be multiple, logically independent RPL
+ Instances. A RPL node may belong to multiple RPL Instances, and it
+ may act as a router in some and as a leaf in others. This document
+ describes how a single instance behaves.
+
+ There are two types of RPL Instances: Local and Global. RPL divides
+ the RPLInstanceID space between Global and Local instances to allow
+ for both coordinated and unilateral allocation of RPLInstanceIDs.
+ Global RPL Instances are coordinated, have one or more DODAGs, and
+ are typically long-lived. Local RPL Instances are always a single
+ DODAG whose singular root owns the corresponding DODAGID and
+ allocates the local RPLInstanceID in a unilateral manner. Local RPL
+ Instances can be used, for example, for constructing DODAGs in
+ support of a future on-demand routing solution. The mode of
+ operation of Local RPL Instances is out of scope for this
+ specification and may be described in other companion specifications.
+
+ The definition and provisioning of RPL Instances are out of scope for
+ this specification. Guidelines may be application and implementation
+ specific, and they are expected to be elaborated in future companion
+ specifications. Those operations are expected to be such that data
+ packets coming from the outside of the RPL network can unambiguously
+ be associated to at least one RPL Instance and be safely routed over
+ any instance that would match the packet.
+
+ Control and data packets within RPL network are tagged to
+ unambiguously identify of which RPL Instance they are a part.
+
+ Every RPL control message has a RPLInstanceID field. Some RPL
+ control messages, when referring to a local RPLInstanceID as defined
+ below, may also include a DODAGID.
+
+ Data packets that flow within the RPL network expose the
+ RPLInstanceID as part of the RPL Packet Information that RPL
+ requires, as further described in Section 11.2. For data packets
+ coming from outside the RPL network, the ingress router determines
+ the RPLInstanceID and places it into the resulting packet that it
+ injects into the RPL network.
+
+
+
+
+Winter, et al. Standards Track [Page 28]
+
+RFC 6550 RPL March 2012
+
+
+5.1. RPL Instance ID
+
+ A global RPLInstanceID MUST be unique to the whole LLN. Mechanisms
+ for allocating and provisioning global RPLInstanceID are out of scope
+ for this specification. There can be up to 128 Global instance in
+ the whole network. Local instances are always used in conjunction
+ with a DODAGID (which is either given explicitly or implicitly in
+ some cases), and up 64 Local instances per DODAGID can be supported.
+ Local instances are allocated and managed by the node that owns the
+ DODAGID, without any explicit coordination with other nodes, as
+ further detailed below.
+
+ A global RPLInstanceID is encoded in a RPLInstanceID field as
+ follows:
+
+ 0 1 2 3 4 5 6 7
+ +-+-+-+-+-+-+-+-+
+ |0| ID | Global RPLInstanceID in 0..127
+ +-+-+-+-+-+-+-+-+
+
+ Figure 4: RPLInstanceID Field Format for Global Instances
+
+ A local RPLInstanceID is autoconfigured by the node that owns the
+ DODAGID and it MUST be unique for that DODAGID. The DODAGID used to
+ configure the local RPLInstanceID MUST be a reachable IPv6 address of
+ the node, and it MUST be used as an endpoint of all communications
+ within that Local instance.
+
+ A local RPLInstanceID is encoded in a RPLInstanceID field as follows:
+
+ 0 1 2 3 4 5 6 7
+ +-+-+-+-+-+-+-+-+
+ |1|D| ID | Local RPLInstanceID in 0..63
+ +-+-+-+-+-+-+-+-+
+
+ Figure 5: RPLInstanceID Field Format for Local Instances
+
+ The 'D' flag in a local RPLInstanceID is always set to 0 in RPL
+ control messages. It is used in data packets to indicate whether the
+ DODAGID is the source or the destination of the packet. If the 'D'
+ flag is set to 1, then the destination address of the IPv6 packet
+ MUST be the DODAGID. If the 'D' flag is cleared, then the source
+ address of the IPv6 packet MUST be the DODAGID.
+
+ For example, consider a Node A that is the DODAG root of a Local RPL
+ Instance, and has allocated a local RPLInstanceID. By definition,
+ all traffic traversing that Local RPL Instance will either originate
+ or terminate at Node A. In this case, the DODAGID will be the
+
+
+
+Winter, et al. Standards Track [Page 29]
+
+RFC 6550 RPL March 2012
+
+
+ reachable IPv6 address of Node A. All traffic will contain the
+ address of Node A, and thus the DODAGID, in either the source or
+ destination address. Thus, the local RPLInstanceID may indicate that
+ the DODAGID is equivalent to either the source address or the
+ destination address by setting the 'D' flag appropriately.
+
+6. ICMPv6 RPL Control Message
+
+ This document defines the RPL control message, a new ICMPv6 [RFC4443]
+ message. A RPL control message is identified by a code and composed
+ of a base that depends on the code (and a series of options).
+
+ Most RPL control messages have the scope of a link. The only
+ exception is for the DAO / DAO-ACK messages in Non-Storing mode,
+ which are exchanged using a unicast address over multiple hops and
+ thus uses global or unique-local addresses for both the source and
+ destination addresses. For all other RPL control messages, the
+ source address is a link-local address, and the destination address
+ is either the all-RPL-nodes multicast address or a link-local unicast
+ address of the destination. The all-RPL-nodes multicast address is a
+ new address with a value of ff02::1a.
+
+ In accordance with [RFC4443], the RPL Control Message consists of an
+ ICMPv6 header followed by a message body. The message body is
+ comprised of a message base and possibly a number of options as
+ illustrated in Figure 6.
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type | Code | Checksum |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Base .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Option(s) .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 6: RPL Control Message
+
+ The RPL control message is an ICMPv6 information message with a Type
+ of 155.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 30]
+
+RFC 6550 RPL March 2012
+
+
+ The Code field identifies the type of RPL control message. This
+ document defines codes for the following RPL control message types
+ (see Section 20.2)):
+
+ o 0x00: DODAG Information Solicitation (Section 6.2)
+
+ o 0x01: DODAG Information Object (Section 6.3)
+
+ o 0x02: Destination Advertisement Object (Section 6.4)
+
+ o 0x03: Destination Advertisement Object Acknowledgment
+ (Section 6.5)
+
+ o 0x80: Secure DODAG Information Solicitation (Section 6.2.2)
+
+ o 0x81: Secure DODAG Information Object (Section 6.3.2)
+
+ o 0x82: Secure Destination Advertisement Object (Section 6.4.2)
+
+ o 0x83: Secure Destination Advertisement Object Acknowledgment
+ (Section 6.5.2)
+
+ o 0x8A: Consistency Check (Section 6.6)
+
+ If a node receives a RPL control message with an unknown Code field,
+ the node MUST discard the message without any further processing, MAY
+ raise a management alert, and MUST NOT send any messages in response.
+
+ The checksum is computed as specified in [RFC4443]. It is set to
+ zero for the RPL security operations specified below and computed
+ once the rest of the content of the RPL message including the
+ security fields is all set.
+
+ The high order bit (0x80) of the code denotes whether the RPL message
+ has security enabled. Secure RPL messages have a format to support
+ confidentiality and integrity, illustrated in Figure 7.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 31]
+
+RFC 6550 RPL March 2012
+
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type | Code | Checksum |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Security .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Base .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Option(s) .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 7: Secure RPL Control Message
+
+ The remainder of this section describes the currently defined RPL
+ control message Base formats followed by the currently defined RPL
+ Control Message options.
+
+6.1. RPL Security Fields
+
+ Each RPL message has a secure variant. The secure variants provide
+ integrity and replay protection as well as optional confidentiality
+ and delay protection. Because security covers the base message as
+ well as options, in secured messages the security information lies
+ between the checksum and base, as shown in Figure 7.
+
+ The level of security and the algorithms in use are indicated in the
+ protocol messages as described below:
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 32]
+
+RFC 6550 RPL March 2012
+
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |T| Reserved | Algorithm |KIM|Resvd| LVL | Flags |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Counter |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Key Identifier .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 8: Security Section
+
+ Message Authentication Codes (MACs) and signatures provide
+ authentication over the entire unsecured ICMPv6 RPL control message,
+ including the Security section with all fields defined, but with the
+ ICMPv6 checksum temporarily set to zero. Encryption provides
+ confidentiality of the secured RPL ICMPv6 message starting at the
+ first byte after the Security section and continuing to the last byte
+ of the packet. The security transformation yields a secured ICMPv6
+ RPL message with the inclusion of the cryptographic fields (MAC,
+ signature, etc.). In other words, the security transformation itself
+ (e.g., the Signature and/or Algorithm in use) will detail how to
+ incorporate the cryptographic fields into the secured packet. The
+ Security section itself does not explicitly carry those cryptographic
+ fields. Use of the Security section is further detailed in Sections
+ 19 and 10.
+
+ Counter is Time (T): If the counter's Time flag is set, then the
+ Counter field is a timestamp. If the flag is cleared, then the
+ counter is an incrementing counter. Section 10.5 describes the
+ details of the 'T' flag and Counter field.
+
+ Reserved: 7-bit unused field. The field MUST be initialized to zero
+ by the sender and MUST be ignored by the receiver.
+
+ Security Algorithm (Algorithm): The Security Algorithm field
+ specifies the encryption, MAC, and signature scheme the network
+ uses. Supported values of this field are as follows:
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 33]
+
+RFC 6550 RPL March 2012
+
+
+ +-----------+-------------------+------------------------+
+ | Algorithm | Encryption/MAC | Signature |
+ +-----------+-------------------+------------------------+
+ | 0 | CCM with AES-128 | RSA with SHA-256 |
+ | 1-255 | Unassigned | Unassigned |
+ +-----------+-------------------+------------------------+
+
+ Figure 9: Security Algorithm (Algorithm) Encoding
+
+ Section 10.9 describes the algorithms in greater detail.
+
+ Key Identifier Mode (KIM): The Key Identifier Mode is a 2-bit field
+ that indicates whether the key used for packet protection is
+ determined implicitly or explicitly and indicates the
+ particular representation of the Key Identifier field. The Key
+ Identifier Mode is set one of the values from the table below:
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 34]
+
+RFC 6550 RPL March 2012
+
+
+ +------+-----+-----------------------------+------------+
+ | Mode | KIM | Meaning | Key |
+ | | | | Identifier |
+ | | | | Length |
+ | | | | (octets) |
+ +------+-----+-----------------------------+------------+
+ | 0 | 00 | Group key used. | 1 |
+ | | | Key determined by Key Index | |
+ | | | field. | |
+ | | | | |
+ | | | Key Source is not present. | |
+ | | | Key Index is present. | |
+ +------+-----+-----------------------------+------------+
+ | 1 | 01 | Per-pair key used. | 0 |
+ | | | Key determined by source | |
+ | | | and destination of packet. | |
+ | | | | |
+ | | | Key Source is not present. | |
+ | | | Key Index is not present. | |
+ +------+-----+-----------------------------+------------+
+ | 2 | 10 | Group key used. | 9 |
+ | | | Key determined by Key Index | |
+ | | | and Key Source Identifier. | |
+ | | | | |
+ | | | Key Source is present. | |
+ | | | Key Index is present. | |
+ +------+-----+-----------------------------+------------+
+ | 3 | 11 | Node's signature key used. | 0/9 |
+ | | | If packet is encrypted, |
+ | | | it uses a group key, Key | |
+ | | | Index and Key Source | |
+ | | | specify key. | |
+ | | | | |
+ | | | Key Source may be present. | |
+ | | | Key Index may be present. | |
+ +------+-----+-----------------------------+------------+
+
+ Figure 10: Key Identifier Mode (KIM) Encoding
+
+ In Mode 3 (KIM=11), the presence or absence of the Key Source and Key
+ Identifier depends on the Security Level (LVL) described below. If
+ the Security Level indicates there is encryption, then the fields are
+ present; if it indicates there is no encryption, then the fields are
+ not present.
+
+ Resvd: 3-bit unused field. The field MUST be initialized to zero by
+ the sender and MUST be ignored by the receiver.
+
+
+
+
+Winter, et al. Standards Track [Page 35]
+
+RFC 6550 RPL March 2012
+
+
+ Security Level (LVL): The Security Level is a 3-bit field that
+ indicates the provided packet protection. This value can be
+ adapted on a per-packet basis and allows for varying levels of
+ data authenticity and, optionally, for data confidentiality.
+ The KIM field indicates whether signatures are used and the
+ meaning of the Level field. Note that the assigned values of
+ Security Level are not necessarily ordered -- a higher value of
+ LVL does not necessarily equate to increased security. The
+ Security Level is set to one of the values in the tables below:
+
+ +---------------------------+
+ | KIM=0,1,2 |
+ +-------+--------------------+------+
+ | LVL | Attributes | MAC |
+ | | | Len |
+ +-------+--------------------+------+
+ | 0 | MAC-32 | 4 |
+ | 1 | ENC-MAC-32 | 4 |
+ | 2 | MAC-64 | 8 |
+ | 3 | ENC-MAC-64 | 8 |
+ | 4-7 | Unassigned | N/A |
+ +-------+--------------------+------+
+
+ +---------------------+
+ | KIM=3 |
+ +-------+---------------+-----+
+ | LVL | Attributes | Sig |
+ | | | Len |
+ +-------+---------------+-----+
+ | 0 | Sign-3072 | 384 |
+ | 1 | ENC-Sign-3072 | 384 |
+ | 2 | Sign-2048 | 256 |
+ | 3 | ENC-Sign-2048 | 256 |
+ | 4-7 | Unassigned | N/A |
+ +-------+---------------+-----+
+
+ Figure 11: Security Level (LVL) Encoding
+
+ The MAC attribute indicates that the message has a MAC of the
+ specified length. The ENC attribute indicates that the message is
+ encrypted. The Sign attribute indicates that the message has a
+ signature of the specified length.
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 36]
+
+RFC 6550 RPL March 2012
+
+
+ Flags: 8-bit unused field reserved for flags. The field MUST be
+ initialized to zero by the sender and MUST be ignored by the
+ receiver.
+
+ Counter: The Counter field indicates the non-repeating 4-octet value
+ used to construct the cryptographic mechanism that implements
+ packet protection and allows for the provision of semantic
+ security. See Section 10.9.1.
+
+ Key Identifier: The Key Identifier field indicates which key was used
+ to protect the packet. This field provides various levels of
+ granularity of packet protection, including peer-to-peer keys,
+ group keys, and signature keys. This field is represented as
+ indicated by the Key Identifier Mode field and is formatted as
+ follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Key Source .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Key Index .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 12: Key Identifier
+
+ Key Source: The Key Source field, when present, indicates the logical
+ identifier of the originator of a group key. When present,
+ this field is 8 bytes in length.
+
+ Key Index: The Key Index field, when present, allows unique
+ identification of different keys with the same originator. It
+ is the responsibility of each key originator to make sure that
+ actively used keys that it issues have distinct key indices and
+ that all key indices have a value unequal to 0x00. Value 0x00
+ is reserved for a preinstalled, shared key. When present this
+ field is 1 byte in length.
+
+ Unassigned bits of the Security section are reserved. They MUST be
+ set to zero on transmission and MUST be ignored on reception.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 37]
+
+RFC 6550 RPL March 2012
+
+
+6.2. DODAG Information Solicitation (DIS)
+
+ The DODAG Information Solicitation (DIS) message may be used to
+ solicit a DODAG Information Object from a RPL node. Its use is
+ analogous to that of a Router Solicitation as specified in IPv6
+ Neighbor Discovery; a node may use DIS to probe its neighborhood for
+ nearby DODAGs. Section 8.3 describes how nodes respond to a DIS.
+
+6.2.1. Format of the DIS Base Object
+
+ 0 1 2
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Flags | Reserved | Option(s)...
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 13: The DIS Base Object
+
+ Flags: 8-bit unused field reserved for flags. The field MUST be
+ initialized to zero by the sender and MUST be ignored by the
+ receiver.
+
+ Reserved: 8-bit unused field. The field MUST be initialized to zero
+ by the sender and MUST be ignored by the receiver.
+
+ Unassigned bits of the DIS Base are reserved. They MUST be set to
+ zero on transmission and MUST be ignored on reception.
+
+6.2.2. Secure DIS
+
+ A Secure DIS message follows the format in Figure 7, where the base
+ format is the DIS message shown in Figure 13.
+
+6.2.3. DIS Options
+
+ The DIS message MAY carry valid options.
+
+ This specification allows for the DIS message to carry the following
+ options:
+
+ 0x00 Pad1
+ 0x01 PadN
+ 0x07 Solicited Information
+
+6.3. DODAG Information Object (DIO)
+
+ The DODAG Information Object carries information that allows a node
+ to discover a RPL Instance, learn its configuration parameters,
+
+
+
+Winter, et al. Standards Track [Page 38]
+
+RFC 6550 RPL March 2012
+
+
+ select a DODAG parent set, and maintain the DODAG.
+
+6.3.1. Format of the DIO Base Object
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | RPLInstanceID |Version Number | Rank |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |G|0| MOP | Prf | DTSN | Flags | Reserved |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | |
+ + DODAGID +
+ | |
+ + +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Option(s)...
+ +-+-+-+-+-+-+-+-+
+
+ Figure 14: The DIO Base Object
+
+ Grounded (G): The Grounded 'G' flag indicates whether the DODAG
+ advertised can satisfy the application-defined goal. If the
+ flag is set, the DODAG is grounded. If the flag is cleared,
+ the DODAG is floating.
+
+ Mode of Operation (MOP): The Mode of Operation (MOP) field identifies
+ the mode of operation of the RPL Instance as administratively
+ provisioned at and distributed by the DODAG root. All nodes
+ who join the DODAG must be able to honor the MOP in order to
+ fully participate as a router, or else they must only join as a
+ leaf. MOP is encoded as in the figure below:
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 39]
+
+RFC 6550 RPL March 2012
+
+
+ +-----+-----------------------------------------------------+
+ | MOP | Description |
+ +-----+-----------------------------------------------------+
+ | 0 | No Downward routes maintained by RPL |
+ | 1 | Non-Storing Mode of Operation |
+ | 2 | Storing Mode of Operation with no multicast support |
+ | 3 | Storing Mode of Operation with multicast support |
+ | | |
+ | | All other values are unassigned |
+ +-----+-----------------------------------------------------+
+
+ A value of 0 indicates that destination advertisement messages are
+ disabled and the DODAG maintains only Upward routes.
+
+ Figure 15: Mode of Operation (MOP) Encoding
+
+ DODAGPreference (Prf): A 3-bit unsigned integer that defines how
+ preferable the root of this DODAG is compared to other DODAG
+ roots within the instance. DAGPreference ranges from 0x00
+ (least preferred) to 0x07 (most preferred). The default is 0
+ (least preferred). Section 8.2 describes how DAGPreference
+ affects DIO processing.
+
+ Version Number: 8-bit unsigned integer set by the DODAG root to the
+ DODAGVersionNumber. Section 8.2 describes the rules for
+ DODAGVersionNumbers and how they affect DIO processing.
+
+ Rank: 16-bit unsigned integer indicating the DODAG Rank of the node
+ sending the DIO message. Section 8.2 describes how Rank is set
+ and how it affects DIO processing.
+
+ RPLInstanceID: 8-bit field set by the DODAG root that indicates of
+ which RPL Instance the DODAG is a part.
+
+ Destination Advertisement Trigger Sequence Number (DTSN): 8-bit
+ unsigned integer set by the node issuing the DIO message. The
+ Destination Advertisement Trigger Sequence Number (DTSN) flag
+ is used as part of the procedure to maintain Downward routes.
+ The details of this process are described in Section 9.
+
+ Flags: 8-bit unused field reserved for flags. The field MUST be
+ initialized to zero by the sender and MUST be ignored by the
+ receiver.
+
+ Reserved: 8-bit unused field. The field MUST be initialized to zero
+ by the sender and MUST be ignored by the receiver.
+
+
+
+
+
+Winter, et al. Standards Track [Page 40]
+
+RFC 6550 RPL March 2012
+
+
+ DODAGID: 128-bit IPv6 address set by a DODAG root that uniquely
+ identifies a DODAG. The DODAGID MUST be a routable IPv6
+ address belonging to the DODAG root.
+
+ Unassigned bits of the DIO Base are reserved. They MUST be set to
+ zero on transmission and MUST be ignored on reception.
+
+6.3.2. Secure DIO
+
+ A Secure DIO message follows the format in Figure 7, where the base
+ format is the DIO message shown in Figure 14.
+
+6.3.3. DIO Options
+
+ The DIO message MAY carry valid options.
+
+ This specification allows for the DIO message to carry the following
+ options:
+
+ 0x00 Pad1
+ 0x01 PadN
+ 0x02 DAG Metric Container
+ 0x03 Routing Information
+ 0x04 DODAG Configuration
+ 0x08 Prefix Information
+
+6.4. Destination Advertisement Object (DAO)
+
+ The Destination Advertisement Object (DAO) is used to propagate
+ destination information Upward along the DODAG. In Storing mode, the
+ DAO message is unicast by the child to the selected parent(s). In
+ Non-Storing mode, the DAO message is unicast to the DODAG root. The
+ DAO message may optionally, upon explicit request or error, be
+ acknowledged by its destination with a Destination Advertisement
+ Acknowledgement (DAO-ACK) message back to the sender of the DAO.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 41]
+
+RFC 6550 RPL March 2012
+
+
+6.4.1. Format of the DAO Base Object
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | RPLInstanceID |K|D| Flags | Reserved | DAOSequence |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | |
+ + DODAGID* +
+ | |
+ + +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Option(s)...
+ +-+-+-+-+-+-+-+-+
+
+ The '*' denotes that the DODAGID is not always present, as described
+ below.
+
+ Figure 16: The DAO Base Object
+
+ RPLInstanceID: 8-bit field indicating the topology instance
+ associated with the DODAG, as learned from the DIO.
+
+ K: The 'K' flag indicates that the recipient is expected to send a
+ DAO-ACK back. (See Section 9.3.)
+
+ D: The 'D' flag indicates that the DODAGID field is present. This
+ flag MUST be set when a local RPLInstanceID is used.
+
+ Flags: The 6 bits remaining unused in the Flags field are reserved
+ for flags. The field MUST be initialized to zero by the sender
+ and MUST be ignored by the receiver.
+
+ Reserved: 8-bit unused field. The field MUST be initialized to zero
+ by the sender and MUST be ignored by the receiver.
+
+ DAOSequence: Incremented at each unique DAO message from a node and
+ echoed in the DAO-ACK message.
+
+ DODAGID (optional): 128-bit unsigned integer set by a DODAG root that
+ uniquely identifies a DODAG. This field is only present when
+ the 'D' flag is set. This field is typically only present when
+ a local RPLInstanceID is in use, in order to identify the
+ DODAGID that is associated with the RPLInstanceID. When a
+ global RPLInstanceID is in use, this field need not be present.
+
+
+
+Winter, et al. Standards Track [Page 42]
+
+RFC 6550 RPL March 2012
+
+
+ Unassigned bits of the DAO Base are reserved. They MUST be set to
+ zero on transmission and MUST be ignored on reception.
+
+6.4.2. Secure DAO
+
+ A Secure DAO message follows the format in Figure 7, where the base
+ format is the DAO message shown in Figure 16.
+
+6.4.3. DAO Options
+
+ The DAO message MAY carry valid options.
+
+ This specification allows for the DAO message to carry the following
+ options:
+
+ 0x00 Pad1
+ 0x01 PadN
+ 0x05 RPL Target
+ 0x06 Transit Information
+ 0x09 RPL Target Descriptor
+
+ A special case of the DAO message, termed a No-Path, is used in
+ Storing mode to clear Downward routing state that has been
+ provisioned through DAO operation. The No-Path carries a Target
+ option and an associated Transit Information option with a lifetime
+ of 0x00000000 to indicate a loss of reachability to that Target.
+
+6.5. Destination Advertisement Object Acknowledgement (DAO-ACK)
+
+ The DAO-ACK message is sent as a unicast packet by a DAO recipient (a
+ DAO parent or DODAG root) in response to a unicast DAO message.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 43]
+
+RFC 6550 RPL March 2012
+
+
+6.5.1. Format of the DAO-ACK Base Object
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | RPLInstanceID |D| Reserved | DAOSequence | Status |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | |
+ + DODAGID* +
+ | |
+ + +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Option(s)...
+ +-+-+-+-+-+-+-+-+
+
+ The '*' denotes that the DODAGID is not always present, as described
+ below.
+
+ Figure 17: The DAO ACK Base Object
+
+ RPLInstanceID: 8-bit field indicating the topology instance
+ associated with the DODAG, as learned from the DIO.
+
+ D: The 'D' flag indicates that the DODAGID field is present. This
+ would typically only be set when a local RPLInstanceID is used.
+
+ Reserved: The 7-bit field, reserved for flags.
+
+ DAOSequence: Incremented at each DAO message from a node, and echoed
+ in the DAO-ACK by the recipient. The DAOSequence is used to
+ correlate a DAO message and a DAO ACK message and is not to be
+ confused with the Transit Information option Path Sequence that
+ is associated to a given Target Down the DODAG.
+
+ Status: Indicates the completion. Status 0 is defined as unqualified
+ acceptance in this specification. The remaining status values
+ are reserved as rejection codes. No rejection status codes are
+ defined in this specification, although status codes SHOULD be
+ allocated according to the following guidelines in future
+ specifications:
+
+ 0: Unqualified acceptance (i.e., the node receiving the
+ DAO-ACK is not rejected).
+
+
+
+
+
+Winter, et al. Standards Track [Page 44]
+
+RFC 6550 RPL March 2012
+
+
+ 1-127: Not an outright rejection; the node sending the DAO-ACK
+ is willing to act as a parent, but the receiving node is
+ suggested to find and use an alternate parent instead.
+ 127-255: Rejection; the node sending the DAO-ACK is unwilling to
+ act as a parent.
+
+ DODAGID (optional): 128-bit unsigned integer set by a DODAG root that
+ uniquely identifies a DODAG. This field is only present
+ when the 'D' flag is set. Typically, this field is only
+ present when a local RPLInstanceID is in use in order to
+ identify the DODAGID that is associated with the
+ RPLInstanceID. When a global RPLInstanceID is in use,
+ this field need not be present.
+
+ Unassigned bits of the DAO-ACK Base are reserved. They MUST be set
+ to zero on transmission and MUST be ignored on reception.
+
+6.5.2. Secure DAO-ACK
+
+ A Secure DAO-ACK message follows the format in Figure 7, where the
+ base format is the DAO-ACK message shown in Figure 17.
+
+6.5.3. DAO-ACK Options
+
+ This specification does not define any options to be carried by the
+ DAO-ACK message.
+
+6.6. Consistency Check (CC)
+
+ The CC message is used to check secure message counters and issue
+ challenge-responses. A CC message MUST be sent as a secured RPL
+ message.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 45]
+
+RFC 6550 RPL March 2012
+
+
+6.6.1. Format of the CC Base Object
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | RPLInstanceID |R| Flags | CC Nonce |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | |
+ + DODAGID +
+ | |
+ + +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Destination Counter |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Option(s)...
+ +-+-+-+-+-+-+-+-+
+
+ Figure 18: The CC Base Object
+
+ RPLInstanceID: 8-bit field indicating the topology instance
+ associated with the DODAG, as learned from the DIO.
+
+ R: The 'R' flag indicates whether the CC message is a response. A
+ message with the 'R' flag cleared is a request; a message with
+ the 'R' flag set is a response.
+
+ Flags: The 7 bits remaining unused in the Flags field are reserved
+ for flags. The field MUST be initialized to zero by the sender
+ and MUST be ignored by the receiver.
+
+ CC Nonce: 16-bit unsigned integer set by a CC request. The
+ corresponding CC response includes the same CC nonce value as
+ the request.
+
+ DODAGID: 128-bit field, contains the identifier of the DODAG root.
+
+ Destination Counter: 32-bit unsigned integer value indicating the
+ sender's estimate of the destination's current security counter
+ value. If the sender does not have an estimate, it SHOULD set
+ the Destination Counter field to zero.
+
+ Unassigned bits of the CC Base are reserved. They MUST be set to
+ zero on transmission and MUST be ignored on reception.
+
+
+
+
+
+Winter, et al. Standards Track [Page 46]
+
+RFC 6550 RPL March 2012
+
+
+ The Destination Counter value allows new or recovered nodes to
+ resynchronize through CC message exchanges. This is important to
+ ensure that a Counter value is not repeated for a given security key
+ even in the event of devices recovering from a failure that created a
+ loss of Counter state. For example, where a CC request or other RPL
+ message is received with an initialized counter within the message
+ Security section, the provision of the Incoming Counter within the CC
+ response message allows the requesting node to reset its Outgoing
+ Counter to a value greater than the last value received by the
+ responding node; the Incoming Counter will also be updated from the
+ received CC response.
+
+6.6.2. CC Options
+
+ This specification allows for the CC message to carry the following
+ options:
+
+ 0x00 Pad1
+ 0x01 PadN
+
+6.7. RPL Control Message Options
+
+6.7.1. RPL Control Message Option Generic Format
+
+ RPL Control Message options all follow this format:
+
+ 0 1 2
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - -
+ | Option Type | Option Length | Option Data
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - -
+
+ Figure 19: RPL Option Generic Format
+
+ Option Type: 8-bit identifier of the type of option. The Option Type
+ values are assigned by IANA (see Section 20.4.)
+
+ Option Length: 8-bit unsigned integer, representing the length in
+ octets of the option, not including the Option Type and Length
+ fields.
+
+ Option Data: A variable length field that contains data specific to
+ the option.
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 47]
+
+RFC 6550 RPL March 2012
+
+
+ When processing a RPL message containing an option for which the
+ Option Type value is not recognized by the receiver, the receiver
+ MUST silently ignore the unrecognized option and continue to process
+ the following option, correctly handling any remaining options in the
+ message.
+
+ RPL message options may have alignment requirements. Following the
+ convention in IPv6, options with alignment requirements are aligned
+ in a packet such that multi-octet values within the Option Data field
+ of each option fall on natural boundaries (i.e., fields of width n
+ octets are placed at an integer multiple of n octets from the start
+ of the header, for n = 1, 2, 4, or 8).
+
+6.7.2. Pad1
+
+ The Pad1 option MAY be present in DIS, DIO, DAO, DAO-ACK, and CC
+ messages, and its format is as follows:
+
+
+ 0
+ 0 1 2 3 4 5 6 7
+ +-+-+-+-+-+-+-+-+
+ | Type = 0x00 |
+ +-+-+-+-+-+-+-+-+
+
+ Figure 20: Format of the Pad1 Option
+
+ The Pad1 option is used to insert a single octet of padding into the
+ message to enable options alignment. If more than one octet of
+ padding is required, the PadN option should be used rather than
+ multiple Pad1 options.
+
+ NOTE! The format of the Pad1 option is a special case -- it has
+ neither Option Length nor Option Data fields.
+
+6.7.3. PadN
+
+ The PadN option MAY be present in DIS, DIO, DAO, DAO-ACK, and CC
+ messages, and its format is as follows:
+
+
+ 0 1 2
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - -
+ | Type = 0x01 | Option Length | 0x00 Padding...
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - -
+
+ Figure 21: Format of the Pad N Option
+
+
+
+Winter, et al. Standards Track [Page 48]
+
+RFC 6550 RPL March 2012
+
+
+ The PadN option is used to insert two or more octets of padding into
+ the message to enable options alignment. PadN option data MUST be
+ ignored by the receiver.
+
+ Option Type: 0x01
+
+ Option Length: For N octets of padding, where 2 <= N <= 7, the Option
+ Length field contains the value N-2. An Option Length of 0
+ indicates a total padding of 2 octets. An Option Length of 5
+ indicates a total padding of 7 octets, which is the maximum
+ padding size allowed with the PadN option.
+
+ Option Data: For N (N > 1) octets of padding, the Option Data
+ consists of N-2 zero-valued octets.
+
+6.7.4. DAG Metric Container
+
+ The DAG Metric Container option MAY be present in DIO or DAO
+ messages, and its format is as follows:
+
+
+ 0 1 2
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - -
+ | Type = 0x02 | Option Length | Metric Data
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - -
+
+ Figure 22: Format of the DAG Metric Container Option
+
+ The DAG Metric Container is used to report metrics along the DODAG.
+ The DAG Metric Container may contain a number of discrete node, link,
+ and aggregate path metrics and constraints specified in [RFC6551] as
+ chosen by the implementer.
+
+ The DAG Metric Container MAY appear more than once in the same RPL
+ control message, for example, to accommodate a use case where the
+ Metric Data is longer than 256 bytes. More information is in
+ [RFC6551].
+
+ The processing and propagation of the DAG Metric Container is
+ governed by implementation specific policy functions.
+
+ Option Type: 0x02
+
+ Option Length: The Option Length field contains the length in octets
+ of the Metric Data.
+
+
+
+
+
+Winter, et al. Standards Track [Page 49]
+
+RFC 6550 RPL March 2012
+
+
+ Metric Data: The order, content, and coding of the DAG Metric
+ Container data is as specified in [RFC6551].
+
+6.7.5. Route Information
+
+ The Route Information Option (RIO) MAY be present in DIO messages,
+ and it carries the same information as the IPv6 Neighbor Discovery
+ (ND) RIO as defined in [RFC4191]. The root of a DODAG is
+ authoritative for setting that information and the information is
+ unchanged as propagated down the DODAG. A RPL router may trivially
+ transform it back into an ND option to advertise in its own RAs so a
+ node attached to the RPL router will end up using the DODAG for which
+ the root has the best preference for the destination of a packet. In
+ addition to the existing ND semantics, it is possible for an
+ Objective Function to use this information to favor a DODAG whose
+ root is most preferred for a specific destination. The format of the
+ option is modified slightly (Type, Length, Prefix) in order to be
+ carried as a RPL option as follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x03 | Option Length | Prefix Length |Resvd|Prf|Resvd|
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Route Lifetime |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ . Prefix (Variable Length) .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 23: Format of the Route Information Option
+
+ The RIO is used to indicate that connectivity to the specified
+ destination prefix is available from the DODAG root.
+
+ In the event that a RPL control message may need to specify
+ connectivity to more than one destination, the RIO may be repeated.
+
+ [RFC4191] should be consulted as the authoritative reference with
+ respect to the RIO. The field descriptions are transcribed here for
+ convenience:
+
+ Option Type: 0x03
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 50]
+
+RFC 6550 RPL March 2012
+
+
+ Option Length: Variable, length of the option in octets excluding the
+ Type and Length fields. Note that this length is expressed in
+ units of single octets, unlike in IPv6 ND.
+
+ Prefix Length: 8-bit unsigned integer. The number of leading bits in
+ the prefix that are valid. The value ranges from 0 to 128.
+ The Prefix field has the number of bytes inferred from the
+ Option Length field, that must be at least the Prefix Length.
+ Note that in RPL, this means that the Prefix field may have
+ lengths other than 0, 8, or 16.
+
+ Prf: 2-bit signed integer. The Route Preference indicates whether to
+ prefer the router associated with this prefix over others, when
+ multiple identical prefixes (for different routers) have been
+ received. If the Reserved (10) value is received, the RIO MUST
+ be ignored. Per [RFC4191], the Reserved (10) value MUST NOT be
+ sent. ([RFC4191] restricts the Preference to just three values
+ to reinforce that it is not a metric.)
+
+ Resvd: Two 3-bit unused fields. They MUST be initialized to zero by
+ the sender and MUST be ignored by the receiver.
+
+ Route Lifetime: 32-bit unsigned integer. The length of time in
+ seconds (relative to the time the packet is sent) that the
+ prefix is valid for route determination. A value of all one
+ bits (0xFFFFFFFF) represents infinity.
+
+ Prefix: Variable-length field containing an IP address or a prefix of
+ an IPv6 address. The Prefix Length field contains the number
+ of valid leading bits in the prefix. The bits in the prefix
+ after the prefix length (if any) are reserved and MUST be
+ initialized to zero by the sender and ignored by the receiver.
+ Note that in RPL, this field may have lengths other than 0, 8,
+ or 16.
+
+ Unassigned bits of the RIO are reserved. They MUST be set to zero on
+ transmission and MUST be ignored on reception.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 51]
+
+RFC 6550 RPL March 2012
+
+
+6.7.6. DODAG Configuration
+
+ The DODAG Configuration option MAY be present in DIO messages, and
+ its format is as follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x04 |Opt Length = 14| Flags |A| PCS | DIOIntDoubl. |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | DIOIntMin. | DIORedun. | MaxRankIncrease |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | MinHopRankIncrease | OCP |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Reserved | Def. Lifetime | Lifetime Unit |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 24: Format of the DODAG Configuration Option
+
+ The DODAG Configuration option is used to distribute configuration
+ information for DODAG Operation through the DODAG.
+
+ The information communicated in this option is generally static and
+ unchanging within the DODAG, therefore it is not necessary to include
+ in every DIO. This information is configured at the DODAG root and
+ distributed throughout the DODAG with the DODAG Configuration option.
+ Nodes other than the DODAG root MUST NOT modify this information when
+ propagating the DODAG Configuration option. This option MAY be
+ included occasionally by the DODAG root (as determined by the DODAG
+ root), and MUST be included in response to a unicast request, e.g. a
+ unicast DODAG Information Solicitation (DIS) message.
+
+ Option Type: 0x04
+
+ Option Length: 14
+
+ Flags: The 4-bits remaining unused in the Flags field are reserved
+ for flags. The field MUST be initialized to zero by the sender
+ and MUST be ignored by the receiver.
+
+ Authentication Enabled (A): 1-bit flag describing the security mode
+ of the network. The bit describes whether a node must
+ authenticate with a key authority before joining the network as
+ a router. If the DIO is not a secure DIO, the 'A' bit MUST be
+ zero.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 52]
+
+RFC 6550 RPL March 2012
+
+
+ Path Control Size (PCS): 3-bit unsigned integer used to configure the
+ number of bits that may be allocated to the Path Control field
+ (see Section 9.9). Note that when PCS is consulted to
+ determine the width of the Path Control field, a value of 1 is
+ added, i.e., a PCS value of 0 results in 1 active bit in the
+ Path Control field. The default value of PCS is
+ DEFAULT_PATH_CONTROL_SIZE.
+
+ DIOIntervalDoublings: 8-bit unsigned integer used to configure Imax
+ of the DIO Trickle timer (see Section 8.3.1). The default
+ value of DIOIntervalDoublings is
+ DEFAULT_DIO_INTERVAL_DOUBLINGS.
+
+ DIOIntervalMin: 8-bit unsigned integer used to configure Imin of the
+ DIO Trickle timer (see Section 8.3.1). The default value of
+ DIOIntervalMin is DEFAULT_DIO_INTERVAL_MIN.
+
+ DIORedundancyConstant: 8-bit unsigned integer used to configure k of
+ the DIO Trickle timer (see Section 8.3.1). The default value
+ of DIORedundancyConstant is DEFAULT_DIO_REDUNDANCY_CONSTANT.
+
+ MaxRankIncrease: 16-bit unsigned integer used to configure
+ DAGMaxRankIncrease, the allowable increase in Rank in support
+ of local repair. If DAGMaxRankIncrease is 0, then this
+ mechanism is disabled.
+
+ MinHopRankIncrease: 16-bit unsigned integer used to configure
+ MinHopRankIncrease as described in Section 3.5.1. The default
+ value of MinHopRankInc is DEFAULT_MIN_HOP_RANK_INCREASE.
+
+ Objective Code Point (OCP): 16-bit unsigned integer. The OCP field
+ identifies the OF and is managed by the IANA.
+
+ Reserved: 7-bit unused field. The field MUST be initialized to zero
+ by the sender and MUST be ignored by the receiver.
+
+ Default Lifetime: 8-bit unsigned integer. This is the lifetime that
+ is used as default for all RPL routes. It is expressed in
+ units of Lifetime Units, e.g., the default lifetime in seconds
+ is (Default Lifetime) * (Lifetime Unit).
+
+ Lifetime Unit: 16-bit unsigned integer. Provides the unit in seconds
+ that is used to express route lifetimes in RPL. For very
+ stable networks, it can be hours to days.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 53]
+
+RFC 6550 RPL March 2012
+
+
+6.7.7. RPL Target
+
+ The RPL Target option MAY be present in DAO messages, and its format
+ is as follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x05 | Option Length | Flags | Prefix Length |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | Target Prefix (Variable Length) |
+ . .
+ . .
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 25: Format of the RPL Target Option
+
+ The RPL Target option is used to indicate a Target IPv6 address,
+ prefix, or multicast group that is reachable or queried along the
+ DODAG. In a DAO, the RPL Target option indicates reachability.
+
+ A RPL Target option MAY optionally be paired with a RPL Target
+ Descriptor option (Figure 30) that qualifies the target.
+
+ A set of one or more Transit Information options (Section 6.7.8) MAY
+ directly follow a set of one or more Target options in a DAO message
+ (where each Target option MAY be paired with a RPL Target Descriptor
+ option as above). The structure of the DAO message, detailing how
+ Target options are used in conjunction with Transit Information
+ options is further described in Section 9.4.
+
+ The RPL Target option may be repeated as necessary to indicate
+ multiple targets.
+
+ Option Type: 0x05
+
+ Option Length: Variable, length of the option in octets excluding the
+ Type and Length fields.
+
+ Flags: 8-bit unused field reserved for flags. The field MUST be
+ initialized to zero by the sender and MUST be ignored by the
+ receiver.
+
+ Prefix Length: 8-bit unsigned integer. Number of valid leading bits
+ in the IPv6 Prefix.
+
+
+
+
+Winter, et al. Standards Track [Page 54]
+
+RFC 6550 RPL March 2012
+
+
+ Target Prefix: Variable-length field identifying an IPv6 destination
+ address, prefix, or multicast group. The Prefix Length field
+ contains the number of valid leading bits in the prefix. The
+ bits in the prefix after the prefix length (if any) are
+ reserved and MUST be set to zero on transmission and MUST be
+ ignored on receipt.
+
+6.7.8. Transit Information
+
+ The Transit Information option MAY be present in DAO messages, and
+ its format is as follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x06 | Option Length |E| Flags | Path Control |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Path Sequence | Path Lifetime | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
+ | |
+ + +
+ | |
+ + Parent Address* +
+ | |
+ + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+
+ The '*' denotes that the DODAG Parent Address subfield is not always
+ present, as described below.
+
+ Figure 26: Format of the Transit Information Option
+
+ The Transit Information option is used for a node to indicate
+ attributes for a path to one or more destinations. The destinations
+ are indicated by one or more Target options that immediately precede
+ the Transit Information option(s).
+
+ The Transit Information option can be used for a node to indicate its
+ DODAG parents to an ancestor that is collecting DODAG routing
+ information, typically, for the purpose of constructing source
+ routes. In the Non-Storing mode of operation, this ancestor will be
+ the DODAG root, and this option is carried by the DAO message. In
+ the Storing mode of operation, the DODAG Parent Address subfield is
+ not needed, since the DAO message is sent directly to the parent.
+ The option length is used to determine whether or not the DODAG
+ Parent Address subfield is present.
+
+
+
+Winter, et al. Standards Track [Page 55]
+
+RFC 6550 RPL March 2012
+
+
+ A non-storing node that has more than one DAO parent MAY include a
+ Transit Information option for each DAO parent as part of the non-
+ storing destination advertisement operation. The node may distribute
+ the bits in the Path Control field among different groups of DAO
+ parents in order to signal a preference among parents. That
+ preference may influence the decision of the DODAG root when
+ selecting among the alternate parents/paths for constructing Downward
+ routes.
+
+ One or more Transit Information options MUST be preceded by one or
+ more RPL Target options. In this manner, the RPL Target option
+ indicates the child node, and the Transit Information option(s)
+ enumerates the DODAG parents. The structure of the DAO message,
+ further detailing how Target options are used in conjunction with
+ Transit Information options, is further described in Section 9.4.
+
+ A typical non-storing node will use multiple Transit Information
+ options, and it will send the DAO message thus formed directly to the
+ root. A typical storing node will use one Transit Information option
+ with no parent field and will send the DAO message thus formed, with
+ additional adjustments, to Path Control as detailed later, to one or
+ multiple parents.
+
+ For example, in a Non-Storing mode of operation let Tgt(T) denote a
+ Target option for a Target T. Let Trnst(P) denote a Transit
+ Information option that contains a parent address P. Consider the
+ case of a non-storing Node N that advertises the self-owned targets
+ N1 and N2 and has parents P1, P2, and P3. In that case, the DAO
+ message would be expected to contain the sequence ((Tgt(N1),
+ Tgt(N2)), (Trnst(P1), Trnst(P2), Trnst(P3))), such that the group of
+ Target options {N1, N2} is described by the Transit Information
+ options as having the parents {P1, P2, P3}. The non-storing node
+ would then address that DAO message directly to the DODAG root and
+ forward that DAO message through one of the DODAG parents: P1, P2, or
+ P3.
+
+ Option Type: 0x06
+
+ Option Length: Variable, depending on whether or not the DODAG Parent
+ Address subfield is present.
+
+ External (E): 1-bit flag. The 'E' flag is set to indicate that the
+ parent router redistributes external targets into the RPL
+ network. An external Target is a Target that has been learned
+ through an alternate protocol. The external targets are listed
+ in the Target options that immediately precede the Transit
+ Information option. An external Target is not expected to
+ support RPL messages and options.
+
+
+
+Winter, et al. Standards Track [Page 56]
+
+RFC 6550 RPL March 2012
+
+
+ Flags: The 7 bits remaining unused in the Flags field are reserved
+ for flags. The field MUST be initialized to zero by the sender
+ and MUST be ignored by the receiver.
+
+ Path Control: 8-bit bit field. The Path Control field limits the
+ number of DAO parents to which a DAO message advertising
+ connectivity to a specific destination may be sent, as well as
+ providing some indication of relative preference. The limit
+ provides some bound on overall DAO message fan-out in the LLN.
+ The assignment and ordering of the bits in the Path Control
+ also serves to communicate preference. Not all of these bits
+ may be enabled as according to the PCS in the DODAG
+ Configuration. The Path Control field is divided into four
+ subfields that contain two bits each: PC1, PC2, PC3, and PC4,
+ as illustrated in Figure 27. The subfields are ordered by
+ preference, with PC1 being the most preferred and PC4 being the
+ least preferred. Within a subfield, there is no order of
+ preference. By grouping the parents (as in ECMP) and ordering
+ them, the parents may be associated with specific bits in the
+ Path Control field in a way that communicates preference.
+
+ 0 1 2 3 4 5 6 7
+ +-+-+-+-+-+-+-+-+
+ |PC1|PC2|PC3|PC4|
+ +-+-+-+-+-+-+-+-+
+
+ Figure 27: Path Control Preference Subfield Encoding
+
+ Path Sequence: 8-bit unsigned integer. When a RPL Target option is
+ issued by the node that owns the Target prefix (i.e., in a DAO
+ message), that node sets the Path Sequence and increments the
+ Path Sequence each time it issues a RPL Target option with
+ updated information.
+
+ Path Lifetime: 8-bit unsigned integer. The length of time in
+ Lifetime Units (obtained from the Configuration option) that
+ the prefix is valid for route determination. The period starts
+ when a new Path Sequence is seen. A value of all one bits
+ (0xFF) represents infinity. A value of all zero bits (0x00)
+ indicates a loss of reachability. A DAO message that contains
+ a Transit Information option with a Path Lifetime of 0x00 for a
+ Target is referred as a No-Path (for that Target) in this
+ document.
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 57]
+
+RFC 6550 RPL March 2012
+
+
+ Parent Address (optional): IPv6 address of the DODAG parent of the
+ node originally issuing the Transit Information option. This
+ field may not be present, as according to the DODAG Mode of
+ Operation (Storing or Non-Storing) and indicated by the Transit
+ Information option length.
+
+ Unassigned bits of the Transit Information option are reserved. They
+ MUST be set to zero on transmission and MUST be ignored on reception.
+
+6.7.9. Solicited Information
+
+ The Solicited Information option MAY be present in DIS messages, and
+ its format is as follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x07 |Opt Length = 19| RPLInstanceID |V|I|D| Flags |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | |
+ + DODAGID +
+ | |
+ + +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |Version Number |
+ +-+-+-+-+-+-+-+-+
+
+ Figure 28: Format of the Solicited Information Option
+
+ The Solicited Information option is used for a node to request DIO
+ messages from a subset of neighboring nodes. The Solicited
+ Information option may specify a number of predicate criteria to be
+ matched by a receiving node. This is used by the requester to limit
+ the number of replies from "non-interesting" nodes. These predicates
+ affect whether a node resets its DIO Trickle timer, as described in
+ Section 8.3.
+
+ The Solicited Information option contains flags that indicate which
+ predicates a node should check when deciding whether to reset its
+ Trickle timer. A node resets its Trickle timer when all predicates
+ are true. If a flag is set, then the RPL node MUST check the
+ associated predicate. If a flag is cleared, then the RPL node MUST
+ NOT check the associated predicate. (If a flag is cleared, the RPL
+ node assumes that the associated predicate is true.)
+
+
+
+
+Winter, et al. Standards Track [Page 58]
+
+RFC 6550 RPL March 2012
+
+
+ Option Type: 0x07
+
+ Option Length: 19
+
+ V: The 'V' flag is the Version predicate. The Version predicate is
+ true if the receiver's DODAGVersionNumber matches the requested
+ Version Number. If the 'V' flag is cleared, then the Version
+ field is not valid and the Version field MUST be set to zero on
+ transmission and ignored upon receipt.
+
+ I: The 'I' flag is the InstanceID predicate. The InstanceID
+ predicate is true when the RPL node's current RPLInstanceID
+ matches the requested RPLInstanceID. If the 'I' flag is
+ cleared, then the RPLInstanceID field is not valid and the
+ RPLInstanceID field MUST be set to zero on transmission and
+ ignored upon receipt.
+
+ D: The 'D' flag is the DODAGID predicate. The DODAGID predicate is
+ true if the RPL node's parent set has the same DODAGID as the
+ DODAGID field. If the 'D' flag is cleared, then the DODAGID
+ field is not valid and the DODAGID field MUST be set to zero on
+ transmission and ignored upon receipt.
+
+ Flags: The 5 bits remaining unused in the Flags field are reserved
+ for flags. The field MUST be initialized to zero by the sender
+ and MUST be ignored by the receiver.
+
+ Version Number: 8-bit unsigned integer containing the value of
+ DODAGVersionNumber that is being solicited when valid.
+
+ RPLInstanceID: 8-bit unsigned integer containing the RPLInstanceID
+ that is being solicited when valid.
+
+ DODAGID: 128-bit unsigned integer containing the DODAGID that is
+ being solicited when valid.
+
+ Unassigned bits of the Solicited Information option are reserved.
+ They MUST be set to zero on transmission and MUST be ignored on
+ reception.
+
+6.7.10. Prefix Information
+
+ The Prefix Information Option (PIO) MAY be present in DIO messages,
+ and carries the information that is specified for the IPv6 ND Prefix
+ Information option in [RFC4861], [RFC4862], and [RFC6275] for use by
+ RPL nodes and IPv6 hosts. In particular, a RPL node may use this
+ option for the purpose of Stateless Address Autoconfiguration (SLAAC)
+ from a prefix advertised by a parent as specified in [RFC4862], and
+
+
+
+Winter, et al. Standards Track [Page 59]
+
+RFC 6550 RPL March 2012
+
+
+ advertise its own address as specified in [RFC6275]. The root of a
+ DODAG is authoritative for setting that information. The information
+ is propagated down the DODAG unchanged, with the exception that a RPL
+ router may overwrite the Interface ID if the 'R' flag is set to
+ indicate its full address in the PIO. The format of the option is
+ modified (Type, Length, Prefix) in order to be carried as a RPL
+ option as follows:
+
+ If the only desired effect of a received PIO in a DIO is to provide
+ the global address of the parent node to the receiving node, then the
+ sender resets the 'A' and 'L' bits and sets the 'R' bit. Upon
+ receipt, the RPL will not autoconfigure an address or a connected
+ route from the prefix [RFC4862]. As in all cases, when the 'L' bit
+ is not set, the RPL node MAY include the prefix in PIOs it sends to
+ its children.
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x08 |Opt Length = 30| Prefix Length |L|A|R|Reserved1|
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Valid Lifetime |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Preferred Lifetime |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Reserved2 |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + +
+ | |
+ + Prefix +
+ | |
+ + +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 29: Format of the Prefix Information Option
+
+ The PIO may be used to distribute the prefix in use inside the DODAG,
+ e.g., for address autoconfiguration.
+
+ [RFC4861] and [RFC6275] should be consulted as the authoritative
+ reference with respect to the PIO. The field descriptions are
+ transcribed here for convenience:
+
+ Option Type: 0x08
+
+
+
+
+
+Winter, et al. Standards Track [Page 60]
+
+RFC 6550 RPL March 2012
+
+
+ Option Length: 30. Note that this length is expressed in units of
+ single octets, unlike in IPv6 ND.
+
+ Prefix Length: 8-bit unsigned integer. The number of leading bits in
+ the Prefix field that are valid. The value ranges from 0 to
+ 128. The Prefix Length field provides necessary information
+ for on-link determination (when combined with the 'L' flag in
+ the PIO). It also assists with address autoconfiguration as
+ specified in [RFC4862], for which there may be more
+ restrictions on the prefix length.
+
+ L: 1-bit on-link flag. When set, it indicates that this prefix
+ can be used for on-link determination. When not set, the
+ advertisement makes no statement about on-link or off-link
+ properties of the prefix. In other words, if the 'L' flag is
+ not set, a RPL node MUST NOT conclude that an address derived
+ from the prefix is off-link. That is, it MUST NOT update a
+ previous indication that the address is on-link. A RPL node
+ acting as a router MUST NOT propagate a PIO with the 'L' flag
+ set. A RPL node acting as a router MAY propagate a PIO with
+ the 'L' flag not set.
+
+ A: 1-bit autonomous address-configuration flag. When set, it
+ indicates that this prefix can be used for stateless address
+ configuration as specified in [RFC4862]. When both protocols
+ (ND RAs and RPL DIOs) are used to carry PIOs on the same link,
+ it is possible to use either one for SLAAC by a RPL node. It
+ is also possible to make either protocol ineligible for SLAAC
+ operation by forcing the 'A' flag to 0 for PIOs carried in that
+ protocol.
+
+ R: 1-bit router address flag. When set, it indicates that the
+ Prefix field contains a complete IPv6 address assigned to the
+ sending router that can be used as parent in a target option.
+ The indicated prefix is the first prefix length bits of the
+ Prefix field. The router IPv6 address has the same scope and
+ conforms to the same lifetime values as the advertised prefix.
+ This use of the Prefix field is compatible with its use in
+ advertising the prefix itself, since Prefix Advertisement uses
+ only the leading bits. Interpretation of this flag bit is thus
+ independent of the processing required for the on-link (L) and
+ autonomous address-configuration (A) flag bits.
+
+ Reserved1: 5-bit unused field. It MUST be initialized to zero by the
+ sender and MUST be ignored by the receiver.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 61]
+
+RFC 6550 RPL March 2012
+
+
+ Valid Lifetime: 32-bit unsigned integer. The length of time in
+ seconds (relative to the time the packet is sent) that the
+ prefix is valid for the purpose of on-link determination. A
+ value of all one bits (0xFFFFFFFF) represents infinity. The
+ Valid Lifetime is also used by [RFC4862].
+
+ Preferred Lifetime: 32-bit unsigned integer. The length of time in
+ seconds (relative to the time the packet is sent) that
+ addresses generated from the prefix via stateless address
+ autoconfiguration remain preferred [RFC4862]. A value of all
+ one bits (0xFFFFFFFF) represents infinity. See [RFC4862].
+ Note that the value of this field MUST NOT exceed the Valid
+ Lifetime field to avoid preferring addresses that are no longer
+ valid.
+
+ Reserved2: This field is unused. It MUST be initialized to zero by
+ the sender and MUST be ignored by the receiver.
+
+ Prefix: An IPv6 address or a prefix of an IPv6 address. The Prefix
+ Length field contains the number of valid leading bits in the
+ prefix. The bits in the prefix after the prefix length are
+ reserved and MUST be initialized to zero by the sender and
+ ignored by the receiver. A router SHOULD NOT send a prefix
+ option for the link-local prefix, and a host SHOULD ignore such
+ a prefix option. A non-storing node SHOULD refrain from
+ advertising a prefix till it owns an address of that prefix,
+ and then it SHOULD advertise its full address in this field,
+ with the 'R' flag set. The children of a node that so
+ advertises a full address with the 'R' flag set may then use
+ that address to determine the content of the DODAG Parent
+ Address subfield of the Transit Information option.
+
+ Unassigned bits of the PIO are reserved. They MUST be set to zero on
+ transmission and MUST be ignored on reception.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 62]
+
+RFC 6550 RPL March 2012
+
+
+6.7.11. RPL Target Descriptor
+
+ The RPL Target option MAY be immediately followed by one opaque
+ descriptor that qualifies that specific target.
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Type = 0x09 |Opt Length = 4 | Descriptor
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ Descriptor (cont.) |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+
+ Figure 30: Format of the RPL Target Descriptor Option
+
+ The RPL Target Descriptor option is used to qualify a target,
+ something that is sometimes called "tagging".
+
+ At most, there can be one descriptor per target. The descriptor is
+ set by the node that injects the Target in the RPL network. It MUST
+ be copied but not modified by routers that propagate the Target Up
+ the DODAG in DAO messages.
+
+ Option Type: 0x09
+
+ Option Length: 4
+
+ Descriptor: 32-bit unsigned integer. Opaque.
+
+7. Sequence Counters
+
+ This section describes the general scheme for bootstrap and operation
+ of sequence counters in RPL, such as the DODAGVersionNumber in the
+ DIO message, the DAOSequence in the DAO message, and the Path
+ Sequence in the Transit Information option.
+
+7.1. Sequence Counter Overview
+
+ This specification utilizes three different sequence numbers to
+ validate the freshness and the synchronization of protocol
+ information:
+
+ DODAGVersionNumber: This sequence counter is present in the DIO Base
+ to indicate the Version of the DODAG being formed. The
+ DODAGVersionNumber is monotonically incremented by the root
+ each time the root decides to form a new Version of the DODAG
+ in order to revalidate the integrity and allow a global repair
+ to occur. The DODAGVersionNumber is propagated unchanged Down
+
+
+
+Winter, et al. Standards Track [Page 63]
+
+RFC 6550 RPL March 2012
+
+
+ the DODAG as routers join the new DODAG Version. The
+ DODAGVersionNumber is globally significant in a DODAG and
+ indicates the Version of the DODAG in which a router is
+ operating. An older (lesser) value indicates that the
+ originating router has not migrated to the new DODAG Version
+ and cannot be used as a parent once the receiving node has
+ migrated to the newer DODAG Version.
+
+ DAOSequence: This sequence counter is present in the DAO Base to
+ correlate a DAO message and a DAO ACK message. The DAOSequence
+ number is locally significant to the node that issues a DAO
+ message for its own consumption to detect the loss of a DAO
+ message and enable retries.
+
+ Path Sequence: This sequence counter is present in the Transit
+ Information option in a DAO message. The purpose of this
+ counter is to differentiate a movement where a newer route
+ supersedes a stale one from a route redundancy scenario where
+ multiple routes exist in parallel for the same target. The
+ Path Sequence is globally significant in a DODAG and indicates
+ the freshness of the route to the associated target. An older
+ (lesser) value received from an originating router indicates
+ that the originating router holds stale routing states and the
+ originating router should not be considered anymore as a
+ potential next hop for the target. The Path Sequence is
+ computed by the node that advertises the target, that is the
+ Target itself or a router that advertises a Target on behalf of
+ a host, and is unchanged as the DAO content is propagated
+ towards the root by parent routers. If a host does not pass a
+ counter to its router, then the router is in charge of
+ computing the Path Sequence on behalf of the host and the host
+ can only register to one router for that purpose. If a DAO
+ message containing the same Target is issued to multiple
+ parents at a given point in time for the purpose of route
+ redundancy, then the Path Sequence is the same in all the DAO
+ messages for that same target.
+
+7.2. Sequence Counter Operation
+
+ RPL sequence counters are subdivided in a 'lollipop' fashion
+ [Perlman83], where the values from 128 and greater are used as a
+ linear sequence to indicate a restart and bootstrap the counter, and
+ the values less than or equal to 127 used as a circular sequence
+ number space of size 128 as in [RFC1982]. Consideration is given to
+ the mode of operation when transitioning from the linear region to
+ the circular region. Finally, when operating in the circular region,
+ if sequence numbers are detected to be too far apart, then they are
+ not comparable, as detailed below.
+
+
+
+Winter, et al. Standards Track [Page 64]
+
+RFC 6550 RPL March 2012
+
+
+ A window of comparison, SEQUENCE_WINDOW = 16, is configured based on
+ a value of 2^N, where N is defined to be 4 in this specification.
+
+ For a given sequence counter:
+
+ 1. The sequence counter SHOULD be initialized to an implementation
+ defined value, which is 128 or greater prior to use. A
+ recommended value is 240 (256 - SEQUENCE_WINDOW).
+
+ 2. When a sequence counter increment would cause the sequence
+ counter to increment beyond its maximum value, the sequence
+ counter MUST wrap back to zero. When incrementing a sequence
+ counter greater than or equal to 128, the maximum value is 255.
+ When incrementing a sequence counter less than 128, the maximum
+ value is 127.
+
+ 3. When comparing two sequence counters, the following rules MUST be
+ applied:
+
+ 1. When a first sequence counter A is in the interval [128..255]
+ and a second sequence counter B is in [0..127]:
+
+ 1. If (256 + B - A) is less than or equal to
+ SEQUENCE_WINDOW, then B is greater than A, A is less than
+ B, and the two are not equal.
+
+ 2. If (256 + B - A) is greater than SEQUENCE_WINDOW, then A
+ is greater than B, B is less than A, and the two are not
+ equal.
+
+ For example, if A is 240, and B is 5, then (256 + 5 - 240) is
+ 21. 21 is greater than SEQUENCE_WINDOW (16); thus, 240 is
+ greater than 5. As another example, if A is 250 and B is 5,
+ then (256 + 5 - 250) is 11. 11 is less than SEQUENCE_WINDOW
+ (16); thus, 250 is less than 5.
+
+ 2. In the case where both sequence counters to be compared are
+ less than or equal to 127, and in the case where both
+ sequence counters to be compared are greater than or equal to
+ 128:
+
+ 1. If the absolute magnitude of difference between the two
+ sequence counters is less than or equal to
+ SEQUENCE_WINDOW, then a comparison as described in
+ [RFC1982] is used to determine the relationships greater
+ than, less than, and equal.
+
+
+
+
+
+Winter, et al. Standards Track [Page 65]
+
+RFC 6550 RPL March 2012
+
+
+ 2. If the absolute magnitude of difference of the two
+ sequence counters is greater than SEQUENCE_WINDOW, then a
+ desynchronization has occurred and the two sequence
+ numbers are not comparable.
+
+ 4. If two sequence numbers are determined not to be comparable,
+ i.e., the results of the comparison are not defined, then a node
+ should consider the comparison as if it has evaluated in such a
+ way so as to give precedence to the sequence number that has most
+ recently been observed to increment. Failing this, the node
+ should consider the comparison as if it has evaluated in such a
+ way so as to minimize the resulting changes to its own state.
+
+8. Upward Routes
+
+ This section describes how RPL discovers and maintains Upward routes.
+ It describes the use of DODAG Information Objects (DIOs), the
+ messages used to discover and maintain these routes. It specifies
+ how RPL generates and responds to DIOs. It also describes DODAG
+ Information Solicitation (DIS) messages, which are used to trigger
+ DIO transmissions.
+
+ As mentioned in Section 3.2.8, nodes that decide to join a DODAG MUST
+ provision at least one DODAG parent as a default route for the
+ associated instance. This default route enables a packet to be
+ forwarded Upward until it eventually hits a common ancestor from
+ which it will be routed Downward to the destination. If the
+ destination is not in the DODAG, then the DODAG root may be able to
+ forward the packet using connectivity to the outside of the DODAG; if
+ it cannot forward the packet outside, then the DODAG root has to drop
+ it.
+
+ A DIO message can also transport explicit routing information:
+
+ DODAGID: The DODAGID is a Global or Unique Local IPv6 address of the
+ root. A node that joins a DODAG SHOULD provision a host route
+ via a DODAG parent to the address used by the root as the
+ DODAGID.
+
+ RIO Prefix: The root MAY place one or more Route Information options
+ in a DIO message. The RIO is used to advertise an external
+ route that is reachable via the root, associated with a
+ preference, as presented in Section 6.7.5, which incorporates
+ the RIO from [RFC4191]. It is interpreted as a capability of
+ the root as opposed to a routing advertisement, and it MUST NOT
+ be redistributed in another routing protocol though it SHOULD
+ be used by an ingress RPL router to select a DODAG when a
+ packet is injected in a RPL domain from a node attached to that
+
+
+
+Winter, et al. Standards Track [Page 66]
+
+RFC 6550 RPL March 2012
+
+
+ RPL router. An Objective Function MAY use the routes
+ advertised in RIO or the preference for those routes in order
+ to favor a DODAG versus another one for the same instance.
+
+8.1. DIO Base Rules
+
+ 1. For the following DIO Base fields, a node that is not a DODAG
+ root MUST advertise the same values as its preferred DODAG parent
+ (defined in Section 8.2.1). In this way, these values will
+ propagate Down the DODAG unchanged and advertised by every node
+ that has a route to that DODAG root. These fields are as
+ follows:
+ 1. Grounded (G)
+ 2. Mode of Operation (MOP)
+ 3. DAGPreference (Prf)
+ 4. Version
+ 5. RPLInstanceID
+ 6. DODAGID
+
+ 2. A node MAY update the following fields at each hop:
+ 1. Rank
+ 2. DTSN
+
+ 3. The DODAGID field each root sets MUST be unique within the RPL
+ Instance and MUST be a routable IPv6 address belonging to the
+ root.
+
+8.2. Upward Route Discovery and Maintenance
+
+ Upward route discovery allows a node to join a DODAG by discovering
+ neighbors that are members of the DODAG of interest and identifying a
+ set of parents. The exact policies for selecting neighbors and
+ parents is implementation dependent and driven by the OF. This
+ section specifies the set of rules those policies must follow for
+ interoperability.
+
+8.2.1. Neighbors and Parents within a DODAG Version
+
+ RPL's Upward route discovery algorithms and processing are in terms
+ of three logical sets of link-local nodes. First, the candidate
+ neighbor set is a subset of the nodes that can be reached via link-
+ local multicast. The selection of this set is implementation and OF
+ dependent. Second, the parent set is a restricted subset of the
+ candidate neighbor set. Finally, the preferred parent is a member of
+ the parent set that is the preferred next hop in Upward routes.
+ Conceptually, the preferred parent is a single parent; although, it
+ may be a set of multiple parents if those parents are equally
+ preferred and have identical Rank.
+
+
+
+Winter, et al. Standards Track [Page 67]
+
+RFC 6550 RPL March 2012
+
+
+ More precisely:
+
+ 1. The DODAG parent set MUST be a subset of the candidate neighbor
+ set.
+
+ 2. A DODAG root MUST have a DODAG parent set of size zero.
+
+ 3. A node that is not a DODAG root MAY maintain a DODAG parent set
+ of size greater than or equal to one.
+
+ 4. A node's preferred DODAG parent MUST be a member of its DODAG
+ parent set.
+
+ 5. A node's Rank MUST be greater than all elements of its DODAG
+ parent set.
+
+ 6. When Neighbor Unreachability Detection (NUD) [RFC4861], or an
+ equivalent mechanism, determines that a neighbor is no longer
+ reachable, a RPL node MUST NOT consider this node in the
+ candidate neighbor set when calculating and advertising routes
+ until it determines that it is again reachable. Routes through
+ an unreachable neighbor MUST be removed from the routing table.
+
+ These rules ensure that there is a consistent partial order on nodes
+ within the DODAG. As long as node Ranks do not change, following the
+ above rules ensures that every node's route to a DODAG root is loop-
+ free, as Rank decreases on each hop to the root.
+
+ The OF can guide candidate neighbor set and parent set selection, as
+ discussed in [RFC6552].
+
+8.2.2. Neighbors and Parents across DODAG Versions
+
+ The above rules govern a single DODAG Version. The rules in this
+ section define how RPL operates when there are multiple DODAG
+ Versions.
+
+8.2.2.1. DODAG Version
+
+ 1. The tuple (RPLInstanceID, DODAGID, DODAGVersionNumber) uniquely
+ defines a DODAG Version. Every element of a node's DODAG parent
+ set, as conveyed by the last heard DIO message from each DODAG
+ parent, MUST belong to the same DODAG Version. Elements of a
+ node's candidate neighbor set MAY belong to different DODAG
+ Versions.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 68]
+
+RFC 6550 RPL March 2012
+
+
+ 2. A node is a member of a DODAG Version if every element of its
+ DODAG parent set belongs to that DODAG Version, or if that node
+ is the root of the corresponding DODAG.
+
+ 3. A node MUST NOT send DIOs for DODAG Versions of which it is not a
+ member.
+
+ 4. DODAG roots MAY increment the DODAGVersionNumber that they
+ advertise and thus move to a new DODAG Version. When a DODAG
+ root increments its DODAGVersionNumber, it MUST follow the
+ conventions of Serial Number Arithmetic as described in
+ Section 7. Events triggering the increment of the
+ DODAGVersionNumber are described later in this section and in
+ Section 18.
+
+ 5. Within a given DODAG, a node that is a not a root MUST NOT
+ advertise a DODAGVersionNumber higher than the highest
+ DODAGVersionNumber it has heard. Higher is defined as the
+ greater-than operator in Section 7.
+
+ 6. Once a node has advertised a DODAG Version by sending a DIO, it
+ MUST NOT be a member of a previous DODAG Version of the same
+ DODAG (i.e., with the same RPLInstanceID, the same DODAGID, and a
+ lower DODAGVersionNumber). Lower is defined as the less-than
+ operator in Section 7.
+
+ When the DODAG parent set becomes empty on a node that is not a root,
+ (i.e., the last parent has been removed, causing the node no longer
+ to be associated with that DODAG), then the DODAG information should
+ not be suppressed until after the expiration of an implementation-
+ specific local timer. During the interval prior to suppression of
+ the "old" DODAG state, the node will be able to observe if the
+ DODAGVersionNumber has been incremented should any new parents
+ appear. This will help protect against the possibility of loops that
+ may occur if that node were to inadvertently rejoin the old DODAG
+ Version in its own prior sub-DODAG.
+
+ As the DODAGVersionNumber is incremented, a new DODAG Version spreads
+ outward from the DODAG root. A parent that advertises the new
+ DODAGVersionNumber cannot belong to the sub-DODAG of a node
+ advertising an older DODAGVersionNumber. Therefore, a node can
+ safely add a parent of any Rank with a newer DODAGVersionNumber
+ without forming a loop.
+
+ For example, suppose that a node has left a DODAG with
+ DODAGVersionNumber N. Suppose that a node had a sub-DODAG and did
+ attempt to poison that sub-DODAG by advertising a Rank of
+ INFINITE_RANK, but those advertisements may have become lost in the
+
+
+
+Winter, et al. Standards Track [Page 69]
+
+RFC 6550 RPL March 2012
+
+
+ LLN. Then, if the node did observe a candidate neighbor advertising
+ a position in that original DODAG at DODAGVersionNumber N, that
+ candidate neighbor could possibly have been in the node's former sub-
+ DODAG, and there is a possible case where adding that candidate
+ neighbor as a parent could cause a loop. In this case, if that
+ candidate neighbor is observed to advertise a DODAGVersionNumber N+1,
+ then that candidate neighbor is certain to be safe, since it is
+ certain not to be in that original node's sub-DODAG, as it has been
+ able to increment the DODAGVersionNumber by hearing from the DODAG
+ root while that original node was detached. For this reason, it is
+ useful for the detached node to remember the original DODAG
+ information, including the DODAGVersionNumber N.
+
+ Exactly when a DODAG root increments the DODAGVersionNumber is
+ implementation dependent and out of scope for this specification.
+ Examples include incrementing the DODAGVersionNumber periodically,
+ upon administrative intervention, or on application-level detection
+ of lost connectivity or DODAG inefficiency.
+
+ After a node transitions to and advertises a new DODAG Version, the
+ rules above make it unable to advertise the previous DODAG Version
+ (prior DODAGVersionNumber) once it has committed to advertising the
+ new DODAG Version.
+
+8.2.2.2. DODAG Roots
+
+ 1. A DODAG root without possibility to satisfy the application-
+ defined goal MUST NOT set the Grounded bit.
+
+ 2. A DODAG root MUST advertise a Rank of ROOT_RANK.
+
+ 3. A node whose DODAG parent set is empty MAY become the DODAG root
+ of a floating DODAG. It MAY also set its DAGPreference such that
+ it is less preferred.
+
+ In a deployment that uses non-LLN links to federate a number of LLN
+ roots, it is possible to run RPL over those non-RPL links and use one
+ router as a "backbone root". The backbone root is the virtual root
+ of the DODAG and exposes a Rank of BASE_RANK over the backbone. All
+ the LLN roots that are parented to that backbone root, including the
+ backbone root if it also serves as the LLN root itself, expose a Rank
+ of ROOT_RANK to the LLN. These virtual roots are part of the same
+ DODAG and advertise the same DODAGID. They coordinate
+ DODAGVersionNumbers and other DODAG parameters with the virtual root
+ over the backbone. The method of coordination is out of scope for
+ this specification (to be defined in future companion
+ specifications).
+
+
+
+
+Winter, et al. Standards Track [Page 70]
+
+RFC 6550 RPL March 2012
+
+
+8.2.2.3. DODAG Selection
+
+ The Objective Function and the set of advertised routing metrics and
+ constraints of a DAG determine how a node selects its neighbor set,
+ parent set, and preferred parents. This selection implicitly also
+ determines the DODAG within a DAG. Such selection can include
+ administrative preference (Prf) as well as metrics or other
+ considerations.
+
+ If a node has the option to join a more preferred DODAG while still
+ meeting other optimization objectives, then the node will generally
+ seek to join the more preferred DODAG as determined by the OF. All
+ else being equal, it is left to the implementation to determine which
+ DODAG is most preferred (since, as a reminder, a node must only join
+ one DODAG per RPL Instance).
+
+8.2.2.4. Rank and Movement within a DODAG Version
+
+ 1. A node MUST NOT advertise a Rank less than or equal to any member
+ of its parent set within the DODAG Version.
+
+ 2. A node MAY advertise a Rank lower than its prior advertisement
+ within the DODAG Version.
+
+ 3. Let L be the lowest Rank within a DODAG Version that a given node
+ has advertised. Within the same DODAG Version, that node MUST
+ NOT advertise an effective Rank higher than L +
+ DAGMaxRankIncrease. INFINITE_RANK is an exception to this rule:
+ a node MAY advertise an INFINITE_RANK within a DODAG Version
+ without restriction. If a node's Rank were to be higher than
+ allowed by L + DAGMaxRankIncrease, when it advertises Rank, it
+ MUST advertise its Rank as INFINITE_RANK.
+
+ 4. A node MAY, at any time, choose to join a different DODAG within
+ a RPL Instance. Such a join has no Rank restrictions, unless
+ that different DODAG is a DODAG Version of which this node has
+ previously been a member; in which case, the rule of the previous
+ bullet (3) must be observed. Until a node transmits a DIO
+ indicating its new DODAG membership, it MUST forward packets
+ along the previous DODAG.
+
+ 5. A node MAY, at any time after hearing the next DODAGVersionNumber
+ advertised from suitable DODAG parents, choose to migrate to the
+ next DODAG Version within the DODAG.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 71]
+
+RFC 6550 RPL March 2012
+
+
+ Conceptually, an implementation is maintaining a DODAG parent set
+ within the DODAG Version. Movement entails changes to the DODAG
+ parent set. Moving Up does not present the risk to create a loop but
+ moving Down might, so that operation is subject to additional
+ constraints.
+
+ When a node migrates to the next DODAG Version, the DODAG parent set
+ needs to be rebuilt for the new Version. An implementation could
+ defer to migrate for some reasonable amount of time, to see if some
+ other neighbors with potentially better metrics but higher Rank
+ announce themselves. Similarly, when a node jumps into a new DODAG,
+ it needs to construct a new DODAG parent set for this new DODAG.
+
+ If a node needs to move Down a DODAG that it is attached to,
+ increasing its Rank, then it MAY poison its routes and delay before
+ moving as described in Section 8.2.2.5.
+
+ A node is allowed to join any DODAG Version that it has never been a
+ prior member of without any restrictions, but if the node has been a
+ prior member of the DODAG Version, then it must continue to observe
+ the rule that it may not advertise a Rank higher than
+ L+DAGMaxRankIncrease at any point in the life of the DODAG Version.
+ This rule must be observed so as not to create a loophole that would
+ allow the node to effectively increment its Rank all the way to
+ INFINITE_RANK, which may have impact on other nodes and create a
+ resource-wasting count-to-infinity scenario.
+
+8.2.2.5. Poisoning
+
+ 1. A node poisons routes by advertising a Rank of INFINITE_RANK.
+
+ 2. A node MUST NOT have any nodes with a Rank of INFINITE_RANK in
+ its parent set.
+
+ Although an implementation may advertise INFINITE_RANK for the
+ purposes of poisoning, doing so is not the same as setting Rank to
+ INFINITE_RANK. For example, a node may continue to send data packets
+ whose RPL Packet Information includes a Rank that is not
+ INFINITE_RANK, yet still advertise INFINITE_RANK in its DIOs.
+
+ When a (former) parent is observed to advertise a Rank of
+ INFINITE_RANK, that (former) parent has detached from the DODAG and
+ is no longer able to act as a parent, nor is there any way that
+ another node may be considered to have a Rank greater-than
+ INFINITE_RANK. Therefore, that (former) parent cannot act as a
+ parent any longer and is removed from the parent set.
+
+
+
+
+
+Winter, et al. Standards Track [Page 72]
+
+RFC 6550 RPL March 2012
+
+
+8.2.2.6. Detaching
+
+ 1. A node unable to stay connected to a DODAG within a given DODAG
+ Version, i.e., that cannot retain non-empty parent set without
+ violating the rules of this specification, MAY detach from this
+ DODAG Version. A node that detaches becomes the root of its own
+ floating DODAG and SHOULD immediately advertise this new
+ situation in a DIO as an alternate to poisoning.
+
+8.2.2.7. Following a Parent
+
+ 1. If a node receives a DIO from one of its DODAG parents,
+ indicating that the parent has left the DODAG, that node SHOULD
+ stay in its current DODAG through an alternative DODAG parent, if
+ possible. It MAY follow the leaving parent.
+
+ A DODAG parent may have moved, migrated to the next DODAG Version, or
+ jumped to a different DODAG. A node ought to give some preference to
+ remaining in the current DODAG, if possible via an alternate parent,
+ but ought to follow the parent if there are no other options.
+
+8.2.3. DIO Message Communication
+
+ When a DIO message is received, the receiving node must first
+ determine whether or not the DIO message should be accepted for
+ further processing, and subsequently present the DIO message for
+ further processing if eligible.
+
+ 1. If the DIO message is malformed, then the DIO message is not
+ eligible for further processing and a node MUST silently discard
+ it. (See Section 18 for error logging).
+
+ 2. If the sender of the DIO message is a member of the candidate
+ neighbor set and the DIO message is not malformed, the node MUST
+ process the DIO.
+
+8.2.3.1. DIO Message Processing
+
+ As DIO messages are received from candidate neighbors, the neighbors
+ may be promoted to DODAG parents by following the rules of DODAG
+ discovery as described in Section 8.2. When a node places a neighbor
+ into the DODAG parent set, the node becomes attached to the DODAG
+ through the new DODAG parent node.
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 73]
+
+RFC 6550 RPL March 2012
+
+
+ The most preferred parent should be used to restrict which other
+ nodes may become DODAG parents. Some nodes in the DODAG parent set
+ may be of a Rank less than or equal to the most preferred DODAG
+ parent. (This case may occur, for example, if an energy-constrained
+ device is at a lesser Rank but should be avoided per an optimization
+ objective, resulting in a more preferred parent at a greater Rank.)
+
+8.3. DIO Transmission
+
+ RPL nodes transmit DIOs using a Trickle timer [RFC6206]. A DIO from
+ a sender with a lesser DAGRank that causes no changes to the
+ recipient's parent set, preferred parent, or Rank SHOULD be
+ considered consistent with respect to the Trickle timer.
+
+ The following packets and events MUST be considered inconsistencies
+ with respect to the Trickle timer, and cause the Trickle timer to
+ reset:
+
+ o When a node detects an inconsistency when forwarding a packet, as
+ detailed in Section 11.2.
+
+ o When a node receives a multicast DIS message without a Solicited
+ Information option, unless a DIS flag restricts this behavior.
+
+ o When a node receives a multicast DIS with a Solicited Information
+ option and the node matches all of the predicates in the Solicited
+ Information option, unless a DIS flag restricts this behavior.
+
+ o When a node joins a new DODAG Version (e.g., by updating its
+ DODAGVersionNumber, joining a new RPL Instance, etc.).
+
+ Note that this list is not exhaustive, and an implementation MAY
+ consider other messages or events to be inconsistencies.
+
+ A node SHOULD NOT reset its DIO Trickle timer in response to unicast
+ DIS messages. When a node receives a unicast DIS without a Solicited
+ Information option, it MUST unicast a DIO to the sender in response.
+ This DIO MUST include a DODAG Configuration option. When a node
+ receives a unicast DIS message with a Solicited Information option
+ and matches the predicates of that Solicited Information option, it
+ MUST unicast a DIO to the sender in response. This unicast DIO MUST
+ include a DODAG Configuration option. Thus, a node MAY transmit a
+ unicast DIS message to a potential DODAG parent in order to probe for
+ DODAG Configuration and other parameters.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 74]
+
+RFC 6550 RPL March 2012
+
+
+8.3.1. Trickle Parameters
+
+ The configuration parameters of the Trickle timer are specified as
+ follows:
+
+ Imin: learned from the DIO message as (2^DIOIntervalMin) ms. The
+ default value of DIOIntervalMin is DEFAULT_DIO_INTERVAL_MIN.
+
+ Imax: learned from the DIO message as DIOIntervalDoublings. The
+ default value of DIOIntervalDoublings is
+ DEFAULT_DIO_INTERVAL_DOUBLINGS.
+
+ k: learned from the DIO message as DIORedundancyConstant. The
+ default value of DIORedundancyConstant is
+ DEFAULT_DIO_REDUNDANCY_CONSTANT. In RPL, when k has the value
+ of 0x00, this is to be treated as a redundancy constant of
+ infinity in RPL, i.e., Trickle never suppresses messages.
+
+8.4. DODAG Selection
+
+ The DODAG selection is implementation and OF dependent. In order to
+ limit erratic movements, and all metrics being equal, nodes SHOULD
+ keep their previous selection. Also, nodes SHOULD provide a means to
+ filter out a parent whose availability is detected as fluctuating, at
+ least when more stable choices are available.
+
+ When connection to a grounded DODAG is not possible or preferable for
+ security or other reasons, scattered DODAGs MAY aggregate as much as
+ possible into larger DODAGs in order to allow connectivity within the
+ LLN.
+
+ A node SHOULD verify that bidirectional connectivity and adequate
+ link quality is available with a candidate neighbor before it
+ considers that candidate as a DODAG parent.
+
+8.5. Operation as a Leaf Node
+
+ In some cases, a RPL node may attach to a DODAG as a leaf node only.
+ One example of such a case is when a node does not understand or does
+ not support (policy) the RPL Instance's OF or advertised metric/
+ constraint. As specified in Section 18.6, related to policy
+ function, the node may either join the DODAG as a leaf node or may
+ not join the DODAG. As mentioned in Section 18.5, it is then
+ recommended to log a fault.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 75]
+
+RFC 6550 RPL March 2012
+
+
+ A leaf node does not extend DODAG connectivity; however, in some
+ cases, the leaf node may still need to transmit DIOs on occasion, in
+ particular, when the leaf node may not have always been acting as a
+ leaf node and an inconsistency is detected.
+
+ A node operating as a leaf node must obey the following rules:
+
+ 1. It MUST NOT transmit DIOs containing the DAG Metric Container.
+
+ 2. Its DIOs MUST advertise a DAGRank of INFINITE_RANK.
+
+ 3. It MAY suppress DIO transmission, unless the DIO transmission has
+ been triggered due to detection of inconsistency when a packet is
+ being forwarded or in response to a unicast DIS message, in which
+ case the DIO transmission MUST NOT be suppressed.
+
+ 4. It MAY transmit unicast DAOs as described in Section 9.2.
+
+ 5. It MAY transmit multicast DAOs to the '1 hop' neighborhood as
+ described in Section 9.10.
+
+ A particular case that requires a leaf node to send a DIO is if that
+ leaf node was a prior member of another DODAG and another node
+ forwards a message assuming the old topology, triggering an
+ inconsistency. The leaf node needs to transmit a DIO in order to
+ repair the inconsistency. Note that due to the lossy nature of LLNs,
+ even though the leaf node may have optimistically poisoned its routes
+ by advertising a Rank of INFINITE_RANK in the old DODAG prior to
+ becoming a leaf node, that advertisement may have become lost and a
+ leaf node must be capable to send a DIO later in order to repair the
+ inconsistency.
+
+ In the general case, the leaf node MUST NOT advertise itself as a
+ router (i.e., send DIOs).
+
+8.6. Administrative Rank
+
+ In some cases, it might be beneficial to adjust the Rank advertised
+ by a node beyond that computed by the OF based on some
+ implementation-specific policy and properties of the node. For
+ example, a node that has a limited battery should be a leaf unless
+ there is no other choice, and may then augment the Rank computation
+ specified by the OF in order to expose an exaggerated Rank.
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 76]
+
+RFC 6550 RPL March 2012
+
+
+9. Downward Routes
+
+ This section describes how RPL discovers and maintains Downward
+ routes. RPL constructs and maintains Downward routes with
+ Destination Advertisement Object (DAO) messages. Downward routes
+ support P2MP flows, from the DODAG roots toward the leaves. Downward
+ routes also support P2P flows: P2P messages can flow toward a DODAG
+ root (or a common ancestor) through an Upward route, then away from
+ the DODAG root to a destination through a Downward route.
+
+ This specification describes the two modes a RPL Instance may choose
+ from for maintaining Downward routes. In the first mode, called
+ "Storing", nodes store Downward routing tables for their sub-DODAG.
+ Each hop on a Downward route in a storing network examines its
+ routing table to decide on the next hop. In the second mode, called
+ "Non-Storing", nodes do not store Downward routing tables. Downward
+ packets are routed with source routes populated by a DODAG root
+ [RFC6554].
+
+ RPL allows a simple one-hop P2P optimization for both storing and
+ non-storing networks. A node may send a P2P packet destined to a
+ one-hop neighbor directly to that node.
+
+9.1. Destination Advertisement Parents
+
+ To establish Downward routes, RPL nodes send DAO messages Upward.
+ The next-hop destinations of these DAO messages are called "DAO
+ parents". The collection of a node's DAO parents is called the "DAO
+ parent set".
+
+ 1. A node MAY send DAO messages using the all-RPL-nodes multicast
+ address, which is an optimization to provision one-hop routing.
+ The 'K' bit MUST be cleared on transmission of the multicast DAO.
+
+ 2. A node's DAO parent set MUST be a subset of its DODAG parent set.
+
+ 3. In Storing mode operation, a node MUST NOT address unicast DAO
+ messages to nodes that are not DAO parents.
+
+ 4. In Storing mode operation, the IPv6 source and destination
+ addresses of a DAO message MUST be link-local addresses.
+
+ 5. In Non-Storing mode operation, a node MUST NOT address unicast
+ DAO messages to nodes that are not DODAG roots.
+
+ 6. In Non-Storing mode operation, the IPv6 source and destination
+ addresses of a DAO message MUST be a unique-local or a global
+ address.
+
+
+
+Winter, et al. Standards Track [Page 77]
+
+RFC 6550 RPL March 2012
+
+
+ The selection of DAO parents is implementation and Objective Function
+ specific.
+
+9.2. Downward Route Discovery and Maintenance
+
+ Destination Advertisement may be configured to be entirely disabled,
+ or operate in either a Storing or Non-Storing mode, as reported in
+ the MOP in the DIO message.
+
+ 1. All nodes who join a DODAG MUST abide by the MOP setting from the
+ root. Nodes that do not have the capability to fully participate
+ as a router, e.g., that do not match the advertised MOP, MAY join
+ the DODAG as a leaf.
+
+ 2. If the MOP is 0, indicating no Downward routing, nodes MUST NOT
+ transmit DAO messages and MAY ignore DAO messages.
+
+ 3. In Non-Storing mode, the DODAG root SHOULD store source routing
+ table entries for destinations learned from DAOs. The DODAG root
+ MUST be able to generate source routes for those destinations
+ learned from DAOs that were stored.
+
+ 4. In Storing mode, all non-root, non-leaf nodes MUST store routing
+ table entries for destinations learned from DAOs.
+
+ A DODAG can have one of several possible modes of operation, as
+ defined by the MOP field. Either it does not support Downward
+ routes, it supports Downward routes through source routing from DODAG
+ roots, or it supports Downward routes through in-network routing
+ tables.
+
+ When Downward routes are supported through source routing from DODAG
+ roots, it is generally expected that the DODAG root has stored the
+ source routing information learned from DAOs in order to construct
+ the source routes. If the DODAG root fails to store some
+ information, then some destinations may be unreachable.
+
+ When Downward routes are supported through in-network routing tables,
+ the multicast operation defined in this specification may or may not
+ be supported, also as indicated by the MOP field.
+
+ When Downward routes are supported through in-network routing tables,
+ as described in this specification, it is expected that nodes acting
+ as routers have been provisioned sufficiently to hold the required
+ routing table state. If a node acting as a router is unable to hold
+ the full routing table state then the routing state is not complete,
+
+
+
+
+
+Winter, et al. Standards Track [Page 78]
+
+RFC 6550 RPL March 2012
+
+
+ messages may be dropped as a consequence, and a fault may be logged
+ (Section 18.5). Future extensions to RPL may elaborate on refined
+ actions/behaviors to manage this case.
+
+ As of the writing of this specification, RPL does not support mixed-
+ mode operation, where some nodes source route and other store routing
+ tables: future extensions to RPL may support this mode of operation.
+
+9.2.1. Maintenance of Path Sequence
+
+ For each Target that is associated with (owned by) a node, that node
+ is responsible to emit DAO messages in order to provision the
+ Downward routes. The Target+Transit information contained in those
+ DAO messages subsequently propagates Up the DODAG. The Path Sequence
+ counter in the Transit information option is used to indicate
+ freshness and update stale Downward routing information as described
+ in Section 7.
+
+ For a Target that is associated with (owned by) a node, that node
+ MUST increment the Path Sequence counter, and generate a new DAO
+ message, when:
+
+ 1. the Path Lifetime is to be updated (e.g., a refresh or a no-
+ Path).
+
+ 2. the DODAG Parent Address subfield list is to be changed.
+
+ For a Target that is associated with (owned by) a node, that node MAY
+ increment the Path Sequence counter, and generate a new DAO message,
+ on occasion in order to refresh the Downward routing information. In
+ Storing mode, the node generates such a DAO to each of its DAO
+ parents in order to enable multipath. All DAOs generated at the same
+ time for the same Target MUST be sent with the same Path Sequence in
+ the Transit Information.
+
+9.2.2. Generation of DAO Messages
+
+ A node might send DAO messages when it receives DAO messages, as a
+ result of changes in its DAO parent set, or in response to another
+ event such as the expiry of a related prefix lifetime. In the case
+ of receiving DAOs, it matters whether the DAO message is "new" or
+ contains new information. In Non-Storing mode, every DAO message a
+ node receives is "new". In Storing mode, a DAO message is "new" if
+ it satisfies any of these criteria for a contained Target:
+
+ 1. it has a newer Path Sequence number,
+
+ 2. it has additional Path Control bits, or
+
+
+
+Winter, et al. Standards Track [Page 79]
+
+RFC 6550 RPL March 2012
+
+
+ 3. it is a No-Path DAO message that removes the last Downward route
+ to a prefix.
+
+ A node that receives a DAO message from its sub-DODAG MAY suppress
+ scheduling a DAO message transmission if that DAO message is not new.
+
+9.3. DAO Base Rules
+
+ 1. If a node sends a DAO message with newer or different information
+ than the prior DAO message transmission, it MUST increment the
+ DAOSequence field by at least one. A DAO message transmission
+ that is identical to the prior DAO message transmission MAY
+ increment the DAOSequence field.
+
+ 2. The RPLInstanceID and DODAGID fields of a DAO message MUST be the
+ same value as the members of the node's parent set and the DIOs
+ it transmits.
+
+ 3. A node MAY set the 'K' flag in a unicast DAO message to solicit a
+ unicast DAO-ACK in response in order to confirm the attempt.
+
+ 4. A node receiving a unicast DAO message with the 'K' flag set
+ SHOULD respond with a DAO-ACK. A node receiving a DAO message
+ without the 'K' flag set MAY respond with a DAO-ACK, especially
+ to report an error condition.
+
+ 5. A node that sets the 'K' flag in a unicast DAO message but does
+ not receive a DAO-ACK in response MAY reschedule the DAO message
+ transmission for another attempt, up until an implementation-
+ specific number of retries.
+
+ 6. Nodes SHOULD ignore DAOs without newer sequence numbers and MUST
+ NOT process them further.
+
+ Unlike the Version field of a DIO, which is incremented only by a
+ DODAG root and repeated unchanged by other nodes, DAOSequence values
+ are unique to each node. The sequence number space for unicast and
+ multicast DAO messages can be either the same or distinct. It is
+ RECOMMENDED to use the same sequence number space.
+
+9.4. Structure of DAO Messages
+
+ DAOs follow a common structure in both storing and non-storing
+ networks. In the most general form, a DAO message may include
+ several groups of options, where each group consists of one or more
+ Target options followed by one or more Transit Information options.
+
+
+
+
+
+Winter, et al. Standards Track [Page 80]
+
+RFC 6550 RPL March 2012
+
+
+ The entire group of Transit Information options applies to the entire
+ group of Target options. Later sections describe further details for
+ each mode of operation.
+
+ 1. RPL nodes MUST include one or more RPL Target options in each DAO
+ message they transmit. One RPL Target option MUST have a prefix
+ that includes the node's IPv6 address if that node needs the
+ DODAG to provision Downward routes to that node. The RPL Target
+ option MAY be immediately followed by an opaque RPL Target
+ Descriptor option that qualifies it.
+
+ 2. When a node updates the information in a Transit Information
+ option for a Target option that covers one of its addresses, it
+ MUST increment the Path Sequence number in that Transit
+ Information option. The Path Sequence number MAY be incremented
+ occasionally to cause a refresh to the Downward routes.
+
+ 3. One or more RPL Target options in a unicast DAO message MUST be
+ followed by one or more Transit Information options. All the
+ transit options apply to all the Target options that immediately
+ precede them.
+
+ 4. Multicast DAOs MUST NOT include the DODAG Parent Address subfield
+ in Transit Information options.
+
+ 5. A node that receives and processes a DAO message containing
+ information for a specific Target, and that has prior information
+ for that Target, MUST use the Path Sequence number in the Transit
+ Information option associated with that Target in order to
+ determine whether or not the DAO message contains updated
+ information per Section 7.
+
+ 6. If a node receives a DAO message that does not follow the above
+ rules, it MUST discard the DAO message without further
+ processing.
+
+ In Non-Storing mode, the root builds a strict source routing header,
+ hop-by-hop, by recursively looking up one-hop information that ties a
+ Target (address or prefix) and a transit address together. In some
+ cases, when a child address is derived from a prefix that is owned
+ and advertised by a parent, that parent-child relationship may be
+ inferred by the root for the purpose of constructing the source
+ routing header. In all other cases, it is necessary to inform the
+ root of the transit-Target relationship from a reachable target, so
+ as to later enable the recursive construction of the routing header.
+ An address that is advertised as a Target in a DAO message MUST be
+ collocated in the same router, or reachable on-link by the router
+
+
+
+
+Winter, et al. Standards Track [Page 81]
+
+RFC 6550 RPL March 2012
+
+
+ that owns the address that is indicated in the associated Transit
+ Information. The following additional rules apply to ensure the
+ continuity of the end-to-end source route path:
+
+ 1. The address of a parent used in the transit option MUST be taken
+ from a PIO from that parent with the 'R' flag set. The 'R' flag
+ in a PIO indicates that the prefix field actually contains the
+ full parent address but the child SHOULD NOT assume that the
+ parent address is on-link.
+
+ 2. A PIO with an 'A' flag set indicates that the RPL child node may
+ use the prefix to autoconfigure an address. A parent that
+ advertises a prefix in a PIO with the 'A' flag set MUST ensure
+ that the address or the whole prefix in the PIO is reachable from
+ the root by advertising it as a DAO target. If the parent also
+ sets the 'L' flag indicating that the prefix is on-link, then it
+ MUST advertise the whole prefix as Target in a DAO message. If
+ the 'L' flag is cleared and the 'R' flag is set, indicating that
+ the parent provides its own address in the PIO, then the parent
+ MUST advertise that address as a DAO target.
+
+ 3. An address that is advertised as Target in a DAO message MUST be
+ collocated in the same router or reachable on-link by the router
+ that owns the address that is indicated in the associated Transit
+ Information.
+
+ 4. In order to enable an optimum compression of the routing header,
+ the parent SHOULD set the 'R' flag in all PIOs with the 'A' flag
+ set and the 'L' flag cleared, and the child SHOULD prefer to use
+ as transit the address of the parent that is found in the PIO
+ that is used to autoconfigure the address that is advertised as
+ Target in the DAO message.
+
+ 5. A router might have targets that are not known to be on-link for
+ a parent, either because they are addresses located on an
+ alternate interface or because they belong to nodes that are
+ external to RPL, for instance connected hosts. In order to
+ inject such a Target in the RPL network, the router MUST
+ advertise itself as the DODAG Parent Address subfield in the
+ Transit Information option for that target, using an address that
+ is on-link for that nodes DAO parent. If the Target belongs to
+ an external node, then the router MUST set the External 'E' flag
+ in the Transit Information.
+
+ A child node that has autoconfigured an address from a parent PIO
+ with the 'L' flag set does not need to advertise that address as a
+ DAO Target since the parent ensures that the whole prefix is already
+ reachable from the root. However, if the 'L' flag is not set, then
+
+
+
+Winter, et al. Standards Track [Page 82]
+
+RFC 6550 RPL March 2012
+
+
+ it is necessary, in Non-Storing mode, for the child node to inform
+ the root of the parent-child relationship, using a reachable address
+ of the parent, so as to enable the recursive construction of the
+ routing header. This is done by associating an address of the parent
+ as transit with the address of the child as Target in a DAO message.
+
+9.5. DAO Transmission Scheduling
+
+ Because DAOs flow Upward, receiving a unicast DAO can trigger sending
+ a unicast DAO to a DAO parent.
+
+ 1. On receiving a unicast DAO message with updated information, such
+ as containing a Transit Information option with a new Path
+ Sequence, a node SHOULD send a DAO. It SHOULD NOT send this DAO
+ message immediately. It SHOULD delay sending the DAO message in
+ order to aggregate DAO information from other nodes for which it
+ is a DAO parent.
+
+ 2. A node SHOULD delay sending a DAO message with a timer
+ (DelayDAO). Receiving a DAO message starts the DelayDAO timer.
+ DAO messages received while the DelayDAO timer is active do not
+ reset the timer. When the DelayDAO timer expires, the node sends
+ a DAO.
+
+ 3. When a node adds a node to its DAO parent set, it SHOULD schedule
+ a DAO message transmission.
+
+ DelayDAO's value and calculation is implementation dependent. A
+ default value of DEFAULT_DAO_DELAY is defined in this specification.
+
+9.6. Triggering DAO Messages
+
+ Nodes can trigger their sub-DODAG to send DAO messages. Each node
+ maintains a DAO Trigger Sequence Number (DTSN), which it communicates
+ through DIO messages.
+
+ 1. If a node hears one of its DAO parents increment its DTSN, the
+ node MUST schedule a DAO message transmission using rules in
+ Sections 9.3 and 9.5.
+
+ 2. In Non-Storing mode, if a node hears one of its DAO parents
+ increment its DTSN, the node MUST increment its own DTSN.
+
+ In a Storing mode of operation, as part of routine routing table
+ updates and maintenance, a storing node MAY increment DTSN in order
+ to reliably trigger a set of DAO updates from its immediate children.
+
+
+
+
+
+Winter, et al. Standards Track [Page 83]
+
+RFC 6550 RPL March 2012
+
+
+ In a Storing mode of operation, it is not necessary to trigger DAO
+ updates from the entire sub-DODAG, since that state information will
+ propagate hop-by-hop Up the DODAG.
+
+ In a Non-Storing mode of operation, a DTSN increment will also cause
+ the immediate children of a node to increment their DTSN in turn,
+ triggering a set of DAO updates from the entire sub-DODAG.
+ Typically, in a Non-Storing mode of operation, only the root would
+ independently increment the DTSN when a DAO refresh is needed but a
+ global repair (such as by incrementing DODAGVersionNumber) is not
+ desired. Typically, in a Non-Storing mode of operation, all non-root
+ nodes would increment their DTSN only when their parent(s) are
+ observed to do so.
+
+ In general, a node may trigger DAO updates according to
+ implementation-specific logic, such as based on the detection of a
+ Downward route inconsistency or occasionally based upon an internal
+ timer.
+
+ In a storing network, selecting a proper DelayDAO for triggered DAOs
+ can greatly reduce the number of DAOs transmitted. The trigger flows
+ Down the DODAG; in the best case, the DAOs flow Up the DODAG such
+ that leaves send DAOs first, with each node sending a DAO message
+ only once. Such a scheduling could be approximated by setting
+ DelayDAO inversely proportional to Rank. Note that this suggestion
+ is intended as an optimization to allow efficient aggregation (it is
+ not required for correct operation in the general case).
+
+9.7. Non-Storing Mode
+
+ In Non-Storing mode, RPL routes messages Downward using IP source
+ routing. The following rule applies to nodes that are in Non-Storing
+ mode. Storing mode has a separate set of rules, described in
+ Section 9.8.
+
+ 1. The DODAG Parent Address subfield of a Transit Information option
+ MUST contain one or more addresses. All of these addresses MUST
+ be addresses of DAO parents of the sender.
+
+ 2. DAOs are sent directly to the root along a default route
+ installed as part of the parent selection.
+
+ 3. When a node removes a node from its DAO parent set, it MAY
+ generate a new DAO message with an updated Transit Information
+ option.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 84]
+
+RFC 6550 RPL March 2012
+
+
+ In Non-Storing mode, a node uses DAOs to report its DAO parents to
+ the DODAG root. The DODAG root can piece together a Downward route
+ to a node by using DAO parent sets from each node in the route. The
+ Path Sequence information may be used to detect stale DAO
+ information. The purpose of this per-hop route calculation is to
+ minimize traffic when DAO parents change. If nodes reported complete
+ source routes, then on a DAO parent change, the entire sub-DODAG
+ would have to send new DAOs to the DODAG root. Therefore, in Non-
+ Storing mode, a node can send a single DAO, although it might choose
+ to send more than one DAO message to each of multiple DAO parents.
+
+ Nodes pack DAOs by sending a single DAO message with multiple RPL
+ Target options. Each RPL Target option has its own, immediately
+ following, Transit Information options.
+
+9.8. Storing Mode
+
+ In Storing mode, RPL routes messages Downward by the IPv6 destination
+ address. The following rules apply to nodes that are in Storing
+ mode:
+
+ 1. The DODAG Parent Address subfield of a Transmit Information
+ option MUST be empty.
+
+ 2. On receiving a unicast DAO, a node MUST compute if the DAO would
+ change the set of prefixes that the node itself advertises. This
+ computation SHOULD include consultation of the Path Sequence
+ information in the Transit Information options associated with
+ the DAO, to determine if the DAO message contains newer
+ information that supersedes the information already stored at the
+ node. If so, the node MUST generate a new DAO message and
+ transmit it, following the rules in Section 9.5. Such a change
+ includes receiving a No-Path DAO.
+
+ 3. When a node generates a new DAO, it SHOULD unicast it to each of
+ its DAO parents. It MUST NOT unicast the DAO message to nodes
+ that are not DAO parents.
+
+ 4. When a node removes a node from its DAO parent set, it SHOULD
+ send a No-Path DAO message (Section 6.4.3) to that removed DAO
+ parent to invalidate the existing route.
+
+ 5. If messages to an advertised Downward address suffer from a
+ forwarding error, Neighbor Unreachable Detection (NUD), or
+ similar failure, a node MAY mark the address as unreachable and
+ generate an appropriate No-Path DAO.
+
+
+
+
+
+Winter, et al. Standards Track [Page 85]
+
+RFC 6550 RPL March 2012
+
+
+ DAOs advertise to which destination addresses and prefixes a node has
+ routes. Unlike in Non-Storing mode, these DAOs do not communicate
+ information about the routes themselves: that information is stored
+ within the network and is implicit from the IPv6 source address.
+ When a storing node generates a DAO, it uses the stored state of DAOs
+ it has received to produce a set of RPL Target options and their
+ associated Transmit Information options.
+
+ Because this information is stored within each node's routing tables,
+ in Storing mode, DAOs are communicated directly to DAO parents, who
+ store this information.
+
+9.9. Path Control
+
+ A DAO message from a node contains one or more Target options. Each
+ Target option specifies either a prefix advertised by the node, a
+ prefix of addresses reachable outside the LLN, the address of a
+ destination in the node's sub-DODAG, or a multicast group to which a
+ node in the sub-DODAG is listening. The Path Control field of the
+ Transit Information option allows nodes to request or allow for
+ multiple Downward routes. A node constructs the Path Control field
+ of a Transit Information option as follows:
+
+ 1. The bit width of the Path Control field MUST be equal to the
+ value (PCS + 1), where PCS is specified in the control field of
+ the DODAG Configuration option. Bits greater than or equal to
+ the value (PCS + 1) MUST be cleared on transmission and MUST be
+ ignored on reception. Bits below that value are considered
+ "active" bits.
+
+ 2. The node MUST logically construct groupings of its DAO parents
+ while populating the Path Control field, where each group
+ consists of DAO parents of equal preference. Those groups MUST
+ then be ordered according to preference, which allows for a
+ logical mapping of DAO parents onto Path Control subfields (see
+ Figure 27). Groups MAY be repeated in order to extend over the
+ entire bit width of the patch control field, but the order,
+ including repeated groups, MUST be retained so that preference is
+ properly communicated.
+
+ 3. For a RPL Target option describing a node's own address or a
+ prefix outside the LLN, at least one active bit of the Path
+ Control field MUST be set. More active bits of the Path Control
+ field MAY be set.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 86]
+
+RFC 6550 RPL March 2012
+
+
+ 4. If a node receives multiple DAOs with the same RPL Target option,
+ it MUST bitwise-OR the Path Control fields it receives. This
+ aggregated bitwise-OR represents the number of Downward routes
+ the prefix requests.
+
+ 5. When a node sends a DAO message to one of its DAO parents, it
+ MUST select one or more of the bits that are set active in the
+ subfield that is mapped to the group containing that DAO parent
+ from the aggregated Path Control field. A given bit can only be
+ presented as active to one parent. The DAO message it transmits
+ to its parent MUST have these active bits set and all other
+ active bits cleared.
+
+ 6. For the RPL Target option and DAOSequence number, the DAOs a node
+ sends to different DAO parents MUST have disjoint sets of active
+ Path Control bits. A node MUST NOT set the same active bit on
+ DAOs to two different DAO parents.
+
+ 7. Path Control bits SHOULD be allocated according to the preference
+ mapping of DAO parents onto Path Control subfields, such that the
+ active Path Control bits, or groupings of bits, that belong to a
+ particular Path Control subfield are allocated to DAO parents
+ within the group that was mapped to that subfield.
+
+ 8. In a Non-Storing mode of operation, a node MAY pass DAOs through
+ without performing any further processing on the Path Control
+ field.
+
+ 9. A node MUST NOT unicast a DAO message that has no active bits in
+ the Path Control field set. It is possible that, for a given
+ Target option, a node does not have enough aggregate Path Control
+ bits to send a DAO message containing that Target to each of its
+ DAO parents, in which case those least preferred DAO Parents may
+ not get a DAO message for that Target.
+
+ The Path Control field allows a node to bound how many Downward
+ routes will be generated to it. It sets a number of bits in the Path
+ Control field equal to the maximum number of Downward routes it
+ prefers. At most, each bit is sent to one DAO parent; clusters of
+ bits can be sent to a single DAO parent for it to divide among its
+ own DAO parents.
+
+ A node that provisions a DAO route for a Target that has an
+ associated Path Control field SHOULD use the content of that Path
+ Control field in order to determine an order of preference among
+ multiple alternative DAO routes for that Target. The Path Control
+ field assignment is derived from preference (of the DAO parents), as
+ determined on the basis of this node's best knowledge of the "end-to-
+
+
+
+Winter, et al. Standards Track [Page 87]
+
+RFC 6550 RPL March 2012
+
+
+ end" aggregated metrics in the Downward direction as per the
+ Objective Function. In Non-Storing mode the root can determine the
+ Downward route by aggregating the information from each received DAO,
+ which includes the Path Control indications of preferred DAO parents.
+
+9.9.1. Path Control Example
+
+ Suppose that there is an LLN operating in Storing mode that contains
+ a Node N with four parents, P1, P2, P3, and P4. Let N have three
+ children, C1, C2, and C3 in its sub-DODAG. Let PCS be 7, such that
+ there will be 8 active bits in the Path Control field: 11111111b.
+ Consider the following example:
+
+ The Path Control field is split into four subfields, PC1 (11000000b),
+ PC2 (00110000b), PC3 (00001100b), and PC4 (00000011b), such that
+ those four subfields represent four different levels of preference
+ per Figure 27. The implementation at Node N, in this example, groups
+ {P1, P2} to be of equal preference to each other and the most
+ preferred group overall. {P3} is less preferred to {P1, P2}, and more
+ preferred to {P4}. Let Node N then perform its Path Control mapping
+ such that:
+
+ {P1, P2} -> PC1 (11000000b) in the Path Control field
+ {P3} -> PC2 (00110000b) in the Path Control field
+ {P4} -> PC3 (00001100b) in the Path Control field
+ {P4} -> PC4 (00000011b) in the Path Control field
+
+ Note that the implementation repeated {P4} in order to get complete
+ coverage of the Path Control field.
+
+ 1. Let C1 send a DAO containing a Target T with a Path Control
+ 10000000b. Node N stores an entry associating 10000000b with
+ the Path Control field for C1 and Target T.
+
+ 2. Let C2 send a DAO containing a Target T with a Path Control
+ 00010000b. Node N stores an entry associating 00010000b with
+ the Path Control field for C1 and Target T.
+
+ 3. Let C3 send a DAO containing a Target T with a Path Control
+ 00001100b. Node N stores an entry associating 00001100b with
+ the Path Control field for C1 and Target T.
+
+ 4. At some later time, Node N generates a DAO for Target T. Node N
+ will construct an aggregate Path Control field by ORing together
+ the contribution from each of its children that have given a DAO
+ for Target T. Thus, the aggregate Path Control field has the
+ active bits set as: 10011100b.
+
+
+
+
+Winter, et al. Standards Track [Page 88]
+
+RFC 6550 RPL March 2012
+
+
+ 5. Node N then distributes the aggregate Path Control bits among
+ its parents P1, P2, P3, and P4 in order to prepare the DAO
+ messages.
+
+ 6. P1 and P2 are eligible to receive active bits from the most
+ preferred subfield (11000000b). Those bits are 10000000b in the
+ aggregate Path Control field. Node N must set the bit to one of
+ the two parents only. In this case, Node P1 is allocated the
+ bit and gets the Path Control field 10000000b for its DAO.
+ There are no bits left to allocate to Node P2; thus, Node P2
+ would have a Path Control field of 00000000b and a DAO cannot be
+ generated to Node P2 since there are no active bits.
+
+ 7. The second-most preferred subfield (00110000b) has the active
+ bits 00010000b. Node N has mapped P3 to this subfield. Node N
+ may allocates the active bit to P3, constructing a DAO for P3
+ containing Target T with a Path Control of 00010000b.
+
+ 8. The third-most preferred subfield (00001100b) has the active
+ bits 00001100b. Node N has mapped P4 to this subfield. Node N
+ may allocate both bits to P4, constructing a DAO for P4
+ containing Target T with a Path Control of 00001100b.
+
+ 9. The least preferred subfield (00000011b) has no active bits.
+ Had there been active bits, those bits would have been added to
+ the Path Control field of the DAO constructed for P4.
+
+ 10. The process of populating the DAO messages destined for P1, P2,
+ P3, P4 with other targets (other than T) proceeds according to
+ the aggregate Path Control fields collected for those targets.
+
+9.10. Multicast Destination Advertisement Messages
+
+ A special case of DAO operation, distinct from unicast DAO operation,
+ is multicast DAO operation that may be used to populate '1-hop'
+ routing table entries.
+
+ 1. A node MAY multicast a DAO message to the link-local scope all-
+ RPL-nodes multicast address.
+
+ 2. A multicast DAO message MUST be used only to advertise
+ information about the node itself, i.e., prefixes directly
+ connected to or owned by the node, such as a multicast group that
+ the node is subscribed to or a global address owned by the node.
+
+ 3. A multicast DAO message MUST NOT be used to relay connectivity
+ information learned (e.g., through unicast DAO) from another
+ node.
+
+
+
+Winter, et al. Standards Track [Page 89]
+
+RFC 6550 RPL March 2012
+
+
+ 4. A node MUST NOT perform any other DAO-related processing on a
+ received multicast DAO message; in particular, a node MUST NOT
+ perform the actions of a DAO parent upon receipt of a multicast
+ DAO.
+
+ o The multicast DAO may be used to enable direct P2P communication,
+ without needing the DODAG to relay the packets.
+
+10. Security Mechanisms
+
+ This section describes the generation and processing of secure RPL
+ messages. The high-order bit of the RPL message code identifies
+ whether or not a RPL message is secure. In addition to secure
+ versions of basic control messages (DIS, DIO, DAO, DAO-ACK), RPL has
+ several messages that are relevant only in networks that are security
+ enabled.
+
+ Implementation complexity and size is a core concern for LLNs such
+ that it may be economically or physically impossible to include
+ sophisticated security provisions in a RPL implementation.
+ Furthermore, many deployments can utilize link-layer or other
+ security mechanisms to meet their security requirements without
+ requiring the use of security in RPL.
+
+ Therefore, the security features described in this document are
+ OPTIONAL to implement. A given implementation MAY support a subset
+ (including the empty set) of the described security features, for
+ example, it could support integrity and confidentiality, but not
+ signatures. An implementation SHOULD clearly specify which security
+ mechanisms are supported, and it is RECOMMENDED that implementers
+ carefully consider security requirements and the availability of
+ security mechanisms in their network.
+
+10.1. Security Overview
+
+ RPL supports three security modes:
+
+ o Unsecured. In this security mode, RPL uses basic DIS, DIO, DAO,
+ and DAO-ACK messages, which do not have Security sections. As a
+ network could be using other security mechanisms, such as link-
+ layer security, unsecured mode does not imply all messages are
+ sent without any protection.
+
+ o Preinstalled. In this security mode, RPL uses secure messages.
+ To join a RPL Instance, a node must have a preinstalled key.
+ Nodes use this to provide message confidentiality, integrity, and
+ authenticity. A node may, using this preinstalled key, join the
+ RPL network as either a host or a router.
+
+
+
+Winter, et al. Standards Track [Page 90]
+
+RFC 6550 RPL March 2012
+
+
+ o Authenticated. In this security mode, RPL uses secure messages.
+ To join a RPL Instance, a node must have a preinstalled key.
+ Nodes use this key to provide message confidentiality, integrity,
+ and authenticity. Using this preinstalled key, a node may join
+ the network as a host only. To join the network as a router, a
+ node must obtain a second key from a key authority. This key
+ authority can authenticate that the requester is allowed to be a
+ router before providing it with the second key. Authenticated
+ mode cannot be supported by symmetric algorithms. As of the
+ writing of this specification, RPL supports only symmetric
+ algorithms: authenticated mode is included for the benefit of
+ potential future cryptographic primitives. See Section 10.3.
+
+ Whether or not the RPL Instance uses unsecured mode is signaled by
+ whether it uses secure RPL messages. Whether a secured network uses
+ the preinstalled or authenticated mode is signaled by the 'A' bit of
+ the DAG Configuration option.
+
+ This specification specifies CCM -- Counter with CBC-MAC (Cipher
+ Block Chaining - Message Authentication Code) -- as the cryptographic
+ basis for RPL security [RFC3610]. In this specification, CCM uses
+ AES-128 as its underlying cryptographic algorithm. There are bits
+ reserved in the Security section to specify other algorithms in the
+ future.
+
+ All secured RPL messages have either a MAC or a signature.
+ Optionally, secured RPL messages also have encryption protection for
+ confidentiality. Secured RPL message formats support both integrated
+ encryption/authentication schemes (e.g., CCM) as well as schemes that
+ separately encrypt and authenticate packets.
+
+10.2. Joining a Secure Network
+
+ RPL security assumes that a node wishing to join a secured network
+ has been pre-configured with a shared key for communicating with
+ neighbors and the RPL root. To join a secure RPL network, a node
+ either listens for secure DIOs or triggers secure DIOs by sending a
+ secure DIS. In addition to the DIO/DIS rules in Section 8, secure
+ DIO and DIS messages have these rules:
+
+ 1. If sent, this initial secure DIS MUST set the Key Identifier Mode
+ field to 0 (00) and MUST set the Security Level field to 1 (001).
+ The key used MUST be the pre-configured group key (Key Index
+ 0x00).
+
+ 2. When a node resets its Trickle timer in response to a secure DIS
+ (Section 8.3), the next DIO it transmits MUST be a secure DIO
+ with the same security configuration as the secure DIS. If a
+
+
+
+Winter, et al. Standards Track [Page 91]
+
+RFC 6550 RPL March 2012
+
+
+ node receives multiple secure DIS messages before it transmits a
+ DIO, the secure DIO MUST have the same security configuration as
+ the last DIS to which it is responding.
+
+ 3. When a node sends a DIO in response to a unicast secure DIS
+ (Section 8.3), the DIO MUST be a secure DIO.
+
+ The above rules allow a node to join a secured RPL Instance using the
+ pre-configured shared key. Once a node has joined the DODAG using
+ the pre-configured shared key, the 'A' bit of the Configuration
+ option determines its capabilities. If the 'A' bit of the
+ Configuration option is cleared, then nodes can use this
+ preinstalled, shared key to exchange messages normally: it can issue
+ DIOs, DAOs, etc.
+
+ If the 'A' bit of the Configuration option is set and the RPL
+ Instance is operating in authenticated mode:
+
+ 1. A node MUST NOT advertise a Rank besides INFINITE_RANK in secure
+ DIOs secured with Key Index 0x00. When processing DIO messages
+ secured with Key Index 0x00, a processing node MUST consider the
+ advertised Rank to be INFINITE_RANK. Any other value results in
+ the message being discarded.
+
+ 2. Secure DAOs using a Key Index 0x00 MUST NOT have a RPL Target
+ option with a prefix besides the node's address. If a node
+ receives a secured DAO message using the preinstalled, shared key
+ where the RPL Target option does not match the IPv6 source
+ address, it MUST discard the secured DAO message without further
+ processing.
+
+ The above rules mean that in RPL Instances where the 'A' bit is set,
+ using Key Index 0x00, a node can join the RPL Instance as a host but
+ not a router. A node must communicate with a key authority to obtain
+ a key that will enable it to act as a router.
+
+10.3. Installing Keys
+
+ Authenticated mode requires a would-be router to dynamically install
+ new keys once they have joined a network as a host. Having joined as
+ a host, the node uses standard IP messaging to communicate with an
+ authorization server, which can provide new keys.
+
+ The protocol to obtain such keys is out of scope for this
+ specification and to be elaborated in future specifications. That
+ elaboration is required for RPL to securely operate in authenticated
+ mode.
+
+
+
+
+Winter, et al. Standards Track [Page 92]
+
+RFC 6550 RPL March 2012
+
+
+10.4. Consistency Checks
+
+ RPL nodes send Consistency Check (CC) messages to protect against
+ replay attacks and synchronize counters.
+
+ 1. If a node receives a unicast CC message with the 'R' bit cleared,
+ and it is a member of or is in the process of joining the
+ associated DODAG, it SHOULD respond with a unicast CC message to
+ the sender. This response MUST have the 'R' bit set, and it MUST
+ have the same CC nonce, RPLInstanceID, and DODAGID fields as the
+ message it received.
+
+ 2. If a node receives a multicast CC message, it MUST discard the
+ message with no further processing.
+
+ Consistency Check messages allow nodes to issue a challenge-response
+ to validate a node's current counter value. Because the CC nonce is
+ generated by the challenger, an adversary replaying messages is
+ unlikely to be able to generate a correct response. The counter in
+ the Consistency Check response allows the challenger to validate the
+ counter values it hears.
+
+10.5. Counters
+
+ In the simplest case, the counter value is an unsigned integer that a
+ node increments by one or more on each secured RPL transmission. The
+ counter MAY represent a timestamp that has the following properties:
+
+ 1. The timestamp MUST be at least six octets long.
+
+ 2. The timestamp MUST be in 1024 Hz (binary millisecond)
+ granularity.
+
+ 3. The timestamp start time MUST be January 1, 1970, 12:00:00AM UTC.
+
+ 4. If the counter represents a timestamp, the counter value MUST be
+ a value computed as follows. Let T be the timestamp, S be the
+ start time of the key in use, and E be the end time of the key in
+ use. Both S and E are represented using the same three rules as
+ the timestamp described above. If E > T < S, then the counter is
+ invalid and a node MUST NOT generate a packet. Otherwise, the
+ counter value is equal to T-S.
+
+ 5. If the counter represents such a timestamp, a node MAY set the
+ 'T' flag of the Security section of secured RPL packets.
+
+ 6. If the Counter field does not present such a timestamp, then a
+ node MUST NOT set the 'T' flag.
+
+
+
+Winter, et al. Standards Track [Page 93]
+
+RFC 6550 RPL March 2012
+
+
+ 7. If a node does not have a local timestamp that satisfies the
+ above requirements, it MUST ignore the 'T' flag.
+
+ If a node supports such timestamps and it receives a message with the
+ 'T' flag set, it MAY apply the temporal check on the received message
+ described in Section 10.7.1. If a node receives a message without
+ the 'T' flag set, it MUST NOT apply this temporal check. A node's
+ security policy MAY, for application reasons, include rejecting all
+ messages without the 'T' flag set.
+
+ The 'T' flag is present because many LLNs today already maintain
+ global time synchronization at sub-millisecond granularity for
+ security, application, and other reasons. Allowing RPL to leverage
+ this existing functionality when present greatly simplifies solutions
+ to some security problems, such as delay protection.
+
+10.6. Transmission of Outgoing Packets
+
+ Given an outgoing RPL control packet and the required security
+ protection, this section describes how RPL generates the secured
+ packet to transmit. It also describes the order of cryptographic
+ operations to provide the required protection.
+
+ The requirement for security protection and the level of security to
+ be applied to an outgoing RPL packet shall be determined by the
+ node's security policy database. The configuration of this security
+ policy database for outgoing packet processing is implementation
+ specific.
+
+ Where secured RPL messages are to be transmitted, a RPL node MUST set
+ the Security section (T, Sec, KIM, and LVL) in the outgoing RPL
+ packet to describe the protection level and security settings that
+ are applied (see Section 6.1). The Security subfield bit of the RPL
+ Message Code field MUST be set to indicate the secure RPL message.
+
+ The counter value used in constructing the AES-128 CCM nonce
+ (Figure 31) to secure the outgoing packet MUST be an increment of the
+ last counter transmitted to the particular destination address.
+
+ Where security policy specifies the application of delay protection,
+ the Timestamp counter used in constructing the CCM nonce to secure
+ the outgoing packet MUST be incremented according to the rules in
+ Section 10.5. Where a Timestamp counter is applied (indicated with
+ the 'T' flag set), the locally maintained Timestamp counter MUST be
+ included as part of the transmitted secured RPL message.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 94]
+
+RFC 6550 RPL March 2012
+
+
+ The cryptographic algorithm used in securing the outgoing packet
+ shall be specified by the node's security policy database and MUST be
+ indicated in the value of the Sec field set within the outgoing
+ message.
+
+ The security policy for the outgoing packet shall determine the
+ applicable KIM and Key Identifier specifying the security key to be
+ used for the cryptographic packet processing, including the optional
+ use of signature keys (see Section 6.1). The security policy will
+ also specify the algorithm (Algorithm) and level of protection
+ (Level) in the form of authentication or authentication and
+ encryption, and potential use of signatures that shall apply to the
+ outgoing packet.
+
+ Where encryption is applied, a node MUST replace the original packet
+ payload with that payload encrypted using the security protection,
+ key, and CCM nonce specified in the Security section of the packet.
+
+ All secured RPL messages include integrity protection. In
+ conjunction with the security algorithm processing, a node derives
+ either a MAC or signature that MUST be included as part of the
+ outgoing secured RPL packet.
+
+10.7. Reception of Incoming Packets
+
+ This section describes the reception and processing of a secured RPL
+ packet. Given an incoming secured RPL packet, where the Security
+ subfield bit of the RPL Message Code field is set, this section
+ describes how RPL generates an unencrypted variant of the packet and
+ validates its integrity.
+
+ The receiver uses the RPL security control fields to determine the
+ necessary packet security processing. If the described level of
+ security for the message type and originator is unknown or does not
+ meet locally maintained security policies, a node MUST discard the
+ packet without further processing, MAY raise a management alert, and
+ MUST NOT send any messages in response. These policies can include
+ security levels, keys used, source identifiers, or the lack of
+ timestamp-based counters (as indicated by the 'T' flag). The
+ configuration of the security policy database for incoming packet
+ processing is out of scope for this specification (it may, for
+ example, be defined through DIO Configuration or through out-of-band
+ administrative router configuration).
+
+ Where the message Security Level (LVL) indicates an encrypted RPL
+ message, the node uses the key information identified through the KIM
+ field as well as the CCM nonce as input to the message payload
+ decryption processing. The CCM nonce shall be derived from the
+
+
+
+Winter, et al. Standards Track [Page 95]
+
+RFC 6550 RPL March 2012
+
+
+ message Counter field and other received and locally maintained
+ information (see Section 10.9.1). The plaintext message contents
+ shall be obtained by invoking the inverse cryptographic mode of
+ operation specified by the Sec field of the received packet.
+
+ The receiver shall use the CCM nonce and identified key information
+ to check the integrity of the incoming packet. If the integrity
+ check fails against the received MAC, a node MUST discard the packet.
+
+ If the received message has an initialized (zero value) counter value
+ and the receiver has an incoming counter currently maintained for the
+ originator of the message, the receiver MUST initiate a counter
+ resynchronization by sending a Consistency Check response message
+ (see Section 6.6) to the message source. The Consistency Check
+ response message shall be protected with the current full outgoing
+ counter maintained for the particular node address. That outgoing
+ counter will be included within the security section of the message
+ while the incoming counter will be included within the Consistency
+ Check message payload.
+
+ Based on the specified security policy, a node MAY apply replay
+ protection for a received RPL message. The replay check SHOULD be
+ performed before the authentication of the received packet. The
+ counter, as obtained from the incoming packet, shall be compared
+ against the watermark of the incoming counter maintained for the
+ given origination node address. If the received message counter
+ value is non-zero and less than the maintained incoming counter
+ watermark, a potential packet replay is indicated and the node MUST
+ discard the incoming packet.
+
+ If delay protection is specified as part of the incoming packet
+ security policy checks, the Timestamp counter is used to validate the
+ timeliness of the received RPL message. If the incoming message
+ Timestamp counter value indicates a message transmission time prior
+ to the locally maintained transmission time counter for the
+ originator address, a replay violation is indicated and the node MUST
+ discard the incoming packet. If the received Timestamp counter value
+ indicates a message transmission time that is earlier than the
+ Current time less the acceptable packet delay, a delay violation is
+ indicated and the node MUST discard the incoming packet.
+
+ Once a message has been decrypted, where applicable, and has
+ successfully passed its integrity check, replay check, and optionally
+ delay-protection checks, the node can update its local security
+ information, such as the source's expected counter value for replay
+ comparison.
+
+
+
+
+
+Winter, et al. Standards Track [Page 96]
+
+RFC 6550 RPL March 2012
+
+
+ A node MUST NOT update its security information on receipt of a
+ message that fails security policy checks or other applied integrity,
+ replay, or delay checks.
+
+10.7.1. Timestamp Key Checks
+
+ If the 'T' flag of a message is set and a node has a local timestamp
+ that follows the requirements in Section 10.5, then a node MAY check
+ the temporal consistency of the message. The node computes the
+ transmit time of the message by adding the counter value to the start
+ time of the associated key. If this transmit time is past the end
+ time of the key, the node MAY discard the message without further
+ processing. If the transmit time is too far in the past or future
+ compared to the local time on the receiver, it MAY discard the
+ message without further processing.
+
+10.8. Coverage of Integrity and Confidentiality
+
+ For a RPL ICMPv6 message, the entire packet is within the scope of
+ RPL security.
+
+ MACs and signatures are calculated over the entire unsecured IPv6
+ packet. When computing MACs and signatures, mutable IPv6 fields are
+ considered to be filled with zeroes, following the rules in Section
+ 3.3.3.1 of [RFC4302] (IPsec Authenticated Header). MAC and signature
+ calculations are performed before any compression that lower layers
+ may apply.
+
+ When a RPL ICMPv6 message is encrypted, encryption starts at the
+ first byte after the Security section and continues to the last byte
+ of the packet. The IPv6 header, ICMPv6 header, and RPL message up to
+ the end of the Security section are not encrypted, as they are needed
+ to correctly decrypt the packet.
+
+ For example, a node sending a message with LVL=1, KIM=0, and
+ Algorithm=0 uses the CCM algorithm [RFC3610] to create a packet with
+ attributes ENC-MAC-32: it encrypts the packet and appends a 32-bit
+ MAC. The block cipher key is determined by the Key Index. The CCM
+ nonce is computed as described in Section 10.9.1; the message to
+ authenticate and encrypt is the RPL message starting at the first
+ byte after the Security section and ends with the last byte of the
+ packet. The additional authentication data starts with the beginning
+ of the IPv6 header and ends with the last byte of the RPL Security
+ section.
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 97]
+
+RFC 6550 RPL March 2012
+
+
+10.9. Cryptographic Mode of Operation
+
+ The cryptographic mode of operation described in this specification
+ (Algorithm = 0) is based on CCM and the block-cipher AES-128
+ [RFC3610]. This mode of operation is widely supported by existing
+ implementations. CCM mode requires a nonce (CCM nonce).
+
+10.9.1. CCM Nonce
+
+ A RPL node constructs a CCM nonce as follows:
+
+ 0 1 2 3
+ 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | |
+ + Source Identifier +
+ | |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ | Counter |
+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ |KIM|Resvd| LVL |
+ +-+-+-+-+-+-+-+-+
+
+ Figure 31: CCM Nonce
+
+ Source Identifier: 8 bytes. Source Identifier is set to the logical
+ identifier of the originator of the protected packet.
+
+ Counter: 4 bytes. Counter is set to the (uncompressed) value of the
+ corresponding field in the Security option of the RPL control
+ message.
+
+ Key Identifier Mode (KIM): 2 bits. KIM is set to the value of the
+ corresponding field in the Security option of the RPL control
+ message.
+
+ Security Level (LVL): 3 bits. Security Level is set to the value of
+ the corresponding field in the Security option of the RPL
+ control message.
+
+ Unassigned bits of the CCM nonce are reserved. They MUST be set to
+ zero when constructing the CCM nonce.
+
+ All fields of the CCM nonce are represented in most significant octet
+ and most significant bit first order.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 98]
+
+RFC 6550 RPL March 2012
+
+
+10.9.2. Signatures
+
+ If the KIM indicates the use of signatures (a value of 3), then a
+ node appends a signature to the data payload of the packet. The
+ Security Level (LVL) field describes the length of this signature.
+ The signature scheme in RPL for Security Mode 3 is an instantiation
+ of the RSA algorithm (RSASSA-PSS) as defined in Section 8.1 of
+ [RFC3447]. As public key, it uses the pair (n,e), where n is a
+ 2048-bit or 3072-bit RSA modulus and where e=2^{16}+1. It uses CCM
+ mode [RFC3610] as the encryption scheme with M=0 (as a stream-
+ cipher). Note that although [RFC3610] disallows the CCM mode with
+ M=0, RPL explicitly allows the CCM mode with M=0 when used in
+ conjunction with a signature, because the signature provides
+ sufficient data authentication. Here, the CCM mode with M=0 is
+ specified as in [RFC3610], but where the M' field in Section 2.2 MUST
+ be set to 0. It uses the SHA-256 hash function specified in Section
+ 6.2 of [FIPS180]. It uses the message encoding rules of Section 8.1
+ of [RFC3447].
+
+ Let 'a' be a concatenation of a 6-byte representation of counter and
+ the message header. The packet payload is the right-concatenation of
+ packet data 'm' and the signature 's'. This signature scheme is
+ invoked with the right-concatenation of the message parts a and m,
+ whereas the signature verification is invoked with the right-
+ concatenation of the message parts a and m and with signature s.
+
+ RSA signatures of this form provide sufficient protection for RPL
+ networks. If needed, alternative signature schemes that produce more
+ concise signatures is out of scope for this specification and may be
+ the subject of a future specification.
+
+ An implementation that supports RSA signing with either 2048-bit or
+ 3072-bit signatures SHOULD support verification of both 2048-bit and
+ 3072-bit RSA signatures. This is in consideration of providing an
+ upgrade path for a RPL deployment.
+
+11. Packet Forwarding and Loop Avoidance/Detection
+
+11.1. Suggestions for Packet Forwarding
+
+ This document specifies a routing protocol. These non-normative
+ suggestions are provided to aid in the design of a forwarding
+ implementation by illustrating how such an implementation could work
+ with RPL.
+
+ When forwarding a packet to a destination, precedence is given to
+ selection of a next-hop successor as follows:
+
+
+
+
+Winter, et al. Standards Track [Page 99]
+
+RFC 6550 RPL March 2012
+
+
+ 1. This specification only covers how a successor is selected from
+ the DODAG Version that matches the RPLInstanceID marked in the
+ IPv6 header of the packet being forwarded. Routing outside the
+ instance can be done as long as additional rules are put in place
+ such as strict ordering of instances and routing protocols to
+ protect against loops. Such rules may be defined in a separate
+ document.
+
+ 2. If a local administrative preference favors a route that has been
+ learned from a different routing protocol than RPL, then use that
+ successor.
+
+ 3. If the packet header specifies a source route by including an RH4
+ header as specified in [RFC6554], then use that route. If the
+ node fails to forward the packet with that specified source
+ route, then that packet should be dropped. The node MAY log an
+ error. The node may send an ICMPv6 error in Source Routing
+ Header message to the source of the packet (see Section 20.18).
+
+ 4. If there is an entry in the routing table matching the
+ destination that has been learned from a multicast destination
+ advertisement (e.g., the destination is a one-hop neighbor), then
+ use that successor.
+
+ 5. If there is an entry in the routing table matching the
+ destination that has been learned from a unicast destination
+ advertisement (e.g., the destination is located Down the sub-
+ DODAG), then use that successor. If there are DAO Path Control
+ bits associated with multiple successors, then consult the Path
+ Control bits to order the successors by preference when choosing.
+ If, for a given DAO Path Control bit, multiple successors are
+ recorded as having asserted that bit, precedence should be given
+ to the successor who most recently asserted that bit.
+
+ 6. If there is a DODAG Version offering a route to a prefix matching
+ the destination, then select one of those DODAG parents as a
+ successor according to the OF and routing metrics.
+
+ 7. Any other as-yet-unattempted DODAG parent may be chosen for the
+ next attempt to forward a unicast packet when no better match
+ exists.
+
+ 8. Finally, the packet is dropped. ICMP Destination Unreachable MAY
+ be invoked (an inconsistency is detected).
+
+ Hop Limit MUST be decremented when forwarding per [RFC2460].
+
+
+
+
+
+Winter, et al. Standards Track [Page 100]
+
+RFC 6550 RPL March 2012
+
+
+ Note that the chosen successor MUST NOT be the neighbor that was the
+ predecessor of the packet (split horizon), except in the case where
+ it is intended for the packet to change from an Upward to a Downward
+ direction, as determined by the routing table of the node making the
+ change, such as switching from DIO routes to DAO routes as the
+ destination is neared in order to continue traveling toward the
+ destination.
+
+11.2. Loop Avoidance and Detection
+
+ RPL loop avoidance mechanisms are kept simple and designed to
+ minimize churn and states. Loops may form for a number of reasons,
+ e.g., control packet loss. RPL includes a reactive loop detection
+ technique that protects from meltdown and triggers repair of broken
+ paths.
+
+ RPL loop detection uses RPL Packet Information that is transported
+ within the data packets, relying on an external mechanism such as
+ [RFC6553] that places in the RPL Packet Information in an IPv6 Hop-
+ by-Hop option header.
+
+ The content of RPL Packet Information is defined as follows:
+
+ Down 'O': 1-bit flag indicating whether the packet is expected to
+ progress Up or Down. A router sets the 'O' flag when the
+ packet is expected to progress Down (using DAO routes), and
+ clears it when forwarding toward the DODAG root (to a node with
+ a lower Rank). A host or RPL leaf node MUST set the 'O' flag
+ to 0.
+
+ Rank-Error 'R': 1-bit flag indicating whether a Rank error was
+ detected. A Rank error is detected when there is a mismatch in
+ the relative Ranks and the direction as indicated in the 'O'
+ bit. A host or RPL leaf node MUST set the 'R' bit to 0.
+
+ Forwarding-Error 'F': 1-bit flag indicating that this node cannot
+ forward the packet further towards the destination. The 'F'
+ bit might be set by a child node that does not have a route to
+ destination for a packet with the Down 'O' bit set. A host or
+ RPL leaf node MUST set the 'F' bit to 0.
+
+ RPLInstanceID: 8-bit field indicating the DODAG instance along which
+ the packet is sent.
+
+ SenderRank: 16-bit field set to zero by the source and to
+ DAGRank(rank) by a router that forwards inside the RPL network.
+
+
+
+
+
+Winter, et al. Standards Track [Page 101]
+
+RFC 6550 RPL March 2012
+
+
+11.2.1. Source Node Operation
+
+ If the source is aware of the RPLInstanceID that is preferred for the
+ packet, then it MUST set the RPLInstanceID field associated with the
+ packet accordingly; otherwise, it MUST set it to the
+ RPL_DEFAULT_INSTANCE.
+
+11.2.2. Router Operation
+
+11.2.2.1. Instance Forwarding
+
+ The RPLInstanceID is associated by the source with the packet. This
+ RPLInstanceID MUST match the RPL Instance onto which the packet is
+ placed by any node, be it a host or router. The RPLInstanceID is
+ part of the RPL Packet Information.
+
+ A RPL router that forwards a packet in the RPL network MUST check if
+ the packet includes the RPL Packet Information. If not, then the RPL
+ router MUST insert the RPL Packet Information. If the router is an
+ ingress router that injects the packet into the RPL network, the
+ router MUST set the RPLInstanceID field in the RPL Packet
+ Information. The details of how that router determines the mapping
+ to a RPLInstanceID are out of scope for this specification and left
+ to future specification.
+
+ A router that forwards a packet outside the RPL network MUST remove
+ the RPL Packet Information.
+
+ When a router receives a packet that specifies a given RPLInstanceID
+ and the node can forward the packet along the DODAG associated to
+ that instance, then the router MUST do so and leave the RPLInstanceID
+ value unchanged.
+
+ If any node cannot forward a packet along the DODAG associated with
+ the RPLInstanceID, then the node SHOULD discard the packet and send
+ an ICMP error message.
+
+11.2.2.2. DAG Inconsistency Loop Detection
+
+ The DODAG is inconsistent if the direction of a packet does not match
+ the Rank relationship. A receiver detects an inconsistency if it
+ receives a packet with either:
+
+ the 'O' bit set (to Down) from a node of a higher Rank.
+
+ the 'O' bit cleared (for Up) from a node of a lower Rank.
+
+
+
+
+
+Winter, et al. Standards Track [Page 102]
+
+RFC 6550 RPL March 2012
+
+
+ When the DODAG root increments the DODAGVersionNumber, a temporary
+ Rank discontinuity may form between the next DODAG Version and the
+ prior DODAG Version, in particular, if nodes are adjusting their Rank
+ in the next DODAG Version and deferring their migration into the next
+ DODAG Version. A router that is still a member of the prior DODAG
+ Version may choose to forward a packet to a (future) parent that is
+ in the next DODAG Version. In some cases, this could cause the
+ parent to detect an inconsistency because the Rank-ordering in the
+ prior DODAG Version is not necessarily the same as in the next DODAG
+ Version, and the packet may be judged not to be making forward
+ progress. If the sending router is aware that the chosen successor
+ has already joined the next DODAG Version, then the sending router
+ MUST update the SenderRank to INFINITE_RANK as it forwards the
+ packets across the discontinuity into the next DODAG Version in order
+ to avoid a false detection of Rank inconsistency.
+
+ One inconsistency along the path is not considered a critical error
+ and the packet may continue. However, a second detection along the
+ path of the same packet should not occur and the packet MUST be
+ dropped.
+
+ This process is controlled by the Rank-Error bit associated with the
+ packet. When an inconsistency is detected on a packet, if the Rank-
+ Error bit was not set, then the Rank-Error bit is set. If it was set
+ the packet MUST be discarded and the Trickle timer MUST be reset.
+
+11.2.2.3. DAO Inconsistency Detection and Recovery
+
+ DAO inconsistency loop recovery is a mechanism that applies to
+ Storing mode of operation only.
+
+ In Non-Storing mode, the packets are source routed to the
+ destination, and DAO inconsistencies are not corrected locally.
+ Instead, an ICMP error with a new code "Error in Source Routing
+ Header" is sent back to the root. The "Error in Source Routing
+ Header" message has the same format as the "Destination Unreachable
+ Message", as specified in [RFC4443]. The portion of the invoking
+ packet that is sent back in the ICMP message should record at least
+ up to the routing header, and the routing header should be consumed
+ by this node so that the destination in the IPv6 header is the next
+ hop that this node could not reach.
+
+ A DAO inconsistency happens when a router has a Downward route that
+ was previously learned from a DAO message via a child, but that
+ Downward route is not longer valid in the child, e.g., because that
+ related state in the child has been cleaned up. With DAO
+ inconsistency loop recovery, a packet can be used to recursively
+ explore and clean up the obsolete DAO states along a sub-DODAG.
+
+
+
+Winter, et al. Standards Track [Page 103]
+
+RFC 6550 RPL March 2012
+
+
+ In a general manner, a packet that goes Down should never go Up
+ again. If DAO inconsistency loop recovery is applied, then the
+ router SHOULD send the packet back to the parent that passed it with
+ the Forwarding-Error 'F' bit set and the 'O' bit left untouched.
+ Otherwise, the router MUST silently discard the packet.
+
+ Upon receiving a packet with a Forwarding-Error bit set, the node
+ MUST remove the routing states that caused forwarding to that
+ neighbor, clear the Forwarding-Error bit, and attempt to send the
+ packet again. The packet may be sent to an alternate neighbor, after
+ the expiration of a user-configurable implementation-specific timer.
+ If that alternate neighbor still has an inconsistent DAO state via
+ this node, the process will recurse, this node will set the
+ Forwarding-Error 'F' bit, and the routing state in the alternate
+ neighbor will be cleaned up as well.
+
+12. Multicast Operation
+
+ This section describes a multicast routing operation over an IPv6 RPL
+ network and, specifically, how unicast DAOs can be used to relay
+ group registrations. The same DODAG construct can be used to forward
+ unicast and multicast traffic. This section is limited to a
+ description of how group registrations may be exchanged and how the
+ forwarding infrastructure operates. It does not provide a full
+ description of multicast within an LLN and, in particular, does not
+ describe the generation of DODAGs specifically targeted at multicast
+ or the details of operating RPL for multicast -- that will be the
+ subject of further specifications.
+
+ The multicast group registration uses DAO messages that are identical
+ to unicast except for the type of address that is transported. The
+ main difference is that the multicast traffic going down is copied to
+ all the children that have registered with the multicast group,
+ whereas unicast traffic is passed to one child only.
+
+ Nodes that support the RPL Storing mode of operation SHOULD also
+ support multicast DAO operations as described below. Nodes that only
+ support the Non-Storing mode of operation are not expected to support
+ this section.
+
+ The multicast operation is controlled by the MOP field in the DIO.
+
+ o If the MOP field requires multicast support, then a node that
+ joins the RPL network as a router must operate as described in
+ this section for multicast signaling and forwarding within the RPL
+ network. A node that does not support the multicast operation
+ required by the MOP field can only join as a leaf.
+
+
+
+
+Winter, et al. Standards Track [Page 104]
+
+RFC 6550 RPL March 2012
+
+
+ o If the MOP field does not require multicast support, then
+ multicast is handled by some other way that is out of scope for
+ this specification. (Examples may include a series of unicast
+ copies or limited-scope flooding).
+
+ A router might select to pass a listener registration DAO message to
+ its preferred parent only; in which case, multicast packets coming
+ back might be lost for all of its sub-DODAGs if the transmission
+ fails over that link. Alternatively, the router might select copying
+ additional parents as it would do for DAO messages advertising
+ unicast destinations; in which case, there might be duplicates that
+ the router will need to prune.
+
+ As a result, multicast routing states are installed in each router on
+ the way from the listeners to the DODAG root, enabling the root to
+ copy a multicast packet to all its children routers that had issued a
+ DAO message including a Target option for that multicast group.
+
+ For a multicast packet sourced from inside the DODAG, the packet is
+ passed to the preferred parents, and if that fails, then to the
+ alternates in the DODAG. The packet is also copied to all the
+ registered children, except for the one that passed the packet.
+ Finally, if there is a listener in the external infrastructure, then
+ the DODAG root has to further propagate the packet into the external
+ infrastructure.
+
+ As a result, the DODAG root acts as an automatic proxy Rendezvous
+ Point for the RPL network and as source towards the non-RPL domain
+ for all multicast flows started in the RPL domain. So, regardless of
+ whether the root is actually attached to a non-RPL domain, and
+ regardless of whether the DODAG is grounded or floating, the root can
+ serve inner multicast streams at all times.
+
+13. Maintenance of Routing Adjacency
+
+ The selection of successors, along the default paths Up along the
+ DODAG, or along the paths learned from destination advertisements
+ Down along the DODAG, leads to the formation of routing adjacencies
+ that require maintenance.
+
+ In IGPs, such as OSPF [RFC4915] or IS-IS [RFC5120], the maintenance
+ of a routing adjacency involves the use of keepalive mechanisms
+ (Hellos) or other protocols such as the Bidirectional Forwarding
+ Detection (BFD) [RFC5881] and the MANET Neighborhood Discovery
+ Protocol (NHDP) [RFC6130]. Unfortunately, such a proactive approach
+ is often not desirable in constrained environments where it would
+ lead to excessive control traffic in light of the data traffic with a
+ negative impact on both link loads and nodes resources.
+
+
+
+Winter, et al. Standards Track [Page 105]
+
+RFC 6550 RPL March 2012
+
+
+ By contrast with those routing protocols, RPL does not define any
+ keepalive mechanisms to detect routing adjacency failures: this is
+ because in many cases, such a mechanism would be too expensive in
+ terms of bandwidth and, even more importantly, energy (a battery-
+ operated device could not afford to send periodic keepalives). Still
+ RPL requires an external mechanisms to detect that a neighbor is no
+ longer reachable. Such a mechanism should preferably be reactive to
+ traffic in order to minimize the overhead to maintain the routing
+ adjacency and focus on links that are actually being used.
+
+ Example reactive mechanisms that can be used include:
+
+ The Neighbor Unreachability Detection [RFC4861] mechanism.
+
+ Layer 2 triggers [RFC5184] derived from events such as association
+ states and L2 acknowledgements.
+
+14. Guidelines for Objective Functions
+
+ An Objective Function (OF), in conjunction with routing metrics and
+ constraints, allows for the selection of a DODAG to join, and a
+ number of peers in that DODAG as parents. The OF is used to compute
+ an ordered list of parents. The OF is also responsible to compute
+ the Rank of the device within the DODAG Version.
+
+ The Objective Function is indicated in the DIO message using an
+ Objective Code Point (OCP), and it indicates the method that must be
+ used to construct the DODAG. The Objective Code Points are specified
+ in [RFC6552] and related companion specifications.
+
+14.1. Objective Function Behavior
+
+ Most Objective Functions are expected to follow the same abstract
+ behavior at a node:
+
+ o The parent selection is triggered each time an event indicates
+ that a potential next-hop information is updated. This might
+ happen upon the reception of a DIO message, a timer elapse, all
+ DODAG parents are unavailable, or a trigger indicating that the
+ state of a candidate neighbor has changed.
+
+ o An OF scans all the interfaces on the node. Although, there may
+ typically be only one interface in most application scenarios,
+ there might be multiple of them and an interface might be
+ configured to be usable or not for RPL operation. An interface
+ can also be configured with a preference or dynamically learned to
+ be better than another by some heuristics that might be link-layer
+ dependent and are out of scope for this specification. Finally,
+
+
+
+Winter, et al. Standards Track [Page 106]
+
+RFC 6550 RPL March 2012
+
+
+ an interface might or might not match a required criterion for an
+ Objective Function, for instance, a degree of security. As a
+ result, some interfaces might be completely excluded from the
+ computation, for example, if those interfaces cannot satisfy some
+ advertised constraints, while others might be more or less
+ preferred.
+
+ o An OF scans all the candidate neighbors on the possible interfaces
+ to check whether they can act as a router for a DODAG. There
+ might be many of them and a candidate neighbor might need to pass
+ some validation tests before it can be used. In particular, some
+ link layers require experience on the activity with a router to
+ enable the router as a next hop.
+
+ o An OF computes Rank of a node for comparison by adding to the Rank
+ of the candidate a value representing the relative locations of
+ the node and the candidate in the DODAG Version.
+
+ * The increase in Rank must be at least MinHopRankIncrease.
+
+ * To keep loop avoidance and metric optimization in alignment,
+ the increase in Rank should reflect any increase in the metric
+ value. For example, with a purely additive metric, such as
+ ETX, the increase in Rank can be made proportional to the
+ increase in the metric.
+
+ * Candidate neighbors that would cause the Rank of the node to
+ increase are not considered for parent selection.
+
+ o Candidate neighbors that advertise an OF incompatible with the set
+ of OFs specified by the policy functions are ignored.
+
+ o As it scans all the candidate neighbors, the OF keeps the current
+ best parent and compares its capabilities with the current
+ candidate neighbor. The OF defines a number of tests that are
+ critical to reach the objective. A test between the routers
+ determines an order relation.
+
+ * If the routers are equal for that relation, then the next test
+ is attempted between the routers,
+
+ * Else the best of the two routers becomes the current best
+ parent, and the scan continues with the next candidate
+ neighbor.
+
+ * Some OFs may include a test to compare the Ranks that would
+ result if the node joined either router.
+
+
+
+
+Winter, et al. Standards Track [Page 107]
+
+RFC 6550 RPL March 2012
+
+
+ o When the scan is complete, the preferred parent is elected and the
+ node's Rank is computed as the preferred parent Rank plus the step
+ in Rank with that parent.
+
+ o Other rounds of scans might be necessary to elect alternate
+ parents. In the next rounds:
+
+ * Candidate neighbors that are not in the same DODAG are ignored.
+
+ * Candidate neighbors that are of greater Rank than the node are
+ ignored.
+
+ * Candidate neighbors of an equal Rank to the node are ignored
+ for parent selection.
+
+ * Candidate neighbors of a lesser Rank than the node are
+ preferred.
+
+15. Suggestions for Interoperation with Neighbor Discovery
+
+ This specification directly borrows the Prefix Information Option
+ (PIO) and the Route Information Option (RIO) from IPv6 ND. It is
+ envisioned that, as future specifications build on this base, there
+ may be additional cause to leverage parts of IPv6 ND. This section
+ provides some suggestions for future specifications.
+
+ First and foremost, RPL is a routing protocol. One should take great
+ care to preserve architecture when mapping functionalities between
+ RPL and ND. RPL is for routing only. That said, there may be
+ persuading technical reasons to allow for sharing options between RPL
+ and IPv6 ND in a particular implementation/deployment.
+
+ In general, the following guidelines apply:
+
+ o RPL Type codes must be allocated from the RPL Control Message
+ Options registry.
+
+ o RPL Length fields must be expressed in units of single octets, as
+ opposed to ND Length fields, which are expressed in units of 8
+ octets.
+
+ o RPL options are generally not required to be aligned to 8-octet
+ boundaries.
+
+ o When mapping/transposing an IPv6 ND option for redistribution as a
+ RPL option, any padding octets should be removed when possible.
+ For example, the Prefix Length field in the PIO is sufficient to
+ describe the length of the Prefix field. When mapping/transposing
+
+
+
+Winter, et al. Standards Track [Page 108]
+
+RFC 6550 RPL March 2012
+
+
+ a RPL option for redistribution as an IPv6 ND option, any such
+ padding octets should be restored. This procedure must be
+ unambiguous.
+
+16. Summary of Requirements for Interoperable Implementations
+
+ This section summarizes basic interoperability and references
+ normative text for RPL implementations operating in one of three
+ major modes. Implementations are expected to support either no
+ Downward routes, Non-Storing mode only, or Storing mode only. A
+ fourth mode, operation as a leaf, is also possible.
+
+ Implementations conforming to this specification may contain
+ different subsets of capabilities as appropriate to the application
+ scenario. It is important for the implementer to support a level of
+ interoperability consistent with that required by the application
+ scenario. To this end, further guidance may be provided beyond this
+ specification (e.g., as applicability statements), and it is
+ understood that in some cases such further guidance may override
+ portions of this specification.
+
+16.1. Common Requirements
+
+ In a general case, the greatest level of interoperability may be
+ achieved when all of the nodes in a RPL LLN are cooperating to use
+ the same MOP, OF, metrics, and constraints, and are thus able to act
+ as RPL routers. When a node is not capable of being a RPL router, it
+ may be possible to interoperate in a more limited manner as a RPL
+ leaf.
+
+ All RPL implementations need to support the use of RPL Packet
+ Information transported within data packets (Section 11.2). One such
+ mechanism is described in [RFC6553].
+
+ RPL implementations will need to support the use of Neighbor
+ Unreachability Detection (NUD), or an equivalent mechanism, to
+ maintain the reachability of neighboring RPL nodes (Section 8.2.1).
+ Alternate mechanisms may be optimized to the constrained capabilities
+ of the implementation, such as hints from the link layer.
+
+ This specification provides means to obtain a PIO and thus form an
+ IPv6 address. When that mechanism is used, it may be necessary to
+ perform address resolution and duplicate address detection through an
+ external process, such as IPv6 ND [RFC4861] or 6LoWPAN ND
+ [6LOWPAN-ND].
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 109]
+
+RFC 6550 RPL March 2012
+
+
+16.2. Operation as a RPL Leaf Node (Only)
+
+ o An implementation of a leaf node (only) does not ever participate
+ as a RPL router. Interoperable implementations of leaf nodes
+ behave as summarized in Section 8.5.
+
+ o Support of a particular MOP encoding is not required, although if
+ the leaf node sends DAO messages to set up Downward routes, the
+ leaf node should do so in a manner consistent with the mode of
+ operation indicated by the MOP.
+
+ o Support of a particular OF is not required.
+
+ o In summary, a leaf node does not generally issue DIO messages, it
+ may issue DAO and DIS messages. A leaf node accepts DIO messages
+ though it generally ignores DAO and DIS messages.
+
+16.3. Operation as a RPL Router
+
+ If further guidance is not available then a RPL router implementation
+ MUST at least support the metric-less OF0 [RFC6552].
+
+ For consistent operation a RPL router implementation needs to support
+ the MOP in use by the DODAG.
+
+ All RPL routers will need to implement Trickle [RFC6206].
+
+16.3.1. Support for Upward Routes (Only)
+
+ An implementation of a RPL router that supports only Upward routes
+ supports the following:
+
+ o Upward routes (Section 8)
+
+ o MOP encoding 0 (Section 20.3)
+
+ o In summary, DIO and DIS messages are issued, and DAO messages are
+ not issued. DIO and DIS messages are accepted, and DAO messages
+ are ignored.
+
+16.3.2. Support for Upward Routes and Downward Routes in Non-Storing
+ Mode
+
+ An implementation of a RPL router that supports Upward routes and
+ Downward routes in Non-Storing mode supports the following:
+
+ o Upward routes (Section 8)
+
+
+
+
+Winter, et al. Standards Track [Page 110]
+
+RFC 6550 RPL March 2012
+
+
+ o Downward routes (Non-Storing) (Section 9)
+
+ o MOP encoding 1 (Section 20.3)
+
+ o Source-routed Downward traffic ([RFC6554])
+
+ o In summary, DIO and DIS messages are issued, and DAO messages are
+ issued to the DODAG root. DIO and DIS messages are accepted, and
+ DAO messages are ignored by nodes other than DODAG roots.
+ Multicast is not supported through the means described in this
+ specification, though it may be supported through some alternate
+ means.
+
+16.3.3. Support for Upward Routes and Downward Routes in Storing Mode
+
+ An implementation of a RPL router that supports Upward routes and
+ Downward routes in Storing mode supports the following:
+
+ o Upward routes (Section 8)
+
+ o Downward routes (Storing) (Section 9)
+
+ o MOP encoding 2 (Section 20.3)
+
+ o In summary, DIO, DIS, and DAO messages are issued. DIO, DIS, and
+ DAO messages are accepted. Multicast is not supported through the
+ means described in this specification, though it may be supported
+ through some alternate means.
+
+16.3.3.1. Optional Support for Basic Multicast Scheme
+
+ A Storing mode implementation may be enhanced with basic multicast
+ support through the following additions:
+
+ o Basic Multicast Support (Section 12)
+
+ o MOP encoding 3 (Section 20.3)
+
+16.4. Items for Future Specification
+
+ A number of items are left to future specification, including but not
+ limited to the following:
+
+ o How to attach a non-RPL node such as an IPv6 host, e.g., to
+ consistently distribute at least PIO material to the attached
+ node.
+
+
+
+
+
+Winter, et al. Standards Track [Page 111]
+
+RFC 6550 RPL March 2012
+
+
+ o How to obtain authentication material in support if authenticated
+ mode is used (Section 10.3).
+
+ o Details of operation over multiple simultaneous instances.
+
+ o Advanced configuration mechanisms, such as the provisioning of
+ RPLInstanceIDs, parameterization of Objective Functions, and
+ parameters to control security. (It is expected that such
+ mechanisms might extend the DIO as a means to disseminate
+ information across the DODAG).
+
+17. RPL Constants and Variables
+
+ The following is a summary of RPL constants and variables:
+
+ BASE_RANK: This is the Rank for a virtual root that might be used to
+ coordinate multiple roots. BASE_RANK has a value of 0.
+
+ ROOT_RANK: This is the Rank for a DODAG root. ROOT_RANK has a value
+ of MinHopRankIncrease (as advertised by the DODAG root), such
+ that DAGRank(ROOT_RANK) is 1.
+
+ INFINITE_RANK: This is the constant maximum for the Rank.
+ INFINITE_RANK has a value of 0xFFFF.
+
+ RPL_DEFAULT_INSTANCE: This is the RPLInstanceID that is used by this
+ protocol by a node without any overriding policy.
+ RPL_DEFAULT_INSTANCE has a value of 0.
+
+ DEFAULT_PATH_CONTROL_SIZE: This is the default value used to
+ configure PCS in the DODAG Configuration option, which dictates
+ the number of significant bits in the Path Control field of the
+ Transit Information option. DEFAULT_PATH_CONTROL_SIZE has a
+ value of 0. This configures the simplest case limiting the
+ fan-out to 1 and limiting a node to send a DAO message to only
+ one parent.
+
+ DEFAULT_DIO_INTERVAL_MIN: This is the default value used to configure
+ Imin for the DIO Trickle timer. DEFAULT_DIO_INTERVAL_MIN has a
+ value of 3. This configuration results in Imin of 8 ms.
+
+ DEFAULT_DIO_INTERVAL_DOUBLINGS: This is the default value used to
+ configure Imax for the DIO Trickle timer.
+ DEFAULT_DIO_INTERVAL_DOUBLINGS has a value of 20. This
+ configuration results in a maximum interval of 2.3 hours.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 112]
+
+RFC 6550 RPL March 2012
+
+
+ DEFAULT_DIO_REDUNDANCY_CONSTANT: This is the default value used to
+ configure k for the DIO Trickle timer.
+ DEFAULT_DIO_REDUNDANCY_CONSTANT has a value of 10. This
+ configuration is a conservative value for Trickle suppression
+ mechanism.
+
+ DEFAULT_MIN_HOP_RANK_INCREASE: This is the default value of
+ MinHopRankIncrease. DEFAULT_MIN_HOP_RANK_INCREASE has a value
+ of 256. This configuration results in an 8-bit wide integer
+ part of Rank.
+
+ DEFAULT_DAO_DELAY: This is the default value for the DelayDAO Timer.
+ DEFAULT_DAO_DELAY has a value of 1 second. See Section 9.5.
+
+ DIO Timer: One instance per DODAG of which a node is a member.
+ Expiry triggers DIO message transmission. A Trickle timer with
+ variable interval in [0,
+ DIOIntervalMin..2^DIOIntervalDoublings]. See Section 8.3.1
+
+ DAG Version Increment Timer: Up to one instance per DODAG of which
+ the node is acting as DODAG root. May not be supported in all
+ implementations. Expiry triggers increment of
+ DODAGVersionNumber, causing a new series of updated DIO message
+ to be sent. Interval should be chosen appropriate to
+ propagation time of DODAG and as appropriate to application
+ requirements (e.g., response time versus overhead).
+
+ DelayDAO Timer: Up to one timer per DAO parent (the subset of DODAG
+ parents chosen to receive destination advertisements) per
+ DODAG. Expiry triggers sending of DAO message to the DAO
+ parent. See Section 9.5
+
+ RemoveTimer: Up to one timer per DAO entry per neighbor (i.e., those
+ neighbors that have given DAO messages to this node as a DODAG
+ parent). Expiry may trigger No-Path advertisements or
+ immediately deallocate the DAO entry if there are no DAO
+ parents.
+
+18. Manageability Considerations
+
+ The aim of this section is to give consideration to the manageability
+ of RPL, and how RPL will be operated in an LLN. The scope of this
+ section is to consider the following aspects of manageability:
+ configuration, monitoring, fault management, accounting, and
+ performance of the protocol in light of the recommendations set forth
+ in [RFC5706].
+
+
+
+
+
+Winter, et al. Standards Track [Page 113]
+
+RFC 6550 RPL March 2012
+
+
+18.1. Introduction
+
+ Most of the existing IETF management standards are MIB modules (data
+ models based on the Structure of Management Information (SMI)) to
+ monitor and manage networking devices.
+
+ For a number of protocols, the IETF community has used the IETF
+ Standard Management Framework, including the Simple Network
+ Management Protocol [RFC3410], the Structure of Management
+ Information [RFC2578], and MIB data models for managing new
+ protocols.
+
+ As pointed out in [RFC5706], the common policy in terms of operation
+ and management has been expanded to a policy that is more open to a
+ set of tools and management protocols rather than strictly relying on
+ a single protocol such as SNMP.
+
+ In 2003, the Internet Architecture Board (IAB) held a workshop on
+ Network Management [RFC3535] that discussed the strengths and
+ weaknesses of some IETF network management protocols and compared
+ them to operational needs, especially configuration.
+
+ One issue discussed was the user-unfriendliness of the binary format
+ of SNMP [RFC3410]. In the case of LLNs, it must be noted that at the
+ time of writing, the CoRE working group is actively working on
+ resource management of devices in LLNs. Still, it is felt that this
+ section provides important guidance on how RPL should be deployed,
+ operated, and managed.
+
+ As stated in [RFC5706]:
+
+ A management information model should include a discussion of what
+ is manageable, which aspects of the protocol need to be
+ configured, what types of operations are allowed, what protocol-
+ specific events might occur, which events can be counted, and for
+ which events an operator should be notified.
+
+ These aspects are discussed in detail in the following sections.
+
+ RPL will be used on a variety of devices that may have resources such
+ as memory varying from a few kilobytes to several hundreds of
+ kilobytes and even megabytes. When memory is highly constrained, it
+ may not be possible to satisfy all the requirements listed in this
+ section. Still it is worth listing all of these in an exhaustive
+ fashion, and implementers will then determine which of these
+ requirements could be satisfied according to the available resources
+ on the device.
+
+
+
+
+Winter, et al. Standards Track [Page 114]
+
+RFC 6550 RPL March 2012
+
+
+18.2. Configuration Management
+
+ This section discusses the configuration management, listing the
+ protocol parameters for which configuration management is relevant.
+
+ Some of the RPL parameters are optional. The requirements for
+ configuration are only applicable for the options that are used.
+
+18.2.1. Initialization Mode
+
+ "Architectural Principles of the Internet" [RFC1958], Section 3.8,
+ states: "Avoid options and parameters whenever possible. Any options
+ and parameters should be configured or negotiated dynamically rather
+ than manually". This is especially true in LLNs where the number of
+ devices may be large and manual configuration is infeasible. This
+ has been taken into account in the design of RPL whereby the DODAG
+ root provides a number of parameters to the devices joining the
+ DODAG, thus avoiding cumbersome configuration on the routers and
+ potential sources of misconfiguration (e.g., values of Trickle
+ timers, etc.). Still, there are additional RPL parameters that a RPL
+ implementation should allow to be configured, which are discussed in
+ this section.
+
+18.2.1.1. DIS Mode of Operation upon Boot-Up
+
+ When a node is first powered up:
+
+ 1. The node may decide to stay silent, waiting to receive DIO
+ messages from DODAG of interest (advertising a supported OF and
+ metrics/constraints) and not send any multicast DIO messages
+ until it has joined a DODAG.
+
+ 2. The node may decide to send one or more DIS messages (optionally,
+ requesting DIO for a specific DODAG) as an initial probe for
+ nearby DODAGs, and in the absence of DIO messages in reply after
+ some configurable period of time, the node may decide to root a
+ floating DODAG and start sending multicast DIO messages.
+
+ A RPL implementation SHOULD allow configuring the preferred mode of
+ operation listed above along with the required parameters (in the
+ second mode: the number of DIS messages and related timer).
+
+18.2.2. DIO and DAO Base Message and Options Configuration
+
+ RPL specifies a number of protocol parameters considering the large
+ spectrum of applications where it will be used. That said,
+ particular attention has been given to limiting the number of these
+ parameters that must be configured on each RPL router. Instead, a
+
+
+
+Winter, et al. Standards Track [Page 115]
+
+RFC 6550 RPL March 2012
+
+
+ number of the default values can be used, and when required these
+ parameters can be provided by the DODAG root thus allowing for
+ dynamic parameter setting.
+
+ A RPL implementation SHOULD allow configuring the following routing
+ protocol parameters. As pointed out above, note that a large set of
+ parameters is configured on the DODAG root.
+
+18.2.3. Protocol Parameters to Be Configured on Every Router in the LLN
+
+ A RPL implementation MUST allow configuring the following RPL
+ parameters:
+
+ o RPLInstanceID [DIO message, in DIO Base message]. Although the
+ RPLInstanceID must be configured on the DODAG root, it must also
+ be configured as a policy on every node in order to determine
+ whether or not the node should join a particular DODAG. Note that
+ a second RPLInstanceID can be configured on the node, should it
+ become root of a floating DODAG.
+
+ o List of supported Objective Code Points (OCPs)
+
+ o List of supported metrics: [RFC6551] specifies a number of metrics
+ and constraints used for the DODAG formation. Thus, a RPL
+ implementation should allow configuring the list of metrics that a
+ node can accept and understand. If a DIO is received with a
+ metric and/or constraint that is not understood or supported, as
+ specified in Section 8.5, the node would join as a leaf node.
+
+ o Prefix Information, along with valid and preferred lifetime and
+ the 'L' and 'A' flags. [DIO message, Prefix Information Option].
+ A RPL implementation SHOULD allow configuring if the Prefix
+ Information option must be carried with the DIO message to
+ distribute the Prefix Information for autoconfiguration. In that
+ case, the RPL implementation MUST allow the list of prefixes to be
+ advertised in the PIO along with the corresponding flags.
+
+ o Solicited Information [DIS message, in Solicited Information
+ option]. Note that a RPL implementation SHOULD allow configuring
+ when such messages should be sent and under which circumstances,
+ along with the value of the RPLInstance ID, 'V'/'I'/'D' flags.
+
+ o 'K' flag: when a node should set the 'K' flag in a DAO message
+ [DAO message, in DAO Base message].
+
+ o MOP (Mode of Operation) [DIO message, in DIO Base message].
+
+
+
+
+
+Winter, et al. Standards Track [Page 116]
+
+RFC 6550 RPL March 2012
+
+
+ o Route Information (and preference) [DIO message, in Route
+ Information option]
+
+18.2.4. Protocol Parameters to Be Configured on Every Non-DODAG-Root
+ Router in the LLN
+
+ A RPL implementation MUST allow configuring the Target prefix [DAO
+ message, in RPL Target option].
+
+ Furthermore, there are circumstances where a node may want to
+ designate a Target to allow for specific processing of the Target
+ (prioritization, etc.). Such processing rules are out of scope for
+ this specification. When used, a RPL implementation SHOULD allow
+ configuring the Target Descriptor on a per-Target basis (for example,
+ using access lists).
+
+ A node whose DODAG parent set is empty may become the DODAG root of a
+ floating DODAG. It may also set its DAGPreference such that it is
+ less preferred. Thus, a RPL implementation MUST allow configuring
+ the set of actions that the node should initiate in this case:
+
+ o Start its own (floating) DODAG: the new DODAGID must be configured
+ in addition to its DAGPreference.
+
+ o Poison the broken path (see procedure in Section 8.2.2.5).
+
+ o Trigger a local repair.
+
+18.2.5. Parameters to Be Configured on the DODAG Root
+
+ In addition, several other parameters are configured only on the
+ DODAG root and advertised in options carried in DIO messages.
+
+ As specified in Section 8.3, a RPL implementation makes use of
+ Trickle timers to govern the sending of DIO messages. The operation
+ of the Trickle algorithm is determined by a set of configurable
+ parameters, which MUST be configurable and that are then advertised
+ by the DODAG root along the DODAG in DIO messages.
+
+ o DIOIntervalDoublings [DIO message, in DODAG Configuration option]
+
+ o DIOIntervalMin [DIO message, in DODAG Configuration option]
+
+ o DIORedundancyConstant [DIO message, in DODAG Configuration option]
+
+ In addition, a RPL implementation SHOULD allow for configuring the
+ following set of RPL parameters:
+
+
+
+
+Winter, et al. Standards Track [Page 117]
+
+RFC 6550 RPL March 2012
+
+
+ o Path Control Size [DIO message, in DODAG Configuration option]
+
+ o MinHopRankIncrease [DIO message, in DODAG Configuration option]
+
+ o The DODAGPreference field [DIO message, DIO Base object]
+
+ o DODAGID [DIO message, in DIO Base option] and [DAO message, when
+ the 'D' flag of the DAO message is set]
+
+ DAG root behavior: in some cases, a node may not want to permanently
+ act as a floating DODAG root if it cannot join a grounded DODAG. For
+ example, a battery-operated node may not want to act as a floating
+ DODAG root for a long period of time. Thus, a RPL implementation MAY
+ support the ability to configure whether or not a node could act as a
+ floating DODAG root for a configured period of time.
+
+ DAG Version Number Increment: a RPL implementation may allow, by
+ configuration at the DODAG root, refreshing the DODAG states by
+ updating the DODAGVersionNumber. A RPL implementation SHOULD allow
+ configuring whether or not periodic or event triggered mechanisms are
+ used by the DODAG root to control DODAGVersionNumber change (which
+ triggers a global repair as specified in Section 3.2.2).
+
+18.2.6. Configuration of RPL Parameters Related to DAO-Based Mechanisms
+
+ DAO messages are optional and used in DODAGs that require Downward
+ routing operation. This section deals with the set of parameters
+ related to DAO messages and provides recommendations on their
+ configuration.
+
+ As stated in Section 9.5, it is recommended to delay the sending of
+ DAO message to DAO parents in order to maximize the chances to
+ perform route aggregation. Upon receiving a DAO message, the node
+ should thus start a DelayDAO timer. The default value is
+ DEFAULT_DAO_DELAY. A RPL implementation MAY allow for configuring
+ the DelayDAO timer.
+
+ In a Storing mode of operation, a storing node may increment DTSN in
+ order to reliably trigger a set of DAO updates from its immediate
+ children, as part of routine routing table updates and maintenance.
+ A RPL implementation MAY allow for configuring a set of rules
+ specifying the triggers for DTSN increment (manual or event-based).
+
+ When a DAO entry times out or is invalidated, a node SHOULD make a
+ reasonable attempt to report a No-Path to each of the DAO parents.
+ That number of attempts MAY be configurable.
+
+
+
+
+
+Winter, et al. Standards Track [Page 118]
+
+RFC 6550 RPL March 2012
+
+
+ An implementation should support rate-limiting the sending of DAO
+ messages. The related parameters MAY be configurable.
+
+18.2.7. Configuration of RPL Parameters Related to Security Mechanisms
+
+ As described in Section 10, the security features described in this
+ document are optional to implement and a given implementation may
+ support a subset (including the empty set) of the described security
+ features.
+
+ To this end, an implementation supporting described security features
+ may conceptually implement a security policy database. In support of
+ the security mechanisms, a RPL implementation SHOULD allow for
+ configuring a subset of the following parameters:
+
+ o Security Modes accepted [Unsecured mode, Preinstalled mode,
+ Authenticated mode]
+
+ o KIM values accepted [Secure RPL control messages, in Security
+ section]
+
+ o Level values accepted [Secure RPL control messages, in Security
+ section]
+
+ o Algorithm values accepted [Secure RPL control messages, in
+ Security section]
+
+ o Key material in support of Authenticated or Preinstalled key
+ modes.
+
+ In addition, a RPL implementation SHOULD allow for configuring a
+ DODAG root with a subset of the following parameters:
+
+ o Level values advertised [Secure DIO message, in Security section]
+
+ o KIM value advertised [Secure DIO message, in Security section]
+
+ o Algorithm value advertised [Secure DIO message, in Security
+ section]
+
+18.2.8. Default Values
+
+ This document specifies default values for the following set of RPL
+ variables:
+ DEFAULT_PATH_CONTROL_SIZE
+ DEFAULT_DIO_INTERVAL_MIN
+ DEFAULT_DIO_INTERVAL_DOUBLINGS
+ DEFAULT_DIO_REDUNDANCY_CONSTANT
+
+
+
+Winter, et al. Standards Track [Page 119]
+
+RFC 6550 RPL March 2012
+
+
+ DEFAULT_MIN_HOP_RANK_INCREASE
+ DEFAULT_DAO_DELAY
+
+ It is recommended to specify default values in protocols; that being
+ said, as discussed in [RFC5706], default values may make less and
+ less sense. RPL is a routing protocol that is expected to be used in
+ a number of contexts where network characteristics such as the number
+ of nodes and link and node types are expected to vary significantly.
+ Thus, these default values are likely to change with the context and
+ as the technology evolves. Indeed, LLNs' related technology (e.g.,
+ hardware, link layers) have been evolving dramatically over the past
+ few years and such technologies are expected to change and evolve
+ considerably in the coming years.
+
+ The proposed values are not based on extensive best current practices
+ and are considered to be conservative.
+
+18.3. Monitoring of RPL Operation
+
+ Several RPL parameters should be monitored to verify the correct
+ operation of the routing protocol and the network itself. This
+ section lists the set of monitoring parameters of interest.
+
+18.3.1. Monitoring a DODAG Parameters
+
+ A RPL implementation SHOULD provide information about the following
+ parameters:
+
+ o DODAG Version number [DIO message, in DIO Base message]
+
+ o Status of the 'G' flag [DIO message, in DIO Base message]
+
+ o Status of the MOP field [DIO message, in DIO Base message]
+
+ o Value of the DTSN [DIO message, in DIO Base message]
+
+ o Value of the Rank [DIO message, in DIO Base message]
+
+ o DAOSequence: Incremented at each unique DAO message, echoed in the
+ DAO-ACK message [DAO and DAO-ACK messages]
+
+ o Route Information [DIO message, Route Information Option] (list of
+ IPv6 prefixes per parent along with lifetime and preference]
+
+ o Trickle parameters:
+
+ * DIOIntervalDoublings [DIO message, in DODAG Configuration
+ option]
+
+
+
+Winter, et al. Standards Track [Page 120]
+
+RFC 6550 RPL March 2012
+
+
+ * DIOIntervalMin [DIO message, in DODAG Configuration option]
+
+ * DIORedundancyConstant [DIO message, in DODAG Configuration
+ option]
+
+ o Path Control Size [DIO message, in DODAG Configuration option]
+
+ o MinHopRankIncrease [DIO message, in DODAG Configuration option]
+
+ Values that may be monitored only on the DODAG root:
+
+ o Transit Information [DAO, Transit Information option]: A RPL
+ implementation SHOULD allow configuring whether the set of
+ received Transit Information options should be displayed on the
+ DODAG root. In this case, the RPL database of received Transit
+ Information should also contain the Path Sequence, Path Control,
+ Path Lifetime, and Parent Address.
+
+18.3.2. Monitoring a DODAG Inconsistencies and Loop Detection
+
+ Detection of DODAG inconsistencies is particularly critical in RPL
+ networks. Thus, it is recommended for a RPL implementation to
+ provide appropriate monitoring tools. A RPL implementation SHOULD
+ provide a counter reporting the number of a times the node has
+ detected an inconsistency with respect to a DODAG parent, e.g., if
+ the DODAGID has changed.
+
+ When possible more granular information about inconsistency detection
+ should be provided. A RPL implementation MAY provide counters
+ reporting the number of following inconsistencies:
+
+ o Packets received with 'O' bit set (to Down) from a node with a
+ higher Rank
+
+ o Packets received with 'O' bit cleared (to Up) from a node with a
+ lower Rank
+
+ o Number of packets with the 'F' bit set
+
+ o Number of packets with the 'R' bit set
+
+18.4. Monitoring of the RPL Data Structures
+
+18.4.1. Candidate Neighbor Data Structure
+
+ A node in the candidate neighbor list is a node discovered by the
+ same means and qualified to potentially become a parent (with high
+ enough local confidence). A RPL implementation SHOULD provide a way
+
+
+
+Winter, et al. Standards Track [Page 121]
+
+RFC 6550 RPL March 2012
+
+
+ to allow for the candidate neighbor list to be monitored with some
+ metric reflecting local confidence (the degree of stability of the
+ neighbors) as measured by some metrics.
+
+ A RPL implementation MAY provide a counter reporting the number of
+ times a candidate neighbor has been ignored, should the number of
+ candidate neighbors exceed the maximum authorized value.
+
+18.4.2. Destination-Oriented Directed Acyclic Graph (DODAG) Table
+
+ For each DODAG, a RPL implementation is expected to keep track of the
+ following DODAG table values:
+
+ o RPLInstanceID
+
+ o DODAGID
+
+ o DODAGVersionNumber
+
+ o Rank
+
+ o Objective Code Point
+
+ o A set of DODAG parents
+
+ o A set of prefixes offered Upward along the DODAG
+
+ o Trickle timers used to govern the sending of DIO messages for the
+ DODAG
+
+ o List of DAO parents
+
+ o DTSN
+
+ o Node status (router versus leaf)
+
+ A RPL implementation SHOULD allow for monitoring the set of
+ parameters listed above.
+
+18.4.3. Routing Table and DAO Routing Entries
+
+ A RPL implementation maintains several information elements related
+ to the DODAG and the DAO entries (for storing nodes). In the case of
+ a non-storing node, a limited amount of information is maintained
+ (the routing table is mostly reduced to a set of DODAG parents along
+ with characteristics of the DODAG as mentioned above); whereas in the
+ case of storing nodes, this information is augmented with routing
+ entries.
+
+
+
+Winter, et al. Standards Track [Page 122]
+
+RFC 6550 RPL March 2012
+
+
+ A RPL implementation SHOULD allow for the following parameters to be
+ monitored:
+
+ o Next Hop (DODAG parent)
+
+ o Next Hop Interface
+
+ o Path metrics value for each DODAG parent
+
+ A DAO Routing Table entry conceptually contains the following
+ elements (for storing nodes only):
+
+ o Advertising Neighbor Information
+
+ o IPv6 address
+
+ o Interface ID to which DAO parents has this entry been reported
+
+ o Retry counter
+
+ o Logical equivalent of DAO Content:
+
+ * DAO-Sequence
+
+ * Path Sequence
+
+ * DAO Lifetime
+
+ * DAO Path Control
+
+ o Destination Prefix (or address or Mcast Group)
+
+ A RPL implementation SHOULD provide information about the state of
+ each DAO Routing Table entry states.
+
+18.5. Fault Management
+
+ Fault management is a critical component used for troubleshooting,
+ verification of the correct mode of operation of the protocol, and
+ network design; also, it is a key component of network performance
+ monitoring. A RPL implementation SHOULD allow the provision of the
+ following information related to fault managements:
+
+ o Memory overflow along with the cause (e.g., routing tables
+ overflow, etc.)
+
+ o Number of times a packet could not be sent to a DODAG parent
+ flagged as valid
+
+
+
+Winter, et al. Standards Track [Page 123]
+
+RFC 6550 RPL March 2012
+
+
+ o Number of times a packet has been received for which the router
+ did not have a corresponding RPLInstanceID
+
+ o Number of times a local repair procedure was triggered
+
+ o Number of times a global repair was triggered by the DODAG root
+
+ o Number of received malformed messages
+
+ o Number of seconds with packets to forward and no next hop (DODAG
+ parent)
+
+ o Number of seconds without next hop (DODAG parent)
+
+ o Number of times a node has joined a DODAG as a leaf because it
+ received a DIO with a metric/constraint that was not understood
+ and it was configured to join as a leaf node in this case (see
+ Section 18.6)
+
+ It is RECOMMENDED to report faults via at least error log messages.
+ Other protocols may be used to report such faults.
+
+18.6. Policy
+
+ Policy rules can be used by a RPL implementation to determine whether
+ or not the node is allowed to join a particular DODAG advertised by a
+ neighbor by means of DIO messages.
+
+ This document specifies operation within a single DODAG. A DODAG is
+ characterized by the following tuple (RPLInstanceID, DODAGID).
+ Furthermore, as pointed out above, DIO messages are used to advertise
+ other DODAG characteristics such as the routing metrics and
+ constraints used to build to the DODAG and the Objective Function in
+ use (specified by OCP).
+
+ The first policy rules consist of specifying the following conditions
+ that a RPL node must satisfy to join a DODAG:
+
+ o RPLInstanceID
+
+ o List of supported routing metrics and constraints
+
+ o Objective Function (OCP values)
+
+ A RPL implementation MUST allow configuring these parameters and
+ SHOULD specify whether the node must simply ignore the DIO if the
+ advertised DODAG is not compliant with the local policy or whether
+ the node should join as the leaf node if only the list of supported
+
+
+
+Winter, et al. Standards Track [Page 124]
+
+RFC 6550 RPL March 2012
+
+
+ routing metrics and constraints, and the OF is not supported.
+ Additionally, a RPL implementation SHOULD allow for the addition of
+ the DODAGID as part of the policy.
+
+ A RPL implementation SHOULD allow configuring the set of acceptable
+ or preferred Objective Functions (OFs) referenced by their Objective
+ Code Points (OCPs) for a node to join a DODAG, and what action should
+ be taken if none of a node's candidate neighbors advertise one of the
+ configured allowable Objective Functions, or if the advertised
+ metrics/constraint is not understood/supported. Two actions can be
+ taken in this case:
+
+ o The node joins the DODAG as a leaf node as specified in
+ Section 8.5.
+
+ o The node does not join the DODAG.
+
+ A node in an LLN may learn routing information from different routing
+ protocols including RPL. In this case, it is desirable to control,
+ via administrative preference, which route should be favored. An
+ implementation SHOULD allow for the specification of an
+ administrative preference for the routing protocol from which the
+ route was learned.
+
+ Internal Data Structures: some RPL implementations may limit the size
+ of the candidate neighbor list in order to bound the memory usage; in
+ which case, some otherwise viable candidate neighbors may not be
+ considered and simply dropped from the candidate neighbor list.
+
+ A RPL implementation MAY provide an indicator on the size of the
+ candidate neighbor list.
+
+18.7. Fault Isolation
+
+ It is RECOMMENDED to quarantine neighbors that start emitting
+ malformed messages at unacceptable rates.
+
+18.8. Impact on Other Protocols
+
+ RPL has very limited impact on other protocols. Where more than one
+ routing protocol is required on a router, such as an LBR, it is
+ expected for the device to support routing redistribution functions
+ between the routing protocols to allow for reachability between the
+ two routing domains. Such redistribution SHOULD be governed by the
+ use of user configurable policy.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 125]
+
+RFC 6550 RPL March 2012
+
+
+ With regard to the impact in terms of traffic on the network, RPL has
+ been designed to limit the control traffic thanks to mechanisms such
+ as Trickle timers (Section 8.3). Thus, the impact of RPL on other
+ protocols should be extremely limited.
+
+18.9. Performance Management
+
+ Performance management is always an important aspect of a protocol,
+ and RPL is not an exception. Several metrics of interest have been
+ specified by the IP Performance Monitoring (IPPM) working group: that
+ being said, they will be hardly applicable to LLN considering the
+ cost of monitoring these metrics in terms of resources on the devices
+ and required bandwidth. Still, RPL implementations MAY support some
+ of these, and other parameters of interest are listed below:
+
+ o Number of repairs and time to repair in seconds (average,
+ variance)
+
+ o Number of times and time period during which a devices could not
+ forward a packet because of a lack of a reachable neighbor in its
+ routing table
+
+ o Monitoring of resources consumption by RPL in terms of bandwidth
+ and required memory
+
+ o Number of RPL control messages sent and received
+
+18.10. Diagnostics
+
+ There may be situations where a node should be placed in "verbose"
+ mode to improve diagnostics. Thus, a RPL implementation SHOULD
+ provide the ability to place a node in and out of verbose mode in
+ order to get additional diagnostic information.
+
+19. Security Considerations
+
+19.1. Overview
+
+ From a security perspective, RPL networks are no different from any
+ other network. They are vulnerable to passive eavesdropping attacks
+ and, potentially, even active tampering when physical access to a
+ wire is not required to participate in communications. The very
+ nature of ad hoc networks and their cost objectives impose additional
+ security constraints, which perhaps make these networks the most
+ difficult environments to secure. Devices are low-cost and have
+ limited capabilities in terms of computing power, available storage,
+ and power drain; it cannot always be assumed they have a trusted
+ computing base or a high-quality random number generator aboard.
+
+
+
+Winter, et al. Standards Track [Page 126]
+
+RFC 6550 RPL March 2012
+
+
+ Communications cannot rely on the online availability of a fixed
+ infrastructure and might involve short-term relationships between
+ devices that may never have communicated before. These constraints
+ might severely limit the choice of cryptographic algorithms and
+ protocols and influence the design of the security architecture
+ because the establishment and maintenance of trust relationships
+ between devices need to be addressed with care. In addition, battery
+ lifetime and cost constraints put severe limits on the security
+ overhead these networks can tolerate, something that is of far less
+ concern with higher bandwidth networks. Most of these security
+ architectural elements can be implemented at higher layers and may,
+ therefore, be considered to be out of scope for this specification.
+ Special care, however, needs to be exercised with respect to
+ interfaces to these higher layers.
+
+ The security mechanisms in this standard are based on symmetric-key
+ and public-key cryptography and use keys that are to be provided by
+ higher-layer processes. The establishment and maintenance of these
+ keys are out of scope for this specification. The mechanisms assume
+ a secure implementation of cryptographic operations and secure and
+ authentic storage of keying material.
+
+ The security mechanisms specified provide particular combinations of
+ the following security services:
+
+ Data confidentiality: Assurance that transmitted information is only
+ disclosed to parties for which it is intended.
+
+ Data authenticity: Assurance of the source of transmitted information
+ (and, hereby, that information was not modified in transit).
+
+ Replay protection: Assurance that a duplicate of transmitted
+ information is detected.
+
+ Timeliness (delay protection): Assurance that transmitted
+ information was received in a timely manner.
+
+ The actual protection provided can be adapted on a per-packet basis
+ and allows for varying levels of data authenticity (to minimize
+ security overhead in transmitted packets where required) and for
+ optional data confidentiality. When nontrivial protection is
+ required, replay protection is always provided.
+
+ Replay protection is provided via the use of a non-repeating value
+ (CCM nonce) in the packet protection process and storage of some
+ status information (originating device and the CCM nonce counter last
+ received from that device), which allows detection of whether this
+ particular CCM nonce value was used previously by the originating
+
+
+
+Winter, et al. Standards Track [Page 127]
+
+RFC 6550 RPL March 2012
+
+
+ device. In addition, so-called delay protection is provided amongst
+ those devices that have a loosely synchronized clock on board. The
+ acceptable time delay can be adapted on a per-packet basis and allows
+ for varying latencies (to facilitate longer latencies in packets
+ transmitted over a multi-hop communication path).
+
+ Cryptographic protection may use a key shared between two peer
+ devices (link key) or a key shared among a group of devices (group
+ key), thus allowing some flexibility and application-specific trade-
+ offs between key storage and key maintenance costs versus the
+ cryptographic protection provided. If a group key is used for peer-
+ to-peer communication, protection is provided only against outsider
+ devices and not against potential malicious devices in the key-
+ sharing group.
+
+ Data authenticity may be provided using symmetric-key-based or
+ public-key-based techniques. With public-key-based techniques (via
+ signatures), one corroborates evidence as to the unique originator of
+ transmitted information, whereas with symmetric-key-based techniques,
+ data authenticity is only provided relative to devices in a key-
+ sharing group. Thus, public-key-based authentication may be useful
+ in scenarios that require a more fine-grained authentication than can
+ be provided with symmetric-key-based authentication techniques alone,
+ such as with group communications (broadcast, multicast) or in
+ scenarios that require non-repudiation.
+
+20. IANA Considerations
+
+20.1. RPL Control Message
+
+ The RPL control message is an ICMP information message type that is
+ to be used carry DODAG Information Objects, DODAG Information
+ Solicitations, and Destination Advertisement Objects in support of
+ RPL operation.
+
+ IANA has defined an ICMPv6 Type Number Registry. The type value for
+ the RPL control message is 155.
+
+20.2. New Registry for RPL Control Codes
+
+ IANA has created a registry, RPL Control Codes, for the Code field of
+ the ICMPv6 RPL control message.
+
+ New codes may be allocated only by an IETF Review. Each code is
+ tracked with the following qualities:
+
+ o Code
+
+
+
+
+Winter, et al. Standards Track [Page 128]
+
+RFC 6550 RPL March 2012
+
+
+ o Description
+
+ o Defining RFC
+
+ The following codes are currently defined:
+
+ +------+----------------------------------------------+-------------+
+ | Code | Description | Reference |
+ +------+----------------------------------------------+-------------+
+ | 0x00 | DODAG Information Solicitation | This |
+ | | | document |
+ | | | |
+ | 0x01 | DODAG Information Object | This |
+ | | | document |
+ | | | |
+ | 0x02 | Destination Advertisement Object | This |
+ | | | document |
+ | | | |
+ | 0x03 | Destination Advertisement Object | This |
+ | | Acknowledgment | document |
+ | | | |
+ | 0x80 | Secure DODAG Information Solicitation | This |
+ | | | document |
+ | | | |
+ | 0x81 | Secure DODAG Information Object | This |
+ | | | document |
+ | | | |
+ | 0x82 | Secure Destination Advertisement Object | This |
+ | | | document |
+ | | | |
+ | 0x83 | Secure Destination Advertisement Object | This |
+ | | Acknowledgment | document |
+ | | | |
+ | 0x8A | Consistency Check | This |
+ | | | document |
+ +------+----------------------------------------------+-------------+
+
+ RPL Control Codes
+
+20.3. New Registry for the Mode of Operation (MOP)
+
+ IANA has created a registry for the 3-bit Mode of Operation (MOP),
+ which is contained in the DIO Base.
+
+ New values may be allocated only by an IETF Review. Each value is
+ tracked with the following qualities:
+
+ o Mode of Operation Value
+
+
+
+Winter, et al. Standards Track [Page 129]
+
+RFC 6550 RPL March 2012
+
+
+ o Capability description
+
+ o Defining RFC
+
+ Four values are currently defined:
+
+ +----------+------------------------------------------+-------------+
+ | MOP | Description | Reference |
+ | value | | |
+ +----------+------------------------------------------+-------------+
+ | 0 | No Downward routes maintained by RPL | This |
+ | | | document |
+ | | | |
+ | 1 | Non-Storing Mode of Operation | This |
+ | | | document |
+ | | | |
+ | 2 | Storing Mode of Operation with no | This |
+ | | multicast support | document |
+ | | | |
+ | 3 | Storing Mode of Operation with multicast | This |
+ | | support | document |
+ +----------+------------------------------------------+-------------+
+
+ DIO Mode of Operation
+
+ The rest of the range, decimal 4 to 7, is currently unassigned.
+
+20.4. RPL Control Message Options
+
+ IANA has created a registry for the RPL Control Message Options.
+
+ New values may be allocated only by an IETF Review. Each value is
+ tracked with the following qualities:
+
+ o Value
+
+ o Meaning
+
+ o Defining RFC
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 130]
+
+RFC 6550 RPL March 2012
+
+
+ +-------+-----------------------+---------------+
+ | Value | Meaning | Reference |
+ +-------+-----------------------+---------------+
+ | 0x00 | Pad1 | This document |
+ | | | |
+ | 0x01 | PadN | This document |
+ | | | |
+ | 0x02 | DAG Metric Container | This Document |
+ | | | |
+ | 0x03 | Routing Information | This Document |
+ | | | |
+ | 0x04 | DODAG Configuration | This Document |
+ | | | |
+ | 0x05 | RPL Target | This Document |
+ | | | |
+ | 0x06 | Transit Information | This Document |
+ | | | |
+ | 0x07 | Solicited Information | This Document |
+ | | | |
+ | 0x08 | Prefix Information | This Document |
+ | | | |
+ | 0x09 | Target Descriptor | This Document |
+ +-------+-----------------------+---------------+
+
+ RPL Control Message Options
+
+20.5. Objective Code Point (OCP) Registry
+
+ IANA has created a registry to manage the codespace of the Objective
+ Code Point (OCP) field.
+
+ No OCPs are defined in this specification.
+
+ New codes may be allocated only by an IETF Review. Each code is
+ tracked with the following qualities:
+
+ o Code
+
+ o Description
+
+ o Defining RFC
+
+20.6. New Registry for the Security Section Algorithm
+
+ IANA has created a registry for the values of the 8-bit Algorithm
+ field in the Security section.
+
+
+
+
+
+Winter, et al. Standards Track [Page 131]
+
+RFC 6550 RPL March 2012
+
+
+ New values may be allocated only by an IETF Review. Each value is
+ tracked with the following qualities:
+
+ o Value
+
+ o Encryption/MAC
+
+ o Signature
+
+ o Defining RFC
+
+ The following value is currently defined:
+
+ +-------+------------------+------------------+---------------+
+ | Value | Encryption/MAC | Signature | Reference |
+ +-------+------------------+------------------+---------------+
+ | 0 | CCM with AES-128 | RSA with SHA-256 | This document |
+ +-------+------------------+------------------+---------------+
+
+ Security Section Algorithm
+
+20.7. New Registry for the Security Section Flags
+
+ IANA has created a registry for the 8-bit Security Section Flags
+ field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+ No bit is currently defined for the Security Section Flags field.
+
+20.8. New Registry for Per-KIM Security Levels
+
+ IANA has created one registry for the 3-bit Security Level (LVL)
+ field per allocated KIM value.
+
+ For a given KIM value, new levels may be allocated only by an IETF
+ Review. Each level is tracked with the following qualities:
+
+ o Level
+
+ o KIM value
+
+
+
+Winter, et al. Standards Track [Page 132]
+
+RFC 6550 RPL March 2012
+
+
+ o Description
+
+ o Defining RFC
+
+ The following levels per KIM value are currently defined:
+
+ +-------+-----------+---------------+---------------+
+ | Level | KIM value | Description | Reference |
+ +-------+-----------+---------------+---------------+
+ | 0 | 0 | See Figure 11 | This document |
+ | | | | |
+ | 1 | 0 | See Figure 11 | This document |
+ | | | | |
+ | 2 | 0 | See Figure 11 | This document |
+ | | | | |
+ | 3 | 0 | See Figure 11 | This document |
+ | | | | |
+ | 0 | 1 | See Figure 11 | This document |
+ | | | | |
+ | 1 | 1 | See Figure 11 | This document |
+ | | | | |
+ | 2 | 1 | See Figure 11 | This document |
+ | | | | |
+ | 3 | 1 | See Figure 11 | This document |
+ | | | | |
+ | 0 | 2 | See Figure 11 | This document |
+ | | | | |
+ | 1 | 2 | See Figure 11 | This document |
+ | | | | |
+ | 2 | 2 | See Figure 11 | This document |
+ | | | | |
+ | 3 | 2 | See Figure 11 | This document |
+ | | | | |
+ | 0 | 3 | See Figure 11 | This document |
+ | | | | |
+ | 1 | 3 | See Figure 11 | This document |
+ | | | | |
+ | 2 | 3 | See Figure 11 | This document |
+ | | | | |
+ | 3 | 3 | See Figure 11 | This document |
+ +-------+-----------+---------------+---------------+
+
+ Per-KIM Security Levels
+
+20.9. New Registry for DODAG Informational Solicitation (DIS) Flags
+
+ IANA has created a registry for the DIS (DODAG Informational
+ Solicitation) Flags field.
+
+
+
+Winter, et al. Standards Track [Page 133]
+
+RFC 6550 RPL March 2012
+
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+ No bit is currently defined for the DIS (DODAG Informational
+ Solicitation) Flags field.
+
+20.10. New Registry for the DODAG Information Object (DIO) Flags
+
+ IANA has created a registry for the 8-bit DODAG Information Object
+ (DIO) Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+ No bit is currently defined for the DIS (DODAG Informational
+ Solicitation) Flags.
+
+20.11. New Registry for the Destination Advertisement Object (DAO)
+ Flags
+
+ IANA has created a registry for the 8-bit Destination Advertisement
+ Object (DAO) Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 134]
+
+RFC 6550 RPL March 2012
+
+
+ The following bits are currently defined:
+
+ +------------+------------------------------+---------------+
+ | Bit number | Description | Reference |
+ +------------+------------------------------+---------------+
+ | 0 | DAO-ACK request (K) | This document |
+ | | | |
+ | 1 | DODAGID field is present (D) | This document |
+ +------------+------------------------------+---------------+
+
+ DAO Base Flags
+
+20.12. New Registry for the Destination Advertisement Object (DAO)
+ Acknowledgement Flags
+
+ IANA has created a registry for the 8-bit Destination Advertisement
+ Object (DAO) Acknowledgement Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+ The following bit is currently defined:
+
+ +------------+------------------------------+---------------+
+ | Bit number | Description | Reference |
+ +------------+------------------------------+---------------+
+ | 0 | DODAGID field is present (D) | This document |
+ +------------+------------------------------+---------------+
+
+ DAO-ACK Base Flags
+
+20.13. New Registry for the Consistency Check (CC) Flags
+
+ IANA has created a registry for the 8-bit Consistency Check (CC)
+ Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+
+
+Winter, et al. Standards Track [Page 135]
+
+RFC 6550 RPL March 2012
+
+
+ o Defining RFC
+
+ The following bit is currently defined:
+
+ +------------+-----------------+---------------+
+ | Bit number | Description | Reference |
+ +------------+-----------------+---------------+
+ | 0 | CC Response (R) | This document |
+ +------------+-----------------+---------------+
+
+ Consistency Check Base Flags
+
+20.14. New Registry for the DODAG Configuration Option Flags
+
+ IANA has created a registry for the 8-bit DODAG Configuration Option
+ Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+ The following bits are currently defined:
+
+ +------------+----------------------------+---------------+
+ | Bit number | Description | Reference |
+ +------------+----------------------------+---------------+
+ | 4 | Authentication Enabled (A) | This document |
+ | 5-7 | Path Control Size (PCS) | This document |
+ +------------+----------------------------+---------------+
+
+ DODAG Configuration Option Flags
+
+20.15. New Registry for the RPL Target Option Flags
+
+ IANA has created a registry for the 8-bit RPL Target Option Flags
+ field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+
+
+Winter, et al. Standards Track [Page 136]
+
+RFC 6550 RPL March 2012
+
+
+ o Defining RFC
+
+ No bit is currently defined for the RPL Target Option Flags.
+
+20.16. New Registry for the Transit Information Option Flags
+
+ IANA has created a registry for the 8-bit Transit Information Option
+ (TIO) Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+ The following bits are currently defined:
+
+ +------------+--------------+---------------+
+ | Bit number | Description | Reference |
+ +------------+--------------+---------------+
+ | 0 | External (E) | This document |
+ +------------+--------------+---------------+
+
+ Transit Information Option Flags
+
+20.17. New Registry for the Solicited Information Option Flags
+
+ IANA has created a registry for the 8-bit Solicited Information
+ Option (SIO) Flags field.
+
+ New bit numbers may be allocated only by an IETF Review. Each bit is
+ tracked with the following qualities:
+
+ o Bit number (counting from bit 0 as the most significant bit)
+
+ o Capability description
+
+ o Defining RFC
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 137]
+
+RFC 6550 RPL March 2012
+
+
+ The following bits are currently defined:
+
+ +------------+--------------------------------+---------------+
+ | Bit number | Description | Reference |
+ +------------+--------------------------------+---------------+
+ | 0 | Version Predicate match (V) | This document |
+ | | | |
+ | 1 | InstanceID Predicate match (I) | This document |
+ | | | |
+ | 2 | DODAGID Predicate match (D) | This document |
+ +------------+--------------------------------+---------------+
+
+ Solicited Information Option Flags
+
+20.18. ICMPv6: Error in Source Routing Header
+
+ In some cases RPL will return an ICMPv6 error message when a message
+ cannot be delivered as specified by its source routing header. This
+ ICMPv6 error message is "Error in Source Routing Header".
+
+ IANA has defined an ICMPv6 "Code" Fields Registry for ICMPv6 Message
+ Types. ICMPv6 Message Type 1 describes "Destination Unreachable"
+ codes. The "Error in Source Routing Header" code is has been
+ allocated from the ICMPv6 Code Fields Registry for ICMPv6 Message
+ Type 1, with a code value of 7.
+
+20.19. Link-Local Scope Multicast Address
+
+ The rules for assigning new IPv6 multicast addresses are defined in
+ [RFC3307]. This specification requires the allocation of a new
+ permanent multicast address with a link-local scope for RPL nodes
+ called all-RPL-nodes, with a value of ff02::1a.
+
+21. Acknowledgements
+
+ The authors would like to acknowledge the review, feedback, and
+ comments from Emmanuel Baccelli, Dominique Barthel, Yusuf Bashir,
+ Yoav Ben-Yehezkel, Phoebus Chen, Quynh Dang, Mischa Dohler, Mathilde
+ Durvy, Joakim Eriksson, Omprakash Gnawali, Manhar Goindi, Mukul
+ Goyal, Ulrich Herberg, Anders Jagd, JeongGil (John) Ko, Ajay Kumar,
+ Quentin Lampin, Jerry Martocci, Matteo Paris, Alexandru Petrescu,
+ Joseph Reddy, Michael Richardson, Don Sturek, Joydeep Tripathi, and
+ Nicolas Tsiftes.
+
+ The authors would like to acknowledge the guidance and input provided
+ by the ROLL Chairs, David Culler and JP. Vasseur, and the Area
+ Director, Adrian Farrel.
+
+
+
+
+Winter, et al. Standards Track [Page 138]
+
+RFC 6550 RPL March 2012
+
+
+ The authors would like to acknowledge prior contributions of Robert
+ Assimiti, Mischa Dohler, Julien Abeille, Ryuji Wakikawa, Teco Boot,
+ Patrick Wetterwald, Bryan Mclaughlin, Carlos J. Bernardos, Thomas
+ Watteyne, Zach Shelby, Caroline Bontoux, Marco Molteni, Billy Moon,
+ Jim Bound, Yanick Pouffary, Henning Rogge, and Arsalan Tavakoli, who
+ have provided useful design considerations to RPL.
+
+ RPL Security Design, found in Section 10, Section 19, and elsewhere
+ throughout the document, is primarily the contribution of the
+ Security Design Team: Tzeta Tsao, Roger Alexander, Dave Ward, Philip
+ Levis, Kris Pister, Rene Struik, and Adrian Farrel.
+
+ Thanks also to Jari Arkko and Ralph Droms for their attentive
+ reviews, especially with respect to interoperability considerations
+ and integration with other IETF specifications.
+
+22. Contributors
+
+ Stephen Dawson-Haggerty
+ UC Berkeley
+ Soda Hall
+ Berkeley, CA 94720
+ USA
+
+ EMail: stevedh@cs.berkeley.edu
+
+23. References
+
+23.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version
+ 6 (IPv6) Specification", RFC 2460, December 1998.
+
+ [RFC3447] Jonsson, J. and B. Kaliski, "Public-Key Cryptography
+ Standards (PKCS) #1: RSA Cryptography Specifications
+ Version 2.1", RFC 3447, February 2003.
+
+ [RFC4191] Draves, R. and D. Thaler, "Default Router Preferences
+ and More-Specific Routes", RFC 4191, November 2005.
+
+ [RFC4302] Kent, S., "IP Authentication Header", RFC 4302,
+ December 2005.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 139]
+
+RFC 6550 RPL March 2012
+
+
+ [RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control
+ Message Protocol (ICMPv6) for the Internet Protocol
+ Version 6 (IPv6) Specification", RFC 4443, March 2006.
+
+ [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
+ "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
+ September 2007.
+
+ [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
+ Address Autoconfiguration", RFC 4862, September 2007.
+
+ [RFC6206] Levis, P., Clausen, T., Hui, J., Gnawali, O., and J.
+ Ko, "The Trickle Algorithm", RFC 6206, March 2011.
+
+ [RFC6275] Perkins, C., Johnson, D., and J. Arkko, "Mobility
+ Support in IPv6", RFC 6275, July 2011.
+
+ [RFC6551] Vasseur, JP., Ed., Kim, M., Ed., Pister, K., Dejean,
+ N., and D. Barthel, "Routing Metrics Used for Path
+ Calculation in Low-Power and Lossy Networks", RFC 6551,
+ March 2012.
+
+ [RFC6552] Thubert, P., Ed., "Objective Function Zero for the
+ Routing Protocol for Low-Power and Lossy Networks
+ (RPL)", RFC 6552, March 2012.
+
+ [RFC6553] Hui, J. and JP. Vasseur, "The Routing Protocol for Low-
+ Power and Lossy Networks (RPL) Option for Carrying RPL
+ Information in Data-Plane Datagrams", RFC 6553,
+ March 2012.
+
+ [RFC6554] Hui, J., Vasseur, JP., Culler, D., and V. Manral, "An
+ IPv6 Routing Header for Source Routes with the Routing
+ Protocol for Low-Power and Lossy Networks (RPL)",
+ RFC 6554, March 2012.
+
+23.2. Informative References
+
+ [6LOWPAN-ND] Shelby, Z., Ed., Chakrabarti, S., and E. Nordmark,
+ "Neighbor Discovery Optimization for Low Power and
+ Lossy Networks (6LoWPAN)", Work in Progress,
+ October 2011.
+
+ [FIPS180] National Institute of Standards and Technology, "FIPS
+ Pub 180-3, Secure Hash Standard (SHS)", US Department
+ of Commerce , February 2008,
+ <http://www.nist.gov/itl/upload/fips180-3_final.pdf>.
+
+
+
+
+Winter, et al. Standards Track [Page 140]
+
+RFC 6550 RPL March 2012
+
+
+ [Perlman83] Perlman, R., "Fault-Tolerant Broadcast of Routing
+ Information", North-Holland Computer Networks,
+ Vol.7: p. 395-405, December 1983.
+
+ [RFC1958] Carpenter, B., "Architectural Principles of the
+ Internet", RFC 1958, June 1996.
+
+ [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic",
+ RFC 1982, August 1996.
+
+ [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
+ Schoenwaelder, Ed., "Structure of Management
+ Information Version 2 (SMIv2)", STD 58, RFC 2578,
+ April 1999.
+
+ [RFC3307] Haberman, B., "Allocation Guidelines for IPv6 Multicast
+ Addresses", RFC 3307, August 2002.
+
+ [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
+ "Introduction and Applicability Statements for
+ Internet-Standard Management Framework", RFC 3410,
+ December 2002.
+
+ [RFC3535] Schoenwaelder, J., "Overview of the 2002 IAB Network
+ Management Workshop", RFC 3535, May 2003.
+
+ [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter
+ with CBC-MAC (CCM)", RFC 3610, September 2003.
+
+ [RFC3819] Karn, P., Bormann, C., Fairhurst, G., Grossman, D.,
+ Ludwig, R., Mahdavi, J., Montenegro, G., Touch, J., and
+ L. Wood, "Advice for Internet Subnetwork Designers",
+ BCP 89, RFC 3819, July 2004.
+
+ [RFC4101] Rescorla, E. and IAB, "Writing Protocol Models",
+ RFC 4101, June 2005.
+
+ [RFC4915] Psenak, P., Mirtorabi, S., Roy, A., Nguyen, L., and P.
+ Pillay-Esnault, "Multi-Topology (MT) Routing in OSPF",
+ RFC 4915, June 2007.
+
+ [RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi
+ Topology (MT) Routing in Intermediate System to
+ Intermediate Systems (IS-ISs)", RFC 5120,
+ February 2008.
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 141]
+
+RFC 6550 RPL March 2012
+
+
+ [RFC5184] Teraoka, F., Gogo, K., Mitsuya, K., Shibui, R., and K.
+ Mitani, "Unified Layer 2 (L2) Abstractions for Layer 3
+ (L3)-Driven Fast Handover", RFC 5184, May 2008.
+
+ [RFC5548] Dohler, M., Watteyne, T., Winter, T., and D. Barthel,
+ "Routing Requirements for Urban Low-Power and Lossy
+ Networks", RFC 5548, May 2009.
+
+ [RFC5673] Pister, K., Thubert, P., Dwars, S., and T. Phinney,
+ "Industrial Routing Requirements in Low-Power and Lossy
+ Networks", RFC 5673, October 2009.
+
+ [RFC5706] Harrington, D., "Guidelines for Considering Operations
+ and Management of New Protocols and Protocol
+ Extensions", RFC 5706, November 2009.
+
+ [RFC5826] Brandt, A., Buron, J., and G. Porcu, "Home Automation
+ Routing Requirements in Low-Power and Lossy Networks",
+ RFC 5826, April 2010.
+
+ [RFC5867] Martocci, J., De Mil, P., Riou, N., and W. Vermeylen,
+ "Building Automation Routing Requirements in Low-Power
+ and Lossy Networks", RFC 5867, June 2010.
+
+ [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding
+ Detection (BFD) for IPv4 and IPv6 (Single Hop)",
+ RFC 5881, June 2010.
+
+ [RFC6130] Clausen, T., Dearlove, C., and J. Dean, "Mobile Ad Hoc
+ Network (MANET) Neighborhood Discovery Protocol
+ (NHDP)", RFC 6130, April 2011.
+
+ [ROLL-TERMS] Vasseur, J., "Terminology in Low power And Lossy
+ Networks", Work in Progress, September 2011.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 142]
+
+RFC 6550 RPL March 2012
+
+
+Appendix A. Example Operation
+
+ This appendix provides some examples to illustrate the dissemination
+ of addressing information and prefixes with RPL. The examples depict
+ information being distributed with PIOs and RIOs and the use of DIO
+ and DAO messages. Note that this appendix is not normative, and that
+ the specific details of a RPL addressing plan and autoconfiguration
+ may vary according to specific implementations. RPL merely provides
+ a vehicle for disseminating information that may be built upon and
+ used by other mechanisms.
+
+ Note that these examples illustrate use of address autoconfiguration
+ schemes supported by information distributed within RPL. However, if
+ an implementation includes another address autoconfiguration scheme,
+ RPL nodes might be configured not to set the 'A' flag in PIO options,
+ though the PIO can still be used to distribute prefix and addressing
+ information.
+
+A.1. Example Operation in Storing Mode with Node-Owned Prefixes
+
+ Figure 32 illustrates the logical addressing architecture of a simple
+ RPL network operating in Storing mode. In this example, each Node,
+ A, B, C, and D, owns its own prefix and makes that prefix available
+ for address autoconfiguration by on-link devices. (This is conveyed
+ by setting the 'A' flag and the 'L' flag in the PIO of the DIO
+ messages). Node A owns the prefix A::/64, Node B owns B::/64, and so
+ on. Node B autoconfigures an on-link address with respect to Node A,
+ A::B. Nodes C and D similarly autoconfigure on-link addresses from
+ Node B's prefix, B::C and B::D, respectively. Nodes have the option
+ of setting the 'R' flag and publishing their address within the
+ Prefix field of the PIO.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 143]
+
+RFC 6550 RPL March 2012
+
+
+ +-------------+
+ | Root |
+ | |
+ | Node A |
+ | |
+ | A::A |
+ +------+------+
+ |
+ |
+ |
+ +------+------+
+ | A::B |
+ | |
+ | Node B |
+ | |
+ | B::B |
+ +------+------+
+ |
+ |
+ .--------------+--------------.
+ / \
+ / \
+ +------+------+ +------+------+
+ | B::C | | B::D |
+ | | | |
+ | Node C | | Node D |
+ | | | |
+ | C::C | | D::D |
+ +-------------+ +-------------+
+
+
+ Figure 32: Storing Mode with Node-Owned Prefixes
+
+A.1.1. DIO Messages and PIO
+
+ Node A, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Set
+ 'R' flag: Clear
+ Prefix Length: 64
+ Prefix: A::
+
+ Node B, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Set
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: B::B
+
+
+
+Winter, et al. Standards Track [Page 144]
+
+RFC 6550 RPL March 2012
+
+
+ Node C, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Set
+ 'R' flag: Clear
+ Prefix Length: 64
+ Prefix: C::
+
+ Node D, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Set
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: D::D
+
+A.1.2. DAO Messages
+
+ Node B will send DAO messages to Node A with the following
+ information:
+ o Target B::/64
+ o Target C::/64
+ o Target D::/64
+
+ Node C will send DAO messages to Node B with the following
+ information:
+ o Target C::/64
+
+ Node D will send DAO messages to Node B with the following
+ information:
+
+ o Target D::/64
+
+A.1.3. Routing Information Base
+
+ Node A will conceptually collect the following information into its
+ Routing Information Base (RIB):
+ o A::/64 connected
+ o B::/64 via B's link local
+ o C::/64 via B's link local
+ o D::/64 via B's link local
+
+ Node B will conceptually collect the following information into its
+ RIB:
+ o ::/0 via A's link local
+ o B::/64 connected
+ o C::/64 via C's link local
+ o D::/64 via D's link local
+
+
+
+
+
+Winter, et al. Standards Track [Page 145]
+
+RFC 6550 RPL March 2012
+
+
+ Node C will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o C::/64 connected
+
+ Node D will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o D::/64 connected
+
+A.2. Example Operation in Storing Mode with Subnet-Wide Prefix
+
+ Figure 33 illustrates the logical addressing architecture of a simple
+ RPL network operating in Storing mode. In this example, the root
+ Node A sources a prefix that is used for address autoconfiguration
+ over the entire RPL subnet. (This is conveyed by setting the 'A'
+ flag and clearing the 'L' flag in the PIO of the DIO messages.)
+ Nodes A, B, C, and D all autoconfigure to the prefix A::/64. Nodes
+ have the option of setting the 'R' flag and publishing their address
+ within the Prefix field of the PIO.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 146]
+
+RFC 6550 RPL March 2012
+
+
+ +-------------+
+ | Root |
+ | |
+ | Node A |
+ | A::A |
+ | |
+ +------+------+
+ |
+ |
+ |
+ +------+------+
+ | |
+ | Node B |
+ | A::B |
+ | |
+ +------+------+
+ |
+ |
+ .--------------+--------------.
+ / \
+ / \
+ +------+------+ +------+------+
+ | | | |
+ | Node C | | Node D |
+ | A::C | | A::D |
+ | | | |
+ +-------------+ +-------------+
+
+ Figure 33: Storing Mode with Subnet-Wide Prefix
+
+A.2.1. DIO Messages and PIO
+
+ Node A, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Clear
+ Prefix Length: 64
+ Prefix: A::
+
+ Node B, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: A::B
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 147]
+
+RFC 6550 RPL March 2012
+
+
+ Node C, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Clear
+ Prefix Length: 64
+ Prefix: A::
+
+ Node D, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: A::D
+
+A.2.2. DAO Messages
+
+ Node B will send DAO messages to Node A with the following
+ information:
+ o Target A::B/128
+ o Target A::C/128
+ o Target A::D/128
+
+ Node C will send DAO messages to Node B with the following
+ information:
+ o Target A::C/128
+
+ Node D will send DAO messages to Node B with the following
+ information:
+ o Target A::D/128
+
+A.2.3. Routing Information Base
+
+ Node A will conceptually collect the following information into its
+ RIB:
+ o A::A/128 connected
+ o A::B/128 via B's link local
+ o A::C/128 via B's link local
+ o A::D/128 via B's link local
+
+ Node B will conceptually collect the following information into its
+ RIB:
+ o ::/0 via A's link local
+ o A::B/128 connected
+ o A::C/128 via C's link local
+ o A::D/128 via D's link local
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 148]
+
+RFC 6550 RPL March 2012
+
+
+ Node C will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o A::C/128 connected
+
+ Node D will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o A::D/128 connected
+
+A.3. Example Operation in Non-Storing Mode with Node-Owned Prefixes
+
+ Figure 34 illustrates the logical addressing architecture of a simple
+ RPL network operating in Non-Storing mode. In this example, each
+ Node, A, B, C, and D, owns its own prefix, and makes that prefix
+ available for address autoconfiguration by on-link devices. (This is
+ conveyed by setting the 'A' flag and the 'L' flag in the PIO of the
+ DIO messages.) Node A owns the prefix A::/64, Node B owns B::/64,
+ and so on. Node B autoconfigures an on-link address with respect to
+ Node A, A::B. Nodes C and D similarly autoconfigure on-link
+ addresses from Node B's prefix, B::C and B::D, respectively. Nodes
+ have the option of setting the 'R' flag and publishing their address
+ within the Prefix field of the PIO.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 149]
+
+RFC 6550 RPL March 2012
+
+
+ +-------------+
+ | Root |
+ | |
+ | Node A |
+ | |
+ | A::A |
+ +------+------+
+ |
+ |
+ |
+ +------+------+
+ | A::B |
+ | |
+ | Node B |
+ | |
+ | B::B |
+ +------+------+
+ |
+ |
+ .--------------+--------------.
+ / \
+ / \
+ +------+------+ +------+------+
+ | B::C | | B::D |
+ | | | |
+ | Node C | | Node D |
+ | | | |
+ | C::C | | D::D |
+ +-------------+ +-------------+
+
+ Figure 34: Non-Storing Mode with Node-Owned Prefixes
+
+A.3.1. DIO Messages and PIO
+
+ The PIO contained in the DIO messages in the Non-Storing mode with
+ node-owned prefixes can be considered to be identical to those in the
+ Storing mode with node-owned prefixes case (Appendix A.1.1).
+
+A.3.2. DAO Messages
+
+ Node B will send DAO messages to Node A with the following
+ information:
+
+ o Target B::/64, Transit A::B
+
+ Node C will send DAO messages to Node A with the following
+ information:
+ o Target C::/64, Transit B::C
+
+
+
+Winter, et al. Standards Track [Page 150]
+
+RFC 6550 RPL March 2012
+
+
+ Node D will send DAO messages to Node A with the following
+ information:
+ o Target D::/64, Transit B::D
+
+A.3.3. Routing Information Base
+
+ Node A will conceptually collect the following information into its
+ RIB. Note that Node A has enough information to construct source
+ routes by doing recursive lookups into the RIB:
+ o A::/64 connected
+ o B::/64 via A::B
+ o C::/64 via B::C
+ o D::/64 via B::D
+
+ Node B will conceptually collect the following information into its
+ RIB:
+ o ::/0 via A's link local
+ o B::/64 connected
+
+ Node C will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o C::/64 connected
+
+ Node D will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o D::/64 connected
+
+A.4. Example Operation in Non-Storing Mode with Subnet-Wide Prefix
+
+ Figure 35 illustrates the logical addressing architecture of a simple
+ RPL network operating in Non-Storing mode. In this example, the root
+ Node A sources a prefix that is used for address autoconfiguration
+ over the entire RPL subnet. (This is conveyed by setting the 'A'
+ flag and clearing the 'L' flag in the PIO of the DIO messages.)
+ Nodes A, B, C, and D all autoconfigure to the prefix A::/64. Nodes
+ must set the 'R' flag and publish their address within the Prefix
+ field of the PIO, in order to inform their children which address to
+ use in the transit option.
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 151]
+
+RFC 6550 RPL March 2012
+
+
+ +-------------+
+ | Root |
+ | |
+ | Node A |
+ | A::A |
+ | |
+ +------+------+
+ |
+ |
+ |
+ +------+------+
+ | |
+ | Node B |
+ | A::B |
+ | |
+ +------+------+
+ |
+ |
+ .--------------+--------------.
+ / \
+ / \
+ +------+------+ +------+------+
+ | | | |
+ | Node C | | Node D |
+ | A::C | | A::D |
+ | | | |
+ +-------------+ +-------------+
+
+ Figure 35: Non-Storing Mode with Subnet-Wide Prefix
+
+A.4.1. DIO Messages and PIO
+
+ Node A, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: A::A
+
+ Node B, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: A::B
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 152]
+
+RFC 6550 RPL March 2012
+
+
+ Node C, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: A::C
+
+ Node D, for example, will send DIO messages with a PIO as follows:
+ 'A' flag: Set
+ 'L' flag: Clear
+ 'R' flag: Set
+ Prefix Length: 64
+ Prefix: A::D
+
+A.4.2. DAO Messages
+
+ Node B will send DAO messages to Node A with the following
+ information:
+ o Target A::B/128, Transit A::A
+
+ Node C will send DAO messages to Node A with the following
+ information:
+ o Target A::C/128, Transit A::B
+
+ Node D will send DAO messages to Node A with the following
+ information:
+ o Target A::D/128, Transit A::B
+
+A.4.3. Routing Information Base
+
+ Node A will conceptually collect the following information into its
+ RIB. Note that Node A has enough information to construct source
+ routes by doing recursive lookups into the RIB:
+ o A::A/128 connected
+ o A::B/128 via A::A
+ o A::C/128 via A::B
+ o A::D/128 via A::B
+
+ Node B will conceptually collect the following information into its
+ RIB:
+ o ::/0 via A's link local
+ o A::B/128 connected
+
+ Node C will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o A::C/128 connected
+
+
+
+
+Winter, et al. Standards Track [Page 153]
+
+RFC 6550 RPL March 2012
+
+
+ Node D will conceptually collect the following information into its
+ RIB:
+ o ::/0 via B's link local
+ o A::D/128 connected
+
+A.5. Example with External Prefixes
+
+ Consider the simple network illustrated in Figure 36. In this
+ example, there are a group of routers participating in a RPL network:
+ a DODAG root, Nodes A, Y, and Z. The DODAG root and Node Z also have
+ connectivity to different external network domains (i.e., external to
+ the RPL network). Note that those external networks could be RPL
+ networks or another type of network altogether.
+
+
+ RPL Network +-------------------+
+ RPL::/64 | |
+ | External |
+ [RPL::Root] (Root)----------+ Prefix |
+ | | EXT_1::/64 |
+ | | |
+ | +-------------------+
+ [RPL::A] (A)
+ :
+ :
+ :
+ [RPL::Y] (Y)
+ | +-------------------+
+ | | |
+ | | External |
+ [RPL::Z] (Z)------------+ Prefix |
+ : | EXT_2::/64 |
+ : | |
+ : +-------------------+
+
+ Figure 36: Simple Network Example
+
+ In this example, the DODAG root makes a prefix available to the RPL
+ subnet for address autoconfiguration. Here, the entire RPL subnet
+ uses that same prefix, RPL::/64, for address autoconfiguration,
+ though in other implementations more complex/hybrid schemes could be
+ employed.
+
+ The DODAG root has connectivity to an external (with respect to that
+ RPL network) prefix EXT_1::/64. The DODAG root may have learned of
+ connectivity to this prefix, for example, via explicit configuration
+ or IPv6 ND on a non-RPL interface. The DODAG root is configured to
+ announce information on the connectivity to this prefix.
+
+
+
+Winter, et al. Standards Track [Page 154]
+
+RFC 6550 RPL March 2012
+
+
+ Similarly, Node Z has connectivity to an external prefix EXT_2::/64.
+ Node Z also has a sub-DODAG underneath of it.
+
+ 1. The DODAG root adds a RIO to its DIO messages. The RIO contains
+ the external prefix EXT_1::/64. This information may be repeated
+ in the DIO messages emitted by the other nodes within the DODAG.
+ Thus, the reachability to the prefix EXT_1::/64 is disseminated
+ down the DODAG.
+
+ 2. Node Z may advertise reachability to the Target network
+ EXT_2::/64 by sending DAO messages using EXT_2::/64 as a Target
+ in the Target option and itself (Node Z) as a parent in the
+ Transit Information option. (In Storing mode, that Transit
+ Information option does not need to contain the address of Node
+ Z). A non-storing root then becomes aware of the 1-hop link
+ (Node Z -- EXT_2::/64) for use in constructing source routes.
+ Node Z may additionally advertise its reachability to EXT_2::/64
+ to nodes in its sub-DODAG by sending DIO messages with a PIO,
+ with the 'A' flag cleared.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 155]
+
+RFC 6550 RPL March 2012
+
+
+Authors' Addresses
+
+ Tim Winter (editor)
+
+ EMail: wintert@acm.org
+
+
+ Pascal Thubert (editor)
+ Cisco Systems
+ Village d'Entreprises Green Side
+ 400, Avenue de Roumanille
+ Batiment T3
+ Biot - Sophia Antipolis 06410
+ France
+
+ Phone: +33 497 23 26 34
+ EMail: pthubert@cisco.com
+
+
+ Anders Brandt
+ Sigma Designs
+ Emdrupvej 26A, 1.
+ Copenhagen DK-2100
+ Denmark
+
+ EMail: abr@sdesigns.dk
+
+
+ Jonathan W. Hui
+ Arch Rock Corporation
+ 501 2nd St., Suite 410
+ San Francisco, CA 94107
+ USA
+
+ EMail: jhui@archrock.com
+
+
+ Richard Kelsey
+ Ember Corporation
+ Boston, MA
+ USA
+
+ Phone: +1 617 951 1225
+ EMail: kelsey@ember.com
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 156]
+
+RFC 6550 RPL March 2012
+
+
+ Philip Levis
+ Stanford University
+ 358 Gates Hall, Stanford University
+ Stanford, CA 94305-9030
+ USA
+
+ EMail: pal@cs.stanford.edu
+
+
+ Kris Pister
+ Dust Networks
+ 30695 Huntwood Ave.
+ Hayward, CA 94544
+ USA
+
+ EMail: kpister@dustnetworks.com
+
+
+ Rene Struik
+ Struik Security Consultancy
+
+ EMail: rstruik.ext@gmail.com
+
+
+ JP. Vasseur
+ Cisco Systems
+ 11, Rue Camille Desmoulins
+ Issy Les Moulineaux 92782
+ France
+
+ EMail: jpv@cisco.com
+
+
+ Roger K. Alexander
+ Cooper Power Systems
+ 20201 Century Blvd., Suite 250
+ Germantown, MD 20874
+ USA
+
+ Phone: +1 240 454 9817
+ EMail: roger.alexander@cooperindustries.com
+
+
+
+
+
+
+
+
+
+
+Winter, et al. Standards Track [Page 157]
+