Individual Submission Internet Draft Jaehoon Paul Jeong Jungsoo Park Hyoungjun Kim ETRI Dongkyun Kim KNU Expires: April 2004 20 October 2003 Ad Hoc IP Address Autoconfiguration Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 except that the right to produce derivative works is not granted [1]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress". The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document specifies the steps a node in ad hoc network takes in deciding how to autoconfigure its IPv4 or IPv6 address in network interface. Because the ad hoc IP address autoconfiguration in this document considers ad hoc network's partition and mergence, the address duplication that can be caused by ad hoc network's mergence can be resolved. Conventions used in this document Jeong, et al. Expires - April 2004 [Page 1] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [2]. Table of Contents 1. Terminology...................................................2 2. Introduction..................................................3 3. Overview......................................................3 4. Message Format for Ad Hoc IP Address Autoconfiguration........4 4.1 Message Format for Ad Hoc IPv4 Address Autoconfiguration..4 4.2 Message Format for Ad Hoc IPv6 Address Autoconfiguration..5 5. Ad Hoc IP Address Autoconfiguration...........................7 5.1 Ad Hoc IPv4 Address Autoconfiguration.....................7 5.1.1 Network Prefix for IPv4 Ad Hoc Network..............7 5.1.2 Procedure of Ad Hoc IPv4 DAD........................7 5.2 Ad Hoc IPv6 Address Autoconfiguration.....................9 5.2.1 Network Prefix for IPv6 Ad Hoc Network..............9 5.2.2 Procedure of Ad Hoc IPv6 DAD.......................10 6. Maintenance of Upper-layer Session under Address Duplication.10 7. Security Considerations......................................11 8. Copyright....................................................11 9. Normative References.........................................12 10. Informative References......................................12 11. Acknowledgements............................................12 12. Authors' Addresses..........................................12 1. Terminology This document uses the terminology described in [3][4]. In addition, seven new terms are defined below: Mobile Ad Hoc Network (MANET) The network where mobile nodes can communicate with one another without preexisting communication infrastructure, such as base station or access point. Duplicate Address Detection (DAD) The process by which a node, which lacks an IP address, determines address, determines whether a candidate address it has selected is available or not. A node already equipped with an IP address takes part in DAD in order to protect its IP address from being accidentally used by another node. Strong DAD Jeong, et al. Expires - April 2004 [Page 2] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 The timed-based DAD for the purpose of checking if there is address duplication in a connected MANET partition within a finite bounded time interval [5]. Weak DAD The DAD for the purpose of detecting address duplication during ad hoc routing. Key is used for the purpose of detecting duplicate IP addresses, which is selected to be unique by mobile node. When mobile node receives a routing control packet, it compares the pairs of address and key contained in the packet with those in the routing table or cache [5]. Address Request (AREQ) The message used during Strong DAD for the purpose of checking if there is another node having the requested address [6]. Address Reply (AREP) The message used during Strong DAD for the purpose of indicating the requested address has already been utilized [6]. Address Error (AERR) The message used during Weak DAD for the purpose of indicating that an address duplication happened or that the address of peer node has been changed. 2. Introduction IPv6 stateless address autoconfiguration [5] provides a way to autoconfigure either fixed or mobile nodes with one or more IPv6 addresses and default routes. But this is not suitable for multi-hop ad hoc networks that has dynamic network topology. Ad hoc networks become partitioned and merged as intermediate nodes move. In this environment, IPv6 stateless address autoconfiguration should be able to process the address duplication not only within a connected ad hoc partition, but also in the case that two partitions having duplicate addresses respectively become merged. This document provides ad hoc IP address autoconfiguration in IPv4 ad hoc network as well as in IPv6 ad hoc network. 3. Overview IPv4 or IPv6 unicast address of ad hoc node is autoconfigured by IP address autoconfiguration for ad hoc networks. The configuration of address is comprised of three steps; (a) selection of random address, Jeong, et al. Expires - April 2004 [Page 3] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 (b) verification of the uniqueness of the address and (c) assignment of the address into network interface. The duplication address detection (DAD) proposed in this document not only checks address duplication during the initialization of address configuration, but also checks and resolves address duplication detected by intermediate nodes during ad hoc routing. Also, during the resolution of address conflict, the sessions using the conflicted address can be maintained until the sessions are closed. The DAD for ad hoc network in this document is a hybrid scheme consisting of two phases; (a) Strong DAD phase and (b) Weak DAD phase. Within a connected ad hoc partition, Strong DAD can check quickly if there is any address duplication or not. During ad hoc routing, Weak DAD can find out if address duplication has occurred or not, when two or more MANET partitions having duplicate addresses are merged. 4. Message Format for Ad Hoc IP Address Autoconfiguration 4.1 Message Format for Ad Hoc IPv4 Address Autoconfiguration The mechanism of this document needs new ICMPv4 types for ad hoc IPv4 address autoconfiguration. Figure 1 shows the format of the messages related to IPv4 address autoconfiguration. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Originator's IPv4 Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Requested or Duplicate IPv4 Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1. Message Format for Ad Hoc IPv4 Address Autoconfiguration Fields: Type 8-bit identifier of the type of ICMPv4 message. Message Name Type AREQ (TBD) AREP (TBD) AERR (TBD) Jeong, et al. Expires - April 2004 [Page 4] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 Code 8-bit unsigned integer. As the code for message type, the valid value is either 0 or 1. Code value 1 in AERR message indicates that the peer node's address has been changed. In the other cases, code value is always 0. Checksum 16-bit unsigned integer. The checksum for the ICMPv4 message and parts of the IPv4 header Identification 32-bit unsigned integer. The identification for ad hoc address autoconfiguration message is used to prevent duplicate AREQ message from being flooded. Originator's IPv4 Address The IPv4 address of the sender of ad hoc address autoconfiguration message. Requested or Duplicate IPv4 Address The requested IPv4 address in AREQ and AREP messages, or the duplicate IPv4 address in AERR message. AREQ and AREP messages are used during Strong DAD and AERR message during Weak DAD. Because AREQ message is forwarded by higher layer than network layer through local broadcasting, "Identification" field is necessary, in order not to flood the message sent previously again. 4.2 Message Format for Ad Hoc IPv6 Address Autoconfiguration The mechanism of this document needs new ICMPv6 types for ad hoc IPv6 address autoconfiguration. Figure 2 shows the format of the messages related to IPv6 address autoconfiguration. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Originator's IPv6 Address + | | Jeong, et al. Expires - April 2004 [Page 5] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Requested or Duplicate IPv6 Address + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2. Message Format for Ad Hoc IPv6 Address Autoconfiguration Fields: Type 8-bit identifier of the type of ICMPv6 message. Message Name Type AREQ (TBD) AREP (TBD) AERR (TBD) Code 8-bit unsigned integer. As the code for message type, the valid value is either 0 or 1. Code value 1 in AERR message indicates that the peer node's address has been changed. In the other cases, code value is always 0. Checksum 16-bit unsigned integer. The checksum for the ICMPv6 message and parts of the IPv6 header Identification 32-bit unsigned integer. The identification for ad hoc address autoconfiguration message is used to prevent duplicate AREQ message from being flooded. Originator's IPv6 Address The IPv6 address of the sender of ad hoc address autoconfiguration message. Requested or Duplicate IPv6 Address The requested IPv6 address in AREQ and AREP messages, or the duplicate IPv6 address in AERR message. Jeong, et al. Expires - April 2004 [Page 6] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 5. Ad Hoc IP Address Autoconfiguration The procedure of ad hoc IP address autoconfiguration in an ad hoc node is comprised of two phases; (a) Strong DAD phase and (b) Weak DAD phase. Especially, for Weak DAD, "Virtual IP Address" is used, which is the combination of "IP Address" and "Key". During ad hoc routing, with the value of Key, Weak DAD can detect IP address duplication. Therefore, Weak DAD places a requirement for a new field in the routing table -- namely, the inclusion of a "Key" field. Also, most of routing control packets of ad hoc routing protocols (e.g., link state packet) contain "Sequence Number" or "Identification" field in order to allow a receiving node of the control packets to determine whether it has recently seen copies of the packets. This field is also used for the purpose of detecting address duplication by Weak DAD. Because this document does not consider the global connectivity to the Internet, it assumes that MANET is temporary network isolated from the Internet and the scope of addresses used in MANET is not global, but local. 5.1 Ad Hoc IPv4 Address Autoconfiguration 5.1.1 Network Prefix for IPv4 Ad Hoc Network For IPv4 address, "169.254/16" is used as IPv4 MANET exclusive prefix, IPV4_MANET_PREFIX [6]. Among IPV4_MANET_PREFIX, IPv4 addresses in the range 1 ~ 2047 (TMP_ADDR) in the low-order 16 bits are used for temporary IPv4 unicast address during Strong DAD. The rest of addresses in the range TMP_ADDR + 1 ~ 65534 in the low-order 16 bits are used as tentative IPv4 address for actual IPv4 unicast address. In the future, this prefix can be replaced with another one for ad hoc network. 5.1.2 Procedure of Ad Hoc IPv4 DAD During Strong DAD phase, an ad hoc node autoconfigures a unique IPv4 address in its network interface within a limited scope of a connected MANET partition and during Weak DAD phase, the node participates in DAD and ad hoc routing as follows; Step (a) : A node selects a temporary address and configures it in network interface. Step (b) : The node selects a tentative address and makes an AREQ message for the address. It initializes a variable for retransmission of AREQ message, retrans_count, into 0. Jeong, et al. Expires - April 2004 [Page 7] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 Step (c) : The node broadcasts the AREQ message in IPv4 MANET broadcast address, 255.255.255.255, and increases the count for transmission of AREQ message, retrans_count by 1. It waits for AREP message until the timer for Strong DAD expires. If an AREP message for the sent AREQ message arrives until the timer expires, the node executes Step (e). Otherwise, it executes Step (d). Step (d) : If retrans_count is equal to DAD_RETRIES (e.g., 3), the node goes to Step (f). Otherwise, it goes to Step (c). Step (e) : If the received AREP message is associated with the sent AREQ message, the node returns to Step (b). Step (f) : Because the requested address that is tentative is unique in the connected partition, the node replaces the temporary address with it as IPv4 unicast address of its network interface. Step (g) : The node is ready to receive address autoconfiguration message or ad hoc routing control packet. Ad hoc routing protocol is either proactive or reactive. If the packet is address autoconfiguration message, it executes Step (h). If the received packet is ad hoc routing control packet, it executes Step (l). Step (h) : If the received message is AREQ message, first of all, it checks whether the received message is what was received previously on the basis of "Source IP Address" field of IP datagram containing the message and "Identification" field within the message or not. If the packet is what was received previously, the node discards the message, returning to Step (g). Otherwise, the node executes Step (i). If the message is AREP, it executes Step (j). If the message is AERR, it executes Step (k). Step (i) : The node compares its address with the requested address in the message. If two addresses are the same, it sends in unicast the originator node an AREP message, indicating address duplication, returning to Step (g). Otherwise, it floods or broadcasts the message to neighbors, returning to Step (g). Step (j) : If Destination IP address of the AREP message is the same as its own IP address and the duplicate address in the AREP message is corresponding to its own IP address under tentative state during Strong DAD, the node starts Strong DAD procedure again, namely returning to Step (a). If Destination IP address of the AREP message is the same as its own but the duplicate address in the AREP message isn't corresponding to its own under tentative state during Strong DAD, it discards the message, returning to Step (g). Otherwise, it only relays the message in unicast towards Destination IP address of the AREP message, returning to Step (g). Notice that nodes under Jeong, et al. Expires - April 2004 [Page 8] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 tentative state of Strong DAD for its address configuration SHOULD NOT relay or forward other nodes' AREP messages. Step (k) : If Destination IP address of the AERR message is the same as its own IP address and the duplicate address in the AERR message is the same as its own IP address, the node starts Strong DAD procedure in order to autoconfigure a new address again, namely returning to Step (a). If Destination IP address of the AERR message is the same as its own but the duplicate address in the AERR message isn't the same as its own, node discards the message, returning to Step (g). Otherwise, it only relays the message in unicast towards Destination IP address of the AERR message, returning to Step (g). Notice that nodes under tentative state of Strong DAD for its address configuration SHOULD NOT relay or forward other nodes' AERR messages. Step (l) : The node investigates each IP address contained in control packet to see whether for IP address, there is a matching entry in routing table or cache. If there is a matching entry and the values of two "Key"s are different, because an IP address conflict has happened, the node sends in unicast an AERR message, indicating address conflict, to one of the nodes using the duplicate address that are associated with different "Key"s, returning to Step (g), which it selects one of these two nodes by local policy (e.g., random selection). Otherwise, it executes the rest of the procedure related to processing ad hoc routing control packets, returning to Step (g). Notice that there isn't any protection against accidental cases where the two contenders for an IP address happen to select the same value for "Key". That should be okay as long as (i) the key is long (in bits), and (ii) the nodes are quite capable of producing truly random numbers. Also, the intermediate routing points also have to maintain the "Key" value for the two endpoints, at least during address discovery. Even in the accidental cases where the two contenders for an IP address happen to select the same value for "Key", address duplication MAY be detected with "Sequence Number" or "Identification" field of the control packet. Assume that a node receives a routing control packet (e.g., link state packet). If the values of "IP Address" and "Key" fields within the packet are the same as its own and the value of "Sequence Number" field within the packet is higher than the counter value for its own "Sequence Number", except sequence number wrap-around, the node MAY decide that address duplication has happened and resolve the duplication [7]. 5.2 Ad Hoc IPv6 Address Autoconfiguration 5.2.1 Network Prefix for IPv6 Ad Hoc Network For IPv6 address, "fec0:0:0:ffff::/64" is used as IPv6 MANET exclusive prefix, IPV6_MANET_PREFIX [6]. Among the IPV6_MANET_PREFIX, Jeong, et al. Expires - April 2004 [Page 9] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 "fec0:0:0:ffff::/96" is used as IPV6_MANET_INIT_PREFIX for temporary unicast address during Strong DAD. The low-order 32 bits of the temporary address are configured with 32-bit pseudo random number. The rest of address range of IPV6_MANET_PREFIX except IPV6_MANET_INIT_PREFIX is used for actual unicast address. The address is tentative address until the uniqueness of it is verified by Strong DAD. Recently, IPv6 site-local address has been deprecated by IPv6 working group. Since IETF-56 meeting, IPv6 working group has been discussing local prefix for local networks separated from the Internet, such as ad hoc network [8]. If ad hoc prefix is determined by IPv6 working group, IPV6_MANET_PREFIX will have the new one for ad hoc network. 5.2.2 Procedure of Ad Hoc IPv6 DAD An IPv6 ad hoc node autoconfigures a unique IPv6 address in its network interface in the same way as an IPv4 ad hoc node like section 5.1.2. 6. Maintenance of Upper-layer Session under Address Duplication When address duplication happens and the duplicate address is replaced with another, the sessions above network layer can be broken. So, for the survivability of upper-layer sessions using the duplicate address, the notification of address change between the peer nodes is necessary. In order to allow data packets related to the sessions using the duplicate address to be forwarded to destination nodes for a while, after sending error message (i.e., AERR message) to the node related to the duplicate address, the intermediate nodes that have perceived address duplication SHOULD continue to forward on-the-fly data packets associated with the sessions using the duplicate address, on the basis of Virtual IP Address (i.e., combination of IP address and key), until the route entry for the duplicate address expires. The node that receives an AERR message SHOULD autoconfigure a new IPv6 address through Strong DAD and SHOULD simultaneously make the new address that will be used by the old upper-layer sessions that used the duplicate address as well as by new upper-layer sessions from this time forward. The node SHOULD inform the peer nodes of the change of address by sending AERR messages with code 1. The "Originator's IP Address" field contains the duplicate address and the "Requested IP Address" field contains a new address to be used for the communication. After receiving the AERR message, the peer node sends its packets to the node through IP tunneling. The destination address in outer IP header is the new IP address of the node that announced duplicate address and that in inner IP header is Jeong, et al. Expires - April 2004 [Page 10] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 the duplicate IP address of the node. When the node receives tunneled packet from the peer node, it decapsulates the packet and delivers the data in the packet to upper layer. Both the node and peer nodes maintain the information of duplicate address and use it for processing IP tunneling. 7. Security Considerations In order to provide secure ad hoc IP address autoconfiguration in ad hoc network, we can use IPsec ESP with a null-transform to authenticate ad hoc IP autoconfiguration messages or control packets, which can be easily accomplished through the configuration of a group pre-shared secret key for the trusted nodes. 8. Copyright The following copyright notice is copied from RFC 2026 [Bradner, 1996], Section 10.4, and describes the applicable copyright for this document. Copyright (C) The Internet Society July 12, 2001. All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assignees. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Jeong, et al. Expires - April 2004 [Page 11] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 9. Normative References [1] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [3] T. Narten, E. Nordmark and W. Simpson, "Neighbour Discovery for IP version 6", RFC 2461. [4] S. Thomson and T. Narten, "IPv6 Stateless Address Autoconfiguration", RFC 2462. [5] Nitin H. Vaidya, "Weak Duplicate Address Detection in Mobile Ad Hoc Networks", MobiHoc 2002, June 2002. [6] Charles E. Perkins, Jari T. Malinen, Ryuji Wakikawa, Elizabeth M. Belding-Royer and Yuan Sun, "IP Address Autoconfiguration for Ad Hoc Networks", draft-ietf-manet-autoconf-01.txt, November 2001. 10. Informative References [7] Kilian Weniger, "Passive Duplicate Address Detection in Mobile Ad Hoc Networks", IEEE WCNC 2003, March 2003. [8] R. Hinden, "Unique Local IPv6 Unicast Addresses", draft-hinden- ipv6-global-local-addr-02.txt, June 2003. 11. Acknowledgements The authors would like to acknowledge the previous contributions of the following people; Charles E. Perkins, Jari T. Malinen, Ryuji Wakikawa, Elizabeth M. Belding-Royer and Yuan Sun. In addition, the important definitions (e.g., Strong DAD and Weak DAD) and mechanisms for finding and resolving duplicate address have been derived from Nitin H. Vaidya's work. Especially, we thank for his contribution. For the suggestion of Passive DAD, in aid of Weak DAD, we thank Kilian Weniger. 12. Authors' Addresses Jaehoon Paul Jeong ETRI / PEC 161 Gajong-Dong, Yusong-Gu Daejon 305-350 Korea Jeong, et al. Expires - April 2004 [Page 12] Internet-Draft Ad Hoc IP Address Autoconfiguration October 2003 Phone: +82 42 860 1664 Fax: +82 42 861 5404 EMail: paul@etri.re.kr Jungsoo Park ETRI / PEC 161 Gajong-Dong, Yusong-Gu Daejon 305-350 Korea Phone: +82 42 860 6514 Fax: +82 42 861 5404 EMail: pjs@etri.re.kr Hyoungjun Kim ETRI / PEC 161 Gajong-Dong, Yusong-Gu Daejon 305-350 Korea Phone: +82 42 860 6576 Fax: +82 42 861 5404 EMail: khj@etri.re.kr Dongkyun Kim Kyungpook National University 1370 Sankyuk-Dong, Puk-Gu Daegu 702-701 Korea Phone: +82 53 950 7571 Fax: +82 53 957 4846 EMail: dongkyun@knu.ac.kr Jeong, et al. Expires - April 2004 [Page 13]