RPL Capabilities

Marathahalli Bangalore Karnataka 560037 India rahul.ietf@gmail.com

Cisco Systems, Inc

Building D 45 Allee des Ormes - BP1200 MOUGINS - Sophia Antipolis 06254 France +33 497 23 26 34 pthubert@cisco.com

Sandelman Software Works

mcr+ietf@sandelman.ca

Juniper

rabinarayans0828@gmail.com

Routing ROLL RPL, mesh, MOP, MOPex, extension, capability, capabilities This draft enables the discovery, advertisement and query of capabilities for RPL nodes.

RPL specifies a proactive distance-vector based routing scheme. The protocol creates a DAG-like structure which operates with a given "Mode of Operation" (MOP) determining the minimal and mandatory set of primitives to be supported by all the participating nodes. This document adds a notion of capabilities, through which a node in the network could inform its peers about its additional capabilities. Using capabilities, a node could determine whether the target node supports the required feature before utilizing the feature. This document highlights the differences between capabilities and Mode of Operation and explains the necessity for the former.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. MOP: Mode of Operation. Identifies the MOP of the RPL Instance as administratively provisioned at and distributed by the DODAG root. MOPex: Extended MOP: As defined in . Capabilities: Additional features or capabilities that are supported by the node. Cap: Abbreviated term used for Capability. Caps: Abbreviated term used for Capabilities. DAO: DODAG Advertisement Object. A RPL (pronounced ripple) message used to advertise the target information in order to establish routing adjacencies. DIO: DODAG Information Object. A RPL message initiated by the root and is used to advertise the network configuration information. Current parent: Parent 6LR node before switching to the new path. NPDAO: No-Path DAO. A DAO message that contains a Transit Information Option with lifetime equal to 0. Upstream path/direction: Path or direction from the node to the Root in a DAG. Downstream path/direction: Path or direction to the node from the Root in a DAG. This document uses terminology described in . For the sake of readability all the known relevant terms are repeated in this section.

Currently, RPL specification does not have a mechanism whereby a node can signal the set of features that are available on its end. Such a mechanism could help the root to advertise its capabilities and in response also determine some advanced information about the capabilities of the joining nodes. This document defines Capabilities and corresponding messaging handshakes that could be supported by the nodes. Capabilities are embedded as an RPL Control Message Option as defined in Section 6.7 of .

Following are the requirements considered for this documents: Optional capabilities handshake. Capabilities are features, possibly optional, which could be indicated between the nodes and the root within an RPL Instance. Capabilities handshake could be optionally added with existing MOPs. Capabilities, being optional, could be put to use with existing MOPs. Capabilities and MOP-extension are mutually independent i.e. a DIO can have a capabilities option, MOP-extension option, or both in the same message. Capabilities could be explicitly queried.

The Mode of Operation (MOP) field in RPL mandates the operational requirement for the nodes joining as routers. MOP and DIO Configuration Option is strictly controlled by the Root node in RPL. Intermediate 6LRs cannot modify these fields. Also, the MOP never changes for the lifetime of the RPL Instance. Changes in DIO Configuration Option are possible but are rare. Capabilities, on the other hand, might change more dynamically. RPL DIO message also carries routing metrics and constraints as specified in . Metrics and constraints are used in addition to an objective function to determine a node's rank calculation. A router may use capabilities carried in DIO messages as additional metrics/constraints. However, capabilities have a larger scope and might be carried in messages other than DIO and can flow in either direction (upstream and downstream).

Handling of Capabilities MUST be supported if the network uses MOPex . Note that capabilities and MOPex are mutually exclusive and it is possible for an implementation to support either or both of the options.

Multiple capabilities can be sent in the same message. The length field allows the message parser to skip the capability TLV parsing.

Every capability is identified by its type and it may have an optional Capability Info. Note that a given capability may or may not be disseminated with additional information depending on the scope of the capability indicated by the I bit. Len: 8-bit unsigned integer, representing the length in octets of the TLV, not including the CapType, Length and Flags fields. J = Join only as leaf if capability not understood. I = Ignore the message if this capability is not understood. C = Flag indicating that the capability MUST be copied in the downstream message.

The root node can advertise the set of capabilities it supports in the DIO message. A node can take advantage of the knowledge that the root supports a particular capability. Similarly, a node can advertise its capabilities in the DAO message using the capability control message option defined in this document. Capabilities advertised by non-root nodes is strictly a subset of the capabilities advertised by the root. In storing MOP, the DAO message from the 6LR can contain multiple target options because of the DAO-Aggregation. The targets of the capabilities option are indicated by one or more Target options that precede the Capabilities Option. This handling is similar to the Transit Information Option as supported in Section 6.7.8. of .

Nodes may be interested in knowing the capabilities of another node before taking an action. For example, consider , in which the Root may want to know the capabilities of the nodes along a network segment before it initiates a projected DAO to install the routes along that segment. Caps can be carried in existing RPL Control messages as Control Options, however, Caps can also be queried explicitly. This section provides a way for a node to query the capability set of another node. The capability query and subsequent response messages are directly addressed between the two peers.

One byte, Sequence number sent by the CAPQ sender and reflected back by the responder in the CAPS message. One byte, set to zero by sender, ignored by receiver. One byte, set to zero by sender, ignored by receiver. The CAPQ base object may be followed by one or more options. The Capability Type List Control Option (see ) is used to carry a set of capability types to query about. If the sender does not send a Capability Type List Control Option, this indicates that the node intends to query the Capability Type List supported by the target node.

A Secure CAPQ message follows the format in Figure 7, where the base message format is the CAPQ message shown in .

A CAPQ message may get dropped or lost in the transit. The sender of CAPQ MAY retry the CAPQ message after some delay. The delay SHOULD NOT be less than 1 second.

One byte, set to zero by sender, ignored by receiver. One byte, set to zero by sender, ignored by receiver. One byte, Sequence number copied from CAPQSequence received in the CAPQ message. CAPS message SHOULD contain the capability set queried by the CAPQ sender. If the target node does not support a subset of the queried capabilities then the Capability Type List with the unsupported cap-types SHOULD be sent back indicating the queried capabilities not-supported by the target node. For example, check If the CAPQ message does not contain any Capability Type List option then the receiver MUST respond with the cap types it supports using a Capability Type List Option (see ). If the capability set cannot be transmitted in a single message (for e.g., because of MTU limitations) then multiple CAPS messages could be used. All the CAPS messages MUST use the same CAPQSequence number copied from the corresponding CAPQ message.

A Secure CAPS message follows the format in Figure 7, where the base message format is the CAPS message shown in .

This section provides guidelines/recommendations towards defining new capabilities. Note that the capabilities might be carried as part of the multicast messaging such as DIO and hence the set should be used sparingly.

A node MUST drop or discard the message with an unknown capability with the 'D' flag set. The message MUST be discarded silently. The 'J' (join) flag can be set in context to a capability either by a 6LR or the root. The 'J' flag indicates that if the capability is not supported by a node then it can join the instance only as a 6LN (or do not join as 6LR). The 'C' (copy) flag is set by the node indicating that the capabilities MUST be copied downstream by the node even if the node does not understand the capability.

On receiving a capability it does not support, the node MUST check the 'J' flag of the capability before joining the Instance. If the 'J' flag is set then it can only join as a 6LN. If the node is operating as 6LR and subsequently it receives a capability from its preferred parent which it does not understand with 'J' flag set, then the node has to switch itself to 6LN mode. During switching, the node needs to inform its downstream peers of its changed status by sending a DIO with infinite rank as mentioned in RFC6550. Alternatively, a node may decide to switch to another parent with compatible and known capabilities. Capabilities are used to indicate a feature that is supported by the node. Capabilities are not meant for configuration management for e.g., setting a threshold.

Capability Indicators indicate the capabilities supported by the node in the form of simple flags. Capabilities that do not need additional information to be specified can make use of these flags to indicate their support.

Flags: LRs MUST set it to 0. I bit will always be set to 0. T flag (Bit 1): Indicates whether the node supports 6LoRH .

Storing Mode of Operation requires each intermediate router in the LLN to maintain routing state information in the routing table. LLN routers typically operate with constraints on processing power, memory, and energy (battery power). Memory limits the size of the routing state an LR and BR can maintain. When the routing table of an LR or BR is full, it will either reject the new DAO messages received or will use some replacement policy to remove a routing entry and add the new one. Rejection of DAO messages will lead to an increase in DAO message transmission that impacts the energy and network convergence time. Routing state replacement leads to downward path downtime. One possible way to solve problems due to routing table size constraint is to use this information to add neighbors to the DAO parent set. Routing resource capability can be used by LR and BR to advertise their current routing table usage details in the network. LR or LNs in LLN can use this information in the selection of the DAO parent set. PCE can use this information to select intermediate routers for the projected routes. Routing Resource is an optional capability. Routing resource capabablity sent in DIO message has link local scope and it MUST NOT be forwarded. The 'C' bit of this capability MUST be set to 0.

Type: 0x02. Flags: I bit MUST be set to 0. C bit MUST be set to 0. Len: 8-bit unsigned integer, representing the length in octets of the option, not including the Option Type and Length/flags fields. Resvd: 8-bit unused field. It MUST be initialized to zero by the sender and MUST be ignored by the receiver. Total Capacity: 16 bit unsigned integer representing the routing table size.

Thanks to Georgios Papadopoulos, Li Zhao for early review and feedback.

IANA is requested to allocate new codes for the CAPQ and CAPS messages from the RPL Control Codes registry. Code Description Reference TBD1 Capability Query This document TBD2 Capability Response This document TBD3 Secure Capability Query This document TBD4 Secure Capability Response This document The MSB of the codes allocated to "Secure" messages above should be set.

New entry is required for supporting new Capabilities option and new Capability Type List Option in the "RPL Control Message Options" space . Value Meaning Reference TODO Capability Option This document TODO Capability Type List Option This document

IANA is requested to create a registry for the Capabilities Type as described in of this document. This registry should be located in TODO. New Capabilities types may be allocated only by an IETF review. Value Meaning Reference 0x01 Capability Indicators This document 0x02 Routing Resource Capability This document

IANA is requested to create a registry for the Capabilities flags as described in of this document. This registry should be located in TODO. New Capabilities flags may be allocated only by an IETF review. Currently no flags are defined by this document. Each value is tracked with the following qualities: Flag Description Defining RFC

IANA is requested to create a registry for the Capabilities Indicators as described in of this document. This registry should be located in TODO. New Capabilities indicators may be allocated only by an IETF review. Each value is tracked with the following qualities: Flag Description Defining RFC

The options defined in this document are carried in the base message objects as defined in . The RPL control message options are protected by the same security mechanisms that protect the base messages. Capabilities flag can reveal that the node has been upgraded or is running a old feature set. This document assumes that the base messages that carry these options are protected by RPL security mechanisms and thus are not visible to a malicious node. [TODO] implications of malicious attack involving setting the capability flags.

&RFC2119; &RFC6550; &RFC8138; &RFC6551;

| | | | | | CAPS(seq=1, opts={CapTypeList}) | |<----------------------------------| | | ]]> CAPQ message with no CapTypeList Option results in the peer responding with a CAPS message with CapTypeList Option indicating all the capability set it supports.

| | | | | | CAPS(seq=2, | | opts={Cap1=Cap1Value, | | Cap2=Cap2Value}) | |<----------------------------------| | | ]]> This flow indicates the case where the Root probes for specific Capabilities of the peer node and the peer node responds with the value of indicated Capability set.

| | | | | | CAPS(seq=3, | | opts={Cap2=Cap2Value, | | Cap3=Cap3Value, | | CapTypeList=[Cap1,Cap4]})| |<----------------------------------| | | ]]> Assume that Root queries for capabilities {Cap1, Cap2, Cap3, Cap4} from the peer node. However the peer node does not support or does not understand capability {cap1, cap4}. In this case the peer node will respond back with value of Cap2 and Cap3 (which it understands) and set the CapTypeList option with {Cap1, Cap4} type.