IPv6 Addresses for Ad Hoc NetworksBoeing Research & TechnologyP.O. Box 3707SeattleWA98124USAfltemplin@acm.orgI-DInternet-DraftAd Hoc networks often present a challenging environment
for IPv6 addressing due to the indeterminant neighborhood
properties of their interfaces. IPv6 nodes must assign IPv6
addresses to their interface connections to Ad Hoc networks that
are locally unique but must not be propagated to other networks.
IPv6 nodes must therefore be able to assign self-generated
addresses to their interfaces when there are no IPv6
Internetworking routers present that can coordinate
topology-relative IPv6 addresses or prefixes. This document
specifies IPv6 address types that can be assigned to Ad Hoc
network interfaces.When two or more IPv6 nodes come
together within an Ad Hoc network operating region (e.g., such
as in a Mobile Ad-hoc NETwork (MANET)), they must be able to
assign unique addresses, discover multihop routes and exchange
IPv6 packets with peers even if there is no Internetworking
infrastructure present.Ad Hoc networks often include IPv6 nodes that configure
interface connections to links with undetermined connectivity
properties such that multihop traversal may be necessary to
span the network. These same principles may apply for both
wireless and wired-line communications. The transitive property
of connectivity for conventional shared media links is therefore
not assured, while IPv6 nodes must still be able to assign and
use IPv6 addresses that are unique within the local Ad Hoc
network. This is true even for nodes that configure multiple
interface connections to the same Ad Hoc network as a
localized multihop forwarding domain with multiple links.By its nature, the term "Ad Hoc network" implies logical
groupings whereas the historical term "site" suggested physical
boundaries such as a building or a campus. In particular, Ad
Hoc networks can self-organize amorphously even if they overlap
with other (logical) networks, split apart to form multiple
smaller networks or join together to form larger networks.
Clustering has been suggested as a means to organize these
logical groupings, but Ad Hoc network ecosystems are often
in a constant state of flux and likely to change over time.
An address type that can be used by nodes that float freely
between logical Ad Hoc network boundaries is therefore necessary.The term "Ad Hoc" used throughout this document extends
to include isolated localized IPv6 networks where peer to
peer communications may require multihop traversal of multiple
links whether or not the peers are particularly mobile
or ad hoc. For any isolated Ad Hoc network (i.e., one for
which IPv6 Internetworking routers are either absent or
only intermittently available), a localized IPv6 addressing
scheme that allows Ad Hoc nodes to communicate internally is
necessary. Therefore, all IPv6 nodes that connect to Ad Hoc
networks should be prepared to operate according to this
Ad Hoc network multilink addressing model when necessary.
Ad Hoc network multihop forwarding services are then
coordinated at an architectural sublayer termed the
"adaptation layer" below the IPv6 Internetworking layer
but above the true link layer.Section 6 of the "IP Addressing Model in Ad Hoc Networks"
states that: "an IP address configured
on this (Ad Hoc) interface should be unique, at least within the
routing domain" and: "no on-link subnet prefix is configured
on this (Ad Hoc) interface". The section then continues to explain
why IPv6 Link-Local Addresses (LLAs) are of limited utility on
links with undetermined connectivity, to the point that they
cannot be used exclusively within Ad Hoc network domains. suggests that Global Unicast (aka "GUA") and Unique-Local
(aka "ULA") addresses are Ad Hoc network addressing candidates.
However, provisioning of unique GUAs and ULAs must be coordinated
either through administrative actions or through an automated
address delegation service coordinated by IPv6 Internetworking
routers that connect the Ad Hoc network to other networks. Since
such routers may not always be available, this document asserts
that new forms of self-generated and unique Ad Hoc network local
IPv6 addresses are needed.The key feature of these Ad Hoc network adaptation layer IPv6
addresses is that they must be assured unique so that there is no
chance of conflicting with an address assigned by another node. There
is no requirement that the addresses include topologically-oriented
prefixes, since the (newly-formed) Ad Hoc networks may not (yet)
connect to any other Internetworking topologies.Ad Hoc network nodes must be able to use adaptation layer
IPv6 addresses for continuous local communications and/or to
coordinate topologically-oriented addresses for assignment on
other interfaces. A new "Multilink Local" scope for the IPv6
scoped addressing architecture with
scope greater than link-local but lesser than GUA/ULA is
therefore necessary.This document defines a new unique local unicast address
variant known as "Multilink Local Addresses (MLAs)". "Type-1"
MLAs utilize the IPv6 prefix reserved for Overlay Routable
Cryptographic Hash Identifiers Version 2 (ORCHIDv2) (also known as Host Identity Tags (HITs) ). "Type-2" MLAs utilize the IPv6 prefix reserved
for the Hierarchical Host Identity Tag / DRIP Entity Tag (HHIT/DET)
. Other MLA types may be specified in
future documents.The term "multilink interface" refers to a node's IPv6 interface
connection to an Ad Hoc network with undetermined connectivity
properties where neighbor relationships appear as point-to-point
"links" and multiple adaptation layer forwarding hops between
peers may be necessary. However, the same principles apply for
Ad Hoc network interfaces with full neighborhood connectivity
including multiple access links such as Ethernet.The IPv6 addressing architecture specified in , and
defines the supported IPv6 unicast/multicast/anycast address
forms with various scopes including link- and site-local.
ULAs and GUAs are typically obtained through Stateless Address
AutoConfiguration (SLAAC) and/or the
Dynamic Host Configuration Protocol for IPv6 (DHCPv6) , but these services require the presence
of IPv6 network infrastructure which may not be immediately
available in spontaneously-formed Ad Hoc networks.The Universally-Unique IDentifier (UUID) specified in offers several methods for a node to generate
a unique identifier for itself that is not an IP address. The
Type-1 MLA specified in this document provides a purely-random
generation method in the spirit of UUID while creating a
properly formed IPv6 address as specified below.ORCHIDv2 (also known as the Host
Identity Tag (HIT) ) provides an IPv6
address type that an Ad Hoc network node can use for adaptation
layer address self-generation as a Type-1 MLA instead of or
in addition to other MLA types. A related IPv6 address type
termed the Hierarchical Host Identity Tag or DRIP Entity Tag
(HHIT/DET) provides a Type-2 MLA
as a properly formed IPv6 address format with exceptional
uniqueness properties. A portion of the HHIT/DET includes a
64-bit hash of the node's ORCHIDv2 while the remainder of the
address includes a properly formed IPv6 prefix plus bits
corresponding to an attestation service that supports address
proof-of-ownership. Verification of the attestation aspect of
the address requires access to network infrastructure, but
this may not always be available. Hence, a fully self-generated
MLA type may be necessary in environments where an HHIT/DET
cannot be used.Multilink interface connections to Ad Hoc networks have the
interesting property that a multihop router R will often need
to forward packets between nodes A and B even though R uses
the same interface in the inbound and outbound directions.
Since nodes A and B may not be able to communicate directly
even though both can communicate directly with R, the link
connectivity property is intransitive and the IPv6 Neighbor
Discovery (ND) Redirect service cannot be used. Conversely,
R may need to forward packets between nodes A and B via
different multilink interfaces within a single Ad Hoc network
that includes multiple distinct links/regions. Due to these
indeterminant multilink properties, exclusive use of
IPv6 Link Local Addresses (LLAs) is also out of scope.This document therefore introduces MLA Type-1 as a fully
self-generated IPv6 unicast address type that can be used
either instead of or in addition to other types. MLA Type-1
uses the prefix 2001:20::/28 and with the least significant
bits of the address set according to .
This document also introduces a new HIT Suite ID "RANDOM" for
the IANA "hip parameters" registry with value set to TBD.
To create a RANDOM Type-1 MLA, the node sets the prefix to
2001:2x::/32 (where x = TBD) and generates a 96-bit random
number according to the best practices guidelines found in
Section 6.9 of . The node then copies
the random number into the remainder of the IPv6 address
following the prefix 2001:2x::/32. For example:2001:2x:de12:4b74:884e:9d2a:73fc:2d94After a node creates an MLA, it can use the address
within the context of spontaneously-organized Ad Hoc networks
in which two or more nodes come together in the absence of
stable supporting infrastructure and can still exchange IPv6
packets with little or no chance of address collisions. The
use could be limited to bootstrapping the assignment of
topologically correct IPv6 addresses through other means
mentioned earlier, or it could extend to longer term usage
patterns such as sustained communications with single-hop
neighbors on a local link or even between multihop peers
within an Ad Hoc network.IPv6 MLAs have no topological orientation and can therefore
be assigned to any of a node's IPv6 multilink interfaces with
a /128 prefix length (i.e., as a singleton address). The node
can then begin to use an MLA as the source/destination address
of IPv6 packets that are forwarded over the interface within
an Ad Hoc network multihop forwarding region. The node can
assign the same MLA to multiple multilink interfaces all
members of the same Ad Hoc network according to the scoped
addressing architecture.MLAs may then serve as a basis for multihop forwarding over
an IPv6 interface and/or for local neighborhood discovery over
other IPv6 interface types. Due to their uniqueness properties,
the node can assign these address types to a multilink interface
as optimistic addresses per , however it
should deprecate an MLA if it detects in-service duplication.A node can also assign an MLA to an Overlay Multilink Network
(OMNI) Interface as discussed in .
In that case, the MLA can be used to support global-scoped communications
over the OMNI link.Returning to a debate from more than 20 years ago, a
case could be made for reclaiming the deprecated site-local
address prefix "fec0::/10" for use as the Type-1 MLA top-level
prefix. However, some implementations still honor the deprecation
and continue to regard the prefix as a non-functional historical
artifact. documents the deprecation rationale
including the assertion that "Site is an Ill-Defined Concept".
However, the concept of an Ad Hoc network is a coherent logical
one based on time-varying (multilink) connectivity and not
necessarily one constrained by physical boundaries. Especially
in Ad Hoc networks that employ a proactive local routing protocol
the list of available adaptation layer addresses in each network
is continuously updated for temporal consistency.For example, an IPv6 node may connect to multiple distinct
Ad Hoc networks with a first set of multilink interfaces
connected to network "A", a second set of interfaces
connected to network "B", etc. According to the scoped
IPv6 addressing architecture, the node would assign a
separate MLA for each multilink interface set A, B, etc.
and maintain separate Ad Hoc network multihop routing protocol
instances for each set. MLAs A, B, etc. then become the router
IDs for the separate routing protocol instances, but the IPv6
node may elect to redistribute discovered adaptation layer
routes between the instances. The uniqueness properties of
MLAs therefore transcends logical Ad Hoc network boundaries
but without "leaking" into external networks.A means for entering Ad Hoc network local IPv6 Zone
Identifiers in user interfaces is necessary according
to . Examples of
an Ad Hoc network local unicast address qualified by a
zone identifier are as follows (where '*' represents an
unspecified hexadecimal digit in the range of '0' to 'f'):2001:2*:de12:4b74:884e:9d2a:73fc:2d94%netA (Type-1)2001:3*:5efe:2018:c63d:9724:fca:1237%netB (Type-2)Upon publication as a standards track RFC, the RFC Editor
is instructed to update and to reflect this new address type for Ad
Hoc networks in the IPv6 scoped addressing architecture.IPv6 nodes assign MLAs to their IPv6 multilink interfaces for
use only within the scope of locally connected Ad Hoc networks.
These MLAs can appear in Ad Hoc network multihop routing protocol
control messages and can also appear as the source and destination
addresses for IPv6 packets forwarded within the locally connected
Ad Hoc networks.In order to support communications beyond the Ad Hoc
local scope, each IPv6 node is required to obtain an IPv6
GUA/ULA pair through an IPv6 Internetworking border router
or proxy that connects the Ad Hoc network to other networks.
Since the border router/proxy may be multiple adaptation layer
hops away, however, the IPv6 node configures and engages
OMNI Interface as specified in . The IPv6 node assigns the
GUA/ULA to the OMNI interface which forwards original
packets by inserting an adaptation layer IPv6 encapsulation
header that uses MLAs as source/destination addresses while
the original packet uses GUAs/ULAs.The IPv6 Internetworking border router/proxy may be
configured as an IPv6-to-IPv6 Network Prefix Translation
(NPTv6) gateway that maintains a 1:1 relationship between
the ULA on the "inside" and a GUA on the "outside" as
discussed in .
The NPTv6 gateway will then statelessly translate each
ULA into its corresponding GUA (and vice versa) for
IPv6 packets that transit between the inside and
outside domains.The gateway provides service per the "ULA-Only" or
"ULA+PA"
connected network models. The IPv6 node can then use the
ULA for local-scoped communications with internal peers
and the GUA for global-scoped communications with external
peers via the gateway as either a "NPTv6 translator" or
"NPTv6 pass-through". IPv6 nodes can then select address
pair combinations according to IPv6 default address
selection rules .After receiving a ULA+PA GUA delegation, IPv6 nodes
that require Provider-Independent (PI) GUAs can use the OMNI
interface in conjunction with the Automatic Extended Route
Optimization (AERO) global distributed mobility management
service to request
and maintain IPv6 and/or IPv4 PI prefixes from the mobility
service. The IPv6 node can then sub-delegate GUAs from
the PI prefixes to its attached downstream local networks
which may in turn engage an arbitrarily large IPv6 and/or
IPv4 "Internet of Things"."Default Address Selection for Internet Protocol Version 6
(IPv6)" provides a policy table that
specifies precedence values and preferred source prefixes for
destination prefixes. "Preference for IPv6 ULAs over IPv4
addresses in RFC6724"
updates the policy table entries for ULAs, IPv4 addresses and
the 6to4 prefix (2002::/16).This document proposes a further update to the policy table
for IPv6 Type-1 (prefix 2001:20::/28) and Type-2 (prefix 2001:30::/28)
MLAs. The proposed updates appear in the table below:
With the proposed updates, these new MLA types appear as a
lesser precedence than IPv6 GUAs, IPv6 ULAs and IPv4 addresses.
Within this hierarchy, Type-2's appear as a greater precedence
than Type-1's. Type-1 MLAs now appear as a greater precedence
than deprecated IPv6 prefixes but a lesser precedence than all
other address types.IPv6 nodes MAY assign MLAs to their multilink interface
connections to Ad Hoc networks. If the node becomes aware
that the address is already in use by another node, it
instead generates and assigns a new MLA.IPv6 routers MAY forward IPv6 packets with MLA source
or destination addresses over multiple hops within the
same Ad Hoc network as an adaptation layer function.IPv6 routers MUST NOT forward packets with MLA source
or destination addresses to a link outside the packet's
Ad Hoc network of origin as an adaptation layer service.IPv6 nodes MAY assign MLAs to the OMNI interface
allowing routers to forward original packets with MLA
addresses at the IPv6 layer. In that case, the MLAs
appear as /128 routes in the OMNI link IPv6 routing
service.In progress.Upon publication, IANA is instructed to delegate a new
"HIT Suite ID" in the IANA "hip-parameters" registry to
indicate "RANDOM" and with value TBD. With this suite ID
TBD encoded in the four bits following 2001:20::/28 the
algorithm for assigning the 96 least significant bits
of the MLA can be assumed as true random.IPv6 MLAs include very large uniquely-assigned bit strings
in both the prefix and interface identifier components which
together provide strong uniqueness properties.With the random generation procedures specified in for
the various MLA types, the only apparent opportunity for
MLA duplication would be through either intentional or
unintentional misconfiguration.An IPv6 node that generates an MLA and assigns it to
an interface should therefore be prepared to deprecate the
MLA and generate/assign a new one if it detects a legitimate
duplicate.Additional security considerations for MLA Type-1 are
documented in and for MLA Type-2
appear in .This work was inspired by continued investigations into
5G MANET operations in cooperation with the Virginia Tech
National Security Institute (VTNSI).Emerging discussions both in-person and on the IPv6
maintenance (6man) mailing list continue to shape updated
versions of this document. The author acknowledges all those
whose useful comments have helped further the understanding
of this proposal.Honoring life, liberty and the pursuit of happiness.<< RFC Editor - remove prior to publication >>Differences from earlier versions:First draft publication.