Boeing Research & Technology

P.O. Box 3707 Seattle WA 98124 USA fltemplin@acm.org

I-D Internet-Draft Ad Hoc networks present an IPv6 addressing challenge due to the undetermined neighborhood properties of their interfaces. IPv6 nodes must assign locally-unique and topology-independent IPv6 addresses when topology-oriented IPv6 address delegation services are either absent or only intermittently available. This document introduces a new IPv6 address type (termed the "Multilink Local Address (MLA)") that nodes can autonomously assign to interfaces to support Ad Hoc network operations.

When two or more IPv6 nodes come together to form an Ad Hoc network, they must be able to assign unique addresses to their interfaces and exchange IPv6 packets with peers even if there is no Internetworking infrastructure present. A classical example is a Mobile Ad-hoc Network (MANET) where wireless nodes within a common radio frequency locality discover multihop routes to support peer-to-peer communications. However, arbitrary collections of fixed nodes interconnected by sparse collections of physical links also qualify. See for further characteristics of Ad Hoc networks. Ad Hoc networks often include IPv6 nodes that configure interface attachments to links with undetermined connectivity properties such that multihop traversal may be necessary to span the network. The transitive property of connectivity for conventional shared media links is therefore not assured, while nodes must still be able to configure IPv6 addresses that are unique within the local Ad Hoc network. This is true even for nodes that configure multiple interface attachments to the same Ad Hoc network as a localized multihop/multilink forwarding domain. By its nature, the term "Ad Hoc network" implies logical groupings whereas the historical term "site" suggested physical boundaries such as a building or a campus. In particular, Ad Hoc networks can self-organize autonomously even if they overlap with other (logical) networks, split apart to form multiple smaller networks or join together to form larger networks. Clustering can be applied as a means to divide larger MANETs into smaller logical groupings, noting that Ad Hoc network ecosystems are often in a constant state of flux and likely to change over time. An address type that can be used by nodes that move freely between logical Ad Hoc network boundaries is therefore necessary. The term "Ad Hoc" used throughout this document extends to include isolated local IPv6 networks where peer to peer communications may require multihop and/or multilink traversal regardless of whether the network is particularly mobile or spontaneously organized. For any such isolated network (i.e., one for which Internetworking proxy/servers are either absent or only intermittently available), a topology-independent IPv6 addressing scheme that allows peer nodes to communicate internally is necessary. Therefore, all nodes that connect to such isolated IPv6 networks should be prepared to operate according to this multilink Ad Hoc addressing model when necessary. Each node then coordinates multihop forwarding services at an IPv6-based architectural sublayer termed the "adaptation layer" below the Internetworking layer but above the true link layer. Section 6 of the "IP Addressing Model in Ad Hoc Networks" states that: "an IP address configured on this (Ad Hoc) interface should be unique, at least within the routing domain" and: "no on-link subnet prefix is configured on this (Ad Hoc) interface". The section then continues to explain why IPv6 Link-Local Addresses (LLAs) are of limited utility on links with undetermined connectivity, to the point that they cannot be used exclusively within Ad Hoc network domains. (Note that provides IANA allocations for MANET protocols as a complementary publication.) suggests Global Unicast (aka "GUA") and Unique-Local (aka "ULA") addresses as Ad Hoc network addressing candidates. However, GUAs and ULAs are topology-oriented address types that must be obtained through either administrative actions or an address autoconfiguration service based on IPv6 proxy/servers that connect Ad Hoc networks to larger Internetworks. (In particular topology-oriented address types are typically obtained through DHCPv6 messages and/or Router Advertisement Prefix Information Options with prefix length shorter than 128.) Since such Internetworking services may not always be available, however, this document asserts that a topology-independent and unique Ad Hoc network local IPv6 address type is needed. The address type may include multiple sub-types, some of which may be coordinated with address registration services and others that may be partially or fully self-generated. The key feature of these Ad Hoc network adaptation layer IPv6 addresses is that they must have excellent statistical uniqueness properties such that there is little/no chance of conflicting with an address assigned by another node. The addresses need not include topology-oriented prefixes, since the (newly-formed) Ad Hoc networks may not (yet) connect to established Internetworking topologies. Ad Hoc network nodes must be able to use adaptation layer IPv6 addresses for continuous local communications and/or to coordinate topology-oriented addresses for assignment on other interfaces. A new "Multilink Local" scope for the IPv6 scoped addressing architecture with scope greater than LLA but lesser than ULA/GUA is therefore needed. This document therefore defines a new unique local unicast address variant known as the "Multilink Local Address (MLA)". MLAs that require global uniqueness assurance shall be based on the construct specified in . The MLA is based on a cryptographic hash of a node's public key regarded as its full identify. The MLA is regarded as a unique identity tag that, when assigned to an interface, becomes a valid IPv6 address with multilink-local scope. The MLA must be assured globally unique and routable at least within a limited domain to support MANET Internetworking .

The IPv6 addressing architecture specified in , and defines the supported IPv6 unicast/multicast/anycast address types with various scopes. The IPv6 address assignment policy is further clarified in . ULAs and GUAs are typically obtained through Stateless Address AutoConfiguration (SLAAC) and/or the Dynamic Host Configuration Protocol for IPv6 (DHCPv6) , but these services require the presence of IPv6 Internetworking infrastructure which may not be continuously or even intermittently available in spontaneously-formed Ad Hoc networks. Interface attachments to Ad Hoc networks have the interesting property that a multihop router R will often need to forward packets between nodes A and B even though R uses the same interface in the inbound and outbound directions. Since nodes A and B may not be able to communicate directly even though both can communicate directly with R, the transitive property for link connectivity is not assured and the IPv6 Neighbor Discovery (ND) Redirect service cannot guarantee reliable direct paths. Conversely, R may need to forward packets between nodes A and B via different interfaces within an Ad Hoc network that includes multiple distinct links/regions. Due to these indeterminant multilink properties, exclusive use of IPv6 LLAs is also out of scope. This document therefore introduces a new IPv6 MLA address type based on a well-formed IPv6 prefix "TBD::/N" (see: IANA Considerations). After a node creates an MLA, it can use the address within the context of spontaneously-organized Ad Hoc networks in which two or more nodes come together in the absence of stable supporting infrastructure and can still exchange IPv6 packets with little or no chance of address collisions. The node can limit MLA usage to bootstrapping the assignment of topology-oriented IPv6 addresses through other means mentioned earlier. The node can instead extend its MLA usage to longer term patterns such as sustained communications with single-hop neighbors on a local link or even between multihop peers in an Ad Hoc network.

IPv6 MLAs are topology-independent and can therefore be assigned to interfaces with a /128 prefix length (i.e., as a singleton address). The node can then begin to use an MLA as the Source/Destination Address of IPv6 packets that are forwarded over an interface attachment to an Ad Hoc network multihop forwarding region. A node can specifically assign an MLA to MANET interfaces to support the operation of Ad Hoc network routing protocols and also to an Overlay Multilink Network (OMNI) Interface to support extended MANET Internetworking with remote peers over an OMNI virtual link. MLAs may then serve as a basis for multihop forwarding and/or for local neighborhood discovery over other IPv6 interface types. Due to their uniqueness properties, the node can assign MLAs as optimistic addresses per , however it should take actions to deconflict if it detects in-service duplication.

With reference to a debate that concluded in the earliest years of the third millennium, a case could be made for reclaiming the deprecated site-local address prefix "fec0::/10" for use as a top-level MLA prefix. However, some implementations still honor the deprecation and continue to regard the prefix as a defunct historical artifact. documents the deprecation rationale including the assertion that "Site is an Ill-Defined Concept". However, the concept of an Ad Hoc network is a coherent logical one based on time-varying (multilink) connectivity and not necessarily one constrained by physical boundaries. Especially in Ad Hoc networks that employ a proactive local routing protocol the list of available adaptation layer addresses in each network is continuously updated for temporal consistency. For example, an IPv6 node may connect to multiple distinct Ad Hoc networks with a first set of interfaces connected to network "A", a second set of interfaces connected to network "B", etc. According to the scoped IPv6 addressing architecture , the node would assign a separate MLA to virtual interfaces associated with each Ad Hoc network interface set A, B, etc. and maintain separate Ad Hoc network multihop routing protocol instances for each set. MLAs A, B, etc. then provide a basis for unique router IDs for the separate routing protocol instances, but the IPv6 node may elect to redistribute discovered adaptation layer routes between the instances. The uniqueness properties of MLAs must therefore transcend logical Ad Hoc network boundaries to the extent that global uniqueness assurances are necessary when the scope for MANET dynamics extends to the entire Internet. A means for entering Ad Hoc network local IPv6 Zone Identifiers in user interfaces is necessary according to . Examples of an Ad Hoc network local unicast address qualified by a zone identifier are as follows: TBD::884e:9d2a:73fc:2d94%netA TBD::c63d:9724:fca:1237%netB This document updates the IPv6 scoped addressing architecture by introducing a "Multilink-Local" unicast addressing scope. In particular, this document adds a third unicast address scope to Section 4 of as follows: Multilink-Local scope, for uniquely identifying a node's attached Ad Hoc networks. The size relationship among scopes is further updated as: For unicast scopes, link-local is a smaller scope than Multilink-Local, which is a smaller scope than global. In , Section 5 under: "Zones of the different scopes are instantiated as follows", add the new bullet: Each Ad Hoc network and the interfaces attached to that Ad Hoc network comprise a single zone of Multilink-Local scope (for unicast).

This document updates to add a new address type "Multilink-Local" to the list of IPv6 address types found in Section 1 as: For IPv6, these addresses may be global [RFC3587], Unique-Local [RFC4193], Multilink-Local [RFCXXXX] or Link-Local [RFC4291].

"Default Address Selection for Internet Protocol Version 6 (IPv6)" provides a policy table that specifies precedence values and preferred Source Address prefixes for specific Destination Addresses. "Preference for IPv6 ULAs over IPv4 addresses in RFC6724" updates the policy table entries for ULAs, IPv4 Addresses and the 6to4 prefix (2002::/16). This document proposes a further update to the policy table for IPv6 MLAs. The proposed update appears in the table below:

With the proposed updates, this new MLA address type appears as a lesser precedence than IPv6 GUAs, IPv6 ULAs and IPv4 addresses but as a greater precedence than deprecated IPv6 prefixes.

IPv6 nodes assign unique MLAs to an IPv6 virtual interface (e.g., an OMNI interface) configured over underlying interface attachments to Ad Hoc networks. If the node becomes aware that a tentative self-generated MLA is already in use by another node, it instead generates and assigns a new MLA. If the node becomes aware that an MLA for which it holds a certificate through an official registration service is already in use by another node, it should log and report the incident to the registration service authority. IPv6 routers MAY forward IPv6 packets with adaptation layer MLA Source or Destination Addresses over multiple hops within the same Ad Hoc network as an adaptation layer function. IPv6 routers MUST NOT forward packets with adaptation layer MLA Source or Destination Addresses to a link outside the packet's Ad Hoc network of origin, although MLAs MAY occur as network layer IPv6 Source or Destination Addresses in packets forwarded between disjoint MANETs via the virtual overlay.

In progress.

This document requests that IANA designate 2001:30::/28 as the MLA IPv6 prefix for TBD::/N the same as defined for in the 'iana-ipv6-special-registry'. Future documents may request additional prefixes.

IPv6 MLAs include either very large pseudo-random bit strings with ample statistical unique properties or bit strings that are algorithmically generated and coordinated with a registration service for administratively-ensured uniqueness. In the latter case, the only apparent opportunity for duplication would be through either intentional or unintentional misconfiguration. Certain MLA types may have cryptographically generated portions tied to a certificate with the node's public key while other portions of the address identify a registration service where address proof-of-ownership can be confirmed. This stands in contrast to autonomously assigned and fully self-generated MLAs while relying entirely on statistical uniqueness properties. An IPv6 node that configures an MLA and assigns it to a virtual interface with an optimistic expectation of uniqueness should therefore be prepared to deconflict legitimate duplications.

This work was inspired by continued investigations into 5G MANET operations in cooperation with the Virginia Tech National Security Institute (VTNSI). Emerging discussions both in-person and on the IPv6 maintenance (6man) and MANET mailing lists continue to shape updated versions of this document. The author acknowledges all whose useful comments have helped further the understanding of this proposal. Honoring life, liberty and the pursuit of happiness.

<< RFC Editor - remove prior to publication >> Differences from earlier versions: Further clarifications on MLAs as identity tags. Introduced MANET Internetworking. Promote RFC9374 as the normative specification for administratively coordinated MLAs. Updated abstract, introduction and references. Removed section on "Obtaining and Assigning IPv6 ULAs/GUAs" as out of scope for this document. Version update. Significant updates to requirements. Relaxed "1x1" assignment of MLAs to a single MANET. Included references for candidate MLA types. Stress address deconfliction instead of deprecation when address duplication is detected. Security considerations for MLA types that support remote attestation. Discussion of site as an ill-defined concept in contrast to "Multilink Local Scope". Change reference to RFC6296. Added more explanation about Ad Hoc Networks. MLAs now assigned only to a virtual interface associated with the Ad-Hoc network and not the physical interfaces themselves. Added specifics of how this document updates other RFCs.