Internet Engineering Task Force (IETF) N. Benamar
Request for Comments: 8691 Moulay Ismail University of Meknes
Category: Standards Track J. Härri
ISSN: 2070-1721 EURECOM
J. Lee
Sangmyung University
T. Ernst
YoGoKo
December 2019
Basic Support for IPv6 Networks Operating Outside the Context of a Basic
Service Set over IEEE Std 802.11
Abstract
This document provides methods and settings for using IPv6 to
communicate among nodes within range of one another over a single
IEEE 802.11-OCB link. Support for these methods and settings require
minimal changes to existing stacks. This document also describes
limitations associated with using these methods. Optimizations and
usage of IPv6 over more complex scenarios are not covered in this
specification and are a subject for future work.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc8691.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction
2. Terminology
3. Communication Scenarios Where IEEE 802.11-OCB Links Are Used
4. IPv6 over 802.11-OCB
4.1. Maximum Transmission Unit (MTU)
4.2. Frame Format
4.3. Link-Local Addresses
4.4. Stateless Autoconfiguration
4.5. Address Mapping
4.5.1. Address Mapping -- Unicast
4.5.2. Address Mapping -- Multicast
4.6. Subnet Structure
5. Security Considerations
5.1. Privacy Considerations
5.1.1. Privacy Risks of Meaningful Information in Interface
IDs
5.2. MAC Address and Interface ID Generation
5.3. Pseudonymization Impact on Confidentiality and Trust
6. IANA Considerations
7. References
7.1. Normative References
7.2. Informative References
Appendix A. 802.11p
Appendix B. Aspects Introduced by OCB Mode to 802.11
Appendix C. Changes Needed on an 802.11a Software Driver to Become
an 802.11-OCB Driver
Appendix D. Protocol Layering
Appendix E. Design Considerations
Appendix F. IEEE 802.11 Messages Transmitted in OCB Mode
Appendix G. Examples of Packet Formats
G.1. Capture in Monitor Mode
G.2. Capture in Normal Mode
Appendix H. Extra Terminology
Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless
Links
Acknowledgements
Contributors
Authors' Addresses
1. Introduction
This document provides a baseline for using IPv6 to communicate among
nodes in range of one another over a single IEEE 802.11-OCB link
[IEEE-802.11-2016] (a.k.a., 802.11p; see Appendices A, B, and C) with
minimal changes to existing stacks. Moreover, the document
identifies the limitations of such usage. Concretely, the document
describes the layering of IPv6 networking on top of the IEEE Std
802.11 MAC layer or an IEEE Std 802.3 MAC layer with a frame
translation underneath. The resulting stack is derived from IPv6
over Ethernet [RFC2464] but operates over 802.11-OCB to provide at
least P2P (point-to-point) connectivity using IPv6 Neighbor Discovery
(ND) and link-local addresses.
The IPv6 network layer operates on 802.11-OCB in the same manner as
operating on the Ethernet with the following exceptions:
* Exceptions due to the different operation of the IPv6 network
layer on 802.11 compared to the Ethernet. The operation of IP on
Ethernet is described in [RFC1042] and [RFC2464].
* Exceptions due to the OCB nature of 802.11-OCB compared to 802.11.
This has impacts on security, privacy, subnet structure, and
movement detection. Security and privacy recommendations are
discussed in Sections 4.4 and 5. The subnet structure is
described in Section 4.6. The movement detection on OCB links is
not described in this document. Likewise, ND extensions and IP
Wireless Access in Vehicular Environments (IPWAVE) optimizations
for vehicular communications are not in scope of this document.
The expectation is that further specifications will be edited to
cover more complex vehicular networking scenarios.
The reader may refer to [IPWAVE] for an overview of problems related
to running IPv6 over 802.11-OCB. It is out of scope of this document
to reiterate those problems.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
The document makes uses of the following terms:
IP-OBU (Internet Protocol On-Board Unit):
An IP-OBU denotes a computer situated in a vehicle such as a car,
bicycle, or similar. It has at least one IP interface that runs
in mode OCB of 802.11 and has an "OBU" transceiver. See the
definition of the term "OBU" in Appendix H.
IP-RSU (IP Roadside Unit):
An IP-RSU is situated along the road. It has at least two
distinct IP-enabled interfaces. The wireless PHY/MAC layer of at
least one of its IP-enabled interfaces is configured to operate in
802.11-OCB mode. An IP-RSU communicates with the IP-OBU over an
802.11 wireless link operating in OCB mode. An IP-RSU is similar
to an Access Network Router (ANR), defined in [RFC3753], and a
Wireless Termination Point (WTP), defined in [RFC5415].
OCB (outside the context of a Basic Service Set - BSS):
This is a mode of operation in which a station (STA) is not a
member of a BSS and does not utilize IEEE Std 802.11
authentication, association, or data confidentiality.
802.11-OCB:
This refers to the mode specified in IEEE Std 802.11-2016 when the
MIB attribute dot11OCBActivited is 'true'.
3. Communication Scenarios Where IEEE 802.11-OCB Links Are Used
IEEE 802.11-OCB networks are used for vehicular communications as
'Wireless Access in Vehicular Environments'. In particular, we refer
the reader to [IPWAVE], which lists some scenarios and requirements
for IP in Intelligent Transportation Systems (ITS).
The link model is the following: STA --- 802.11-OCB --- STA. In
vehicular networks, STAs can be IP-RSUs and/or IP-OBUs. All links
are assumed to be P2P, and multiple links can be on one radio
interface. While 802.11-OCB is clearly specified and a legacy IPv6
stack can operate on such links, the use of the operating environment
(vehicular networks) brings in new perspectives.
4. IPv6 over 802.11-OCB
4.1. Maximum Transmission Unit (MTU)
The default MTU for IP packets on 802.11-OCB is inherited from
[RFC2464] and, as such, is 1500 octets. As noted in [RFC8200], every
link on the Internet must have a minimum MTU of 1280 octets and must
follow the other recommendations, especially with regard to
fragmentation.
4.2. Frame Format
IP packets MUST be transmitted over 802.11-OCB media as QoS data
frames whose format is specified in an IEEE 802.11 spec
[IEEE-802.11-2016].
The IPv6 packet transmitted on 802.11-OCB is immediately preceded by
a Logical Link Control (LLC) header and an 802.11 header. In the LLC
header and in accordance with EtherType Protocol Discrimination (EPD;
see Appendix D), the value of the Type field MUST be set to 0x86DD
(IPv6). The mapping to the 802.11 data service SHOULD use a
'priority' value of 1 (QoS with a 'Background' user priority),
reserving higher priority values for safety-critical and time-
sensitive traffic, including the ones listed in [ETSI-sec-archi].
To simplify the Application Programming Interface (API) between the
operating system and the 802.11-OCB media, device drivers MAY
implement IPv6 over Ethernet as per [RFC2464] and then a frame
translation from 802.3 to 802.11 in order to minimize the code
changes.
4.3. Link-Local Addresses
There are several types of IPv6 addresses [RFC4291] [RFC4193] that
may be assigned to an 802.11-OCB interface. Among these types of
addresses, only the IPv6 link-local addresses can be formed using an
EUI-64 identifier, particularly during transition time (the period of
time before an interface starts using an address different from the
LL one).
If the IPv6 link-local address is formed using an EUI-64 identifier,
then the mechanism for forming that address is the same mechanism as
that used to form an IPv6 link-local address on Ethernet links.
Moreover, regardless of whether the interface identifier is derived
from the EUI-64 identifier, its length is 64 bits, as is the case for
the Ethernet [RFC2464].
4.4. Stateless Autoconfiguration
The steps a host takes in deciding how to autoconfigure its
interfaces in IPv6 are described in [RFC4862]. This section
describes the formation of Interface Identifiers for 'Global' or
'Unique Local' IPv6 addresses. Interface Identifiers for 'link-
local' IPv6 addresses are discussed in Section 4.3.
The RECOMMENDED method for forming stable Interface Identifiers
(IIDs) is described in [RFC8064]. The method of forming IIDs
described in Section 4 of [RFC2464] MAY be used during transition
time, particularly for IPv6 link-local addresses. Regardless of the
method used to form the IID, its length is 64 bits, similarly to IPv6
over Ethernet [RFC2464].
The bits in the IID have no specific meaning, and the identifier
should be treated as an opaque value. The bits 'Universal' and
'Group' in the identifier of an 802.11-OCB interface, which is an
IEEE link-layer address, are significant. The details of this
significance are described in [RFC7136].
Semantically opaque IIDs, instead of meaningful IIDs derived from a
valid and meaningful MAC address ([RFC2464], Section 4), help avoid
certain privacy risks (see the risks mentioned in Section 5.1.1). If
semantically opaque IIDs are needed, they may be generated using the
method for generating semantically opaque IIDs with IPv6 Stateless
Address Autoconfiguration given in [RFC7217]. Typically, an opaque
IID is formed starting from identifiers different from the MAC
addresses and from cryptographically strong material. Thus, privacy-
sensitive information is absent from Interface IDs because it is
impossible to calculate back the initial value from which the
Interface ID was first generated.
Some applications that use IPv6 packets on 802.11-OCB links (among
other link types) may benefit from IPv6 addresses whose IIDs don't
change too often. It is RECOMMENDED to use the mechanisms described
in [RFC7217] to permit the use of stable IIDs that do not change
within one subnet prefix. A possible source for the Net_Iface
parameter is a virtual interface name or logical interface name that
is decided by a local administrator.
4.5. Address Mapping
Unicast and multicast address mapping MUST follow the procedures
specified for Ethernet interfaces described in Sections 6 and 7 of
[RFC2464].
4.5.1. Address Mapping -- Unicast
This document is scoped for Address Resolution (AR) and Duplicate
Address Detection (DAD) per [RFC4862].
4.5.2. Address Mapping -- Multicast
The multicast address mapping is performed according to the method
specified in Section 7 of [RFC2464]. The meaning of the value
"33-33" mentioned there is defined in Section 2.3.1 of [RFC7042].
Transmitting IPv6 packets to multicast destinations over 802.11 links
proved to have some performance issues [IEEE802-MCAST]. These issues
may be exacerbated in OCB mode. Future improvement to this
specification should consider solutions for these problems.
4.6. Subnet Structure
When vehicles are in close range, a subnet may be formed over
802.11-OCB interfaces (not by their in-vehicle interfaces). A Prefix
List conceptual data structure ([RFC4861], Section 5.1) is maintained
for each 802.11-OCB interface.
The IPv6 Neighbor Discovery protocol (ND) requires reflexive
properties (bidirectional connectivity), which is generally, though
not always, the case for P2P OCB links. IPv6 ND also requires
transitive properties for DAD and AR, so an IPv6 subnet can be mapped
on an OCB network only if all nodes in the network share a single
physical broadcast domain. The extension to IPv6 ND operating on a
subnet that covers multiple OCB links and does not fully overlap
(i.e., non-broadcast multi-access (NBMA)) is not in scope of this
document. Finally, IPv6 ND requires permanent connectivity of all
nodes in the subnet to defend their addresses -- in other words, very
stable network conditions.
The structure of this subnet is ephemeral in that it is strongly
influenced by the mobility of vehicles: the hidden terminal effects
appear, and the 802.11 networks in OCB mode may be considered ad hoc
networks with an addressing model, as described in [RFC5889]. On the
other hand, the structure of the internal subnets in each vehicle is
relatively stable.
As recommended in [RFC5889], when the timing requirements are very
strict (e.g., fast-drive-through IP-RSU coverage), no on-link subnet
prefix should be configured on an 802.11-OCB interface. In such
cases, the exclusive use of IPv6 link-local addresses is RECOMMENDED.
Additionally, even if the timing requirements are not very strict
(e.g., the moving subnet formed by two following vehicles is stable,
a fixed IP-RSU is absent), the subnet is disconnected from the
Internet (i.e., a default route is absent), and the addressing peers
are equally qualified (that is, it is impossible to determine whether
some vehicle owns and distributes addresses to others), the use of
link-local addresses is RECOMMENDED.
The baseline ND protocol [RFC4861] MUST be supported over 802.11-OCB
links. Transmitting ND packets may prove to have some performance
issues, as mentioned in Section 4.5.2 and Appendix I. These issues
may be exacerbated in OCB mode. Solutions for these problems should
consider the OCB mode of operation. Future solutions to OCB should
consider solutions for avoiding broadcast. The best of current
knowledge indicates the kinds of issues that may arise with ND in OCB
mode; they are described in Appendix I.
Protocols like Mobile IPv6 [RFC6275] [RFC3963] and DNAv6 [RFC6059],
which depend on timely movement detection, might need additional
tuning work to handle the lack of link-layer notifications during
handover. This topic is left for further study.
5. Security Considerations
Any security mechanism at the IP layer or above that may be
implemented for the general case of IPv6 may also be implemented for
IPv6 operating over 802.11-OCB.
The OCB operation does not use existing 802.11 link-layer security
mechanisms. There is no encryption applied below the network layer
running on 802.11-OCB. At the application layer, the IEEE 1609.2
document [IEEE-1609.2] provides security services for certain
applications to use; application-layer mechanisms are out of scope of
this document. On the other hand, a security mechanism provided at
the networking layer, such as IPsec [RFC4301], may provide data
security protection to a wider range of applications.
802.11-OCB does not provide any cryptographic protection because it
operates outside the context of a BSS (no Association Request/
Response or Challenge messages). Therefore, an attacker can sniff or
inject traffic while within range of a vehicle or IP-RSU (by setting
an interface card's frequency to the proper range). Also, an
attacker may not adhere to the legal limits for radio power and can
use a very sensitive directional antenna; if attackers wish to attack
a given exchange, they do not necessarily need to be in close
physical proximity. Hence, such a link is less protected than
commonly used links (a wired link or the aforementioned 802.11 links
with link-layer security).
Therefore, any node can join a subnet and directly communicate with
any nodes on the subset, including potentially impersonating another
node. This design allows for a number of threats outlined in
Section 3 of [RFC6959]. While not widely deployed, SEND [RFC3971]
[RFC3972] is a solution that can address spoof-based attack vectors.
5.1. Privacy Considerations
As with all Ethernet and 802.11 interface identifiers [RFC7721], the
identifier of an 802.11-OCB interface may involve privacy, MAC
address spoofing, and IP hijacking risks. A vehicle embarking an IP-
OBU whose egress interface is 802.11-OCB may expose itself to
eavesdropping and subsequent correlation of data. This may reveal
data considered private by the vehicle owner; there is a risk of
being tracked. In outdoor public environments, where vehicles
typically circulate, the privacy risks are greater than in indoor
settings. It is highly likely that attacker sniffers are deployed
along routes that listen for IEEE frames, including IP packets, of
vehicles passing by. For this reason, in 802.11-OCB deployments,
there is a strong necessity to use protection tools such as
dynamically changing MAC addresses (Section 5.2), semantically opaque
Interface Identifiers, and stable Interface Identifiers
(Section 4.4). An example of a change policy is to change the MAC
address of the OCB interface each time the system boots up. This may
help mitigate privacy risks to a certain level. Furthermore, for
privacy concerns, [RFC8065] recommends using an address-generation
scheme rather than generating addresses from a fixed link-layer
address. However, there are some specificities related to vehicles.
Since roaming is an important characteristic of moving vehicles, the
use of the same Link-Local Address over time can indicate the
presence of the same vehicle in different places and thus lead to
location tracking. Hence, a vehicle should get hints about a change
of environment (e.g., engine running, GPS, etc.) and renew the IID in
its LLAs.
5.1.1. Privacy Risks of Meaningful Information in Interface IDs
The privacy risks of using MAC addresses displayed in Interface
Identifiers are important. IPv6 packets can be captured easily on
the Internet and on-link on public roads. For this reason, an
attacker may realize many attacks on privacy. One such attack on
802.11-OCB is to capture, store, and correlate company ID information
present in the MAC addresses of a large number of cars (e.g.,
listening for Router Advertisements or other IPv6 application data
packets, and recording the value of the source address in these
packets). Further correlation of this information with other data
captured by other means or other visual information (e.g., car color)
may constitute privacy risks.
5.2. MAC Address and Interface ID Generation
In 802.11-OCB networks, the MAC addresses may change during well-
defined renumbering events. At the moment the MAC address is changed
on an 802.11-OCB interface, all the Interface Identifiers of IPv6
addresses assigned to that interface MUST change.
Implementations should use a policy dictating when the MAC address is
changed on the 802.11-OCB interface. For more information on the
motivation of this policy, please refer to the privacy discussion in
Appendix B.
A 'randomized' MAC address has the following characteristics:
* The "Local/Global" bit is set to "locally administered".
* The "Unicast/Multicast" bit is set to "Unicast".
* The 46 remaining bits are set to a random value using a random
number generator that meets the requirements of [RFC4086].
To meet the randomization requirements for the 46 remaining bits, a
hash function may be used. For example, the hash function defined in
[SHA256] may be used with the input of a 256-bit local secret, the
'nominal' MAC address of the interface, and a representation of the
date and time of the renumbering event.
A randomized Interface ID has the same characteristics of a
randomized MAC address except for the length in bits.
5.3. Pseudonymization Impact on Confidentiality and Trust
Vehicle and drivers privacy relies on pseudonymization mechanisms
such as the ones described in Section 5.2. This pseudonymization
means that upper-layer protocols and applications SHOULD NOT rely on
layer-2 or layer-3 addresses to assume that the other participant can
be trusted.
6. IANA Considerations
This document has no IANA actions.
7. References
7.1. Normative References
[IEEE-802.11-2016]
IEEE, "IEEE Standard for Information technology -
Telecommunications and information exchange between
systems Local and metropolitan area networks--Specific
requirements - Part 11: Wireless LAN Medium Access Control
(MAC) and Physical Layer (PHY) Specifications", IEEE
Standard 802.11-2016, December 2016,
<https://standards.ieee.org/findstds/
standard/802.11-2016.html>.
[RFC1042] Postel, J. and J. Reynolds, "Standard for the transmission
of IP datagrams over IEEE 802 networks", STD 43, RFC 1042,
DOI 10.17487/RFC1042, February 1988,
<https://www.rfc-editor.org/info/rfc1042>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC2464] Crawford, M., "Transmission of IPv6 Packets over Ethernet
Networks", RFC 2464, DOI 10.17487/RFC2464, December 1998,
<https://www.rfc-editor.org/info/rfc2464>.
[RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker,
"Randomness Requirements for Security", BCP 106, RFC 4086,
DOI 10.17487/RFC4086, June 2005,
<https://www.rfc-editor.org/info/rfc4086>.
[RFC4191] Draves, R. and D. Thaler, "Default Router Preferences and
More-Specific Routes", RFC 4191, DOI 10.17487/RFC4191,
November 2005, <https://www.rfc-editor.org/info/rfc4191>.
[RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast
Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005,
<https://www.rfc-editor.org/info/rfc4193>.
[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, DOI 10.17487/RFC4291, February
2006, <https://www.rfc-editor.org/info/rfc4291>.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, DOI 10.17487/RFC4301,
December 2005, <https://www.rfc-editor.org/info/rfc4301>.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
DOI 10.17487/RFC4861, September 2007,
<https://www.rfc-editor.org/info/rfc4861>.
[RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless
Address Autoconfiguration", RFC 4862,
DOI 10.17487/RFC4862, September 2007,
<https://www.rfc-editor.org/info/rfc4862>.
[RFC5415] Calhoun, P., Ed., Montemurro, M., Ed., and D. Stanley,
Ed., "Control And Provisioning of Wireless Access Points
(CAPWAP) Protocol Specification", RFC 5415,
DOI 10.17487/RFC5415, March 2009,
<https://www.rfc-editor.org/info/rfc5415>.
[RFC6059] Krishnan, S. and G. Daley, "Simple Procedures for
Detecting Network Attachment in IPv6", RFC 6059,
DOI 10.17487/RFC6059, November 2010,
<https://www.rfc-editor.org/info/rfc6059>.
[RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility
Support in IPv6", RFC 6275, DOI 10.17487/RFC6275, July
2011, <https://www.rfc-editor.org/info/rfc6275>.
[RFC7042] Eastlake 3rd, D. and J. Abley, "IANA Considerations and
IETF Protocol and Documentation Usage for IEEE 802
Parameters", BCP 141, RFC 7042, DOI 10.17487/RFC7042,
October 2013, <https://www.rfc-editor.org/info/rfc7042>.
[RFC7136] Carpenter, B. and S. Jiang, "Significance of IPv6
Interface Identifiers", RFC 7136, DOI 10.17487/RFC7136,
February 2014, <https://www.rfc-editor.org/info/rfc7136>.
[RFC7217] Gont, F., "A Method for Generating Semantically Opaque
Interface Identifiers with IPv6 Stateless Address
Autoconfiguration (SLAAC)", RFC 7217,
DOI 10.17487/RFC7217, April 2014,
<https://www.rfc-editor.org/info/rfc7217>.
[RFC8064] Gont, F., Cooper, A., Thaler, D., and W. Liu,
"Recommendation on Stable IPv6 Interface Identifiers",
RFC 8064, DOI 10.17487/RFC8064, February 2017,
<https://www.rfc-editor.org/info/rfc8064>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", STD 86, RFC 8200,
DOI 10.17487/RFC8200, July 2017,
<https://www.rfc-editor.org/info/rfc8200>.
7.2. Informative References
[CFR-90] e-CFR, "Electronic Code of Federal Regulations", Title 47,
Part 90 - PRIVATE LAND MOBILE RADIO SERVICES,
<https://www.ecfr.gov/cgi-bin/text-
idx?node=pt47.5.90&rgn=div5>.
[CFR-90.7] e-CFR, "Electronic Code of Federal Regulations", Title 47,
CFR 90.7 - Definitions, <https://www.ecfr.gov/cgi-bin/
text-idx?node=pt47.5.90&rgn=div5#se47.5.90_17>.
[CFR-95] e-CFR, "Electronic Code of Federal Regulations", Title 47,
CFR 95 - PERSONAL RADIO SERVICES, <https://www.ecfr.gov/
cgi-bin/text-idx?node=pt47.5.95&rgn=div5>.
[ETSI-sec-archi]
"Intelligent Transport Systems (ITS); Security; ITS
communications security architecture and security
management", ETSI TS 102 940 V1.2.1, November 2016,
<http://www.etsi.org/deliver/
etsi_ts/102900_102999/102940/01.02.01_60/
ts_102940v010201p.pdf>.
[IEEE-1609.2]
IEEE, "IEEE Standard for Wireless Access in Vehicular
Environments--Security Services for Applications and
Management Messages", DOI 10.1109/IEEESTD.2016.7426684,
IEEE Standard 1609.2-2016, March 2016,
<http://ieeexplore.ieee.org/document/7426684>.
[IEEE-1609.3]
IEEE, "IEEE Standard for Wireless Access in Vehicular
Environments (WAVE) -- Networking Services",
DOI 10.1109/IEEESTD.2016.7458115, IEEE
Standard 1609.3-2016, April 2016,
<http://ieeexplore.ieee.org/document/7458115>.
[IEEE-1609.4]
IEEE, "IEEE Standard for Wireless Access in Vehicular
Environments (WAVE) -- Multi-Channel Operation",
DOI 10.1109/IEEESTD.2016.7435228, IEEE
Standard 1609.4-2016, March 2016,
<http://ieeexplore.ieee.org/document/7435228>.
[IEEE-802.11-2007]
IEEE, "IEEE Standard for Information Technology -
Telecommunications and Information Exchange Between
Systems - Local and Metropolitan Area Networks - Specific
Requirements - Part 11: Wireless LAN Medium Access Control
(MAC) and Physical Layer (PHY) Specifications",
DOI 10.1109/IEEESTD.2007.373646, IEEE
Standard 802.11-2007, June 2007,
<https://ieeexplore.ieee.org/document/4248378>.
[IEEE-802.11-2012]
IEEE, "IEEE Standard for Information technology--
Telecommunications and information exchange between
systems Local and metropolitan area networks--Specific
requirements Part 11: Wireless LAN Medium Access Control
(MAC) and Physical Layer (PHY) Specifications",
DOI 10.1109/IEEESTD.2012.6178212, IEEE
Standard 802.11-2012, March 2012,
<https://ieeexplore.ieee.org/document/6419735>.
[IEEE-802.11p-2010]
IEEE, "IEEE Standard for Information technology -
Telecommunications and information exchange between
systems - Local and metropolitan area networks - Specific
requirements, Part 11: Wireless LAN Medium Access Control
(MAC) and Physical Layer (PHY) Specifications, Amendment
6: Wireless Access in Vehicular Environments",
DOI 10.1109/IEEESTD.2010.5514475, IEEE Standard 802.11p-
2010, July 2010,
<https://standards.ieee.org/standard/802_11p-2010.html>.
[IEEE-802.3-2012]
IEEE, "IEEE Standard for Ethernet",
DOI 10.1109/IEEESTD.2012.6419735, IEEE
Standard 802.3-2012, December 2012,
<https://ieeexplore.ieee.org/document/6419735>.
[IEEE802-MCAST]
Perkins, C., McBride, M., Stanley, D., Kumari, W., and J.
Zuniga, "Multicast Considerations over IEEE 802 Wireless
Media", Work in Progress, Internet-Draft, draft-ietf-
mboned-ieee802-mcast-problems-11, 11 December 2019,
<https://tools.ietf.org/html/draft-ietf-mboned-ieee802-
mcast-problems-11>.
[IPWAVE] Jeong, J., "IP Wireless Access in Vehicular Environments
(IPWAVE): Problem Statement and Use Cases", Work in
Progress, Internet-Draft, draft-ietf-ipwave-vehicular-
networking-12, 3 October 2019,
<https://tools.ietf.org/html/draft-ietf-ipwave-vehicular-
networking-12>.
[RFC3753] Manner, J., Ed. and M. Kojo, Ed., "Mobility Related
Terminology", RFC 3753, DOI 10.17487/RFC3753, June 2004,
<https://www.rfc-editor.org/info/rfc3753>.
[RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P.
Thubert, "Network Mobility (NEMO) Basic Support Protocol",
RFC 3963, DOI 10.17487/RFC3963, January 2005,
<https://www.rfc-editor.org/info/rfc3963>.
[RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander,
"SEcure Neighbor Discovery (SEND)", RFC 3971,
DOI 10.17487/RFC3971, March 2005,
<https://www.rfc-editor.org/info/rfc3971>.
[RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)",
RFC 3972, DOI 10.17487/RFC3972, March 2005,
<https://www.rfc-editor.org/info/rfc3972>.
[RFC5889] Baccelli, E., Ed. and M. Townsley, Ed., "IP Addressing
Model in Ad Hoc Networks", RFC 5889, DOI 10.17487/RFC5889,
September 2010, <https://www.rfc-editor.org/info/rfc5889>.
[RFC6959] McPherson, D., Baker, F., and J. Halpern, "Source Address
Validation Improvement (SAVI) Threat Scope", RFC 6959,
DOI 10.17487/RFC6959, May 2013,
<https://www.rfc-editor.org/info/rfc6959>.
[RFC7721] Cooper, A., Gont, F., and D. Thaler, "Security and Privacy
Considerations for IPv6 Address Generation Mechanisms",
RFC 7721, DOI 10.17487/RFC7721, March 2016,
<https://www.rfc-editor.org/info/rfc7721>.
[RFC8065] Thaler, D., "Privacy Considerations for IPv6 Adaptation-
Layer Mechanisms", RFC 8065, DOI 10.17487/RFC8065,
February 2017, <https://www.rfc-editor.org/info/rfc8065>.
[RFC8505] Thubert, P., Ed., Nordmark, E., Chakrabarti, S., and C.
Perkins, "Registration Extensions for IPv6 over Low-Power
Wireless Personal Area Network (6LoWPAN) Neighbor
Discovery", RFC 8505, DOI 10.17487/RFC8505, November 2018,
<https://www.rfc-editor.org/info/rfc8505>.
[SHA256] National Institute of Standards and Technology, "Secure
Hash Standard (SHS)", DOI 10.6028/NIST.FIPS.180-4,
FIPS 180-4, August 2015,
<https://csrc.nist.gov/publications/detail/fips/180/4/
final>.
Appendix A. 802.11p
The term "802.11p" is an earlier definition. The behavior of
"802.11p" networks is rolled in [IEEE-802.11-2016]. In that
document, the term "802.11p" disappears. Instead, each 802.11p
feature is conditioned by the IEEE Management Information Base (MIB)
attribute "OCBActivated" [IEEE-802.11-2016]. Whenever OCBActivated
is set to "true", the IEEE Std 802.11-OCB state is activated. For
example, an 802.11 STAtion operating outside the context of a BSS has
the OCBActivated flag set. Such a station, when it has the flag set,
uses a BSS identifier equal to ff:ff:ff:ff:ff:ff.
Appendix B. Aspects Introduced by OCB Mode to 802.11
In IEEE 802.11-OCB mode, all nodes in the wireless range can directly
communicate with each other without involving authentication or
association procedures. In OCB mode, the manner in which channels
are selected and used is simplified compared to when in BSS mode.
Contrary to BSS mode, at the link layer, it is necessary to
statically set the same channel number (or frequency) on two stations
that need to communicate with each other (in BSS mode, this channel
set operation is performed automatically during 'scanning'). The
manner in which stations set their channel number in OCB mode is not
specified in this document. Stations STA1 and STA2 can exchange IP
packets only if they are set to the same channel. At the IP layer,
they then discover each other by using the IPv6 Neighbor Discovery
protocol. The allocation of a particular channel for a particular
use is defined statically in standards authored by ETSI in Europe,
the FCC in the United States of America, and similar organizations in
South Korea, Japan, and other parts of the world.
Briefly, the IEEE 802.11-OCB mode has the following properties:
* The use by each node of a 'wildcard' BSS identifier (BSSID) (i.e.,
each bit of the BSSID is set to 1).
* No IEEE 802.11 beacon frames are transmitted.
* No authentication is required in order to be able to communicate.
* No association is needed in order to be able to communicate.
* No encryption is provided in order to be able to communicate.
* Flag dot11OCBActivated is set to "true".
All the nodes in the radio communication range (IP-OBU and IP-RSU)
receive all the messages transmitted (IP-OBU and IP-RSU) within the
radio communication range. The MAC CDMA function resolves any
eventual conflict(s).
The message exchange diagram in Figure 1 illustrates a comparison
between traditional 802.11 and 802.11 in OCB mode. The 'Data'
messages can be IP packets such as HTTP or others. Other 802.11
management and control frames (non-IP) may be transmitted, as
specified in the 802.11 standard. The names of these messages as
currently specified by the 802.11 standard are listed in Appendix F.
STA AP STA1 STA2
| | | |
|<------ Beacon -------| |<------ Data -------->|
| | | |
|---- Probe Req. ----->| |<------ Data -------->|
|<--- Probe Res. ------| | |
| | |<------ Data -------->|
|---- Auth Req. ------>| | |
|<--- Auth Res. -------| |<------ Data -------->|
| | | |
|---- Asso Req. ------>| |<------ Data -------->|
|<--- Asso Res. -------| | |
| | |<------ Data -------->|
|<------ Data -------->| | |
|<------ Data -------->| |<------ Data -------->|
(i) 802.11 Infrastructure mode (ii) 802.11-OCB mode
Figure 1: Difference between Messages Exchanged on 802.11 (Left)
and 802.11-OCB (Right)
The 802.11-OCB interface was specified in [IEEE-802.11p-2010],
Amendment 6: Wireless Access in Vehicular Environments, as an
amendment to [IEEE-802.11-2007]. Since then, this amendment has been
integrated into [IEEE-802.11-2012] and [IEEE-802.11-2016].
In [IEEE-802.11p-2010], anything qualified specifically as
"OCBActivated" or "outside the context of a basic service" that is
set to be "true" actually refers to OCB aspects introduced to 802.11.
In order to delineate the aspects introduced by 802.11-OCB to 802.11,
we refer to the earlier [IEEE-802.11p-2010]. The amendment is
concerned with vehicular communications, where the wireless link is
similar to that of Wireless LAN (using a PHY layer specified by
802.11a/b/g/n) but needs to cope with the high mobility factor
inherent in scenarios of communications between moving vehicles and
between vehicles and fixed infrastructure deployed along roads.
While 'p' is a letter identifying the Amendment, just like 'a', 'b',
'g', and 'n' are, 'p' is concerned more with MAC modifications and is
slightly concerned with PHY modifications; the others are mainly
about PHY modifications. It is possible in practice to combine a 'p'
MAC with an 'a' PHY by operating outside the context of a BSS with
Orthogonal Frequency Division Multiplexing (OFDM) at 5.4 GHz and 5.9
GHz.
The 802.11-OCB links are specified to be as compatible as possible
with the behavior of 802.11a/b/g/n and future generation IEEE WLAN
links. From the IP perspective, an 802.11-OCB MAC layer offers
practically the same interface to IP as 802.11a/b/g/n and 802.3. A
packet sent by an IP-OBU may be received by one or multiple IP-RSUs.
The link-layer resolution is performed by using the IPv6 Neighbor
Discovery protocol.
To support this similarity statement (IPv6 is layered on top of LLC
on top of 802.11-OCB in the same way that IPv6 is layered on top of
LLC on top of 802.11a/b/g/n (for WLAN) or on top of LLC on top of
802.3 (for Ethernet)), it is useful to analyze the differences
between the 802.11-OCB and 802.11 specifications. During this
analysis, we note that whereas 802.11-OCB lists relatively complex
and numerous changes to the MAC layer (and very few to the PHY
layer), there are only a few characteristics that may be important
for an implementation transmitting IPv6 packets on 802.11-OCB links.
The most important 802.11-OCB aspect that influences the IPv6
functioning is the OCB characteristic; an additional, less direct
influence is the maximum bandwidth afforded by the PHY modulation/
demodulation methods and channel access specified by 802.11-OCB. The
maximum bandwidth theoretically possible in 802.11-OCB is 54 Mbit/s
(when using, for example, the following parameters: a 20 MHz channel;
modulation of 64-QAM; a coding rate R of 3/4). With regard to IP
over 802.11-OCB, in practice, a commonly observed figure is 12 Mbit/
s; this bandwidth allows the operation of a wide range of protocols
relying on IPv6.
* Operation outside the context of a BSS (OCB): The 802.11-OCB links
(previously 802.11p) are operated without a BSS. This means that
IEEE 802.11 beacon, Association Request/Response, Authentication
Request/Response, and similar frames are not used. The used
identifier of BSS (BSSID) always has a hexadecimal value of
0xffffffffffff (48 '1' bits, represented as MAC address
ff:ff:ff:ff:ff:ff; otherwise, the 'wildcard' BSSID), as opposed to
an arbitrary BSSID value set by an administrator (e.g., 'My-Home-
AccessPoint'). The OCB operation -- namely, the lack of beacon-
based scanning and lack of authentication -- should be taken into
account when the Mobile IPv6 protocol [RFC6275] and the protocols
for IP layer security [RFC4301] are used. The way these protocols
adapt to OCB is not described in this document.
* Timing Advertisement: This is a new message defined in 802.11-OCB
that does not exist in 802.11a/b/g/n. This message is used by
stations to inform other stations about the value of time. It is
similar to the time delivered by a Global Navigation Satellite
System (GNSS) (e.g., Galileo, GPS, etc.) or by a cellular system.
This message is optional for implementation.
* Frequency range: This is a characteristic of the PHY layer; it has
almost no impact on the interface between MAC and IP. However, it
is worth considering that the frequency range is regulated by a
regional authority (ARCEP, ECC/CEPT based on ENs from ETSI, FCC,
etc.); as part of the regulation process, specific applications
are associated with specific frequency ranges. In the case of
802.11-OCB, the regulator associates a set of frequency ranges or
slots within a band to the use of applications of vehicular
communications in a band known as "5.9 GHz". The 5.9 GHz band is
different from the 2.4 GHz and 5 GHz bands used by Wireless LAN.
However, as with Wireless LAN, the operation of 802.11-OCB in 5.9
GHz bands does not require a license in the EU (in the US, the 5.9
GHz is a licensed band of spectrum; for the fixed infrastructure,
explicit FCC authorization is required; for an on-board device, a
'licensed-by-rule' concept applies, where rule certification
conformity is required). Technical conditions are different from
those of the "2.4 GHz" or "5 GHz" bands. The allowed power levels
and, implicitly, the maximum allowed distance between vehicles is
33 dBm for 802.11-OCB (in Europe) compared to 20 dBm for Wireless
LAN 802.11a/b/g/n; this leads to a maximum distance of
approximately 1 km compared to approximately 50 m. Additionally,
specific conditions related to congestion avoidance, jamming
avoidance, and radar detection are imposed on the use of DSRC (in
the US) and on the use of frequencies for Intelligent
Transportation Systems (in the EU) compared to Wireless LAN
(802.11a/b/g/n).
* 'Half-rate' encoding: As the frequency range, this parameter is
related to PHY and thus does not have much impact on the interface
between the IP layer and the MAC layer.
* In vehicular communications using 802.11-OCB links, there are
strong privacy requirements with respect to addressing. While the
802.11-OCB standard does not specify anything in particular with
respect to MAC addresses, in these settings, there is a strong
need for a dynamic change of these addresses (as opposed to the
non-vehicular settings -- real wall protection -- where fixed MAC
addresses do not currently pose privacy risks). This is further
described in Section 5. A relevant function is described in
[IEEE-1609.3] and [IEEE-1609.4].
Appendix C. Changes Needed on an 802.11a Software Driver to Become an
802.11-OCB Driver
The 802.11p amendment modifies both the 802.11 stack's physical and
MAC layers, but all the induced modifications can be quite easily
obtained by modifying an existing 802.11a ad hoc stack.
The conditions for 802.11a hardware to be compliant with 802.11-OCB
are as follows:
* The PHY entity shall be an OFDM system. It must support the
frequency bands on which the regulator recommends the use of ITS
communications -- for example, using an IEEE 802.11-OCB layer of
5875 MHz to 5925 MHz in France.
* The OFDM system must provide a "half-clocked" operation using 10
MHz channel spacings.
* The chip transmit spectrum mask must be compliant with the
"Transmit spectrum mask" from the IEEE 802.11p amendment (but
experimental environments do not require compliance).
* The chip should be able to transmit up to 44.8 dBm when used in
the United States and up to 33 dBm in Europe; other regional
conditions apply.
Changes needed on the network stack in OCB mode are as follows:
* Physical layer:
- Orthogonal frequency-division multiple access The chip must use
the Orthogonal Frequency Division Multiple Access (OFDMA)
encoding mode.
- The chip must be set to half-mode rate mode (the internal clock
frequency is divided by two).
- The chip must use dedicated channels and should allow the use
of higher emission powers. This may require modifications to
the local computer file that describes regulatory domains rules
if used by the kernel to enforce local specific restrictions.
Such modifications to the local computer file must respect the
location-specific regulatory rules.
* MAC layer:
- All management frames (beacons, join, leave, and others)
emission and reception must be disabled, except for frames of
subtype Action and Timing Advertisement (defined below).
- No encryption key or method must be used.
- Packet emission and reception must be performed as in ad hoc
mode using the wildcard BSSID (ff:ff:ff:ff:ff:ff).
- The functions related to joining a BSS (Association Request/
Response) and authentication (Authentication Request/Reply,
Challenge) are not called.
- The beacon interval is always set to 0 (zero).
- Timing Advertisement frames, defined in the amendment, should
be supported. The upper layer should be able to trigger such
frames emission and retrieve information contained in the
received Timing Advertisements.
Appendix D. Protocol Layering
A more theoretical and detailed view of layer stacking and interfaces
between the IP layer and 802.11-OCB layers is illustrated in
Figure 2. The IP layer operates on top of EtherType Protocol
Discrimination (EPD). This discrimination layer is described in
[IEEE-802.3-2012]. The interface between IPv6 and EPD is the LLC_SAP
(Link Layer Control Service Access Point).
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv6 |
+-+-+-+-+-+-{ }+-+-+-+-+-+-+-+
{ LLC_SAP } 802.11-OCB
+-+-+-+-+-+-{ }+-+-+-+-+-+-+-+ Boundary
| EPD | | |
| | MLME | |
+-+-+-{ MAC_SAP }+-+-+-| MLME_SAP |
| MAC Sublayer | | | 802.11-OCB
| and ch. coord. | | SME | Services
+-+-+-{ PHY_SAP }+-+-+-+-+-+-+-| |
| | PLME | |
| PHY Layer | PLME_SAP |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: EtherType Protocol Discrimination
Appendix E. Design Considerations
The networks defined by 802.11-OCB are in many ways similar to other
networks of the 802.11 family. In theory, the transportation of IPv6
over 802.11-OCB could be very similar to the operation of IPv6 over
other networks of the 802.11 family. However, the high mobility,
strong link asymmetry, and very short connection makes the 802.11-OCB
link significantly different from other 802.11 networks. Also,
automotive applications have specific requirements for reliability,
security, and privacy, which further add to the particularity of the
802.11-OCB link.
Appendix F. IEEE 802.11 Messages Transmitted in OCB Mode
At the time of writing, this is the list of IEEE 802.11 messages that
may be transmitted in OCB mode, i.e., when dot11OCBActivated is true
in a STA:
* The STA may send management frames of subtype Action and, if the
STA maintains a TSF Timer, subtype Timing Advertisement.
* The STA may send control frames except those of subtype PS-Poll,
CF-End, and CF-End plus CFAck.
* The STA MUST send data frames of subtype QoS Data.
Appendix G. Examples of Packet Formats
This section describes an example of an IPv6 packet captured over an
IEEE 802.11-OCB link.
By way of example, we show that there is no modification in the
headers when transmitted over 802.11-OCB networks -- they are
transmitted like any other 802.11 and Ethernet packets.
We describe an experiment for capturing an IPv6 packet on an
802.11-OCB link. In the topology depicted in Figure 3, the packet is
an IPv6 Router Advertisement. This packet is emitted by a router on
its 802.11-OCB interface. The packet is captured on the host using a
network protocol analyzer (e.g., Wireshark). The capture is
performed in two different modes: direct mode and monitor mode. The
topology used during the capture is depicted below.
The packet is captured on the host. The host is an IP-OBU containing
an 802.11 interface in Peripheral Component Interconnect (PCI)
Express format (an Industrial Technology Research Institute (ITRI)
product). The kernel runs the ath5k software driver with
modifications for OCB mode. The capture tool is Wireshark. The file
format for saving and analyzing is .pcap. The packet is generated by
the router, which is an IP-RSU (an ITRI product).
+--------+ +-------+
| | 802.11-OCB Link | |
---| Router |--------------------------------| Host |
| | | |
+--------+ +-------+
Figure 3: Topology for Capturing IP Packets on 802.11-OCB
During several capture operations running from a few moments to
several hours, no messages relevant to the BSSID contexts were
captured (Association Request/Response, Authentication Req/Resp, or
beacon). This shows that the operation of 802.11-OCB is outside the
context of a BSSID.
Overall, the captured message is identical to a capture of an IPv6
packet emitted on an 802.11b interface. The contents are exactly the
same.
G.1. Capture in Monitor Mode
The IPv6 RA packet captured in monitor mode is illustrated below.
The Radiotap header provides more flexibility for reporting the
characteristics of frames. The Radiotap header is prepended by this
particular stack and operating system on the host machine to the RA
packet received from the network (the Radiotap header is not present
on the air). The implementation-dependent Radiotap header is useful
for piggybacking PHY information from the chip's registers as data in
a packet that is understandable by userland applications using socket
interfaces (the PHY interface can be, for example, power levels, data
rate, or the ratio of signal to noise).
The packet present on the air is formed by the IEEE 802.11 Data
header, Logical Link Control header, IPv6 Base header, and ICMPv6
header.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Header Revision| Header Pad | Header Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Present Flags |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data Rate | Pad |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Radiotap Header v0
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type/Subtype and Frame Ctrl | Duration |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Receiver Address...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
... Receiver Address | Transmitter Address...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
... Transmitter Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| BSS ID...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
... BSS ID | Frag Number and Seq Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: IEEE 802.11 Data Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| DSAP |I| SSAP |C| Control Field | Org. Code...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
... Organizational Code | Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Logical Link Control Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class | Flow Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Next Header | Hop Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Source Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Destination Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7: IPv6 Base Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cur Hop Limit |M|O| Reserved | Router Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reachable Time |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retrans Timer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
Figure 8: Router Advertisement
The value of the Data Rate field in the Radiotap header is set to 6
Mb/s. This indicates the rate at which this RA was received.
The value of the Transmitter Address in the IEEE 802.11 Data header
is set to a 48-bit value. The value of the destination address is
33:33:00:00:00:1 (all-nodes multicast address). The value of the BSS
ID field is ff:ff:ff:ff:ff:ff, which is recognized by the network
protocol analyzer as being "broadcast". The Fragment number and
Sequence number fields together are set to 0x90C6.
The value of the Organization Code field in the Logical Link Control
header is set to 0x0, recognized as "Encapsulated Ethernet". The
value of the Type field is 0x86DD (hexadecimal 86DD; otherwise,
#86DD), recognized as "IPv6".
A Router Advertisement is periodically sent by the router to
multicast group address ff02::1. It is ICMP packet type 134. The
IPv6 Neighbor Discovery's Router Advertisement message contains an
8-bit field reserved for single-bit flags, as described in [RFC4861].
The IPv6 header contains the link-local address of the router
(source) configured via the EUI-64 algorithm, and the destination
address is set to ff02::1.
The Ethernet Type field in the Logical Link Control header is set to
0x86dd, which indicates that the frame transports an IPv6 packet. In
the IEEE 802.11 data, the destination address is 33:33:00:00:00:01,
which is the corresponding multicast MAC address. The BSS ID is a
broadcast address of ff:ff:ff:ff:ff:ff. Due to the short link
duration between vehicles and the roadside infrastructure, there is
no need in IEEE 802.11-OCB to wait for the completion of association
and authentication procedures before exchanging data. IEEE
802.11-OCB enabled nodes use the wildcard BSSID (a value of all 1s)
and may start communicating as soon as they arrive on the
communication channel.
G.2. Capture in Normal Mode
The same IPv6 Router Advertisement packet described above (monitor
mode) is captured on the host in normal mode and is depicted below.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
...Destination | Source...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
...Source |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 9: Ethernet II Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| Traffic Class | Flow Label |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Payload Length | Next Header | Hop Limit |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Source Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ +
| |
+ Destination Address +
| |
+ +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 10: IPv6 Base Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Cur Hop Limit |M|O| Reserved | Router Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reachable Time |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Retrans Timer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options ...
+-+-+-+-+-+-+-+-+-+-+-+-
Figure 11: Router Advertisement
One notices that the Radiotap header, the IEEE 802.11 Data header,
and the Logical Link Control headers are not present. On the other
hand, a new header named the Ethernet II header is present.
The Destination and Source addresses in the Ethernet II header
contain the same values as the Receiver Address and Transmitter
Address fields present in the IEEE 802.11 Data header in the monitor
mode capture.
The value of the Type field in the Ethernet II header is 0x86DD
(recognized as "IPv6"); this value is the same as the value of the
Type field in the Logical Link Control header in the monitor mode
capture.
The knowledgeable experimenter will no doubt notice the similarity of
this Ethernet II header with a capture in normal mode on a pure
Ethernet cable interface.
A frame translation is inserted on top of a pure IEEE 802.11 MAC
layer in order to adapt packets before delivering the payload data to
the applications. It adapts 802.11 LLC/MAC headers to Ethernet II
headers. Specifically, this adaptation consists of the elimination
of the Radiotap, 802.11, and LLC headers and the insertion of the
Ethernet II header. In this way, IPv6 runs straight over LLC over
the 802.11-OCB MAC layer; this is further confirmed by the use of the
unique Type 0x86DD.
Appendix H. Extra Terminology
The following terms are defined outside the IETF. They are used to
define the main terms in the terminology section (Section 2).
DSRC (Dedicated Short Range Communication):
The US Federal Communications Commission (FCC) Dedicated Short
Range Communication (DSRC) is defined in the Code of Federal
Regulations (CFR) 47, Parts 90 [CFR-90] and 95 [CFR-95]. This
Code is referenced in the definitions below. At the time of the
writing of this document, the last update of this Code was dated
December 6, 2019.
DSRCS (Dedicated Short-Range Communications Services):
Radio techniques are used to transfer data over short distances
between roadside and mobile units, between mobile units, and
between portable and mobile units to perform operations related to
the improvement of traffic flow, traffic safety, and other
intelligent transportation service applications in a variety of
environments. DSRCS systems may also transmit status and
instructional messages related to the units involved. [CFR-90.7]
OBU (On-Board Unit):
An On-Board Unit is a DSRCS transceiver that is normally mounted
in or on a vehicle or may be a portable unit in some instances.
An OBU can be operational while a vehicle or person is either
mobile or stationary. The OBUs receive and contend for time to
transmit on one or more radio frequency (RF) channels. Except
where specifically excluded, OBU operation is permitted wherever
vehicle operation or human passage is permitted. The OBUs mounted
in vehicles are licensed by rule under part 95 of [CFR-95] and
communicate with Roadside Units (RSUs) and other OBUs. Portable
OBUs are also licensed by rule under part 95 of [CFR-95]. OBU
operations in the Unlicensed National Information Infrastructure
(U-NII) Bands follow the rules in those bands. [CFR-90.7]
RSU (Roadside Unit):
A Roadside Unit is a DSRC transceiver that is mounted along a road
or pedestrian passageway. An RSU may also be mounted on a vehicle
or may be hand carried, but it may only operate when the vehicle
or hand-carried unit is stationary. Perhaps Furthermore, an RSU
is restricted to the location where it is licensed to operate.
However, portable or handheld RSUs are permitted to operate where
they do not interfere with a site-licensed operation. An RSU
broadcasts data to OBUs or exchanges data with OBUs in its
communications zone. An RSU also provides channel assignments and
operating instructions to OBUs in its communications zone when
required. [CFR-90.7]
Appendix I. Neighbor Discovery (ND) Potential Issues in Wireless Links
IPv6 Neighbor Discovery (IPv6 ND) [RFC4861] [RFC4862] was designed
for point-to-point and transit links, such as Ethernet, with the
expectation of cheap and reliable support for multicast from the
lower layer. Section 3.2 of [RFC4861] indicates that the operation
on shared media and on NBMA networks require additional support,
e.g., for AR and DAD, which depend on multicast. An
infrastructureless radio network such as OCB shares properties with
both shared media and NBMA networks and then adds its own complexity,
e.g., from movement and interference that allow only transient and
non-transitive reachability between any set of peers.
The uniqueness of an address within a scoped domain is a key pillar
of IPv6 and is the basis for unicast IP communication. [RFC4861]
details the DAD method to prevent an address from being duplicated.
For a link-local address, the scope is the link, whereas for a
globally reachable address, the scope is much larger. The underlying
assumption for DAD to operate correctly is that the node that owns an
IPv6 address can reach any other node within the scope at the time it
claims its address, which is done by sending a Neighbor Solicitation
(NS) multicast message, and can hear any future claim for that
address by another party within the scope for the duration of the
address ownership.
In the case of OCB, there is a potentially a need to define a scope
that is compatible with DAD. The scope cannot be the set of nodes
that a transmitter can reach at a particular time because that set
varies all the time and does not meet the DAD requirements for a
link-local address that can be used anytime and anywhere. The
generic expectation of a reliable multicast is not ensured, and the
operation of DAD and AR as specified by [RFC4861] cannot be
guaranteed. Moreover, multicast transmissions that rely on broadcast
are not only unreliable but are also often detrimental to unicast
traffic (see [IEEE802-MCAST]).
Early experience indicates that it should be possible to exchange
IPv6 packets over OCB while relying on IPv6 ND alone for DAD and AR
(Address Resolution) in good conditions. In the absence of a correct
DAD operation, a node that relies only on IPv6 ND for AR and DAD over
OCB should ensure that the addresses that it uses are unique by means
other than DAD. It must be noted that deriving an IPv6 address from
a globally unique MAC address has this property but may yield privacy
issues.
[RFC8505] provides a more recent approach to IPv6 ND, in particular
DAD. [RFC8505] is designed to fit wireless and otherwise constrained
networks whereby multicast and/or continuous access to the medium may
not be guaranteed. [RFC8505], Section 5.6 ("Link-Local Addresses and
Registration") indicates that the scope of uniqueness for a link-
local address is restricted to a pair of nodes that uses it to
communicate and provides a method to assert the uniqueness and
resolve the link-layer address using a unicast exchange.
[RFC8505] also enables a router (acting as a 6LR) to own a prefix and
act as a registrar (acting as a 6LBR) for addresses within the
associated subnet. A peer host (acting as a 6LN) registers an
address derived from that prefix and can use it for the lifetime of
the registration. The prefix is advertised as not on-link, which
means that the 6LN uses the 6LR to relay its packets within the
subnet, and participation to the subnet is constrained to the time of
reachability to the 6LR. Note that an RSU that provides internet
connectivity MAY announce a default router preference [RFC4191],
whereas a car that does not provide that connectivity MUST NOT do so.
This operation presents similarities to that of an access point, but
at Layer 3. This is why [RFC8505] is well suited for wireless in
general.
Support of [RFC8505] may be implemented on OCB. OCB nodes that
support [RFC8505] SHOULD support the 6LN operation in order to act as
a host and may support the 6LR and 6LBR operations in order to act as
a router and in particular to own a prefix that can be used by hosts
that are compliant with [RFC8505] for address autoconfiguration and
registration.
Acknowledgements
The authors would like to thank Alexandre Petrescu for initiating
this work and for being the lead author up to draft version 43 of
this document.
The authors would like to thank Pascal Thubert for reviewing,
proofreading, and suggesting modifications for this document.
The authors would like to thank Mohamed Boucadair for proofreading
and suggesting modifications for this document.
The authors would like to thank Eric Vyncke for reviewing the
suggesting modifications of this document.
The authors would like to thank Witold Klaudel, Ryuji Wakikawa,
Emmanuel Baccelli, John Kenney, John Moring, Francois Simon, Dan
Romascanu, Konstantin Khait, Ralph Droms, Richard 'Dick' Roy, Ray
Hunter, Tom Kurihara, Michal Sojka, Jan de Jongh, Suresh Krishnan,
Dino Farinacci, Vincent Park, Jaehoon Paul Jeong, Gloria Gwynne,
Hans-Joachim Fischer, Russ Housley, Rex Buddenberg, Erik Nordmark,
Bob Moskowitz, Andrew Dryden, Georg Mayer, Dorothy Stanley, Sandra
Cespedes, Mariano Falcitelli, Sri Gundavelli, Abdussalam Baryun,
Margaret Cullen, Erik Kline, Carlos Jesus Bernardos Cano, Ronald in
't Velt, Katrin Sjoberg, Roland Bless, Tijink Jasja, Kevin Smith,
Brian Carpenter, Julian Reschke, Mikael Abrahamsson, Dirk von Hugo,
Lorenzo Colitti, Pascal Thubert, Ole Troan, Jinmei Tatuya, Joel
Halpern, Eric Gray, and William Whyte. Their valuable comments
clarified particular issues and generally helped to improve the
document.
Pierre Pfister, Rostislav Lisovy, and others wrote 802.11-OCB drivers
for Linux.
For the multicast discussion, the authors would like to thank Owen
DeLong, Joe Touch, Jen Linkova, Erik Kline, Brian Haberman, and
participants to discussions in network working groups.
The authors would like to thank the participants of the Birds-of-
a-Feather "Intelligent Transportation Systems" meetings held at IETF
in 2016.
The human rights protocol considerations review was done by Amelia
Andersdotter.
The work of Jong-Hyouk Lee was supported by the National Research
Foundation of Korea (NRF) grant funded by the Korea government (MSIT)
(NRF-2018R1A4A1025632).
The work of Jérôme Härri was supported by EURECOM industrial members,
namely BMW Group, IABG, Monaco Telecom, Orange, SAP and Symantec.
This RFC reflects the view of the IPWAVE WG and does not necessarily
reflect the official policy or position of EURECOM industrial
members.
Contributors
Christian Huitema and Tony Li contributed to this document.
Romain Kuntz contributed extensively regarding IPv6 handovers between
links running outside the context of a BSS (802.11-OCB links).
Tim Leinmueller contributed the idea of the use of IPv6 over
802.11-OCB for the distribution of certificates.
Marios Makassikis, Jose Santa Lozano, Albin Severinson, and Alexey
Voronov provided significant feedback on the experience of using IP
messages over 802.11-OCB in initial trials.
Michelle Wetterwald contributed extensively to the MTU discussion,
offered the ETSI ITS perspective, and reviewed other parts of the
document.
Authors' Addresses
Nabil Benamar
Moulay Ismail University of Meknes
Morocco
Phone: +212670832236
Email: n.benamar@est.umi.ac.ma
Jérôme Härri
EURECOM
06904 Sophia-Antipolis
France
Phone: +33493008134
Email: Jerome.Haerri@eurecom.fr
Jong-Hyouk Lee
Sangmyung University
31, Sangmyeongdae-gil, Dongnam-gu
Cheonan
31066
Republic of Korea
Email: jonghyouk@smu.ac.kr
Thierry ERNST
YoGoKo
1137A Avenue des Champs-Blancs
35510 CESON-SEVIGNE
France
Email: thierry.ernst@yogoko.fr