One document matched: draft-dijk-core-groupcomm-misc-02.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!-- This template is for creating an Internet Draft using xml2rfc,
which is available here: http://xml.resource.org. -->
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!-- One method to get references from the online citation libraries.
There has to be one entity for each item to be referenced.
An alternate method (rfc include) is described in the references. -->
<!ENTITY RFC2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY RFC2629 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2629.xml">
<!ENTITY RFC3552 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3552.xml">
<!ENTITY RFC3740 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3740.xml">
<!ENTITY RFC3810 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3810.xml">
<!ENTITY RFC4046 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4046.xml">
<!ENTITY RFC4601 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4601.xml">
<!ENTITY RFC4605 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4605.xml">
<!ENTITY RFC4944 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4944.xml">
<!ENTITY RFC5374 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5374.xml">
<!ENTITY RFC5867 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5867.xml">
<!ENTITY RFC6550 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6550.xml">
<!ENTITY RFC6636 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6636.xml">
<!ENTITY I-D.ietf-roll-trickle-mcast SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-roll-trickle-mcast.xml">
<!ENTITY I-D.eggert-core-congestion-control SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.eggert-core-congestion-control.xml">
<!ENTITY I-D.ietf-core-coap SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-core-coap.xml">
<!ENTITY I-D.ietf-6lowpan-nd SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-6lowpan-nd.xml">
<!ENTITY I-D.rahman-core-groupcomm SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.rahman-core-groupcomm.xml">
<!ENTITY I-D.ietf-core-groupcomm SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-core-groupcomm.xml">
<!ENTITY I-D.shelby-core-coap-req SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.shelby-core-coap-req.xml">
<!ENTITY I-D.ietf-6lowpan-routing-requirements SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-6lowpan-routing-requirements.xml">
<!ENTITY I-D.vanderstok-core-bc SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.vanderstok-core-bc.xml">
<!ENTITY I-D.castellani-core-advanced-http-mapping SYSTEM
"http://xml.resource.org/public/rfc/bibxml3/reference.I-D.castellani-core-advanced-http-mapping.xml">
]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<!-- used by XSLT processors -->
<!-- For a complete list and description of processing instructions (PIs),
please see http://xml.resource.org/authoring/README.html. -->
<!-- Below are generally applicable Processing Instructions (PIs) that most I-Ds might want to use.
(Here they are set differently than their defaults in xml2rfc v1.32) -->
<?rfc strict="yes" ?>
<!-- give errors regarding ID-nits and DTD validation -->
<!-- control the table of contents (ToC) -->
<?rfc toc="yes"?>
<!-- generate a ToC -->
<?rfc tocdepth="3"?>
<!-- the number of levels of subsections in ToC. default: 3 -->
<!-- control references -->
<?rfc symrefs="yes"?>
<!-- use symbolic references tags, i.e, [RFC2119] instead of [1] -->
<?rfc sortrefs="yes" ?>
<!-- sort the reference entries alphabetically -->
<!-- control vertical white space
(using these PIs as follows is recommended by the RFC Editor) -->
<?rfc compact="yes" ?>
<!-- do not start each main section on a new page -->
<?rfc subcompact="no" ?>
<!-- keep one blank line between list items -->
<!-- encourage use of "xml2rfc" tool -->
<?rfc rfcprocack="yes" ?>
<!-- end of list of popular I-D processing instructions -->
<rfc category="info" docName="draft-dijk-core-groupcomm-misc-02" ipr="trust200902">
<!-- category values: std, bcp, info, exp, and historic
ipr values: full3667, noModification3667, noDerivatives3667
you can add the attributes updates="NNNN" and obsoletes="NNNN"
they will automatically be output with "(if approved)" -->
<!-- ***** FRONT MATTER ***** -->
<front>
<!-- The abbreviated title is used in the page header - it is only necessary if the
full title is longer than 39 characters -->
<title abbrev="Miscellaneous CoAP Group Communication">Miscellaneous CoAP Group Communication Topics</title>
<!-- add 'role="editor"' below for the editors if appropriate -->
<author fullname="Esko Dijk" initials="E.O." surname="Dijk" role="editor">
<organization> Philips Research </organization>
<address>
<email> esko.dijk@philips.com </email>
</address>
</author>
<author fullname="Akbar Rahman" initials="A." surname="Rahman" role="editor">
<organization> InterDigital Communications, LLC </organization>
<address>
<email> Akbar.Rahman@InterDigital.com </email>
</address>
</author>
<date year="2012"/>
<area>Applications</area>
<workgroup>CoRE Working Group</workgroup>
<!-- WG name at the upperleft corner of the doc,
IETF is fine for individual submissions.
If this element is not present, the default is "Network Working Group",
which is used by the RFC Editor as a nod to the history of the IETF. -->
<keyword>CoRE</keyword>
<keyword>multicast</keyword>
<keyword>group communication</keyword>
<keyword>miscellaneous</keyword>
<!-- Keywords will be incorporated into HTML output
files in a meta tag but they have no effect on text or nroff
output. If you submit your draft to the RFC Editor, the
keywords will be used for the search engine. -->
<abstract>
<t>This document contains miscellaneous text around the topic of group communication for
the Constrained Application Protocol (CoAP). The first part contains, for reference, text
that was removed from the Group Communication for CoAP draft. The second part describes
group communication and multicast functionality that may be input to future standardization
in the CoRE WG.
</t>
</abstract>
</front>
<middle>
<!-- section anchor="sec-1" title="Introduction" -->
<section title="Introduction">
<t>This document contains miscellaneous text around the topic of group communication for
the Constrained Application Protocol, CoAP <xref target="I-D.ietf-core-coap"/>. The first
part of the document (<xref target="groupcomm-solutions"/>) contains, for reference, text
that was removed from the Group Communication for CoAP <xref target="I-D.ietf-core-groupcomm"/>
draft and its predecessor <xref target="I-D.rahman-core-groupcomm"/>. The second part of
the document (<xref target="new-topics"/>) contains text and/or functionality that may be considered for inclusion in
<xref target="I-D.ietf-core-groupcomm"/> or otherwise may be input to future standardization in
the CoRE WG.
</t>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in <xref
target="RFC2119">RFC 2119</xref>.</t>
</section>
<!-- section anchor="sec-2" title="Requirements" -->
<section title="Requirements">
<t>
Requirements that a CoAP group communication solution should fulfill can be found
in existing documents (<xref target="RFC5867"/>, <xref target="I-D.ietf-6lowpan-routing-requirements"/>,
<xref target="I-D.vanderstok-core-bc" />, and <xref target="I-D.shelby-core-coap-req"/>).
Below, a set of high-level requirements is listed that a group communication solution
should ideally fulfill. In practice, all these requirements can never be satisfied at once
in an LLN context. Furthermore, different use cases will have different needs i.e. an elaboration
of a subset of below requirements.
</t>
<!-- section anchor="sec-2.1" title="Background" -->
<section title="Background">
<t>
The requirements for CoAP are documented in <xref target="I-D.shelby-core-coap-req"/>.
In this draft, we focus and expand discussions on the requirements
pertaining to CoAP "group communication" and "multicast" support as
stated in <xref target="I-D.shelby-core-coap-req"/>:
</t><t>
<list style="empty"><t>
REQ 9: CoAP will support a non-reliable IP multicast message to be
sent to a group of Devices to manipulate a resource on all the
Devices simultaneously. The use of multicast to query and
advertise descriptions must be supported, along with the support
of unicast responses.
</t></list>
</t><t>
Currently, the CoAP protocol <xref target="I-D.ietf-core-coap" /> supports
unreliable IP multicast using UDP. It defines the unreliable multicast
operation as follows in Section 4.5:
</t><t>
<list style="empty"><t>
"CoAP supports sending messages to multicast destination addresses.
Such multicast messages MUST be Non-Confirmable. Some mechanisms for
avoiding congestion from multicast requests are being considered in
<xref target="I-D.eggert-core-congestion-control"/>."
</t></list>
</t><t>
Additional requirements were introduced in <xref target="I-D.vanderstok-core-bc" />
driven by quality of experience issues in commercial lighting; the
need for large numbers of devices to respond with near simultaneity
to a command (multicast PUT), and for that command to be received
reliably (reliable multicast).
</t>
</section>
<!-- section anchor="sec-2.2" title="General Requirements" -->
<section title="General Requirements">
<t>
A CoAP group communication solution should (ideally) meet the following general requirements:
<list style="format GEN-REQ %d: ">
<t>Optional Reliability: the application can select between unreliable group communication and
reliable group communication.</t>
<t>Efficiency: delivers messages more
efficiently than a "serial unicast" solution. Provides a balance
between group data traffic and control overhead.</t>
<t>Low latency: deliver a message as quickly as possible.</t>
<t>Synchrony: allows near-simultaneous modification of a resource on all
devices in a target group, providing a perceived effect of synchrony
or simultaneity. For example a specified time span D such that a message
is delivered to all destinations in a time interval [t,t+D].</t>
<t>Ordering: message ordering may be required for reliable group communication use cases.</t>
<t>Security: see <xref target="security_requirements" /> for security requirements
for group communication.</t>
<t>Flexibility: support for one or many source(s), both dense and sparse
networks, for high or low listener density,
small or large number of groups, and multi-group membership.</t>
<t>Robust group management: functionality to join groups,
leave groups, view group membership, and persistent group membership
in failure or sleeping node situations.</t>
<t>Network layer independence: a solution is independent from specific unicast and/or
IP multicast routing protocols. </t>
<t>Minimal specification overhead: a group communication solution should preferably re-use
existing/established (IETF) protocols that are suitable for LLN deployments, instead
of defining new protocols from scratch.</t>
<t>Minimal implementation overhead: e.g. a solution allows to re-use existing (software) components
that are already present on constrained nodes such as (typical) 6LoWPAN/CoAP nodes.</t>
<t>Mixed backbone/LLN topology support: a solution should work within a single LLN, and in
combined LLN/backbone network topologies, including multi-LLN topologies. Both
the senders and receivers of CoAP group messages may be attached to
different network links or be part of different LLNs,
possibly with routers or switches in between group members. In addition,
different routing protocols may operate on the LLN and backbone networks. Preferably
a solution also works with existing, common backbone IP infrastructure (e.g. switches or routers).</t>
<t>CoAP Proxying support: a CoAP proxy can handle distribution of a message to a group
on behalf of a (constrained) CoAP client.</t>
<t>Suitable for operation on LLNs with constrained nodes.</t>
</list>
</t>
</section>
<!-- section anchor="sec-2.3" title="Security Requirements" -->
<section title="Security Requirements" anchor="security_requirements">
<t>
Security for group communications at the IP level has been studied
extensively in the IETF MSEC (Multicast Security) WG, and to a lesser
extent in the IRTF SAMRG (Scalable Adaptive Multicast Research Group).
In particular, <xref target="RFC3740" />, <xref target="RFC5374" />
and <xref target="RFC4046" /> are very instructive. A set of
requirements for securing group communications in CoAP were derived from
a study of these previous investigations as well as understanding of
CoAP specific needs. These are listed below.
</t>
<t>
A CoAP group communication solution should (ideally) meet the following security requirements:
<list style="format SEC-REQ %d: ">
<t>
Group communications data encryption: Important CoAP group communications
shall be encrypted (using a group key) to preserve confidentiality.
It shall also be possible to send CoAP group communications in the
clear (i.e. unencrypted) for low value data.
</t>
<t>
Group communications source data authentication: Important CoAP group communications
shall be authenticated by verifying the source of the data (i.e. that
it was generated by a given and trusted group member). It shall also
be possible to send unauthenticated CoAP group communications for low value data.
</t>
<t>
Group communications limited data authentication: Less important CoAP
group communications shall be authenticated by simply verifying that it originated
from one of the group members (i.e. without explicitly identifying the source node).
This is a weaker requirement (but simpler to implement) than REQ2. It shall also be
possible to send unauthenticated CoAP group communications for low value data.
</t>
<t>
Group key management: There shall be a secure mechanism to manage
the cryptographic keys (e.g. generation and distribution) belonging to the
group; the state (e.g. current membership) associated with the keys;
and other security parameters.
</t>
<t>
Use of Multicast IPSec: The CoAP protocol <xref target="I-D.ietf-core-coap"/>
allows IPSec to be used as one option to secure CoAP. If IPSec is used as a way to
security CoAP communications, then multicast IPSec <xref target="RFC5374" /> should
be used for securing CoAP group communications.
</t>
<t>
Independence from underlying routing security: CoAP group
communication security shall not be tied to the security of underlying
routing and distribution protocols such as PIM <xref target="RFC4601" />
and RPL <xref target="RFC6550"/>. Insecure or inappropriate routing
(including IP multicast routing) may cause loss of data to CoAP but will
not affect the authenticity or secrecy of CoAP group communications.
</t>
<t>
Interaction with HTTPS: The security scheme for CoAP group communications
shall account for the fact that it may need to interact with HTTPS (Hypertext Transfer
Protocol Secure) when a transaction involves a node in the general
Internet (non-constrained network) communicating via a HTTP-CoAP proxy.
</t>
</list>
</t>
</section>
</section>
<!-- section anchor="sec-3" title="Group Communication Solutions" -->
<section title="Group Communication Solutions" anchor="groupcomm-solutions">
<t>
This section includes the text that describes the solutions of IP multicast, overlay multicast, and application layer
group communication which were removed from <xref target="I-D.rahman-core-groupcomm"/> version 07 when the text was
transferred to <xref target="I-D.ietf-core-groupcomm"/>.
</t>
<!-- section anchor="sec-3.1" title="IP Multicast Transmission Methods" -->
<section title="IP Multicast Transmission Methods">
<section title="Serial unicast">
<t>
Even in systems that generally support IP Multicast, there may be certain
data links (or transports) that don't support IP multicast.
For those links a serial unicast alternative must be provided. This
implies that it should be possible to enumerate the members of a group,
in order to determine the correct unicast destinations.
</t>
</section>
<section title="Unreliable IP Multicast">
<t>
The CoRE WG charter specified support for non-reliable IP multicast. In
the current CoAP protocol design <xref target="I-D.ietf-core-coap" />,
unreliable multicast is realized by the source sending
Non-Confirmable messages to a multicast IP address. IP Multicast (using UDP)
in itself is unreliable, unless specific reliability features are added to it.
</t>
</section>
<section title="Reliable IP Multicast">
<t>
[TBD: This is a difficult problem. Need to investigate the benefits of repeating
MGET and MPUT requests (saturation) to get "Pretty Good Reliability". Use
the same MID or a new MID for repeated requests? Carsten suggests the use
of bloom filters to suppress duplicate responses.
</t><t>
One could argue that non-idempotent operations (POST) cannot be
supported without a *truly* reliable multicast protocol.
However, is this the case? If a multicast POST
request is sent repeatedly with the same Message ID (MID), then
CoAP nodes that already received it once will ignore duplicates.
Sending with Message ID is supported in CoAP for Non-Confirmable messages
(thus including multicast messages) as per <xref target="I-D.ietf-core-coap" /> section 4.2.
]
</t><t>
Reliable multicast supports guaranteed delivery of messages to a
group of nodes. The following specifies the requirements as
was proposed originally in version 01 of
<xref target="I-D.vanderstok-core-bc" />:
<list style="symbols">
<t>Validity - If sender sends a message, m, to a group, g, of
destinations, a path exists between sender and destinations, and the
sender and destinations are correct, all destinations in g
eventually receive m.
</t><t>
Integrity - destination receives m at most once from sender and
only if sender sent m to a group including destination.
</t><t>
Agreement - If a correct destination of g receives m, then all
correct destinations of g receive m.
</t><t>
Timeliness - For real-time control of devices, there is a known
constant D such that if m is sent at time t, no correct destination
receives m after t+D.
</t>
</list>
There are various approaches to achieve reliability, such as
</t><t>
<list style="symbols">
<t>Destination node sends response: a destination sends a CoAP
Response upon multicast Request reception (it SHOULD be a Non-Confirmable
response). The source node may retry a request to destination nodes
that did not respond in time with a CoAP response.</t>
<t>Route redundancy </t>
<t>Source node transmits multiple times (destinations do not respond) </t>
</list>
</t>
</section>
</section>
<!-- section anchor="sec-3.2" title="Overlay Multicast" -->
<section title="Overlay Multicast" anchor="OverlayMulticast">
<t> An alternative group communication solution (to IP Multicast) is an
"overlay multicast" approach. We define an overlay multicast as one that utilizes an infrastructure
based on proxies (rather than an IP router based IP multicast backbone)
to deliver IP multicast packets to end devices. MLD (<xref target="RFC3810" />) has
been selected as the basis for multicast support by the ROLL working
group for the RPL routing protocol. Therefore, it is proposed that "IGMP/MLD Proxying"
<xref target="RFC4605" /> be used as a basis for an overlay multicast solution for CoAP.
</t><t>
Specifically, a CoAP proxy <xref target="I-D.ietf-core-coap" /> may also contain
an MLD Proxy function. All CoAP devices that want to join a given
IP multicast group would then send an MLD Join to the CoAP (MLD)
proxy. Thereafter, the CoAP (MLD) proxy would be responsible for
delivering any IP multicast message to the subscribed CoAP devices.
This will require modifications to the existing <xref target="RFC4605" /> functionality.
</t><t>
Note that the CoAP (MLD) proxy may or may not be connected to an
external IP multicast enabled backbone. The key function for the CoAP (MLD)
proxy is to distribute CoAP generated multicast packets even in
the absence of router support for multicast.
</t>
</section>
<!-- section anchor="sec-3.3" title="Overlay Multicast" -->
<section title="CoAP Application Layer Group Management" anchor="AppGroupMgmt">
<t>Another alternative solution (to IP Multicast and Overlay Multicast) is
to define CoAP application level group management primitives. Thus, CoAP
can support group management features without need for any underlying IP multicast
support.
</t>
<t>
Interestingly, such group management primitives could also be offered even if there
is underlying IP multicast support. This is useful because IP multicast inherently
does not support the concept of a group with managed members, while a managed
group may be required for some applications.
</t>
<t>
The following group management primitives are in general useful:
<list style="symbols">
<t>discover groups;</t>
<t>query group properties (e.g. related resource descriptions);</t>
<t>create a group;</t>
<t>remove a group;</t>
<t>add a group member;</t>
<t>remove a group member;</t>
<t>enumerate group members;</t>
<t>security and access control primitives.</t>
</list>
</t>
<t>In this proposal a (at least one) CoAP Proxy node is responsible for group membership management.
A constrained node can specify which group it intends to join (or leave) using a CoAP
request to the appropriate CoAP Proxy. To Join, the group name will be included
in optional request header fields (explained below). These header fields will
be included in a PUT request to the Proxy. The Proxy-URI is set to the
Group Management URI of the Proxy (found previously through the "/.well-known/"
resource discovery mechanism). Note that in this solution also CoAP Proxies may
exist in a network that are not capable of CoAP group operations.
</t><t>
Group names may be defined as arbitrary strings with a predefined maximum length
(e.g. 268 characters or the maximum string length in a CoAP Option), or as URIs.
</t><t>
[ TBD: how can a client send a request to a group? Does it only need to know the
group name (string or URI) or also an IP multicast address? One way is to
send a CoAP request to the CoAP Proxy with a group URI directly in the Proxy-URI
field. This avoids having to know anything related to IP multicast addresses.
]
</t><t>
This solution in principle supports both unreliable and reliable group
communication. A client would indicate unreliable communication by sending a
CoAP Non-Confirmable request to the CoAP Proxy, or reliable communication
by sending a CoAP Confirmable request.
</t><t>
It is proposed that CoAP supports two Header Options for group "Join"
and "Leave". These Options are Elective so they should be assigned an
even number. Assuming the Type for "join" is x (value TBD), the Header
Options are illustrated by the table in <xref target="fig-header-options"/>:
</t>
<figure anchor="fig-header-options" title="CoAP Header Options for Group Management" align="center">
<artwork>
<![CDATA[
+------+-----+---------------+--------------+--------+--------------+
| Type | C/E | Name | Data type | Length | Default |
|------+-----+---------------+--------------+--------+--------------+
| | | | | | |
| x | E | Group Join | String | 1-270 | "" |
| | | | | B | |
| x+2 | E | Group Leave | String | 1-270 | "" |
| | | | | B | |
+------+-----|---------------+--------------+--------+--------------+
]]>
</artwork>
</figure>
<t>
<vspace blankLines='1' />
<xref target="fig-coap-msg-group-mgt"/> illustrates how a node can join or leave a group using the
Header Options in a CoAP message:
</t>
<figure anchor="fig-coap-msg-group-mgt" title="CoAP Message for Group Management" align="center">
<artwork>
<![CDATA[
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Ver| T | OC | Code | Message ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| delta |length | Join Group A (ID or URI)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 0 |length | Join Group B (ID or URI)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 2 |length | Leave Group C (ID or URI)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
]]>
</artwork>
</figure>
<t>
<vspace blankLines='1' />
Header Fields for the above example:
</t><t>
Ver: 2-bit unsigned integer for CoAP Version. Set to 1 by
implementation as defined by the CoAP specification.
</t><t>
T: 2-bit unsigned integer for CoAP Transaction Type. Either '0'
Confirmation or '1' Non-Confirmable can be used for group "join" or
"leave" request.
</t><t>
OC: 4-bit unsigned integer for Option Count. For this example, the
value should be "3" since there are three option fields.
</t><t>
Code: 8-bit unsigned integer to indicate the Method in a Request or a
Response Code in a Response message. Any Code can be used so the
group management can be piggy-backed in either Request or Response
message.
</t><t>
Message ID: 16-bit value assigned by the source to
uniquely identify a pair of Request and Response.
</t><t>
CoAP defines a delta encoding for header options. The first delta is
the "Type" for group join in this specific example. If the type for
group join is x as illustrated in <xref target="fig-coap-msg-group-mgt"/>, delta will be x. In the
second header option, it is also a group join so the delta is 0. The
third header option is a group leave so the delta is 2.
</t><t>
An alternative solution to using Header Options (explained above) is to use
designated parameters in the query part of the URI in the Proxy-URI field of
a POST (TBD: or PUT?) request to a Proxy's group management service resource
advertized by DNS-SD. For example, to join group1 and leave group2:
<figure>
<artwork>
coap://proxy1.bld2.example.com/groupmgt?j=group1&l=group2
</artwork>
</figure>
</t>
</section>
</section>
<!-- section anchor="sec-4" title="DNS-SD Based Group Resource Manipulation" -->
<section title="DNS-SD Based Group Resource Manipulation">
<t>
Ideally, all nodes in a given group (defined by its multicast IP address)
must receive the same request with high probability. This will not be
the case if there is diversity in the authority port (i.e. a diversity of
dynamic port addresses across the group) or if the targeted resource
is located at different paths on different nodes. Extending the
definition of group membership to include port and path discovery
is not desirable.
</t><t>
Therefore, some measures must be present to ensure uniformity in port number
and resource name/location within a group.
</t><t>
A first solution in this respect is to couple groups to service descriptions
in DNS (using DNS-SD as in <xref target="I-D.vanderstok-core-bc" />). A service
description for a multicast group may have a TXT record in DNS defining a
schema X (e.g. "schema=DALI"), which defines by service standard X (e.g. "DALI")
which resources a node supporting X MUST have. Therefore a multicast source
can safely refer to all resources with corresponding operations as prescribed
by standard X. For port numbers (which can be found using DNS-SD also) the same
holds. Alternatively, only the default CoAP port may be used in all CoAP multicast requests.
</t>
</section>
<section title="Deployment Guidelines">
<!-- section anchor="sec-5.1" title="Overview" -->
<section title="Overview">
<t>
We recommend to use IP multicast
as the base solution for CoAP Group Communication, provided that the use case
and network characteristics allow this. It has the advantage that it
re-uses the IP multicast suite of protocols and can operate even if group members are
distributed over both constrained and un-constrained network segments. Still, this approach may
require specifying or implementing additional IP Multicast functionality in an LLN,
in a backbone network, or in both - this will be evaluated in more detail in this section.
</t>
</section>
<!-- section anchor="sec-5.2" title="Implementation in Target Network Topologies" -->
<section title="Implementation in Target Network Topologies">
<t>
This section looks in more detail how an IP Multicast based solution can be
deployed onto the various network topologies that we consider important
for group communication use cases. Note that the chosen solution of IP
Multicast for CoAP group communication works mostly independently from
the underlying network topology and its specific IP multicast implementation.
</t><t>
Starting from the simplest case of a single LLN topology, we move to
more complex topologies involving a backbone network or multiple LLNs.
With "backbone" we refer here typically to a corporate LAN or VLAN, which
constitutes a single broadcast domain by design. It could also be an in-home
network. A multi-link backbone is also possible, if there is proper IP multicast
routing or forwarding configured between these links. (The term 6LoWPAN Border
Router or "6LBR" is used
here for a border router, though our evaluation is
not necessarily restricted to 6LoWPAN networks.)
</t>
<!-- section anchor="sec-5.2.1" title="Single LLN Topology" -->
<section title="Single LLN Topology">
<t>
The simplest topology is a single LLN, where all the IP multicast
source(s) and destinations are constrained nodes within this same LLN.
Possible implementations of IP multicast routing and group administration
for this topology are listed below.
</t>
<section title="Mesh-Under Multicast Routing">
<t>
The LLN may be set up in either a mesh-under or a route-over configuration.
In the former case, the mesh routing protocol should take care of routing
IP multicast messages throughout the LLN.
</t><t>
Because conceptually all nodes in the LLN are attached to a single link,
there is in principle no need for nodes to announce their interest in
multicast IP addresses via MLD (see <xref target="mld"/>). A multicast message to a specific IP destination,
which is delivered to all 6LoWPAN nodes by the mesh routing algorithm, is accepted
by the IP network layer of that node only if it is listening on that
specific multicast IP address and port.
</t>
</section>
<section title="RPL Multicast Routing">
<t>
The RPL routing protocol for LLNs provides support
for routing to multicast IP destinations (Section 12 of <xref target="RFC6550"/>).
Like regular unicast destinations, multicast
destinations are advertised by nodes using RPL DAO messages. This functionality
requires "Storing mode with multicast support" (Mode Of Operation, MOP is 3) in the RPL
network.
</t><t>
Once all RPL routing tables in the network are populated, any RPL node can
send packets to an IP multicast destination. The RPL protocol performs distribution
of multicast packet both upward towards the DODAG root and downwards into the DODAG.
</t><t>
The text in Section 12 of the RPL specification clearly implies that IP multicast
packets are distributed using
link-layer unicast transmissions, looking at the use of the word "copied" in this section.
Specifically in 6LoWPAN networks, this behavior conflicts with the requirement that
IP multicast packets MUST be carried as link-layer 802.15.4 broadcast frames
<xref target="RFC4944"/>.
</t><t>
Assuming that link-layer unicast is indeed meant, this approach seems efficient only
in a balanced, sparse tree network topology, or in
situations where the fraction of nodes listening to a specific multicast IP address
is low, or in duty cycled LLNs where link-layer broadcast is a very expensive
operation.
</t>
</section>
<section title="RPL Routers with Non-RPL Hosts" anchor="RplWithHosts">
<t>
Now we consider the case that hosts exist in a RPL network that are not RPL-aware
themselves, but rely on RPL routers for their IP connectivity beyond link-local
scope. Note that the current RPL specification <xref target="RFC6550" />
leaves this case for future specification (see Section 16.4). Non-RPL hosts cannot
advertise their IP multicast groups of interest via RPL DAO messages as defined
above. Therefore in that case MLD could be used for such advertisements
(State Change Report messages), with all or a subset of RPL routers acting
in the role of MLD Routers as defined in <xref target="RFC3810"/>. However, as
the MLD protocol is not designed specifically for LLNs it may be a burden for the
constrained RPL router nodes to run the full MLD protocol. Alternatives are
therefore proposed in <xref target="mld-6lowpan"/>.</t>
</section>
<section title="Trickle Multicast Forwarding">
<t>
Trickle Multicast Forwarding <xref target="I-D.ietf-roll-trickle-mcast" /> is an IP multicast
routing protocol suitable
for LLNs, that uses the Trickle algorithm as a basis. It is a simple
protocol in the sense that no topology maintenance is required. It can deal especially
well with situations where the node density is a-priori unknown.
</t><t>
Nodes from anywhere in the LLN can be the multicast source, and nodes anywhere in the
LLN can be multicast destinations.
</t><t>
Using Trickle Multicast Forwarding it is not required for IP multicast destinations
(listeners) to
announce their interest in a specific multicast IP address, e.g. by means of MLD.
Instead, all multicast IP packets regardless of IP destination address are stored
and forwarded by all routers. Because forwarding
is always done by multicast, both hosts and routers will be able to receive all multicast
IP packets.
Routers that receive multicast packets they are not interested in, will only buffer
these for a limited time until retransmission can be stopped as specified by the protocol.
Hosts that receive multicast packets they are not interested in, will discard multicast packets
that are not of interest.
Above properties seem to make Trickle especially efficient for cases where the multicast
listener density is high and the number of distinct multicast groups relatively low.
</t>
</section>
<section title="Other Route-Over Methods">
<t>
Other known IP multicast routing methods may be used,
for example flooding or other to be defined methods suitable
for LLNs. An important design consideration here is whether multicast listeners
need to advertise their interest in specific multicast addresses, or not. If they
do, MLD is a possible option but also protocol-specific means (as in RPL) is an
option. See <xref target="mld-6lowpan" /> for more efficient substitutes for MLD
targeted towards a LLN context.
</t>
</section>
</section>
<!-- section anchor="sec-5.2.2" title="Single LLN with Backbone Topology" -->
<section title="Single LLN with Backbone Topology">
<t>
A LLN may be connected via a Border Router (e.g. 6LBR) to a backbone network, on which IP multicast
listeners and/or sources may be present. This section analyzes cases in which IP multicast
traffic needs to flow from/to the backbone, to/from the LLN.
</t>
<section title="Mesh-Under Multicast Routing" anchor="LLNMeshUnder" >
<t>
Because in a mesh routing network conceptually all nodes in the LLN are attached to a single link,
a multicast IP packet originating in the LLN is typically delivered by the mesh routing
algorithm to the 6LBR as well, although there is no guaranteed delivery.
The 6LBR may be configured to accept all IP multicast traffic from the LLN
and then may forward such packets onto its backbone link. Alternatively,
the 6LBR may act in an MLD Router or MLD Snooper role on its backbone link and decide whether
to forward a multicast packet or not based on information learned from previous
MLD Reports received on its backbone link.
</t><t>
Conversely, multicast packets originating on the backbone network will reach
the 6LBR if either the backbone is a single link (LAN/VLAN) or IPv6 multicast routing is
enabled on the backbone. Then, the 6LBR could simply forward all IP multicast traffic
from the backbone onto the LLN. However, in practice this situation may lead to
overload of the LLN caused by unnecessary multicast traffic. Therefore the 6LBR
SHOULD only forward traffic that one or more nodes in the LLN
have expressed interest in, effectively filtering inbound LLN multicast traffic.
</t><t>
To realize this "filter", nodes on the LLN may use MLD to announce their interest in
specific multicast IP addresses to the 6LBR. One option is for the 6LBR to act in
an MLD Router role on its LLN interface. However, this may be too much of a
"burden" for constrained nodes. Light-weight alternatives for MLD are discussed in
<xref target="mld-6lowpan" />.
</t>
</section>
<section title="RPL Multicast Routing">
<t>
For RPL routing within the 6LoWPAN, we first consider the case of an IP multicast source
on the backbone network with one or
more IP multicast listeners on the RPL LLN. Typically, the 6LBR would be the root of a DODAG
so that the 6LBR can easily forward the IP multicast packet received on its backbone
interface to the right RPL nodes in the LLN down along this DODAG (based on previously
DAO-advertized destinations).
</t><t>
Second, a multicast source may be in the RPL LLN and listeners may be both on the LLN
and on the backbone. For this case RPL defines that the multicast packet will propagate
both up and down the DODAG, eventually reaching the DODAG root (typically a 6LBR) from
which the packet can be routed onto the backbone in a manner specified in the previous
section.
</t>
</section>
<section title="RPL Routers with Non-RPL Hosts">
<t>
For the case that a RPL LLN contains non-RPL hosts, the solutions from the previous
section can be used if in addition RPL routers implement MLD or "MLD like"
functionality similar to as described in <xref target="RplWithHosts" />.
</t>
</section>
<section title="Trickle Multicast Forwarding">
<t>
First, we consider the case of an IP multicast source node on the LLN (where all 6LRs
support Trickle Multicast Forwarding) and IP multicast listeners that may be on the
LLN and on the
backbone. As Trickle will eventually deliver multicast packets also to a 6LBR, which
acts as a Trickle Multicast router as well, the 6LBR can then forward onto the
backbone in the ways described earlier in <xref target="LLNMeshUnder" />.
</t><t>
Second, for the case of an IP multicast source on the backbone and multicast listeners
on both backbone and/or LLN, the 6LBR needs to forward multicast traffic from the
backbone onto the LLN. Here, the aforementioned problem (<xref target="LLNMeshUnder" />)
of potentially overloading the LLN with unwanted backbone IP multicast traffic appears again.
</t><t>
A possible solution to this is (again) to let multicast listeners advertise their
interest using MLD as described in <xref target="LLNMeshUnder" /> or to
use an MLD alternative suitable for LLNs as described in <xref target="mld-6lowpan" />.
However, following this approach requires possibly an extension to Trickle Multicast
Forwarding: the protocol should ensure that MLD-advertised information is somehow
communicated to the 6LBR, possibly over multiple hops. MLD itself supports link-local
communication only.
</t>
</section>
<section title="Other Route-Over Methods">
<t>
For other multicast routing methods used on the LLN, there are similar considerations
to the ones in sections above: the strong need to filter IP multicast traffic coming into the LLN,
the need for reporting multicast listener interest (e.g. with MLD or a to-be-defined MLD
alternative) by constrained (6LoWPAN)
nodes, and the need for LLN-internal routing as identified in the previous section such
that the MLD communicated information can reach the 6LBR to be used there in multicast traffic
filtering decisions.
</t>
</section>
</section>
<!-- section anchor="sec-5.2.3" title="Multiple LLNs with Backbone Topology" -->
<section title="Multiple LLNs with Backbone Topology">
<t>
Now the case of a single backbone network with two or more LLNs attached to it via
6LBRs is considered. For this case all the considerations and solutions of the previous
section can be applied.
</t><t>
For the specific case that a source on a backbone network has to send to a very large
number of destination located on many LLNs, the use of IGMP/MLD Proxying <xref target="RFC4605" />
with a leaf IGMP/MLD Proxy located in each 6LBR may be useful. This method only is defined
for a tree topology backbone network with the IP multicast source at the root of the tree.
</t>
</section>
<!-- section anchor="sec-5.2.4" title="LLN(s) with Multiple 6LBRs" -->
<section title="LLN(s) with Multiple 6LBRs">
<t>
[ TBD: an LLN with multiple 6LBRs may require some additional consideration. Any
need to synchronize mutually on multicast listener information? ]
</t>
</section>
<!-- section anchor="sec-5.2.5" title="Conclusions" -->
<section title="Conclusions">
<t>
For all network topologies that were evaluated, CoAP group communication can be in
principle supported with IP Multicast, making use of existing protocols. For the case
of Trickle Multicast Forwarding, it appears that an addition to the protocol is required
such that information about multicast listeners can be distributed towards the 6LBR.
Opportunities were identified for an "MLD-like" or "MLD-lightweight" protocol specifically
suitable for LLNs, which should inter-work with regular MLD on the backbone network. Such MLD variants
are further analyzed in <xref target="mld-6lowpan"/>.
</t>
</section>
</section>
<!-- section anchor="sec-5.3" title="Implementation Considerations" -->
<section title="Implementation Considerations">
<t>
In this section various implementation aspects are considered such as required protocol
implementations, additional functionality of the 6LBR and backbone network equipment.
</t>
<!-- section anchor="sec-5.3.1" title="MLD Implementations on LLNs" -->
<section title="MLD Implementation on LLNs and MLD alternatives" anchor="mld-6lowpan">
<t>
In previous sections, it was mentioned that the MLDv2 protocol <xref target="RFC3810" />
may be too costly for use in a LLN. MLD relies on periodic link-local multicast
operations to maintain state. Also it is optimized to fairly dynamic situations where
multicast listeners may come and go over time. Such dynamic situations are less frequently
found in typical LLN use cases such as building control, where multicast group
membership can remain constant over longer periods of time (e.g. months) after commissioning.
</t><t>
Hence, a viable strategy is to implement a subset of MLD functionality in 6LoWPAN nodes
which is just enough for the required functionality. A first option is that 6LoWPAN Routers,
like MLD Snoopers, passively listen to MLD State Change Report messages and handle the
learned ("snooped") IP multicast destinations in the way defined by the multicast routing protocol
they are running (e.g. for RPL, Routers advertise these destinations using DAO messages).
</t><t>
A second option is to use MLD as-is but adapt the recommended parameter values such that operation
on a LLN becomes more efficient. <xref target="RFC6636"/> could be a guideline
in this case.
</t><t>
A third option is to standardize a new protocol, taking a subset of MLD functionality into a
"MLD for 6LoWPAN" protocol to support constrained nodes optimally.
</t><t>
A fourth option is now presented, which seems attractive in that it minimizes standardization,
implementation and network communication overhead all at the same time. This option is to
specify a new Multicast Listener Option (MLO) as an addition to the 6LoWPAN-ND
<xref target="I-D.ietf-6lowpan-nd" /> protocol communication that is anyway ongoing between a 6LoWPAN
host and router(s). This MLO is preferably designed to be maximally similar to the Address
Registration Option (ARO), which minimizes the need for additional program code on constrained
nodes. With an MLO, instead of
registering a hosts's unicast IP address as with ARO, a host "registers" its interest in a multicast
IPv6 address. Unlike the ARO, multiple
MLO can be used in the same ND packet. A registration period is also defined in the MLO just like in the ARO.
MLO allows a host
to persistently register as a listener to IP multicast traffic and to avoid the overhead of
periodic multicast communication which is required for the regular MLD protocol.
</t>
<t>
[ TBD: consider what aspects are needed/not needed for
CoAP/LLN applications. Will MLDv1 suffice? What to do with options like 'source
specific' and include/exclude. Source-specific can also be dealt with at the
destination host by filtering? Do we need limits on number of records per packet?
Do we need a higher MLD reliability setting - see the parameters in the MLD RFC ]
</t>
</section>
<!-- section anchor="sec-5.3.2" title="6LBR Implementation" -->
<section title="6LBR Implementation">
<t>
To support mixed backbone/LLN scenarios in CoAP group communication, it is
RECOMMENDED that a 6LowPAN Border Router (6LBR) will act in an MLD
Router role on the backbone link. If this is not possible then the 6LBR
SHOULD be configured to act as an MLD Multicast Address Listener
and/or MLD Snooper on the backbone link.
</t>
</section>
<!-- section anchor="sec-5.3.3" title="Backbone IP Multicast Infrastructure" -->
<section title="Backbone IP Multicast Infrastructure">
<t>
For corporate/professional applications, most routing and switching equipment that is currently on the market is
IPv6 capable. For that reason backbone infrastructure operating IPv4 only is considered out of scope in this document,
at least for the backbone network segment(s) where IP multicast destinations are present. What is still in scope is
for example an IPv4-only HTTP client that wants to send a group communication message via a HTTP-CoAP proxy as
considered in <xref target="I-D.castellani-core-advanced-http-mapping"/>.
</t><t>
The availability of, and requirements for, IP multicast support may depend on the
specific installation use case. For example, the following cases may be
relevant for new IP based building control installations:
<list style="numbers">
<t>
System deployed on existing IP (Ethernet/WiFi/...) infrastructure, shared with existing IP devices (PCs)
</t><t>
Newly designed and deployed IP (Ethernet/WiFi/...) infrastructure, to be shared with other IP devices (PCs)
</t><t>
Newly designed and deployed IP (Ethernet/WiFi/...) infrastructure, exclusively used for building control.
</t>
</list>
Besides physical separation the building control backbone can be separated from regular (PC) infrastructure
by using a different VLAN.
A typical corporate installation will have many LAN switches and/or routing switches, which pass through IP multicast
traffic but on the other hand do not support acting in the Router role of MLD/IGMP. Perhaps for case 2) and 3) above
it is acceptable to add a MLD/IGMP capable router somewhere in the network, while for case 1) this may not be the case.
</t><t>
[TBD: consider the influence of WiFi based backbone networks. What if 6LBRs are at the same time also WiFi routers?
What if 6LBRs have an Ethernet connection to legacy WiFI routers? Check if equivalent with Ethernet backbone.]
</t>
</section>
</section>
</section>
<section title="Miscellaneous Topics" anchor="new-topics">
<t>This section is a placeholder to add miscellaneous text, topics or proposals related to CoAP group communication
in future versions of this document.
</t>
</section>
<section anchor="Acknowledgements" title="Acknowledgements">
<t>Thanks to all CoRE WG members who participated in the IETF 82 discussions, which
was the trigger to initiate this document.</t>
</section>
<!-- Possibly a 'Contributors' section ... -->
<section anchor="IANA" title="IANA Considerations">
<t>This memo includes no request to IANA.</t>
</section>
<section anchor="Security" title="Security Considerations">
<t>Security aspects of group communication for CoAP are discussed in <xref target="I-D.ietf-core-groupcomm"/>. The
current document contains no new proposals yet, for which security considerations have to be analyzed here.
</t>
</section>
</middle>
<!-- *****BACK MATTER ***** -->
<back>
<!-- References split into informative and normative -->
<!-- There are 2 ways to insert reference entries from the citation libraries:
1. define an ENTITY at the top, and use "ampersand character"RFC2629; here (as shown)
2. simply use a PI "less than character"?rfc include="reference.RFC.2119.xml"?> here
(for I-Ds: include="reference.I-D.narten-iana-considerations-rfc2434bis.xml")
Both are cited textually in the same manner: by using xref elements.
If you use the PI option, xml2rfc will, by default, try to find included files in the same
directory as the including file. You can also define the XML_LIBRARY environment variable
with a value containing a set of directories to search. These can be either in the local
filing system or remote ones accessed by http (http://domain/dir/... ).-->
<references title="Normative References">
&RFC2119;
&RFC3740;
&RFC3810;
&RFC4046;
&RFC4601;
&RFC4605;
&RFC4944;
&RFC5374;
&RFC5867;
&RFC6550;
&RFC6636;
&I-D.ietf-core-coap;
</references>
<references title="Informative References">
&I-D.ietf-core-groupcomm;
&I-D.ietf-roll-trickle-mcast;
&I-D.ietf-6lowpan-routing-requirements;
&I-D.ietf-6lowpan-nd;
&I-D.rahman-core-groupcomm;
&I-D.vanderstok-core-bc;
&I-D.shelby-core-coap-req;
&I-D.eggert-core-congestion-control;
&I-D.castellani-core-advanced-http-mapping;
</references>
<!-- section anchor="Appendix A" title="Multicast Listener Discovery" -->
<section anchor="mld" title="Multicast Listener Discovery (MLD)">
<t>
In order to extend the scope of IP multicast beyond link-local scope, an IP multicast
routing protocol has to be active in routers on an LLN. To achieve efficient
multicast routing (i.e. avoid always flooding multicast IP packets), routers
have to learn which hosts need to receive packets addressed to specific IP multicast
destinations.
</t><t>
The Multicast Listener Discovery (MLD) protocol <xref target="RFC3810" />
(or its IPv4 pendant IGMP) is today the method of choice used by an
(IP multicast enabled) router to discover
the presence of multicast listeners on directly attached links, and to
discover which multicast addresses are of interest to those listening nodes. MLD
was specifically designed to cope with fairly dynamic situations in which multicast
listeners may join and leave at any time.
</t><t>
IGMP/MLD Snooping is a technique implemented in some corporate LAN routing/switching
devices. An MLD snooping switch listens to MLD State Change Report messages from
MLD listeners on attached links. Based on this, the switch learns on what
LAN segments there is interest for what IP multicast traffic. If the switch
receives at some point an IP multicast packet, it uses the stored information
to decide onto which LAN segment(s) to send the packet. This improves network
efficiency compared to the regular behavior of forwarding every incoming multicast
packet onto all LAN segments. An MLD snooping switch may also send out MLD Query
messages (which is normally done by a device in MLD Router role) if no MLD Router is present.
</t><t>
<xref target="RFC6636"/> discusses optimal tuning of the parameters of MLD for routers
for mobile and wireless networks. These guidelines may be useful when implementing MLD in LLNs.
</t>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 08:24:37 |