Ad Hoc On-demand Distance Vector Version 2 (AODVv2) RoutingFuturewei Inc. 2330 Central ExpresswaySanta Clara95050CAUSA+1-408-330-4586charliep@computer.orgIdirect13861 Sunrise Valley Drive, Suite 300HerndonVA20171USAratliffstan@gmail.comAirbus Defence and SpaceCeltic SpringsNewportWalesNP10 8FZUnited Kingdomjohn.dowdell.ietf@gmail.comFreie Universitaet BerlinKaiserswerther Str. 16-18D-14195 BerlinGermanylotte.steenbrink@fu-berlin.deAirbus Defence and SpaceCeltic SpringsNewportWalesNP10 8FZUnited Kingdompritchardv0@gmail.com>
Routing
RFCRequest for CommentsI-DInternet-DraftXMLreactive protocol
The Ad Hoc On-demand Distance Vector Version 2 (AODVv2) routing
protocol is intended for use by mobile routers in wireless, multihop
networks. AODVv2 determines unicast routes among AODVv2 routers within
the network in an on-demand fashion.
The Ad hoc On-Demand Distance Vector Version 2 (AODVv2) protocol
enables dynamic, multihop routing between participating mobile
routers wishing to establish and maintain an ad hoc network. The
basic operations of the AODVv2 protocol are route discovery and
route maintenance. AODVv2 does not require nodes to maintain routes
to destinations that are not in active communication. AODVv2 allows
mobile nodes to respond to link breakages and changes in network
connectivity.
AODVv2 is a distance-vector routing protocol, which means that
routes are stored with information about the next hop (vector for
forwarding) and the metric or cost of using the route (a
"distance" to the destination along that route).
Typically, if multiple routes to a particular destination are
available to be selected, the route with the least cost (e.g.,
shortest distance) is chosen for the purpose of forwarding packets
to that destination. Distance-vector (Bellman-Ford) routing
protocols were historically vulnerable to what became known as the
"counting to infinity" problem. That problem causes
routes to grow quickly worse over time, and results from a
router's inability to detect out-of-sequence routing updates and
subsequent retransmission of stale information. AODVv2 uses
sequence numbers to assure detection of stale routing information,
as was done previously in DSDV and as described in
. The operation of AODVv2 is
consequently loop-free and offers quick convergence when the ad
hoc network topology changes (typically, when a node moves in the
network). When links break, AODVv2 causes the affected set of
nodes to be notified so that they are able to invalidate the
routes using the broken link.
AODVv2 stores a destination sequence number for each route entry.
The destination sequence number is created by the destination to
be included along with any route information it sends to
requesting nodes. Using destination sequence numbers ensures loop
freedom and is simple to program. Given the choice between two
routes to a destination, a requesting node is required to select
the one with the greatest sequence number.
The basic protocol mechanisms are as follows. AODVv2 is a reactive
protocol, meaning that route discovery is initiated only when a
route to the target is needed (i.e. when a router's client has
data to send (see )). For this
purpose, AODVv2 uses Route Request (RREQ) and Route Reply (RREP)
messages as follows: an RREQ is distributed across the network.
Routers (other than the target) receiving the RREQ retransmit it
and also store a reverse route back to the originator of the RREQ.
In figure , node 'S' needs to
discover a route to a desired destination node 'D'. S generates a
RREQ to be flooded throughout the network. The RREQ traverses
nodes A, B, J, K, L, and M before finally arriving at the target
node D. The RREQ will also most likely be received and
retransmitted by many other nodes in the network. Each
intermediate node that receives the RREQ stores a reverse route
back to node S so that communication between S and D can be
established in case that intermediate node receives a RREP in
response to the RREQ.
When the target receives the RREQ, it answers with an RREP, which
is then relayed back to the originator along the path stored by
the intermediate routers. A metric value is included within the
messages to indicate the cost of the route.
In figure , node 'D' transmits
a RREP back towards S. Node M has stored a route back to S by way
of node L. Node L has stored a route back to S by way of node K,
and so on. Also, each node that receives the RREP uses the
information in the RREP to store a route to node 'D'. For
instance, the RREP contains the metric describing the cost of the
route from an intermediate node X to node D, as well as
information about the next hop towards D -- namely, the node which
transmitted the RREP to X.
AODVv2 uses sequence numbers as described above to identify stale
routing information, and compares route metric values to determine
if advertised routes could form loops. Route maintenance includes
confirming bidirectionality of links to next-hop AODVv2 routers,
managing route timeouts, using Route Error (RERR) messages to
inform other routers of broken links, and reacting to received
Route Error messages.
AODVv2 requires indications to be exchanged between AODVv2 and the
forwarding subsystem for the following conditions:
a packet needs to be forwarded and a route needs to be
discovered (this happens because of the on-demand nature of
AODVv2)
packet forwarding fails, in order to report a route error
packet forwarding succeeds, in order to manage route timeouts.
Security for authentication of AODVv2 routers and encryption of
control messages is accomplished using the TIMESTAMP and ICV TLVs
defined in .
AODVv2 operates in a fashion very similar to
AODV. The mechanism for route
discovery is basically the same, so that similar performance
results can be expected. Compared to AODV, AODVv2 has moved some
features out of the scope of the document, notably intermediate
route replies, and expanding ring search. However, this document
has been designed to allow specification of those features in a
separate document.
AODVv2 control messages are defined as sets of data. As described
in , these sets of data can be
mapped to message elements using the Generalized MANET
Packet/Message Format defined in
and sent using the parameters in .
Additional refinements have been made for route timeouts and state
management. Other mappings for the sets of data for the control
messages are possible.
Compared to AODV, the following
protocol mechanisms have changed:
Verification of link bidirectionality has been substantially
improved
Alternate metrics may be used to determine route quality
Support for multiple interfaces has been improved
Support for multi-interface IP addresses has been added
A new security model allowing end to end integrity checks has
been added
Message formats have been updated and made compliant with
.
Hello messages and local repair have been removed.
Multihoming is supported.
AODVv2 has not been designed to be interoperable with AODV.
However, it would be straightforward to allow both protocols to be
used in the same ad hoc network as long as compatible metrics were
used.
The key words "MUST", "MUST NOT",
"REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED",
"NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as
described in . The names of the
protocol messages in AODVv2 are chosen to conform to the names of
the similar protocol messages in . In
addition, this document uses terminology from
, and defines the following terms:
An AddressList along with address type for each
address (see ).
A list of IP addresses as used in AODVv2 messages.
The IP address family is determined, for instance, by
parameter choice in , or other
shim layer between AODVv2 and the network layer.
Used in a Route Reply Acknowledgement message to
indicate that a Route Reply Acknowledgement is expected in
return (see ).
A route advertised in an incoming route message (RREQ
or RREP).
An IP addressable device in the ad hoc network that
performs the AODVv2 protocol operations specified in this
document.
The current time as maintained by the AODVv2 router.
A route that cannot be used for forwarding but still
contains useful sequence number information.
An entry in the Local Route Set as defined in
.
A Mobile Ad Hoc Network as defined in
.
The metric type for a metric value included in a
message (see ).
A list of metric types associated with the addresses
in the AddressList of a Route Error message.
An AODVv2 router from which an RREQ or RREP message
has been received. Neighbors exchange routing information and
verify bidirectionality of the link to a neighbor before
installing a route via that neighbor into the Local Route Set.
The source IP address of the IP packet triggering
route discovery.
The metric value associated with the route to
OrigPrefix.
The prefix configured in the Router Client Set entry
which includes OrigAddr.
The prefix length, in bits, configured in the Router
Client Set entry which includes OrigAddr.
The sequence number of the AODVv2 router which
originated the Route Request on behalf of OrigAddr.
The source address of the IP packet that triggered a
Route Error message.
A list of routing prefix lengths associated with the
addresses in the AddressList of a message.
Performed only in reaction to specific events. In
AODVv2, routes are requested only when data packets need to be
forwarded. In this document, "reactive" is
synonymous with "on-demand".
The AODVv2 message type used to indicate that an
AODVv2 router does not have a valid LocalRoute toward one or
more destinations.
The AODVv2 router generating a Route Error message.
A Route Error (RERR) message.
A unicast IP address that is scoped sufficiently to
be forwarded by a router. Globally-scoped unicast IP addresses
and Unique Local Addresses (ULAs)
are examples of routable
unicast IP addresses.
An address within an address range configured on an
AODVv2 router, on behalf of which that router will initiate
and respond to route discoveries. These addresses may be used
by the AODVv2 router itself or by devices that are reachable
without traversing another AODVv2 router.
The AODVv2 message type used to reply to a Route
Request message.
The AODVv2 router that generates the Route Reply
message, i.e., the router configured with TargAddr as a Router
Client.
The AODVv2 message type used to discover a route to
TargAddr and distribute information about a route to
OrigPrefix.
The AODVv2 router that generates the Route Request
message, i.e., the router configured with OrigAddr as a Router
Client.
A Route Request (RREQ) or Route Reply (RREP) message.
The sequence number maintained by an AODVv2 router to
indicate freshness of route information.
A list of sequence numbers associated with the
addresses in the AddressList of a message.
The target address of a route request, i.e., the
destination address of the IP packet triggering route
discovery.
The metric value associated with the route to
TargPrefix.
The prefix configured in the Router Client Set entry
which includes TargAddr.
The prefix length, in bits, configured in the Router
Client Set entry which includes TargAddr.
The sequence number of the AODVv2 router which
originated the Route Reply on behalf of TargAddr.
An address reported in a Route Error message, as
described in .
In the direction from destination to source (from
TargAddr to OrigAddr).
A route that can be used for forwarding.
This document uses the notational conventions in
to simplify the text.
Notation
Meaning
Route[Address]
A route toward Address
Route[Address].Field
A field in a route toward Address
McMsg.Field
A field in a Multicast Message entry
RteMsg.Field
A field in either RREQ or RREP
RerrMsg.Field
A field in a RERR
The AODVv2 routing protocol is a reactive routing protocol designed
for use in mobile ad hoc wireless networks, and may also be useful
in networks where the nodes are not mobile but economical route
maintenance is still required. A reactive protocol only sends
messages to discover a route when there is data to send on that
route. This requires an interaction with the forwarding plane, to
indicate when a packet is to be forwarded, in case reactive route
discovery is needed. The set of signals exchanged between AODVv2 and
the forwarding plane are discussed in
.
AODVv2 is designed for stub or disconnected mobile ad hoc networks,
i.e., non-transit networks or those not connected to the internet.
AODVv2 routers can, however, be configured to perform gateway
functions when attached to external networks, as discussed in
.
AODVv2 handles a wide variety of mobility and traffic patterns by
determining routes on-demand. In networks with a large number of
routers, AODVv2 is best suited for relatively sparse traffic
scenarios where each router forwards IP packets to a small
percentage of destination addresses in the network. In such cases
fewer routes are needed, and far less control traffic is produced.
In large networks with dense traffic patterns, AODVv2 control
messages may cause a broadcast storm, overwhelming the network with
control messages. The transmission priorities described in
prioritize route maintenance traffic
over route discovery traffic.
Data packets may be buffered until a route to their destination is
available, as described in .
AODVv2 is well suited to reactive scenarios such as emergency and
disaster relief, where the ability to communicate might be more
important than being assured of secure operations. For many other ad
hoc networking applications, in which insecure operation could
negate the value of establishing communication paths, it is
important for neighboring AODVv2 routers to establish security
associations with one another.
AODVv2 provides for message integrity and security against replay
attacks by using integrity check values, timestamps and sequence
numbers, as described in . When
security associations have been established, encryption can be used
for AODVv2 messages to ensure that only trusted routers participate
in routing operations.
The AODVv2 route discovery process aims for a route to be
established in both directions along the same path. Uni-directional
links are not suitable; AODVv2 will detect and exclude those links
from route discovery. The route discovered is optimized for the
requesting router, and the return path may not be the optimal route.
AODVv2 is applicable to memory constrained devices, since only a
little routing state is maintained in each AODVv2 router. AODVv2
routes that are not needed for forwarding data do not need to be
maintained.
AODVv2 supports routers with multiple interfaces and multiple IP
addresses per interface. A router may also use the same IP address
on multiple interfaces. AODVv2 requires only that each interface
configured for AODVv2 has at least one unicast IP address (see
). Address assignment
procedures are out of scope for AODVv2.
AODVv2 supports Router Clients with multiple interfaces, as long as
each Client interface is configured with its own unicast IP address.
The routing algorithm in AODVv2 has been operated at layers other
than the network layer, using layer-appropriate addresses.
AODVv2 has to maintain information about all network interfaces
configured for sending or receiving AODVv2 messages. Any interface
with an IP address can be used. Multiple interfaces on a single
router can be used. Multiple interfaces on the same router may be
configured with the same IP address; in this case, sufficient
information about those network interfaces has to be maintained by
the AODVv2 router in order to determine which of them has received
an incoming AODVv2 message. For instance, it is often possible to
determine the incoming interface by inspecting the MAC address of
the layer-2 frame header.
An AODVv2 router discovers routes for its own local applications
and also for its Router Clients that are reachable without
traversing another AODVv2 router. The addresses used by these
devices, and the AODVv2 router itself, are configured in the
Router Client Set. An AODVv2 router will only originate Route
Request and Route Reply messages on behalf of its configured
Router Client addresses.
Router Client Set entries are configured manually or by mechanisms
out of scope for this document. Each client's entry contains:
An IP address or the start of an address range that
requires route discovery services from the AODVv2 router.
The length, in bits, of the routing prefix
associated with the RouterClient.IPAddress. If the prefix
length is not equal to the address length of
RouterClient.IPAddress, the AODVv2 router MUST participate
in route discovery on behalf of all addresses within that
prefix.
The cost associated with reaching the client's
address or address range.
A Neighbor Set is used to maintain information about neighboring
AODVv2 routers. Neighbor Set entries are stored when AODVv2
messages are received. If the Neighbor is chosen as a next hop on
an installed route, the link to the Neighbor is tested for
bidirectionality; the result is stored in the Neighbor Set.
Neighbor Set entries MUST contain:
An IP address of the neighboring router.
Indicates whether the link to the neighbor is
bidirectional. There are three possible states: CONFIRMED,
HEARD, and BLACKLISTED. HEARD is the initial state.
CONFIRMED indicates that the link to the neighbor has been
confirmed as bidirectional. BLACKLISTED indicates that the
link to the neighbor is being treated as uni-directional.
discusses how to
monitor link bidirectionality.
Indicates the time at which the Neighbor.State
should be updated:
If the value of Neighbor.State is BLACKLISTED, this indicates
the time at which Neighbor.State will revert to HEARD. This
value is calculated at the time the router is blacklisted and
by default is equal to CurrentTime + MAX_BLACKLIST_TIME.
If Neighbor.State is HEARD, and an RREP_Ack has been requested
from the neighbor, it indicates the time at which
Neighbor.State will be set to BLACKLISTED, if an RREP_Ack has
not been received.
If the value of Neighbor.State is HEARD and no RREP_Ack has
been requested, or if Neighbor.State is CONFIRMED, this time
is set to INFINITY_TIME.
The interface on which the link to the neighbor was
established.
The next sequence number to use for the TIMESTAMP
value in an RREP_Ack request, in order to detect replay of
an RREP_Ack response. AckSeqNum is initialized to a random
value.
The last heard sequence number used as the
TIMESTAMP value in a RERR received from this neighbor, saved
in order to detect replay of a RERR message. HeardRERRSeqNum
is initialized to zero.
See and
for more information on how
Neighbor.AckSeqNum and Neighbor.HeardRERRSeqNum are used.
Sequence Numbers enable AODVv2 routers to determine the temporal
order of route discovery messages that originate from a AODVv2
router, and thus to identify stale routing information so that it
can be discarded. The sequence number fulfills the same roles as
the "Destination Sequence Number" of DSDV
, and the AODV Sequence Number in
. The sequence numbers from two
different routers are not comparable; route discovery messages
with sequence numbers belonging to two different routers cannot be
compared to determine temporal ordering.
Each AODVv2 router in the network MUST maintain its own sequence
number. All RREQ and RREP messages created by an AODVv2 router
include the router's sequence number, reported as a 16-bit
unsigned integer. Each AODVv2 router MUST ensure that its sequence
number is strictly increasing, and that it is incremented by one
(1) whenever an RREQ or RREP is created, except when the sequence
number is 65,535 (the maximum value of a 16-bit unsigned integer),
in which case it MUST be reset to one (1) to achieve wrap around.
The value zero (0) is reserved to indicate that the router's
sequence number is unknown.
An AODVv2 router MUST use its sequence number only on behalf of
its configured Router Clients; route messages forwarded by other
routers retain the originator's sequence number.
To determine if newly received information is stale and therefore
redundant compared to other information originated by the same
router, the sequence number attached to the information is
compared to the sequence number of existing information about the
same route. The comparison is carried out by subtracting the
existing sequence number from the newly received sequence number,
using unsigned arithmetic. The result of the subtraction is to be
interpreted as a signed 16-bit integer.
If the result is negative, the newly received information is
considered older than the existing information and therefore
stale and redundant and MUST therefore be discarded.
If the result is positive, the newly received information is
newer than the existing information and is not considered
stale or redundant and MUST therefore be processed.
If the result is zero, the newly received information is not
considered stale, and therefore MUST be processed further in
case the new information offers a better route (see
and
).
Along with the algorithm in ,
maintaining temporal ordering ensures loop freedom.
An AODVv2 router SHOULD maintain its sequence number in persistent
storage. On routers unable to store persistent AODVv2 state,
recovery can impose a performance penalty (e.g., in case of AODVv2
router reboot), since if a router loses its sequence number, there
is a delay (by default, on the order of minutes) before the router
can resume full operations. If the sequence number is lost, the
router MUST follow the procedure in
to safely resume routing operations with a new sequence number.
All AODVv2 routers MUST maintain a Local Route Set, containing
information obtained from AODVv2 route messages. The Local Route
Set may be considered to be stored separately from the forwarding
plane's routing table (referred to as Routing Information Base
(RIB)), which may be updated by other routing protocols operating
on the AODVv2 router as well. The Routing Information Base is
updated using information from the Local Route Set. Alternatively,
if the information specified below can be added to RIB entries,
implementations MAY choose to modify the Routing Information Base
directly instead of maintaining a dedicated Local Route Set. In
this case, since the route table entry is accessed whenever a
packet uses the route, the LastUsed (see below) field can be
tested to determine the state of the route, including whether or
not the route has timed out. For example, if CurrentTime is less
than LocalRoute.LastUsed + ACTIVE_INTERVAL + MAX_IDLETIME, a valid
route can still be used to forward the packet. Otherwise, the
route has timed out, and the state of the route MUST be changed to
be Invalid. When this method of managing route timeouts can be
used, AODVv2 does not otherwise require the implementation to
maintain a timer interrupt. This may be considered an
"on-demand" method for managing route timeouts.
Routes obtained from AODVv2 route messages are referred to in this
document as LocalRoutes, and MUST contain the following
information:
An address, which, when combined with
LocalRoute.PrefixLength, describes the set of destination
addresses for which this route enables forwarding.
The prefix length, in bits, associated with
LocalRoute.Address.
The sequence number associated with
LocalRoute.Address, obtained from the last route message
that successfully updated this entry.
The source IP address of the IP packet containing
the AODVv2 message advertising the route to
LocalRoute.Address, i.e., an IP address of the AODVv2 router
used for the next hop on the path toward LocalRoute.Address.
The interface used to send IP packets toward
LocalRoute.Address.
If this route is installed in the Routing
Information Base, the time it was last used to forward an IP
packet. If not, the time at which the LocalRoute was
created.
The time LocalRoute.SeqNum was last updated.
The type of metric associated with this route. See
for information about
AODVv2's handling of multiple metric types.
The cost of the route toward LocalRoute.Address
expressed in units consistent with LocalRoute.MetricType.
A list of upstream neighbors using the route (see
).
If nonzero, the IP address of the router that
originated the Sequence Number for this route.
The last known state (Unconfirmed, Idle, Active, or
Invalid) of the route.
There are four possible states for a LocalRoute:
A route obtained from a Route Request message,
which has not yet been confirmed as bidirectional. It MUST
NOT be stored in the RIB to forward general data-plane
traffic, but it can be used to transmit RREP packets along
with a request for bidirectional link verification. An
Unconfirmed route is not otherwise considered a valid route.
This state is only used for routes obtained through RREQ
messages.
A route that has been confirmed to be
bidirectional, but has not been used in the last
ACTIVE_INTERVAL. It can be used for forwarding IP packets,
and therefore it is considered a valid route.
A valid route that has been used for forwarding IP
packets during the last ACTIVE_INTERVAL.
A route that has expired or has broken. It MUST NOT
be used for forwarding IP packets. Invalid routes contain
the destination's sequence number, which may be useful when
assessing freshness of incoming routing information.
If the Local Route Set is stored separately from the RIB, then
routes are added to the RIB when LocalRoute.State becomes Active,
and removed from the RIB when LocalRoute.State becomes Invalid.
Changes to LocalRoute state are detailed in
.
Multicast RREQ messages SHOULD be tested for redundancy to avoid
unnecessary processing and forwarding.
The Multicast Message Set is a conceptual set which contains
information about previously received multicast messages, so that
incoming messages can be compared with previously received
messages to determine if the incoming information is redundant or
stale, so that the router can avoid sending redundant control
traffic.
Multicast Message Set entries contain the following information:
The prefix associated with OrigAddr, the source
address of the IP packet triggering the RREQ.
The prefix length associated with McMsg.OrigPrefix,
from the Router Client Set entry on RREQ_Gen which includes
OrigAddr.
The prefix associated with TargAddr, the
destination address of the IP packet triggering the route
request. In an RREQ this MUST be set to TargAddr.
The sequence number associated with the route to
OrigPrefix, if RteMsg is an RREQ.
The sequence number associated with the route to
TargPrefix.
The metric type of the route requested.
The metric value received in the RteMsg.
The last time this Multicast Message Set entry was
updated.
The time at which this entry MUST be removed from
the Multicast Route Message Set.
The interface on which the message was received.
If nonzero, the IP address of the router that
originated the Sequence Number for this route.
The Multicast Message Set is maintained so that no two entries
have the same OrigPrefix, OrigPrefixLen, TargPrefix, and
MetricType. See for details about
updating this set.
Each RERR message sent because no route exists for packet
forwarding SHOULD be recorded in a conceptual set called the Route
Error (RERR) Set. Each entry contains the following information:
The time after which the entry SHOULD be deleted.
The UnreachableAddress reported in the AddressList
of the RERR.
The PktSource of the RERR (see
).
See for instructions on how
to update the set.
Metrics measure a cost or quality associated with a route or a link,
e.g., latency, delay, financial cost, energy, etc. Metric values are
reported in Route Request and Route Reply messages.
In Route Request messages, the metric describes the cost of the
route from OrigPrefix to the router transmitting the Route Request.
For RREQ_Gen, this is the cost associated with the Router Client Set
entry which includes OrigAddr. For routers which forward the RREQ,
this is the cost from OrigPrefix to the forwarding router, combining
the metric value from the received RREQ message with knowledge of
the link cost from the sender to the receiver, i.e., the incoming
link cost. This updated route cost is included when forwarding the
Route Request message, and used to install a route to OrigPrefix.
Similarly, in Route Reply messages, the metric reflects the cost of
the route from TargPrefix to the router transmitting the Route
Reply. For RREP_Gen, this is the cost associated with the Router
Client Set entry which includes TargAddr. For routers which forward
the RREP, this is the cost from TargPrefix to the forwarding router,
combining the metric value from the received RREP message with
knowledge of the link cost from the sender to the receiver, i.e.,
the incoming link cost. This updated route cost is included when
forwarding the Route Reply message, and used to install a route to
TargPrefix.
When link metrics are symmetric, the cost of the routes installed in
the Local Route Set at each router will be correct. This assumption
is often inexact, but calculating incoming/outgoing metric data is
outside of scope of this document. The route discovered is good for
the requesting router, but the return path may not be the optimal
route.
AODVv2 enables the use of multiple metric types. Each route
discovery attempt indicates the metric type which is requested for
the route. Multiple valid routes may exist in the Local Route Set
for the same address and prefix length but for different metric
types. More than one route to a particular address and prefix length
MUST NOT exist in the Routing Information Base unless each packet
can be inspected to determine which route in the RIB has the proper
metric type as required for that packet. Otherwise, only one route
at a time to a particular address and prefix length may exist in the
RIB. The algorithm used to inspect the packet and make the
determination about which the routes should be installed in the
Routing Information Base is outside the scope of AODVv2.
For each MetricType, AODVv2 requires:
A MetricType number, to indicate the metric type of a route.
Currently allocated MetricType numbers are listed in
.
A maximum value, denoted MAX_METRIC[MetricType]. This MUST
always be the maximum expressible metric value of type
MetricType. Field lengths associated with metric values are
found in . If the cost
of a route exceeds MAX_METRIC[MetricType], the route cannot be
stored and is ignored.
A function for incoming link cost, denoted Cost(L). Using
incoming link costs means that the route obtained has a metric
accurate for the direction back towards the originating router.
A function for route cost, denoted Cost(R).
A function to analyze routes for potential loops based on metric
information, denoted LoopFree(R1, R2). LoopFree verifies that a
route R2 is not a sub-section of another route R1. An AODVv2
router invokes LoopFree() as part of the process in
, when an advertised route (R1) and
an existing LocalRoute (R2) have the same destination address,
metric type, and sequence number. LoopFree returns FALSE to
indicate that an advertised route is not to be used to update a
stored LocalRoute, as it may cause a routing loop. In the case
where the existing LocalRoute is Invalid, it is possible that
the advertised route includes the existing LocalRoute and came
from a router which did not yet receive notification of the
route becoming Invalid, so the advertised route should not be
used to update the Local Route Set, in case it forms a loop to a
broken route.
AODVv2 currently supports cost metrics where Cost(R) is strictly
increasing, by defining:
Cost(R) := Sum of Cost(L) of each link in the route
LoopFree(R1, R2) := ( Cost(R1) <= Cost(R2) )
Implementers MAY consider metric types that are not strictly
increasing, but the definitions of Cost and LoopFree functions for
such types are undefined, and interoperability issues need to be
considered.
AODVv2 protocol operations include:
managing sequence numbers,
monitoring next hop AODVv2 routers on discovered routes and
updating the Neighbor Set,
performing route discovery and dealing with requests from other
routers,
processing incoming route information and updating the Local
Route Set,
updating the Multicast Message Set and suppressing redundant
messages, and
reporting broken routes.
These processes are discussed in detail in the following sections.
When an AODVv2 router does not have information about its previous
sequence number, or if its sequence number is lost at any point,
the router reinitializes its sequence number to one (1). However,
other AODVv2 routers may still hold sequence number information
that this router previously issued. Since sequence number
information is removed if there has been no update to the sequence
number in MAX_SEQNUM_LIFETIME, the re-initializing router MUST
wait for MAX_SEQNUM_LIFETIME before it creates any messages
containing its new sequence number. Nevertheless, the
re-initializing router can still participate in creating routes as
an intermediate router.
During this wait period, the router is permitted to do the
following:
Process information in a received RREQ or RREP message to
obtain a route to the originator or target of that route
discovery
Forward a received RREQ or RREP
Send an RREP_Ack
Maintain valid routes in the Local Route Set
Create, process and forward RERR messages
To ensure AODVv2 routers do not establish routes over
uni-directional links, AODVv2 routers MUST verify that the link to
the next hop router is bidirectional before marking a route as
valid in the Local Route Set.
AODVv2 provides a mechanism for testing bidirectional connectivity
during route discovery, and blacklisting routers where
bidirectional connectivity is not available. AODVv2 treats
blacklisted routers as ineligible to be receivers of RREPs; then,
a route through a different neighbor might be discovered. A route
is not to be used for forwarding until the link to the next hop is
confirmed to be bidirectional. AODVv2 routers do not need to
monitor bidirectionality of links to neighboring routers which are
not used as next hops on routes in the Local Route Set.
Bidirectional connectivity to upstream routers can be tested
by requesting acknowledgement of RREP messages, i.e., by
including an AckReq element to indicate that an
acknowledgement is requested. This MUST be answered by sending
an RREP_Ack in response. Receipt of an RREP_Ack within
RREP_Ack_SENT_TIMEOUT demonstrates that bidirectional
connectivity exists. Otherwise, the link is considered to be
unidirectional. All AODVv2 routers MUST support this process,
which is explained in .
Receipt of an RREP message containing the route to TargAddr
confirms bidirectionality to the downstream router, since an
RREP message is a reply to an RREQ message which previously
crossed the link in the opposite direction.
To assist with next hop monitoring, a Neighbor Set
() is maintained. When an RREQ or
RREP is received, an AODVv2 router searches for an entry in the
Neighbor Set where all of the following conditions are met:
Neighbor.IPAddress == IP address from which the RREQ or RREP
was received
Neighbor.Interface == Interface on which the RREQ or RREP was
received.
If no such entry exists, a new entry is created as described in
. While the value of
Neighbor.State is HEARD, acknowledgement of RREP messages sent to
that neighbor MUST be requested. If an acknowledgement is
requested but not received within the timeout period,
Neighbor.State for that neighbor MUST be set to BLACKLISTED. If an
acknowledgement is received within the timeout period,
Neighbor.State is set to CONFIRMED. When the value of
Neighbor.State is CONFIRMED, the request for an acknowledgement of
any other RREP message is unnecessary. AODVv2 does not require
periodic or continuous recertification of bidirectionality.
There are many external mechanisms that can provide indications of
connectivity. Among them are the following:
MAC layer protocol assuring bidirectional links (for example,
)
Route timeout (see )
Lower layer triggers indicating message reception or change in
link status (see, for example,
)
Listening for AODVv2 messages from neighbors even when
destined to another IP address
Receipt of a Neighborhood Discovery Protocol HELLO message
with the receiving router listed as a neighbor
TCP timeouts (although TCP
takes a while to signal failure)
If the MAC layer, or such an external process as listed above,
signals that the link to a neighbor is bidirectional, the AODVv2
router MAY update the matching Neighbor Set entry by changing the
value of Neighbor.State to CONFIRMED. If an external process
signals that a link is not bidirectional, then the value of
Neighbor.State MAY be changed to BLACKLISTED.
On receipt of an RREQ or RREP message, the Neighbor Set MUST be
checked for an entry with Neighbor.IPAddress which matches the
source IP address of a packet containing the AODVv2 message. If no
matching entry is found, a new entry is created.
A new Neighbor Set entry is created as follows:
Neighbor.IPAddress := Source IP address of the received route
message
Neighbor.State := HEARD
Neighbor.Timeout := INFINITY_TIME
Neighbor.Interface := the interface on which the RREQ or RREP
was received.
Neighbor.AckSeqNum := a random value
Neighbor.HeardRERRSeqNum := 0
(see ).
When an RREP_Ack request is sent to a neighbor, the Neighbor Set
entry is updated as follows:
Neighbor.Timeout := CurrentTime + RREP_Ack_SENT_TIMEOUT
When a received message is one of the following:
an RREP which answers an RREQ sent within RREQ_WAIT_TIME over
the same interface as Neighbor.Interface
an RREP_Ack response received from a Neighbor with
Neighbor.State set to HEARD, where Neighbor.Timeout >
CurrentTime
then the link to the neighbor is bidirectional and the Neighbor
Set entry is updated as follows:
Neighbor.State := CONFIRMED
Neighbor.Timeout := INFINITY_TIME
If the Neighbor.Timeout is reached and Neighbor.State is HEARD,
then an RREP_Ack response has not been received from the neighbor
within RREP_Ack_SENT_TIMEOUT of sending the RREP_Ack request. The
link is considered to be uni-directional and the Neighbor Set
entry is updated as follows:
Neighbor.State := BLACKLISTED
Neighbor.Timeout := CurrentTime + MAX_BLACKLIST_TIME
When the Neighbor.Timeout is reached and Neighbor.State is
BLACKLISTED, the Neighbor Set entry is updated as follows:
Neighbor.State := HEARD
Neighbor.Timeout := INFINITY_TIME
If an external mechanism reports a link as broken, the Neighbor
Set entry MUST be removed.
Route requests (RREQs) from neighbors with Neighbor.State set to
BLACKLISTED MUST be ignored, to avoid persistent IP packet loss or
protocol failures. Neighbor.Timeout allows the neighbor to again
be allowed to participate in route discoveries after
MAX_BLACKLIST_TIME, in case the link between the routers has
become bidirectional.
The signals described in the following are conceptual in nature,
and can be implemented in various ways. The following descriptions
of these signals and interactions are intended to assist
implementers who may find them useful. Implementations of AODVv2
do not have to implement the forwarding plane separately from the
control plane or data plane. By keeping track of success or
failure of packet forwarding, AODV can avoid unnecessary route
discovery operations, while still invalidating routes as early as
possible to avoid transmitting packets over failed routes.
AODVv2 makes use of the following signals:
A packet cannot be forwarded because a route is unavailable:
AODVv2 needs to know the source and destination IP addresses
of the packet. If the source of the packet is configured as a
Router Client, the router MUST initiate route discovery to the
destination. Otherwise, the router SHOULD create a Route Error
message.
A packet is to be forwarded: AODVv2 needs to check the state
of the entry in the Local Route Set to ensure that the route
is still valid.
Packet forwarding succeeds: AODVv2 needs to update the record
of when a route was last used to forward a packet, i.e.
LocalRoute.LastUsed := CurrentTime(see
).
Packet forwarding failure occurs: AODVv2 needs to create a
Route Error message.
AODVv2 sends signals to the conceptual forwarding plane when:
A route discovery is in progress: buffering might be
configured for packets requiring a route, while route
discovery is attempted (see
).
A route discovery failed: any buffered packets requiring that
route should be discarded, and the source of the packet SHOULD
be notified that the destination is unreachable (using an ICMP
Destination Unreachable message
). Route discovery fails if an
RREQ cannot be generated because the control message
generation limit has been reached (see
), or if an RREP is not
received within RREQ_WAIT_TIME (see
).
A route discovery succeeded: install a corresponding route
into the Routing Information Base and begin transmitting any
buffered packets.
A route has been made invalid: for the affected destination,
remove the corresponding next hop from the Routing Information
Base.
A route has been updated: update the corresponding route in
the Routing Information Base.
If routes with more than one metric type are available to a
destination, a way to identify the route that is allowable for
the metric type associated with forwarding the incoming
packet.
AODVv2 sends formatted messages
using the parameters for port number and IP protocol specified in
. Mapping of AODVv2 data to
messages is detailed in
. AODVv2 multicast messages are
sent to the link-local multicast address LL-MANET-Routers
. All AODVv2 routers MUST subscribe
to LL-MANET-Routers on all AODVv2 interfaces
to receive AODVv2 messages. Such
messages MAY be transmitted via unicast. For example, this may
occur for certain link-types (non-broadcast media), for manually
configured router adjacencies, or in order to improve robustness.
When multiple interfaces are available, an AODVv2 router
transmitting a multicast message to LL-MANET-Routers MUST send the
message on all interfaces that have been configured for AODVv2
operation, (see ).
To avoid congestion, each AODVv2 router's rate of message
generation SHOULD be administratively configurable and
rate-limited (CONTROL_TRAFFIC_LIMIT). Messages SHOULD NOT be sent
more frequently than one message per (1 / CONTROL_TRAFFIC_LIMIT)th
of a second. If this threshold is reached, messages MUST be sent
based on their priority:
Highest priority SHOULD be given to RREP_Ack messages. This
allows links between routers to be confirmed as bidirectional
and avoids undesired blacklisting of next hop routers.
Second priority SHOULD be given to RERR messages for
undeliverable IP packets. This avoids repeated forwarding of
packets over broken routes that are still in use by other
routers.
Third priority SHOULD be given to RREP messages in order that
RREQs do not time out.
Fourth priority SHOULD be given to RREQ messages.
Fifth priority SHOULD be given to RERR messages for newly
invalidated routes.
Lowest priority SHOULD be given to RERR messages generated in
response to RREP messages which cannot be forwarded. In this
case the route request will be retried at a later point.
To implement the congestion control, a queue length is set. If the
queue is full, in order to queue a new message, a message of lower
priority must be removed from the queue. If this is not possible,
the new message MUST be discarded. The queue should be sorted in
order of message priority
AODVv2's RREQ and RREP messages are used for route discovery. RREQ
messages are multicast to solicit an RREP, whereas RREP are
unicast. The constants used in this section are defined in
.
When an AODVv2 router needs to forward an IP packet (with source
address OrigAddr and destination address TargAddr) from one of its
Router Clients, it needs a route to TargAddr in its Routing
Information Base. If no route exists, the AODVv2 router (RREQ_Gen)
generates and multicasts a Route Request message (RREQ), on all
configured interfaces, containing information about the source and
destination. The procedure for this is described in
. Each generated RREQ results in
an increment to the router's sequence number. The AODVv2 router
generating an RREQ is referred to as RREQ_Gen.
Buffering might be configured for IP packets awaiting a route for
forwarding by RREQ_Gen, if sufficient memory is available.
Buffering of IP packets might have both positive and negative
effects. TCP connection establishment will benefit if packets are
queued while route discovery is performed
, but real-time traffic, voice,
and scheduled delivery may suffer if packets are buffered and
subjected to delays. Recommendations for appropriate buffer
methods are out of scope for this specification. Determining which
packets to discard first when the buffer is full is a matter of
policy. Using different (or no) buffer methods might affect
performance but does not affect interoperability.
RREQ_Gen awaits reception of a Route Reply message (RREP)
containing a route toward TargAddr. This can be achieved by
monitoring the entry in the Multicast Message Set that corresponds
to the generated RREQ. When CurrentTime exceeds McMsg.Timestamp +
RREQ_WAIT_TIME and no RREP has been received, RREQ_Gen will retry
the route discovery.
To reduce congestion in a network, repeated attempts at route
discovery for a particular target address utilize a binary
exponential backoff: for each additional attempt, the time to wait
for receipt of the RREP is multiplied by 2. If the requested route
is not discovered within the wait period, another RREQ is sent, up
to a total of DISCOVERY_ATTEMPTS_MAX. This is the same technique
used in AODV .
Through the use of bidirectional link monitoring and blacklists
(see ), uni-directional
links on an initially selected route will be ignored on subsequent
route discovery attempts.
After DISCOVERY_ATTEMPTS_MAX and the corresponding wait time for
an RREP response to the final RREQ, route discovery is considered
to have failed. If an attempted route discovery has failed,
RREQ_Gen SHOULD wait at least RREQ_HOLDDOWN_TIME before attempting
another route discovery to the same destination, in order to avoid
repeatedly generating control traffic that is unlikely to discover
a route. Any IP packets buffered for TargAddr are also dropped,
and a Destination Unreachable ICMP message (Type 3) with a code of
1 (Host Unreachable Error) MUST be sent to the source of the
packet so that the application knows about the failure.
If RREQ_Gen does receive a route message containing a route to
TargAddr within the timeout, it processes the message according to
. When a valid LocalRoute entry
is created in the Local Route Set, the route is also installed in
the Routing Information Base, and the router will begin sending
the buffered IP packets. Any retry timers for the corresponding
RREQ are then cancelled.
During route discovery, all routers on the path obtain a route to
both OrigPrefix and TargPrefix, so that routes are constructed in
both directions. The route is optimized for the forward route.
A Route Request (RREQ) contains a route to OrigPrefix, and a Route
Reply (RREP) contains a route to TargPrefix. Incoming information
is checked to verify that it offers an improvement to existing
information and that it would not create a routing loop, as
explained in . If these checks pass,
and if sufficient memory is available, refer to
for details about how to update
the Local Route Set.
RteMsg denotes the received route message (RREP or RREQ), AdvRte
denotes the route defined by the information within the RteMsg,
and LocalRoute denotes an existing entry in the Local Route Set
which matches the address, prefix length, metric type, and
SeqNoRtr of the AdvRte.
AdvRte contains the following information extracted from the
RteMsg:
AdvRte.Address := RteMsg.OrigPrefix (in RREQ) or
RteMsg.TargPrefix (in RREP)
AdvRte.PrefixLength := RteMsg.OrigPrefixLen (in RREQ) or
RteMsg.TargPrefixLen (in RREP). If no prefix length was
included in RteMsg, prefix length is the address length, in
bits, of RteMsg.OrigPrefix (in RREQ) or RteMsg.TargPrefix (in
RREP)
AdvRte.SeqNum := RteMsg.OrigSeqNum (in RREQ) or
RteMsg.TargSeqNum (in RREP)
AdvRte.NextHop := the IP source address of the RteMsg (an
address of the sending interface of the router from which the
RteMsg was received)
AdvRte.MetricType := RteMsg.MetricType
AdvRte.Metric := RteMsg.Metric
AdvRte.Cost := Cost(R) using the cost function associated with
the route's metric type. For cost metrics as described in
, Cost(R) = AdvRte.Metric +
Cost(L), where L is the link from the advertising router
AdvRte.SeqNoRtr := the IP address in the AddressList of type
SeqNoRtr if one exists, otherwise 0
An incoming advertised route (AdvRte) is compared to existing
LocalRoutes to determine whether the advertised route is to be
used to update the AODVv2 Local Route Set. The incoming route
information MUST be processed as follows:
Search for LocalRoutes in the Local Route Set matching
AdvRte's Address, PrefixLength, MetricType, and SeqNoRtr
(the AODVv2 router address corresponding to the sequence
number).
If no matching LocalRoute exists, AdvRte MUST be used to
update the Local Route Set and no further checks are
required.
If matching LocalRoutes are found, continue to the next
step.
Compare sequence numbers using the technique described in
If AdvRte is more recent than all matching LocalRoutes,
AdvRte MUST be used to update the Local Route Set and no
further checks are required.
If AdvRte is stale, AdvRte MUST NOT be used to update
the Local Route Set. Ignore AdvRte for further
processing.
If the sequence numbers are equal, continue to the next
step.
Test AdvRte against all matching LocalRoutes to ensure that
a routing loop is not created (see
).
If LoopFree(AdvRte, LocalRoute) returns FALSE, ignore
AdvRte for further processing. AdvRte MUST NOT be used
to update the Local Route Set because using the incoming
information might cause a routing loop.
If LoopFree(AdvRte, LocalRoute) returns TRUE, continue
to the next step.
Compare route costs
If AdvRte is better than all matching LocalRoutes, it
MUST be used to update the Local Route Set because it
offers improvement.
If AdvRte is equal in cost and LocalRoute is valid,
AdvRte SHOULD NOT be used to update the Local Route Set
because it will offer no improvement.
If AdvRte is worse and LocalRoute is valid, ignore
AdvRte for further processing. AdvRte MUST NOT be used
to update the Local Route Set because it does not offer
any improvement.
If AdvRte is not better (i.e., it is worse or equal) but
LocalRoute is Invalid, AdvRte SHOULD be used to update
the Local Route Set because it can safely repair the
existing Invalid LocalRoute.
If the advertised route is to be used to update the Local Route
Set, the procedure in MUST be
followed. If not, non-optimal routes will remain in the Local
Route Set.
For information on how to apply these changes to the Routing
Information Base, see .
After determining that AdvRte is to be used to update the Local
Route Set (as described in ), the
following procedure applies.
If AdvRte is obtained from an RREQ message, the link to the next
hop neighbor may not be confirmed as bidirectional (see
). If there is no existing
matching route in the Local Route Set, AdvRte MUST be installed
to allow a corresponding RREP to be sent. If a matching entry
already exists, and the link to the neighbor can be confirmed as
bidirectional, AdvRte offers potential improvement.
The route update is applied as follows:
If no existing entry in the Local Route Set matches AdvRte's
address, prefix length, metric type and SeqNoRtr, continue
to Step 4 and create a new entry in the Local Route Set.
If two matching LocalRoutes exist in the Local Route Set,
one is a valid route, and one is an Unconfirmed route,
AdvRte may offer further improvement to the Unconfirmed
route, or may offer an update to the valid route.
If AdvRte.NextHop's Neighbor.State is HEARD, the
advertised route may offer improvement to the existing
valid route, if the link to the next hop can be
confirmed as bidirectional. Continue processing from
Step 5 to update the existing Unconfirmed LocalRoute.
If AdvRte.NextHop's Neighbor.State is CONFIRMED, the
advertised route offers an update or improvement to the
existing valid route. Continue processing from Step 5 to
update the existing valid LocalRoute.
If only one matching LocalRoute exists in the Local Route
Set:
If AdvRte.NextHop's Neighbor.State is CONFIRMED,
continue processing from Step 5 to update the existing
LocalRoute.
If AdvRte.NextHop's Neighbor.State is HEARD, AdvRte may
offer improvement the existing LocalRoute, if the link
to AdvRte.NextHop can be confirmed as bidirectional.
If LocalRoute.State is Unconfirmed, AdvRte is an
improvement to an existing Unconfirmed route. Continue
processing from Step 5 to update the existing
LocalRoute.
If LocalRoute.State is Invalid, AdvRte can replace the
existing LocalRoute. Continue processing from Step 5 to
update the existing LocalRoute.
If LocalRoute.State is Active or Idle, AdvRte SHOULD be
stored as an additional entry in the Local Route Set,
with LocalRoute.State set to Unconfirmed. Continue
processing from Step 4 to create a new LocalRoute.
Create an entry in the Local Route Set and initialize as
follows:
LocalRoute.Address := AdvRte.Address
LocalRoute.PrefixLength := AdvRte.PrefixLength
LocalRoute.MetricType := AdvRte.MetricType
Update the LocalRoute as follows:
LocalRoute.SeqNum := AdvRte.SeqNum
LocalRoute.NextHop := AdvRte.NextHop
LocalRoute.NextHopInterface := interface on which RteMsg
was received
LocalRoute.Metric := AdvRte.Cost
LocalRoute.LastUsed := CurrentTime
LocalRoute.LastSeqNumUpdate := CurrentTime
LocalRoute.SeqNoRtr := AdvRte.SeqNoRtr
If a new LocalRoute was created, or if the existing
LocalRoute.State is Invalid or Unconfirmed, update
LocalRoute as follows:
LocalRoute.State := Unconfirmed (if the next hop's
Neighbor.State is HEARD)
LocalRoute.State := Idle (if the next hop's
Neighbor.State is CONFIRMED)
If an existing LocalRoute.State changed from Invalid or
Unconfirmed to become Idle, any matching Unconfirmed
LocalRoute with worse metric value SHOULD be expunged.
If an existing LocalRoute was updated with a better metric
value, any matching Unconfirmed LocalRoute with worse metric
value SHOULD be expunged.
If this update results in LocalRoute.State of Active or
Idle, which matches a route request which is still in
progress, the associated route request retry timers MUST be
cancelled.
If this update to the Local Route Set results in two LocalRoutes
to the same address, the best LocalRoute will be Unconfirmed. In
order to improve the route used for forwarding, the router
SHOULD try to determine if the link to the next hop of that
LocalRoute is bidirectional, by using that LocalRoute to forward
future RREPs and request acknowledgements (see
and
.
When route messages are flooded in a MANET, an AODVv2 router may
receive several instances of the same message. Forwarding every
one of these would provide little additional benefit, while
generating unnecessary signaling traffic and consequently
additional interference. There have been a number of variations of
AODV (e.g., ), that
have specified multicast for flooding RREP messages as well as
RREQ messages. Since, in this document, suppression techniques are
only needed for RREQ messages, multicast RREP messages are not
considered. However, the technique involved is almost identical,
and can be handled by substituting "RteMsg" instead of
RREQ in the following text.
Each AODVv2 router stores information about recently received RREQ
messages in the AODVv2 Multicast Message Set
().
In this section, an entry in the Multicast Message Set will be
called a "multicast entry" for short. Each multicast
entry SHOULD be maintained for at least RteMsg_ENTRY_TIME after
the last Timestamp update in order to account for long-lived RREQs
traversing the network. An entry MUST be deleted when the sequence
number is no longer valid, i.e., after MAX_SEQNUM_LIFETIME.
Memory-constrained devices MAY remove the entry before this time.
Received RREQs are tested against multicast entries containing
information about previously received RREQs. A multicast entry is
considered to be compatible with a received RREQ, or another
multicast entry, if they both contain the same OrigPrefix,
OrigPrefixLen, TargPrefix, and MetricType. A multicast entry is
considered to be comparable with a received RREQ, or another
multicast entry, if they are compatible and if, in addition, they
both have the same SeqNoRtr. These terms will be used in the
following algorithm determining how to process a received RREQ,
and whether or not the RREQ is redundant.
If the received message is determined to be redundant, no
forwarding or response to the message is needed. A message is
considered to be redundant if either (a) a comparable newer (as
determined by the OrigSeqNum) entry has already been received with
information about the source and destination addresses of the
route discovery operation or (b) it cannot be determined whether
the message is newer compared to existing entries, but the
received message metric value is not any better than metric values
in compatible multicast entries.
To use the received RREQ to update the Multicast Message Set, and
to determine whether or not the received RREQ requires additional
processing as specified in ,
perform the following steps:
First, search for a comparable multicast entry. If there is no
such entry, then create a new entry as follows:
McMsg.OrigPrefix := OrigPrefix from the RREQ
McMsg.OrigPrefixLen := the prefix length associated with
OrigPrefix
McMsg.TargPrefix := TargPrefix from the message
McMsg.SeqNoRtr := the SeqNoRtr associated with RREQ if
present, otherwise the sequence number associated with
OrigPrefix
McMsg.OrigSeqNum := the sequence number associated with
OrigPrefix
McMsg.Metric := the metric value associated with
OrigPrefix in the received RREQ
McMsg.MetricType := the metric type associated with
McMsg.Metric
McMsg.Interface := the network interface on which the RREQ
was received.
McMsg.Timestamp := CurrentTime
McMsg.RemovalTime := CurrentTime + MAX_SEQNUM_LIFETIME
Otherwise, if there is a comparable multicast entry, first
update the timing information:
McMsg.Timestamp := CurrentTime
McMsg.RemovalTime := CurrentTime + MAX_SEQNUM_LIFETIME
Then compare sequence numbers using the technique described in
:
If the multicast entry is newer compared to the received
RREQ, drop the RREQ and discontinue processing.
Otherwise, if the sequence numbers are the same, and the
metric value for the multicast entry is no worse than the
metric value in the received RREQ, drop the RREQ and
discontinue processing.
Otherwise the RREQ is newer than the multicast entry or has a
better metric. Continue as follows:
McMsg.OrigSeqNum := the sequence number associated with
OrigPrefix
McMsg.Metric := the metric value associated with
OrigPrefix in the received RREQ
Compare the metric values for any other compatible entries
with the updated multicast entry containing the information
from the received RREQ. If any other compatible entry has a
metric as good or better than that from the received RREQ,
then drop the RREQ and discontinue processing.
If processing for the RREQ has not been discontinued according to
the above instructions, then continue processing the message as
specified in .
In order to avoid flooding the network with RERR messages when a
stream of IP packets to an unreachable address arrives, an AODVv2
router SHOULD avoid creating duplicate messages by determining
whether an equivalent RERR has recently been sent. This is
achieved with the help of the Route Error Set (see
).
To determine if a RERR should be created:
Search for an entry in the Route Error Set where:
RerrMsg.UnreachableAddress == UnreachableAddress to be
reported
RerrMsg.PktSource == PktSource to be included in the RERR
If a matching entry is found, no further processing is
required and the RERR SHOULD NOT be sent.
If no matching entry is found, a new entry with the following
properties is created, and the RERR is created and sent as
described in :
RerrMsg.Timeout := CurrentTime + RERR_TIMEOUT
RerrMsg.UnreachableAddress == UnreachableAddress to be
reported
RerrMsg.PktSource == PktSource to be included in the RERR.
Route maintenance involves the following operations:
monitoring LocalRoutes in the Local Route Set,
updating LocalRoute.State to handle route timeouts,
(for possibly unidirectional links) confirming a route to
OrigAddr,
reporting routes that become Invalid.
During normal operation, AODVv2 does not require explicit
timeouts to manage the lifetime of a valid route. At any time,
any LocalRoute MAY be examined and updated according to the
rules below. In case a Routing Information Base is used for
forwarding, the corresponding RIB entry MUST be updated as soon
as the state of a LocalRoute.State changes. Otherwise, if timers
are not used to prompt updates of LocalRoute.State, the
LocalRoute.State MUST be checked before IP packet forwarding and
before any operation based on LocalRoute.State.
Route timeout behaviour is as follows:
An Unconfirmed route MUST be expunged at MAX_SEQNUM_LIFETIME
after LocalRoute.LastSeqNumUpdate.
An Idle route MUST be marked as Active when used to forward
an IP packet.
If an Idle route is not used to forward an IP packet within
MAX_IDLETIME, LocalRoute.State MUST be set to Invalid.
An Invalid route SHOULD remain in the Local Route Set, since
LocalRoute.SeqNum is used to classify future information
about LocalRoute.Address as stale or fresh.
In all cases, if the time since LocalRoute.LastSeqNumUpdate
exceeds MAX_SEQNUM_LIFETIME, LocalRoute.SeqNum must be set
to 0. This is required so that any AODVv2 routers following
the re-initialization procedure (see
) can safely begin routing
functions using a new sequence number. A LocalRoute with
LocalRoute.State set to Active or Idle can remain in the
Local Route Set after the sequence number has been set to 0,
for example if the route is reliably carrying traffic. If
LocalRoute.State is Invalid, or later becomes Invalid, the
LocalRoute MUST be expunged from the Local Route Set.
LocalRoutes can become Invalid before a timeout occurs, as
follows:
If an external mechanism reports a link as broken, all
LocalRoutes using that link for LocalRoute.NextHop MUST
immediately have LocalRoute.State set to Invalid.
LocalRoute.State MUST immediately be set to Invalid if a
Route Error (RERR) message is received where:
The sender is LocalRoute.NextHop, or PktSource is a
Router Client address
There is an Address in AddressList which matches
LocalRoute.Address, and:
The prefix length associated with this Address, if
any, matches LocalRoute.PrefixLength
The sequence number associated with this Address, if
any, is newer or equal to LocalRoute.SeqNum (see
)
The metric type associated with this Address matches
LocalRoute.MetricType
A LocalRoute can be confirmed by inferring connectivity to
OrigAddr.
When an AODVv2 router sends an RREP to OrigAddr for
destination TargAddr, and subsequently the AODVv2 router
receives a packet from OrigAddr with destination TargAddr,
the AODVv2 router infers that the route to OrigAddr has been
confirmed. The corresponding state for LocalRoute.OrigAddr
is changed to Active.
LocalRoutes are updated when Neighbor.State is updated:
While the value of Neighbor.State is set to HEARD, any
routes in the Local Route Set using that neighbor as a next
hop MUST have LocalRoute.State set to Unconfirmed.
When the value of Neighbor.State is set to BLACKLISTED, any
valid routes in the Local Route Set using that neighbor for
their next hop MUST have LocalRoute.State set to Invalid.
When a Neighbor Set entry is removed, all routes in the
Local Route Set using that neighbor as next hop MUST have
LocalRoute.State set to Invalid.
Memory constrained devices MAY choose to expunge routes from the
AODVv2 Local Route Set at other times, but MUST adhere to the
following rules:
An Active route MUST NOT be expunged, as it is in use. If
deleted, IP traffic forwarded to this router would prompt
generation of a Route Error message, necessitating a Route
Request to be generated by the originator's router to
re-establish the route.
An Idle route SHOULD NOT be expunged, as it is still valid
for forwarding IP traffic. If deleted, this could result in
dropped IP packets and a Route Request could be multicasted
to re-establish the route.
Any Invalid route MAY be expunged. Least recently used
Invalid routes SHOULD be expunged first, since the sequence
number information is less likely to be useful.
An Unconfirmed route MUST NOT be expunged if it was
installed within the last RREQ_WAIT_TIME, because it may
correspond to a route discovery in progress. A Route Reply
message might be received which needs to use the
LocalRoute.NextHop information. Otherwise, it MAY be
expunged.
When LocalRoute.State changes from Active to Invalid as a result
of a broken link or a received Route Error (RERR) message, other
AODVv2 routers MUST be informed by sending an RERR message
containing details of the invalidated route.
An RERR message MUST also be sent when an AODVv2 router receives
an RREP message to forward, but the LocalRoute to the OrigAddr
in the RREP is not available or is marked as Invalid.
A packet or message triggering the RERR MUST be discarded.
Generation of an RERR message is described in
.
AODVv2 defines four message types: Route Request (RREQ), Route Reply
(RREP), Route Reply Acknowledgement (RREP_Ack), and Route Error
(RERR).
Each AODVv2 message is defined as a set of data. Rules for the
generation, reception and forwarding of each message type are
described in the following sections.
discusses how the data is mapped
to Message TLVs, Address Blocks, and
Address TLVs.
Route Request messages are used in route discovery operations to
request a route to a specified target address. RREQ messages have
the following contents:
The remaining number of hops allowed for
dissemination of the RREQ message.
Contains:
OrigPrefix, from the Router Client Set entry which
includes OrigAddr, the source address of the IP packet
for which a route is requested,
TargPrefix, set to TargAddr, the destination address of
the IP packet for which a route is requested, and
Optionally, if RouterClient.SeqNoRtr is true, the IP
address of OrigRtr -- i.e., the router that originated
the Sequence Number for this RREQ.
Contains OrigPrefixLen, i.e., the length, in bits,
of the prefix associated with the Router Client Set entry
which includes OrigAddr. If omitted, the prefix length is
equal to OrigAddr's address length in bits.
The sequence number associated with OrigPrefix.
A sequence number associated with an existing
Invalid route to TargAddr. This MAY be included if
available.
The metric type associated with OrigMetric.
The metric value associated with the route to
OrigPrefix, as determined by the sender of the message.
An RREQ is generated to discover a route when an IP packet needs
to be forwarded for a Router Client, and no valid route
currently exists for the packet's destination in the Routing
Information Base.
If the limit for the rate of AODVv2 control message generation
has been reached, no message SHOULD be generated
. Before creating an RREQ, the
router SHOULD check the Multicast Message Set to see if a
compatible RREQ has already been sent for the requested
destination. If so, and the wait time for a reply has not yet
been reached, the router SHOULD continue to await a response
without generating a new RREQ. If the timeout has been reached,
a new RREQ MAY be generated. If buffering is configured,
incoming IP packets awaiting this route SHOULD be buffered until
the route discovery is completed.
To generate the RREQ, the router (referred to as RREQ_Gen)
follows this procedure:
Set msg_hop_limit := MAX_HOPCOUNT
Set AddressList := {OrigPrefix, TargPrefix}
For the PrefixLengthList:
If OrigAddr is part of an address range configured as a
Router Client, set PrefixLengthList :=
{RouterClient.PrefixLength, null}.
Otherwise, omit PrefixLengthList.
If RouterClient.SeqNoRtr is nonzero, then add the
router's own IP address to AddressList, with AddressType
SeqNoRtr.
For OrigSeqNum:
Increment the router Sequence Number as specified in
.
Set OrigSeqNum := router Sequence Number.
For TargSeqNum:
If an Invalid route exists in the Local Route Set
matching TargAddr using longest prefix matching and has
a valid sequence number, set TargSeqNum :=
LocalRoute.SeqNum.
If no Invalid route exists in the Local Route Set
matching TargAddr, or the route doesn't have a sequence
number, omit TargSeqNum.
Include MetricType and set the type accordingly
Find the Router Client Set entry where
RouterClient.IPAddress == OrigPrefix:
Set OrigMetric := RouterClient.Cost
This AODVv2 message is used to create a corresponding
message (see
) which is handed to the
RFC5444 multiplexer for further processing. By default, the
multiplexer is instructed to multicast RREQ messages to
LL-MANET-Routers on all interfaces configured for AODVv2
operation.
Upon receiving a Route Request, an AODVv2 router performs the
following steps:
Check and update the Neighbor Set according to
If the sender has Neighbor.State set to BLACKLISTED,
ignore this RREQ for further processing.
Verify that the message contains the required data:
msg_hop_limit, OrigPrefix, TargPrefix, OrigSeqNum, and
OrigMetric, and that OrigPrefix and TargPrefix are valid
address prefixes
If not, ignore this RREQ for further processing.
Check that the MetricType is supported and configured for
use
If so, continue to the next numbered step.
Otherwise, if the TargPrefix matches an entry in the
Router Client Set, send an ICMP Destination Unreachable
message to the source with Code value set to
"Metric Type Mismatch" (see
).
Ignore this RREQ for further processing.
Determine whether the cost of the advertised route will
exceed the maximum allowed metric value for the metric type
(Metric <= MAX_METRIC[MetricType] - Cost(L))
If it will, ignore this RREQ for further processing.
Process the route to OrigPrefix as specified in
Determine whether or not the information in the message is
redundant, by following the procedure in
; if redundant, ignore this
RREQ for further processing.
Check if the TargPrefix matches an entry in the Router
Client Set
If so, generate an RREP as specified in
.
If not, continue to RREQ forwarding
.
Forwarding or responding to a RteMsg provides up-to-date
information and improved metrics to other routers. If a RteMsg
is not forwarded, routes needed by applications may not be
discovered.
By forwarding an RREQ, a router advertises that it will forward
IP packets to the OrigPrefix contained in the RREQ according to
the information enclosed. The router MAY choose not to forward
the RREQ, for example if the router is heavily loaded or low on
energy and therefore unwilling to advertise routing capability
for more traffic. This could, however, decrease connectivity in
the network or result in non-optimal paths.
The RREQ MUST NOT be forwarded if the received msg_hop_limit =
1, or if the limit for the rate of AODVv2 control message
generation has been reached. Otherwise, the RREQ is updated and
forwarded as follows:
Set msg_hop_limit := received msg_hop_limit - 1
Set OrigMetric := LocalRoute[OrigPrefix].Metric
This modified RREQ is handed to the
multiplexer for further
processing. By default, the multiplexer is instructed to
multicast the message to LL-MANET-Routers on all interfaces
configured for AODVv2 operation.
When a Route Request message is received, requesting a route to a
target address (TargAddr) which is configured as part of a Router
Client Set entry, a Route Reply message is sent in response. The
RREP offers a route to TargPrefix.
RREP messages have the following contents:
The remaining number of hops allowed for
dissemination of the RREP message.
Contains:
OrigPrefix, from the Router Client entry which includes
OrigAddr, the source address of the IP packet for which
a route is requested
TargPrefix, set to TargAddr, the destination address of
the IP packet for which a route is requested.
Optionally, if RouterClient.SeqNoRtr is true, the IP
address of TargRtr -- i.e., the router that originated
the Sequence Number for this RREP.
Contains TargPrefixLen, i.e., the length, in bits,
of the prefix associated with the Router Client Set entry
which includes TargAddr. If omitted, the prefix length is
equal to TargAddr's address length, in bits.
The sequence number associated with TargPrefix.
The metric type associated with TargMetric.
The metric value associated with the route to
TargPrefix, as seen from the sender of the message.
A Route Reply message is generated when a Route Request for a
Router Client of the AODVv2 router arrives. This is the case
when RteMsg.TargPrefix matches an entry in the Router Client Set
of the AODVv2 router.
Before creating an RREP, the router SHOULD check whether
CONTROL_TRAFFIC_LIMIT has been reached. If so, the RREP SHOULD
NOT be created.
The RREP will traverse the path of the route to OrigPrefix. If
the best route to OrigPrefix in the Local Route Set is
Unconfirmed, the link to the next hop neighbor is not yet
confirmed as bidirectional (see
). In this case an
RREP_Ack MUST also be sent as described in
, in order to request an
acknowledgement message from the next hop router to prove that
the link is bidirectional. If the best route to OrigPrefix in
the Local Route Set is valid, the link to the next hop neighbor
is already confirmed as bidirectional, and no acknowledgement is
required.
Implementations MAY allow a number of retries of the RREP if a
requested acknowledgement is not received within
RREP_Ack_SENT_TIMEOUT, doubling the timeout with each retry, up
to a maximum of RREP_RETRIES, using the same exponential backoff
described in for RREQ
retries. The acknowledgement MUST be considered to have failed
after the wait time for an RREP_Ack response to the final RREP.
To generate the RREP, the router (also referred to as RREP_Gen)
follows this procedure:
Set msg_hop_limit := MAX_HOPCOUNT - msg_hop_limit from the
received RREQ message
Set AddressList := {OrigPrefix, TargPrefix}
If RouterClient.SeqNoRtr is nonzero, then add the
router's own IP address to AddressList, with AddressType
SeqNoRtr.
For the PrefixLengthList:
If TargAddr is part of an address range configured as a
Router Client, set PrefixLengthList := {null,
RouterClient.PrefixLength}.
Otherwise, omit PrefixLengthList.
For the TargSeqNum:
Increment the router Sequence Number as specified in
.
Set TargSeqNum := router Sequence Number.
Include MetricType and set the type to match the MetricType
in the received RREQ message.
Set TargMetric := RouterClient.Cost for the Router Client
Set entry which includes TargAddr.
This AODVv2 message is used to create a corresponding
message (see
) which is handed to the
RFC5444 multiplexer for further processing. The multiplexer is
instructed to unicast the RREP to
LocalRoute[OrigPrefix].NextHop. The RREP MUST be sent over
LocalRoute[OrigPrefix].NextHopInterface.
Upon receiving a Route Reply, an AODVv2 router performs the
following steps:
Verify that the message contains the required data:
msg_hop_limit, OrigPrefix, TargPrefix, TargSeqNum, and
TargMetric, and that OrigPrefix and TargPrefix are valid
addresses
If not, ignore this RREP for further processing.
Check that the MetricType is supported and configured for
use
If not, ignore this RREP for further processing.
If this RREP does not correspond to an RREQ generated or
forwarded in the last RREQ_WAIT_TIME, ignore for further
processing.
If the Multicast Message Set does not contain an entry
where:
McMsg.OrigPrefix == RREP.OrigPrefix
McMsg.OrigPrefixLen == RREP.OrigPrefixLen
McMsg.TargAddr exists within RREP.TargPrefix
McMsg.OrigSeqNum <= RREP.OrigSeqNum
McMsg.SeqNoRtr = RREP.SeqNoRtr
McMsg.MetricType == RREP.MetricType
McMsg.Timestamp > CurrentTime - RREQ_WAIT_TIME
McMsg.Interface == The interface on which the RREP was
received
then, ignore this RREP for further processing, since it does not
correspond to a previously sent RREQ. Otherwise continue as
follows:
Update the Neighbor Set according to
Determine whether the cost of the advertised route exceeds
the maximum allowed metric value for the metric type (Metric
<= MAX_METRIC[MetricType] - Cost(L))
If it does, ignore this RREP for further processing.
Process the route to TargPrefix as specified in
Determine whether the message is redundant by comparing to
entries in the Multicast Message Set
()
If redundant, ignore this RREP for further processing.
If not redundant, save the information in the Multicast
Message Set to identify future redundant RREP messages
and continue processing.
Determine whether the OrigPrefix matches an entry in the
Router Client Set
If so, no further processing is necessary.
If not, continue to the next step.
Determine whether a valid (Active or Idle) or Unconfirmed
LocalRoute exists to OrigPrefix
If so, continue to RREP forwarding
.
If not, a Route Error message SHOULD be transmitted
toward TargPrefix according to
; the RREP MUST be
discarded and not forwarded.
A received Route Reply message is forwarded toward OrigPrefix.
By forwarding the RREP, a router advertises that it has a route
to TargPrefix.
The RREP MUST NOT be forwarded if the received msg_hop_limit =
1, or if CONTROL_TRAFFIC_LIMIT has been reached. Otherwise, the
router MUST forward the RREP.
The procedure for RREP forwarding is as follows:
Set msg_hop_limit := received msg_hop_limit - 1
If the link to the next hop router toward OrigAddr is not
known to be bidirectional, also verify bidirectionality (see
).
Set TargMetric := LocalRoute[TargPrefix].Metric
This modified message is handed to the
multiplexer for further
processing. The multiplexer is instructed to unicast the RREP to
LocalRoute[OrigPrefix].NextHop. The RREP MUST be sent over
LocalRoute[OrigPrefix].NextHopInterface.
The Route Reply Acknowledgement is used as both a request and a
response message to test bidirectionality of a link over which a
Route Reply has also been sent. The router which forwards the RREP
MUST send a Route Reply Acknowledgement message to the intended
next hop, if the link to the next hop neighbor is not yet
confirmed as bidirectional.
The receiving router MUST then reply with a Route Reply
Acknowledgement response message.
When the Route Reply Acknowledgement response message is received
by the sender of the RREP, it confirms that the link between the
two routers is bidirectional (see
).
If the Route Reply Acknowledgement is not received within
RREP_Ack_SENT_TIMEOUT, the link is determined to be
unidirectional.
An RREP_Ack MUST be generated if a Route Reply is sent over a
link which is not known to be bidirectional. It includes an
AckReq element to indicate that it is a request for
acknowledgement.
The RREP_Ack SHOULD NOT be generated if the limit for the rate
of AODVv2 control message generation has been reached.
The representation of the
RREP_Ack is discussed in .
RREP_Ack requests MUST be unicast to
LocalRoute[OrigPrefix].NextHop via
LocalRoute[OrigPrefix].NextHopInterface. The multiplexer SHOULD
be instructed to send the RREP_Ack in the same
packet as the RREP.
The Neighbor Set entry for LocalRoute[OrigPrefix].NextHop MUST
also be updated to indicate that an RREP_Ack is required (see
).
Upon receiving an RREP_Ack, an AODVv2 router performs the
following steps:
Determine whether an AckReq element is included:
If so, create an RREP_Ack Response as described in
. No further
processing is required.
If not, continue to the next step.
Determine whether the Neighbor Set contains an entry where:
Neighbor.IPAddress == IP source address of the RREP_Ack
message
Neighbor.State == HEARD
Neighbor.Timeout < CurrentTime
Neighbor.Interface matches the interface on which the
RREP_Ack was received
If no such entry is found, the RREP_Ack was not expected; no
actions are required and processing ends. Otherwise, the
router sets Neighbor.Timeout to INFINITY_TIME, and
processing continues to the next step.
Update the Neighbor Set according to
, including updating routes
using this Neighbor as LocalRoute.NextHop.
An RREP_Ack response MUST be generated if a received RREP_Ack
includes an AckReq, unless the limit for the rate of AODVv2
control message generation has been reached in which case the
RREP_Ack response SHOULD NOT be generated.
There is no further data in an RREP_Ack response. The
representation is discussed in
. In this case, the multiplexer
is instructed to unicast the RREP_Ack to the source IP address
of the RREP_Ack message that requested it, over the same
interface on which the RREP_Ack was received.
A Route Error message is generated by an AODVv2 router to notify
other AODVv2 routers about routes that are no longer available. An
RERR message has the following contents:
The source address of the IP packet triggering the
RERR. If the RERR is triggered by a broken link, PktSource
is not required.
The addresses of the routes not available through
RERR_Gen.
The prefix lengths, in bits, associated with the
routes not available through RERR_Gen. These values indicate
whether routes represent a single device or an address
range.
The sequence numbers (where known) of the routes
not available through RERR_Gen.
The metric types associated with the routes not
available through RERR_Gen.
A Route Error message is generated when an AODVv2 router (also
referred to as RERR_Gen) needs to report that a destination is
not reachable. There are three events that cause this response:
When an IP packet that has been forwarded from another
router, but there is no valid route in the Routing
Information Base for its destination, the source of the
packet needs to be informed that the route to the
destination of the packet does not exist. The RERR generated
MUST include PktSource set to the source address of the IP
packet, and MUST contain only one unreachable address in the
AddressList, i.e., the destination address of the IP packet.
RERR_Gen MUST discard the IP packet that triggered
generation of the RERR. The prefix length, sequence number
and metric type SHOULD be included if known from an existing
Invalid LocalRoute to the unreachable address.
When an RREP message cannot be forwarded because there is no
valid LocalRoute to OrigPrefix, RREP_Gen needs to be
informed that the route to OrigPrefix does not exist. The
RERR generated MUST include PktSource set to the TargPrefix
of the RREP, and MUST contain only one unreachable address
in the AddressList, the OrigPrefix from the RREP. RERR_Gen
MUST discard the RREP message that triggered generation of
the RERR. The prefix length, sequence number and metric type
SHOULD be included if known from an Invalid LocalRoute to
the unreachable address.
When a link breaks, multiple LocalRoutes may become Invalid,
and the RERR generated MAY contain multiple unreachable
addresses. The RERR MUST include MetricTypeList. PktSource
is omitted. All previously Active LocalRoutes that used the
broken link MUST be reported. The AddressList, SeqNumList,
and MetricTypeList will contain entries for each LocalRoute
which has become Invalid. PrefixLengthList will be included
if needed to report invalid routes to a non-default prefix.
An RERR message is only sent if an Active LocalRoute becomes
Invalid, though an AODVv2 router MAY also include Idle
LocalRoutes that become Invalid if the configuration
parameter ENABLE_IDLE_IN_RERR is set (see
).
The RERR SHOULD NOT be generated if CONTROL_TRAFFIC_LIMIT has
been reached. The RERR also SHOULD NOT be generated if it is a
duplicate, as determined by
.
Incidentally, if an AODVv2 router receives an ICMP error packet
to or from the address of one of its Router Clients, it forwards
the ICMP packet in the same way as any other IP packet, and will
not generate any RERR message based on the contents of the ICMP
packet.
To generate the RERR, the router follows this procedure:
If necessary, include PktSource and set the value as given
above
For each LocalRoute that needs to be reported:
Insert LocalRoute.Address into the AddressList.
Insert LocalRoute.PrefixLength into PrefixLengthList, if
known and not equal to the address length.
Insert LocalRoute.SeqNum into SeqNumList, if known.
Insert LocalRoute.MetricType into MetricTypeList.
The AODVv2 message is used to create a corresponding
message (see
).
If the RERR is sent in response to an undeliverable IP packet or
RREP message (i.e., if PktSource is included), the RERR SHOULD
be sent unicast to the next hop on the route to PktSource. It
MUST be sent over the same interface on which the undeliverable
IP packet was received. If there is no route to PktSource, the
RERR SHOULD be multicast to LL-MANET-Routers. If the RERR is
sent in response to a broken link, i.e., PktSource is not
included, the RERR is, by default, multicast to
LL-MANET-Routers.
describes processing steps
when the optional precursor lists feature is implemented.
Upon receiving a Route Error, an AODVv2 router performs the
following steps:
Determine whether the message contains at least one
unreachable address; if not, ignore this RERR for further
processing. Otherwise continue as follows:
For each address in the AddressList, check that:
The address is valid (routable and unicast).
The MetricType is supported and configured for use.
There is a LocalRoute with the same MetricType matching
the address using longest prefix matching.
Either the LocalRoute's next hop is the sender of the
RERR and the next hop interface is the interface on
which the RERR was received, or PktSource is present in
the RERR and is a Router Client address.
The unreachable address' sequence number is either
unknown, or is no less than the LocalRoute's sequence
number.
If any of the above are false the address does not match a
LocalRoute and MUST NOT be processed or regenerated in a
RERR.
If all of the above are true, the LocalRoute which matches
the unreachable address MUST be marked as Invalid.
Otherwise, regeneration of the RERR proceeds as follows. If
the LocalRoute was previously Active, it MUST be reported in
a regenerated RERR. If the LocalRoute was previously Idle,
it MAY be reported in a regenerated RERR, if
ENABLE_IDLE_IN_RERR is configured. The Local Route Set MUST
be updated according to these rules:
If the LocalRoute's prefix length is the same as the
unreachable address' prefix length, set LocalRoute.State
to Invalid.
If the LocalRoute's prefix length is longer than the
unreachable address' prefix length, the LocalRoute MUST
be expunged from the Local Route Set, since it is a
sub-route of the route which is reported to be Invalid.
If the prefix length is different, create a new
LocalRoute with the unreachable address, and its prefix
length and sequence number, and set LocalRoute.State to
Invalid. These Invalid routes are retained to avoid
processing stale messages.
Update the sequence number on the existing LocalRoute,
if the reported sequence number is determined to be
newer using the comparison method described in
.
If there are previously Active LocalRoutes that MUST be
reported, regenerate the RERR as detailed in
.
The Route Error message SHOULD NOT be regenerated if
CONTROL_TRAFFIC_LIMIT has been reached.
The procedure for RERR regeneration is as follows:
If PktSource was included in the received RERR, and
PktSource is not a Router Client, copy it into the
regenerated RERR
For each LocalRoute that needs to be reported as identified
in :
Insert LocalRoute.Address into the AddressList.
Insert LocalRoute.PrefixLength into PrefixLengthList, if
known and not equal to the address length.
Insert LocalRoute.SeqNum into SeqNumList, if known.
Insert LocalRoute.MetricType into MetricTypeList.
The AODVv2 message is used to create a corresponding
message (see
). If the RERR contains
PktSource, the regenerated RERR SHOULD be sent unicast to the
next hop on the LocalRoute to PktSource. It MUST be sent over
the same interface on which the undeliverable IP packet was
received. If there is no route to PktSource, or PktSource is a
Router Client, it SHOULD be multicast to LL-MANET-Routers. If
the RERR is sent in response to a broken link, the RERR is, by
default, multicast to LL-MANET-Routers.
AODVv2 specifies that all control messages between routers MUST use
the Generalized Mobile Ad Hoc Network Packet/Message Format
, and therefore AODVv2's route
messages comprise data which is mapped to message elements in
.
provides a multiplexed transport for
multiple protocols. An
implementation MAY choose to optimize the content of certain
elements during message creation to reduce control message overhead.
A brief summary of the format:
A packet contains zero or more messages
A message contains a Message Header, one Message TLV Block, zero
or more Address Blocks, and one Address Block TLV Block per
Address Block
The Message TLV Block contains zero or more Message TLVs
An Address Block TLV Block includes zero or more Address Block
TLVs
Each TLV value in an Address Block TLV Block can be associated
with all of the addresses, or with a contiguous set of
addresses, or with a single address in the Address Block
AODVv2 does not require access to the
packet header.
In the message header, AODVv2 uses <msg-type>,
<msg-hop-limit> and <msg-addr-length>. The
<msg-addr-length> field indicates the length of any addresses
in the message, using <msg-addr-length> := (address length in
octets - 1), i.e. 3 for IPv4 and 15 for IPv6.
The addresses in an Address Block MAY appear in any order, and
values in a TLV in the Address Block TLV Block must be associated
with the correct address in the Address Block by the
implementation. To indicate which
value is associated with each address, the AODVv2 message
representation uses lists where the order of the addresses in the
AODVv2 AddressList matches the order of values in other data lists,
e.g., the order of SeqNums in the SeqNumList in an RERR.
maps this information to Address
Block TLVs associated with the relevant addresses in the Address
Block.
Each address included in the Address Block is identified as
OrigPrefix, TargPrefix, PktSource, SeqNoRtr, or Unreachable Address
by including an ADDRESS_TYPE TLV in the Address Block TLV Block.
The following sections show how AODVv2 data is represented in
messages. In
, AODVv2 defines several new
TLVs.
Where the extension type of a TLV is set to zero, this is the
default value and the extension type
will not be included in the message.
Data
Header Field
Value
None
<msg-type>
RREQ
msg_hop_limit
<msg-hop-limit>
MAX_HOPCOUNT, reduced by number of hops traversed so far
by the message.
AODVv2 does not define any Message TLVs for an RREQ message.
An RREQ contains OrigPrefix and TargPrefix, and each of these
addresses has an associated prefix length. If the prefix length
has not been included in the AODVv2 message, it is equal to the
address length in bits.
Data
Address Block
OrigPrefix/OrigPrefixLen
<address> + <prefix-length>
TargPrefix/TargPrefixLen
<address> + <prefix-length>
SeqNoRtr/PrefixLen
<address> + <prefix-length>
Address Block TLVs are always associated with one or more
addresses in the Address Block. The following sections show the
TLVs that apply to each address.
Data
TLV Type
Extension Type
Value
None
ADDRESS_TYPE
0
ORIGPREFIX
OrigSeqNum
SEQ_NUM
0
Sequence number of RREQ_Gen, the router which
initiated route discovery.
OrigMetric /MetricType
PATH_METRIC
MetricType
Metric value for the route to OrigPrefix, using
MetricType.
Data
TLV Type
Extension Type
Value
None
ADDRESS_TYPE
0
TARGPREFIX
TargSeqNum
SEQ_NUM
0
The last known TargSeqNum for TargPrefix.
Data
Header Field
Value
None
<msg-type>
RREP
msg_hop_limit
<msg-hop-limit>
MAX_HOPCOUNT - msg_hop_limit from the corresponding
RREQ, reduced by number of hops traversed so far by the
message.
AODVv2 does not define any Message TLVs for an RREP message.
An RREP contains OrigPrefix and TargPrefix, and each of these
addresses has an associated prefix length. If the prefix length
has not been included in the AODVv2 message, it is equal to the
address length in bits.
Data
Address Block
OrigPrefix/OrigPrefixLen
<address> + <prefix-length>
TargPrefix/TargPrefixLen
<address> + <prefix-length>
SeqNoRtr/PrefixLen
<address> + <prefix-length>
Address Block TLVs are always associated with one or more
addresses in the Address Block. The following sections show the
TLVs that apply to each address.
Data
TLV Type
Extension Type
Value
None
ADDRESS_TYPE
0
ORIGPREFIX
Data
TLV Type
Extension Type
Value
None
ADDRESS_TYPE
0
TARGPREFIX
TargSeqNum
SEQ_NUM
0
Sequence number of RREP_Gen, the router which created
the RREP.
TargMetric /MetricType
PATH_METRIC
MetricType
Metric value for the route to TargPrefix, using
MetricType.
Data
Header Field
Value
None
<msg-type>
RREP_Ack
AODVv2 defines an AckReq Message TLV, included when an
acknowledgement of this message is required, in order to monitor
adjacency, as described in
.
Data
TLV Type
Extension Type
Value
AckReq
ACK_REQ
0
None
AODVv2 does not define an Address Block for an RREP_Ack message.
AODVv2 does not define any Address Block TLVs for an RREP_Ack
message.
Route Error Messages MAY be split into multiple
messages when the desired contents
would exceed the MTU. However, all of the resulting messages MUST
have the same message header as described below. If PktSource is
included in the AODVv2 message, it MUST be included in all of the
resulting messages.
Data
Header Field
Value
None
<msg-type>
RERR
AODVv2 does not define any Message TLVs for an RERR message.
The Address Block in an RERR MAY contain PktSource, the source
address of the IP packet triggering RERR generation, as detailed
in . The prefix length
associated with PktSource is equal to the address length in
bits.
Address Block always contains one address per route that is no
longer valid, and each address has an associated prefix length.
If a prefix length has not been included for this address, it is
equal to the address length in bits.
Data
Address Block
PktSource
<address> + <prefix-length> for PktSource
AddressList/PrefixLengthList
<address> + <prefix-length> for each
unreachable address in AddressList
Address Block TLVs are always associated with one or more
addresses in the Address Block. The following sections show the
TLVs that apply to each type of address in the RERR.
Data
TLV Type
Extension Type
Value
PktSource
ADDRESS_TYPE
0
PKTSOURCE
Data
TLV Type
Extension Type
Value
None
ADDRESS_TYPE
0
UNREACHABLE
SeqNumList
SEQ_NUM
0
Sequence number associated with invalid route to the
unreachable address.
MetricTypeList
PATH_METRIC
MetricType
None. Extension Type set to MetricType of the route to
the unreachable address.
shows a stub (i.e., non-transit)
network of AODVv2 routers which is attached to an external network
(i.e., a network not using AODVv2) via a single External Network
Access Router (ENAR).
As in any externally-attached network, AODVv2 routers and Router
Clients that wish to be reachable from the external network MUST
have IP addresses within the ENAR's routable and topologically
correct prefix (e.g., 191.0.2.0/24 in
). This AODVv2 network and networks
attached to routers within it will be advertised to the external
network using other routing protocols or procedures which are out of
scope for this specification.
When an AODVv2 router within the AODVv2 MANET wants to discover a
route toward an address on the external network, it uses the normal
AODVv2 route discovery for that IP Destination Address.
The ENAR MUST respond to RREQ on behalf of all external network
destinations, that is, destinations which are not on the configured
191.0.2.0 /24 network. The ENAR MUST NOT respond with a TargPrefix
and TargPrefixLen which includes any of the networks configured as
part of the AODVv2 network. Sending a Route Request for a gateway is
not currently supported.
If more than one gateway is configured to serve the same external
network, each such gateway MUST configure that external network as a
Router Client with its IP address as the value of SeqNoRtr for the
RouterClient. AODVv2 messages SHOULD NOT be transmitted to routers
in the External Network.
RREQs for addresses inside the AODVv2 network, e.g. destinations on
the configured 191.0.2.0/24 network, are handled using the standard
processes described in . Note that
AODVv2 does not currently support route discovery for prefixes that
do not equal address length, but RREPs do advertise the prefix on
which TargAddr resides.
When an IP packet from an address on the external network destined
for an address in the AODVv2 MANET reaches the ENAR, if the ENAR
does not have a route toward that destination in its Routing
Information Base, it will perform normal AODVv2 route discovery for
that destination.
Configuring the ENAR as a default router is outside the scope of
this specification.
This section specifies an interoperable, optional enhancement to
AODVv2 enabling more economical Route Error notifications.
There can be several sources of traffic for a certain destination.
Each source of traffic and each upstream router between the
forwarding AODVv2 router and the traffic source is known as a
"precursor" for the destination. For each destination, an
AODVv2 router MAY choose to keep track of precursors that have
provided traffic for that destination. Route Error messages about
that destination can then be sent unicast to these precursors
instead of multicast to all AODVv2 routers.
Since an RERR will be regenerated if it comes from a next hop on a
valid LocalRoute, the RERR SHOULD ideally be sent backwards along
the route that the source of the traffic uses, to ensure it is
regenerated at each hop and reaches the traffic source. If the
reverse path is unknown, the RERR SHOULD be sent toward the source
along any available route. Therefore, the options for saving
precursor information are as follows:
Save the next hop on an existing route to the IP packet's source
address as the precursor. In this case, it is not guaranteed
that an RERR that is sent will follow the reverse of the
source's route. In rare situations, this may prevent the route
from being invalidated at the source of the data traffic.
Save the IP packet's source address as the precursor. In this
case, the RERR can be sent along any existing route to the
source of the data traffic, and SHOULD include PktSource to
ensure that the route will be invalidated at the source of the
traffic, in case the RERR does not follow the reverse of the
source's route.
By inspecting the MAC address of each forwarded IP packet,
determine which router forwarded the packet, and save the router
address as a precursor. This ensures that when an RERR is sent
to the precursor router, the route will be invalidated at that
router, and the RERR will be regenerated toward the source of
the IP packet.
During normal operation, each AODVv2 router maintaining precursor
lists for a LocalRoute must update the precursor list whenever it
uses this route to forward traffic to the destination. Precursors
are classified as Active if traffic has recently been forwarded by
the precursor. The precursor is marked with a timestamp to indicate
the time it last forwarded traffic on this route.
When an AODVv2 router detects that one or more LocalRoutes are
broken, it MAY notify each Active precursor using a unicast Route
Error message instead of creating multicast traffic. Unicast is
applicable when there are few Active precursors compared to the
number of neighboring AODVv2 routers. However, the default multicast
behavior is still preferable when there are many precursors, since
fewer message transmissions are required.
When an AODVv2 router supporting precursor lists receives an RERR
message, it SHOULD identify the list of its own affected Active
precursors for the routes in the RERR, and choose to send a unicast
RERR to those, rather than send a multicast RERR.
When a LocalRoute is expunged, any precursor list associated with it
MUST also be expunged.
Implementations of AODVv2 MUST support ICV TLVs using
type-extensions 1 and 2, hash-function AES-CCM, and cryptographic
function AES-CCM, both as defined in
. An
ICV MUST be included with every message. The ICV value MAY be
truncated as specified in .
Since the msg-hop-limit and PATH_METRIC values are mutable when
included in AODVv2 messages, these values are set to zero before
calculating an ICV. This means that these values are not protected
end-to-end and are therefore susceptible to manipulation. This form
of attack is described in
.
Implementations of AODVv2 MUST support a TIMESTAMP TLV using
type-extension 0. The timestamp used is a sequence number, and
therefore the length of the <TIMESTAMP-value> field matches
the AODVv2 sequence number defined in
. The TIMESTAMP TLV MUST be included
in RREP_Ack and RERR messages.
When more than one message is included in an RFC5444 packet, using a
single ICV Packet TLV or single TIMESTAMP Packet TLV is more
efficient than including ICV and TIMESTAMP Message TLVs in each
message created. If the RFC5444 multiplexer is capable of adding the
Packet TLVs, it SHOULD be instructed to include the Packet TLVs in
packets containing AODVv2 messages. However, if the multiplexer is
not capable of adding the Packet TLVs, the TLVs MUST be included as
Message TLVs in each AODVv2 message in the packet.
After message generation, but before transmission, the ICV and
TIMESTAMP TLVs MUST be added according to each message type as
detailed in the following sections. The following steps list the
procedure to be performed:
If the TIMESTAMP is to be included, depending on AODVv2 message
type as specified below, add the TIMESTAMP TLV.
When a TIMESTAMP Packet TLV is being added, the Packet TLV
Block size field MUST be updated.
When a TIMESTAMP Message TLV is being added, the Message TLV
Block size field MUST be updated.
The considerations in Section 8 and section 9 of
are followed, removing existing
ICV TLVs and adjusting the size and flags fields as appropriate:
When an ICV Packet TLV is being added, existing ICV Packet
TLVs MUST be removed and the Packet TLV Block size MUST be
updated. If the Packet TLV Block now contains no TLVs, the
phastlv bit in the <pkt-flags> field in the Packet
Header MUST be cleared.
When an ICV Message TLV is being added, existing ICV Message
TLVs are removed and the Message TLV Block Size MUST be
updated.
Mutable fields in the message must have their mutable values set
to zero before calculating the ICV.
If the msg-hop-limit field is included in the
message header,
msg-hop-limit MUST be set to zero before calculating the
ICV.
If a PATH_METRIC TLV is included, any values present in the
TLV MUST be set to zero before calculating the ICV value.
Depending on the message type, the ICV is calculated over the
appropriate fields (as specified in sections
,
,
and
) to include the fields
<hash-function>, <cryptographic-function>,
<key-id-length>, and, if present, <key-id> (in that
order), followed by the entire packet or message. This value MAY
be truncated (as specified in ).
Add the ICV TLV, updating size fields as necessary.
The changes made in Step 2 and Step 3 are reversed to re-add any
existing ICV TLVs, re-adjust the relevant size and flags fields,
and set the msg-hop-limit and PATH_METRIC TLV values.
On message reception, and before message processing, verification of
the received message MUST take place:
The considerations in Section 8 and Section 9 of
are followed, removing existing
ICV TLVs and adjusting the size and flags fields as appropriate.
When verifying the ICV value in an ICV Packet TLV, all ICV
Packet TLVs present in the Packet TLV Block MUST be removed
before calculating the ICV, and the Packet TLV Block size
MUST be updated. If there are no remaining Packet TLVs, the
Packet TLV Block MUST be removed and the phastlv bit in the
<pkt-flags> field MUST be cleared.
When verifying the ICV value in an ICV Message TLV, all ICV
Message TLVs present in the Message TLV Block MUST be
removed before calculating the ICV, and the Message TLV
Block size MUST be updated.
Mutable fields in the message MUST have their mutable values set
to zero before calculating the ICV.
If the msg-hop-limit field is included in the
message header,
msg-hop-limit MUST be set to zero before calculating the
ICV.
If a PATH_METRIC TLV is included, any values present in the
TLV MUST be set to zero before calculating the ICV value.
The ICV is calculated following the considerations in Section
12.2 of [RFC7182], to include the fields <hash-function>,
<cryptographic-function>, <key-id-length>, and, if
present, <key-id> (in that order), followed by the entire
packet or message.
If the received ICV value is truncated, the calculated ICV
value MUST also be truncated (as specified in
), before comparing.
If the ICV value calculated from the received message or
packet does not match the value of <ICV-data> in the
received message or packet, the validation fails and the
AODVv2 message MUST be discarded and NOT processed or
forwarded.
If the ICV values do match, the values set to zero before
calculating the ICV are reset to the received values, and
processing continues to Step 4.
Verification of a received TIMESTAMP value MUST be performed.
The procedure depends on message type as specified in the
following sub sections.
If the TIMESTAMP value in the received message is not valid,
the AODVv2 message MUST be discarded and NOT processed or
forwarded.
If the TIMESTAMP value is valid, processing continues as
defined in Section 7.
Since OrigPrefix is included in the RREQ, the ICV can be
calculated and verified using the
contents.The ICV TLV has type extension := 1. Inclusion of an ICV
TLV message integrity and endpoint authentication, because trusted
routers MUST hold the shared key in order to calculate the ICV
value, both to include when creating a message, and to validate
the message by checking that the ICV is correct.
Since RREQ_Gen's sequence number is incremented for each new RREQ,
replay protection is already afforded and no extra TIMESTAMP TLV
is required.
After message generation and before message transmission:
Add the ICV TLV as described above.
On message reception and before message processing:
Verify the received ICV value as described above.
Verification of the sequence number is handled according to
Section 7.
Since TargPrefix is included in the RREP, the ICV can be
calculated and verified using the
contents. The ICV TLV has type extension 1. Inclusion of an ICV
provides message integrity and endpoint authentication, because
trusted routers MUST hold a valid key in order to calculate the
ICV value, both to include when creating a message, and to
validate the message by checking that the ICV is correct.
Since RREP_Gen's sequence number is incremented for each new RREP,
replay protection is already afforded and no extra TIMESTAMP TLV
is required.
After message generation and before message transmission:
Add the ICV TLV as described above.
On message reception and before message processing:
Verify the received ICV value as described above.
Verification of the sequence number is handled according to
Section 7.
Since no sequence number is included in the RREP_Ack, a TIMESTAMP
TLV MUST be included to protect against replay attacks. The value
in the TIMESTAMP TLV is set as follows:
For RREP_Ack request, use Neighbor.AckSeqNum.
For RREP_Ack response, use the sequence number from the
TIMESTAMP TLV in the received RREP_Ack request.
Since no addresses are included in the RREP_Ack, and the receiver
of the RREP_Ack uses the source IP address of a received RREP_Ack
to identify the sender, the ICV MUST be calculated using the
message contents and the IP source address. The ICV TLV has type
extension := 2 in order to accomplish this. This provides message
integrity and endpoint authentication, because trusted routers
MUST hold the correct key in order to calculate the ICV value.
After message generation and before message transmission:
Add the TIMESTAMP TLV and ICV TLV as described above.
On message reception and before message processing:
Verify the received ICV value as described above.
Verify the received TIMESTAMP value by comparing the sequence
number in the value field of the TIMESTAMP TLV as follows:
For a received RREP_Ack request, there is no need to
verify the timestamp value. Proceed to message processing
as defined in Section 7.
For a received RREP_Ack response, compare with the
Neighbor.AckSeqNum of the Neighbor Set entry for sender of
the RREP_Ack request.
If the sequence number does not match, the AODVv2 message
MUST be discarded. Otherwise, Neighbor.AckSeqNum is
incremented by 1 and processing continues according to
Section 7.
Since the sender's sequence number is not contained in the RERR, a
TIMESTAMP TLV MUST be included to protect against replay attacks.
The value in the TIMESTAMP TLV is set by incrementing and using
RERR_Gen's sequence number.
Since the receiver of the RERR MUST use the source IP address of
the RERR to identify the sender, the ICV MUST be calculated using
the message contents and the IP source address. The ICV TLV has
type extension := 2 in order to accomplish this. This provides
message integrity and endpoint authentication, because trusted
routers MUST hold the shared key in order to calculate the ICV
value.
After message generation and before message transmission:
Add the TIMESTAMP TLV and ICV TLV as described above.
On message reception and before message processing:
Verify the received ICV value as described above.
Verify the received TIMESTAMP value by comparing the sequence
number in the value field of the TIMESTAMP TLV with the
Neighbor.HeardRERRSeqNum. If the sequence number in the
message is lower than the stored value, the AODVv2 message
MUST be discarded. Otherwise, the Neighbor.HeardRERRSeqNum
MUST be set to the received value and processing continues
according to Section 7.
AODVv2 uses various parameters which can be grouped into the
following categories:
Timers
Protocol constants
Administrative parameters and controls
This section show the parameters along with their definitions and
default values (if any).
Note that several fields have limited size (bits or bytes). These
sizes and their encoding may place specific limitations on the
values that can be set.
AODVv2 requires certain timing information to be associated with
Local Route Set entries and message replies. The default values
are as follows:
Name
Default Value
ACTIVE_INTERVAL
5 second
MAX_IDLETIME
200 seconds
MAX_BLACKLIST_TIME
200 seconds
MAX_SEQNUM_LIFETIME
300 seconds
RERR_TIMEOUT
3 seconds
RteMsg_ENTRY_TIME
12 seconds
RREQ_WAIT_TIME
2 seconds
RREP_Ack_SENT_TIMEOUT
1 second
RREQ_HOLDDOWN_TIME
10 seconds
The above timing parameter values have worked well for small and
medium well-connected networks with moderate topology changes. The
timing parameters SHOULD be administratively configurable.
Ideally, for networks with frequent topology changes the AODVv2
parameters SHOULD be adjusted using experimentally determined
values or dynamic adaptation. For example, in networks with
infrequent topology changes MAX_IDLETIME MAY be set to a much
larger value. If the values were configured differently, the
following consequences may be observed:
If MAX_SEQNUM_LIFETIME was configured differently across the
network, and any of the routers lost their sequence number,
this could result in their next route messages being
classified as stale at any AODVv2 router using a greater value
for MAX_SEQNUM_LIFETIME. This would delay route discovery from
and to the re-initializing router.
Routers with lower values for ACTIVE_INTERVAL + MAX_IDLETIME
will invalidate routes more quickly and free resources used to
maintain them. This can affect bursty traffic flows which have
quiet periods longer than ACTIVE_INTERVAL + MAX_IDLETIME. A
route which has timed out due to perceived inactivity is not
reported. When the bursty traffic resumes, it would cause a
RERR to be generated, and the traffic itself would be dropped.
This route would be removed from all upstream routers, even if
those upstream routers had larger ACTIVE_INTERVAL or
MAX_IDLETIME values. A new route discovery would be required
to re-establish the route, causing extra routing protocol
traffic and disturbance to the bursty traffic.
Routers with lower values for MAX_BLACKLIST_TIME would allow
neighboring routers to participate in route discovery sooner
than routers with higher values. This could result in failed
route discoveries if un-blacklisted links are still
uni-directional. Since RREQs are retried, this would not
affect success of route discovery unless this value was so
small as to un-blacklist the router before the RREQ is
retried. This value need not be consistent across the network
since it is used for maintaining a 1-hop blacklist. However it
MUST be greater than RREQ_WAIT_TIME; the default value is much
larger.
Routers with lower values for RERR_TIMEOUT may create more
RERR messages than routers with higher values. This value
should be large enough that a RERR will reach all routers
using the route reported within it before the timer expires,
so that no further data traffic will arrive, and no duplicated
RERR messages will be generated.
Routers with lower values for RteMsg_ENTRY_TIME may not
consider received redundant multicast route messages as
redundant, and may forward these messages unnecessarily.
Routers with lower values for RREQ_WAIT_TIME may send more
frequent RREQ messages and wrongly determine that a route does
not exist, if the delay in receiving an RREP is greater than
this interval.
Routers with lower values for RREP_Ack_SENT_TIMEOUT may
wrongly determine links to neighbors to be unidirectional if
an RREP_Ack is delayed longer than this timeout.
Routers with lower values for RREQ_HOLDDOWN_TIME will retry
failed route discoveries sooner than routers with higher
values. This may be an advantage if the network topology is
frequently changing, or may unnecessarily cause more routing
protocol traffic.
MAX_SEQNUM_LIFETIME MUST be configured to have the same values for
all AODVv2 routers in the network.
AODVv2 protocol constants typically do not require changes. The
following table lists these constants, along with their values and
a reference to the section describing their use.
Name
Default
Description
DISCOVERY_ATTEMPTS_MAX
3
RREP_RETRIES
2
MAX_METRIC[MetricType]
[see below]
MAX_METRIC[HopCount]
255
and
MAX_HOPCOUNT
20
Limit to number of hops an
RREQ or RREP message can traverse
INFINITY_TIME
[see below]
Maximum expressible clock
time ()
MAX_HOPCOUNT cannot be larger than 255.
MAX_METRIC[MetricType] MUST always be the maximum expressible
metric value of type MetricType. Field lengths associated with
metric values are found in
.
These protocol constants MUST have the same values for all AODVv2
routers in the ad hoc network. If the values were configured
differently, the following consequences may be observed:
DISCOVERY_ATTEMPTS_MAX: Routers with higher values are likely
to be more successful at finding routes, at the cost of
additional control traffic.
RREP_RETRIES: Routers with lower values are more likely to
blacklist neighbors when there is a temporary fluctuation in
link quality.
MAX_METRIC[MetricType]: No interoperability problems due to
variations on different routers, but routers with lower values
may exhibit overly restrictive behavior during route
comparisons.
MAX_HOPCOUNT: Routers with a value too small would not be able
to discover routes to distant addresses.
INFINITY_TIME: No interoperability problems due to variations
on different routers, but if a lower value is used, route
state management may exhibit overly restrictive behavior.
The following table lists AODVv2 parameters which SHOULD be
administratively configured for each router:
Name
Default Value
Description
Router Client Set
BUFFER_SIZE_PACKETS
2
BUFFER_SIZE_BYTES
MAX_PACKET_SIZE [TBD]
CONTROL_TRAFFIC_LIMIT
[Adjust for 10% capacity]
The following administrative controls MAY be used to change the
operation of the network. The same settings SHOULD be used across
the network. Inconsistent settings at different routers in the
network will not result in protocol errors.
Name
Default
Description
ENABLE_IDLE_IN_RERR
Disabled
This section specifies several [RFC5444] message types and address
tlv-types required for AODVv2, as well as a new Code value for ICMP
Destination Unreachable.
This specification defines four Message Types, to be allocated
from the 0-223 range of the "Message Types" namespace
defined in .
Name of Message
Type
Route Request (RREQ)
10 (TBD)
Route Reply (RREP)
11 (TBD)
Route Error (RERR)
12 (TBD)
Route Reply Acknowledgement (RREP_Ack)
13 (TBD)
This specification defines one Message TLV Type, to be allocated
from the Message-Type-specific "Message TLV Types"
namespace defined in , as specified
in .
Name of TLV
Type
Length (octets)
Reference
ACK_REQ
128 (TBD)
0
This specification defines three Address Block TLV Types, to be
allocated from the Message-Type-specific "Address Block TLV
Types" namespace defined in ,
as specified in .
Name of TLV
Type
Length (octets)
Reference
PATH_METRIC
129 (TBD)
depends on MetricType
SEQ_NUM
130 (TBD)
2
ADDRESS_TYPE
131 (TBD)
1
The metric types used by AODVv2 are identified according to
. All implementations MUST use
these values.
Name of MetricType
Type
Metric Value Size
Unassigned
0
Undefined
Hop Count
1
1 octet
Unallocated
2 - 254
TBD
Reserved
255
Undefined
These values are used in the
Address Type TLV discussed in .
All implementations MUST use these values.
Address Type
Value
ORIGPREFIX
0
TARGPREFIX
1
UNREACHABLE
2
PKTSOURCE
3
UNSPECIFIED
255
A new Code Value is defined for ICMP Destination Unreachable
messages (see ).
Code Value
Value
Metric Type Mismatch
8 (TBD)
This section describes various security considerations and potential
avenues to secure AODVv2 routing. The main objective of the AODVv2
protocol is for each router to communicate reachability information
about addresses for which it is responsible, and for routes it has
discovered from other AODVv2 routers.
Networks using AODVv2 to maintain connectivity and establish routes
on demand may be vulnerable to certain well-known types of threats,
which will be detailed in this section. Some of the threats
described can be mitigated or eliminated. Tools to do so will be
described.
With the exception of metric values, AODVv2 assures the integrity of
all RteMsg data end-to-end though the use of ICVs (see
. AODVv2
implementations support ICV and TIMESTAMP TLVs, unless the
implementation is intended for an environment in which security is
unnecessary;
otherwise, AODVv2 deployments are configured to use these TLVs to
secure messages.
The on-demand nature of AODVv2 route discovery automatically reduces
the vulnerability to route disruption. Since control traffic for
updating route tables is diminished, there is less opportunity for
attack and failure.
Threats to AODVv2 which reduce availability are considered below.
Flooding attacks using RREQ amount to a (BLIND) denial of
service for route discovery: By issuing RREQ messages for
targets that don't exist, an attacker can flood the network,
blocking resources and drowning out legitimate traffic. By
triggering the generation of CONTROL_TRAFFIC_LIMIT amount of
messages (for example by sending RREQs for many non-existent
destinations), an attacker can prevent legitimate messages from
being generated. The effect of this attack is dampened by the
fact that duplicate RREQ messages are dropped (preventing the
network from DDoSing itself). Processing requirements for AODVv2
messages are typically quite small, however AODVv2 routers
receiving RREQs do allocate resources in the form of Neighbor
Set, Local Route Set and Multicast Route Message Set entries.
The attacker can maximize their impact on set growth by changing
OrigPrefix or OrigPrefixLen for each RREQ. If a specific node is
to be targeted, this attack may be carried out in a distributed
fashion, either by compromising its direct neighbors or by
specifying the target's address with TargPrefix and
TargPrefixLen. Note that it might be more economical for the
attacker to simply jam the medium; an attack which AODVv2 cannot
defend itself against.
Mitigation:
If AODVv2 routers always verify that the sender of the RERR
message is trusted, this threat is reduced. Processing
requirements would typically be dominated by calculations to
verify integrity. This has the effect of reducing (but by no
means eliminating) AODVv2's vulnerability to denial of
service attacks.
Authentication of senders can prevent unauthenticated
routers from launching a Denial of Service attack on another
AODVv2 router. However, this does not protect the network if
an attacker has access to an already authenticated router.
RERR messages are designed to cause removal of installed routes.
A malicious node could send an RERR message with false
information to attempt to get other routers to remove a route to
one or more specific destinations, therefore disrupting traffic
to the advertised destinations.
Routes will be deleted if an RERR is received, withdrawing a
route for which the sender is the receiver's next hop, if both
of the following conditions are met:
the RERR includes the MetricType of the installed route,
the RERR includes either no sequence number for the route,
or includes a greater sequence number than the sequence
number stored with that route in the receiver's Local Route
Set.
Routes will also be deleted if a received RERR contains a
PktSource address corresponding to a Router Client.
The information necessary to construct a malicious RERR could be
discovered by eavesdropping, either by listening to AODVv2
messages or by watching data packet flows.
When the RERR is multicast, it can be received by many routers
in the ad hoc network, and will be regenerated when processing
results in an active route being removed. This threat could have
serious impact on applications communicating by way of the
sender of the RERR message.
The set of routers which use the malicious router as a next
hop may be targeted with a malicious RERR with no PktSource
address included, if the RERR contains routes for which the
malicious router is a next hop from the receiving router.
However, since
the sender of the RERR message is either malicious or
broken, it is better that it is not used as a next hop for
these routes anyway.
A single router which does not use the malicious router as
part of its route may be targeted with a malicious RERR with
a PktSource address included.
Replayed RERR messages could be used to disrupt active
routes.
Mitigation:
Protection against eavesdropping of AODVv2 messages would
mitigate this attack to some extent, but eavesdropping of
data packets can also be used to deduce the information
about which routes could be targeted.
Protection against a malicious router becoming part of a
route will mitigate the attack where a set of routers are
targeted. This will not protect against the attack if a
PktSource address is included.
By only regenerating RERR messages where active routes are
removed, the spread of the malicious RERR is limited.
Including sequence numbers in RERR messages offers
protection against attacks using replays of these RERR
messages.
If AODVv2 routers always verify that the sender of the RERR
message is trusted, this threat is reduced.
Links could be erroneously treated as bidirectional if malicious
unsolicited or spoofed RREP messages were to be accepted. This
would result in a route being installed which could not in fact
be used to forward data to the destination, and may divert data
packets away from the intended destination.
There is a window of RREQ_WAIT_TIME after an RREQ is sent, in
which any malicious router could send an RREP in response, in
order for the link to the malicious router to be deemed as
bidirectional.
Mitigation:
Ignoring unsolicited RREP and RREP_Ack messages partially
mitigates against this threat.
If AODVv2 routers always verify that the sender of the RREP
message is trusted, this threat is reduced.
A malicious router could decide not to forward an RREQ or RREP
or RERR message. Not forwarding a RERR or RREP message would
disrupt route discovery. Not regenerating a RERR message would
result in the source of data packets continuing to maintain and
use the route, and further RERR messages being generated by the
sender of the non-regenerated RERR. A malicious router could
intentionally disrupt traffic flows by not allowing the source
of data traffic to re-discover a new route when one breaks.
Failing to send an RREP_Ack would also disrupt route
establishment, by not allowing the reverse route to be
validated. Return traffic which needs that route will prompt a
new route discovery, wasting resources and incurring a slight
delay but not disrupting the ability for applications to
communicate.
Mitigation:
None. Note that malicious router would have to wait for a
route to break before it could perform this attack.
Passive inspection (eavesdropping) of AODVv2 control messages
could enable unauthorized devices to gain information about the
network topology, since exchanging such information is the main
purpose of AODVv2.
Eavesdropping of data traffic could allow a malicious device to
obtain information about how data traffic is being routed. With
knowledge of source and destination addresses, malicious messages
could be constructed to disrupt normal operation.
Integrity of route information can be compromised in the following
types of attack:
Valid route set entries can be replaced or modified by
maliciously constructed AODVv2 messages, destroying existing
routes and the network's integrity. Any router may pose as
another router by sending RREQ, RREP, RREP_Ack and RERR messages
in its name.
Sending an RREQ message with false information can disrupt
traffic to OrigPrefix, if the sequence number attached is
not stale compared to any existing information about
OrigPrefix. Since RREQ is multicast and likely to be
received by all routers in the ad hoc network, this threat
could have serious impact on applications communicating with
OrigPrefix.
The actual threat to disrupt routes to OrigPrefix is reduced
by the AODVv2 mechanism of marking RREQ-derived routes as
"Unconfirmed" until the route to OrigAddr can be
confirmed.
Sending an RREP message with false information can disrupt
traffic to TargPrefix. Since RREP is unicast, and ignored if
a corresponding RREQ was not recently sent, this threat is
minimized, and is restricted to receivers along the path
from OrigAddr to TargAddr.
Sending an RREP_Ack response message with false information
can cause the route to an originator address to be
erroneously accepted even though the route would contain a
unidirectional link and thus not be suitable for most
traffic. Since the RREP_Ack response is unicast, and ignored
if an RREP_Ack was not sent recently to the sender of this
RREP_Ack response, this threat is minimized and is strictly
local to the RREP transmitter expecting the acknowledgement.
Unsolicited RREP_Acks are ignored.
Sending an RERR message with false information is discussed
in .
Mitigation:
If AODVv2 routers always verify that the sender of a message
is trusted, this threat is reduced.
Any AODVv2 router can forward messages with modified data.
Mitigation:
If AODVv2 routers verify the integrity of AODVv2 messages,
then the threat of disruption is minimized. A man in the
middle with no knowledge of the key used to calculate an
integrity check value may modify a message but the message
will be rejected when it fails an integrity check.
Replaying of RREQ or RREP messages would be of less use to an
attacker, since they would be dropped immediately due to their
stale sequence number. RERR messages may or may not include
sequence numbers and are therefore susceptible to replay
attacks. RREP_Ack messages do not include sequence numbers and
are therefore susceptible to replay attacks.
Mitigation:
Use of timestamps or sequence numbers prevents replay
attacks.
Encryption MAY be used for AODVv2 messages. If the routers share
a packet-level security association, the message data can be
encrypted prior to message transmission. The establishment of
such security associations is outside the scope of this
specification. Encryption will not only protect against
unauthorized devices obtaining information about network
topology (eavesdropping) but will ensure that only trusted
routers participate in routing operations.
Cryptographic Integrity Check Values (ICVs) can be used to
ensure integrity of received messages, protecting against man in
the middle attacks. Further, by using ICVs, only those routers
with knowledge of a shared secret key are allowed to participate
in routing information exchanges.
defines ICV TLVs for use with
.
The data contained in AODVv2 routing protocol messages MUST be
verified using Integrity Check Values, to avoid accepting
tampered messages.
defines a TIMESTAMP TLV for use
with which can be used to
prevent replay attacks when sequence numbers are not already
included.
The data contained in AODVv2 routing protocol messages can be
protected with a TIMESTAMP value to ensure the protection
against replaying of the message. Sequence numbers can be used
in place of timestamps, since they are known to be strictly
increasing.
The method of distribution of shared secret keys is out of the
scope of this protocol. Key management is not specified for the
following reasons:
Against , an analysis as to whether
automated or manual key management should be used shows a
compelling case for automated management. In particular:
a potentially large number of routers may have to be managed,
belonging to several organisations, for example in vehicular
applications.
a stream cipher is likely to be used, such as an AES variant.
long term session keys might be used by more than two parties,
including multicast operations. AODVv2 makes extensive use of
multicast.
there may be frequent turnover of devices.
On reviewing the case for manual key management against the same
document, it can be seen that manual management might be
advantageous in environments with limited bandwidth or high round
trip times. AODVv2 lends itself to sparse ad hoc networks where
transmission conditions may indeed be limited, depending on the
bearers selected for use.
However, assumes that the
connectivity between endpoints is already available. In AODVv2, no
route is available to a given destination until a router client
requests that user traffic be transmitted. It is required to
secure the signalling path of the routing protocol that will
establish the path across which key exchange functions might
subsequently be applied, which is clearly the reverse of the
expected functionality. A different strategy is therefore
required.
There are two possible solutions. In each case, it is assumed that
a defence in depth security posture is being adopted by the system
integrator, such that each function in the network as a whole is
appropriately secured or defended as necessary, and that there is
not complete reliance on security mechanisms built in to AODVv2.
Such additional mechanisms could include a suitable wireless
device security technology, so that wireless devices are
authenticated and secured by their peers prior to exchanging user
data, which in this case would include AODVV2 signalling traffic
as a payload, and mechanisms which verify the authenticity and/or
integrity of application-layer user data transported once a route
has been established.
In the case that no AODVv2 routers have any detailed prior
knowledge of any other AODVv2 router, but does have knowledge
of the credentials of other organisations in which the router
has been previously configured to trust, it is possible for an
AODVv2 router to send an initialisation vector as part of an
exchange, which could be verified against such credentials.
Such an exchange could make use of Identity-Based Signatures
(), based on
Elliptic Curve-Based Certificateless Signatures for
Identity-Based Encryption ,
which eliminate the need for a handshake process to establish
trust.
If it is impossible to use Identity-Based Signatures, and the
risk to the AODVv2 signalling traffic is considered to be low
due to the use of security countermeasures elsewhere in the
system, a simple pre-placed shared secret could be used
between routers, which is used as-is or is used to generate
some ephemeral secret based on another known variable, such as
time of day if that is universally available at a level of
accuracy sufficient to make such a system viable.
AODVv2 is a descendant of the design of previous MANET on-demand
protocols, especially AODV and DSR
. Changes to previous MANET on-demand
protocols stem from research and implementation experiences. Thanks
to Elizabeth Belding and Ian Chakeres for their long time authorship
of AODV. Additional thanks to Derek Atkins, Emmanuel Baccelli,
Abdussalam Baryun, Ramon Caceres, Justin Dean, Christopher Dearlove,
Fatemeh Ghassemi, Sri Gundavelli, Ulrich Herberg, Henner Jakob,
Ramtin Khosravi, Luke Klein-Berndt, Lars Kristensen, Tronje Krop,
Koojana Kuladinithi, Kedar Namjoshi, Keyur Patel, Alexandru
Petrescu, Alvaro Retana, Henning Rogge, Fransisco Ros, Pedro Ruiz,
Christoph Sommer, Romain Thouvenin, Pascal Thubert, Richard Trefler,
Jiazi Yi, Seung Yi, Behnaz Yousefi, and Cong Yuan, for their reviews
of AODVv2 and DYMO, as well as numerous specification suggestions.
Highly Dynamic Destination-Sequenced Distance-Vector
Routing (DSDV) for Mobile Computers
IBM, TJ Watson Research Center
Computer Science Department, University of Maryland
Fast handovers and context transfers in mobile networks
802.11-2016 - IEEE Standard for Information technology--Telecommunications and information exchange between systems Local and metropolitan area networks--Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification"IEEE 802 Wireless"http://standards.ieee.org/getieee802/download/802.11-2016.pdf
(includes 802.11v amendment)
This section lists the changes between recent AODVv2 revisions
...-02.txt and ...-03.txt.
Changed name of Multicast Route Message table to be Multicast
Message table (see , and
).
Reorganized the Overview to include the list of differences
between AODVv2 and RFC 3561, as well as an expanded description
of Distance Vector protocol so that "Counting to
Infinity" can be explained in somewhat more detail.
Improved consistency in terminology used (e.g., lost link versus
broken link, metric type versus MetricType. Address List versus
AddressList, IP.SourceAddress versus IP source address,
participating mobile nodes versus participating mobile routers)
Added Figures to depict the operation of RREQ and RREP during
Route Discovery.
Added text to explaining how the
LocalRoute.LastUsed field can be used to eliminate the need for
maintaining a timer interrupt service.
Added terminology for Address Block
Eliminated "Interface Set" term
Removed "ENAR" from Terminology section since its use
is local to
Eliminated instances of RFC 2119 mandate language that was
inadvisedly used for various operations on internal data
structures.
Clarified that a re-initializing router can still participate in
creating routes as an intermediate router.
Improved language surrounding the use of external mechnanisms
for establishing local connectivity. Added citations.
Strengthened mandate to remove a Neighbor Set entry, in the case
that an external mechanism reports a link as broken
Eliminated ambiguous uses of the word "safe" by
rewording to emphasize prevention of routing loops.
Updated and added bibliographic entries.
This section lists the changes between AODVv2 revisions ...-00.txt
and ...-02.txt.
Changed notation for entries in Multicast Route Message table
from RteMsg to McMsg {for Multicast Message} (see
,
, and
).
Sharpened description of suppressing multicast messages to apply
only to RREQs (see ).
Supplied AES-CCM as the default choice for HASH_FUNCTION and
CRYPTOGRAPHIC_FUNCTION (see ).
Changed the names of the Neighbor.State to be capitalized:
CONFIRMED, HEARD, and BLACKLISTED (see
).
Created a new Code field value for ICMP Destination Unreachable
messages (see ). This
allows the target of a RREQ to inform RREQ_Gen that the
requested Metric Type is not available (see
). This will prevent continued
flooding for a Route Discovery that can never be satisfied.
Corrected various typos and made some stylistic improvements and
clarifications.
Add RerrMsg as a Notational Convenience
Wordsmithing, reduce repeated text
Restore optional Precursor feature (see
)
Correct misuse of RFC 2119 language
Revise the method by which a multi-hop path is deemed to be
Confirmed
Remove technical specification details from definitions
Move security operational mandates from Security Considerations
into a new section
Sharpen language related to assuring that routing must follow
paths appropriate to the metric type for which the route was
established (see ).
Replace rambling paragraphs by itemized lists to improve
readability
Allow use of MAC-layer hints about bidirectionality (see
).
Define concepts of compatibility and comparability for Multicast
Route Message entries (see ).
This is needed to enable proper comparisons in case multihomed
nodes have route discoveries from multiple routers
Sharpen language related to multihoming
Suggest a proper default for CONTROL_TRAFFIC_LIMIT (see
).
Sharpen Security Considerations Section according to suggestions
from Bob Moskowitz