RFC 7547
Management of Networks with Constrained Devices: Problem Statement and Requirements
Pages: 44
Informational
Informational
Part 1 of 2 – Pages 1 to 16
Internet Engineering Task Force (IETF) M. Ersue, Ed. Request for Comments: 7547 Nokia Networks Category: Informational D. Romascanu ISSN: 2070-1721 Avaya J. Schoenwaelder Jacobs University Bremen U. Herberg May 2015 Management of Networks with Constrained Devices: Problem Statement and RequirementsAbstract
This document provides a problem statement, deployment and management topology options, as well as requirements addressing the different use cases of the management of networks where constrained devices are involved. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7547.
Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.Table of Contents
1. Introduction ....................................................3 1.1. Overview ...................................................3 1.2. Terminology ................................................4 1.3. Network Types and Characteristics in Focus .................5 1.4. Constrained Device Deployment Options ......................9 1.5. Management Topology Options ...............................10 1.6. Managing the Constrainedness of a Device or Network .......10 1.7. Configuration and Monitoring Functionality Levels .........13 2. Problem Statement ..............................................14 3. Requirements on the Management of Networks with Constrained Devices ............................................16 3.1. Management Architecture/System ............................18 3.2. Management Protocols and Data Models ......................22 3.3. Configuration Management ..................................25 3.4. Monitoring Functionality ..................................27 3.5. Self-Management ...........................................32 3.6. Security and Access Control ...............................33 3.7. Energy Management .........................................35 3.8. Software Distribution .....................................37 3.9. Traffic Management ........................................37 3.10. Transport Layer ..........................................39 3.11. Implementation Requirements ..............................40 4. Security Considerations ........................................41 5. Informative References .........................................42 Acknowledgments ...................................................44 Authors' Addresses ................................................44
1. Introduction
1.1. Overview
Constrained devices (also known as sensors, smart objects, or smart devices) with limited CPU, memory, and power resources can be connected to a network. It might be based on unreliable or lossy channels, it may use wireless technologies with limited bandwidth and a dynamic topology, or it may need the service of a gateway or proxy to connect to the Internet. In other scenarios, the constrained devices can be connected to a unconstrained network using off-the- shelf protocol stacks. Constrained devices might be in charge of gathering information in diverse settings including natural ecosystems, buildings, and factories and sending the information to one or more server stations. Constrained devices may also work under severe resource constraints such as limited battery and computing power, little memory and insufficient wireless bandwidth, and communication capabilities. A central entity, e.g., a base station or controlling server, might have more computational and communication resources and can act as a gateway between the constrained devices and the application logic in the core network. Today, constrained devices of diverse size and with different resources and capabilities are being connected. Mobile personal gadgets, building-automation devices, cellular phones, machine-to- machine (M2M) devices, etc., benefit from interacting with other "things" in the near or somewhere in the Internet. With this the Internet of Things (IoT) becomes a reality, built up of uniquely identifiable objects (things). And over the next decade, this could grow to trillions of constrained devices and will greatly increase the Internet's size and scope. Network management is characterized by monitoring network status, detecting faults (and inferring their causes), setting network parameters, and carrying out actions to remove faults, maintain normal operation, and improve network efficiency and application performance. The traditional network monitoring application periodically collects information from a set of managed network elements, it processes the data, and it presents the results to the network management users. Constrained devices, however, often have limited power, have low transmission range, and might be unreliable. They might also need to work in hostile environments with advanced security requirements or need to be used in harsh environments for a long time without supervision. Due to such constraints, the
management of a network with constrained devices faces a different type of challenges compared to the management of a traditional IP network. The IETF has already done substantial standardization work to enable communication in IP networks and to manage such networks as well as the manifold types of nodes in these networks [RFC6632]. However, the IETF so far has not developed any specific technologies for the management of constrained devices and the networks comprised by constrained devices. IP-based sensors or constrained devices in such an environment (i.e., devices with very limited memory, CPU, and energy resources) nowadays use application-layer protocols in an ad hoc manner to do simple resource management and monitoring. This document provides a problem statement and lists requirements for the different use cases of management of a network with constrained devices. Sections 1.3 and 1.5 describe different topology options for the networking and management of constrained devices. Section 2 provides a problem statement on the issue of the management of networked constrained devices. Section 3 lists requirements on the management of applications and networks with constrained devices. Note that the requirements listed in Section 3 have been separated from the context in which they may appear. Depending on the concrete circumstances, an implementer may decide to address a certain relevant subset of the requirements. The use cases in the context of networks with constrained devices can be found in [RFC7548]. This document provides a list of objectives for discussions and does not aim to be a strict requirements document for all use cases. In fact, there likely is not a single solution that works equally well for all the use cases.1.2. Terminology
Concerning constrained devices and networks, this document generally builds on the terminology defined in [RFC7228], where the terms "constrained device", "constrained network", and others are defined. Additionally, the following terms are used throughout: AMI: (Advanced Metering Infrastructure) A system including hardware, software, and networking technologies that measures, collects, and analyzes energy use and that communicates with a hierarchically deployed network of metering devices, either on request or on a schedule. C0: Class 0 constrained device as defined in Section 3 of [RFC7228].
C1: Class 1 constrained device as defined in Section 3 of [RFC7228]. C2: Class 2 constrained device as defined in Section 3 of [RFC7228]. Network of Constrained Devices: A network to which constrained devices are connected that may or may not be a constrained network (see [RFC7228] for the definition of the term constrained network). M2M: (Machine to Machine) The automatic data transfer between devices of different kinds. In M2M scenarios, a device (such as a sensor or meter) captures an event, which is relayed through a network (wireless, wired, or hybrid) to an application. MANET: (Mobile Ad Hoc Network [RFC2501]) A self-configuring and infrastructureless network of mobile devices connected by wireless technologies. Smart Grid: An electrical grid that uses communication technologies to gather and act on information in an automated fashion to improve the efficiency, reliability, and sustainability of the production and distribution of electricity. Smart Meter: An electrical meter in the context of a smart grid. For a detailed discussion on the constrained networks as well as classes of constrained devices and their capabilities, please see [RFC7228].1.3. Network Types and Characteristics in Focus
In this document, we differentiate the following types of networks concerning their transport and communication technologies: (Note that a network in general can involve constrained and unconstrained devices.) 1. Wireline unconstrained networks, e.g., an Ethernet LAN with constrained and unconstrained devices involved. 2. A combination of wireline and wireless networks, possibly with a multi-hop connectivity between constrained devices, utilizing dynamic routing in both the wireless and wireline portions of the network. Such networks usually support highly distributed applications with many nodes (e.g., environmental monitoring) and
tend to deal with large-scale multipoint-to-point (MP2P) systems.
Wireless Mesh Networks (WMNs), as a specific variant, use off-
the-shelf radio technology such as Wi-Fi, WiMAX, and cellular
3G/4G. WMNs are reliable based on the redundancy they offer and
have often a more planned deployment to provide dynamic and cost
effective connectivity over a certain geographic area.
3. A combination of wireline and wireless networks with point-to-
point (P2P) or point-to-multipoint (P2MP) communication generally
with single-hop connectivity to constrained devices, utilizing
static routing over the wireless network. Such networks support
short-range, P2P, low-data-rate, source-to-sink types of
applications, such as RFID systems, light switches, fire/smoke
detectors, and home appliances. This type of network also
supports confined short-range spaces such as a home, a factory, a
building, or the human body. [IEEE802.15.1] (Bluetooth) and
[IEEE802.15.4] are well-known examples of applicable standards
for such networks. By using 6LoWPANs (IPv6 over Low-Power
Wireless Personal Area Networks) [RFC4919] and RPL (Routing
Protocol for Low-Power and Lossy Networks) [RFC6550] on top of
IEEE 802.15.4, multi-hop connectivity and dynamic routing can be
achieved. With RPL, the IETF has specified a proactive "route-
over" architecture where routing and forwarding is implemented at
the network layer. The protocol provides a mechanism whereby
MP2P, P2MP, and P2P traffic are supported.
4. Self-configuring infrastructureless networks of mobile devices
(e.g., MANET) are a particular type of network connected by
wireless technologies. Infrastructureless networks are mostly
based on P2P communications of devices moving independently in
any direction and changing the links to other devices frequently.
Such devices do act as a router to forward traffic unrelated to
their own use.
Wireline unconstrained networks with constrained and unconstrained
devices are mainly used for specific applications like Building
Automation or Infrastructure Monitoring. Wireline and wireless
networks with multi-hop or P2MP connectivity are used, e.g., for
environmental monitoring as well as transport and mobile
applications.
Furthermore, different network characteristics are determined by
multiple dimensions: dynamicity of the topology, bandwidth, and loss
rate. In the following, each dimension is explained, and networks in
scope for this document are outlined:
Network Topology: The topology of a network can be represented as a graph, with edges (i.e., links) and vertices (routers and hosts). Examples of different topologies include "star" topologies (with one central node and multiple nodes in one-hop distance), tree structures (with each node having exactly one parent), directed acyclic graphs (with each node having one or more parents), clustered topologies (where one or more "cluster heads" are responsible for a certain area of the network), mesh topologies (fully distributed), etc. Management protocols may take advantage of specific network topologies, for example, by distributing large-scale management tasks amongst multiple distributed network management stations (e.g., in case of a mesh topology), or by using a hierarchical management approach (e.g., in case of a tree or clustered topology). These different management topology options are described in Section 1.6. Note that in certain network deployments, such as community ad hoc networks (see the use case "Community Network Applications" in [RFC7548]), the topology is not preplanned; thus, it may be unknown for management purposes. In other use cases, such as industrial applications (see the use case "Industrial Applications" in [RFC7548]), the topology may be designed in advance and therefore taken advantage of when managing the network. Dynamicity of the network topology: The dynamicity of the network topology determines the rate of change of the graph as a function of time. Such changes can occur due to different factors, such as mobility of nodes (e.g., in MANETs or cellular networks), duty cycles (for low-power devices enabling their network interface only periodically to transmit or receive packets), or unstable links (in particular wireless links with strongly fluctuating link quality). Examples of different levels of dynamicity of the topology are Ethernets (with typically a very static topology) on the one side, and Low-power and Lossy Networks (LLNs) on the other side. LLNs nodes are often duty-cycled and operate on unreliable wireless links and are potentially mobile (e.g., for sensor networks). The more dynamic the topology is, the more have routing, transport and application-layer protocols to cope with interrupted connectivity and/or longer delays. For example, management protocols (with a given underlying transport protocol) that expect continuous session flows without changes of routes during a communication flow, may fail to operate.
Networks with a very low dynamicity (e.g., Ethernet) with no or infrequent topology changes (e.g., less than once every 30 minutes), are in the scope of this document if they are used with constrained devices (see, e.g., the use case "Building Automation" in [RFC7548]). Traffic flows: The traffic flow in a network determines from which sources data traffic is sent to which destinations in the network. Several different traffic flows are defined in [RFC7102], including P2P, MP2P, and P2MP flows as: o P2P: Point-to-point refers to traffic exchanged between two nodes (regardless of the number of hops between the two nodes). o P2MP: Point-to-multipoint traffic refers to traffic between one node and a set of nodes. This is similar to the P2MP concept in Multicast or MPLS Traffic Engineering. o MP2P: Multipoint-to-point is used to describe a particular traffic pattern (e.g., MP2P flows collecting information from many nodes flowing inwards towards a collecting sink). If one of these traffic patterns is predominant in a network, protocols (routing, transport, application) may be optimized for the specific traffic flow. For example, in a network with a tree topology and MP2P traffic, collection tree protocols are efficient to send data from the leaves of the tree to the root of the tree, via each node's parent. Bandwidth: The bandwidth of the network is the amount of data that can be sent per unit of time between two communication endpoints. It is usually determined by the link with the minimum bandwidth on the path from the source to the destination of data packets. The bandwidth in networks can range from a few kilobytes per second (such as on some IEEE 802.15.4 link layers) to many gigabytes per second (e.g., on fiber optics). For management purposes, the management protocol typically requires the sending of information between the network management station and the clients, for monitoring or control purposes. If the available bandwidth is insufficient for the management protocol, packets will be buffered and eventually dropped; thus, management is not possible with such a protocol.
Networks without bandwidth limitation (e.g., Ethernet) are in the scope of this document if they are used with constrained devices (see the use case "Building Automation" in [RFC7548]). Loss rate: The loss rate (or bit error rate) is the number of bit errors divided by the total number of bits transmitted. For wired networks, loss rates are typically extremely low, e.g., around 10^-12 or 10^-13 for the latest 10 Gbit Ethernet. For wireless networks, such as IEEE 802.15.4, the bit error rate can be as high as 10^-1 to 1 in case of interferences. Even when using a reliable transport protocol, management operations can fail if the loss rate is too high, unless they are specifically designed to cope with these situations.1.4. Constrained Device Deployment Options
We differentiate the following deployment options for the constrained devices: o A network of constrained devices that communicate with each other, o Constrained devices that are connected directly to an IP network, o A network of constrained devices that communicate with a gateway or proxy with more communication capabilities possibly acting as a representative of the device to entities in the unconstrained network, o Constrained devices that are connected to the Internet or an IP network via a gateway/proxy, o A hierarchy of constrained devices, e.g., a network of C0 devices connected to one or more C1 devices -- connected to one or more C2 devices -- connected to one or more gateways -- connected to some application servers or NMS, and o The possibility of device grouping (possibly in a dynamic manner) such as that the grouped devices can act as one logical device at the edge of the network and one device in this group can act as the managing entity.
1.5. Management Topology Options
We differentiate the following options for the management of networks of constrained devices: o A network of constrained devices managed by one central manager. A logically centralized management might be implemented in a hierarchical fashion for scalability and robustness reasons. The manager and the management application logic might have a gateway/ proxy in between or might be on different nodes in different networks, e.g., management application running on a cloud server. o Distributed management, where a network of constrained devices is managed by more than one manager. Each manager controls a subnetwork and may communicate directly with other manager stations in a cooperative fashion. The distributed management may be weakly distributed, where functions are broken down and assigned to many managers dynamically, or strongly distributed, where almost all managed things have embedded management functionality and explicit management disappears, which usually comes with the price that the strongly distributed management logic now needs to be managed. o Hierarchical management, where a hierarchy of networks with constrained devices are managed by the managers at their corresponding hierarchy level. That is, each manager is responsible for managing the nodes in its subnetwork. It passes information from its subnetwork to its higher-level manager and disseminates management functions received from the higher-level manager to its subnetwork. Hierarchical management is essentially a scalability mechanism, logically the decision-making may be still centralized.1.6. Managing the Constrainedness of a Device or Network
The capabilities of a constrained device or network and the constrainedness thereof influence and have an impact on the requirements for the management of such a network or devices. Note that the list below gives examples and does not claim completeness. A constrained device: o might only support an unreliable (e.g., lossy) radio link, i.e., the client and server of a management protocol need to gracefully handle incomplete command exchanges or missing commands.
o might only be able to go online from time to time, where it is
reachable, i.e., a command might be necessary to repeat after a
longer timeout or the timeout value with which one endpoint waits
on a response needs to be sufficiently high.
o might only be able to support a limited operating time (e.g.,
based on the available battery) or may behave as 'sleepy
endpoints', setting their network links to a disconnected state
during long periods of time, i.e., the devices need to economize
their energy usage with suitable mechanisms and the managing
entity needs to monitor and control the energy status of the
constrained devices it manages.
o might only be able to support one simple communication protocol,
i.e., the management protocol needs to be possible to downscale
from constrained (C2) to very constrained (C0) devices with
modular implementation and a very basic version with just a few
simple commands.
o might only be able to support a communication protocol, which is
not IP based.
o might only be able to support limited or no user and/or transport
security, i.e., the management system needs to support a less-
costly and simple but sufficiently secure authentication
mechanism.
o might not be able to support compression and decompression of
exchanged data based on limited CPU power, i.e., an intermediary
entity which is capable of data compression should be able to
communicate with both, devices that support data compression
(e.g., C2) and devices that do not support data compression (e.g.,
C1 and C0).
o might only be able to support a simple encryption, i.e., it would
be beneficial if the devices use cryptographic algorithms that are
supported in hardware and the encryption used is efficient in
terms of memory and CPU usage.
o might only be able to communicate with one single managing entity
and cannot support the parallel access of many managing entities.
o might depend on a self-configuration feature, i.e., the managing
entity might not know all devices in a network and the device
needs to be able to initiate connection setup for the device
configuration.
o might depend on self- or neighbor-monitoring features, i.e., the
managing entity might not be able to monitor all devices in a
network continuously.
o might only be able to communicate with its neighbors, i.e., the
device should be able to get its configuration from a neighbor.
o might only be able to support parsing of data models with limited
size, i.e., the device data models need to be compact containing
the most necessary data and if possible parsable as a stream.
o might only be able to support a limited or no-failure detection,
i.e., the managing entity needs to handle the situation, where a
failure does not get detected or gets detected late gracefully,
e.g., with asking repeatedly.
o might only be able to support the reporting of just one or a
limited set failure types.
o might only be able to support a limited set of notifications,
possible only an "I am alive." message.
o might only be able to support a soft-reset from failure recovery.
o might possibly generate a large amount of redundant reporting
data, i.e., the intermediary management entity (see [RFC7252])
should be able to filter and aggregate redundant data.
A network of constrained devices:
o might only support an unreliable (e.g., lossy) radio link, i.e.,
the client and server of a management protocol need to repeat
commands as necessary or gracefully ignore incomplete commands.
o might be necessary to manage based on multicast communication,
i.e., the managing entity needs to be prepared to configure many
devices at once based on the same data model.
o might have a very large topology supporting 10,000 or more nodes
for some applications and as such node naming is a specific issue
for constrained networks.
o needs to support self-organization, i.e., given the large number
of nodes and their potential placement in hostile locations and
frequently changing topology, manual configuration of nodes is
typically not feasible. As such, the network would benefit from
the ability to reconfigure itself so that it can continue to
operate properly and support reliable connectivity.
o might need a management solution that is energy efficient, using
as little wireless bandwidth as possible since communication is
highly energy demanding.
o needs to support localization schemes to determine the location of
devices since the devices might be moving and location information
is important for some applications.
o needs a management solution that is scalable as the network may
consist of thousands of nodes and may need to be extended
continuously.
o needs to provide fault tolerance. Faults in network operation
including hardware and software errors or failures detected by the
transport protocol should be handled smoothly. In such a case, it
should be possible to run the protocol at a reduced level but
avoid failing completely. For example, self-monitoring mechanisms
or graceful degradation of features can be used to provide fault
tolerance.
o might require new management capabilities, for example, network
coverage information and a constrained device power distribution
map.
o might require a new management function for data management, since
the type and amount of data collected in constrained networks is
different from those of the traditional networks.
o might also need energy-efficient key management.
1.7. Configuration and Monitoring Functionality Levels
Devices often differ significantly on the level of configuration
management support they provide. This document classifies the
configuration management functionality as follows:
CL0: Devices are preconfigured and allow no runtime configuration
changes. Configuration parameters are often hard coded and
compiled directly into the firmware image.
CL1: Devices have explicit configuration objects. However, changes
require a restart of the device to take effect.
CL2: Devices allow management systems to replace the entire
configuration (or predetermined subsets) in bulk.
Configuration changes take effect by soft-restarts of the
system (or subsystems).
CL3: Devices allow management systems to modify configuration
objects without bulk replacements and changes take effect
immediately.
CL4: Devices support multiple configuration datastores and they
might distinguish between the currently running and the next
startup configuration.
CL5: Devices support configuration datastore locking and device-
local configuration change transactions, i.e., either all
configuration changes are applied or none of them are.
CL6: Devices support configuration change transactions across
devices.
This document defines a classification of devices with regard to
different levels of monitoring support. In general, a device may be
in several of the levels listed below:
ML0: Devices push predefined monitoring data.
ML1: Devices allow management systems to pull predefined monitoring
data.
ML2: Devices allow management systems to pull user-defined filtered
subsets of monitoring data.
ML3: Devices are able to locally process monitoring data in order to
detect threshold crossings or to aggregate data.
At the time of this writing, constrained devices often implement a
combination of one of CL0-CL2 with one of ML0-ML1.
2. Problem Statement
The terminology for the "Internet of Things" is still nascent, and
depending on the network type or layer in focus, diverse technologies
and terms are in use. Common to all these considerations is the
"Things" or "Objects" are supposed to have physical or virtual
identities using interfaces to communicate. In this context, we need
to differentiate between the constrained and smart devices identified by an IP address compared to virtual entities such as Smart Objects, which can be identified as a resource or a virtual object by using a unique identifier. Furthermore, the smart devices usually have limited memory and CPU power as well as aim to be self-configuring and easy to deploy. However, the constraints of the network nodes require a rethinking of the protocol characteristics concerning power consumption, performance, bandwidth consumption, memory, and CPU usage. As such, there is a demand for protocol simplification, energy-efficient communication, less CPU usage, and a smaller memory footprint. On the application layer, the IETF is already developing protocols like the Constrained Application Protocol (CoAP) [RFC7252] enabling the communication of constrained devices and networks, e.g., for smart energy applications or home automation environments. In fact, the deployment of such an environment involves many, in some scenarios up to million, constrained devices (e.g., smart meters), which produce a large amount of data. This data needs to be collected, filtered, and preprocessed for further use in diverse services. Considering the high number of nodes to deploy, one has to think about the manageability aspects of the smart devices and plan for easy deployment, configuration, and management of the networks of constrained devices as well as the devices themselves. Consequently, seamless monitoring and self-configuration of such network nodes becomes more and more imperative. Self-configuration and self- management are already a reality in the standards of some organizations such as 3GPP. To introduce self-configuration of smart devices successfully, a device-initiated connection establishment is often required. A simple and efficient application-layer protocol, such as CoAP, is essential to address the issue of efficient object-to-object communication and information exchange. Such an information exchange should be done based on interoperable data models to enable the exchange and interpretation of diverse application- and management- related data. In an ideal world, we would have only one network management protocol for monitoring, configuration, and exchanging management data, independently of the type of the network (e.g., smart grid, wireless access, or core network). Furthermore, it would be desirable to derive the basic data models for constrained devices from the core models used today to enable reuse of functionality and end-to-end information exchange. However, the current management protocols seem
to be too heavyweight compared to the capabilities the constrained devices have and are not applicable directly for use in a network of constrained devices. Furthermore, the data models addressing the requirements of such smart devices need yet to be designed. So far, the IETF has not developed any specific technologies for the management of constrained devices and the networks comprised by constrained devices. IP-based sensors or constrained devices in such an environment, i.e., today, devices with very limited memory and CPU resources use, e.g., application-layer protocols to do simple resource management and monitoring. This might be sufficient for some basic cases; however, there is a need to reconsider the network management mechanisms based on the new, changed, and reduced requirements coming from smart devices and the network of such constrained devices. Although it is questionable whether we can take the same comprehensive approach we use in an IP network and use it for the management of constrained devices. Hence, the management of a network with constrained devices is necessarily designed in a simplified and less complex manner. As Section 1.6 highlights, there are diverse characteristics of constrained devices or networks, which stem from their constrainedness and therefore have an impact on the requirements for the management of such a network with constrained devices. The use cases discussed in [RFC7548] show that the requirements on constrained networks are manifold and need to be analyzed from different angles, e.g., concerning the design of the management architecture, the selection of the appropriate protocol features, as well as the specific issues that are new in the context of constrained devices. Examples of such issues are careful management of scarce energy resources, the necessity for self-organization and self-management of such devices but also the implementation considerations to enable the use of common communication technologies on a constrained hardware in an efficient manner. For an exhaustive list of issues and requirements that need to be addressed for the management of a network with constrained devices, please see Sections 1.6 and 3.
(page 16 continued on part 2)