Chapter 4 - Part 1
Messages and IPv6 reachability
Continuing the topic of the principles of learning the Matter protocol, in the fourth chapter we will discuss the training of the secure channel. Since this chapter consists of many parts, therefore, for the ease of teaching, we divide the fourth chapter into several parts and teach it. Therefore, in the first part of the eighth chapter, we examine the topic related to messages and IPv6 accessibility. Stay with us.
First, we must state that the secure channel and message layer allow nodes to communicate securely with each other by creating a fixed network service platform. During the setup process and unicast communication, a discovery mechanism is provided to determine the matching IPv6 addresses and operational parameters. Secure session establishment mechanisms are provided using certificates (CASE) or shared passwords (PASE).
Messages
Communication is created using messages and includes two categories: secure communication and insecure communication.
Each message has two parts: a Session Type part and a Session ID part. In this way, it is determined whether this message is secure or not. Each message has a message counter field to uniquely identify the message for security purposes.
Unsecured communications are limited to
- Discovery
which does not use the Matter message format.
- User Directed Commissioning (UDC)
which uses insecure messages to start the boot process.
- Session establishment
which uses unsecured messages to establish a CASE or PASE session.
Message types
Messages are defined in two types: control message and data message. Most of these messages are data messages. Control messages are reserved for internal protocols such as MCSP. The format of both message types is the same, but they each use separate message counter domains to work securely on the same security key.
Message Transports
Messages have limited sizes and are sent as individual packets via the supported transports listed below:
- UDP
It transmits the messages as a separate datagram.
- TCP
It transmits each message with a predetermined length and performs fragmentation and reassembly if necessary.
- BTP
Each message is transmitted over BLE as a separate SDU, segmentation is performed, and BTP is provided as a transport protocol to boot.
Message Exchanges
Each message provides an exchange layer for tracking related messages that form small, discrete transactions. The exchange layer provides this transaction tracking facility for the interaction model layer, and provides a means of multiplexing multiple concurrent transactions within a given underlying session. The "message layer stack" is shown in the figure below:
IPv6 Reachability
In this section, IPv6 network configuration requirements are explained for its access between nodes. As explained in the network topology chapter, a Matter network may consist of one or more IPv6 networks.
In a single network configuration, all Matter nodes are connected to the same IPv6 link and may consist of a connected Wi-Fi / Ethernet network. When all Matter nodes are connected to the same Wi-Fi / Ethernet network, no additional IPv6 network infrastructure is required.
In a multi-network configuration, a Matter network usually consists of an infrastructure network and one or more subnets. Unlike an infrastructure network, subnetworks do not act as transit networks. Typically, the infrastructure network is a bridged Wi-Fi / Ethernet network, and Thread networks are subnets. A micro router connects a micro network to an infrastructure network and provides IPv6 access between the two networks.
- Stub Router Behavior
In a multi-network configuration, infrastructure and subnets require routable IPv6 addresses to communicate between networks. A routable IPv6 address must have a global domain (eg GUA or ULA) and must be constructed out of the on-link advertised prefix. It should be noted that "on-mesh prefix" is equivalent to "on-link prefix" in Wi-Fi/Ethernet. Stub routers must advertise access to all routable prefixes in the adjacent network.
- Matter Node Behavior
Matter nodes must configure a local IPv6 address. Also, nodes must support the configuration of at least three routable IPv6 addresses (in addition to link-local and, in the case of Thread, local addresses).
