IETF Logo Mail Archive

Re: [Ila] Proposed charter

Dino Farinacci <farinacci@gmail.com> Sat, 03 February 2018 23:44 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: ila@ietfa.amsl.com
Delivered-To: ila@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FA85126CC7 for <ila@ietfa.amsl.com>; Sat, 3 Feb 2018 15:44:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 621F1-kTtwiD for <ila@ietfa.amsl.com>; Sat, 3 Feb 2018 15:44:26 -0800 (PST)
Received: from mail-pg0-x22f.google.com (mail-pg0-x22f.google.com [IPv6:2607:f8b0:400e:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DE281204DA for <ila@ietf.org>; Sat, 3 Feb 2018 15:44:26 -0800 (PST)
Received: by mail-pg0-x22f.google.com with SMTP id s9so15817010pgq.13 for <ila@ietf.org>; Sat, 03 Feb 2018 15:44:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=VLphEKWMzl9pkeGxJ1w7Y1RZAnQCC/EkuZLpSx5JQLg=; b=paZeLoleBF+uriClwWSxX1no544ZqFiiK646qXbp0l9HjIKMiuMTAweTD6ZXX6mC8P CQwiqOex16vqOAEVXpwzlbV3zUyaGNn5jsFo1hE+i6aU5LkZ9ycHZaGuRjdT3Io2lMdX HgppYkx0CPcYiudIFyhTl4jB00xJf3hBIPg7MRQRQiaMtMVVPv9KQ8ROyovJDyuMWs5H qx/qAimj9bndMyeN5tov3dGLLPcyczS1yBi8tYEYlwskqZRnkbNw/aRkhVd/6EZ0a3zY JHpwHcQjgkBzc6Jzm8/PcLXakBDxtQZHPCJh6LcZYwO8KC+HpEMx9JKSN3D1PxTBpsY2 Xaog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=VLphEKWMzl9pkeGxJ1w7Y1RZAnQCC/EkuZLpSx5JQLg=; b=bLjC2Q4ALx+FKs6JGwAkqcbjwOvIo9A7ZrL8Ah5ru9c+4dz4FyGhn4sOJrvAmot01E ljNywnzX7U29tqGuBmYZlywGIOawJpdBHyTU8nZDLN+AuqWAbdx/zILgEPHlIvd3Zrbt S3qgTVeJ66TIFaAeMF7OoURyj2Sx0Vu5PT2wWud4TS7zqwfcvGuUx+rjrTZS6nE3FHUF IqBoOi21iWKfGEY1F6urc93noSYkiZakax+0Gg5LiGWxsrDaruHgjUI2H3SLTOxiyAcP QbaxJpD0JTU52qb85XimMbPiDxRe/s4toqNC0j9n2AjNSxWjsWRydqVKy5Y/jgnjmdof k8hw==
X-Gm-Message-State: AKwxyte25jB9/ub6kcMTka/ygZVBb5yuieEXXNYvEOw3KnVFTkmgiqtU hg32YItsXQ146f9NtwWc7yqbLFGe
X-Google-Smtp-Source: AH8x2278FnJgv9CDmifZcIqEqgH38jyB0X6TMim+KH4+GHUpWez0SWibv8izQIsrd+DWUou/brtMiA==
X-Received: by 10.98.137.75 with SMTP id v72mr44805183pfd.189.1517701466020; Sat, 03 Feb 2018 15:44:26 -0800 (PST)
Received: from [10.12.239.99] ([222.113.148.132]) by smtp.gmail.com with ESMTPSA id d71sm5578191pfb.49.2018.02.03.15.44.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 03 Feb 2018 15:44:25 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <CAO42Z2zNXZ1kZM35zpW=deAJsLhF9oF7eJ5TLQ6BcfpEAn5upA@mail.gmail.com>
Date: Sat, 03 Feb 2018 15:44:22 -0800
Cc: Tom Herbert <tom@quantonium.net>, Alexandre Petrescu <alexandre.petrescu@gmail.com>, ila@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <384E301C-228A-4A58-BDAB-A782248C1A49@gmail.com>
References: <CAPDqMeqWDdqgrU4UrhCBo0W2kD4CODnPPNJHAC_8LrZXcaoJRw@mail.gmail.com> <372ebd81-b666-31bd-244d-57021d217e63@gmail.com> <CAO42Z2xWUGL1rpd+86rKz+DBuQht12ZKMv3hg9y30j_rOner5A@mail.gmail.com> <CAPDqMeq807+mCOMsDQ9CNtRURKT_nXH_JW1deKbvA9pAVZYOFQ@mail.gmail.com> <A370F7C3-383B-4591-8172-D13BD6283BB9@gmail.com> <CAO42Z2zNXZ1kZM35zpW=deAJsLhF9oF7eJ5TLQ6BcfpEAn5upA@mail.gmail.com>
To: Mark Smith <markzzzsmith@gmail.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ila/WfuMEstn061_2gJBSfBRjeaMHUU>
Subject: Re: [Ila] Proposed charter
X-BeenThere: ila@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Identifier Locator Addressing <ila.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ila>, <mailto:ila-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ila/>
List-Post: <mailto:ila@ietf.org>
List-Help: <mailto:ila-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ila>, <mailto:ila-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Feb 2018 23:44:29 -0000

> Hi Dino,
> 
> Sorry not to get back to you sooner.
> 
> On 19 January 2018 at 05:45, Dino Farinacci <farinacci@gmail.com> wrote:
>>>> The ILA domain is effectively a virtual link layer or an underlay network
>>>> for the traffic being carried between hosts outside of the ILA domain. As
>>>> long as the ILA domain is perfectly transparent to the overlay network and
>>>> its hosts, then what ever happens within the ILA domain doesn't matter,
>>>> similar to how link layer compression, as long as fully and perfectly
>>>> reversed, also doesn't matter.)
>> 
>> Mark, it was interesting the way you worded this. I think of ILA and “its domain” as the overlay and once the originated packet is transformed, it traverses the underlay.
>> 
> 
> It has a few years since I read through Tom's initial ILA draft, and
> I'd forgotten a fair amount, in particular about the ILA address
> transform happening on the same device that originated the pre-ILA
> packet.

But I think you got it right.

> The thing I remembered was that it could be described as
> "encapsulationless" tunnelling, where tunnel end-points are
> represented by /64s rather than /128s, and the address information
> that is normally preserved in the inner packet header is instead
> preserved in the ILA ingress and egress devices in the /64 mapping
> tables. It isn't perfect tunnelling though, as the hop count, DSCP and
> possibly the flow label field values are not preserved.

Encapsulation-less is the right term. Meaning ILA puts no new headers on the packet. It changes the source and destination high-order bits in the packet. So the ID is perserved through the whole path.

But yes, you got it.

> My default view of tunnelling is that it occurs somewhere within the
> network.That means my default view of hosts is that they are simple,
> meaning that they use the addresses they're given, the address(es) the
> host has are the address(es) that are visible to applications and the
> IP stack in the host below the application normally won't do anything
> "complex" like ILA.

All the ID/Loc split protocols we have been discussing (ILA, LISP, and ILNP) are all at the network the best they can be. Meaning where the transport layer pseudo-header checksum has to be dealt with, it is. For LISP there is no issue with that. For ILA, Tom did a neat trick to not require changes to the transport protocols. And for ILNP, it wanted to keep pure layering so required small changes to TCP and UDP.

But yes, at least for LISP, it can in the host or in the network. LISP is like dividing the network layer into 2 sub-layers. The top half sub-layer is EIDs that deal with the transport layer and the bottom half sub-layer are RLOCs that deal with the data-link layer. I think of ILA the same way, where the upper sub-layer deals with a locator that is called a generic SIR-prefix and the bottom sub-layer is when the SIR-prefix gets transformed to a routable locator. 

The former (LISP) uses an extra header and the later (ILA) does address translation. They both have pros and cons no doubt.

> So from the perspective of the applications, ILA looks like something
> that is occurring in the IP layer (either within the packet origin

Right.

> device, or within a router along the path to the final destination),
> and as an IP tunnel is a virtual link, and links appear below the IP

There have been tunnels in the past (like cisco’s GRE) that treat that sort of tunnel as a virtual point-to-point link (and later a multi-point link). When you typed into the CLI “show interfaces” you would see that. And any interface-based feature could also apply to GRE features (ACLs can be configured on them, you can run routing protocols over them, etc)

LISP tunnels are not like that. They are more FIB resident. So you’d see them if you typed the equivalent of “show ip route”.  We call them “dyanmic encapsulating tunnels” so they are not virtual links. And they do not “realize a virtual topology” as some people like to refer to overlays.

> layer, that is why I described ILA as an underlay.

One could look at a packet and and its current instantiation of addresses to decide “where the packet is at this moment). So for LISP, if the packet has EIDs in them, they are on the edges of the network and are part of the overlay. Ditto for ILA Sir-prefixes. If you the packet has RLOCs in them, the packet is routable by a core network. Then the packet is in underlay (i.e. the BGP enabled capital-I Internet). Ditto for ILA when the locators have been transformed into routable prefixes.

Dino

> 
> Regards,
> Mark.
> 
> 
> 
> 
> 
>> Dino
>>

v2.23.0 | Report a Bug | By Email