IETF Logo Mail Archive

Re: [lisp] [Ila] LISP for ILA

Tom Herbert <tom@quantonium.net> Fri, 16 March 2018 19:33 UTC

Return-Path: <tom@quantonium.net>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64D30129515 for <lisp@ietfa.amsl.com>; Fri, 16 Mar 2018 12:33:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=quantonium-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pEQUHJA4E1pQ for <lisp@ietfa.amsl.com>; Fri, 16 Mar 2018 12:33:38 -0700 (PDT)
Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB1D71252BA for <lisp@ietf.org>; Fri, 16 Mar 2018 12:33:37 -0700 (PDT)
Received: by mail-wm0-x22c.google.com with SMTP id h76so5100933wme.4 for <lisp@ietf.org>; Fri, 16 Mar 2018 12:33:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quantonium-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=YLV+X2fVJCz6midAT8PeEPJvWYoFH+jI/JW7A5YUPq8=; b=O1L5wfZf8E8eY/FVcUsKNZ8UxwcrBDadyFQSB2DozXmDiH8IbBRM7GzJpl0qplHuLD sMDue6NlLlsuleg5ZWF//O655O+dHscjldqiLy6S9uANvsWsvVQObe7Aw7dRC/y1HmNy LKpG84qyIaHYxN3A1ozi7dB0xmZmKhFxS1hTYCFlXiOPC4lrEb+GZU0zPhLuBkFHUfjj gi96wNjAepz9/azko/gD1ZQtWUIgKnBZFYnO8n42kGFBm1aK9Q1zAGbk8zVcgIbftLro /Bu/X7pi3KX7fngu8Mv4/Zl0qv+rJDb+/jLrLgitOWNGlsp1D5f19hai88CYQrVSXhqs 9rZg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=YLV+X2fVJCz6midAT8PeEPJvWYoFH+jI/JW7A5YUPq8=; b=ejGEXLXfTXq55K0VnCntD7JwaZ0qGZqcGeKqYXr1Er1q88/VROXyFKzOg7g0mAHfR0 Xwzg7a7J5FHpo38iA4gehn3vWtK1yi5LEuvqdVVZik7tUDII5WsoitgYNP8zkC8EqX9O 3MO/R6uo3JNc7Dk+1DZ0pozvL4OiyNHg2zi3IOr892/RQi7LUNmq/ClBqZ1cCOOkINHm eJMm5vPDsk95sxsazSgLsWjBlvBSQHzafYFVsmkEBVe4miCxZ8MEoKMnJ8GkQDQnS7sF 5/3W/cTwjhh2BXntlgCQFqO11Y0Smpv6ybQ7iiOa7xGMWFCzbATk4h2aFdnQxSvE6tZq pAog==
X-Gm-Message-State: AElRT7GXfkUGAT/j1KpVY15rGB8tdSAT6BN3RyVeWLSf5/KBg4Y1uZ3m LMI3Is5ZfjK0ZpUdwoEMN716hp/ggj4pvrBVbjGUdA==
X-Google-Smtp-Source: AG47ELug7nvRDvUN+oqxOw8sHNydqOtyUD+LafsUjWoCItfZYsRAchUlA302QwLtaEGC2x5KLynuk5qHIuDTvVeai7Q=
X-Received: by 10.28.87.211 with SMTP id l202mr2494521wmb.32.1521228816192; Fri, 16 Mar 2018 12:33:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.135.74 with HTTP; Fri, 16 Mar 2018 12:33:35 -0700 (PDT)
In-Reply-To: <C7DECE90-D5D6-496B-A5AA-4C3E3695C546@gmail.com>
References: <F1093230-C087-4168-9C5F-8DA7AB677677@cisco.com> <CAPDqMer58nxEixtH=JuZh9WgM0xKkEQYEjwZ6zg3wTjD76gOHQ@mail.gmail.com> <F920CAE2-9042-41DF-B013-E8FE6F891596@cisco.com> <CAPDqMeriMzM82-R-JOgx4zuqJTk2YOoBaWV_58no2V8yPas9QA@mail.gmail.com> <CF1C238D-FBE9-48BC-A7A6-49E45249E5E2@cisco.com> <CAPDqMeqL1kE+N9APFOSR4fUaek0TjZuDZMZDzDmJfMvyLO38GA@mail.gmail.com> <DA74C61A-647A-44BA-8FE7-916CF8895C49@gmail.com> <CAPDqMeqkGH0ELN=XmqF3dmsdeAurE-y+_H9+_E8mzhHo9d9nXw@mail.gmail.com> <7793B214-A235-4795-983B-CCC75A0B90BE@gmail.com> <CAPDqMeo2bdmwSEkPk002W9oxPhyxnLrr-k9MYeR5ZXEG_OGH0g@mail.gmail.com> <11EDF4FB-8636-4DF2-B687-1AB4934C4F9D@gmail.com> <CAPDqMeoSLqC=mN_hcgiLe-3Dv0c=uezbrZZ9xHn47Osb7rfLVQ@mail.gmail.com> <16F3AEC4-EDCF-417B-8165-D22C48A06F3D@gmail.com> <CAPDqMer8m5ySuXBoSbBW0vcMnNTj-DxiHykNW+S6y=ReYnMrjA@mail.gmail.com> <C7DECE90-D5D6-496B-A5AA-4C3E3695C546@gmail.com>
From: Tom Herbert <tom@quantonium.net>
Date: Fri, 16 Mar 2018 12:33:35 -0700
Message-ID: <CAPDqMepNbTJvC-=5fhX0wLOaxX3znmNCb44D77qN7XmfR_eWHQ@mail.gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
Cc: Florin Coras <fcoras.lists@gmail.com>, "Alberto Rodriguez Natal (natal)" <natal@cisco.com>, "ila@ietf.org" <ila@ietf.org>, "lisp@ietf.org" <lisp@ietf.org>, David Meyer <dmm@1-4-5.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/6olo5L2vLpe_W92NSEGBqijU7W4>
Subject: Re: [lisp] [Ila] LISP for ILA
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Mar 2018 19:33:40 -0000

On Fri, Mar 16, 2018 at 12:17 PM, Dino Farinacci <farinacci@gmail.com> wrote:
>> Such complexity is why I am still keen on the redirect model for a
>
> I hear you loud and clear. But we do the redirect model in LISP in many forms as well.
>
>> mapping system. An ILA cache is an optional element and the control
>> plane is never inline with packet forwarding and packets are not
>> dropped on a cache miss. Neither does the generate request packets for
>
> We did that in the ITR as well. A cache missed meant to send a Map-Request and to encapsulate the packet to a PETR (proxy decapsulator) where the PETR usually had a full cache (how it got populated could be with pull or push mechanisms).
>
> But this results in duplicate packets going to the destination as well as out of order packets.
>
>> bogus addresses that can't resolved. These properties bound the worse
>> case DOS attack to be that legitimate traffic takes an unoptimized
>> route but is not blocked nor dropped. Conservatively, this does
>
> Yes, understand. But even in your constrained “domain”, there may be just too much state to push to all nodes. Especially in the 5G use-case. It wasn’t a problem in the LISP beta network because the proxy xTRs had relatively coarse prefixes that reached lots of EIDs.
>
The state would need to be sharded. You'd probably need to do this
anyway for mapping-servers or high thoughput Internet facing routers
for which using a cache would be challenging.

Tom

>> require provisioning ILA-Rs to handle the full load if necessary to be
>> robust.
>
> Yes indeed.
>
> Dino
>

v2.23.0 | Report a Bug | By Email