Re: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11
"Joel M. Halpern" <jmh@joelhalpern.com> Thu, 12 February 2015 14:20 UTC
Return-Path: <jmh@joelhalpern.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B768F1A88D9; Thu, 12 Feb 2015 06:20:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.302
X-Spam-Level:
X-Spam-Status: No, score=-1.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_36=0.6, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6gUwGR83YoNH; Thu, 12 Feb 2015 06:20:48 -0800 (PST)
Received: from mailb2.tigertech.net (mailb2.tigertech.net [208.80.4.154]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05E811A8857; Thu, 12 Feb 2015 06:20:48 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id 89B181C049F; Thu, 12 Feb 2015 06:20:47 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from Joels-MacBook-Pro.local (pool-70-106-135-240.clppva.east.verizon.net [70.106.135.240]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 7BA8A1C059F; Thu, 12 Feb 2015 06:20:16 -0800 (PST)
Message-ID: <54DCB679.8060606@joelhalpern.com>
Date: Thu, 12 Feb 2015 09:19:37 -0500
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Luigi Iannone <ggx@gigix.net>
References: <hmrnc76l2jt0ubjwmjvb3c9s.1423706346606@email.android.com> <1A8253CB-7E12-4949-BBAB-45BD6DF2F496@gigix.net>
In-Reply-To: <1A8253CB-7E12-4949-BBAB-45BD6DF2F496@gigix.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/lisp/6p-UmZca_hVe9jTPYFcTshRhYuE>
Cc: ops-dir@ietf.org, ietf@ietf.org, david.black@emc.com, Damien Saucez <damien.saucez@inria.fr>, lisp@ietf.org
Subject: Re: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Feb 2015 14:20:55 -0000
That proposed text works for me. Yours, Joel On 2/12/15 3:28 AM, Luigi Iannone wrote: > Hi, > > Aren’t we going into to much details for the intro document? > > What if we change the sentence in the following way: > > OLD (suggested by David) > > "in the specific case of a VM/mobile node the EID-prefix should be /32 > or /128 (IPv4 or IPv6 respectively)” > > NEW > > "In the mobility case the EID-prefix can be as small as a full /32 or > /128 (IPv4 or IPv6 respectively) depending on the mobility use-case > (e.g., subnet mobility vs single VM/Mobile node mobility)" > > > Opinions? > > >> On 12 Feb 2015, at 02:59, Jmh.direct <jmh.direct@joelhalpern.com >> <mailto:jmh.direct@joelhalpern.com>> wrote: >> >> Temeber that an EID prefix represents a site. A tenant network in a >> data center is a viable site. So the prefix as registered for that. >> Mobiluty of VMs with the tenant network can be handled internally. >> >> Ypu could instead advertise each VM EID. Tge fact that both cased >> work makes doing an introductory description a bit tricky. >> >> Yours, >> Joel >> >> >> Sent from my Samsung smartphone on AT&T >> >> >> >> -------- Original message -------- >> Subject: RE: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11 >> From: "Black, David" <david.black@emc.com <mailto:david.black@emc.com>> >> To: "Jmh.direct" <jmh.direct@joelhalpern.com >> <mailto:jmh.direct@joelhalpern.com>>,"acabello@ac.upc.edu >> <mailto:acabello@ac.upc.edu>" <acabello@ac.upc.edu >> <mailto:acabello@ac.upc.edu>> >> CC: "farinacci@gmail.com <mailto:farinacci@gmail.com>" >> <farinacci@gmail.com >> <mailto:farinacci@gmail.com>>,"jmh@joelhalpern.com >> <mailto:jmh@joelhalpern.com>" <jmh@joelhalpern.com >> <mailto:jmh@joelhalpern.com>>,"damien.saucez@inria.fr >> <mailto:damien.saucez@inria.fr>" <damien.saucez@inria.fr >> <mailto:damien.saucez@inria.fr>>,"ops-dir@ietf.org >> <mailto:ops-dir@ietf.org>" <ops-dir@ietf.org >> <mailto:ops-dir@ietf.org>>,"ietf@ietf.org <mailto:ietf@ietf.org>" >> <ietf@ietf.org <mailto:ietf@ietf.org>>,"lisp@ietf.org >> <mailto:lisp@ietf.org>" <lisp@ietf.org <mailto:lisp@ietf.org>>,"Black, >> David" <david.black@emc.com <mailto:david.black@emc.com>> >> >> >> > In the VM case, am entire service network may be moved to the data >> center, and so the EID block for that set can be moved. >> >> For a single VM, that would apply if the VM is using an entire EID >> block - most individual VMs aren’t/don’t. Individual /32 and /128 >> addresses are common for individual VMs, so that’s what’s needed in >> general for individual VM movement. >> >> I’d expect the EID block move case to apply for movement of a group of >> VMs that are using such a block (e.g., as a subnet), but VM live >> migrations cannot be synchronized in general (cold migrations of >> powered-off VMs can be, obviously), so even in this case where the >> entire EID block moves, if live VM migrations are involved, there are >> intermediate stages where the EID block is split between LISP sites >> ... and hence /32 and /128 prefixes are still what’s wanted. >> >> Thanks, >> --David >> >> *From:*Jmh.direct [mailto:jmh.direct@joelhalpern.com] >> *Sent:* Wednesday, February 11, 2015 7:19 PM >> *To:* Black, David; acabello@ac.upc.edu <mailto:acabello@ac.upc.edu> >> *Cc:* farinacci@gmail.com <mailto:farinacci@gmail.com>; >> jmh@joelhalpern.com <mailto:jmh@joelhalpern.com>; >> damien.saucez@inria.fr <mailto:damien.saucez@inria.fr>; >> ops-dir@ietf.org <mailto:ops-dir@ietf.org>; ietf@ietf.org >> <mailto:ietf@ietf.org>; lisp@ietf.org <mailto:lisp@ietf.org> >> *Subject:* RE: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11 >> *Importance:* Low >> >> I thinl we may want to separate VM mobility from mobile devices. Om >> the VM case, am entire setvice network may be moved to the data >> center, and so the EID block for that set can be moved. In the case >> of individually mobile debices or some vatiations on data center >> mobility, there is a need to mske sure the full EID is advertised in >> the mapping system. >> >> Yours, >> >> Joel >> >> >> >> Sent from my Samsung smartphone on AT&T >> >> >> >> >> -------- Original message -------- >> Subject: RE: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11 >> From: "Black, David" <david.black@emc.com <mailto:david.black@emc.com>> >> To: "acabello@ac.upc.edu <mailto:acabello@ac.upc.edu>" >> <acabello@ac.upc.edu <mailto:acabello@ac.upc.edu>> >> CC: Dino Farinacci <farinacci@gmail.com >> <mailto:farinacci@gmail.com>>,"Joel M. Halpern" <jmh@joelhalpern.com >> <mailto:jmh@joelhalpern.com>>,Damien Saucez <damien.saucez@inria.fr >> <mailto:damien.saucez@inria.fr>>,"ops-dir@ietf.org >> <mailto:ops-dir@ietf.org>" <ops-dir@ietf.org >> <mailto:ops-dir@ietf.org>>,"ietf@ietf.org <mailto:ietf@ietf.org>" >> <ietf@ietf.org <mailto:ietf@ietf.org>>,"lisp@ietf.org >> <mailto:lisp@ietf.org>" <lisp@ietf.org <mailto:lisp@ietf.org>>,"Black, >> David" <david.black@emc.com <mailto:david.black@emc.com>> >> >> Hi Albert, >> >> As noted below, on the EID prefix for mobility issue, a simple >> statement in Section 5 to the effect that “in the specific case of a >> VM/mobile node the EID-prefix should be /32 or /128 (IPv4 or IPv6 >> respectively)” will suffice. Details on what to do when that advice >> is ignored can be left to other documents. >> >> Thanks, >> --David >> >> *From:*Albert Cabellos [mailto:albert.cabellos@gmail.com] >> *Sent:* Wednesday, February 11, 2015 6:33 PM >> *To:* Black, David >> *Cc:* Dino Farinacci; Joel M. Halpern; Damien Saucez; ops-dir@ietf.org >> <mailto:ops-dir@ietf.org>; ietf@ietf.org <mailto:ietf@ietf.org>; >> lisp@ietf.org <mailto:lisp@ietf.org> >> *Subject:* Re: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11 >> >> Hi David >> >> Thanks for your comments, I am parsing them and I´ll suggest new text >> aiming to address them ASAP. >> >> I would also like to better understand [A] before doing this. >> >> With LISP an EID-preifx can have an arbitrary length and can move >> (i.e., change its RLOC bindings), in the specific case of a VM/mobile >> node the EID-prefix should be /32 or /128 (IPv4 or IPv6 respectively). >> What doesn't work is the mobility of a node (assigned with a /32 or >> /128) *within* a coarser EID-prefix, in this case you need to split >> the prefix into more specifics and register them independently in the >> Mapping System, effectively creating new EID-prefixes. >> >> Please let me know if this clarifies your comment, in this case I will >> suggest new text for Section 5. >> >> Albert >> >> On Thu, Feb 12, 2015 at 12:07 AM, Black, David <david.black@emc.com >> <mailto:david.black@emc.com>> wrote: >> >> Dino - thanks for the response. >> >> On the major issues, it looks like both [A] and [B] involve only the text >> in this draft and nothing beyond, which is good news. I have a simple >> text >> suggestion for [A], but it looks like [B] is going to require some careful >> editing, as one of the primary causes is that the draft is sloppy in using >> the same symbol "G" to represent both EID and RLOC multicast groups. >> >> On the minor issues, I have text suggestions for three of the four, and >> I'd like to temporarily defer further discussion the IPv6 UDP zero >> checksum "tarpit" in favor of resolving everything else first. >> >> On the nits/editorial comments, all the suggestions in your email are fine >> with me. FWIW, I regard that portion of a review as almost entirely >> subject to the draft authors' discretion (and editorial taste). >> >> > >> [A] EID mobility vs. EID prefixes >> > >> > ... from the start of the LISP design (circa 2007), an prefix is >> what moves. >> > And a specific EID is simply a /32 or /128 prefix. Here is a practical >> > example: >> >> A statement that the mobility use cases need to employ /32 and /128 >> prefixes, >> and not anything coarser should suffice. That should be added to >> Section 5. >> >> > >> [B] LISP Multicast vs. EID/RLOC separate >> > >> >> > >> - 6. Multicast >> > >> >> > >> This is interesting, multicast addresses (G) look like they're an >> exception >> > >> > They are really not. >> >> My concern is that as I read the draft, it leaves me with the strong >> impression >> that the same multicast addresses (G) are being used in both the overlay >> (as EIDs) and the underlay (as RLOCs). From your response, I conclude >> that this >> is not the case (and I have no argument with that). Rather, Section 6 >> needs to >> bluntly state that multicast addresses are mapped between EID and RLOC >> space at >> both ITRs and ETRs, so that the following inference is obvious from >> the text >> (it's currently not obvious): >> >> > So it makes perfect sense to register multicast addresses to the mapping >> > system as EIDs and they can map to RLOCs of sites that have joined >> the group. >> >> As part of this, I strongly recommend moving away from use of "G" to >> refer to >> multicast groups in both the overlay and underlay. Careful use of G-EID >> and G-RLOC would significantly improve clarity. >> >> --- >> If the above are done for [A] and [B] in Sections 5 and 6, then the >> text for the >> use cases in Section 7 should not need further attention. >> --- >> >> > >> -- Minor Issues -- >> > >> >> > >> There seems to be an implicit assumption that the end host and its >> > >> ITR (xTR) are in the same domain or Autonomous System. For >> incremental >> > >> > This is true when you call the domain a "LISP site". But if the site is >> > unchanged and one uses PITRs, maybe even close to the site, like in a PE >> > router, then the PITR is definitely in another AS. >> >> Looking at the text, it seems that "LISP site" and "domain" are the same >> concept for this draft. That would be useful to state, IMHO but I'll >> leave >> the decision on whether to do so to you and the draft authors. >> >> On rereading, my concerns seem to be triggered mostly by this sentence in >> Section 3.2: >> >> The edge consists of LISP sites (e.g., an >> Autonomous System) that use EID addresses. >> >> I think a small change to the last sentence in that paragraph would >> resolve >> my concern without distracting from the narrative: >> >> OLD >> EIDs do not >> contain inter-domain topological information and because of this, >> EIDs are usually routable at the edge (within LISP sites) or in the >> non-LISP Internet. >> NEW >> EIDs do not >> contain inter-domain topological information and because of this, >> EIDs are usually routable at the edge (within LISP sites) or in the >> non-LISP Internet; see Section 3.5 for discussion of LISP site >> internetworking with non-LISP sites and domains in the Internet. >> >> > >> Despite multiple mentions of incremental deployment, I did not >> > >> see a discussion of how that might be accomplished. >> > >> > There are PxTRs and NATs. And references to the LISP interworking RFC. >> >> Ok, can we just say so in Section 3.5? Adding the following sentence >> to the end of the section would suffice: >> >> PITRs, PETRs and LISP-NAT support incremental deployment of LISP >> by providing significant flexibility in location of the boundaries >> between the LISP and non-LISP portions of the network, and making >> it reasonable to change those boundaries over time. >> >> > >> - 3.3.1. LISP Encapsulation >> > >> >> > >> the source port is selected by >> > >> the ITR and ignored on reception. >> > >> >> > >> Please mention multipathing (e.g., ECMP and LAG) as possible >> influences >> > >> on how source ports are selected, as this imposes some limits on >> what an >> > >> ITR can reasonably do. >> > >> > ECMP/LAG don't influence which source port is selected. It is a >> 5-tuple hash >> > of the inner header that selects a source port that influences how >> an underlay >> > router would load-split traffic. >> >> Please state that a 5-tuple hash is used. ECMP/LAG is among the important >> reasons why, but that doesn't need to be stated if you prefer not to. An >> example of something that needs to be excluded is that using a random >> number generator to set the source port would be wrong - I could suggest >> citing draft-ietf-dart-dscp-rtp for related discussion (and lots more >> details), but I don't think that's necessary. >> >> -- IPv6 zero UDP checksum >> >> > My head spins every time I hear about this subject. This subject has >> been >> > talked about from 100s of people for a decade. We have CRC on links, >> we have >> > apps that use TCP and UDP checksums. Nuf said. >> >> Understood - there's more than one set of scars on this one :-(. >> Let's come back >> to this topic after we've resolved everything else, and please keep in >> mind >> that I tagged this as a minor issue, not a major one (e.g., the above >> changes >> for [A] and [B] are far more important, IMHO). >> >> Thanks, >> --David >> >> > -----Original Message----- >> > From: Dino Farinacci [mailto:farinacci@gmail.com <mailto:farinacci@gmail.com>] >> > Sent: Wednesday, February 11, 2015 2:19 PM >> > To: Joel M. Halpern >> > Cc: Black, David; Albert Cabellos; Damien Saucez;ops-dir@ietf.org <mailto:ops-dir@ietf.org>; >> >ietf@ietf.org <mailto:ietf@ietf.org>; lisp@ietf.org <mailto:lisp@ietf.org> >> > Subject: Re: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11 >> > >> >> > > I will leave most of these for the authors to comment on. >> > >> > See my comments inline. Thanks David for your detailed review and >> commentary. >> > >> > > With regard to your question about incremental deployment, that is the >> > domain of the LISP Deployment document, and was deliberately only >> lightly >> > covered here. I am not sure what we can do to address your comment >> without >> > duplicating the entirety of that document. >> > >> > That is the risk we may have with many of your comments. We have a >> lot of >> > detail in the already 9 published RFCs and this document really is >> to take >> > all that detail and summarize as an easily understandable >> description of a >> > cohesive design. >> > >> > > With regard to UDP Zero, this was approved by the IESG and >> published as an >> > RFC. It is part of the way the protocol is defined. If there are >> specific >> > changes you would like to see in the explanatory text, I am sure >> > >> > Definitely agreed. In fact we instigated UDP zero. And I continually >> talk to >> > hardware engineers and they all believe we made the right decision. >> So hats >> > off to the IETF for being practical. >> > >> > > we could include them. If you are looking for a change in the >> behavior, >> > this document can not make changes to the LISP behavior. >> > >> > Yes, an important point. >> > >> > >> I found a couple of major issues that I hope arise from the >> > >> summarization of LISP in this draft, as opposed to being problems in >> > >> the actual LISP protocols. I also found a few minor issues, the most >> > >> important of which is the need for additional security considerations >> > >> discussion on misdelivery, with particular attention to VPNs. >> > >> > Thanks a ton. >> > >> > >> -- Major issues -- >> > >> >> > >> [A] EID mobility vs. EID prefixes >> > >> >> > >> - 5. Mobility >> > >> >> > >> I understand how this works when mapping is per-EID, but how does >> this work >> > >> when the EID of the system that moves is part of an EID prefix, as >> > discussed >> > >> in Section 3.4.1? Even if the answer is a long version of "Don't >> do that!" >> > >> it should be explained. >> > >> > No, from the start of the LISP design (circa 2007), an prefix is >> what moves. >> > And a specific EID is simply a /32 or /128 prefix. Here is a practical >> > example: >> > >> > You have a cluster of servers that communicate together for a particular >> > application. They application cluster is running in a set of VMs. >> Those VMs >> > are assigned EIDs from a common power-of-2 EID-prefix. Those VMs are >> currently >> > running in a brick-and-mortar data center. Now there is a desire to >> move the >> > VM cluster to a cloud provider. What is moved is the EID-prefix of the >> > cluster. The mapping system is told that the EID-prefix is changing >> its RLOC- >> > set from the brick-and-mortar xTRs to the cloud providers xTRs. >> > >> > >> >> > >> - 7.4. LISP for Virtual Machine Mobility in Data Centers >> > >> >> > >> I don't understand how this works when EID prefixes are used, as >> each VM >> > >> has its own EID or EIDs, hence the entire prefix range does not >> move when >> > >> the VM moves. >> > >> >> > >> For OPS-Dir, this EID prefix issue [A] falls under A.1.1 in >> Appendix A >> > >> of RFC 5706: Has deployment been discussed? and specifically under: >> > >> >> > >> * Is the proposed specification deployable? If not, how >> could >> > >> it be improved? >> > >> >> > >> as EID prefixes appear to be undeployable for Mobility and VM >> Mobility >> > usage. >> > >> > See above example. >> > >> > >> [B] LISP Multicast vs. EID/RLOC separate >> > >> >> > >> - 6. Multicast >> > >> >> > >> This is interesting, multicast addresses (G) look like they're an >> exception >> > >> > They are really not. Since multicast addresses *identify* a group of >> > receivers, it is very much an EID and aheres to the definition of an >> EID. >> > Multicast addresses never had topological signficance but the state >> > representing a distribution tree does tell you were the members are >> (but the >> > identity of the members are not know in multicast). >> > >> > So it makes perfect sense to register multicast addresses to the mapping >> > system as EIDs and they can map to RLOCs of sites that have joined >> the group. >> > See draft-farinacci-signal-free-multicast as just one example. >> RFC6831 and >> > draft-farinacci-lisp-mr-signaling are other examples. >> > >> > >> to the EID/RLOC separation as the same destination IP multicast >> address >> > >> is used for both purposes. This could use some more discussion, >> as it's >> > >> unexpected based on the contents of the draft up to this point. >> > >> > I believe the level of detail we have in the introduction document >> is at the >> > right level or we'll err on having way too many details crop in. >> > >> > >> - 7.2. LISP for IPv6 Co-existence >> > >> >> > >> LISP encapsulations allows to transport packets using EIDs from a >> > >> given address family (e.g., IPv6) with packets from other address >> > >> families (e.g., IPv4). >> > >> >> > >> How does that work for multicast traffic, where the destination >> address >> > >> (G) has to be the same in both the inner and outer headers? Are ETRs >> > >> and ITRs expected to map IPv6 multicast addresses to IPv4 and v.v.? >> > >> > The mapping system can map an (S-EID-ipv6, group-ipv6) 2-tuple to a >> RLOC set >> > that looked like this (ipv4-multicast, ipv4-unicast) mean the ITR that >> > receives the packet from S-EID-ipv6 would replicate the packet and >> multicast >> > encapsulate to ipv4-multicast and unicast encapsualte to ipv4-unicast. >> > >> > >> - 7.3. LISP for Virtual Private Networks >> > >> >> > >> This also has multicast problems, as there is only one instance >> of each >> > >> multicast address (G) in the underlay network. I think I can >> figure out >> > how >> > >> > You can map from EID-G to RLOC-G one to one. But we have seen over >> the last >> > decade in a half that with general multicast deployment that >> many-to-1 is >> > desirable. Hence, now that we have a way to map with a network-based >> database, >> > we can map multiple EID-Gs to a single (or multiple) RLOC-Gs. >> > >> > >> to make multicast work for this use case, but it's not >> immediately obvious, >> > >> and the result when the same underlay multicast address is used >> by more >> > >> than one VPN could well deliver some traffic to ETRs that have to >> discard >> > >> > This is a necessary evil when the underlay is state challenged. But >> it is a >> > state/bandwidth tradeoff. We have found with MVPN deployment that >> the network >> > admin configures the underly or simply unicasts. >> > >> > >> it because the Instance ID is wrong (and that excessive delivery is a >> > >> security consideration, see minor issue on Section 8 below). I >> think an >> > >> explanation is in order. >> > >> > There are just too many combinations to make a high-level >> description simple >> > to understand. The current introduction text does a find job providing >> > references for someone to go off and get the details. >> > >> > >> -- Minor Issues -- >> > >> >> > >> There seems to be an implicit assumption that the end host and its >> > >> ITR (xTR) are in the same domain or Autonomous System. For >> incremental >> > >> > This is true when you call the domain a "LISP site". But if the site is >> > unchanged and one uses PITRs, maybe even close to the site, like in a PE >> > router, then the PITR is definitely in another AS. But note I said >> PITR and >> > not ITR. The reason being is because an ITR is configured with database- >> > mapping prefixes that is uses to encapsulate packets from such >> addresses. >> > Versus the PITR being an ITR with *no database-mappings* providing a >> much more >> > larger/or more aggregtable service. >> > >> > >> deployment, I don't think that's always the case, but I think >> that only >> > >> has editorial impact on this document, as I don't think any of the >> > >> fundamental LISP mechanisms are affected. The authors should >> look for >> > >> use of "domain" and "Autonomous System" and ensure that the text is >> > >> generalized to the case where the end host and ITR are more widely >> > >> separated. >> > >> > We are overloaded with terms that create topological or organization >> boundary. >> > Hence why we created "LISP site" which is also the same as a "LISP >> VPN site". >> > Where a "LISP site" that has multiple tennants would be multiple >> "LISP VPN >> > sites". >> > >> > >> Despite multiple mentions of incremental deployment, I did not >> > >> see a discussion of how that might be accomplished. There is some >> > >> > There are PxTRs and NATs. And references to the LISP interworking RFC. >> > >> > >> useful content in Section 3.5, but that's at best an incomplete >> > >> explanation. This is an OPS-Dir review concern - it falls under >> > >> A.1.3 in Appendix A of RFC 5706: Has the migration path been >> discussed? >> > >> >> > >> - 3.3.1. LISP Encapsulation >> > >> >> > >> the source port is selected by >> > >> the ITR and ignored on reception. >> > >> >> > >> Please mention multipathing (e.g., ECMP and LAG) as possible >> influences >> > >> on how source ports are selected, as this imposes some limits on >> what an >> > >> ITR can reasonably do. >> > >> > ECMP/LAG don't influence which source port is selected. It is a >> 5-tuple hash >> > of the inner header that selects a source port that influences how >> an underlay >> > router would load-split traffic. >> > >> > >> For OPS-Dir, this multipathing concern falls under A.1.4 in >> Appendix A of >> > >> RFC 5706: Have the Requirements on other protocols and functional >> > >> components been discussed? >> > >> >> > >> This decision was made because the >> > >> typical transport protocols used by the applications already >> include >> > >> a checksum, by neglecting the additional UDP encapsulation >> checksum >> > >> xTRs can forward packets more efficiently. >> > >> >> > >> Groan! I have an exquisite set of scars on UDP zero checksums >> for IPv6 >> > >> from working on the MPLS in UDP draft, so I may be overly >> sensitive to >> > >> this concern. The downside of this efficiency is that there is no >> > >> checksum coverage of the IPv6 header when zero UDP checksums are >> used. >> > >> That should at least be mentioned here, with a summary of why >> that's ok >> > >> - the detailed justification for why that's ok can be left to other >> > >> documents. >> > >> > My head spins every time I hear about this subject. This subject has >> been >> > talked about from 100s of people for a decade. We have CRC on links, >> we have >> > apps that use TCP and UDP checksums. Nuf said. >> > >> > >> >> > >> -- Nits/Editorial Comments -- >> > >> >> > >> - Top of p.4: >> > >> >> > >> The initial motivation in the LISP effort is to be find in the >> > >> >> > >> "find" -> "found" >> > >> >> > >> - Section 3.1, first bullet item >> > >> > We will certainly fixe these. Thanks. >> > >> > >> >> > >> Devices are assigned with relatively opaque identity >> > >> meaningful addresses that are independent of their topological >> > >> location. >> > >> >> > >> I don't understand "relatively opaque identity meaningful" and >> > >> suggest rewriting the sentence. In particular - opaque to what? >> > >> meaningful to what in what manner? >> > >> > Well beacuse it is as accurate as it can be. If automobiles are >> going to be >> > assigned EIDs from a VIN number allocation from a manufacture, the >> address is >> > relatively opaque. If a VM in a data-center is going to be assigned >> an EID >> > from the set of prefixes already being used and allocated to that >> data-center, >> > then there is a good chance that address is in a power-of-2 block >> that is >> > summarizable in the IGP. >> > >> > >> >> > >> - Section 3.2, second paragraph >> > >> >> > >> Judging from the figure, xTRs are the common case, with single- >> > >> function ITRs and ETRs being rare. It might be good to say that >> > >> and discuss when ITRs and ETRs that are not xTRs are appropriate >> > >> to use. >> > >> > When you want egress path selection to happen further out in the >> toplogical >> > from the source location, then you put an ITR-only system there. >> Where ingress >> > to the same source (destination in this direction), the ETR can be >> closer to >> > the destination. >> > >> > >> >> > >> - 3rd paragraph on p.7: >> > >> >> > >> >> > >> Finally, the LISP architecture emphasizes a cost effective >> > >> incremental deployment. >> > >> >> > >> I'd delete "cost effective" here and look for other occurrences >> > >> of "cost" as candidates for deletion. This is supposed to be >> > >> a technical document, so discussion of costs is a bit off-target. >> > >> > Fair enough. >> > >> > >> - First item after Figure 2: >> > >> >> > >> 1. HostA retrieves the EID_B of HostB, typically querying the DNS >> > >> and obtaining and A or AAAA record. >> > >> >> > >> "and A" -> "an A" (spelling checkers don't catch everything). >> > >> > Already noted and will be fixed. >> > >> > >> >> > >> - 3.3.1. LISP Encapsulation >> > >> >> > >> On the other hand, Recursive >> > >> tunnels are nested tunnels and are implemented by using >> multiple LISP >> > >> encapsulations on a packet. >> > >> >> > >> The above sentence seems out of place in the middle of a >> paragraph about >> > >> Re-encapsulating tunnels and routers - I suggest moving it down >> into its >> > >> own paragraph and perhaps adding a sentence about where/how Recursive >> > >> tunnels may be useful. >> > >> > Good suggestion and makes sense. >> > >> > >> - 3.3.2. LISP Forwarding State >> > >> >> > >> In the LISP architecture, ITRs keep just enough information to >> route >> > >> traffic flowing through it. >> > >> >> > >> "it." -> "them." >> > >> >> > >> Meaning that, ITRs retrieve from the >> > >> LISP Mapping System mappings between EID prefixes and RLOCs >> that are >> > >> used to encapsulate packets. >> > >> >> > >> This is the first use of the notion of EID prefixes. That >> concept should >> > >> be explained before it is used, although a forward reference to >> section >> > >> 3.4.1 may suffice. It might be better to rewrite this paragraph >> in terms >> > >> of EIDs and leave the notion of EID prefixes to section 3.4.1. >> > >> > Hmm, I'll let Albert and Damien decide if we should state "EID-prefixes" >> > everywhere instead of just "EID". >> > >> > >> >> > >> - 4.4. MTU Handling >> > >> >> > >> Additionally, LISP also recommends inferring reachability of >> locators >> > >> by using information provided by the underlay, in particular: >> > >> >> > >> It'd be useful to add a sentence or two about how LISP and the >> techniques >> > >> in this section interact with host use of PMTUD and PLPMTUD. >> > >> > This is a lot of detail because in RFC6830 we have 3 positions or >> options on >> > the subject. And we did provide a reference to RFC6830 for this topic. >> > >> > >> - Next to last paragraph on p.17: >> > >> >> > >> Additionally, LISP also recommends inferring reachability of >> locators >> > >> by using information provided by the underlay, in particular: >> > >> >> > >> This looks like it's a paragraph early and needs to be moved down to >> > >> after the paragraph that follows it. >> > >> > Agree. >> > >> > >> idnits 2.13.01 didn't find any nits. >> > >> >> > >> Thanks, >> > >> --David >> > >> > Thanks again David. >> > >> > Dino >> >
- [lisp] OPS-Dir review of draft-ietf-lisp-introduc… Black, David
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Joel M. Halpern
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Black, David
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Dino Farinacci
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Black, David
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Albert Cabellos
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Black, David
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Jmh.direct
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Black, David
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Jmh.direct
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Dino Farinacci
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Luigi Iannone
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Luigi Iannone
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Dino Farinacci
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Dino Farinacci
- Re: [lisp] OPS-Dir review of draft-ietf-lisp-intr… Joel M. Halpern