IETF Logo Mail Archive

Re: [lisp] Review 6830bis -08/-09

Dino Farinacci <farinacci@gmail.com> Fri, 26 January 2018 18:31 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 491EB124D68 for <lisp@ietfa.amsl.com>; Fri, 26 Jan 2018 10:31:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JTL17aXyzcoi for <lisp@ietfa.amsl.com>; Fri, 26 Jan 2018 10:31:08 -0800 (PST)
Received: from mail-pf0-x232.google.com (mail-pf0-x232.google.com [IPv6:2607:f8b0:400e:c00::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1F0371205F0 for <lisp@ietf.org>; Fri, 26 Jan 2018 10:31:08 -0800 (PST)
Received: by mail-pf0-x232.google.com with SMTP id i66so799065pfd.7 for <lisp@ietf.org>; Fri, 26 Jan 2018 10:31:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=95a3jnoNit6/KXE3RTRdO2G5sfpFmo7rp4q9DqkJvDw=; b=ECZBiFFespnnUdNHN8mWGOwYsNuJUF8FxBfBSgRFdMA1Y/KY7lyVWXZsVSHC+tc3nD y0+eW6INGjffk96Y5Cxsw/71PEZWr9v+W7ZsU/p4dwBhHFfooR19JawyOUKQBT9kE6Rc lmfADHuTYZmspF1fUdcgh9V63RmtafMkCsngGCjVPd/5t7OwqLT6iFxA+JEJeuOy2ZFy nNNR0L5Sk+F30uU2qEbEEwS1lsTMSmHBeAyaQB8MKyaIHpuukKcYFL1OZc9lznG2iQLK FXkoMsGwblmluEFnSeFAjn/ZlTlsdWZ2dUD8XqFY12NpkFSnO9BkkPe/O3q56vIzAIqd nqLg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=95a3jnoNit6/KXE3RTRdO2G5sfpFmo7rp4q9DqkJvDw=; b=XVvZyD2LfUZlMhtMWGfLDGnuVd/BiWAbZxAwXEnfN0FheTX3Aafjkh3iiTODTOrn96 N90KGynEBCk4S9pX5cYW1/BfhgFBjHOcuc2Asl0VBXh2tFpo/FHTuozomAyU5m8vlAqL Y8wUHUgQczA9jpR8MWoEI/xWXPkgx8P42j56Zm1HZaflmMV3gHUUr7PW643NywCryJG9 hIT3W/zMPmWr9U1OOvg7JVMgtRD/3IjoYHYd3giH2nKBc6hpXImqmxqf8ogSfai/YAle 6Z8BM8s94V47dIx66VKKdGEMXXntWbsGDHyhoNH22NJT8Sr6klQyNEk/U75WLd7qrrnG 0/8w==
X-Gm-Message-State: AKwxyteLaxyaJ2f44pgdgKii9dI1tMN2Fe9/e8d2bZ9wFtJOaS89xAqv ez3m2otk0XtkCt+wy39z888=
X-Google-Smtp-Source: AH8x22582yKQrPA0KZqZyYZ5dOp15c5imOuuZQN/Tg33m8I+39ElDyeXQBUiJqP+CS/w3qOWbnO0ZQ==
X-Received: by 2002:a17:902:534f:: with SMTP id b73-v6mr8023000pli.139.1516991467594; Fri, 26 Jan 2018 10:31:07 -0800 (PST)
Received: from [10.31.79.147] ([96.72.181.209]) by smtp.gmail.com with ESMTPSA id t8sm8770048pgr.21.2018.01.26.10.31.06 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 Jan 2018 10:31:06 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Dino Farinacci <farinacci@gmail.com>
In-Reply-To: <B46B68D9-21F9-4A34-9B41-6C30B7CDD053@gigix.net>
Date: Fri, 26 Jan 2018 10:31:06 -0800
Cc: "lisp@ietf.org list" <lisp@ietf.org>, lisp-chairs@tools.ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <56E6CB70-E784-42A8-9166-5564796D40C2@gmail.com>
References: <B46B68D9-21F9-4A34-9B41-6C30B7CDD053@gigix.net>
To: Luigi Iannone <ggx@gigix.net>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/HRlSzLKkhqH2UgYMN1bRe-gLY9o>
Subject: Re: [lisp] Review 6830bis -08/-09
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2018 18:31:10 -0000

I’ll send a new -09 update to the list in my reply to Padma’s email.

>> 
>>    Client-side:  Client-side is a term used in this document to indicate
>>       a connection initiation attempt by an EID.  
>> 
> [Luigi]
> As stated for -07.
> Following sentence not needed here. (it is specified in the operation part of the document)
>> The ITR(s) at the LISP
>>       site are the first to get involved in forwarding a packet from the
>>       source EID.

I have changed the text to reflect Padma’s suggestion.

>> 
>> 
>>    Re-Encapsulating Tunneling Router (RTR):   An RTR acts like an ETR to
>>       remove a LISP header, then acts as an ITR to prepend a new LISP
>>       header.  This is known as Re-encapsulating Tunneling.  Doing this
>>       allows a packet to be re-routed by the RTR without adding the
>>       overhead of additional tunnel headers.  
>> 
> [Luigi]
> As stated for -07.
> Following sentence not needed here. (it is specified in the operation part of the document)
> Delete from here:
>> Any references to tunnels
>>       in this specification refer to dynamic encapsulating tunnels; they
>>       are never statically configured. 

Removed.


>>    Routing Locator (RLOC):   An RLOC is an IPv4 [RFC0791] or IPv6
>>       [RFC8200] address of an Egress Tunnel Router (ETR).  An RLOC is
>>       the output of an EID-to-RLOC mapping lookup.  An EID maps to one
>>       or more RLOCs.  Typically, RLOCs are numbered from aggregatable
>>       blocks 
>> 
> remove “Agregatable”

Removed.

> 
> [Luigi]
> As stated for -07 and discussed later: merge the three bullets above so to simplify the flow.
> Here is the proposed single-bullet text:
> 
> o    End-systems only send to addresses that are EIDs.  EIDs are typically 
>       IP addresses assigned to hosts (other types of EID are supported by LISP, 
>       see [RFC8060] for further information). End-systems don't know
>       that addresses are EIDs versus RLOCs but assume that packets get
>       to their intended destinations.  In a system where LISP is
>       deployed, LISP routers intercept EID-addressed packets and assist
>       in delivering them across the network core where EIDs cannot be
>       routed.  The procedure a host uses to send IP packets does not
>       change.

Replaced with your merged text.

>> 
>>    o  EID-Prefixes are likely to be hierarchically assigned in a manner
>>       that is optimized for administrative convenience and to facilitate
>>       scaling of the EID-to-RLOC mapping database.
>> 
> [Luigi]
> As stated for -07 the above bullet (even if modified compare to -07) is about scalability and should be removed.

Removed. A shame but removed.

>>    o  EIDs MAY also be structured (subnetted) in a manner suitable for
>>       local routing within an Autonomous System (AS).
>> 
>> 
>> 
>>    LISP Nonce:  The LISP 'Nonce' field is a 24-bit value that is
>>       randomly generated by an ITR when the N-bit is set to 1.  Nonce
>>       generation algorithms are an implementation matter but are
>>       required to generate different nonces when sending to different
>>       destinations.  
>> 
> [Luigi]
> As stated for -07: What is a destination? Should be different RLOCs, for clarity.

Changed to " when encapsulating to the same ETR”.

>> [Luigi]
> The following part is the ECN part and as afar as I cans is the only change proposed in -09
> (09 includes the text proposed by Albert)

It is all Albert’s text.

> 
> 
>>    When doing ITR/PITR encapsulation:
>> 
>> 
>> Farinacci, et al.         Expires July 13, 2018                [Page 22]
>> Internet-Draft                    LISP                      January 2018
>> 
>> 
>> 9.  Routing Locator Selection 
>> 
> [Luigi]
> As stated for -07:
> 
> Large part of this section is about control plane issues and as such should be put in 6833bis.
> 
> What this section should state is that priority and weight are used to select the RLOC to use.
> Only exception is gleaning where we have one single RLOC and we do not know neither priority nor weight.
> 
> All the other operational discussion goes elsewhere, but not in this document.

Not changing this to we get more concensus from the working group.

>> 
>> 10.  Routing Locator Reachability
>> 
>>    Several mechanisms for determining RLOC reachability are currently
>>    defined:
>> 
> [Luigi]
> As stated for -07:
> 
> There exists data-plane based reachability mechanisms and control plane reachability mechanisms.
> We have to keep here only the data plane based mechanism and move the other in 6833bis.

All the reachability mechanisms are used for the data-plane.

> 
> We need to keep: 1, 6, Echo-Nonce, 
> 
> We need to move: 2, 3, 4, 5,  RLOC-Probing

Not changing this to we get more concensus from the working group.

> 
> 
>>  
>> 
>>    When ITRs at the site are not deployed in CE routers, the IGP can
>>    still be used to determine the reachability of Locators, provided
>>    they are injected into the IGP.  This is typically done when a /32
>>    address is configured on a loopback interface.
>> 
>> 
> [Luigi]
> As stated for -07: The above paragraph has to move to 6833bis.

For all your comments like this. I am not changing until there is more concensus from the working group.

> 
> The fact that (P)ITRs use this mechanism does make it a data-plane mechanism. is the LISP control plane running on (P)ITRs that does it, using control plane messages.
>>    RLOC-Probing is a method that an ITR or PITR can use to determine the
>>    reachability status of one or more Locators that it has cached in a
>>    Map-Cache entry.  The probe-bit of the Map-Request and Map-Reply
>>    messages is used for RLOC-Probing.

No one said PITRs are special or different than ITRs in this regard. For both, they use the control plane messages to determine reachabiltity for RLOCs that THE DATA-PLANE encapsulates to. The data-plane operation decides based on packet counter, RTT, TTL and other mechanisms if the RLOC is of quality for use.

Any other entity that doesn’t do packet forwarding that does mapping system lookups doesn’t consider these things. Hence, why this issue of the control-plane needs to be described in the document related to packet forwarding.

>> 19.  Security Considerations
>> 
>>    Security considerations for LISP are discussed in [RFC7833], in
>>    addition [I-D.ietf-lisp-sec] provides authentication and integrity to
>>    LISP mappings.
>> 
> [Luigi]
> As stated for -07:
> 
> lisp-sec is control-plane has to be referenced in 6833bis.
> 
> authentication and integrity of mappings is a control plane issue.

Removed.

> 
>>    A complete LISP threat analysis can be found in [RFC7835], in what
>>    follows we provide a summary.
>> 
>>  
>> 
>>        lisp-data      4341 udp    LISP Data Packets
>>        lisp-control   4342 udp    LISP Control Packets
>> 
> [Luigi]
> As stated for -07:
> 
> 4342 is control-plane and MUST be requested to IANA in the 6833bis document.

Removed and will be moved to RFC6833.

Dino

v2.23.0 | Report a Bug | By Email