| rfc9302.original | rfc9302.txt | |||
|---|---|---|---|---|
| Network Working Group L. Iannone | Internet Engineering Task Force (IETF) L. Iannone | |||
| Internet-Draft Huawei Technologies France | Request for Comments: 9302 Huawei Technologies France | |||
| Obsoletes: 6834 (if approved) D. Saucez | Obsoletes: 6834 D. Saucez | |||
| Intended status: Standards Track INRIA | Category: Standards Track Inria | |||
| Expires: December 23, 2022 O. Bonaventure | ISSN: 2070-1721 O. Bonaventure | |||
| Universite catholique de Louvain | Universite catholique de Louvain | |||
| June 21, 2022 | October 2022 | |||
| Locator/ID Separation Protocol (LISP) Map-Versioning | Locator/ID Separation Protocol (LISP) Map-Versioning | |||
| draft-ietf-lisp-6834bis-14 | ||||
| Abstract | Abstract | |||
| This document describes the LISP (Locator/ID Separation Protocol) | This document describes the Locator/ID Separation Protocol (LISP) | |||
| Map-Versioning mechanism, which provides in-packet information about | Map-Versioning mechanism, which provides in-packet information about | |||
| Endpoint ID to Routing Locator (EID-to-RLOC) mappings used to | Endpoint-ID-to-Routing-Locator (EID-to-RLOC) mappings used to | |||
| encapsulate LISP data packets. This approach is based on associating | encapsulate LISP data packets. This approach is based on associating | |||
| a version number to EID-to-RLOC mappings and the transport of such a | a version number to EID-to-RLOC mappings and transporting such a | |||
| version number in the LISP-specific header of LISP-encapsulated | version number in the LISP-specific header of LISP-encapsulated | |||
| packets. LISP Map-Versioning is particularly useful to inform | packets. LISP Map-Versioning is particularly useful to inform | |||
| communicating Ingress Tunnel Routers (ITRs) and Egress Tunnel Routers | communicating Ingress Tunnel Routers (ITRs) and Egress Tunnel Routers | |||
| (ETRs) about modifications of the mappings used to encapsulate | (ETRs) about modifications of the mappings used to encapsulate | |||
| packets. The mechanism is optional and transparent to | packets. The mechanism is optional and transparent to | |||
| implementations not supporting this feature, since in the LISP- | implementations not supporting this feature, since in the LISP- | |||
| specific header and in the Map Records, bits used for Map-Versioning | specific header and in the Map Records, bits used for Map-Versioning | |||
| can be safely ignored by ITRs and ETRs that do not support or do not | can be safely ignored by ITRs and ETRs that do not support or do not | |||
| want to use the mechanism. | want to use the mechanism. | |||
| This document obsoletes RFC 6834 "Locator/ID Separation Protocol | This document obsoletes RFC 6834, which is the initial experimental | |||
| (LISP) Map-Versioning", which is the initial experimental | ||||
| specifications of the mechanisms updated by this document. | specifications of the mechanisms updated by this document. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
| provisions of BCP 78 and BCP 79. | ||||
| Internet-Drafts are working documents of the Internet Engineering | This document is a product of the Internet Engineering Task Force | |||
| Task Force (IETF). Note that other groups may also distribute | (IETF). It represents the consensus of the IETF community. It has | |||
| working documents as Internet-Drafts. The list of current Internet- | received public review and has been approved for publication by the | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Internet Engineering Steering Group (IESG). Further information on | |||
| Internet Standards is available in Section 2 of RFC 7841. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | Information about the current status of this document, any errata, | |||
| and may be updated, replaced, or obsoleted by other documents at any | and how to provide feedback on it may be obtained at | |||
| time. It is inappropriate to use Internet-Drafts as reference | https://www.rfc-editor.org/info/rfc9302. | |||
| material or to cite them other than as "work in progress." | ||||
| This Internet-Draft will expire on December 23, 2022. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Revised BSD License text as described in Section 4.e of the | |||
| the Trust Legal Provisions and are provided without warranty as | Trust Legal Provisions and are provided without warranty as described | |||
| described in the Simplified BSD License. | in the Revised BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction | |||
| 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 4 | 2. Requirements Notation | |||
| 3. Definitions of Terms . . . . . . . . . . . . . . . . . . . . 4 | 3. Definitions of Terms | |||
| 4. LISP-specific Header and Map-Version Numbers . . . . . . . . 4 | 4. LISP-Specific Header and Map-Version Numbers | |||
| 5. Map Record and Map-Version . . . . . . . . . . . . . . . . . 5 | 5. Map Record and Map-Version | |||
| 6. EID-to-RLOC Map-Version Number . . . . . . . . . . . . . . . 6 | 6. EID-to-RLOC Map-Version Number | |||
| 6.1. The Null Map-Version . . . . . . . . . . . . . . . . . . 7 | 6.1. The Null Map-Version | |||
| 7. Dealing with Map-Version Numbers . . . . . . . . . . . . . . 7 | 7. Dealing with Map-Version Numbers | |||
| 7.1. Handling Destination Map-Version Number . . . . . . . . . 8 | 7.1. Handling Dest Map-Version Number | |||
| 7.2. Handling Source Map-Version Number . . . . . . . . . . . 9 | 7.2. Handling Source Map-Version Number | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 | 8. Security Considerations | |||
| 9. Deployment Considerations . . . . . . . . . . . . . . . . . . 11 | 9. Deployment Considerations | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 | 10. IANA Considerations | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 | 11. References | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 12 | 11.1. Normative References | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 12 | 11.2. Informative References | |||
| Appendix A. Benefits and Case Studies for Map-Versioning . . . . 14 | Appendix A. Benefits and Case Studies for Map-Versioning | |||
| A.1. Map-Versioning and Unidirectional Traffic . . . . . . . . 14 | A.1. Map-Versioning and Unidirectional Traffic | |||
| A.2. Map-Versioning and Interworking . . . . . . . . . . . . . 14 | A.2. Map-Versioning and Interworking | |||
| A.2.1. Map-Versioning and Proxy-ITRs . . . . . . . . . . . . 14 | A.2.1. Map-Versioning and Proxy-ITRs | |||
| A.2.2. Map-Versioning and LISP-NAT . . . . . . . . . . . . . 15 | A.2.2. Map-Versioning and LISP-NAT | |||
| A.2.3. Map-Versioning and Proxy-ETRs . . . . . . . . . . . . 15 | A.2.3. Map-Versioning and Proxy-ETRs | |||
| A.3. RLOC Shutdown/Withdraw . . . . . . . . . . . . . . . . . 16 | A.3. RLOC Shutdown/Withdraw | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 | Authors' Addresses | |||
| 1. Introduction | 1. Introduction | |||
| This document describes the Map-Versioning mechanism used to provide | This document describes the Map-Versioning mechanism used to provide | |||
| information on changes in the EID-to-RLOC (Endpoint ID to Routing | information on changes in the Endpoint-ID-to-Routing-Locator (EID-to- | |||
| Locator) mappings used in the LISP (Locator/ID Separation Protocol | RLOC) mappings used in the Locator/ID Separation Protocol (LISP) | |||
| [I-D.ietf-lisp-rfc6830bis][I-D.ietf-lisp-rfc6833bis]) context to | [RFC9300] [RFC9301] context to perform packet encapsulation. The | |||
| perform packet encapsulation. The mechanism is totally transparent | mechanism is totally transparent to Ingress and Egress Tunnel Routers | |||
| to xTRs (Ingress and Egress Tunnel Routers) not supporting or not | (xTRs) not supporting or not using such functionality. The | |||
| using such functionality. [I-D.ietf-lisp-introduction] describes the | architecture of LISP is described in [RFC9299]. The reader is | |||
| architecture of the Locator/ID Separation Protocol. It is expected | expected to be familiar with this introductory document. | |||
| that the reader is familiar with this introductory document. | ||||
| This document obsoletes [RFC6834], which is the initial experimental | This document obsoletes [RFC6834], which is the initial experimental | |||
| specifications of the mechanisms updated by this document. | specification that describes the mechanisms updated by this document. | |||
| The basic mechanism is to associate a Map-Version number to each LISP | The basic mechanism is to associate a Map-Version number to each LISP | |||
| EID-to-RLOC mapping and transport such a version number in the LISP- | EID-to-RLOC mapping and transport such a version number in the LISP- | |||
| specific header. When a mapping changes, a new version number is | specific header. When a mapping changes, a new version number is | |||
| assigned to the updated mapping. A change in an EID-to-RLOC mapping | assigned to the updated mapping. A change in an EID-to-RLOC mapping | |||
| can be a modification in the RLOCs set such as addition, removal, or | can be a modification in the RLOCs set, such as addition of, removal | |||
| change in priority or weight of one or more RLOCs. | of, or change in the priority or weight of one or more RLOCs. | |||
| When Map-Versioning is used, LISP-encapsulated data packets contain | When Map-Versioning is used, LISP-encapsulated data packets contain | |||
| the version number of the two mappings used to select the RLOCs in | the version number of the two mappings used to select the RLOCs in | |||
| the outer header (i.e., both source and destination RLOCs). This | the outer header (i.e., both source and destination RLOCs). This | |||
| information has two uses. On the one hand, it enables the ETR | information has two uses: | |||
| (Egress Tunnel Router) receiving the packet to know if the ITR | ||||
| (Ingress Tunnel Router) is using the latest mapping version for the | 1. Map-Versioning enables the Egress Tunnel Router (ETR) receiving | |||
| destination EID. If this is not the case, the ETR can directly send | the packet to know if the Ingress Tunnel Router (ITR) is using | |||
| a Map-Request containing the updated mapping to the ITR, to notify it | the latest mapping version for the destination EID. If this is | |||
| of the latest version. The ETR can also solicit the ITR to trigger a | not the case, the ETR can directly send a Map-Request containing | |||
| Map-Request to obtain the latest mapping by sending it a Solicit Map- | the updated mapping to the ITR to notify it of the latest | |||
| Request (SMR) message. Both cases are defined in | version. The ETR can also solicit the ITR to trigger a Map- | |||
| [I-D.ietf-lisp-rfc6833bis]. On the other hand, it enables an ETR | Request to obtain the latest mapping by sending a Solicit Map- | |||
| receiving such a packet to know if it has in its EID-to-RLOC Map- | Request (SMR) message. Both options are defined in [RFC9301]. | |||
| Cache the latest mapping for the source EID. If this is not the | ||||
| case, a Map-Request can be sent. | 2. Map-Versioning enables an ETR receiving the packet to know if it | |||
| has in its EID-to-RLOC Map-Cache the latest mapping for the | ||||
| source EID. If this is not the case, a Map-Request can be sent. | ||||
| Considerations about the deployment of LISP Map-Versioning are | Considerations about the deployment of LISP Map-Versioning are | |||
| discussed in Section 9. | discussed in Section 9. | |||
| Benefits brought by Map-Versioning in some common LISP-related use | The benefits of Map-Versioning in some common LISP-related use cases | |||
| cases are discussed in Appendix A. | are discussed in Appendix A. | |||
| 2. Requirements Notation | 2. Requirements Notation | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 3. Definitions of Terms | 3. Definitions of Terms | |||
| This document uses terms already defined in the main LISP | This document uses terms already defined in the main LISP | |||
| specification ([I-D.ietf-lisp-rfc6830bis], | specifications ([RFC9300] and [RFC9301]). Here, we define the terms | |||
| [I-D.ietf-lisp-rfc6833bis]). Here, we define the terms that are | that are specific to the Map-Versioning mechanism. Throughout the | |||
| specific to the Map-Versioning mechanism. Throughout the whole | whole document, big-endian bit ordering is used. | |||
| document, Big Endian bit ordering is used. | ||||
| Map-Version number: An unsigned 12-bit integer is assigned to an | Map-Version number: An unsigned 12-bit integer is assigned to an | |||
| EID-to-RLOC mapping, indicating its version number (Section 6). | EID-to-RLOC mapping, indicating its version number (Section 6). | |||
| Null Map-Version: A Map-Version number with a value of 0x000 (zero), | Null Map-Version: A Map-Version number with a value of 0x000 (zero), | |||
| used to signal that the Map-Version feature is not used and no Map- | which is used to signal that the Map-Version feature is not used | |||
| Version number is assigned to the EID-to-RLOC mapping | and no Map-Version number is assigned to the EID-to-RLOC mapping | |||
| (Section 6.1). | (Section 6.1). | |||
| Dest Map-Version number: Map-Version of the mapping in the EID-to- | Dest Map-Version number: Map-Version of the mapping in the EID-to- | |||
| RLOC Map-Cache used by the ITR to select the RLOC present in the | RLOC Map-Cache used by the ITR to select the RLOC present in the | |||
| "Destination Routing Locator" field of the outer IP header of LISP- | 'Destination Routing Locator' field of the outer IP header of LISP- | |||
| encapsulated packets (Section 7.1). | encapsulated packets (Section 7.1). | |||
| Source Map-Version number: Map-Version of the mapping in the EID-to- | Source Map-Version number: Map-Version of the mapping in the EID-to- | |||
| RLOC Database used by the ITR to select the RLOC present in the | RLOC Database used by the ITR to select the RLOC present in the | |||
| "Source Routing Locator" field of the outer IP header of LISP- | 'Source Routing Locator' field of the outer IP header of LISP- | |||
| encapsulated packets (Section 7.2). | encapsulated packets (Section 7.2). | |||
| 4. LISP-specific Header and Map-Version Numbers | 4. LISP-Specific Header and Map-Version Numbers | |||
| In order for the versioning approach to work, the LISP-specific | In order for the versioning approach to work, the LISP-specific | |||
| header has to carry both the Source Map-Version number and Dest Map- | header has to carry both the Source Map-Version number and Dest Map- | |||
| Version number. This is done by setting the V-bit in the LISP- | Version number. This is done by setting the V-bit in the LISP- | |||
| specific header as specified in [I-D.ietf-lisp-rfc6830bis] and shown | specific header as specified in [RFC9300] and shown in the example in | |||
| in the example in Figure 1. All permissible combinations of the | Figure 1. All permissible combinations of the flags when the V-bit | |||
| flags when the V-bit is set to 1 are described in | is set to 1 are described in [RFC9300]. Not all of the LISP- | |||
| [I-D.ietf-lisp-rfc6830bis]. Not all of the LISP-encapsulated packets | encapsulated packets need to carry version numbers. When the V-bit | |||
| need to carry version numbers. When the V-bit is set, the LISP- | is set, the LISP-specific header has the following encoding: | |||
| specific header has the following encoding: | ||||
| 0 1 2 3 | 0 1 2 3 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| |N|L|E|V|I|R|K|K| Source Map-Version | Dest Map-Version | | |N|L|E|V|I|R|K|K| Source Map-Version | Dest Map-Version | | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | Instance ID/Locator-Status-Bits | | | Instance ID/Locator-Status-Bits | | |||
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| Figure 1: LISP-Specific header example when Map-Versioning is in use. | Figure 1: LISP-Specific Header Example When Map-Versioning Is in Use | |||
| Source Map-Version number (12 bits): See Section 3. | Source Map-Version number (12 bits): See Section 3. | |||
| Dest Map-Version number (12 bits): See Section 3. | Dest Map-Version number (12 bits): See Section 3. | |||
| 5. Map Record and Map-Version | 5. Map Record and Map-Version | |||
| To accommodate the mechanism, the Map Records that are transported in | To accommodate the mechanism, the Map Records that are transported in | |||
| Map-Request/Map-Reply/Map-Register messages need to carry the Map- | Map-Request/Map-Reply/Map-Register messages need to carry the Map- | |||
| Version number as well. For reference, the Map Record (specified in | Version number as well. For reference, the Map Record (specified in | |||
| [I-D.ietf-lisp-rfc6833bis]) is reported here as an example in | [RFC9301]) is reported here as an example in Figure 2. This memo | |||
| Figure 2. This memo does not change the operation of Map-Request/ | does not change the operation of Map-Request/Map-Reply/Map-Register | |||
| Map-Reply/Map-Register messages, they continue to be used as | messages; they continue to be used as specified in [RFC9301]. | |||
| specified in [I-D.ietf-lisp-rfc6833bis]. | ||||
| 0 1 2 3 | 0 1 2 3 | |||
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | |||
| +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | | Record TTL | | | | Record TTL | | |||
| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| R | Locator Count | EID mask-len | ACT |A| Reserved | | R | Locator Count | EID mask-len | ACT |A| Reserved | | |||
| e +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | e +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| c | Rsvd | Map-Version Number | EID-Prefix-AFI | | c | Rsvd | Map-Version Number | EID-Prefix-AFI | | |||
| o +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | o +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| r | EID-Prefix | | r | EID-Prefix | | |||
| d +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | d +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | /| Priority | Weight | M Priority | M Weight | | | /| Priority | Weight | M Priority | M Weight | | |||
| | L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | o | Unused Flags |L|p|R| Loc-AFI | | | o | Unused Flags |L|p|R| Loc-AFI | | |||
| | c +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | c +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| | \| Locator | | | \| Locator | | |||
| +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| Figure 2: Map-Record format example. | Figure 2: Map-Record Format Example | |||
| Map-Version Number: Map-Version of the mapping contained in the | Map-Version Number: Map-Version of the mapping contained in the | |||
| Record. As explained in Section 6.1, this field can be zero (0), | Record. As explained in Section 6.1, this field can be zero (0), | |||
| meaning that no Map-Version is associated to the mapping. | meaning that no Map-Version is associated to the mapping. | |||
| This packet format is backward compatible with xTRs that do not | This packet format is backward compatible with xTRs that do not | |||
| support Map-Versioning, since they can simply ignore those bits. | support Map-Versioning, since they can simply ignore those bits. | |||
| A Map-Server receiving a message with an unexpected Map-Version | A Map-Server receiving a message with an unexpected Map-Version | |||
| number, like for instance an old one, MUST silently drop the message | number, for instance an old one, MUST silently drop the message and | |||
| and an appropriate log action SHOULD be taken. | an appropriate log action SHOULD be taken. | |||
| 6. EID-to-RLOC Map-Version Number | 6. EID-to-RLOC Map-Version Number | |||
| The EID-to-RLOC Map-Version number consists of an unsigned 12-bit | The EID-to-RLOC Map-Version number consists of an unsigned 12-bit | |||
| integer. The version number is assigned on a per-mapping basis, | integer. The version number is assigned on a per-mapping basis, | |||
| meaning that different mappings have a different version number, | meaning that different mappings have different version numbers, which | |||
| which is also updated independently. An update in the version number | are updated independently. An update in the version number (i.e., a | |||
| (i.e., a newer version) MUST consist of an increment of the older | newer version) MUST consist of an increment of the older version | |||
| version number (only exception is for the Null Map-Version as | number (the only exception is for the Null Map-Version as explained | |||
| explained in at the end of Section 6.1). | in at the end of Section 6.1). | |||
| The space of version numbers has a circular order where half of the | The space of version numbers has a circular order where half of the | |||
| version numbers are considered greater (i.e., newer) than the current | version numbers are considered greater (i.e., newer) than the current | |||
| Map-Version number and the other half of the version numbers are | Map-Version number and the other half of the version numbers are | |||
| considered smaller (i.e., older) than the current Map-Version number. | considered smaller (i.e., older) than the current Map-Version number. | |||
| This is basically a serial number on which the arithmetic described | This is basically a serial number on which the arithmetic described | |||
| in [RFC1982] applies. The ordering enables reacting differently to | in [RFC1982] applies. The ordering enables different reactions to | |||
| "older" and "newer" Map-Version number, discarding the packet in the | "older" and "newer" Map-Version numbers, whereby "older" numbers are | |||
| former case and triggering a Map-Request in the latter (see Section 7 | discarded and "newer" numbers trigger Map-Requests (see Section 7 for | |||
| for further details). In a formal way, assuming that we have two | further details). In a formal way, assuming that we have two version | |||
| version numbers V1 and V2, both different from the special value Null | numbers (V1 and V2), both different from the special value Null Map- | |||
| Map-Version (see Section 6.1), and that the numbers are expressed on | Version (see Section 6.1), and that the numbers are expressed on 12 | |||
| 12 bits, the following steps MUST be performed (in the same order as | bits, the following steps MUST be performed (in the same order shown | |||
| shown below) to strictly define their order: | below) to strictly define their order: | |||
| 1. V1 = V2 : The Map-Version numbers are the same. | 1. V1 = V2 : The Map-Version numbers are the same. | |||
| 2. V2 > V1 : if and only if | 2. V2 > V1 : if and only if | |||
| V2 > V1 AND (V2 - V1) <= 2**(12-1) | V2 > V1 AND (V2 - V1) <= 2^(12-1) | |||
| OR | OR | |||
| V1 > V2 AND (V1 - V2) > 2**(12-1) | V1 > V2 AND (V1 - V2) > 2^(12-1) | |||
| 3. V1 > V2 : otherwise. | 3. V1 > V2 : otherwise. | |||
| Using 12 bits and assuming a Map-Version value of 69, Map-Version | Using 12 bits and assuming a Map-Version value of 69, Map-Version | |||
| numbers in the range [70; 69 + 2048] are greater than 69, while Map- | numbers in the range [70; 69 + 2048] are greater than 69, while Map- | |||
| Version numbers in the range [69 + 2049; (69 + 4095) mod 4096] are | Version numbers in the range [69 + 2049; (69 + 4095) mod 4096] are | |||
| smaller than 69. | smaller than 69. | |||
| The initial Map-Version number of a new EID-to-RLOC mapping SHOULD be | The initial Map-Version number of a new EID-to-RLOC mapping SHOULD be | |||
| assigned randomly, but it MUST NOT be set to the Null Map-Version | assigned randomly, but it MUST NOT be set to the Null Map-Version | |||
| skipping to change at page 7, line 27 ¶ | skipping to change at line 294 ¶ | |||
| 6.1. The Null Map-Version | 6.1. The Null Map-Version | |||
| The value 0x000 (zero) is a special Map-Version number indicating | The value 0x000 (zero) is a special Map-Version number indicating | |||
| that there is actually no version number associated to the EID-to- | that there is actually no version number associated to the EID-to- | |||
| RLOC mapping. Such a value is used for special purposes and is named | RLOC mapping. Such a value is used for special purposes and is named | |||
| the Null Map-Version number. | the Null Map-Version number. | |||
| Map Records that have a Null Map-Version number indicate that there | Map Records that have a Null Map-Version number indicate that there | |||
| is no Map-Version number associated with the mapping. This means | is no Map-Version number associated with the mapping. This means | |||
| that LISP-encapsulated packets destined to the EID-Prefix referred to | that LISP-encapsulated packets destined to the EID-Prefix referred to | |||
| by the Map Record MUST NOT contain any Map-Version numbers (V bit set | by the Map Record MUST NOT contain any Map-Version numbers (V-bit set | |||
| to 0). If an ETR receives LISP-encapsulated packets with the V-bit | to 0). If an ETR receives LISP-encapsulated packets with the V-bit | |||
| set, when the original mapping in the EID-to-RLOC Database has the | set, when the original mapping in the EID-to-RLOC Database has the | |||
| version number set to the Null Map-Version value, then those packets | version number set to the Null Map-Version value, then those packets | |||
| MUST be silently dropped. | MUST be silently dropped. | |||
| The Null Map-Version may appear in the LISP-specific header as a | The Null Map-Version may appear in the LISP-specific header as a | |||
| Source Map-Version number (Section 7.2). When the Source Map-Version | Source Map-Version number (Section 7.2). When the Source Map-Version | |||
| number is set to the Null Map-Version value, it means that no map | number is set to the Null Map-Version value, it means that no map | |||
| version information is conveyed for the source site. This means that | version information is conveyed for the source site. This means that | |||
| if a mapping exists for the source EID in the EID-to-RLOC Map-Cache, | if a mapping exists for the source EID in the EID-to-RLOC Map-Cache, | |||
| skipping to change at page 8, line 4 ¶ | skipping to change at line 320 ¶ | |||
| change in the mapping, if the next value is 0, then the Map-Version | change in the mapping, if the next value is 0, then the Map-Version | |||
| number MUST be incremented by 2 (i.e., set to 1 (0x001), which is the | number MUST be incremented by 2 (i.e., set to 1 (0x001), which is the | |||
| next valid value). | next valid value). | |||
| 7. Dealing with Map-Version Numbers | 7. Dealing with Map-Version Numbers | |||
| The main idea of using Map-Version numbers is that whenever there is | The main idea of using Map-Version numbers is that whenever there is | |||
| a change in the mapping (e.g., adding/removing RLOCs, a change in the | a change in the mapping (e.g., adding/removing RLOCs, a change in the | |||
| weights due to Traffic Engineering policies, or a change in the | weights due to Traffic Engineering policies, or a change in the | |||
| priorities) or a LISP site realizes that one or more of its own RLOCs | priorities) or a LISP site realizes that one or more of its own RLOCs | |||
| are not reachable anymore from a local perspective (e.g., through | are no longer reachable from a local perspective (e.g., through IGP | |||
| IGP, or policy changes) the LISP site updates the mapping, also | or policy changes), the LISP site updates the mapping and also | |||
| assigning a new Map-Version number. Only the latest Map-Version | assigns a new Map-Version number. Only the latest Map-Version number | |||
| number has to be considered valid. Mapping updates, and their | has to be considered valid. Mapping updates and their corresponding | |||
| corresponding Map Version Number must be managed so that a very old | Map-Version Number must be managed so that a very old version number | |||
| version number will not be confused as a new version number (because | will not be confused as a new version number (because of the circular | |||
| of the circular numbering space). To this end simple measures can be | numbering space). To this end, simple measures can be taken, like | |||
| taken, like updating a mapping only when all active traffic is using | updating a mapping only when all active traffic is using the latest | |||
| the latest version, or waiting sufficient time to be sure that | version, or waiting a sufficient amount of time to be sure that the | |||
| mapping in LISP caches expire, which means waiting at least as much | mapping in LISP caches expires, which means waiting at least as long | |||
| as the mapping Time-To-Live (as defined in | as the mapping Time To Live (TTL) (as defined in [RFC9301]). | |||
| [I-D.ietf-lisp-rfc6833bis]). | ||||
| An ETR receiving a LISP packet with Map-Version numbers checks the | An ETR receiving a LISP packet with Map-Version numbers checks the | |||
| following predicates: | following predicates: | |||
| 1. The ITR that has sent the packet has an up-to-date mapping in its | 1. The ITR that has sent the packet has an up-to-date mapping in its | |||
| EID-to-RLOC Map-Cache for the destination EID and is performing | EID-to-RLOC Map-Cache for the destination EID and is performing | |||
| encapsulation correctly. See Section 7.1 for details. | encapsulation correctly. See Section 7.1 for details. | |||
| 2. In the case of bidirectional traffic, the mapping in the local | 2. In the case of bidirectional traffic, the mapping in the local | |||
| ETR EID-to-RLOC Map-Cache for the source EID is up-to-date. See | ETR EID-to-RLOC Map-Cache for the source EID is up to date. See | |||
| Section 7.2 for details. | Section 7.2 for details. | |||
| 7.1. Handling Destination Map-Version Number | 7.1. Handling Dest Map-Version Number | |||
| When an ETR receives a packet, the Dest Map-Version number relates to | When an ETR receives a packet, the Dest Map-Version number relates to | |||
| the mapping for the destination EID for which the ETR is an RLOC. | the mapping for the destination EID for which the ETR is an RLOC. | |||
| This mapping is part of the ETR EID-to-RLOC Database. Since the ETR | This mapping is part of the ETR EID-to-RLOC Database. Since the ETR | |||
| is authoritative for the mapping, it has the correct and up-to-date | is authoritative for the mapping, it has the correct and up-to-date | |||
| Dest Map-Version number. A check on this version number MUST be | Dest Map-Version number. A check on this version number MUST be | |||
| done, where the following cases can arise: | done, where the following cases can arise: | |||
| 1. The packet arrives with the same Dest Map-Version number stored | 1. The packet arrives with the same Dest Map-Version number stored | |||
| in the EID-to-RLOC Database. This is the regular case. The ITR | in the EID-to-RLOC Database. This is the regular case. The ITR | |||
| sending the packet has in its EID-to-RLOC Map-Cache an up-to-date | sending the packet has, in its EID-to-RLOC Map-Cache, an up-to- | |||
| mapping. No further actions are needed. | date mapping. No further actions are needed. | |||
| 2. The packet arrives with a Dest Map-Version number newer (as | 2. The packet arrives with a Dest Map-Version number newer (as | |||
| defined in Section 6) than the one stored in the EID-to-RLOC | defined in Section 6) than the one stored in the EID-to-RLOC | |||
| Database. Since the ETR is authoritative on the mapping, meaning | Database. Since the ETR is authoritative on the mapping, meaning | |||
| that the Map-Version number of its mapping is the correct one, | that the Map-Version number of its mapping is the correct one, | |||
| the packet carries a version number that is not considered valid | the packet carries a version number that is not considered valid. | |||
| and packet MUST be silently dropped and an appropriate log action | Therefore, the packet MUST be silently dropped and an appropriate | |||
| SHOULD be taken. | log action SHOULD be taken. | |||
| 3. The packet arrives with a Dest Map-Version number older (as | 3. The packet arrives with a Dest Map-Version number older (as | |||
| defined in Section 6) than the one stored in the EID-to-RLOC | defined in Section 6) than the one stored in the EID-to-RLOC | |||
| Database. This means that the ITR sending the packet has an old | Database. This means that the ITR sending the packet has an old | |||
| mapping in its EID-to-RLOC Map-Cache containing stale | mapping in its EID-to-RLOC Map-Cache containing stale | |||
| information. The ETR MAY choose to normally process the | information. The ETR MAY choose to normally process the | |||
| encapsulated datagram according to [I-D.ietf-lisp-rfc6830bis]; | encapsulated datagram according to [RFC9300]; however, the ITR | |||
| however, the ITR sending the packet MUST be informed that a newer | sending the packet MUST be informed that a newer mapping is | |||
| mapping is available, respecting rate-limitation policies | available, respecting rate-limitation policies described in | |||
| described in [I-D.ietf-lisp-rfc6833bis]. This is done with a | [RFC9301]. This is done with a Map-Request message sent back to | |||
| Map-Request message sent back to the ITR, as specified in | the ITR, as specified in [RFC9301]. One feature introduced by | |||
| [I-D.ietf-lisp-rfc6833bis]. One feature introduced by Map- | Map-Version numbers is the possibility of blocking traffic not | |||
| Version numbers is the possibility of blocking traffic not using | using the latest mapping. This can happen if an ITR is not | |||
| the latest mapping. This can happen if an ITR is not updating | updating the mapping for which the ETR is authoritative, or it | |||
| the mapping for which the ETR is authoritative, or it might be | might be some form of attack. According to the rate-limitation | |||
| some form of attack. According to rate limitation policy defined | policy defined in [RFC9301] for Map-Request messages, after 10 | |||
| in [I-D.ietf-lisp-rfc6833bis] for Map-Request messages, after 10 | retries, Map-Requests are sent every 30 seconds; if after the | |||
| retries Map-Requests are sent every 30 seconds, if after the | ||||
| first 10 retries the Dest Map-Version number in the packets is | first 10 retries the Dest Map-Version number in the packets is | |||
| not updated, the ETR SHOULD drop packets with a stale Map-Version | not updated, the ETR SHOULD drop packets with a stale Map-Version | |||
| number. Operators can configure exceptions to this | number. Operators can configure exceptions to this | |||
| recommendation, which are outside the scope of this document. | recommendation, which are outside the scope of this document. | |||
| The rule in the third case MAY be more restrictive. If the Record | The rule in the third case MAY be more restrictive. If the Record | |||
| TTL of the previous mapping has already expired, all packets arriving | TTL of the previous mapping has already expired, all packets arriving | |||
| with an old Map-Version MUST be silently dropped right away without | with an old Map-Version MUST be silently dropped right away without | |||
| issuing any Map-Request. Such action is permitted because if the new | issuing any Map-Request. Such action is permitted because, if the | |||
| mapping with the updated version number has been unchanged for at | new mapping with the updated version number has been unchanged for at | |||
| least the same time as the Record TTL of the older mapping, all the | least the same amount of time as the Record TTL of the older mapping, | |||
| entries in the EID-to-RLOC Map-Caches of ITRs must have expired. | all the entries in the EID-to-RLOC Map-Caches of ITRs must have | |||
| Indeed, all ITRs sending traffic should have refreshed the mapping | expired. Indeed, all ITRs sending traffic should have refreshed the | |||
| according to [I-D.ietf-lisp-rfc6833bis]. | mapping according to [RFC9301]. | |||
| It is a protocol violation for LISP-encapsulated packets to contain a | It is a protocol violation for LISP-encapsulated packets to contain a | |||
| Dest Map-Version number equal to the Null Map-Version number, see | Dest Map-Version number equal to the Null Map-Version number (see | |||
| Section 6.1. | Section 6.1). | |||
| 7.2. Handling Source Map-Version Number | 7.2. Handling Source Map-Version Number | |||
| When an ETR receives a packet, the Source Map-Version number relates | When an ETR receives a packet, the Source Map-Version number relates | |||
| to the mapping for the source EID for which the ITR that sent the | to the mapping for the source EID for which the ITR that sent the | |||
| packet is authoritative. If the ETR has an entry in its EID-to-RLOC | packet is authoritative. If the ETR has an entry in its EID-to-RLOC | |||
| Map-Cache for the source EID, then a check MUST be performed and the | Map-Cache for the source EID, then a check MUST be performed, and the | |||
| following cases can arise: | following cases can arise: | |||
| 1. The packet arrives with the same Source Map-Version number as | 1. The packet arrives with the same Source Map-Version number as | |||
| that stored in the EID-to-RLOC Map-Cache. This is the regular | that stored in the EID-to-RLOC Map-Cache. This is the regular | |||
| case. The ETR has in its EID-to-RLOC Map-Cache an up-to-date | case. The ETR has in its EID-to-RLOC Map-Cache an up-to-date | |||
| copy of the mapping. No further actions are needed. | copy of the mapping. No further actions are needed. | |||
| 2. The packet arrives with a Source Map-Version number newer (as | 2. The packet arrives with a Source Map-Version number newer (as | |||
| defined in Section 6) than the one stored in the local EID-to- | defined in Section 6) than the one stored in the local EID-to- | |||
| RLOC Map-Cache. This means that the ETR has in its EID-to-RLOC | RLOC Map-Cache. This means that the ETR has in its EID-to-RLOC | |||
| Map-Cache a mapping that is stale and needs to be updated. A | Map-Cache a mapping that is stale and needs to be updated. A | |||
| Map-Request MUST be sent to get the new mapping for the source | Map-Request MUST be sent to get the new mapping for the source | |||
| EID, respecting rate-limitation policies described in | EID, respecting rate-limitation policies described in [RFC9301]. | |||
| [I-D.ietf-lisp-rfc6833bis]. | ||||
| 3. The packet arrives with a Source Map-Version number older (as | 3. The packet arrives with a Source Map-Version number older (as | |||
| defined in Section 6) than the one stored in the local EID-to- | defined in Section 6) than the one stored in the local EID-to- | |||
| RLOC Map-Cache. Note that if the mapping is already present in | RLOC Map-Cache. Note that if the mapping is already present in | |||
| the EID-to-RLOC Map-Cache, this means that an explicit Map- | the EID-to-RLOC Map-Cache, this means that an explicit Map- | |||
| Request has been sent and a Map-Reply has been received from an | Request has been sent and a Map-Reply has been received from an | |||
| authoritative source. In this situation, the packet SHOULD be | authoritative source. In this situation, the packet SHOULD be | |||
| silently dropped. Operators can configure exceptions to this | silently dropped. Operators can configure exceptions to this | |||
| recommendation, which are outside the scope of this document. | recommendation, which are outside the scope of this document. | |||
| If the ETR does not have an entry in the EID-to-RLOC Map-Cache for | If the ETR does not have an entry in the EID-to-RLOC Map-Cache for | |||
| the source EID, then the Source Map-Version number MUST be ignored. | the source EID, then the Source Map-Version number MUST be ignored. | |||
| See Appendix A.1 for an example of when this situation can arise. | See Appendix A.1 for an example of when this situation can arise. | |||
| 8. Security Considerations | 8. Security Considerations | |||
| This document builds on the specification and operation of the LISP | This document builds on the specification and operation of the LISP | |||
| control and data planes. The Security Considerations of | control and data planes. The Security Considerations of [RFC9300] | |||
| [I-D.ietf-lisp-rfc6830bis] and [I-D.ietf-lisp-rfc6833bis] apply and, | and [RFC9301] apply. As such, Map-Versioning MUST NOT be used over | |||
| as such, Map-Versioning MUST NOT be used over the public Internet and | the public Internet and MUST only be used in trusted and closed | |||
| MUST only be used in trusted and closed deployments. A thorough | deployments. A thorough security analysis of LISP is documented in | |||
| security analysis of LISP is documented in [RFC7835]. | [RFC7835]. | |||
| Attackers can try to trigger a large number of Map-Requests by simply | Attackers can try to trigger a large number of Map-Requests by simply | |||
| forging packets with random Map-Versions. The Map-Requests are rate- | forging packets with random Map-Versions. The Map-Requests are rate | |||
| limited as described in [I-D.ietf-lisp-rfc6833bis]. With Map- | limited as described in [RFC9301]. With Map-Versioning, it is | |||
| Versioning it is possible to filter packet carrying invalid version | possible to filter packets carrying invalid version numbers before | |||
| numbers before triggering a Map-Request, thus helping to reduce the | triggering a Map-Request, thus helping to reduce the effects of DoS | |||
| effects of DoS attacks. However, it might not be enough to really | attacks. However, it might not be enough to really protect against a | |||
| protect from a DDoS attack. | DDoS attack. | |||
| The present memo includes log action to be taken upon certains event. | The present memo includes log action to be taken upon certain events. | |||
| It is recommended that implementations include mechanisms (which are | It is recommended that implementations include mechanisms (which are | |||
| beyond the scope of this document) to avoid log resource exhaustion | beyond the scope of this document) to avoid log resource exhaustion | |||
| attacks. | attacks. | |||
| The specifications in the present memo are relatively conservative in | The specifications in the present memo are relatively conservative in | |||
| the sense that in several cases the packets are dropped. Such an | the sense that, in several cases, the packets are dropped. Such an | |||
| approach is the outcome of considerations made about the possible | approach is the outcome of considerations made about the possible | |||
| risks that data-plane-triggered control-plane actions can be used to | risks that control plane actions that are triggered by the data plane | |||
| carry out attacks. There exists corner cases where, even with an | can be used to carry out attacks. There exists corner cases where, | |||
| invalid Map-Version number, forwarding the packet might be | even with an invalid Map-Version number, forwarding the packet might | |||
| potentially considered safe, however, system manageability has been | be potentially considered safe; however, system manageability has | |||
| given priority with respect to having to put in place more machinery | been given priority with respect to having to put in place more | |||
| to be able to identify leggitimate traffic. | machinery to be able to identify legitimate traffic. | |||
| 9. Deployment Considerations | 9. Deployment Considerations | |||
| LISP requires multiple ETRs within the same site to provide identical | LISP requires multiple ETRs within the same site to provide identical | |||
| mappings for a given EID-Prefix. Map-Versioning does not require | mappings for a given EID-Prefix. Map-Versioning does not require | |||
| additional synchronization mechanisms. Clearly, all the ETRs have to | additional synchronization mechanisms. Clearly, all the ETRs have to | |||
| reply with the same mapping including same Map-Version number; | reply with the same mapping, including the same Map-Version number; | |||
| otherwise, there can be an inconsistency that creates additional | otherwise, there can be an inconsistency that creates additional | |||
| control traffic, instabilities, and traffic disruptions. | control traffic, instabilities, and traffic disruptions. | |||
| There are two ways Map-Versioning is helpful with respect to | There are two ways Map-Versioning is helpful with respect to | |||
| synchronization. On the one hand, assigning version numbers to | synchronization. On the one hand, assigning version numbers to | |||
| mappings helps in debugging, since quick checks on the consistency of | mappings helps in debugging, since quick checks on the consistency of | |||
| the mappings on different ETRs can be done by looking at the Map- | the mappings on different ETRs can be done by looking at the Map- | |||
| Version number. On the other hand, Map-Versioning can be used to | Version number. On the other hand, Map-Versioning can be used to | |||
| control the traffic toward ETRs that announce the latest mapping. | control the traffic toward ETRs that announce the latest mapping. | |||
| skipping to change at page 11, line 46 ¶ | skipping to change at line 502 ¶ | |||
| | | ------->| ETR B | | | | | ------->| ETR B | | | |||
| | | ------->| | | | | | ------->| | | | |||
| | +---------+ / | | | | | +---------+ / | | | | |||
| | | ITR A.2 |--- -----| ITR B | | | | | ITR A.2 |--- -----| ITR B | | | |||
| | | | / +---------+ | | | | | / +---------+ | | |||
| | | ETR A.2 |<----- | | | | | ETR A.2 |<----- | | | |||
| | +---------+ | | | | +---------+ | | | |||
| | | | | | | | | | | |||
| +-----------------+ +-----------------+ | +-----------------+ +-----------------+ | |||
| Figure 3: Example topology. | Figure 3: Example Topology | |||
| Obviously, in the case of Map-Versioning, both ITR A.1 and ITR A.2 of | Obviously, in the case of Map-Versioning, both ITR A.1 and ITR A.2 of | |||
| Domain A must use the same value; otherwise, the ETR of Domain B will | Domain A must use the same value; otherwise, the ETR of Domain B will | |||
| start to send Map-Requests. | start to send Map-Requests. | |||
| The same problem can, however, arise without Map-Versioning, for | The same problem can, however, arise without Map-Versioning, for | |||
| instance, if the two ITRs of Domain A send different Locator-Status- | instance, if the two ITRs of Domain A send different Locator-Status- | |||
| Bits. In this case, either the traffic is disrupted if ETR B does | Bits. In this case, either the traffic is disrupted if ETR B does | |||
| not verify reachability, or if ETR B will start sending Map-Requests | not verify reachability or if ETR B will start sending Map-Requests | |||
| to confirm each change in reachability. | to confirm each change in reachability. | |||
| So far, LISP does not provide any specific synchronization mechanism | So far, LISP does not provide any specific synchronization mechanism | |||
| but assumes that synchronization is provided by configuring the | but assumes that synchronization is provided by configuring the | |||
| different xTRs consistently. The same applies for Map-Versioning. | different xTRs consistently. The same applies for Map-Versioning. | |||
| If in the future any synchronization mechanism is provided, Map- | If in the future any synchronization mechanism is provided, Map- | |||
| Versioning will take advantage of it automatically, since it is | Versioning will take advantage of it automatically, since it is | |||
| included in the Map Record format, as described in Section 5. | included in the Map Record format, as described in Section 5. | |||
| 10. IANA Considerations | 10. IANA Considerations | |||
| This document includes no request to IANA. | This document has no IANA actions. | |||
| 11. References | 11. References | |||
| 11.1. Normative References | 11.1. Normative References | |||
| [I-D.ietf-lisp-rfc6830bis] | ||||
| Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. | ||||
| Cabellos-Aparicio, "The Locator/ID Separation Protocol | ||||
| (LISP)", draft-ietf-lisp-rfc6830bis-38 (work in progress), | ||||
| May 2022. | ||||
| [I-D.ietf-lisp-rfc6833bis] | ||||
| Farinacci, D., Maino, F., Fuller, V., and A. Cabellos- | ||||
| Aparicio, "Locator/ID Separation Protocol (LISP) Control- | ||||
| Plane", draft-ietf-lisp-rfc6833bis-31 (work in progress), | ||||
| May 2022. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| 11.2. Informative References | [RFC9300] Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. | |||
| Cabellos, Ed., "The Locator/ID Separation Protocol | ||||
| (LISP)", RFC 9300, DOI 10.17487/RFC9300, October 2022, | ||||
| <https://www.rfc-editor.org/info/rfc9300>. | ||||
| [I-D.ietf-lisp-introduction] | [RFC9301] Farinacci, D., Maino, F., Fuller, V., and A. Cabellos, | |||
| Cabellos-Aparicio, A. and D. Saucez, "An Architectural | Ed., "Locator/ID Separation Protocol (LISP) Control | |||
| Introduction to the Locator/ID Separation Protocol | Plane", RFC 9301, DOI 10.17487/RFC9301, October 2022, | |||
| (LISP)", draft-ietf-lisp-introduction-15 (work in | <https://www.rfc-editor.org/info/rfc9301>. | |||
| progress), September 2021. | ||||
| 11.2. Informative References | ||||
| [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, | [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, | |||
| DOI 10.17487/RFC1982, August 1996, | DOI 10.17487/RFC1982, August 1996, | |||
| <https://www.rfc-editor.org/info/rfc1982>. | <https://www.rfc-editor.org/info/rfc1982>. | |||
| [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, | [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, | |||
| "Interworking between Locator/ID Separation Protocol | "Interworking between Locator/ID Separation Protocol | |||
| (LISP) and Non-LISP Sites", RFC 6832, | (LISP) and Non-LISP Sites", RFC 6832, | |||
| DOI 10.17487/RFC6832, January 2013, | DOI 10.17487/RFC6832, January 2013, | |||
| <https://www.rfc-editor.org/info/rfc6832>. | <https://www.rfc-editor.org/info/rfc6832>. | |||
| skipping to change at page 14, line 5 ¶ | skipping to change at line 570 ¶ | |||
| [RFC6834] Iannone, L., Saucez, D., and O. Bonaventure, "Locator/ID | [RFC6834] Iannone, L., Saucez, D., and O. Bonaventure, "Locator/ID | |||
| Separation Protocol (LISP) Map-Versioning", RFC 6834, | Separation Protocol (LISP) Map-Versioning", RFC 6834, | |||
| DOI 10.17487/RFC6834, January 2013, | DOI 10.17487/RFC6834, January 2013, | |||
| <https://www.rfc-editor.org/info/rfc6834>. | <https://www.rfc-editor.org/info/rfc6834>. | |||
| [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID | [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID | |||
| Separation Protocol (LISP) Threat Analysis", RFC 7835, | Separation Protocol (LISP) Threat Analysis", RFC 7835, | |||
| DOI 10.17487/RFC7835, April 2016, | DOI 10.17487/RFC7835, April 2016, | |||
| <https://www.rfc-editor.org/info/rfc7835>. | <https://www.rfc-editor.org/info/rfc7835>. | |||
| [RFC9299] Cabellos, A. and D. Saucez, Ed., "An Architectural | ||||
| Introduction to the Locator/ID Separation Protocol | ||||
| (LISP)", RFC 9299, DOI 10.17487/RFC9299, October 2022, | ||||
| <https://www.rfc-editor.org/info/rfc9299>. | ||||
| Appendix A. Benefits and Case Studies for Map-Versioning | Appendix A. Benefits and Case Studies for Map-Versioning | |||
| In the following sections, we provide more discussion on various | In the following sections, we provide more discussion on various | |||
| aspects and uses of Map-Versioning. Security observations are | aspects and uses of Map-Versioning. Security observations are | |||
| grouped in Section 8. | grouped in Section 8. | |||
| A.1. Map-Versioning and Unidirectional Traffic | A.1. Map-Versioning and Unidirectional Traffic | |||
| When using Map-Versioning, the LISP-specific header carries two Map- | When using Map-Versioning, the LISP-specific header carries two Map- | |||
| Version numbers, for both source and destination mappings. This can | Version numbers for both source and destination mappings. This can | |||
| raise the question on what will happen in the case of unidirectional | raise the question on what will happen in the case of unidirectional | |||
| flows, for instance, in the case presented in Figure 4, since the | flows, for instance, in the case presented in Figure 4, since the | |||
| LISP specifications do not mandate that the ETR have a mapping from | LISP specifications do not mandate that the ETR have a mapping from | |||
| the source EID. | the source EID. | |||
| +-----------------+ +-----------------+ | +-----------------+ +-----------------+ | |||
| | Domain A | | Domain B | | | Domain A | | Domain B | | |||
| | +---------+ +---------+ | | | +---------+ +---------+ | | |||
| | | ITR A |----------->| ETR B | | | | | ITR A |----------->| ETR B | | | |||
| | +---------+ +---------+ | | | +---------+ +---------+ | | |||
| | | | | | | | | | | |||
| +-----------------+ +-----------------+ | +-----------------+ +-----------------+ | |||
| Figure 4: Unidirectional traffic between LISP domains. | Figure 4: Unidirectional Traffic between LISP Domains | |||
| An ITR is able to put both the source and destination version numbers | An ITR is able to put both the source and destination version numbers | |||
| in the LISP-specific header since the Source Map-Version number is in | in the LISP-specific header since the Source Map-Version number is in | |||
| its database while the Destination Map-Version number is in its | its database, while the Dest Map-Version number is in its cache. | |||
| cache. | ||||
| The ETR checks only the Dest Map-Version number, ignoring the Source | The ETR checks only the Dest Map-Version number, ignoring the Source | |||
| Map-Version number as specified in the final sentence of Section 7.2, | Map-Version number as specified in the final sentence of Section 7.2. | |||
| ignoring the Source Map-Version number. | ||||
| A.2. Map-Versioning and Interworking | A.2. Map-Versioning and Interworking | |||
| Map-Versioning is compatible with the LISP interworking between LISP | Map-Versioning is compatible with the LISP interworking between LISP | |||
| and non-LISP sites as defined in [RFC6832]. LISP interworking | and non-LISP sites as defined in [RFC6832]. LISP interworking | |||
| defines three techniques to allow communication LISP sites and non- | defines three techniques to allow communication LISP sites and non- | |||
| LISP sites, namely: Proxy-ITR, LISP-NAT, and Proxy-ETR. The | LISP sites, namely: Proxy-ITR, LISP-NAT, and Proxy-ETR. The | |||
| following text describes how Map-Versioning relates to these three | following text describes how Map-Versioning relates to these three | |||
| mechanisms. | mechanisms. | |||
| A.2.1. Map-Versioning and Proxy-ITRs | A.2.1. Map-Versioning and Proxy-ITRs | |||
| The purpose of the Proxy-ITR (PITR) is to encapsulate traffic | The purpose of the Proxy-ITR (PITR) is to encapsulate traffic | |||
| originating in a non-LISP site in order to deliver the packet to one | originating in a non-LISP site in order to deliver the packet to one | |||
| of the ETRs of the LISP site (cf. Figure 5). This case is very | of the ETRs of the LISP site (cf. Figure 5). This case is very | |||
| similar to the unidirectional traffic case described in Appendix A.1; | similar to the unidirectional traffic case described in Appendix A.1; | |||
| hence, similar rules apply. | hence, similar rules apply. | |||
| +----------+ +-------------+ | +----------+ +-------------+ | |||
| | LISP | | non-LISP | | | LISP | | non-LISP | | |||
| | Domain A | | Domain B | | | Domain A | | Domain B | | |||
| | +-------+ +-----------+ | | | | +-------+ +-----------+ | | | |||
| | | ETR A |<-------| Proxy ITR |<-------| | | | | ETR A |<-------| Proxy-ITR |<-------| | | |||
| | +-------+ +-----------+ | | | | +-------+ +-----------+ | | | |||
| | | | | | | | | | | |||
| +----------+ +-------------+ | +----------+ +-------------+ | |||
| Figure 5: Unidirectional traffic from non-LISP domain to LISP domain. | Figure 5: Unidirectional Traffic from Non-LISP Domain to LISP Domain | |||
| The main difference is that a Proxy-ITR does not have any mapping, | The main difference is that a Proxy-ITR does not have any mapping, | |||
| since it just encapsulates packets arriving from the non-LISP site, | since it just encapsulates packets arriving from the non-LISP site, | |||
| and thus cannot provide a Source Map-Version. In this case, the | and thus cannot provide a Source Map-Version. In this case, the | |||
| proxy-ITR will just put the Null Map-Version value as the Source Map- | Proxy-ITR will just put the Null Map-Version value as the Source Map- | |||
| Version number, while the receiving ETR will ignore the field. | Version number, while the receiving ETR will ignore the field. | |||
| With this setup, LISP Domain A is able to check whether the PITR is | With this setup, LISP Domain A is able to check whether the PITR is | |||
| using the latest mapping. The Proxy ITR will put in the Dest Map- | using the latest mapping. In the Dest Map-Version Number of the | |||
| Version Number, of the LISP-specific header, the version number of | LISP-specific header, the Proxy-ITR will put the version number of | |||
| the mapping it is using for encapsulation, the ETR A can use such | the mapping it is using for encapsulation; the ETR A can use such | |||
| value as defined in Section 7.1. | value as defined in Section 7.1. | |||
| A.2.2. Map-Versioning and LISP-NAT | A.2.2. Map-Versioning and LISP-NAT | |||
| The LISP-NAT mechanism is based on address translation from non- | The LISP-NAT mechanism is based on address translation from non- | |||
| routable EIDs to routable EIDs and does not involve any form of | routable EIDs to routable EIDs and does not involve any form of | |||
| encapsulation. As such, Map-Versioning does not apply in this case. | encapsulation. As such, Map-Versioning does not apply in this case. | |||
| A.2.3. Map-Versioning and Proxy-ETRs | A.2.3. Map-Versioning and Proxy-ETRs | |||
| The purpose of the Proxy-ETR (PETR) is to decapsulate traffic | The purpose of the Proxy-ETR (PETR) is to decapsulate traffic | |||
| originating in a LISP site in order to deliver the packet to the non- | originating in a LISP site in order to deliver the packet to the non- | |||
| LISP site (cf. Figure 6). One of the main reasons to deploy PETRs | LISP site (cf. Figure 6). One of the main reasons to deploy PETRs | |||
| is to bypass Unicast Reverse Path Forwarding checks on the domain. | is to bypass Unicast Reverse Path Forwarding checks on the domain. | |||
| +----------+ +-------------+ | +----------+ +-------------+ | |||
| | LISP | | non-LISP | | | LISP | | non-LISP | | |||
| | Domain A | | Domain B | | | Domain A | | Domain B | | |||
| | +-------+ +-----------+ | | | | +-------+ +-----------+ | | | |||
| | | ITR A |------->| Proxy ETR |------->| | | | | ITR A |------->| Proxy-ETR |------->| | | |||
| | +-------+ +-----------+ | | | | +-------+ +-----------+ | | | |||
| | | | | | | | | | | |||
| +----------+ +-------------+ | +----------+ +-------------+ | |||
| Figure 6: Unidirectional traffic from LISP domain to non-LISP domain. | Figure 6: Unidirectional Traffic from LISP Domain to Non-LISP Domain | |||
| A Proxy-ETR does not have any mapping, since it just decapsulates | A Proxy-ETR does not have any mapping, since it just decapsulates | |||
| packets arriving from the LISP site. In this case, the ITR can | packets arriving from the LISP site. In this case, the ITR can | |||
| interchangeably put a Map-Version value or the Null Map-Version value | interchangeably put a Map-Version value or the Null Map-Version value | |||
| as the Dest Map-Version number since the receiving Proxy-ETR will | as the Dest Map-Version number, since the receiving Proxy-ETR will | |||
| ignore the field. | ignore the field. | |||
| With this setup, the Proxy-ETR, by looking at the Source Map-Version | With this setup, the Proxy-ETR, by looking at the Source Map-Version | |||
| Number, is able to check whether the mapping of the source EID has | Number, is able to check whether the mapping of the source EID has | |||
| changed. This is useful to perform source RLOC validation. In the | changed. This is useful to perform source RLOC validation. In the | |||
| example above, traffic coming from LISP domain has to be LISP- | example above, traffic coming from the LISP domain has to be LISP | |||
| encapsulated with a source address being an RLOC of the domain. The | encapsulated with a source address being an RLOC of the domain. The | |||
| Proxy ETR can retrieve the mapping associated to the LISP domain and | Proxy-ETR can retrieve the mapping associated to the LISP domain and | |||
| check if incoming LISP-encapsulated traffic is arriving from a valid | check if incoming LISP-encapsulated traffic is arriving from a valid | |||
| RLOC. A change in the RLOC set that can be used as source addresses | RLOC. A change in the RLOC-Set that can be used as source addresses | |||
| can be signaled via the version number, with the Proxy ETR able to | can be signaled via the version number, with the Proxy-ETR able to | |||
| request the latest mapping if necessary as described in Section 7.2. | request the latest mapping if necessary as described in Section 7.2. | |||
| A.3. RLOC Shutdown/Withdraw | A.3. RLOC Shutdown/Withdraw | |||
| Map-Versioning can also be used to perform a graceful shutdown or | Map-Versioning can also be used to perform a graceful shutdown or to | |||
| withdraw of a specific RLOC. This is achieved by simply issuing a | withdraw a specific RLOC. This is achieved by simply issuing a new | |||
| new mapping, with an updated Map-Version number where the specific | mapping, with an updated Map-Version number where the specific RLOC | |||
| RLOC to be shut down is withdrawn or announced as unreachable (via | to be shut down is withdrawn or announced as unreachable (via the | |||
| the R bit in the Map Record; see [I-D.ietf-lisp-rfc6833bis]), but | R-bit in the Map Record; see [RFC9301]) but without actually turning | |||
| without actually turning it off. | it off. | |||
| Upon updating the mapping, the RLOC will receive less and less | Upon updating the mapping, the RLOC will receive less and less | |||
| traffic because remote LISP sites will request the updated mapping | traffic because remote LISP sites will request the updated mapping | |||
| and see that it is disabled. At least one TTL, plus a little time | and see that it is disabled. At least one TTL, plus a little time | |||
| for traffic transit, after the mapping is updated, it should be safe | for traffic transit, after the mapping is updated, it should be safe | |||
| to shut down the RLOC gracefully, because all sites actively using | to shut down the RLOC gracefully, because all sites actively using | |||
| the mapping should have been updated. | the mapping should have been updated. | |||
| Note that a change in ETR for a flow can result in the re-ordering of | Note that a change in ETR for a flow can result in the reordering of | |||
| the packet in the flow just as any other routing change could cause | the packet in the flow just as any other routing change could cause | |||
| re-ordering. | reordering. | |||
| Authors' Addresses | Authors' Addresses | |||
| Luigi Iannone | Luigi Iannone | |||
| Huawei Technologies France | Huawei Technologies France | |||
| Email: luigi.iannone@huawei.com | ||||
| EMail: luigi.iannone@huawei.com | ||||
| Damien Saucez | Damien Saucez | |||
| INRIA | Inria | |||
| 2004 route des Lucioles - BP 93 | ||||
| EMail: damien.saucez@inria.fr | Sophia Antipolis | |||
| France | ||||
| Email: damien.saucez@inria.fr | ||||
| Olivier Bonaventure | Olivier Bonaventure | |||
| Universite catholique de Louvain | Universite catholique de Louvain | |||
| Email: olivier.bonaventure@uclouvain.be | ||||
| EMail: olivier.bonaventure@uclouvain.be | ||||
| End of changes. 77 change blocks. | ||||
| 232 lines changed or deleted | 219 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||