[lisp] Consensus? EID and RLOC use of the same address = separate namespace debate
Robin Whittle <rw@firstpr.com.au> Wed, 25 March 2009 04:04 UTC
Return-Path: <rw@firstpr.com.au>
X-Original-To: lisp@core3.amsl.com
Delivered-To: lisp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DEE4328C122 for <lisp@core3.amsl.com>; Tue, 24 Mar 2009 21:04:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.693
X-Spam-Level:
X-Spam-Status: No, score=-1.693 tagged_above=-999 required=5 tests=[AWL=0.202, BAYES_00=-2.599, HELO_EQ_AU=0.377, HOST_EQ_AU=0.327]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fd18wGVQoSsO for <lisp@core3.amsl.com>; Tue, 24 Mar 2009 21:04:15 -0700 (PDT)
Received: from gair.firstpr.com.au (gair.firstpr.com.au [150.101.162.123]) by core3.amsl.com (Postfix) with ESMTP id 0FFB528C134 for <lisp@ietf.org>; Tue, 24 Mar 2009 21:04:15 -0700 (PDT)
Received: from [10.0.0.6] (wira.firstpr.com.au [10.0.0.6]) by gair.firstpr.com.au (Postfix) with ESMTP id BE7F41759D8; Wed, 25 Mar 2009 15:05:05 +1100 (EST)
Message-ID: <49C9AD73.2070102@firstpr.com.au>
Date: Wed, 25 Mar 2009 15:05:07 +1100
From: Robin Whittle <rw@firstpr.com.au>
Organization: First Principles
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: lisp@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [lisp] Consensus? EID and RLOC use of the same address = separate namespace debate
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/lisp>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Mar 2009 04:04:17 -0000
Short version: I see no evidence in the list messages that rough consensus has been reached that "there will be cases where the same IP stands both as an EID and a RLOC". Private discussions were mentioned, but AFAIK these should have nothing to do with judgements about rough consensus. Since 2007-01 draft-farinacci-lisp-00 to 12 has this as an absolute requirement: EIDs MUST NOT be used as LISP RLOCs. I am perplexed that I have so far been unable to prompt anyone to write to this list agreeing with this requirement. I go further and state that within the context of LISP being a practical solution to the routing scaling problem, a particular IP address CANNOT successfully be used as both an EID and RLOC. Hi Sam, In "Re: [lisp] My proposed revisions to the charter - LISP lacks proper terminology": http://www.ietf.org/mail-archive/web/lisp/current/msg00336.html you wrote, in part: >> Sam wrote that a single address would "typically" not be used in >> EID and RLOC roles. For a practical LISP system, "typical" is not >> strong enough - it is impossible. >> >> Noel still seems to think it is possible, but has yet to explain >> how. > > I think there has been enough discussion on-list and other private > comments that the rough consensus of the participants so far is > that there will be cases where the same IP stands both as an EID > and a RLOC. I am completely unable to see how you as co-chair could decide that rough consensus has been reached on this. The messages so far are linked to at: http://www.firstpr.com.au/ip/ivip/namespace/ All of the following discussion is within the context of LISP being a practical solution to the routing scaling problem, which means it needs to work properly with unmodified hosts and unmodified DFZ routers. If LISP could work with the same particular IP address being used for both an EID and an RLOC, then this could only occur due to the devices which handle the packets differently according to which role the address is being used in (ITRs and ETRs) have some way of telling whether the address is to be interpreted as an EID or as an RLOC. This would only be possible if there were in fact two separate namespaces for RLOC and EID and if there was some mechanism by which the ITRs and ETRs could recognise which namespace to use when interpreting the address. Without that, the an ITR will eat its own emitted encapsulated packet or the encapsulated packet will get out to the DFZ and be forwarded to a PTR, which will regard it as a traffic packet with an EID destination address - to be encapsulated and tunneled to some RLOC address. I wrote about this specifically at the end of my last message: http://www.ietf.org/mail-archive/web/lisp/current/msg00335.html Sam, I think that in stating that rough consensus has been reached that "there will be cases where the same IP stands both as an EID and a RLOC." you are also implying that rough consensus has been reached that LISP (in the context of being a practical solution) does or can involve two separate namespaces for RLOC and EIDs. I see no evidence for such consensus. I wrote extensively that: There can be no such separate namespaces. Trying to use a particular address as both an RLOC and EID cannot work. Noel Chiappa asserted that there could be two separate namespaces: http://www.ietf.org/mail-archive/web/lisp/current/msg00274.html Dino Farinacci wrote: http://www.ietf.org/mail-archive/web/lisp/current/msg00291.html that the AFI field could be used to provide any number of namespaces, but the example he gave could not be used by LISP if it was to be a practical solution to the routing scaling problem. Scott Brim wrote: http://www.ietf.org/mail-archive/web/lisp/current/msg00296.html that it was impossible to prevent someone using a field for a different role to what was intended. Noel wrote: http://www.ietf.org/mail-archive/web/lisp/current/msg00332.html So if it's _possible_ to use the same bit pattern as both an EID and an RLOC, my guess is people will do it, no matter what the documents say. And my take is that, because of _other_ concerns * (e.g. limiting routing overhead), it will be technically * possible, which means people probably will do it no matter what we say in any documents. That's it as far as I can tell. Despite my repeated urgings no-one has described an example of how two separate namespaces could be used in a practical LISP solution to the routing scaling problem - or what amounts to the same thing, how the one IP address could be used both as an EID and as an RLOC. Sam, you may well have been part of private discussions I am not aware of. But as far as I can see, those discussions should have no bearing on your decision about whether consensus as been achieved. So far, no-one has produced anything more than assertions or inappropriate examples when disagreeing with my argument. No-one has pointed out where in the LISP I-Ds the concept of two separate namespaces is specified. No-one has pointed out where in the I-Ds this concept of separate namespaces is allowed or where it is allowed for an address to be used simultaneously as an EID or RLOC. It is easy to quote chapter and verse on why an address can't be used both as an EID and RLOC. Since January 2007 this has been a part of the basic LISP I-D [!!!], in a form which would constitute an "absolute requirement" in an RFC 2119 RFC. http://tools.ietf.org/html/draft-farinacci-lisp-12 Routing Locator (RLOC): the IPv4 or IPv6 address of an egress tunnel router (ETR). It is the output of a EID-to-RLOC mapping lookup. An EID maps to one or more RLOCs. Typically, RLOCs are numbered from topologically-aggregatable blocks that are assigned to a site at each point to which it attaches to the global Internet; where the topology is defined by the connectivity of provider networks, RLOCs can be thought of as PA addresses. Multiple RLOCs can be assigned to the same ETR device or to multiple ETR devices at a site. Endpoint ID (EID): a 32-bit (for IPv4) or 128-bit (for IPv6) value used in the source and destination address fields of the first (most inner) LISP header of a packet. The host obtains a destination EID the same way it obtains an destination address today, for example through a DNS lookup or SIP exchange. The source EID is obtained via existing mechanisms used to set a host's "local" IP address. An EID is allocated to a host from an EID-prefix block associated with the site where the host is located. An EID can be used !!!! by a host to refer to other hosts. EIDs MUST NOT be used as !!!! LISP RLOCs. Note that EID blocks may be assigned in a hierarchical manner, independent of the network topology, to facilitate scaling of the mapping database. In addition, an EID block assigned to a site may have site-local structure (subnetting) for routing within the site; this structure is not visible to the global routing system. I am really perplexed that I have so far been unable to get anyone to write to this list acknowledging that a given address cannot be used both as an EID and an RLOC in any implementation of LISP which would be practical for widespread voluntary adoption. - Robin
- [lisp] Consensus? EID and RLOC use of the same ad… Robin Whittle
- Re: [lisp] Consensus? EID and RLOC use of the sam… John Zwiebel