[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RAM] Re: LISP-01 I-D

To: marcelo bagnulo braun <marcelo at it.uc3m.es>
Subject: Re: [RAM] Re: LISP-01 I-D
From: Dino Farinacci <dino at cisco.com>
Date: Thu, 5 Jul 2007 23:27:24 -0700
Authentication-results: sj-dkim-2; header.From=dino@cisco.com; dkim=pass (si g from cisco.com/sjdkim2002 verified; );
Cc: ram at iab.org
Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=3597; t=1183703250; x=1184567250; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dino@cisco.com; z=From:=20Dino=20Farinacci=20<dino@cisco.com> |Subject:=20Re=3A=20[RAM]=20Re=3A=20LISP-01=20I-D |Sender:=20; bh=qE4Lyce0x565nM8oibfVIhk9bC2KGo/Jl8tTNuXOl4o=; b=aZSMjTV1ISzZ5cO3DzutpiQrRIn7YT5n8/3SOeVeCgL+6TosZLKItaLVp17B9b9TyTIWTzM1 wdT9j/yMiCO5wBOBNvGa1NlchxHkp94oR4kjq1Mao8rh2fq8z2wD/Rgb;
In-reply-to: <21051657-BA9F-4DEE-9425-1DF772245212@it.uc3m.es>
List-archive: <http://www1.ietf.org/pipermail/ram>
List-help: <mailto:ram-request@iab.org?subject=help>
List-id: Routing and Addressing Mailing List <ram.iab.org>
List-post: <mailto:ram@iab.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ram>, <mailto:ram-request@iab.org?subject=unsubscribe>
References: <466FFEB8.9080701@cisco.com> <76EB0C5F-16DF-42FB-ADEC-680AE6E241 54@muada.com> <468A4554.5030105@cisco.com><B0B9C056-8D8B-45EA-BC8F-65910B1 1F2A0@cisco.com><468C7643.6040305@firstpr.com.au> <37C01E2C-1F92-4AA1-A247-136EFA203F35@cisco.com> <21051657-BA9F-4DEE-9425-1DF772245212@it.uc3m.es>

As i understand it, the new version of LISP described in this 01 version of the draft, no longer uses pure IP in IP tunneling, but adds a LISP header to the packets (which contains the nonce for security reasons) right?

That is correct. We are using UDP encapsulation with a LISP header for the following reasons:

o Get through firewalls o ITR hashes on inner header to produce a source port LAG router can hash on o Can carry nonce for ETR anti-spoofing o Can carry Locator reachability bits

In section 7, it is stated that:
7.  Router Performance Considerations
LISP is designed to be very hardware-based forwarding friendly. By doing tunnel header prepending [RFC1955] and stripping instead of re- writing addresses, existing hardware could support the forwarding model with little or no modification.

MB> in the new version, not only the IP header needs to be added but also the LISP header, so i guess this is not the only action that needs to be performed. Would this still be hardware friendly meaning that you could do little reprogramming of the software in the router to support that? I mean, this appending of the LISP header is supposed to be done for every data packet, right? In the previous

On the ITR, yes if you can preload an encapsulation string that contains the outer IP header, the UDP header, and the LISP header.

There is a per-packet selection of the source-port but we felt it was important enough to make LAGs work well in the core (which use 5- tuple hashing to load-split traffic over the members of the LAG).

The locator reachability bits and the nonce for a resolved EID entry can be preloaded in the encapsulation string.

version, when IP in IP tunneling was used, i guess the IP in IP encapsulation was already available in hardware, but i guess that the new LISP header will need to be added to the hardware?

Well what was proposed (IP protocol number 4) isn't in a lot of hardware. GRE and L2TP are the popular encapsulations.

Where modifications are required, they should be limited to re-programming existing hardware rather than requiring expensive design changes to hard-coded algorithms in silicon.

Right. But let's first solve the problems we need to solve. If ITRs and ETRs are placed at CE routers, the performance requirement isn't as strong as in other parts of the network (you would need around a 1 Gig of forwarding performance which can be done in software these days).

   A few implementation techniques can be used to incrementally
   implement LISP:
o On an ITR, prepending a new IP header is as simple as adding more bytes to a MAC rewrite string and prepending the string as part of the outgoing encapsulation procedure. Many routers that support GRE tunneling [RFC3056] or 6to4 tunneling [RFC2784] can already support this action.

MB> same applies here, not only adding the outer IP header is needed but also the new LISP header needs to be added


Right, like I said above, you just need to add more bytes.

The problem is on the ETR that has to parse the new format. Typically this is either done via:

o Hardwired silicon (in an ASIC).
o In software using general purpose processors.
o In microcode for line-rate performance.

In the later 2 cases, it is much easier to rev the product.

Regards, marcelo


Thanks again for your comments,
Dino

_______________________________________________
RAM mailing list
RAM at iab.org
https://www1.ietf.org/mailman/listinfo/ram

Follow-Ups:
- RE: [RAM] Re: LISP-01 I-D
  - From: Templin, Fred L
- [RAM] Re: LISP-01 I-D - UDP vs. IP-in-IP encapsulation
  - From: Robin Whittle

References:
- [RAM] draft-lear-lisp-nerd-01
  - From: Eliot Lear
- Re: [RAM] draft-lear-lisp-nerd-01
  - From: Eliot Lear
- [RAM] LISP-01 I-D
  - From: Robin Whittle
- [RAM] Re: LISP-01 I-D
  - From: Dino Farinacci
- Re: [RAM] Re: LISP-01 I-D
  - From: marcelo bagnulo braun

Prev by Date: [RAM] Re: LISP-01 I-D
Next by Date: Re: [RAM] draft-lear-lisp-nerd-01
Previous by thread: [RAM] Re: LISP-01 I-D
Next by thread: [RAM] Re: LISP-01 I-D - UDP vs. IP-in-IP encapsulation
Index(es):
- Date
- Thread