LISP Working Group S. Barkai Internet-Draft B. Fernandez-Ruiz Intended status: Informational R. Tamir Expires: June 6, 2022 Nexar Inc. A. Rodriguez-Natal F. Maino Cisco Systems A. Cabellos-Aparicio J. Paillisse Vilanova Technical University of Catalonia D. Farinacci lispers.net June 6, 2022 Network-Hexagons: H3-LISP Dataflow Virtualization for Mobility Edge draft-ietf-lisp-nexagon-21 Abstract Geolocation-Services aggregate raw data uploads from vehicles using mobility edge compute locations and process these uploads to verified ,localized, geospatial detection-channels. Geospatial detection channels are used by mobility clients in vehicles and in the cloud to support aspects of Mobility use-cases: i. Crowd-sourced mapping of lanes, markings, and signage ii. Intelligent Driving heads-up notifications on hazards, blockages, and connivances such as parking or charging on the driving route. The allocation of Geolocation Services is dynamic and adjusted to road activity and number of active vehicles. This dynamics combined with the dynamics of vehicles mobile-access IP Anchors creates coherency, context-switching, geo-privacy, and service continuity key issues. These issues are resolved by dataflow virtualization, or communication indirection, between mobility clients in vehicles and Geolocation Services. LISP overlay network-virtualization [I-D.ietf-lisp-rfc6830bis] offers a mobility-network solution. Such a LISP mobility-network deployment is described in this document. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on July 30, 2022. Barkai, et al. Expires July 30, 2022 [Page 1] Internet-Draft LISP June 2022 Copyright Notice Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 5 3. Deployment Assumptions . . . . . . . . . . . . . . . . . . . 7 4. Mobility Clients Network Services . . . . . . . . . . . . . . 10 5. Mobility Unicast and Multicast . . . . . . . . . . . . . . . 11 6. Security Considerations . . . . . . . . . . . . . . . . . . . 17 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 18 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 9. Normative References . . . . . . . . . . . . . . . . . . . . 30 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31 1. Introduction Geolocation-Services aggregate raw data uploads from vehicles using mobility edge compute locations and process these uploads to verified ,localized, geospatial detection-channels. Geospatial detection channels are used by mobility clients in vehicles and in the cloud to support aspects of Mobility use-cases: i. Crowd-sourced mapping of lanes, markings, and signage ii. Intelligent Driving heads-up notifications on hazards, blockages, and connivances such as parking or charging on the driving route. Barkai, et al. Expires July 30, 2022 [Page 2] Internet-Draft LISP June 2022 Geolocation services transform inaccurate, duplicated geospatial data captured and uploaded by multiple vehicles points of view, into consolidated information channels. Functional abstraction of a Geolocation Service includes: - Addressable queues for uploads from mobility clients in vehicles - Addressable detection channels subscribed to by mobility clients - State & functions transforming upload data to detection channels In order to scale in large cities and dense areas Geolocation Services are broken to shards, or geospatial areas, according to formal grid lines. The allocation of Geolocation Services shards is dynamic and adjusted to road activity and number of active vehicles during times of the day. Less shards per compute location and more locations during peak commute hours to absorb the upload and processing load, more shards per location and less compute locations during the night, and the various street load conditions in between. This dynamics combined with the dynamics of mobility clients in vehicles selecting mobile-provider, and consequently switching IP Anchors, creates key-issues: - Coherency of Geolocation Services IP addresses cached in clients - Context-switching between Geolocation Service shards while driving - Geo-privacy of clients while interacting with Geolocation Services - Service continuity when clients switch providers while driving These issues are resolved by dataflow virtualization, or communication indirection, between mobility clients and Geolocation Services. Such communication when based on logical addresses of entities and geospatial topics solves these issues. It allows for dynamic and portable allocation of Geolocation Services, algorithmic context- switching between Geolocation Services while driving, service continuity when mobile carriers are switched by vehicle modules while driving for reception, preserving the geo-privacy of mobility clients. LISP overlay network-virtualization can offer such a solution through specific use of Endpoint Identifiers (EID): - EID addressing of upload queues per geospatial grid identifiers - EID addressing of detection channels per geospatial topics - EID addressing of mobility clients assigned and renewed periodically These EIDs are tracked by the LISP mobility-network offering dynamic portability of queues and channels, where functions are assumed to be available in any compute location. Geolocation current-state used for consolidation is quickly regenerated by Geolocation Services. EIDs of mobility clients are tracked across the LISP mobility-network enabling service continuity when mobile carriers are switched by the vehicle systems. These EIDs are ephemeral and make it difficult for just any mobility service provider to track mobility clients movement during the day. The use of LISP as the mobility-network for dataflow virtualization between mobility client to Geolocation Services is described in this informational document Barkai, et al. Expires July 30, 2022 [Page 3] Internet-Draft LISP June 2022 Note 1: The breakdown of Geolocations Services to area-shards is done based on formal grid lines known to both mobility clients and Geolocation Services. Geospatial detections, raw uploads and consolidated channels also made using a formal grid known to both clients and services. This document is based on the H3 grid (https://h3geo.org/).H3 resolution 9 (H3.r9) or roughly 0.1 square kilometers is used for the Geolocation Services shards, and H3 resolution 15 (H3.r15), roughly 1 square meter is used for geospatial detections. Each H3 hexagonal tile has unique 64bit identifier (HID). Note 2: LISP solution for dataflow virtualization is an application network. In order for clients and services to use it there needs to be a formal provisioning step. For the clients this step will require AAA procedure by which clients are assigned and renew EIDs and XTRs to be used to communicate with services. This process may be done in various vendor specific methods, in this document we use a DIAMETER [RFC6733] based AAA service, this is meant as a life-cycle example only. Note 3: In order to make the notion of geospatial detection concrete, we add to the 64bit HID of "where" is a detection, 64bit of "what" is the detection. These 64bits are detailed in a bit-mask of possible detections based on a taxonomy defined by Berkeley Deep Drive (BDD) consortium (https://bdd-data.berkeley.edu). It is meant as a baseline that can be extended in additional specifications, yet proven minimal sufficient in current implementations. _____ / \ Off-Peak Allocation Addresable >> States >> Addressable _ _ _ _ Upload Queues \_____/ Channels / \/ \ / \/ \ ---- ^ f1()..fn() v \_/\_/ \_/\_/ ---- ^ v / \/ \ / \/ \ ---- Peak Geolocation Service Allocation \_/\_/ \_/\_/ ---- _ _ _ _ _ _ _ _ / \/ \ / \/ \ ---- / \/ \ / \/ \ / \/ \ / \/ \ ---- \_/\_/ \_/\_/ ---- \_/\_/ \_/\_/ \_/\_/ \_/\_/ ---- / \/ \ / \/ \ ---- / \/ \ / \/ \ / \/ \ / \/ \ ---- \_/\_/ \_/\_/ ---- \_/\_/ \_/\_/ \_/\_/ \_/\_/ ---- ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ Site Site Standby Site Site Site Site Standby Figure 1: Geolocation Service Schematics and Dynamic Allocation Barkai, et al. Expires July 30, 2022 [Page 4] Internet-Draft LISP June 2022 2. Definition of Terms H3ServiceEID: Is an EID addressable Geolocation Service shard. It is a designated destination for geospatial detections, and an (s,g) source of multicast of themed detection channels. It has a light-weight LISP protocol stack to tunnel packets aka ServerXTR. The EID is an IPv6 EID that contains the HID. ServerXTR: Is a data-plane only LISP protocol stack implementation, it is co-located with H3ServiceEID process. ServerXTR encapsulates and decapsulates packets to and from EdgeRTRs. MobilityClient: Is an application that may be a part of a vehicle system, part of a navigation application, part of municipal application, or a street view consumer application. It has a light-weight LISP data-plane stack to packets - ClientXTR. MobilityClient EID: Is the IPv6 EID used by the Mobility Clients. The destination of such packets are H3ServiceEIDs. The EID format is assigned as part of the MobilityClient mobility-network AAA. ClientXTR: Is a data-plane only LISP protocol stack implementation co-located with the Mobility Client application. It encapsulates and decapsulates packets to and from EdgeRTRs. EdgeRTR: Is the core scale and structure of the LISP mobility-network. EdgeRTRs connect H3ServiceEIDs and MobilityClient H3ServiceEID. EdgeRTRs also manage MobilityClients multicast registrations. EdgeRTRs aggregate MobilityClients/H3Services using tunnels to facilitate hosting-providers and mobile-providers for accessing the mobility-network. EdgeRTRs decapsulate packets from ClientXTRs, ServerXTRs and re-encapsulates packets to clients and servers tunnels. EdgeRTRs glean H3ServiceEIDs and MobilityClient EIDs when they decapsulates packets. EdgeRTRs store H3ServiceEIDs and route locations (RLOC) of where the H3ServiceEID is currently using the map-cache. Mappings are registered to the LISP mapping system.These mappings may be provisioned when H3Services are assigned EdgeRTRs. EdgeRTRs do not register MobilityClients' EIDs. Enterprises may provide their own EdgeRTRs to protect geo-privacy. Barkai, et al. Expires July 30, 2022 [Page 5] Internet-Draft LISP June 2022 ___ ___ H3ServiceEIDs ___ / \ H3ServiceEIDs ___ / \ ___ / | H3.r9 | ___ / | H3.r9 | / | H3.r9 \ ___ / / | H3.r9 \ ___ / | H3.r9 \ ___ / sXTR | H3.r9 \ ___ / sXTR \ ___ / sXTR | \ ___ / sXTR | sXTR | | sXTR | | | | | | | | | | | | | | + - - + - - EdgeRTR EdgeRTR - + - + - - + || ( ( (( || ( ) ( Network Hexagons ) ( H3-LISP ) ( mobility-network ) (( ) || (( (()) () || || || = = = = = = = = = = = = = = || || EdgeRTR EdgeRTR .. .. .. .. .. .. .. .. ((((|)))) ((((|)))) ((((|)))) ((((|)))) /|\ RAN /|\ /|\ RAN /|\ .. .. .. .. .. Road tiled by 1 sqm H3.r15 ID-Ed Geo-States .. .. .. .. ___ ___ ___ .. .. ............. / \/ \/ \ << cXTR::MobilityClientB .. - - - - - - - H3.r15 H3.r15 H3.r15 - - - - - - - - - - - - MobilityClientA::cXTR >> \ ___ /\ ___ / ....................... Figure 2: H3.r15 state representation, H3.r9 state aggregation Figure 2 above describes the following entities: - MobilityClientA detections used by MobilityClientB, and, vice versa - Clients: share information via Geolocation Services routed by LISP - ClientXTR (cXTR): tunnels packets over access networks to EdgeRTR - ServerXTR (sXTR): tunnels packets over cloud networks to EdgeRTR - H3-LISP Mobility Network: overlay which spans cXTRs to sXTRs - Uploads: routed to appropriate Geolocation Service by LISP - EdgeRTRs: perform multicast replication to EdgeRTRs and to cXTRs - Clients: receive geospatial detection updates via multicast channels Barkai, et al. Expires July 30, 2022 [Page 6] Internet-Draft LISP June 2022 3. Deployment Assumptions The specification described in this document makes the following deployment assumptions: (1) Unique 64bit HID is associated with each H3 geo-spatial tile (2) MobilityClients and H3ServiceEIDs share grid based indexing (3) 64bit BDD state value is associated with each H3-indexed tile (4) Tile state is compiled 16 fields of 4-bits, or max 16 enums 0 1 2 3 4 5 6 7 +-------+-------+-------+-------+-------+-------+-------+-------+ |-0-|-1-|-2-|-3-|-4-|-5-|-6-|-7-|-8-|-9-|-A-|-B-|-C-|-D-|-E-|-F-| |0123012301230123012301230123012301230123012301230123012301230123 +---------------------------------------------------------------+ Figure 3: Nibble based representation, 16 fields x 16 enumerations We name the nibbles using hexadecimal index according to the position where the most significant nibble has index 0. Values are defined in section 8. Subscription of MobilityClients to mobility-network is renewed while driving. It is not intended as the basic connectivity. MobilityClients use DNS/AAA to obtain temporary EIDs/EdgeRTRs and use (LISP) data-plane tunnels to communicate using their temporary EIDs with the dynamically assigned EdgeRTRs. MobilityClient are otherwise unaware of the LISP network control plane and regard the data-plane tunnels as mobility network. Barkai, et al. Expires July 30, 2022 [Page 7] Internet-Draft LISP June 2022 In order to get access to the mobility-network, MobilityClients first authenticate with the Mobility AAA. DIAMETER [RFC6733] based AAA can be used as a solution for the many types of mobility clients: vehicle systems, driving applications, city and consumer applications. ClientXTRs perform the following steps to use the mobility-network: 1) obtain the address of the mobility-network AAA server using DNS 2) obtain MobilityClientEIDs and EdgeRTRs from AAA DIAMETER server 3) renew authorization from AAA while using the mobility-network Barkai, et al. Expires July 30, 2022 [Page 8] Internet-Draft LISP June 2022 MobilityClient DomainNameServer DIAMETER-AAA MobilityEdgeRTR | | | | | nslookup nexagon | | | |------------------->| | | |<-------------------| | | | Mobility AAA IP | | | | | | | | AAR(AVP:IMSI/User/Password/Toyota) | | |--------------------------------------->| | | | | ACR(AVP ClientEID)| | | |------------------>| | | |<------------------| | | | ACA(AVP ClientEID)| | AAA (Client::EID,EdgeRTR::RLOC) | | |<---------------------------------------| | | | | | . . . Upload to IPv6 H3ServiceEID, Subscribe MLDv2 H3ServiceEID . . . | | |----------------------------------------------------------->| . . . . |<-----------------------------------------------------------| | | . . . Signal freeing multicast Updates from H3ServiceEID . . . | | | | | AAR(Interim) | | |--------------------------------------->| ACR (Interim) | | | |------------------>| | | |<------------------| | | | ACA (Interim) | |<---------------------------------------| | | AAA (Interim) | | Figure 4: DNS and AAA Exchange for lisp mobility-network login Using such an AAA procedure we can ensure that: - MobilityClientEIDs serve as credentials with the EdgeRTRs - EdgeRTRs are provisioned to whitelist MobilityClient EIDs - EdgeRTRs are not tightly coupled to H3.r9 areas (privacy/balance) - MobilityClients do not need to update EdgeRTRs while driving Barkai, et al. Expires July 30, 2022 [Page 9] Internet-Draft LISP June 2022 4. Mobility Clients Network Services The mobility-network functions as a standard LISP overlay. The overlay delivers unicast and multicast packets across: - multiple access-networks and radio-access specifications - multiple cloud edge providers, public, private, and hybrid We use data-plane XTRs in the stack of each mobility client/server. ClientXTRs and ServerXTRs are homed to one or more EdgeRTRs. This structure allows for MobilityClients to "show up" at any location behind any network provider in a given mobility-network admin/NAT domain, and for any H3ServiceEID to be instantiated, moved, or failed-over to any cluster in any cloud-provider. LISP overlay enables these roaming mobility-network elements to communicate uninterrupted. This quality is insured by the LISP RFCs. The determination of identities for MobilityClients to always refer to the correct H3ServiceEID is insured by H3 geo-spatial HIDs. In this specification we assume semi-random association between ClientXTRs and EdgeRTRs applied by the AAA procedure. We assume that in a given metro edge a pool of EdgeRTRs can distribute the Mobility Clients load randomly between them and that EdgeRTRs are topologically equivalent. Each RTR uses LISP to tunnel traffic to and from other EdgeRTRs forMobilityClient and H3Service exchanges. Barkai, et al. Expires July 30, 2022 [Page 10] Internet-Draft LISP June 2022 To summarize the H3LISP mobility-network layout: (1) Mobility-Clients traffic is tunneled via data-plane ClientXTRs ClientXTRs are homed to EdgeRTR(s) (2) H3ServiceEID traffic is tunneled via data-plane ServerXTR ServerXTRs are homed to EdgeRTR(s) (3) EdgeRTRs use mapping service to resolve unicast EIDs to RTR RLOCs EdgeRTRs also register to (Source, Group) H3ServiceEID multicasts MobilityClients <> ClientXTR EdgeRTR v v v < < < < LISP Mobility-Network Overlay < < < < v v > > > > EdgeRTR ServerXTR <> H3ServiceEID Figure 5: The Data Flow Between MobilityClients and H3ServiceEIDs 5. Mobility Unicast and Multicast Regardless of the way a given ClientXTR was associated with EdgeRTR, an authenticated MobilityClient EID can send: [64bitH3.15ID :: 64bitState] detection to the H3.r9 H3ServiceEID. The H3.r9 EID can be calculated by clients algorithmically from the H3.15 localization. The ClientXTR encapsulates MobilityClient EID and H3ServiceEID from the ClientXTR with the destination of the EdgeRTR RLOC LISP port. EdgeRTRs then re-encapsulate annotation packets to remote EdgeRTR. The remote EdgeRTR aggregating H3ServiceEIDs re-encapsulates MobilityClient EID to the ServerXTR of the H3ServiceEID. The headers consist of the following fields: Outer headers size = 40 (IPv6) + 8 (UDP) + 8 (LISP) = 56 Inner headers size = 40 (IPv6) + 8 (UDP) + 4 (Nexagon Header) = 52 1500 (MTU) - 56 - 52 = 1392 bytes of effective payload size Nexagon Header Type allows for kv tupples or vkkk flooding using the same key and the same formats of key and value Type 0:reserved Type 1:key-value, key-value.. 1392 / (8 + 8) = 87 pairs Type 2:value, key,key,key.. (1392 - 8) / 8 = 173 H3-R15 IDs Type 3-255: unassigned Nexagon Header GZIP field: 0x000 no compression, or GZIP version. The compression refers to entire kv or vkkk payload. Nexagon Header Reserved bits Nexagon Header key and value count (in any format) Barkai, et al. Expires July 30, 2022 [Page 11] Internet-Draft LISP June 2022 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ |Version| Traffic Class | Flow Label | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Payload Length | Next Header | Hop Limit | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Source MobilityClientEID + | | | IPv6 + + | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Dest H3ServiceEID + | | | | + + | | | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port = xxxx | Dest Port = xxxx | \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ UDP | UDP Length | UDP Checksum | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | Type |gzip | Reserved | Pair Count = X| Nexgon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 6: Uploaded detections packet format Barkai, et al. Expires July 30, 2022 [Page 12] Internet-Draft LISP June 2022 To Summarize Unicast Uploads: (1) MobilityClients can send detections localized to H3.r15 tile. These detections are sent to H3.r9 mobility H3ServiceEIDs (2) MobilityClient EID and H3ServiceEID HID are encapsulated: XTR <> RTR <> RTR <> XTR (3) RTRs re-encapsulate original source-dest to ServerXTRs ServerXTRs decapsulate packets to H3ServiceEID Each H3Service is also an IP Multicast Source used to update subscribers on the aggregate state of the H3.r15 tiles in the H3.r9 area. We use [RFC8378] signal-free multicast to implement channels in the overlay. The mobility-network has many channels, with thousands subscribers per channel. MobilityClients driving through/subscribing to an H3.r9 area can explicitly issue an [RFC4604] MLDv2 in order to subscribe, or, may be subscribed implicitly by the EdgeRTR. The advantage of explicit client MLDv2 registration as [RFC8378] trigger is that clients manage their own mobility multicast per driving-direction vectors, and that it allows for otherwise silent non uploading clients. The advantage of EdgeRTR implicit registration is that less signaling required. MLDv2 signaling messages are encapsulated between the ClientXTR and EdgeRTR, therefore there is no requirement for the underlying network to support native multicast. If native access multicast is supported then MobilityClient registration to H3ServiceEID safety channels may be integrated with it, in which case mobile packet-core element supporting it will use this standard to register with the appropriate Geolocation Service channels in its area. Barkai, et al. Expires July 30, 2022 [Page 13] Internet-Draft LISP June 2022 Multicast update packets are of the following structure: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ |Version| Traffic Class | Flow Label | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Payload Length | Next Header | Hop Limit | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Source H3-R9 EID Address + | | | IPv6 + + | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Group Address + | | | | + + | | | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port = xxxx | Dest Port = xxxx | \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ UDP | UDP Length | UDP Checksum | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | |Nexagon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / ~ Nexagons Payload ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 7: multicast update packet header Barkai, et al. Expires July 30, 2022 [Page 14] Internet-Draft LISP June 2022 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | Type = 1 |gzip | Reserved | Pair Count = X|Nexagon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 8: multicast update payload, key-value, key-value.. Barkai, et al. Expires July 30, 2022 [Page 15] Internet-Draft LISP June 2022 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | Type = 2 |gzip | Reserved |H3R15 Count = X|Nexagon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / | | + 64bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 9: multicast update payload, value, key, key.. for larger areas The remote EdgeRTRs homing MobilityClients in turn replicate the packet to the MobilityClients registered with them. We expect an average of 600 H3.r15 tiles of the full 7^6 (~100K) possible in H3.r9 to be part of any road. The H3.r9 server can transmit the status of all 600 or just those with meaningful states based on updated SLA and policy. To Summarize: (1) EIDClients tune to H3.r9 mobility updates using [RFC8378] EIDClient issue MLDv2 registration to H3.r9 HIDs ClientXTRs encapsulate MLDv2 to EdgeRTRs who register (s,g). (2) ServerXTRs encapsulate updates to EdgeRTRs who map-resolve (s,g) RLOCs EdgeRTRs replicate mobility update and tunnel to registered EdgeRTRs Remote EdgeRTRs replicate updates to ClientXTRs. Barkai, et al. Expires July 30, 2022 [Page 16] Internet-Draft LISP June 2022 6. Security Considerations The nexagon mobility-network is inherently secure and private. All information is conveyed using Geolocation Services. MobilityClients receive information only from geospatial channels originating from a trusted server. MobilityClients have no indication as to the origin of the raw data. In order to be able to use the nexagon mobility-network for a given period, the mobility clients go through a DNS/AAA stage by which they obtain their clientEID identifiers-credentials and the RLOCs of EdgeRTRs they may use as gateways to the network. This MobilityClient <> EdgeRTR interface is the most sensitive in this network to privacy and security considerations. The traffic on the MobilityClient<>EdgeRTR interface is tunneled, and its UDP content may be encrypted; still, the EdgeRTR will know based on the LISP headers alone the MobilityClient RLOC and H3-R9 (~0.1sqkm) geo-spatial area to which a given client uploads or subscribes to. For this reason we envision the ability of enterprise or groups of users to "bring their own" EdgeRTRs. For example a car OEM offering EdgeRTRs on behalf of its vehicles for use with Geolocation Services. BYO-RTR masks individual clients' RLOC to H3.r9 association and is pre-provisioned to be able to use the mapping system and be on a white-list of EdgeRTRs aggregating H3ServiceEIDs. If the EdgeRTR functionality is delivered by 5GCore UPF then the only entity which can correlate underlay IP, User, and Geo- location is the regulated carrier, which can do so anyway. Beyond this hop, the mapping system does not hold MobilityClientEIDs, and remote EdgeRTRs are only aware of MobilityClient ephemeral EIDs, not actual RLOC or any other mobile-device identifiers. EdgeRTRs register in the mapping (s,g) H3-R9 multicast groups. Which clients use which EdgeRTR is not in the mapping system, only the AAA server is aware of that. The H3ServiceEIDs themselves decrypt and parse actual H3-R15 annotations; they also consider during this MobilityClientEID credentials to avoid "fake-news", but again these are only temporary EIDs allocated to clients in order to be able to use the mobility network and not for their actual IP. H3Services are provisioned to their EdgeRTRs, in the EdgeRTRs, and optionally also in the mapping system. Barkai, et al. Expires July 30, 2022 [Page 17] Internet-Draft LISP June 2022 In summary of main risk mitigations for the lisp-nexagon interface: (1) tapping: all communications are through dynamic tunnels therefore may be encrypted using IP-Sec or other supported point to point underlay standards. These are not static tunnels but LISP re-tunneling routers (RTRs) perform all nexagon Overlay aggregation. (2) spoofing: it is very hard to guess a MobilityClientEID valid for a short period of time. Clients and H3Services EIDs are whitelisted in EdgeRTRs, Clients using the AAA procedure, H3Services via dev-ops. (3) impersonating: efforts to use MobilityClients and H3Services RLOCs should be caught by the underlying service provider edge and access networks. EID impersonating is caught by EdgeRTR EID RLOC whitelist mismatch. (4) credibility: the interface crowd-sources geo-state and does not assume to trust single detections. Credit history track to MobilityClientEIDs by as part of normal H3Services fact checking, aggregate scores affect AAA credentials. (5) privacy: Only EdgeRTRs are aware of both clients' RLOC and geo-location, only AAA is aware of client IDs credentials and credit but not geo-location. Aggregate credit score span all H3Services administratively without source. 7. Acknowledgments We would like to kindly thank Joel Halperin for helping structure the AAA section and Geo-Privacy provisions, Luigi Lannone for promoting such LISP Compute First Networking (CFN) use-cases, helping structure the IANA section, and shepherding this draft to completion. We would like to thank George Ericson for help clarifying Geolocation Services terminology through work on the AECC specifications and papers. Barkai, et al. Expires July 30, 2022 [Page 18] Internet-Draft LISP June 2022 8. IANA Considerations This section provides guidance to the Internet Assigned Numbers Authority (IANA) regarding registration of values related to the LISP specification, in accordance with BCP 26 [RFC8126]. IANA is asked to create a registry named NEXAGON Parameters. Such registry should be populated with the following sub registries. State Enumeration Field 0x0: Traffic Direction: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Lane North | [This Document] | | | | | | 0x2 | Lane North + 30 | [This Document] | | | | | | 0x3 | Lane North + 60 | [This Document] | | | | | | 0x4 | Lane North + 90 | [This Document] | | | | | | 0x5 | Lane North + 120 | [This Document] | | | | | | 0x6 | Lane North + 150 | [This Document] | | | | | | 0x7 | Lane North + 180 | [This Document] | | | | | | 0x8 | Lane North + 210 | [This Document] | | | | | | 0x9 | Lane North + 240 | [This Document] | | | | | | 0xA | Lane North + 270 | [This Document] | | | | | | 0xB | Lane North + 300 | [This Document] | | | | | | 0xC | Lane North + 330 | [This Document] | | | | | | 0xD | Junction | [This Document] | | | | | | 0xE | Shoulder | [This Document] | | | | | | 0xF | Sidewalk | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 19] Internet-Draft LISP June 2022 State Enumeration Field 0x1: Persistent Condition: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Pothole Light | [This Document] | | | | | | 0x2 | Pothole Deep | [This Document] | | | | | | 0x3 | Speed-bump Low | [This Document] | | | | | | 0x4 | Speed-bump High | [This Document] | | | | | | 0x5 | Icy | [This Document] | | | | | | 0x6 | Flooded | [This Document] | | | | | | 0x7 | Snow-cover | [This Document] | | | | | | 0x8 | Deep Snow | [This Document] | | | | | | 0x9 | Cone | [This Document] | | | | | | 0xA | Gravel | [This Document] | | | | | | 0xB | Choppy | [This Document] | | | | | | 0xC | Blind-Curve | [This Document] | | | | | | 0xD | Steep | [This Document] | | | | | | 0xE | Low-bridge | [This Document] | | | | | | 0xF | Other | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 20] Internet-Draft LISP June 2022 State Enumeration Field 0x2: Transient Condition: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Jaywalker | [This Document] | | | | | | 0x2 | Bike or Scooter | [This Document] | | | | | | 0x3 | Stopped Vehicle | [This Document] | | | | | | 0x4 | Moving on Shoulder | [This Document] | | | | | | 0x5 | First Responder | [This Document] | | | | | | 0x6 | Sudden Slowdown | [This Document] | | | | | | 0x7 | Oversize Vehicle | [This Document] | | | | | | 0x8 | Light/Sign Breach | [This Document] | | | | | | 0x9 | Collision Light | [This Document] | | | | | | 0xA | Collision Severe | [This Document] | | | | | | 0xB | Collision Debris | [This Document] | | | | | | 0xC | Collision Course | [This Document] | | | | | | 0xD | Vehicle Hard Brake | [This Document] | | | | | | 0xE | Vehicle Sharp Turn | [This Document] | | | | | | 0xF | Freed-up Parking | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 21] Internet-Draft LISP June 2022 State Enumeration Field 0x3: Traffic-light Counter: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | 1 Second to Green | [This Document] | | | | | | 0x2 | 2 Second to Green | [This Document] | | | | | | 0x3 | 3 Second to Green | [This Document] | | | | | | 0x4 | 4 Second to Green | [This Document] | | | | | | 0x5 | 5 Second to Green | [This Document] | | | | | | 0x6 | 6 Second to Green | [This Document] | | | | | | 0x7 | 7 Second to Green | [This Document] | | | | | | 0x8 | 8 Second to Green | [This Document] | | | | | | 0x9 | 9 Second to Green | [This Document] | | | | | | 0xA | 10 Second to Green | [This Document] | | | | | | 0xB | 20 Second to Green | [This Document] | | | | | | 0xC | 30 Second to Green | [This Document] | | | | | | 0xD | 60 Second to Green | [This Document] | | | | | | 0xE | Green Now | [This Document] | | | | | | 0xF | Red Now | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 22] Internet-Draft LISP June 2022 State Enumeration Field 0x4: Impacted Tile: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Epicenter | [This Document] | | | | | | 0x2 | 2 Tiles Away | [This Document] | | | | | | 0x3 | 3 Tiles Away | [This Document] | | | | | | 0x4 | 4 Tiles Away | [This Document] | | | | | | 0x5 | 5 Tiles Away | [This Document] | | | | | | 0x6 | 6 Tiles Away | [This Document] | | | | | | 0x7 | 7 Tiles Away | [This Document] | | | | | | 0x8 | 8 Tiles Away | [This Document] | | | | | | 0x9 | 9 Tiles Away | [This Document] | | | | | | 0xA | 10 Tiles Away | [This Document] | | | | | | 0xB | 20 Tiles Away | [This Document] | | | | | | 0xC | 30 Tiles Away | [This Document] | | | | | | 0xD | 60 Tiles Away | [This Document] | | | | | | 0xE | <100 Tiles Away | [This Document] | | | | | | 0xF | <200 Tiles Away | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 23] Internet-Draft LISP June 2022 State Enumeration Field 0x5: Expected Duration: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Next 1 Second | [This Document] | | | | | | 0x2 | Next 5 Seconds | [This Document] | | | | | | 0x3 | Next 10 Seconds | [This Document] | | | | | | 0x4 | Next 20 Seconds | [This Document] | | | | | | 0x5 | Next 40 Seconds | [This Document] | | | | | | 0x6 | Next 60 Seconds | [This Document] | | | | | | 0x7 | Next 2 Minutes | [This Document] | | | | | | 0x8 | Next 3 Minutes | [This Document] | | | | | | 0x9 | Next 4 Minutes | [This Document] | | | | | | 0xA | Next 5 Minutes | [This Document] | | | | | | 0xB | Next 10 Minutes | [This Document] | | | | | | 0xC | Next 15 Minutes | [This Document] | | | | | | 0xD | Next 30 Minutes | [This Document] | | | | | | 0xE | Next 60 Minutes | [This Document] | | | | | | 0xF | Next 24 Hours | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 24] Internet-Draft LISP June 2022 State Enumeration Field 0x6: Lane Right Sign: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Yield | [This Document] | | | | | | 0x2 | Speed Limit | [This Document] | | | | | | 0x3 | Straight Only | [This Document] | | | | | | 0x4 | No Straight | [This Document] | | | | | | 0x5 | Right Only | [This Document] | | | | | | 0x6 | No Right | [This Document] | | | | | | 0x7 | Left Only | [This Document] | | | | | | 0x8 | No Left | [This Document] | | | | | | 0x9 | Right Straight | [This Document] | | | | | | 0xA | Left Straight | [This Document] | | | | | | 0xB | No U Turn | [This Document] | | | | | | 0xC | No Left or U | [This Document] | | | | | | 0xD | Bike Lane | [This Document] | | | | | | 0xE | HOV Lane | [This Document] | | | | | | 0xF | Stop | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 25] Internet-Draft LISP June 2022 State Enumeration Field 0x7: Movement Sign: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Keep Right | [This Document] | | | | | | 0x2 | Keep Left | [This Document] | | | | | | 0x3 | Stay in Lane | [This Document] | | | | | | 0x4 | Do Not Enter | [This Document] | | | | | | 0x5 | No Trucks | [This Document] | | | | | | 0x6 | No Bikes | [This Document] | | | | | | 0x7 | No Peds | [This Document] | | | | | | 0x8 | One Way | [This Document] | | | | | | 0x9 | Parking | [This Document] | | | | | | 0xA | No Parking | [This Document] | | | | | | 0xB | No Standing | [This Document] | | | | | | 0xC | No Passing | [This Document] | | | | | | 0xD | Loading Zone | [This Document] | | | | | | 0xE | Rail Crossing | [This Document] | | | | | | 0xF | School Zone | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 26] Internet-Draft LISP June 2022 State Enumeration Field 0x8: Curves & Intersections: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | Turns Left | [This Document] | | | | | | 0x2 | Turns Right | [This Document] | | | | | | 0x3 | Curves Left | [This Document] | | | | | | 0x4 | Curves Right | [This Document] | | | | | | 0x5 | Reverses Left | [This Document] | | | | | | 0x6 | Reverses Right | [This Document] | | | | | | 0x7 | Winding Road | [This Document] | | | | | | 0x8 | Hair Pin | [This Document] | | | | | | 0x9 | Pretzel Turn | [This Document] | | | | | | 0xA | Cross Roads | [This Document] | | | | | | 0xB | Cross T | [This Document] | | | | | | 0xC | Cross Y | [This Document] | | | | | | 0xD | Circle | [This Document] | | | | | | 0xE | Lane Ends | [This Document] | | | | | | 0xF | Road Narrows | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 27] Internet-Draft LISP June 2022 State Enumeration Field 0x9: Tile Traffic Speed: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | < 1 m/sec | [This Document] | | | | | | 0x2 | < 2 m/sec | [This Document] | | | | | | 0x3 | < 3 m/sec | [This Document] | | | | | | 0x4 | < 4 m/sec | [This Document] | | | | | | 0x5 | < 5 m/sec | [This Document] | | | | | | 0x6 | < 6 m/sec | [This Document] | | | | | | 0x7 | < 7 m/sec | [This Document] | | | | | | 0x8 | < 8 m/sec | [This Document] | | | | | | 0x9 | < 9 m/sec | [This Document] | | | | | | 0xA | < 10 m/sec | [This Document] | | | | | | 0xB | < 20 m/sec | [This Document] | | | | | | 0xC | < 30 m/sec | [This Document] | | | | | | 0xD | < 40 m/sec | [This Document] | | | | | | 0xE | < 50 m/sec | [This Document] | | | | | | 0xF | > 50 m/sec | [This Document] | +-------+--------------------+-----------------+ Barkai, et al. Expires July 30, 2022 [Page 28] Internet-Draft LISP June 2022 State Enumeration Field 0xA: Pedestrian Curb Density: +-------+--------------------+-----------------+ | Value | Description | Reference | +-------+--------------------+-----------------+ | 0x0 | Null | [This Document] | | | | | | 0x1 | 100% | [This Document] | | | | | | 0x2 | 95% | [This Document] | | | | | | 0x3 | 90% | [This Document] | | | | | | 0x4 | 85% | [This Document] | | | | | | 0x5 | 80% | [This Document] | | | | | | 0x6 | 70% | [This Document] | | | | | | 0x7 | 60% | [This Document] | | | | | | 0x8 | 50% | [This Document] | | | | | | 0x9 | 40% | [This Document] | | | | | | 0xA | 30% | [This Document] | | | | | | 0xB | 20% | [This Document] | | | | | | 0xC | 15% | [This Document] | | | | | | 0xD | 10% | [This Document] | | | | | | 0xE | 5% | [This Document] | | | | | | 0xF | No Peds | [This Document] | +-------+--------------------+-----------------+ State enumeration fields 0xB, 0xC, 0xD, 0xE, 0xF, are unassigned. IANA can assign them on a "First Come First Served" basis according to [RFC8126]. Barkai, et al. Expires July 30, 2022 [Page 29] Internet-Draft LISP June 2022 9. Normative References [I-D.ietf-lisp-rfc6830bis] Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. Cabellos-Aparicio, "The Locator/ID Separation Protocol (LISP)", draft-ietf-lisp-rfc6830bis-38 (work in progress), May 2020. [RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source- Specific Multicast", RFC 4604, DOI 10.17487/RFC4604, August 2006, . [RFC6733] Fajardo, V., Ed., Arkko, J., Loughney, J., and G. Zorn, Ed., "Diameter Base Protocol", RFC 6733, DOI 10.17487/RFC6733, October 2012, . [RFC8126] Cotton, M., Leiba, B., Narten, T., "Guidelines for Writing an IANA Considerations Section in RFCs", RFC8126, DOI 10.17487/RFC8126, June 2017, . [RFC8378] Farinacci, D., Moreno, V., "Signal-Free Locator/ID Separation Protocol (LISP) Multicast", RFC8378, DOI 10.17487/RFC8378, May 2018, . Barkai, et al. Expires July 30, 2022 [Page 30] Internet-Draft LISP June 2022 Authors' Addresses Sharon Barkai Nexar CA USA Email: sbarkai@gmail.com Bruno Fernandez-Ruiz Nexar London UK Email: b@getnexar.com Rotem Tamir Nexar Israel rotemtamir@getnexar.com Alberto Rodriguez-Natal Cisco Systems 170 Tasman Drive San Jose, CA USA Email: natal@cisco.com Fabio Maino Cisco Systems 170 Tasman Drive San Jose, CA USA Email: fmaino@cisco.com Barkai, et al. Expires July 30, 2022 [Page 31] Internet-Draft LISP June 2022 Albert Cabellos-Aparicio Technical University of Catalonia Barcelona Spain Email: acabello@ac.upc.edu Jordi Paillisse-Vilanova Technical University of Catalonia Barcelona Spain Email: jordip@ac.upc.edu Dino Farinacci lispers.net San Jose, CA USA Email: farinacci@gmail.com Barkai, et al. Expires July 30, 2022 [Page 32]