| < draft-haindl-lisp-gb-atn-06.txt | draft-haindl-lisp-gb-atn-07.txt > | |||
|---|---|---|---|---|
| LISP Working Group B. Haindl | LISP Working Group B.H. Haindl | |||
| Internet-Draft M. Lindner | Internet-Draft M.L. Lindner | |||
| Intended status: Informational Frequentis | Intended status: Informational Frequentis | |||
| Expires: September 6, 2021 R. Rahman | Expires: 23 September 2022 V. Moreno | |||
| M. Portoles | ||||
| V. Moreno | M.P. Portoles | |||
| F. Maino | F.M. Maino | |||
| B. Venkatachalapathy | B.V. Venkatachalapathy | |||
| Cisco Systems | Cisco Systems | |||
| March 5, 2021 | 22 March 2022 | |||
| Ground-Based LISP for the Aeronautical Telecommunications Network | Ground-Based LISP for the Aeronautical Telecommunications Network | |||
| draft-haindl-lisp-gb-atn-06 | draft-haindl-lisp-gb-atn-07 | |||
| Abstract | Abstract | |||
| This document describes the use of the LISP architecture and | This document describes the use of the LISP architecture and | |||
| protocols to address the requirements of the worldwide Aeronautical | protocols to address the requirements of the worldwide Aeronautical | |||
| Telecommunications Network with Internet Protocol Services, as | Telecommunications Network with Internet Protocol Services, as | |||
| articulated by the International Civil Aviation Organization. | articulated by the International Civil Aviation Organization. | |||
| The ground-based LISP overlay provides mobility and multi-homing | The ground-based LISP overlay provides mobility and multi-homing | |||
| services to the IPv6 networks hosted on commercial aircrafts, to | services to the IPv6 networks hosted on commercial aircrafts, to | |||
| skipping to change at page 2, line 7 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 6, 2021. | This Internet-Draft will expire on 23 September 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | license-info) in effect on the date of publication of this document. | |||
| publication of this document. Please review these documents | Please review these documents carefully, as they describe your rights | |||
| carefully, as they describe your rights and restrictions with respect | and restrictions with respect to this document. Code Components | |||
| to this document. Code Components extracted from this document must | extracted from this document must include Revised BSD License text as | |||
| include Simplified BSD License text as described in Section 4.e of | described in Section 4.e of the Trust Legal Provisions and are | |||
| the Trust Legal Provisions and are provided without warranty as | provided without warranty as described in the Revised BSD License. | |||
| described in the Simplified BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3 | 2. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Design Overview . . . . . . . . . . . . . . . . . . . . . . . 4 | 3. Design Overview . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 4. Basic Protocol Operation . . . . . . . . . . . . . . . . . . 7 | 4. Basic Protocol Operation . . . . . . . . . . . . . . . . . . 7 | |||
| 4.1. Endsystem Registration . . . . . . . . . . . . . . . . . 7 | 4.1. Endsystem Registration . . . . . . . . . . . . . . . . . 7 | |||
| 4.2. Ground to Airborne Traffic Flow . . . . . . . . . . . . . 8 | 4.2. Ground to Airborne Traffic Flow . . . . . . . . . . . . . 8 | |||
| 4.3. Airborne to Ground Traffic Flow . . . . . . . . . . . . . 8 | 4.3. Airborne to Ground Traffic Flow . . . . . . . . . . . . . 8 | |||
| skipping to change at page 2, line 44 ¶ | skipping to change at page 2, line 46 ¶ | |||
| 4.5. Traffic symmetry . . . . . . . . . . . . . . . . . . . . 10 | 4.5. Traffic symmetry . . . . . . . . . . . . . . . . . . . . 10 | |||
| 5. Multi-Homing and Mobility . . . . . . . . . . . . . . . . . . 10 | 5. Multi-Homing and Mobility . . . . . . . . . . . . . . . . . . 10 | |||
| 6. Convergence . . . . . . . . . . . . . . . . . . . . . . . . . 11 | 6. Convergence . . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 6.1. Use of RLOC-probing . . . . . . . . . . . . . . . . . . . 12 | 6.1. Use of RLOC-probing . . . . . . . . . . . . . . . . . . . 12 | |||
| 6.2. Use of Solicit-Map-Request . . . . . . . . . . . . . . . 12 | 6.2. Use of Solicit-Map-Request . . . . . . . . . . . . . . . 12 | |||
| 6.3. Use of LISP pub-sub . . . . . . . . . . . . . . . . . . . 12 | 6.3. Use of LISP pub-sub . . . . . . . . . . . . . . . . . . . 12 | |||
| 7. Multi-domain structure of the ATN/IPS . . . . . . . . . . . . 13 | 7. Multi-domain structure of the ATN/IPS . . . . . . . . . . . . 13 | |||
| 8. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | 8. Security Considerations . . . . . . . . . . . . . . . . . . . 13 | |||
| 8.1. LISP Basic Security Mechanisms . . . . . . . . . . . . . 13 | 8.1. LISP Basic Security Mechanisms . . . . . . . . . . . . . 13 | |||
| 8.2. Control Plane overload protection . . . . . . . . . . . . 14 | 8.2. Control Plane overload protection . . . . . . . . . . . . 14 | |||
| 8.3. Protecting the LISP control plane from overclaim attacks 14 | 8.3. Protecting the LISP control plane from overclaim | |||
| attacks . . . . . . . . . . . . . . . . . . . . . . . . . 14 | ||||
| 8.4. LISP Reliable Transport . . . . . . . . . . . . . . . . . 14 | 8.4. LISP Reliable Transport . . . . . . . . . . . . . . . . . 14 | |||
| 8.5. Reachability Control . . . . . . . . . . . . . . . . . . 15 | 8.5. Reachability Control . . . . . . . . . . . . . . . . . . 16 | |||
| 8.6. Data Plane Security . . . . . . . . . . . . . . . . . . . 16 | 8.6. Data Plane Security . . . . . . . . . . . . . . . . . . . 17 | |||
| 8.6.1. Segmentation . . . . . . . . . . . . . . . . . . . . 16 | 8.6.1. Segmentation . . . . . . . . . . . . . . . . . . . . 17 | |||
| 8.6.2. Automated RLOC Filtering . . . . . . . . . . . . . . 17 | 8.6.2. Automated RLOC Filtering . . . . . . . . . . . . . . 17 | |||
| 8.6.3. Confidentiality, Integrity and Anti-replay protection 17 | 8.6.3. Confidentiality, Integrity and Anti-replay | |||
| 8.7. new section . . . . . . . . . . . . . . . . . . . . . . . 18 | protection . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 | 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 18 | 11.1. Normative References . . . . . . . . . . . . . . . . . . 18 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 18 | 11.2. Informative References . . . . . . . . . . . . . . . . . 18 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 1. Introduction | 1. Introduction | |||
| This document describes the use of the LISP [RFC6830] architecture | This document describes the use of the LISP [RFC6830] architecture | |||
| and protocols to address the requirements of the worldwide | and protocols to address the requirements of the worldwide | |||
| Aeronautical Telecommunications Network with Internet Protocol | Aeronautical Telecommunications Network with Internet Protocol | |||
| Services (ATN/IPS), as articulated by the International Civil | Services (ATN/IPS), as articulated by the International Civil | |||
| Aviation Organization (ICAO). | Aviation Organization (ICAO). | |||
| ICAO is proposing to replace the existing aeronautical communication | ICAO is proposing to replace the existing aeronautical communication | |||
| skipping to change at page 6, line 34 ¶ | skipping to change at page 6, line 38 ¶ | |||
| The LISP infrastructure is used to support seamless aircraft mobility | The LISP infrastructure is used to support seamless aircraft mobility | |||
| from one radio network to another, as well as multi-homing attachment | from one radio network to another, as well as multi-homing attachment | |||
| of an aircraft to multiple radio networks with use of LISP weight and | of an aircraft to multiple radio networks with use of LISP weight and | |||
| priorities to load balance traffic directed toward the aircraft. | priorities to load balance traffic directed toward the aircraft. | |||
| The rest of this document provides further details on how ground- | The rest of this document provides further details on how ground- | |||
| based LISP is used to address the requirements of the ATN/IPS use | based LISP is used to address the requirements of the ATN/IPS use | |||
| cases. The main design goals are: | cases. The main design goals are: | |||
| o minimize added complexity on the aircraft | * minimize added complexity on the aircraft | |||
| * airborne routers can assume that any ground system is reachable | - airborne routers can assume that any ground system is reachable | |||
| via any A/G router. Static routing policies can be used on | via any A/G router. Static routing policies can be used on | |||
| board | board | |||
| * no need for routing/mobility protocols on board. Routing/ | - no need for routing/mobility protocols on board. Routing/ | |||
| mobility is managed on the ground ATN/IPS network | mobility is managed on the ground ATN/IPS network | |||
| * on-board outgoing link selection can be done with simple static | - on-board outgoing link selection can be done with simple static | |||
| policy | policy | |||
| o seamless support for aircraft mobility and multi-homing with | * seamless support for aircraft mobility and multi-homing with | |||
| minimal traffic overhead on the A/G datalink | minimal traffic overhead on the A/G datalink | |||
| o minimize complexity of ground deployment | * minimize complexity of ground deployment | |||
| * ground-based LISP can be easily deployed over existing ATN/IPS | ||||
| - ground-based LISP can be easily deployed over existing ATN/IPS | ||||
| ground infrastructure | ground infrastructure | |||
| * it is based on COTS solutions | - it is based on COTS solutions | |||
| * can ease IPv4 to IPv6 transition issues | - can ease IPv4 to IPv6 transition issues | |||
| 4. Basic Protocol Operation | 4. Basic Protocol Operation | |||
| Figure 1 provides the reference topology for a description of the | Figure 1 provides the reference topology for a description of the | |||
| basic operation. A more detailed description of the basic protocol | basic operation. A more detailed description of the basic protocol | |||
| operation is described in [GBL]. | operation is described in [GBL]. | |||
| 4.1. Endsystem Registration | 4.1. Endsystem Registration | |||
| The following are the steps via which airborne endsystem prefixes are | The following are the steps via which airborne endsystem prefixes are | |||
| skipping to change at page 18, line 5 ¶ | skipping to change at page 18, line 19 ¶ | |||
| required, the LISP data plane can be secured as any other IP traffic | required, the LISP data plane can be secured as any other IP traffic | |||
| by leveraging IPsec. The provisioning of an IPsec VPN to secure IP | by leveraging IPsec. The provisioning of an IPsec VPN to secure IP | |||
| encapsulated LISP frames is orthogonal to deployment of LISP and can | encapsulated LISP frames is orthogonal to deployment of LISP and can | |||
| be done using well known IPsec key negotiation mechanisms such as | be done using well known IPsec key negotiation mechanisms such as | |||
| IKEv2 [RFC7296]. | IKEv2 [RFC7296]. | |||
| IKEv2 uses X.509 certificates for authentication. A PKI is needed | IKEv2 uses X.509 certificates for authentication. A PKI is needed | |||
| for managing the certificates. The certificates are used for | for managing the certificates. The certificates are used for | |||
| generating the exchanged symmetric encryption keys. | generating the exchanged symmetric encryption keys. | |||
| 8.7. new section | ||||
| 9. IANA Considerations | 9. IANA Considerations | |||
| No IANA considerations. | No IANA considerations. | |||
| 10. Acknowledgements | 10. Acknowledgements | |||
| The authors would like to thank Dino Farinacci for his review of the | The original authors would like to thank Dino Farinacci and Bela | |||
| document. | Varkonyi for their review of the document and deep insights. | |||
| The following people have contributed, over time, to the autorship of | ||||
| this document: Bernhard Haindl, Manfred Lindner, Reshad Rahman, Marc | ||||
| Portoles-Comeras, Victor Moreno, Fabio Maino, Balaji | ||||
| Venkatachalapathy. | ||||
| 11. References | 11. References | |||
| 11.1. Normative References | 11.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| skipping to change at page 18, line 37 ¶ | skipping to change at page 19, line 6 ¶ | |||
| DOI 10.17487/RFC6830, January 2013, | DOI 10.17487/RFC6830, January 2013, | |||
| <https://www.rfc-editor.org/info/rfc6830>. | <https://www.rfc-editor.org/info/rfc6830>. | |||
| 11.2. Informative References | 11.2. Informative References | |||
| [GBL] Frequentis, "Ground Based LISP for Multilink Operation, | [GBL] Frequentis, "Ground Based LISP for Multilink Operation, | |||
| https://www.icao.int/safety/acp/ACPWGF/CP WG-I 19/WP06 | https://www.icao.int/safety/acp/ACPWGF/CP WG-I 19/WP06 | |||
| Ground_Based_LISP 2016-01-14.pdf", January 2016. | Ground_Based_LISP 2016-01-14.pdf", January 2016. | |||
| [I-D.ermagan-lisp-nat-traversal] | [I-D.ermagan-lisp-nat-traversal] | |||
| Ermagan, V., Farinacci, D., Lewis, D., Maino, F., | Ermagan, V., Farinacci, D., Lewis, D., Maino, F., Comeras, | |||
| Portoles-Comeras, M., Skriver, J., White, C., Bresco, A., | M. P., Skriver, J., White, C., Lopez, A., and A. Cabellos, | |||
| and A. Cabellos-Aparicio, "NAT traversal for LISP", draft- | "NAT traversal for LISP", Work in Progress, Internet- | |||
| ermagan-lisp-nat-traversal-18 (work in progress), November | Draft, draft-ermagan-lisp-nat-traversal-19, 7 May 2021, | |||
| 2020. | <https://www.ietf.org/archive/id/draft-ermagan-lisp-nat- | |||
| traversal-19.txt>. | ||||
| [I-D.ietf-lisp-eid-mobility] | [I-D.ietf-lisp-eid-mobility] | |||
| Portoles-Comeras, M., Ashtaputre, V., Moreno, V., Maino, | Comeras, M. P., Ashtaputre, V., Maino, F., Moreno, V., and | |||
| F., and D. Farinacci, "LISP L2/L3 EID Mobility Using a | D. Farinacci, "LISP L2/L3 EID Mobility Using a Unified | |||
| Unified Control Plane", draft-ietf-lisp-eid-mobility-07 | Control Plane", Work in Progress, Internet-Draft, draft- | |||
| (work in progress), January 2021. | ietf-lisp-eid-mobility-09, 18 January 2022, | |||
| <https://www.ietf.org/archive/id/draft-ietf-lisp-eid- | ||||
| mobility-09.txt>. | ||||
| [I-D.ietf-lisp-pubsub] | [I-D.ietf-lisp-pubsub] | |||
| Rodriguez-Natal, A., Ermagan, V., Cabellos-Aparicio, A., | Rodriguez-Natal, A., Ermagan, V., Cabellos, A., Barkai, | |||
| Barkai, S., and M. Boucadair, "Publish/Subscribe | S., and M. Boucadair, "Publish/Subscribe Functionality for | |||
| Functionality for LISP", draft-ietf-lisp-pubsub-07 (work | LISP", Work in Progress, Internet-Draft, draft-ietf-lisp- | |||
| in progress), January 2021. | pubsub-09, 28 June 2021, <https://www.ietf.org/archive/id/ | |||
| draft-ietf-lisp-pubsub-09.txt>. | ||||
| [I-D.ietf-lisp-rfc6833bis] | [I-D.ietf-lisp-rfc6833bis] | |||
| Farinacci, D., Maino, F., Fuller, V., and A. Cabellos- | Farinacci, D., Maino, F., Fuller, V., and A. Cabellos, | |||
| Aparicio, "Locator/ID Separation Protocol (LISP) Control- | "Locator/ID Separation Protocol (LISP) Control-Plane", | |||
| Plane", draft-ietf-lisp-rfc6833bis-30 (work in progress), | Work in Progress, Internet-Draft, draft-ietf-lisp- | |||
| November 2020. | rfc6833bis-30, 18 November 2020, | |||
| <https://www.ietf.org/archive/id/draft-ietf-lisp- | ||||
| rfc6833bis-30.txt>. | ||||
| [I-D.ietf-lisp-sec] | [I-D.ietf-lisp-sec] | |||
| Maino, F., Ermagan, V., Cabellos-Aparicio, A., and D. | Maino, F., Ermagan, V., Cabellos, A., and D. Saucez, | |||
| Saucez, "LISP-Security (LISP-SEC)", draft-ietf-lisp-sec-22 | "LISP-Security (LISP-SEC)", Work in Progress, Internet- | |||
| (work in progress), January 2021. | Draft, draft-ietf-lisp-sec-25, 9 December 2021, | |||
| <https://www.ietf.org/archive/id/draft-ietf-lisp-sec- | ||||
| 25.txt>. | ||||
| [I-D.moreno-lisp-uberlay] | [I-D.moreno-lisp-uberlay] | |||
| Moreno, V., Farinacci, D., Rodriguez-Natal, A., Portoles- | Moreno, V., Farinacci, D., Rodriguez-Natal, A., Portoles- | |||
| Comeras, M., Maino, F., and S. Hooda, "Uberlay | Comeras, M., Maino, F., and S. Hooda, "Uberlay | |||
| Interconnection of Multiple LISP overlays", draft-moreno- | Interconnection of Multiple LISP overlays", Work in | |||
| lisp-uberlay-03 (work in progress), August 2020. | Progress, Internet-Draft, draft-moreno-lisp-uberlay-05, 18 | |||
| January 2022, <https://www.ietf.org/archive/id/draft- | ||||
| moreno-lisp-uberlay-05.txt>. | ||||
| [I-D.templin-atn-bgp] | [I-D.templin-atn-bgp] | |||
| Templin, F., Saccone, G., Dawra, G., Lindem, A., and V. | Templin, F. L., Saccone, G., Dawra, G., Lindem, A., and V. | |||
| Moreno, "A Simple BGP-based Mobile Routing System for the | Moreno, "A Simple BGP-based Mobile Routing System for the | |||
| Aeronautical Telecommunications Network", draft-templin- | Aeronautical Telecommunications Network", Work in | |||
| atn-bgp-08 (work in progress), August 2018. | Progress, Internet-Draft, draft-templin-atn-bgp-08, 16 | |||
| August 2018, <https://www.ietf.org/archive/id/draft- | ||||
| templin-atn-bgp-08.txt>. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Bernhard Haindl | Bernhard Haindl | |||
| Frequentis | Frequentis | |||
| Email: bernhard.haindl@frequentis.com | Email: bernhard.haindl@frequentis.com | |||
| Manfred Lindner | Manfred Lindner | |||
| Frequentis | Frequentis | |||
| Email: manfred.lindner@frequentis.com | Email: manfred.lindner@frequentis.com | |||
| Reshad Rahman | Victor Moreno | |||
| Cisco Systems | ||||
| Email: vimoreno@google.com | ||||
| Email: rrahman@cisco.com | ||||
| Marc Portoles Comeras | Marc Portoles Comeras | |||
| Cisco Systems | Cisco Systems | |||
| Email: mportole@cisco.com | Email: mportole@cisco.com | |||
| Victor Moreno | ||||
| Cisco Systems | ||||
| Email: vimoreno@cisco.com | ||||
| Fabio Maino | Fabio Maino | |||
| Cisco Systems | Cisco Systems | |||
| Email: fmaino@cisco.com | Email: fmaino@cisco.com | |||
| Balaji Venkatachalapathy | Balaji Venkatachalapathy | |||
| Cisco Systems | Cisco Systems | |||
| Email: bvenkata@cisco.com | Email: bvenkata@cisco.com | |||
| End of changes. 37 change blocks. | ||||
| 78 lines changed or deleted | 83 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||