idnits 2.17.1 draft-ietf-lisp-gpe-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 31, 2020) is 1419 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-38) exists of draft-ietf-lisp-rfc6830bis-32 == Outdated reference: A later version (-05) exists of draft-brockners-ippm-ioam-vxlan-gpe-03 == Outdated reference: A later version (-22) exists of draft-ietf-tsvwg-ecn-encap-guidelines-13 -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force F. Maino, Ed. 3 Internet-Draft Cisco 4 Intended status: Standards Track J. Lemon 5 Expires: December 2, 2020 Broadcom 6 P. Agarwal 7 Innovium 8 D. Lewis 9 M. Smith 10 Cisco 11 May 31, 2020 13 LISP Generic Protocol Extension 14 draft-ietf-lisp-gpe-15 16 Abstract 18 This document describes extentions to the Locator/ID Separation 19 Protocol (LISP) Data-Plane, via changes to the LISP header, to 20 support multi-protocol encapsulation. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on December 2, 2020. 39 Copyright Notice 41 Copyright (c) 2020 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 1.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 3 58 1.2. Definition of Terms . . . . . . . . . . . . . . . . . . . 3 59 2. LISP Header Without Protocol Extensions . . . . . . . . . . . 3 60 3. Generic Protocol Extension for LISP (LISP-GPE) . . . . . . . 4 61 4. Implementation and Deployment Considerations . . . . . . . . 6 62 4.1. Applicability Statement . . . . . . . . . . . . . . . . . 6 63 4.2. Congestion Control Functionality . . . . . . . . . . . . 7 64 4.3. UDP Checksum . . . . . . . . . . . . . . . . . . . . . . 7 65 4.3.1. UDP Zero Checksum Handling with IPv6 . . . . . . . . 8 66 4.4. DSCP, ECN and TTL . . . . . . . . . . . . . . . . . . . . 9 67 5. Backward Compatibility . . . . . . . . . . . . . . . . . . . 10 68 5.1. Detection of ETR Capabilities . . . . . . . . . . . . . . 10 69 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 70 6.1. LISP-GPE Next Protocol Registry . . . . . . . . . . . . . 11 71 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 72 8. Acknowledgements and Contributors . . . . . . . . . . . . . . 11 73 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 74 9.1. Normative References . . . . . . . . . . . . . . . . . . 12 75 9.2. Informative References . . . . . . . . . . . . . . . . . 13 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 78 1. Introduction 80 The LISP Data-Plane is defined in [I-D.ietf-lisp-rfc6830bis]. It 81 specifies an encapsulation format that carries IPv4 or IPv6 packets 82 (henceforth jointly referred to as IP) in a LISP header and outer 83 UDP/IP transport. 85 The LISP Data-Plane header does not specify the protocol being 86 encapsulated and therefore is currently limited to encapsulating only 87 IP packet payloads. Other protocols, most notably Virtual eXtensible 88 Local Area Network (VXLAN) [RFC7348] (which defines a similar header 89 format to LISP), are used to encapsulate Layer-2 (L2) protocols such 90 as Ethernet. 92 This document defines an extension for the LISP header, as defined in 93 [I-D.ietf-lisp-rfc6830bis], to indicate the inner protocol, enabling 94 the encapsulation of Ethernet, IP or any other desired protocol all 95 the while ensuring compatibility with existing LISP deployments. 97 A flag in the LISP header, called the P-bit, is used to signal the 98 presence of the 8-bit Next Protocol field. The Next Protocol field, 99 when present, uses 8 bits of the field that was allocated to the 100 echo-noncing and map-versioning features in 101 [I-D.ietf-lisp-rfc6830bis]. Those two features are no longer 102 available when the P-bit is used. However, appropriate LISP-GPE shim 103 headers can be defined to specify capabilities that are equivalent to 104 echo-noncing and/or map-versioning. 106 Since all of the reserved bits of the LISP Data-Plane header have 107 been allocated, LISP-GPE can also be used to extend the LISP Data- 108 Plane header by defining Next Protocol "shim" headers that implements 109 new data plane functions not supported in the LISP header. For 110 example, the use of the Group-Based Policy (GBP) header 111 [I-D.lemon-vxlan-lisp-gpe-gbp] or of the In-situ Operations, 112 Administration, and Maintenance (IOAM) header 113 [I-D.brockners-ippm-ioam-vxlan-gpe] with LISP-GPE, can be considered 114 an extension to add support in the Data-Plane for Group-Based Policy 115 functionalities or IOAM metadata. 117 1.1. Conventions 119 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 120 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 121 "OPTIONAL" in this document are to be interpreted as described in BCP 122 14 [RFC2119] [RFC8174] when, and only when, they appear in all 123 capitals, as shown here. 125 1.2. Definition of Terms 127 This document uses terms already defined in 128 [I-D.ietf-lisp-rfc6830bis]. 130 2. LISP Header Without Protocol Extensions 132 As described in Section 1, the LISP header has no protocol identifier 133 that indicates the type of payload being carried. Because of this, 134 LISP is limited to carrying IP payloads. 136 The LISP header [I-D.ietf-lisp-rfc6830bis] contains a series of flags 137 (some defined, some reserved), a Nonce/Map-version field and an 138 instance ID/Locator-status-bit field. The flags provide flexibility 139 to define how the various fields are encoded. Notably, Flag bit 5 is 140 the last reserved bit in the LISP header. 142 0 1 2 3 143 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 144 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 145 |N|L|E|V|I|R|K|K| Nonce/Map-Version | 146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 147 | Instance ID/Locator-Status-Bits | 148 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 150 Figure 1: LISP Header 152 3. Generic Protocol Extension for LISP (LISP-GPE) 154 This document defines two changes to the LISP header in order to 155 support multi-protocol encapsulation: the introduction of the P-bit 156 and the definition of a Next Protocol field. This document specifies 157 the protocol behavior when the P-bit is set to 1, no changes are 158 introduced when the P-bit is set to 0. The LISP-GPE header is shown 159 in Figure 2 and described below. 161 0 1 2 3 162 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 164 |N|L|E|V|I|P|K|K| Nonce/Map-Version/Next Protocol | 165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 166 | Instance ID/Locator-Status-Bits | 167 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 169 Figure 2: LISP-GPE Header 171 P-Bit: Flag bit 5 is defined as the Next Protocol bit. The P-bit is 172 set to 1 to indicate the presence of the 8 bit Next Protocol 173 field. 175 If the P-bit is clear (0) the LISP header is bit-by-bit equivalent 176 to the definition in [I-D.ietf-lisp-rfc6830bis]. 178 When the P-bit is set to 1, bits N, E, V, and bits 8-23 of the 179 'Nonce/Map-Version/Next Protocol' field MUST be set to zero on 180 transmission and ignored on receipt. Features equivalent to those 181 that were implemented with bits N,E and V in 182 [I-D.ietf-lisp-rfc6830bis], such as echo-noncing and map- 183 versioning, can be implemented by defining appropriate LISP-GPE 184 shim headers. 186 When the P-bit is set to 1, the LISP-GPE header is encoded as: 188 0 x 0 0 x 1 x x 189 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 190 |N|L|E|V|I|P|K|K| 0x0000 | Next Protocol | 191 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 192 | Instance ID/Locator-Status-Bits | 193 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 195 Figure 3: LISP-GPE with P-bit set to 1 197 Next Protocol: When the P-bit is set to 1, the lower 8 bits of the 198 first 32-bit word are used to carry a Next Protocol. This Next 199 Protocol field contains the protocol of the encapsulated payload 200 packet. 202 This document defines the following Next Protocol values: 204 0x01 : IPv4 206 0x02 : IPv6 208 0x03 : Ethernet 210 0x04 : Network Service Header (NSH) [RFC8300] 212 0x05 to 0x7D Unassigned 214 0x7E to 0x7F: Experimentation and testing 216 0x80 to 0xFD: Unassigned (shim headers) 218 0xFE to 0xFF: Experimentation and testing 220 The values are tracked in the IANA LISP-GPE Next Protocol Registry 221 as described in Section 6.1. 223 Next protocol values 0x7E, 0x7F and 0xFE, 0xFF are assigned for 224 experimentation and testing as per [RFC3692]. 226 Next protocol values from Ox80 to 0xFD are assigned to protocols 227 encoded as generic "shim" headers. All shim protocols MUST use the 228 header structure in Figure 4, which includes a Next Protocol field. 229 When a shim header is used with other protocols identified by next 230 protocol values from 0x0 to 0x7D, the shim header MUST come before 231 the further protocol, and the next header of the shim will indicate 232 which protocol follows the shim header. 234 Shim headers can be used to incrementally deploy new GPE features, 235 keeping the processing of shim headers known to a given xTR 236 implementation in the 'fast' path (typically an ASIC), while punting 237 the processing of the remaining new GPE features to the 'slow' path. 239 Shim protocols MUST have the first 32 bits defined as: 241 0 1 2 3 242 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 243 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 244 | Type | Length | Reserved | Next Protocol | 245 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 246 | | 247 ~ Protocol Specific Fields ~ 248 | | 249 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 251 Figure 4: Shim Header 253 Where: 255 Type: This field identifies the different messages of this protocol. 257 Length: The length, in 4-octect units, of this protocol message not 258 including the first 4 octects. 260 Reserved: The use of this field is reserved to the protocol defined 261 in this message. 263 Next Protocol Field: The next protocol field contains the protocol 264 of the encapsulated payload. The values are tracked in the IANA 265 LISP-GPE Next Protocol Registry as described in Section 6.1. 267 4. Implementation and Deployment Considerations 269 4.1. Applicability Statement 271 LISP-GPE conforms, as an UDP-based encapsulation protocol, to the UDP 272 usage guidelines as specified in [RFC8085]. The applicability of 273 these guidelines are dependent on the underlay IP network and the 274 nature of the encapsulated payload. 276 [RFC8085] outlines two applicability scenarios for UDP applications, 277 1) general Internet and 2) controlled environment. The controlled 278 environment means a single administrative domain or adjacent set of 279 cooperating domains. A network in a controlled environment can be 280 managed to operate under certain conditions whereas in general 281 Internet this cannot be done. Hence requirements for a tunnel 282 protocol operating under a controlled environment can be less 283 restrictive than the requirements of general internet. 285 LISP-GPE scope of applicability is the same set of use cases covered 286 by[I-D.ietf-lisp-rfc6830bis] for the LISP dataplane protocol. The 287 common property of these use cases is a large set of cooperating 288 entities seeking to communicate over the public Internet or other 289 large underlay IP infrastructures, while keeping the addressing and 290 topology of the cooperating entities separate from the underlay and 291 Internet topology, routing, and addressing. 293 LISP-GPE is meant to be deployed in network environments operated by 294 a single operator or adjacent set of cooperating network operators 295 that fits with the definition of controlled environments in 296 [RFC8085]. 298 For the purpose of this document, a traffic-managed controlled 299 environment (TMCE), outlined in [RFC8086], is defined as an IP 300 network that is traffic-engineered and/or otherwise managed (e.g., 301 via use of traffic rate limiters) to avoid congestion. Significant 302 portions of text in this Section are based on [RFC8086]. 304 It is the responsibility of the network operators to ensure that the 305 guidelines/requirements in this section are followed as applicable to 306 their LISP-GPE deployments 308 4.2. Congestion Control Functionality 310 LISP-GPE does not natively provide congestion control functionality 311 and relies on the payload protocol traffic for congestion control. 312 As such LISP-GPE MUST be used with congestion controlled traffic or 313 within a network that is traffic managed to avoid congestion (TMCE). 314 An operator of a traffic managed network (TMCE) may avoid congestion 315 by careful provisioning of their networks, rate-limiting of user data 316 traffic and traffic engineering according to path capacity. 318 Encapsulated payloads may have Explicit Congestion Notification 319 mechanisms that may or may not be mapped to the outer IP header ECN 320 field. Such new encapsulated payolads, when registered with LISP- 321 GPE, MUST be accompanied by a set of guidelines derived from 322 [I-D.ietf-tsvwg-ecn-encap-guidelines] and [RFC6040]. 324 4.3. UDP Checksum 326 For IP payloads, section 5.3 of [I-D.ietf-lisp-rfc6830bis] specifies 327 how to handle UDP Checksums encouraging implementors to consider UDP 328 checksum usage guidelines in section 3.4 of [RFC8085] when it is 329 desirable to protect UDP and LISP headers against corruption. 331 In order to provide integrity of LISP-GPE headers, options and 332 payload, for example to avoid mis-delivery of payload to different 333 tenant systems in case of data corruption, outer UDP checksum SHOULD 334 be used with LISP-GPE when transported over IPv4. The UDP checksum 335 provides a statistical guarantee that a payload was not corrupted in 336 transit. These integrity checks are not strong from a coding or 337 cryptographic perspective and are not designed to detect physical- 338 layer errors or malicious modification of the datagram (see 339 Section 3.4 of [RFC8085]). In deployments where such a risk exists, 340 an operator SHOULD use additional data integrity mechanisms such as 341 offered by IPSec. 343 An operator MAY choose to disable UDP checksum and use zero checksum 344 if LISP-GPE packet integrity is provided by other data integrity 345 mechanisms such as IPsec or additional checksums or if one of the 346 conditions in Section 4.3.1 a, b, c are met. 348 By default, UDP checksum MUST be used when LISP-GPE is transported 349 over IPv6. A tunnel endpoint MAY be configured for use with zero UDP 350 checksum if additional requirements in Section 4.3.1 are met. 352 4.3.1. UDP Zero Checksum Handling with IPv6 354 When LISP-GPE is used over IPv6, UDP checksum is used to protect IPv6 355 headers, UDP headers and LISP-GPE headers and payload from potential 356 data corruption. As such by default LISP-GPE MUST use UDP checksum 357 when transported over IPv6. An operator MAY choose to configure to 358 operate with zero UDP checksum if operating in a traffic managed 359 controlled environment as stated in Section 4.1 if one of the 360 following conditions are met: 362 a. It is known that the packet corruption is exceptionally unlikely 363 (perhaps based on knowledge of equipment types in their underlay 364 network) and the operator is willing to take a risk of undetected 365 packet corruption 367 b. It is judged through observational measurements (perhaps through 368 historic or current traffic flows that use non zero checksum) 369 that the level of packet corruption is tolerably low and where 370 the operator is willing to take the risk of undetected corruption 372 c. LISP-GPE payload is carrying applications that are tolerant of 373 misdelivered or corrupted packets (perhaps through higher layer 374 checksum validation and/or reliability through retransmission) 376 In addition LISP-GPE tunnel implementations using Zero UDP checksum 377 MUST meet the following requirements: 379 1. Use of UDP checksum over IPv6 MUST be the default configuration 380 for all LISP-GPE tunnels 382 2. If LISP-GPE is used with zero UDP checksum over IPv6 then such 383 xTR implementation MUST meet all the requirements specified in 384 section 4 of [RFC6936] and requirements 1 as specified in section 385 5 of [RFC6936] 387 3. The ETR that decapsulates the packet SHOULD check the source and 388 destination IPv6 addresses are valid for the LISP-GPE tunnel that 389 is configured to receive Zero UDP checksum and discard other 390 packets for which such check fails 392 4. The ITR that encapsulates the packet MAY use different IPv6 393 source addresses for each LISP-GPE tunnel that uses Zero UDP 394 checksum mode in order to strengthen the decapsulator's check of 395 the IPv6 source address (i.e the same IPv6 source address is not 396 to be used with more than one IPv6 destination address, 397 irrespective of whether that destination address is a unicast or 398 multicast address). When this is not possible, it is RECOMMENDED 399 to use each source address for as few LISP-GPE tunnels that use 400 zero UDP checksum as is feasible 402 5. Measures SHOULD be taken to prevent LISP-GPE traffic over IPv6 403 with zero UDP checksum from escaping into the general Internet. 404 Examples of such measures include employing packet filters at the 405 PETR and/or keeping logical or physical separation of LISP 406 network from networks carrying General Internet 408 The above requirements do not change either the requirements 409 specified in [RFC2460] as modified by [RFC6935] or the requirements 410 specified in [RFC6936]. 412 The requirement to check the source IPv6 address in addition to the 413 destination IPv6 address, plus the recommendation against reuse of 414 source IPv6 addresses among LISP-GPE tunnels collectively provide 415 some mitigation for the absence of UDP checksum coverage of the IPv6 416 header. A traffic-managed controlled environment that satisfies at 417 least one of three conditions listed at the beginning of this section 418 provides additional assurance. 420 4.4. DSCP, ECN and TTL 422 When encapsulating IP (including over Ethernet) packets [RFC2983] 423 provides guidance for mapping DSCP between inner and outer IP 424 headers. The Pipe model typically fits better Network 425 virtualization. The DSCP value on the tunnel header is set based on 426 a policy (which may be a fixed value, one based on the inner traffic 427 class, or some other mechanism for grouping traffic). Some aspects 428 of the Uniform model (which treats the inner and outer DSCP value as 429 a single field by copying on ingress and egress) may also apply, such 430 as the ability to remark the inner header on tunnel egress based on 431 transit marking. However, the Uniform model is not conceptually 432 consistent with network virtualization, which seeks to provide strong 433 isolation between encapsulated traffic and the physical network. 435 [RFC6040] describes the mechanism for exposing ECN capabilities on IP 436 tunnels and propagating congestion markers to the inner packets. 437 This behavior MUST be followed for IP packets encapsulated in LISP- 438 GPE. 440 Though Uniform or Pipe models could be used for TTL (or Hop Limit in 441 case of IPv6) handling when tunneling IP packets, Pipe model is more 442 aligned with network virtualization. [RFC2003] provides guidance on 443 handling TTL between inner IP header and outer IP tunnels; this model 444 is more aligned with the Pipe model and is recommended for use with 445 LISP-GPE for network virtualization applications. 447 When a LISP-GPE router performs Ethernet encapsulation, the inner 448 802.1Q [IEEE.802.1Q_2014] 3-bit priority code point (PCP) field MAY 449 be mapped from the encapsulated frame to the DSCP codepoint of the DS 450 field defined in [RFC2474]. 452 When a LISP-GPE router performs Ethernet encapsulation, the inner 453 header 802.1Q [IEEE.802.1Q_2014] VLAN Identifier (VID) MAY be mapped 454 to, or used to determine the LISP Instance IDentifier (IID) field. 456 5. Backward Compatibility 458 LISP-GPE uses the same UDP destination port (4341) allocated to LISP. 460 When encapsulating IP packets to a non LISP-GPE capable router the 461 P-bit MUST be set to 0. That is, the encapsulation format defined in 462 this document MUST NOT be sent to a router that has not indicated 463 that it supports this specification because such a router would 464 ignore the P-bit (as described in [I-D.ietf-lisp-rfc6830bis]) and so 465 would misinterpret the other LISP header fields possibly causing 466 significant errors. 468 5.1. Detection of ETR Capabilities 470 The discovery of xTR capabilities to support LISP-GPE is out of the 471 scope of this document. Given that the applicability domain of LISP- 472 GPE is a traffic-managed controlled environment, ITR/ETR (xTR) 473 configuration mechanisms may be used for this purpose. 475 6. IANA Considerations 477 6.1. LISP-GPE Next Protocol Registry 479 IANA is requested to set up a registry of LISP-GPE "Next Protocol". 480 These are 8-bit values. Next Protocol values in the table below are 481 defined in this document. New values are assigned under the 482 Specification Required policy [RFC8126]. The protocols that are 483 being assigned values do not themselves need to be IETF standards 484 track protocols. 486 +---------------+-----------------------------+---------------+ 487 | Next Protocol | Description | Reference | 488 +---------------+-----------------------------+---------------+ 489 | 0x0 | Reserved | This Document | 490 | 0x1 | IPv4 | This Document | 491 | 0x2 | IPv6 | This Document | 492 | 0x3 | Ethernet | This Document | 493 | 0x4 | NSH | This Document | 494 | 0x05..0x7D | Unassigned | | 495 | 0x7E..0x7F | Experimentation and testing | This Document | 496 | 0x80..0xFD | Unassigned (shim headers) | | 497 | 0x8E..0x8F | Experimentation and testing | This Document | 498 +---------------+-----------------------------+---------------+ 500 7. Security Considerations 502 LISP-GPE security considerations are similar to the LISP security 503 considerations and mitigation techniques documented in [RFC7835]. 505 LISP-GPE, as many encapsulations that use optional extensions, is 506 subject to on-path adversaries that by manipulating the P-Bit and the 507 packet itself can remove part of the payload or claim to encapsulate 508 any protocol payload type. Typical integrity protection mechanisms 509 (such as IPsec) SHOULD be used in combination with LISP-GPE by those 510 protocol extensions that want to protect from on-path attackers. 512 With LISP-GPE, issues such as data-plane spoofing, flooding, and 513 traffic redirection may depend on the particular protocol payload 514 encapsulated. 516 8. Acknowledgements and Contributors 518 A special thank you goes to Dino Farinacci for his guidance and 519 detailed review. 521 This Working Group (WG) document originated as draft-lewis-lisp-gpe; 522 the following are its coauthors and contributors along with their 523 respective affiliations at the time of WG adoption. The editor of 524 this document would like to thank and recognize them and their 525 contributions. These coauthors and contributors provided invaluable 526 concepts and content for this document's creation. 528 o Darrel Lewis, Cisco Systems, Inc. 530 o Fabio Maino, Cisco Systems, Inc. 532 o Paul Quinn, Cisco Systems, Inc. 534 o Michael Smith, Cisco Systems, Inc. 536 o Navindra Yadav, Cisco Systems, Inc. 538 o Larry Kreeger 540 o John Lemon, Broadcom 542 o Puneet Agarwal, Innovium 544 9. References 546 9.1. Normative References 548 [I-D.ietf-lisp-rfc6830bis] 549 Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. 550 Cabellos-Aparicio, "The Locator/ID Separation Protocol 551 (LISP)", draft-ietf-lisp-rfc6830bis-32 (work in progress), 552 March 2020. 554 [IEEE.802.1Q_2014] 555 IEEE, "IEEE Standard for Local and metropolitan area 556 networks--Bridges and Bridged Networks", IEEE 802.1Q-2014, 557 DOI 10.1109/ieeestd.2014.6991462, December 2014, 558 . 561 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 562 Requirement Levels", BCP 14, RFC 2119, 563 DOI 10.17487/RFC2119, March 1997, 564 . 566 [RFC6040] Briscoe, B., "Tunnelling of Explicit Congestion 567 Notification", RFC 6040, DOI 10.17487/RFC6040, November 568 2010, . 570 9.2. Informative References 572 [I-D.brockners-ippm-ioam-vxlan-gpe] 573 Brockners, F., Bhandari, S., Govindan, V., Pignataro, C., 574 Gredler, H., Leddy, J., Youell, S., Mizrahi, T., Kfir, A., 575 Gafni, B., Lapukhov, P., and M. Spiegel, "VXLAN-GPE 576 Encapsulation for In-situ OAM Data", draft-brockners-ippm- 577 ioam-vxlan-gpe-03 (work in progress), November 2019. 579 [I-D.ietf-tsvwg-ecn-encap-guidelines] 580 Briscoe, B., Kaippallimalil, J., and P. Thaler, 581 "Guidelines for Adding Congestion Notification to 582 Protocols that Encapsulate IP", draft-ietf-tsvwg-ecn- 583 encap-guidelines-13 (work in progress), May 2019. 585 [I-D.lemon-vxlan-lisp-gpe-gbp] 586 Lemon, J., Maino, F., Smith, M., and A. Isaac, "Group 587 Policy Encoding with VXLAN-GPE and LISP-GPE", draft-lemon- 588 vxlan-lisp-gpe-gbp-02 (work in progress), April 2019. 590 [RFC2003] Perkins, C., "IP Encapsulation within IP", RFC 2003, 591 DOI 10.17487/RFC2003, October 1996, 592 . 594 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 595 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 596 December 1998, . 598 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, 599 "Definition of the Differentiated Services Field (DS 600 Field) in the IPv4 and IPv6 Headers", RFC 2474, 601 DOI 10.17487/RFC2474, December 1998, 602 . 604 [RFC2983] Black, D., "Differentiated Services and Tunnels", 605 RFC 2983, DOI 10.17487/RFC2983, October 2000, 606 . 608 [RFC3692] Narten, T., "Assigning Experimental and Testing Numbers 609 Considered Useful", BCP 82, RFC 3692, 610 DOI 10.17487/RFC3692, January 2004, 611 . 613 [RFC6935] Eubanks, M., Chimento, P., and M. Westerlund, "IPv6 and 614 UDP Checksums for Tunneled Packets", RFC 6935, 615 DOI 10.17487/RFC6935, April 2013, 616 . 618 [RFC6936] Fairhurst, G. and M. Westerlund, "Applicability Statement 619 for the Use of IPv6 UDP Datagrams with Zero Checksums", 620 RFC 6936, DOI 10.17487/RFC6936, April 2013, 621 . 623 [RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, 624 L., Sridhar, T., Bursell, M., and C. Wright, "Virtual 625 eXtensible Local Area Network (VXLAN): A Framework for 626 Overlaying Virtualized Layer 2 Networks over Layer 3 627 Networks", RFC 7348, DOI 10.17487/RFC7348, August 2014, 628 . 630 [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID 631 Separation Protocol (LISP) Threat Analysis", RFC 7835, 632 DOI 10.17487/RFC7835, April 2016, 633 . 635 [RFC8085] Eggert, L., Fairhurst, G., and G. Shepherd, "UDP Usage 636 Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085, 637 March 2017, . 639 [RFC8086] Yong, L., Ed., Crabbe, E., Xu, X., and T. Herbert, "GRE- 640 in-UDP Encapsulation", RFC 8086, DOI 10.17487/RFC8086, 641 March 2017, . 643 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 644 Writing an IANA Considerations Section in RFCs", BCP 26, 645 RFC 8126, DOI 10.17487/RFC8126, June 2017, 646 . 648 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 649 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 650 May 2017, . 652 [RFC8300] Quinn, P., Ed., Elzur, U., Ed., and C. Pignataro, Ed., 653 "Network Service Header (NSH)", RFC 8300, 654 DOI 10.17487/RFC8300, January 2018, 655 . 657 Authors' Addresses 659 Fabio Maino (editor) 660 Cisco Systems 661 San Jose, CA 95134 662 USA 664 Email: fmaino@cisco.com 665 Jennifer Lemon 666 Broadcom 667 270 Innovation Drive 668 San Jose, CA 95134 669 USA 671 Email: jennifer.lemon@broadcom.com 673 Puneet Agarwal 674 Innovium 675 USA 677 Email: puneet@acm.org 679 Darrel Lewis 680 Cisco Systems 681 San Jose, CA 95134 682 USA 684 Email: darlewis@cisco.com 686 Michael Smith 687 Cisco Systems 688 San Jose, CA 95134 689 USA 691 Email: michsmit@cisco.com