idnits 2.17.1 draft-ietf-lisp-te-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 8 instances of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: An ELP that is first used by an ITR must be inspected for encoding loops. If any RLOC appears twice in the ELP, it MUST not be used. -- The document date (April 28, 2017) is 2555 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 6830 (Obsoleted by RFC 9300, RFC 9301) ** Obsolete normative reference: RFC 6833 (Obsoleted by RFC 9301) == Outdated reference: A later version (-19) exists of draft-ermagan-lisp-nat-traversal-12 Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force D. Farinacci 3 Internet-Draft lispers.net 4 Intended status: Experimental M. Kowal 5 Expires: October 30, 2017 cisco Systems 6 P. Lahiri 7 April 28, 2017 9 LISP Traffic Engineering Use-Cases 10 draft-ietf-lisp-te-00 12 Abstract 14 This document describes how LISP reencapsulating tunnels can be used 15 for Traffic Engineering purposes. The mechanisms described in this 16 document require no LISP protocol changes but do introduce a new 17 locator (RLOC) encoding. The Traffic Engineering features provided 18 by these LISP mechanisms can span intra-domain, inter-domain, or 19 combination of both. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on October 30, 2017. 38 Copyright Notice 40 Copyright (c) 2017 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Requirements Language . . . . . . . . . . . . . . . . . . . . 2 56 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 3. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3 58 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4 59 5. Explicit Locator Paths . . . . . . . . . . . . . . . . . . . 6 60 5.1. ELP Re-optimization . . . . . . . . . . . . . . . . . . . 7 61 5.2. Using Recursion . . . . . . . . . . . . . . . . . . . . . 8 62 5.3. ELP Selection based on Class of Service . . . . . . . . . 8 63 5.4. Packet Loop Avoidance . . . . . . . . . . . . . . . . . . 9 64 6. Service Chaining . . . . . . . . . . . . . . . . . . . . . . 10 65 7. RLOC Probing by RTRs . . . . . . . . . . . . . . . . . . . . 10 66 8. Interworking Considerations . . . . . . . . . . . . . . . . . 10 67 9. Multicast Considerations . . . . . . . . . . . . . . . . . . 11 68 10. Security Considerations . . . . . . . . . . . . . . . . . . . 13 69 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 70 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 14 71 12.1. Normative References . . . . . . . . . . . . . . . . . . 14 72 12.2. Informative References . . . . . . . . . . . . . . . . . 15 73 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . 15 74 Appendix B. Document Change Log . . . . . . . . . . . . . . . . 15 75 B.1. Changes to draft-ietf-lisp-te-00.txt . . . . . . . . . . 15 76 B.2. Changes to draft-farinacci-lisp-te-02 through -12 . . . . 15 77 B.3. Changes to draft-farinacci-lisp-te-01.txt . . . . . . . . 15 78 B.4. Changes to draft-farinacci-lisp-te-00.txt . . . . . . . . 16 79 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 81 1. Requirements Language 83 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 84 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 85 document are to be interpreted as described in RFC 2119 [RFC2119]. 87 2. Introduction 89 This document describes the Locator/Identifier Separation Protocol 90 (LISP), which provides a set of functions for routers to exchange 91 information used to map from non globally routeable Endpoint 92 Identifiers (EIDs) to routeable Routing Locators (RLOCs). It also 93 defines a mechanism for these LISP routers to encapsulate IP packets 94 addressed with EIDs for transmission across the Internet that uses 95 RLOCs for routing and forwarding. 97 When LISP routers encapsulate packets to other LISP routers, the path 98 stretch is typically 1, meaning the packet travels on a direct path 99 from the encapsulating ITR to the decapsulating ETR at the 100 destination site. The direct path is determined by the underlying 101 routing protocol and metrics it uses to find the shortest path. 103 This specification will examine how reencapsulating tunnels [RFC6830] 104 can be used so a packet can take an adminstratively specified path, a 105 congestion avoidance path, a failure recovery path, or multiple load- 106 shared paths, as it travels from ITR to ETR. By introducing an 107 Explicit Locator Path (ELP) locator encoding [RFC8060], an ITR can 108 encapsulate a packet to a Reencapsulating Tunnel Router (RTR) which 109 decapsulates the packet, then encapsulates it to the next locator in 110 the ELP. 112 3. Definition of Terms 114 Endpoint ID (EID): An EID is a 32-bit (for IPv4) or 128-bit (for 115 IPv6) value used in the source and destination address fields of 116 the first (most inner) LISP header of a packet. The host obtains 117 a destination EID the same way it obtains an destination address 118 today, for example through a Domain Name System (DNS) [RFC1034] 119 lookup or Session Invitation Protocol (SIP) [RFC3261] exchange. 120 The source EID is obtained via existing mechanisms used to set a 121 host's "local" IP address. An EID used on the public Internet 122 must have the same properties as any other IP address used in that 123 manner; this means, among other things, that it must be globally 124 unique. An EID is allocated to a host from an EID-prefix block 125 associated with the site where the host is located. An EID can be 126 used by a host to refer to other hosts. EIDs MUST NOT be used as 127 LISP RLOCs. Note that EID blocks MAY be assigned in a 128 hierarchical manner, independent of the network topology, to 129 facilitate scaling of the mapping database. In addition, an EID 130 block assigned to a site may have site-local structure 131 (subnetting) for routing within the site; this structure is not 132 visible to the global routing system. In theory, the bit string 133 that represents an EID for one device can represent an RLOC for a 134 different device. As the architecture is realized, if a given bit 135 string is both an RLOC and an EID, it must refer to the same 136 entity in both cases. When used in discussions with other 137 Locator/ID separation proposals, a LISP EID will be called a 138 "LEID". Throughout this document, any references to "EID" refers 139 to an LEID. 141 Routing Locator (RLOC): A RLOC is an IPv4 [RFC0791] or IPv6 142 [RFC2460] address of an egress tunnel router (ETR). A RLOC is the 143 output of an EID-to-RLOC mapping lookup. An EID maps to one or 144 more RLOCs. Typically, RLOCs are numbered from topologically- 145 aggregatable blocks that are assigned to a site at each point to 146 which it attaches to the global Internet; where the topology is 147 defined by the connectivity of provider networks, RLOCs can be 148 thought of as PA addresses. Multiple RLOCs can be assigned to the 149 same ETR device or to multiple ETR devices at a site. 151 Reencapsulating Tunnel Router (RTR): An RTR is a router that acts 152 as an ETR (or PETR) by decapsulating packets where the destination 153 address in the "outer" IP header is one of its own RLOCs. Then 154 acts as an ITR (or PITR) by making a decision where to encapsulate 155 the packet based on the next locator in the ELP towards the final 156 destination ETR. 158 Explicit Locator Path (ELP): The ELP is an explicit list of RLOCs 159 for each RTR a packet must travel to along its path toward a final 160 destination ETR (or PETR). The list is a strict ordering where 161 each RLOC in the list is visited. However, the path from one RTR 162 to another is determined by the underlying routing protocol and 163 how the infrastructure assigns metrics and policies for the path. 165 Recursive Tunneling: Recursive tunneling occurs when a packet has 166 more than one LISP IP header. Additional layers of tunneling MAY 167 be employed to implement traffic engineering or other re-routing 168 as needed. When this is done, an additional "outer" LISP header 169 is added and the original RLOCs are preserved in the "inner" 170 header. Any references to tunnels in this specification refers to 171 dynamic encapsulating tunnels and they are never statically 172 configured. 174 Reencapsulating Tunnels: Reencapsulating tunneling occurs when an 175 ETR removes a LISP header, then acts as an ITR to prepend another 176 LISP header. Doing this allows a packet to be re-routed by the 177 reencapsulating router without adding the overhead of additional 178 tunnel headers. Any references to tunnels in this specification 179 refers to dynamic encapsulating tunnels and they are never 180 statically configured. When using multiple mapping database 181 systems, care must be taken to not create reencapsulation loops 182 through misconfiguration. 184 4. Overview 186 Typically, a packet's path from source EID to destination EID travels 187 through the locator core via the encapsulating ITR directly to the 188 decapsulating ETR as the following diagram illustrates: 190 Legend: 192 seid: Packet is originated by source EID 'seid'. 194 deid: Packet is consumed by destination EID 'deid'. 196 A,B,C,D : Core routers in different ASes. 198 ---> : The physical topological path between two routers. 200 ===> : A multi-hop LISP dynamic tunnel between LISP routers. 202 Core Network 203 Source site (----------------------------) Destination Site 204 +--------+ ( ) +---------+ 205 | \ ( ) / | 206 | seid ITR ---(---> A --> B --> C --> D ---)---> ETR deid | 207 | / || ( ) ^^ \ | 208 +--------+ || ( ) || +---------+ 209 || (----------------------------) || 210 || || 211 =========================================== 212 LISP Tunnel 214 Typical Data Path from ITR to ETR 216 Let's introduce RTRs 'X' and 'Y' so that, for example, if it is 217 desirable to route around the path from B to C, one could provide an 218 ELP of (X,Y,etr): 220 Core Network 221 Source site (----------------------------) Destination Site 222 +--------+ ( ) +---------+ 223 | \ ( ) / | 224 | seid ITR ---(---> A --> B --> C --> D ---)---> ETR deid | 225 | / || ( / ^ ) ^^ \ | 226 | / || ( | \ ) || \ | 227 +-------+ || ( v | ) || +--------+ 228 || ( X ======> Y ) || 229 || ( ^^ || ) || 230 || (--------||---------||-------) || 231 || || || || 232 ================= ================= 233 LISP Tunnel LISP Tunnel 235 ELP tunnel path ITR ==> X, then X ==> Y, and then Y ==> ETR 237 There are various reasons why the path from 'seid' to 'deid' may want 238 to avoid the path from B to C. To list a few: 240 o There may not be sufficient capacity provided by the networks that 241 connect B and C together. 243 o There may be a policy reason to avoid the ASes that make up the 244 path between B and C. 246 o There may be a failure on the path between B and C which makes the 247 path unreliable. 249 o There may be monitoring or traffic inspection resources close to 250 RTRs X and Y that do network accounting or measurement. 252 o There may be a chain of services performed at RTRs X and Y 253 regardless if the path from ITR to ETR is through B and C. 255 5. Explicit Locator Paths 257 The notation for a general formatted ELP is (x, y, etr) which 258 represents the list of RTRs a packet SHOULD travel through to reach 259 the final tunnel hop to the ETR. 261 The procedure for using an ELP at each tunnel hop is as follows: 263 1. The ITR will retrieve the ELP from the mapping database. 265 2. The ITR will encapsulate the packet to RLOC 'x'. 267 3. The RTR with RLOC 'x' will decapsulate the packet. It will use 268 the decapsulated packet's destination address as a lookup into 269 the mapping database to retrieve the ELP. 271 4. RTR 'x' will encapsulate the packet to RTR with RLOC 'y'. 273 5. The RTR with RLOC 'y' will decapsulate the packet. It will use 274 the decapsulated packet's destination address as a lookup into 275 the mapping database to retrieve the ELP. 277 6. RTR 'y' will encapsulate the packet on the final tunnel hop to 278 ETR with RLOC 'etr'. 280 7. The ETR will decapsulate the packet and deliver the packet to the 281 EID inside of its site. 283 The specific format for the ELP can be found in [RFC8060]. It is 284 defined that an ELP will appear as a single encoded locator in a 285 locator-set. Say for instance, we have a mapping entry for EID- 286 prefix 10.0.0.0/8 that is reachable via 4 locators. Two locators are 287 being used as active/active and the other two are used as active/ 288 active if the first two go unreachable (as noted by the priority 289 assignments below). This is what the mapping entry would look like: 291 EID-prefix: 10.0.0.0/8 292 Locator-set: ETR-A: priority 1, weight 50 293 ETR-B: priority 1, weight 50 294 ETR-C: priority 2, weight 50 295 ETR-D: priority 2, weight 50 297 If an ELP is going to be used to have a policy path to ETR-A and 298 possibly another policy path to ETR-B, the locator-set would be 299 encoded as follows: 301 EID-prefix: 10.0.0.0/8 302 Locator-set: (x, y, ETR-A): priority 1, weight 50 303 (q, r, ETR-B): priority 1, weight 50 304 ETR-C: priority 2, weight 50 305 ETR-D: priority 2, weight 50 307 The mapping entry with ELP locators is registered to the mapping 308 database system just like any other mapping entry would. The 309 registration is typically performed by the ETR(s) that are assigned 310 and own the EID-prefix. That is, the destination site makes the 311 choice of the RTRs in the ELP. However, it may be common practice 312 for a provisioning system to program the mapping database with ELPs. 314 Another case where a locator-set can be used for flow-based load- 315 sharing across multiple paths to the same destination site: 317 EID-prefix: 10.0.0.0/8 318 Locator-set: (x, y, ETR-A): priority 1, weight 75 319 (q, r, ETR-A): priority 1, weight 25 321 Using this mapping entry, an ITR would load split 75% of the EID 322 flows on the (x, y, ETR-A) ELP path and 25% of the EID flows on the 323 (q, r, ETR-A) ELP path. If any of the ELPs go down, then the other 324 can take 100% of the load. 326 5.1. ELP Re-optimization 328 ELP re-optimization is a process of changing the RLOCs of an ELP due 329 to underlying network change conditions. Just like when there is any 330 locator change for a locator-set, the procedures from the main LISP 331 specification [RFC6830] are followed. 333 When a RLOC from an ELP is changed, Map-Notify messages [RFC6833] can 334 be used to inform the existing RTRs in the ELP so they can do a 335 lookup to obtain the latest version of the ELP. Map-Notify messages 336 can also be sent to new RTRs in an ELP so they can get the ELP in 337 advance to receiving packets that will use the ELP. This can 338 minimize packet loss during mapping database lookups in RTRs. 340 5.2. Using Recursion 342 In the previous examples, we showed how an ITR encapsulates using an 343 ELP of (x, y, etr). When a packet is encapsulated by the ITR to RTR 344 'x', the RTR may want a policy path to RTR 'y' and run another level 345 of reencapsulating tunnels for packets destined to RTR 'y'. In this 346 case, RTR 'x' does not encapsulate packets to 'y' but rather performs 347 a mapping database lookup on the address 'y', requests the ELP for 348 RTR 'y', and encapsulates packets to the first-hop of the returned 349 ELP. This can be done when using a public or private mapping 350 database. The decision to use address 'y' as an encapsulation 351 address versus a lookup address is based on the L-bit setting for 'y' 352 in the ELP entry. The decision and policy of ELP encodings are local 353 to the entity which registers the EID-prefix associated with the ELP. 355 Another example of recursion is when the ITR uses the ELP (x, y, etr) 356 to first prepend a header with a destination RLOC of the ETR and then 357 prepend another header and encapsulate the packet to RTR 'x'. When 358 RTR 'x' decapsulates the packet, rather than doing a mapping database 359 lookup on RTR 'y' the last example showed, instead RTR 'x' does a 360 mapping database lookup on ETR 'etr'. In this scenario, RTR 'x' can 361 choose an ELP from the locator-set by considering the source RLOC 362 address of the ITR versus considering the source EID. 364 This additional level of recursion also brings advantages for the 365 provider of RTR 'x' to store less state. Since RTR 'x' does not need 366 to look at the inner most header, it does not need to store EID 367 state. It only stores an entry for RTR 'y' which many EID flows 368 could share for scaling benefits. The locator-set for entry 'y' 369 could either be a list of typical locators, a list of ELPs, or 370 combination of both. Another advantage is that packet load-splitting 371 can be accomplished by examining the source of a packet. If the 372 source is an ITR versus the source being the last-hop of an ELP the 373 last-hop selected, different forwarding paths can be used. 375 5.3. ELP Selection based on Class of Service 377 Paths to an ETR may want to be selected based on different classes of 378 service. Packets from a set of sources that have premium service can 379 use ELP paths that are less congested where normal sources use ELP 380 paths that compete for less resources or use longer paths for best 381 effort service. 383 Using source/destination lookups into the mapping database can yield 384 different ELPs. So for example, a premium service flow with 385 (source=1.1.1.1, dest=10.1.1.1) can be described by using the 386 following mapping entry: 388 EID-prefix: (1.0.0.0/8, 10.0.0.0/8) 389 Locator-set: (x, y, ETR-A): priority 1, weight 50 390 (q, r, ETR-A): priority 1, weight 50 392 And all other best-effort sources would use different mapping entry 393 described by: 395 EID-prefix: (0.0.0.0/0, 10.0.0.0/8) 396 Locator-set: (x, x', y, y', ETR-A): priority 1, weight 50 397 (q, q', r, r', ETR-A): priority 1, weight 50 399 If the source/destination lookup is coupled with recursive lookups, 400 then an ITR can encapsulate to the ETR, prepending a header that 401 selects source address ITR-1 based on the premium class of service 402 source, or selects source address ITR-2 for best-effort sources with 403 normal class of service. The ITR then does another lookup in the 404 mapping database on the prepended header using lookup key 405 (source=ITR-1, dest=10.1.1.1) that returns the following mapping 406 entry: 408 EID-prefix: (ITR-1, 10.0.0.0/8) 409 Locator-set: (x, y, ETR-A): priority 1, weight 50 410 (q, r, ETR-A): priority 1, weight 50 412 And all other sources would use different mapping entry with a lookup 413 key of (source=ITR-2, dest=10.1.1.1): 415 EID-prefix: (ITR-2, 10.0.0.0/8) 416 Locator-set: (x, x', y, y', ETR-A): priority 1, weight 50 417 (q, q', r, r', ETR-A): priority 1, weight 50 419 This will scale the mapping system better by having fewer source/ 420 destination combinations. Refer to the Source/Dest LCAF type 421 described in [RFC8060] for encoding EIDs in Map-Request and Map- 422 Register messages. 424 5.4. Packet Loop Avoidance 426 An ELP that is first used by an ITR must be inspected for encoding 427 loops. If any RLOC appears twice in the ELP, it MUST not be used. 429 Since it is expected that multiple mapping systems will be used, 430 there can be a loop across ELPs when registered in different mapping 431 systems. The TTL copying procedures for reencapsulating tunnels and 432 recursive tunnels in [RFC6830] MUST be followed. 434 6. Service Chaining 436 An ELP can be used to deploy services at each reencapsulation point 437 in the network. One example is to implement a scrubber service when 438 a destination EID is being DoS attacked. That is, when a DoS attack 439 is recognized when the encapsulation path is between ITR and ETR, an 440 ELP can be registered for a destination EID to the mapping database 441 system. The ELP can include an RTR so the ITR can encapsulate 442 packets to the RTR which will decapsulate and deliver packets to a 443 scrubber service device. The scrubber could decide if the offending 444 packets are dropped or allowed to be sent to the destination EID. In 445 which case, the scurbber delivers packets back to the RTR which 446 encapsulates to the ETR. 448 7. RLOC Probing by RTRs 450 Since an RTR knows the next tunnel hop to encapsulate to, it can 451 monitor the reachability of the next-hop RTR RLOC by doing RLOC- 452 probing according to the procedures in [RFC6830]. When the RLOC is 453 determined unreachable by the RLOC-probing mechanisms, the RTR can 454 use another locator in the locator-set. That could be the final ETR, 455 a RLOC of another RTR, or an ELP where it must search for itself and 456 use the next RLOC in the ELP list to encapsulate to. 458 RLOC-probing can also be used to measure delay on the path between 459 RTRs and when it is desirable switch to another lower delay ELP. 461 8. Interworking Considerations 463 [RFC6832] defines procedures for how non-LISP sites talk to LISP 464 sites. The network elements defined in the Interworking 465 specification, the proxy ITR (PITR) and proxy ETR (PETR) (as well as 466 their multicast counterparts defined in [RFC6831]) can participate in 467 LISP-TE. That is, a PITR and a PETR can appear in an ELP list and 468 act as an RTR. 470 Note when an RLOC appears in an ELP, it can be of any address-family. 471 There can be a mix of IPv4 and IPv6 locators present in the same ELP. 472 This can provide benefits where islands of one address-family or the 473 other are supported and connectivity across them is necessary. For 474 instance, an ELP can look like: 476 (x4, a46, b64, y4, etr) 477 Where an IPv4 ITR will encapsulate using an IPv4 RLOC 'x4' and 'x4' 478 could reach an IPv4 RLOC 'a46', but RTR 'a46' encapsulates to an IPv6 479 RLOC 'b64' when the network between them is IPv6-only. Then RTR 480 'b64' encapsulates to IPv4 RLOC 'y4' if the network between them is 481 dual-stack. 483 Note that RTRs can be used for NAT-traversal scenarios 484 [I-D.ermagan-lisp-nat-traversal] as well to reduce the state in both 485 an xTR that resides behind a NAT and the state the NAT needs to 486 maintain. In this case, the xTR only needs a default map-cache entry 487 pointing to the RTR for outbound traffic and all remote ITRs can 488 reach EIDs through the xTR behind a NAT via a single RTR (or a small 489 set RTRs for redundancy). 491 RTRs have some scaling features to reduce the number of locator-set 492 changes, the amount of state, and control packet overhead: 494 o When ITRs and PITRs are using a small set of RTRs for 495 encapsulating to "orders of magnitude" more EID-prefixes, the 496 probability of locator-set changes are limited to the RTR RLOC 497 changes versus the RLOC changes for the ETRs associated with the 498 EID-prefixes if the ITRs and PITRs were directly encapsulating to 499 the ETRs. This comes at an expense in packet stretch, but 500 depending on RTR placement, this expense can be mitigated. 502 o When RTRs are on-path between many pairwise EID flows, ITRs and 503 PITRs can store a small number of coarse EID-prefixes. 505 o RTRs can be used to help scale RLOC-probing. Instead of ITRs 506 RLOC-probing all ETRs for each destination site it has cached, the 507 ITRs can probe a smaller set of RTRs which in turn, probe the 508 destination sites. 510 9. Multicast Considerations 512 ELPs have application in multicast environments. Just like RTRs can 513 be used to provide connectivity across different address family 514 islands, RTRs can help concatenate a multicast region of the network 515 to one that does not support native multicast. 517 Note there are various combinations of connectivity that can be 518 accomplished with the deployment of RTRs and ELPs: 520 o Providing multicast forwarding between IPv4-only-unicast regions 521 and IPv4-multicast regions. 523 o Providing multicast forwarding between IPv6-only-unicast regions 524 and IPv6-multicast regions. 526 o Providing multicast forwarding between IPv4-only-unicast regions 527 and IPv6-multicast regions. 529 o Providing multicast forwarding between IPv6-only-unicast regions 530 and IPv4-multicast regions. 532 o Providing multicast forwarding between IPv4-multicast regions and 533 IPv6-multicast regions. 535 An ITR or PITR can do a (S-EID,G) lookup into the mapping database. 536 What can be returned is a typical locator-set that could be made up 537 of the various RLOC addresses: 539 Multicast EID key: (seid, G) 540 Locator-set: ETR-A: priority 1, weight 25 541 ETR-B: priority 1, weight 25 542 g1: priority 1, weight 25 543 g2: priority 1, weight 25 545 An entry for host 'seid' sending to application group 'G' 547 The locator-set above can be used as a replication list. That is 548 some RLOCs listed can be unicast RLOCs and some can be delivery group 549 RLOCs. A unicast RLOC in this case is used to encapsulate a 550 multicast packet originated by a multicast source EID into a unicast 551 packet for unicast delivery on the underlying network. ETR-A could 552 be a IPv4 unicast RLOC address and ETR-B could be a IPv6 unicast RLOC 553 address. 555 A delivery group address is used when a multicast packet originated 556 by a multicast source EID is encapsulated in a multicast packet for 557 multicast delivery on the underlying network. Group address 'g1' 558 could be a IPv4 delivery group RLOC and group address 'g2' could be 559 an IPv6 delivery group RLOC. 561 Flexibility for these various types of connectivity combinations can 562 be achieved and provided by the mapping database system. And the RTR 563 placement allows the connectivity to occur where the differences in 564 network functionality are located. 566 Extending this concept by allowing ELPs in locator-sets, one could 567 have this locator-set registered in the mapping database for (seid, 568 G). For example: 570 Multicast EID key: (seid, G) 571 Locator-set: (x, y, ETR-A): priority 1, weight 50 572 (a, g, b, ETR-B): priority 1, weight 50 574 Using ELPs for multicast flows 576 In the above situation, an ITR would encapsulate a multicast packet 577 originated by a multicast source EID to the RTR with unicast RLOC 578 'x'. Then RTR 'x' would decapsulate and unicast encapsulate to RTR 579 'y' ('x' or 'y' could be either IPv4 or IPv6 unicast RLOCs), which 580 would decapsulate and unicast encapsulate to the final RLOC 'ETR-A'. 581 The ETR 'ETR-A' would decapsulate and deliver the multicast packet 582 natively to all the receivers joined to application group 'G' inside 583 the LISP site. 585 Let's look at the ITR using the ELP (a, g, b, ETR-B). Here the 586 encapsulation path would be the ITR unicast encapsulates to unicast 587 RLOC 'a'. RTR 'a' multicast encapsulates to delivery group 'g'. The 588 packet gets to all ETRs that have joined delivery group 'g' so they 589 can deliver the multicast packet to joined receivers of application 590 group 'G' in their sites. RTR 'b' is also joined to delivery group 591 'g'. Since it is in the ELP, it will be the only RTR that unicast 592 encapsulates the multicast packet to ETR 'ETR-B'. Lastly, 'ETR-B' 593 decapsulates and delivers the multicast packet to joined receivers to 594 application group 'G' in its LISP site. 596 As one can see there are all sorts of opportunities to provide 597 multicast connectivity across a network with non-congruent support 598 for multicast and different address-families. One can also see how 599 using the mapping database can allow flexible forms of delivery 600 policy, rerouting, and congestion control management in multicast 601 environments. 603 10. Security Considerations 605 When an RTR receives a LISP encapsulated packet, it can look at the 606 outer source address to verify that RLOC is the one listed as the 607 previous hop in the ELP list. If the outer source RLOC address 608 appears before the RLOC which matches the outer destination RLOC 609 address, the decapsulating RTR (or ETR if last hop), MAY choose to 610 drop the packet. 612 11. IANA Considerations 614 At this time there are no requests for IANA. 616 12. References 618 12.1. Normative References 620 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, 621 DOI 10.17487/RFC0791, September 1981, 622 . 624 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 625 STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, 626 . 628 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 629 Requirement Levels", BCP 14, RFC 2119, 630 DOI 10.17487/RFC2119, March 1997, 631 . 633 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 634 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 635 December 1998, . 637 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 638 A., Peterson, J., Sparks, R., Handley, M., and E. 639 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 640 DOI 10.17487/RFC3261, June 2002, 641 . 643 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 644 Locator/ID Separation Protocol (LISP)", RFC 6830, 645 DOI 10.17487/RFC6830, January 2013, 646 . 648 [RFC6831] Farinacci, D., Meyer, D., Zwiebel, J., and S. Venaas, "The 649 Locator/ID Separation Protocol (LISP) for Multicast 650 Environments", RFC 6831, DOI 10.17487/RFC6831, January 651 2013, . 653 [RFC6832] Lewis, D., Meyer, D., Farinacci, D., and V. Fuller, 654 "Interworking between Locator/ID Separation Protocol 655 (LISP) and Non-LISP Sites", RFC 6832, 656 DOI 10.17487/RFC6832, January 2013, 657 . 659 [RFC6833] Fuller, V. and D. Farinacci, "Locator/ID Separation 660 Protocol (LISP) Map-Server Interface", RFC 6833, 661 DOI 10.17487/RFC6833, January 2013, 662 . 664 [RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical 665 Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060, 666 February 2017, . 668 12.2. Informative References 670 [I-D.ermagan-lisp-nat-traversal] 671 Ermagan, V., Farinacci, D., Lewis, D., Skriver, J., Maino, 672 F., and C. White, "NAT traversal for LISP", draft-ermagan- 673 lisp-nat-traversal-12 (work in progress), March 2017. 675 Appendix A. Acknowledgments 677 The authors would like to thank the following people for their ideas 678 and comments. They are Albert Cabellos, Khalid Raza, and Vina 679 Ermagan, and Gregg Schudel. 681 Appendix B. Document Change Log 683 B.1. Changes to draft-ietf-lisp-te-00.txt 685 o Posted April 2017. 687 o Changed draft-farinacci-lisp-te-12 to working group document. 689 B.2. Changes to draft-farinacci-lisp-te-02 through -12 691 o Many postings from January 2013 through February 2017. 693 o Update references and document timer. 695 B.3. Changes to draft-farinacci-lisp-te-01.txt 697 o Posted July 2012. 699 o Add the Lookup bit to allow an ELP to be a list of encapsulation 700 and/or mapping database lookup addresses. 702 o Indicate that ELPs can be used for service chaining. 704 o Add text to indicate that Map-Notify messages can be sent to new 705 RTRs in a ELP so their map-caches can be pre-populated to avoid 706 mapping database lookup packet loss. 708 o Fixes to editorial comments from Gregg. 710 B.4. Changes to draft-farinacci-lisp-te-00.txt 712 o Initial draft posted March 2012. 714 Authors' Addresses 716 Dino Farinacci 717 lispers.net 718 San Jose, California 719 USA 721 Phone: 408-718-2001 722 Email: farinacci@gmail.com 724 Michael Kowal 725 cisco Systems 726 111 Wood Avenue South 727 ISELIN, NJ 728 USA 730 Email: mikowal@cisco.com 732 Parantap Lahiri 733 USA 735 Email: parantap.lahiri@gmail.com