idnits 2.17.1 draft-smith-lisp-layer2-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 06, 2013) is 3885 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 6830 (Obsoleted by RFC 9300, RFC 9301) == Outdated reference: A later version (-06) exists of draft-farinacci-lisp-mr-signaling-02 == Outdated reference: A later version (-09) exists of draft-ietf-lisp-ddt-01 == Outdated reference: A later version (-22) exists of draft-ietf-lisp-lcaf-02 == Outdated reference: A later version (-09) exists of draft-mahalingam-dutt-dcops-vxlan-04 Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group M. Smith 3 Internet-Draft Insieme Networks 4 Intended status: Experimental D. Dutt 5 Expires: March 10, 2014 Cumulus Networks 6 D. Farinacci 7 lispers.net 8 F. Maino 9 Cisco Systems 10 September 06, 2013 12 Layer 2 (L2) LISP Encapsulation Format 13 draft-smith-lisp-layer2-03 15 Abstract 17 This memo describes an encapsulation method for carrying Ethernet and 18 IEEE 802 media access control (MAC) frames within the Locator/ID 19 Separation Protocol (LISP). 21 Requirements Language 23 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 24 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 25 document are to be interpreted as described in [RFC2119]. 27 Status of This Memo 29 This Internet-Draft is submitted in full conformance with the 30 provisions of BCP 78 and BCP 79. 32 Internet-Drafts are working documents of the Internet Engineering 33 Task Force (IETF). Note that other groups may also distribute 34 working documents as Internet-Drafts. The list of current Internet- 35 Drafts is at http://datatracker.ietf.org/drafts/current/. 37 Internet-Drafts are draft documents valid for a maximum of six months 38 and may be updated, replaced, or obsoleted by other documents at any 39 time. It is inappropriate to use Internet-Drafts as reference 40 material or to cite them other than as "work in progress." 42 This Internet-Draft will expire on March 10, 2014. 44 Copyright Notice 46 Copyright (c) 2013 IETF Trust and the persons identified as the 47 document authors. All rights reserved. 49 This document is subject to BCP 78 and the IETF Trust's Legal 50 Provisions Relating to IETF Documents 51 (http://trustee.ietf.org/license-info) in effect on the date of 52 publication of this document. Please review these documents 53 carefully, as they describe your rights and restrictions with respect 54 to this document. Code Components extracted from this document must 55 include Simplified BSD License text as described in Section 4.e of 56 the Trust Legal Provisions and are provided without warranty as 57 described in the Simplified BSD License. 59 Table of Contents 61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 62 2. Basic Overview . . . . . . . . . . . . . . . . . . . . . . . 2 63 3. Layer 2 LISP Encapsulation . . . . . . . . . . . . . . . . . 3 64 3.1. VXLAN . . . . . . . . . . . . . . . . . . . . . . . . . . 3 65 3.2. L2 LISP . . . . . . . . . . . . . . . . . . . . . . . . . 4 66 4. MTU Considerations . . . . . . . . . . . . . . . . . . . . . 5 67 5. Overlays for Network Virtualization . . . . . . . . . . . . . 5 68 6. LISP Mapping System . . . . . . . . . . . . . . . . . . . . . 6 69 7. Security Considerations . . . . . . . . . . . . . . . . . . . 7 70 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 71 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 72 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 73 10.1. Normative References . . . . . . . . . . . . . . . . . . 7 74 10.2. Informative References . . . . . . . . . . . . . . . . . 7 75 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 77 1. Introduction 79 LISP [RFC6830] specifies an architecture and method for separating 80 the location of an endpoint from its network identifier. It does 81 this by using two separate name spaces: EIDs representing the network 82 identifier of the endpoint and RLOCs representing the network 83 location of the endpoint. This document extends the LISP 84 specifications to allow Ethernet/IEEE 802 MAC frames to be carried 85 within the LISP frame. The MAC addresses of the encapsulated 86 Ethernet/IEEE 802 MAC frames will be used as EIDs. 88 2. Basic Overview 90 L2 LISP specifies the mechanism on which to carry L2 traffic over a 91 LISP network. Within an L2 LISP environment, the source and 92 destination MAC addresses of the Ethernet/IEEE 802.3 packet are used 93 as the source and destination EIDs. The RLOCs can use IPv4 or IPv6 94 addressing. The entire MAC frame is encapsulated with the exception 95 of the preamble and trailing FCS. It should be noted that L2 LISP 96 introduces the possibility of packet reordering during route topology 97 changes due to the usage of IP as the network substrate. 99 This memo addresses the data plane and frame format details of L2 100 LISP. The control plane details are outside the scope of this memo. 102 3. Layer 2 LISP Encapsulation 104 The layer 2 LISP encapsulation is based on the LISP header defined in 105 the LISP specification [RFC6830]. The UDP and LISP headers are shown 106 below for reference. For header fields description see section 5.3 107 of [RFC6830]. 109 0 1 2 3 110 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 111 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 112 | IPv4 or IPv6 Header (with RLOC addresses) | 113 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 114 / | Source Port = xxxx | Dest Port = 4341 | 115 UDP +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 116 \ | UDP Length | UDP Checksum | 117 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 118 L |N|L|E|V|I|flags| Nonce/Map-Version | 119 I \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 120 S / | Instance ID/Locator Status Bits | 121 P +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 123 When the headers are used for encapsulating L2 frames, the UDP 124 Destination Port is set to 8472. 126 3.1. VXLAN 128 The VXLAN [I-D.mahalingam-dutt-dcops-vxlan] header is achieved by 129 setting the L2 LISP header bits as shown in the figure below. 130 According to [I-D.mahalingam-dutt-dcops-vxlan] the I flag MUST be set 131 to 1 for a valid VXLAN Network ID (VNI). The figure shows the whole 132 VXLAN frame, including the original inner L2 frame. 134 0 1 2 3 135 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 136 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 137 | IPv4 or IPv6 Header (with RLOC addresses) | 138 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 139 / | Source Port = xxxx | Dest Port = 8472 | 140 UDP +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 141 \ | UDP Length | UDP Checksum | 142 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 143 L |0 0 0 0|I|0 0 0| Not Used | 144 I \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 145 S / | Instance ID | Not Used | 146 P +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 147 / | Inner Destination MAC Address | 148 I +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 149 n | Inner Destination MAC Address | Inner Source MAC Address | 150 n +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 151 e | Inner Source MAC Address | 152 r +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 153 | Opt. Eth.type = C-Tag [802.1Q]| Inner.VLAN Tag Information | 154 L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 155 2 | Ethertype of Original Payload | | 156 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 157 F | | 158 r | | 159 a | Original Ethernet Payload | 160 m | | 161 e | | 162 \ | (Note that the original Ethernet Frame's FCS is not included) | 163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 164 | FCS (Frame Check Sequence) for Outer Ethernet Frame | 165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 167 3.2. L2 LISP 169 An L2 LISP frame may optionally use the entire set of fields in the 170 LISP header to support all of the features of the LISP protocol. 172 The figure below shows the whole L2 LISP frame, including the 173 original inner L2 frame. 175 0 1 2 3 176 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 177 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 178 | IPv4 or IPv6 Header (with RLOC addresses) | 179 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 180 / | Source Port = xxxx | Dest Port = 8472 | 181 UDP +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 182 \ | UDP Length | UDP Checksum | 183 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 184 L |N|L|E|V|I|flags| Nonce/Map-Version | 185 I \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 186 S / | Instance ID/Locator Status Bits | 187 P +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 188 / | Inner Destination MAC Address | 189 I +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 190 n | Inner Destination MAC Address | Inner Source MAC Address | 191 n +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 192 e | Inner Source MAC Address | 193 r +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 194 | Opt. Eth.type = C-Tag [802.1Q]| Inner.VLAN Tag Information | 195 L +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 196 2 | Ethertype of Original Payload | | 197 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 198 F | | 199 r | | 200 a | Original Ethernet Payload | 201 m | | 202 e | | 203 \ | (Note that the original Ethernet Frame's FCS is not included) | 204 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 205 | FCS (Frame Check Sequence) for Outer Ethernet Frame | 206 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 208 4. MTU Considerations 210 Since additional tunnel headers are prepended, the packet becomes 211 larger and can exceed the MTU of any link traversed from the ITR to 212 the ETR. [RFC6830] recommends in IPv4 that packets do not get 213 fragmented as they are encapsulated by the ITR. Instead, the packet 214 is dropped and an ICMP Too Big message is returned to the source. 215 Section 5.4 of [RFC6830] recommends procedure to mitigate MTU issues 216 for IPv4 or IPv6 packets. 218 5. Overlays for Network Virtualization 220 A notable use case for layer 2 LISP encapsulation is the use as an 221 overlay-based network virtualization architecture to support multi- 222 tenancy in large data center networks, as stated in 223 [I-D.ietf-nvo3-overlay-problem-statement]. In this use case, the 224 24-bit Instance ID serves as virtual network instance ID (VNID) that 225 is typically used to identify the tenants in large multi-tenant data 226 centers. 228 Packet replication in the underlay network to support broadcast, 229 unknown unicast and multicast overlay services can be done by: 231 o Ingress replication 232 o Use of underlay multicast trees 234 [RFC6831] and [I-D.farinacci-lisp-mr-signaling] specify how to map a 235 multicast flow in the EID space during distribution tree setup and 236 packet delivery in the underlay network. 238 6. LISP Mapping System 240 When the LISP mapping database system is used with L2 LISP, it must 241 support the LISP Canonical Address Format (LCAF) specified in 242 [I-D.ietf-lisp-lcaf]. More specifically the mapping database system 243 must support the use of MAC Addresses as LISP EIDs, and the use of 244 Instance IDs as part of the lookup key. 246 According to [I-D.ietf-lisp-lcaf] the encoding format for the 2-tuple 247 is: 249 0 1 2 3 250 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 251 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 252 | AFI = 16387 | Rsvd1 | Flags | 253 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 254 | Type = 2 | IID mask-len | Length | 255 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 256 | Instance ID | 257 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 258 | AFI = 6 | Layer-2 MAC Address ... | 259 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 260 | ... Layer-2 MAC Address | 261 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 263 In the case of a single instance of mapping database, no Instance ID 264 is necessary, and the encoding format for the MAC address is shown 265 below. In this case an Ethernet IEEE 802.1Q VLAN tag may be part of 266 the lookup key (encoded in an Instance ID field). 268 0 1 2 3 269 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 270 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 271 | AFI = 6 | Layer-2 MAC Address ... | 272 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 273 | ... Layer-2 MAC Address | 274 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 276 A mapping database system that supports both the LISP Canonical 277 Address Format, and Instance ID is the LISP Delegated Database Tree 278 [I-D.ietf-lisp-ddt]. 280 7. Security Considerations 282 Security in a network carrying L2 LISP should be similar to security 283 in a normal IPv4 network. Packet filtering on the L2 LISP inner 284 frames will require that a firewall look inside the L2 LISP packet or 285 that filtering is done at the ITR/ETR. 287 8. IANA Considerations 289 The IANA registry has allocated UDP port number 8472 for the L2 LISP 290 data packets. 292 9. Acknowledgements 294 The authors would like to thank Sumeet Singh, and Ajit Sanzgiri for 295 their technical and editorial commentary. 297 10. References 299 10.1. Normative References 301 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 302 Requirement Levels", BCP 14, RFC 2119, March 1997. 304 [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The 305 Locator/ID Separation Protocol (LISP)", RFC 6830, January 306 2013. 308 [RFC6831] Farinacci, D., Meyer, D., Zwiebel, J., and S. Venaas, "The 309 Locator/ID Separation Protocol (LISP) for Multicast 310 Environments", RFC 6831, January 2013. 312 10.2. Informative References 314 [I-D.farinacci-lisp-mr-signaling] 315 Farinacci, D. and M. Napierala, "LISP Control-Plane 316 Multicast Signaling", draft-farinacci-lisp-mr-signaling-02 317 (work in progress), July 2013. 319 [I-D.ietf-lisp-ddt] 320 Fuller, V., Lewis, D., Ermagan, V., and A. Jain, "LISP 321 Delegated Database Tree", draft-ietf-lisp-ddt-01 (work in 322 progress), March 2013. 324 [I-D.ietf-lisp-lcaf] 325 Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical 326 Address Format (LCAF)", draft-ietf-lisp-lcaf-02 (work in 327 progress), March 2013. 329 [I-D.ietf-nvo3-overlay-problem-statement] 330 Narten, T., Gray, E., Black, D., Fang, L., Kreeger, L., 331 and M. Napierala, "Problem Statement: Overlays for Network 332 Virtualization", draft-ietf-nvo3-overlay-problem- 333 statement-04 (work in progress), July 2013. 335 [I-D.mahalingam-dutt-dcops-vxlan] 336 Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, 337 L., Sridhar, T., Bursell, M., and C. Wright, "VXLAN: A 338 Framework for Overlaying Virtualized Layer 2 Networks over 339 Layer 3 Networks", draft-mahalingam-dutt-dcops-vxlan-04 340 (work in progress), May 2013. 342 Authors' Addresses 344 Michael Smith 345 Insieme Networks 346 California 347 USA 349 Email: michsmit@insiemenetworks.com 351 Dinesh Dutt 352 Cumulus Networks 353 California 354 USA 356 Email: ddutt@cumulusnetworks.com 358 Dino Farinacci 359 lispers.net 360 California 361 USA 363 Email: farinacci@gmail.com 364 Fabio Maino 365 Cisco Systems 366 California 367 USA 369 Email: fmaino@cisco.com