lisp-cons a mapping database service ietf/irtf - july 2007 dave meyer dino farinacci vince fuller...
TRANSCRIPT
LISP-CONSLISP-CONS
A Mapping Database ServiceA Mapping Database Service
IETF/IRTF - July 2007IETF/IRTF - July 2007 Dave Meyer
Dino FarinacciVince FullerDarrel LewisScott Brim
Noel Chiappa
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 22
AgendaAgenda• Brief Intro• Design Considerations• Brief Definitions• How CONS Works• Hybrid Approaches
– Combining NERD and CONS– Combining APT and CONS– Is LISP 1.5 sufficient?
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 33
Problem StatementProblem Statement• Operationally
– Improve site multihoming– Improve ISP Traffic Engineering– Reduce site renumbering costs– Reduce size of core routing tables– PI for all?– Some form of mobility?
• Architecturally– Create two namespaces: IDs and Locators
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 44
Splitting an AddressSplitting an Address
2001:0102:0304:0506:1111:2222:3333:4444
Locator ID
IPv6:
209.131.36.158IPv4:
Locator
.10.0.0.1
ID
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 55
LISP is a Jack-UpLISP is a Jack-Up
Host StackUses IDs
Map-n-EncapUses Locators
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 66
LISP PartsLISP Parts
• Data-plane– Design for encapsulation and tunnel
router placement– Design for locator reachability– Data triggered mapping service
• Control-plane– Design for a scalable mapping service
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 77
LISP VariantsLISP Variants• LISP 1
– Routable IDs over existing topology to probe for mapping reply
• LISP 1.5– Routable IDs over another topology to probe for
mapping reply
• LISP 2– EIDs are not routable and mappings are in DNS
• LISP 3– EIDs are not routable, mappings obtained using new
mechanisms (DHTs perhaps, LISP-CONS, NERD, APT)
Data-Plane Mapping
Control-Plane Mapping
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 88
Quick LISP TermsQuick LISP Terms• Endpoint Identifiers (EIDs)
– IDs for host-use and routeable in source and dest sites
– Can be out of PA or PI address space
• Routing Locators (RLOCs)– Routeable addresses out of PA address space
• Ingress Tunnel Router (ITR)– Device in source-site that prepends LISP header with
RLOCs
• Egress Tunnel Router (ETR)– Device in destination-site that strips LISP header
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 99
LISP Control-PlaneLISP Control-Plane
• Build a large distributed mapping database service• Scalability paramount to solution• How to scale:
(state * rate)• If both factors large, we have a problem
– state will be O(1010) hosts– Aggregate EIDs into EID-prefixes to reduce state– So rate must be small– Make mappings have “subscription time”
frequency
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1010
LISP Control-PlaneLISP Control-Plane• Where to put the mappings?• How to find the mappings?• Is it a push model?• Is it a pull model?• Do you use secondary storage?• Do you use a cache?• What about securing the mapping entries?• What about protecting infrastructure from DOS-
attacks?• What about controlling packet loss and latency?
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1111
LISP Control-PlaneLISP Control-Plane
“Push doesn’t scale, caching doesn’t scale, pick one”
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1212
LISP-CONSLISP-CONS
• We have chosen a hybrid approach• Push at upper levels of hierarchy• Pull from lower levels of hierarchy• Mappings stay at lower-levels
– Requests get to where the mappings are– Replies are returned
• Getting to the lower-levels via pushing of EID-prefixes
• LISP-CONS is a mapping system for LISP 3.0• LISP-CONS is not a DHT
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1313
LISP-CONSLISP-CONS• We can get good EID-prefix aggregation
– If hierarchy based on EID-prefix allocation and not topology
– Then build a logical topology based on the EID-prefix allocation
• Map-Requests routed through logical hierarchy– Key is the EID
• Map-Reply returned to originator– With mapping record {EID-prefix, Locator-set}
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1414
LISP-CONS Network ElementsLISP-CONS Network Elements• Content Access Routers (CARs)
– Querying-CARs• Generate Map-Requests on behalf of ITRs
– Replying-CARs• Hold authoritative mappings at level-0 of hierarchy• Aggregate only EID-prefix upwards • Respond with Map-Replies
• Content Distribution Routers (CDRs)– Push around EID-prefixes with level-1 to n of hierarchy– Aggregate EID-prefix upwards– Advertise EID-prefixes in a mesh topology within level– Forward Map-Requests and Map-Replies
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1515
LISP-CONSLISP-CONS
ITR ITRETRETR
qCAR qCAR rCARqCAR rCAR qCARLevel-0
CDR Mesh
CDR CDR
CDR CDR
CDR CDR CDR CDRLevel-1
qCAR qCAR
Level-n
CDR MeshCDR Mesh
{ 1.1.1.0/24: L1,L2 }
Legend:
{ } : mapping entry
[ ] : EID aggregate
: mapping table
{ 1.1.2.0/24: L11,L22 }
[ 1.1.0.0/16 ]
[ 1.0.0.0/8 ]
Map-Request1.1.1.1
No EID-Prefix within mesh,forward to parent peer
Map-Request1.1.1.1
No mapping cached,forwardto parent peer
Take shortest path to 1.0.0.0/8
Map-Request1.1.1.1
Has more-specific entry downward
CAR has mapping,returns Map-Replyto orig CAR EID address
{ 1.1.1.0/24: L1,L2 }{ 1.1.2.0/24: L11,L22 }
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1616
LISP-CONSLISP-CONS
CDR Mesh
CDR CDR
CDR CDR
Level-n
Level-(n-1)Parent Peer
Child Peer
Sibling Peer
CDR
[ EID-prefix agg ]
[ 0.0.0.0/0 ]
All peering on TCP HMACprotected connections
Within a CDR-mesh, EID-prefixesget seq num pushed with PV lists
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1717
LISP-CONSLISP-CONS
CDR Mesh
CDR CDR
CDR CDR
Level-1
Level-0Parent Peer
Child Peer
rCAR
[ EID-prefix agg ]
Sibling PeerAll peering on TCP HMACprotected connections
Within a CDR-mesh, EID-prefixesget seq num pushed with PV lists
ETR
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1818
Hybrid ModelsHybrid Models
• Combining brute-force push of NERD to CONS CARs
• Lower latency like with CONS caching since entire database stored in CAR
• ITR still caches and encapsulates directly to ETR
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 1919
ITR
NERD with CONSNERD with CONS
ITR ITR
qCAR qCAR qCARqCAR qCAR qCARLevel-0qCAR qCAR
NERD NERD NERDAuthoritative and SignedMapping Database
ITR
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2020
Hybrid ModelsHybrid Models
• Use CARs as Default Mappers (like APT)
• Use data packet as Map-Request• Never a packet drop at expense of
increased stretch• Mappings between CARs are NERD
pushed
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2121
CARs are Default MappersCARs are Default Mappers
ITR ITR ETRETR
qCAR qCAR qCARqCAR qCAR qCARLevel-0qCAR qCAR
NERD NERD NERDAuthoritative and SignedMapping Database
{ 1.1.1.0/24: L1,L2 }
LiSP encapedto qCAR
ITR has mapping: 0.0.0.0/0 -> qCAR
Decaped and Reencaped to ETR
Map-Reply
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2222
Is LISP 1.5 Sufficient? Is LISP 1.5 Sufficient?
• Use an alternate topology to run BGP on EID namespace
• Use BGP to either pass mappings around– And use APT type forwarding
• Use BGP to pass only EID-prefixes– Send Map-Requests to find CARs– Use data probe ala LISP 1.5 and have ETRs
return data-triggered Map-Replies
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2323
LISP 1.5LISP 1.5
Provider A10.0.0.0/8
Provider B11.0.0.0/8
S
ITR
DITR
ETR
ETR
Provider Y13.0.0.0/8
Provider X12.0.0.0/8
S1
S2
D1
PI EID-prefix 1.0.0.0/8
PI EID-prefix 2.0.0.0/8
1.0.0.1 -> 2.0.0.2
1.0.0.1 -> 2.0.0.2
11.0.0.1 -> 2.0.0.2
Legend: EIDs -> Green Locators -> Red
1.0.0.1 -> 2.0.0.2
12.0.0.2
D213.0.0.2
Alternate TopologyRunning BGP on
EID-prefixes
1.0.0.1 -> 2.0.0.2
11.0.0.1 -> 12.0.0.2
1.0.0.1 -> 2.0.0.2
11.0.0.1 -> 12.0.0.2
13.0.0.2 -> 11.0.0.1
Map-Reply
2.0.0.0/8 12.0.0.2, p: 1, w: 50 13.0.0.2, p: 1, w: 50
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2424
DocumentationDocumentation
• Draft draft-farinacci-lisp-02.txt– UDP encapsulation– UDP for Map-Request & Map-Reply– Locator reach bits– Fixes from implementation
experience
• Draft draft-meyer-lisp-cons-01.txt– A control-plane mapping service
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2525
Oh, so it's just like a Oh, so it's just like a Blackberry!Blackberry!
LISP-CONS for RRGLISP-CONS for RRG IETF/IRTFIETF/IRTF Slide Slide 2626