LISP Mapping Request Format

And related topicsJoel M. Halpern

joel.halpern@ericsson.com

What is the mapping system

• Defined by draft-ietf-lisp-ms-04.txt• Made up conceptually of Map Resolvers, Map

Servers, and the ALT infrastructure• ITRs send Map-Request messages• ITRs receive Map-Reply messages– Positive reply, with RLOCs to use– Negative reply, if there is nothing• Deal with both “no such ID”, and “no available RLOCs”

Two views of the functionality

• How we describe the system shapes how we think it should work

• In this case, one can view the system in two similar fashions

• I believe the difference between these two views is at the center of a debate:– Should Map request messages sent by ITRs have

one IP header, or two?

Mapping System as Relay Agent

• One view of the Mapping system is that its job is to deliver a message

• The message is sent by an ITR• The message is to be delivered to an ETR

advertising responsibility for a given EID• The message contains an Map-Request, but

the mapping system does not care about that

Mapping system provides information

• Another view is that the mapping system is responsible for providing authoritative RLOCs in response to a mapping request

• The system uses expectation of the ETR generating the response and sending it directly to an ITR is an optimization

• A “valid” mapping system could keep the mappings itself.

• Note that negative responses currently come from the system.

Result: differences as to functionality

• Can there be an encrypted mapping request?• Does there need to be an IP header with the

destination EID in the dest IP field?• Is The ITR responsible for knowing the message

arrangement for ALT forwarding– Phrased differently, how much of a change to ALT Is

transparent to the ITR– Or, the ALT is routing, why would you change the

routing header?– Or, is the Map-Resolver / Map-Serve layer an

insulation layer, or a convenience for connectivity.

To recap, the question:

• As currently defined, – an ITR sends a Map-Request by encapsulating an

Map-Request Message in an IP header, using the destination EID as the IP destination.

– This is encapsualted in an additional IP header (the “outer header”) in order to deliver the message to the Map responder

• Alternatively, one could encapsulate the Map-Request message directly in the “outer header”.

Decomposition

• This is personal opinion about how to look at the system

• There are times when one wants to shortcut the mechanisms

• My take is that the best way to do that is to define the components conceptually.

• Then, if you need a different setup, you put several logical pieces in the same physical device

Combination examples

• An ITR which can send mapping requests directly to the ALT– Is conceptually an ITR plus a Map Responder.• It is a map responder which does not take requests

from anyone else, and is not visible in any tables of MRs.

– No, there is no need to actually build the ITR->MR message, and then reprocess it. We are discussing architecture, not implementation

Why does this matter?

• Allowing conceptual combinations means that the needs for special configurations does not complicate the definition of the ITR or the ETR.

• Also, the encapsulation between the ITR and the MR (or the MS and the ETR) does not need to allow for corner cases or unusual deployments.

• It also allows us to use simple concepts, assembled simply, to describe what we are building.

Address Families

• EIDs or RLOCs can be built using IPv4 or IPv6• Both approaches handle the simple cases well– EIDs and RLOCs from the same address family– Or, dual-stack ITR and EIDs from either or both

address families

• Double Encapsulation does introduce constraints– The inner header must have an RLOC from the

same address family as the destination EID

Additional issues

• With either path, there are additional questions which need to be asked– What authentication capabilities are needed

relative to Map-Requests, and what should be authenticated?

– Is there value in hiding dimensions of mapping from the ALT?

– Is the mapping system part of the data probe mechanism, and if so, how?