LISP Mapping Request Format And related topics Joel M. Halpern [email protected].
-
Upload
godwin-powers -
Category
Documents
-
view
213 -
download
0
Transcript of LISP Mapping Request Format And related topics Joel M. Halpern [email protected].
What is the mapping system
• Defined by draft-ietf-lisp-ms-04.txt• Made up conceptually of Map Resolvers, Map
Servers, and the ALT infrastructure• ITRs send Map-Request messages• ITRs receive Map-Reply messages– Positive reply, with RLOCs to use– Negative reply, if there is nothing• Deal with both “no such ID”, and “no available RLOCs”
Two views of the functionality
• How we describe the system shapes how we think it should work
• In this case, one can view the system in two similar fashions
• I believe the difference between these two views is at the center of a debate:– Should Map request messages sent by ITRs have
one IP header, or two?
Mapping System as Relay Agent
• One view of the Mapping system is that its job is to deliver a message
• The message is sent by an ITR• The message is to be delivered to an ETR
advertising responsibility for a given EID• The message contains an Map-Request, but
the mapping system does not care about that
Mapping system provides information
• Another view is that the mapping system is responsible for providing authoritative RLOCs in response to a mapping request
• The system uses expectation of the ETR generating the response and sending it directly to an ITR is an optimization
• A “valid” mapping system could keep the mappings itself.
• Note that negative responses currently come from the system.
Result: differences as to functionality
• Can there be an encrypted mapping request?• Does there need to be an IP header with the
destination EID in the dest IP field?• Is The ITR responsible for knowing the message
arrangement for ALT forwarding– Phrased differently, how much of a change to ALT Is
transparent to the ITR– Or, the ALT is routing, why would you change the
routing header?– Or, is the Map-Resolver / Map-Serve layer an
insulation layer, or a convenience for connectivity.
To recap, the question:
• As currently defined, – an ITR sends a Map-Request by encapsulating an
Map-Request Message in an IP header, using the destination EID as the IP destination.
– This is encapsualted in an additional IP header (the “outer header”) in order to deliver the message to the Map responder
• Alternatively, one could encapsulate the Map-Request message directly in the “outer header”.
Decomposition
• This is personal opinion about how to look at the system
• There are times when one wants to shortcut the mechanisms
• My take is that the best way to do that is to define the components conceptually.
• Then, if you need a different setup, you put several logical pieces in the same physical device
Combination examples
• An ITR which can send mapping requests directly to the ALT– Is conceptually an ITR plus a Map Responder.• It is a map responder which does not take requests
from anyone else, and is not visible in any tables of MRs.
– No, there is no need to actually build the ITR->MR message, and then reprocess it. We are discussing architecture, not implementation
Why does this matter?
• Allowing conceptual combinations means that the needs for special configurations does not complicate the definition of the ITR or the ETR.
• Also, the encapsulation between the ITR and the MR (or the MS and the ETR) does not need to allow for corner cases or unusual deployments.
• It also allows us to use simple concepts, assembled simply, to describe what we are building.
Address Families
• EIDs or RLOCs can be built using IPv4 or IPv6• Both approaches handle the simple cases well– EIDs and RLOCs from the same address family– Or, dual-stack ITR and EIDs from either or both
address families
• Double Encapsulation does introduce constraints– The inner header must have an RLOC from the
same address family as the destination EID
Additional issues
• With either path, there are additional questions which need to be asked– What authentication capabilities are needed
relative to Map-Requests, and what should be authenticated?
– Is there value in hiding dimensions of mapping from the ALT?
– Is the mapping system part of the data probe mechanism, and if so, how?