New LISP Mapping System: LISP- DDT Presentation to LNOG Darrel Lewis on behalf of the LISP TEAM
Locator/ID Separation Protocol (LISP) Architecture & Protocols LISP Team: Vince Fuller, Darrel...
-
Upload
peregrine-payne -
Category
Documents
-
view
222 -
download
2
Transcript of Locator/ID Separation Protocol (LISP) Architecture & Protocols LISP Team: Vince Fuller, Darrel...
Locator/ID Separation Protocol (LISP)Locator/ID Separation Protocol (LISP)
Architecture & ProtocolsArchitecture & Protocols
LISP Team:Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim,
Dave Oran, Elizabeth McGee, Dino Farinacci, and David Meyer
Workshop III: Beyond Internet MRA: Networks of NetworksInstitute for Pure and Applied Mathematics
Nov 3-7, 2008
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 22
AgendaAgenda
• Problem Statement• Locator/ID Separation (and why…)• What is LISP?• LISP Control Plane - LISP+ALT• How LISP sites talk to legacy sites• Other Uses of LISP• Prototype and Pilot Network
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 33
Provider A10.0.0.0/8
Provider B11.0.0.0/8
R1 R2
BGPEnd Site Benefit
(1) Easier Transition to IPv6(2) Change provider without address change(3) Active-Active BGP-free Multihoming(4) Data Center Load Spreading
Lower OpEx for Sites and Providers
(1) Improve site multi-homing(2) Improve site & provider traffic engineering(3) Reduce size of core routing tables(4) IPv4 Address Conservation?
Problem StatementProblem Statement
Site withPI Addresses
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 44
Scaling Internet Routing StateScaling Internet Routing State
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 55
Why Separate Location from ID?Why Separate Location from ID?• Level of Indirection allows us to:
– Keep either ID or Location fixed while changing the other
• Basically: Routing Locators need to aggregate topologically, while IDs are usually assigned along administrative boundaries hard to do with one number space
– Create separate namespaces which can have different allocation properties
• By keeping IDs fixed– Assign fixed addresses that never change to
hosts and routers at a site• You can change Locators
– Now the sites can change providers– Now the hosts can move
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 66
Separating (or adding) an AddressSeparating (or adding) an Address
Changing the semantics of the IP address
Locator ID
2001:0102:0304:0506:1111:2222:3333:4444IPv6:
209.131.36.158IPv4:
Locator
.10.0.0.1
ID
ID & Location
ID & Location
If PI, get new locatorIf PA, get new ID
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 77
Provider A10.0.0.0/8
Provider B11.0.0.0/8
S
Multi-Level Addressing
EIDs are inside of sites
RLOCs used in the core
R2R1
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 88
Map-n-Encap vs Address-Map-n-Encap vs Address-RewriteRewrite
Host Stack:supplies IDs
LISP
Router:
supplies RLOCs
by adding new
header
Map-n-Encap Address-Rewrite
Host Stack:supplies IDs
Router:
rewrites RLOCs
from existing
address
GSE
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 99
So What is LISP?So What is LISP?
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1010
What is LISP?What is LISP?
• Locator/ID Separation Protocol– Network-based solution– No changes to hosts whatsoever– No new addressing changes to site devices– Very few configuration file changes– Imperative to be incrementally deployable– Address family agnostic
New Network Elements
• Ingress Tunnel Router (ITR)– Finds EID to RLOC mapping
• This is the map part of map-and-encap
– Encapsulates to Locators at source site• This is the encap part of map-and-encap
• Egress Tunnel Router (ETR)– Authoritative for its EID to RLOC mapping– Decapsulates at destination site
LISP Arch & LISP Arch & ProtocolsProtocols
Slide Slide 1111IPAM MRAWS3IPAM MRAWS3
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1212
Packet ForwardingPacket Forwarding
Provider A10.0.0.0/8
Provider B11.0.0.0/8
S
ITR
DITR
ETR
ETR
Provider Y13.0.0.0/8
Provider X12.0.0.0/8S1
S2
D1
D2
PI EID-prefix 1.0.0.0/8 PI EID-prefix 2.0.0.0/8
DNS entry:D.abc.com A 2.0.0.2
EID-prefix: 2.0.0.0/8
Locator-set:
12.0.0.2, priority: 1, weight: 50 (D1)
13.0.0.2, priority: 1, weight: 50 (D2)
Mapping
Entry
1.0.0.1 -> 2.0.0.2
1.0.0.1 -> 2.0.0.2
11.0.0.1 -> 12.0.0.2
Legend:
EIDs -> Green
Locators -> Red
1.0.0.1 -> 2.0.0.2
11.0.0.1 -> 12.0.0.2
1.0.0.1 -> 2.0.0.2
12.0.0.2
13.0.0.2
10.0.0.1
11.0.0.1
Policy controlledby destination site
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1313
• You need a “map” before you can “encap”
• We have designed several mapping database protocols– CONS, NERD, EMACS, ALT– Tradeoff push versus pull benefit/cost– Needs to be scalable to 1010 entries
• ALT has the most promise– We are deploying ALT
Mapping Database Mapping Database DesignsDesigns
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1414
What is LISP+ALT?
• EID namespace is used at the site• RLOC namespace is used in the Internet
core• Mappings need to be authoritative and
reside at site ETRs• Advertise EID-prefixes in BGP on an
alternate topology of GRE tunnels• ITRs get mappings by routing Map-
Requests on ALT topology• ETRs respond with Map-Replies
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1515
Legend:
EIDs -> Green
Locators -> Red
GRE Tunnel
Low Opex
Physical link
Data Packet
Map-Request
Map-Reply
ETR
ETR
ETR
ITR
EID-prefix
240.1.2.0/24
ITR
EID-prefix
240.1.1.0/24
ALT EID-prefix
240.2.1.0/24
240.0.0.1 -> 240.1.1.1
1.1.1
.1
2.2.2.2
3.3.3.3
240.0.0.1 -> 240.1.1.1EID-prefix
240.0.0.0/24
1.1.1.1 -> 11.0.0.1240.0.0.1 -> 240.1.1.1
11.0.0.1 -> 1.1.1.1
ALT-rtr
ALT-rtr
ALT-rtr
ALT-rtr
ALT-rtr
ALT-rtr
12.0.0.1
11.0.0.1
How LISP+ALT Works
?
240.0.0.1 -> 240.1.1.1
11.0.0.1 -> 240.1.1.1
? 240.0.0.1 -> 240.1.1.1
11.0.0.1 -> 240.1.1.1
?<- 240.1.1.0/24
<- 240.1.2.0/24
< - 240.1.0.0/16
?
Interworking ModelInterworking Model• We’ve built and deployed the interworking mechanisms
described in draft-lewis-lisp-interworking-01.txt
• LISP Translation– “LISP NAT”– http://www.translate.lisp4.net
• Proxy Tunnel Router (PTR)– Advertises coarsely aggregated EID-prefix(es) into the DFZ
• Attracts traffic for those prefixes– Behaves like an ITR for that traffic
• tr0.partan.com is a v4 PTR• titanium-dmm-alt-only.lisp.uoregon.edu is a v6 PTR• http://www.lisp6.net uses the v6 PTR• http://www.lisp4.net uses the v4 PTR
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1616
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1717
Other Uses for LISPOther Uses for LISP• SLBs in Data Centers
– ETRs directly connected to servers– ITRs at Data Center edge
• A/V Mobile Truck Roll– Avoid renumber at each event
• BGP-free Core– Intra-AS avoiding storing external routes– RLOCs are PE routers
• Building topological hierarchy with flat addressing– MAC addressing in L2 networks
• MAC address mobility for “extended subnets”• In an environment of shortage address supply
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1818
Prototype and PilotPrototype and Pilot• Prototype has been running for a 1.5 years
– NX-OS on Titaniums– IOS is under-way– Considering XR and/or CRS blade implementation
• Alpha has been running for 1 year– Map-Request/Reply, ALT, & Interworking
• External pilot is underway– Dual-stack ALT– Underlying IPv4 and IPv6 transport– Geographical (registry-based) EID addressing– Interworking IPv4 with translation and PTRs– Interworking IPv6 with PTRs– Low-OpEx xTRs underway
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 1919
LISP in one SlideLISP in one Slide
Today’s Internet - Data Plane
LISP-ALT Control Plane
LISP Site
Non-LISP Site
LISP SiteGRE TunnelsGRE Tunnels
Physical Links
Phys
ical
Lin
ks
CE
LISP Routers
LISP Routers
RLOCsRLOCs
RLOCs
RLOCs
EIDsEIDs
EIDs assigned by Internet Registries
RLOCs assigned by Service Providers
Configure EID -> RLOCsdatabase mappings
for local site
Stores EID -> RLOCscache mappingsfor remote sites
Benefits:• Improved low-opex multihoming• Site based policy and reachability• No changes to core routers• No changes to site routers• No DNS changes• No site addressing changes• Works with PI or PA prefixes• Supports 44-over-6 and 66-over-4• Sites authoritative for their mappings• Interworks with non-LISP sites using
translation or PTRs
Costs:• Mapping system required• New Software in CE routers• New LISP-ALT infrastructure
Legend:EIDs (End Site IDs) in greenRLOCs (Routing Locators) in redCE: Customer Premise Edge RouterALT: Alternative LISP TopologyOH: Outer header, CE to CEIH: Inner header, host to host
“Separating ID and Location from an IP address through a level of indirection”
CE
Advertises EID-prefixes to find mappings
CE
Advertises RLOCs to maintain aggregationand provide reachability to sites
RLOCs EIDs
Data Packet
Payload
OH IH Host Data
Tue Nov 4 18:33:30 PST 2008
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 2121
LISP Internet DraftsLISP Internet Draftsdraft-farinacci-lisp-09.txtdraft-fuller-lisp-alt-03.txtdraft-lewis-lisp-interworking-01.txtdraft-farinacci-lisp-multicast-00.txtdraft-meyer-lisp-eid-block-01.txt
draft-mathy-lisp-dht-00.txtdraft-iannone-openlisp-implementation-01.txtdraft-brim-lisp-analysis-00.txt
draft-meyer-lisp-cons-04.txtdraft-lear-lisp-nerd-04.txtdraft-curran-lisp-emacs-00.txt
LISP Arch & LISP Arch & ProtocolsProtocols
IPAM MRAWS3IPAM MRAWS3 Slide Slide 2222
ReferencesReferences
• Public mailing list:[email protected]
• Go to a LISP site now:http://www.lisp4.net
http://www.lisp6.net