Cisco Global Routing Summit, August, 2008 Vince Fuller (for the LISP crew) Introduction to LISP+ALT

Cisco Global Routing Summit, August, 2008

Vince Fuller (for the LISP crew)http://www.vaf.net/prezos/lisp-grs.ppt

Introduction to LISP+ALTIntroduction to LISP+ALT

http://www.vaf.net/prezos/lisp-grs.ppt

Introduction to LISP+ALTIntroduction to LISP+ALT Cisco Global Routing Summit, August, Cisco Global Routing Summit, August, 20082008

Slide Slide 22

AgendaAgenda

• What is the problem?• What is LISP?• Why Locator/ID Separation?• Data Plane Operation• Finding Mappings – LISP+ALT• Open Issues


Slide Slide 33

Problem StatementProblem Statement

• There are reasons to believe that current trends in the growth of routing and addressing state on the global Internet may cause difficulty in the long term

• The Internet needs an easier, more scalable mechanism for multi-homing with traffic engineering


Slide Slide 44

Problem StatementProblem Statement• An Internet-wide replacement of IPv4 with ipv6

represents a one-in-a-generation opportunity to either continue current trends or to deploy something truly innovative and sustainable

• As currently specified, routing and addressing with ipv6 is not significantly different than with IPv4 – it shares many of the same properties and scaling characteristics

• More at: www.vaf.net/prezos/rrg-prague.pdf


Slide Slide 55

Scaling of Internet Routing Scaling of Internet Routing StateState


Slide Slide 66

•Instead of IP addresses, two numbering spaces:

– Endpoint Identifiers (EIDs): hierarchically assigned to sites along administrative lines (like DNS hostnames) • Do not change on devices that remain associated with the site; think “PI” but not routable

– Routing Locators (RLOCs): assigned according to network topology, like “PA” address assignments• Locators are aggregated/abstracted at topological boundaries to keep routing state scalable• When site’s connection to network topology changes, so do the locators – aggregation is preserved

What is ID/Loc Separation?What is ID/Loc Separation?


Slide Slide 77

Provider A10.0.0.0/8

Provider B11.0.0.0/8

R1 R2

BGP

End Site Benefit

(1) Easier Transition to ipv6 (maybe)(2) Change provider without address change

Lower OpEx for Sites and Providers

(1) Improve site multi-homing(2) Improve provider traffic engineering(3) Reduce size of core routing tables

What Features do I get?What Features do I get?

Site withPI Addresses


Slide Slide 88

What is LISP?What is LISP?

• Locator/ID Separation Protocol• Ground rules for LISP

– Network-based solution– No changes to hosts whatsoever– No new addressing changes to site devices– Very few configuration file changes– Imperative to be incrementally deployable– Address family agnostic


Slide Slide 99

New Network ElementsNew Network Elements

• Ingress Tunnel Router (ITR)– Finds EID to RLOC mapping– Encapsulates to Locators at source site

• Egress Tunnel Router (ETR)– Owns EID to RLOC mapping– Decapsulates at destination site


Slide Slide 1010

Packet ForwardingPacket Forwarding



S

ITR

DITR

ETR

ETR

Provider Y13.0.0.0/8

Provider X12.0.0.0/8S1

S2

D1

D2

PI EID-prefix 1.0.0.0/8 PI EID-prefix 2.0.0.0/8

DNS entry:D.abc.com A 2.0.0.2

EID-prefix: 2.0.0.0/8

Locator-set:

12.0.0.2, priority: 1, weight: 50 (D1)

13.0.0.2, priority: 1, weight: 50 (D2)

Mapping

Entry

1.0.0.1 -> 2.0.0.2

1.0.0.1 -> 2.0.0.2

11.0.0.1 -> 12.0.0.2

Legend:

EIDs

Locators

1.0.0.1 -> 2.0.0.2

11.0.0.1 -> 12.0.0.2

1.0.0.1 -> 2.0.0.2

12.0.0.2

13.0.0.2

10.0.0.1

11.0.0.1

Policy controlledby destination site


Slide Slide 1111

When the ITR has no MappingWhen the ITR has no Mapping

• ITR needs to obtain from ETR• ITR sends Map Request (or Data

Probe)• ETR returns Map Reply• But how do the ITR and ETR hook up?

– Using the mapping system, of course


Slide Slide 1212

Mapping System: What and Mapping System: What and WhyWhy

• Need a scalable EID to Locator mapping lookup mechanism

• Network based solutions– Have query/reply latency– Can have packet loss characteristics– Or, have a full table like BGP does

• How does one design a scalable Mapping Service?


Slide Slide 1313

Scaling ConstraintsScaling Constraints

• Build a large distributed mapping database service• Scalability paramount to solution• How to scale:

(state * rate)• If both factors large, we have a problem

– state will be O(1010) hosts• Aggregate EIDs into EID-prefixes to reduce state

– rate must be small• Dampen locator reachability status and locator-set

changes• Each mapping system design does it differently


Slide Slide 1414

Tough Questions/IssuesTough Questions/Issues• Where to store the mappings?• How to find the mappings?• Push model or pull model?• Full database or cache? Secondary

storage?• How to secure mapping entries?• How to secure control messages?• Protecting infrastructure from attacks• Control over packet loss and latency


Slide Slide 1515

Ideas ConsideredIdeas Considered• DNS – considered, many issues• DHTs – considered, research pending• CONS – new protocol, hybrid push+pull

– Push EID-prefixes at top levels of hierarchy– Pull mappings from lower levels of hierarchy

• ALT – GRE/BGP based, current focus• EMACS – like ALT, but multicast-based• NERD – pure Push design


Slide Slide 1616

Why LISP+ALT was SelectedWhy LISP+ALT was Selected

• Use existing technology where reasonable

• Low memory impact on ITR• Optional data path to reduce latency• Allow infrastructure players to achieve

new revenue source


Slide Slide 1717

LISP+ALT: What and HowLISP+ALT: What and How• Hybrid push/pull approach

– ALT pushes aggregates - find ETRs for EID– ITR uses LISP to find RLOCs for specific EID

• Hierarchical EID prefix assignment– Aggregation of EID prefixes

• Tunnel-based overlay network• BGP used to advertise EIDs on overlay• Option for data-triggered Map-Replies


Slide Slide 1818

LISP-ALT Routers and the ALTLISP-ALT Routers and the ALT

• LISP+ALT routers form “Alternative Logical Topology” (ALT)– Interconnected by tunnels (GRE or …)– eBGP used for EID prefix propagation– Isomorphic topology and EID assignment

• ITRs and ETRs connect at “edge”• Issue: Who runs LISP+ALT routers?

– ISPs, IXCs, RIRs, Neutral parties?


Slide Slide 1919

Tunnel and BGP OperationTunnel and BGP Operation• EID prefixes originated into BGP at edge

– By ETRs (or by ALT router with “static route” to “low-opex” ETR)

• ITR learns EID prefixes via eBGP– From ALT router (“low-opex ITR” uses “static

default” to ALT router)• Map-Request forwarded into the ALT via

first-hop ALT router– ALT forwards Map-Request to “owning” ETR for

EID prefix• ALT routers aggregate prefixes “upward” in

the alternative topology


Slide Slide 2020

Legend:

EIDs -> Green

Locators -> Red

GRE Tunnel

Low Opex

Physical link

Data Packet

Map-Request

Map-Reply

ETR

ETR

ETR

ITR

ITR

EID-prefix

240.1.1.0/24

LAT

240.0.0.1 -> 240.1.1.1

1.1.1

.1

2.2.2.2

3.3.3.3

240.0.0.1 -> 240.1.1.1EID-prefix

240.0.0.0/24

1.1.1.1 -> 11.0.0.1240.0.0.1 -> 240.1.1.1

11.0.0.1 -> 1.1.1.1

ALT-rtr

ALT-rtr

ALT-rtr

ALT-rtr

ALT-rtr

ALT-rtr

12.0.0.1

11.0.0.1

?

240.0.0.1 -> 240.1.1.1

11.0.0.1 -> 240.1.1.1

? 240.0.0.1 -> 240.1.1.1

11.0.0.1 -> 240.1.1.1

?<- 240.1.1.0/24

<- 240.1.2.0/24

< - 240.1.0.0/16

?

LISP+ALT in actionLISP+ALT in action


Slide Slide 2121

Data-Triggered MappingsData-Triggered Mappings

• ITRs have the option of forwarding data for “un-mapped” EIDs into ALT– Effectively attached to Map-Request to ETR,

delivered to destination host as side-effect

• LISP Map-Reply “triggered” from ETR to ITR, installed in ITR cache

• Following traffic uses cached RLOCs– Just like if Map-Request/Map-Reply done

• Issue: scaling/complexity/performance


Slide Slide 2222

Hierarchical EID Hierarchical EID assignmentassignment



R1 R2

PI EID-prefix 240.1.0.0/16

10.0.0.1 11.0.0

.1

ISP allocates 1 locator address per physical attachment point(follows network topology)

RIR allocates EID-prefixes(follows org/geo hierarchy)

SiteLegend:

EIDs -> Green

Locators -> Red


Slide Slide 2323

Issue: Mapping System SecurityIssue: Mapping System Security

• ALT can use existing/proposed BGP security mechanisms (SBGP, etc.)

• DOS-mitigation using well-known control plane rate-limiting techniques

• Nonce in LISP protocol exchange• More needed?


Slide Slide 2424

Issue: Large-site ETR PolicyIssue: Large-site ETR Policy• ALT separates ETR discovery from the

ITR-ETR mapping exchange– Very coarse prefixes advertised globally– More-specific info exchanged where

needed

• Regional ETRs could return more- specific mappings for simple TE

• Alternative to current practice of advertising more-specific prefixes


Slide Slide 2525

Large-site ETR policy Large-site ETR policy exampleexample

• (someday, this will be a pretty, animated slide that shows how LISP and ALT can achieve the same “best exit” effect as advertising more-specifics with MEDs…today is not that day, unfortunately)


Slide Slide 2626

Issue: “low-opex” xTRIssue: “low-opex” xTR

• BGP configuration complexity is a barrier to site-multihoming

• Remove xTR/CPE BGP requirement:– ITR has “static default EID-prefix

route” to “first hop” ALT router– “first hop” ALT router has “static EID-

prefix route” pointing to ETR– originates EID prefix on behalf of ETR


Slide Slide 2727

More open ALT issuesMore open ALT issues• Who runs the ALT network?

– What’s the business model?– Should it be rooted at/run by the RIRs?– Different levels run by different orgs– Should it be free?

• OK to renumber to get “PI” EID prefix?• Interworking/transition strategies (later)• Work in standards/ops community (later)• Others?


Slide Slide 2828

LISP Internet DraftsLISP Internet Draftsdraft-farinacci-lisp-08.txtdraft-fuller-lisp-alt-02.txtdraft-lewis-lisp-interworking-01.txtdraft-farinacci-lisp-multicast-00.txtdraft-meyer-lisp-eid-block-01.txt

draft-mathy-lisp-dht-00.txtdraft-iannone-openlisp-implementation-01.txtdraft-brim-lisp-analysis-00.txt

draft-meyer-lisp-cons-04.txtdraft-lear-lisp-nerd-04.txtdraft-curran-lisp-emacs-00.txt


Slide Slide 2929

Questions/Comments?Questions/Comments?

Slide Slide 2929

Thanks!

Contact us: [email protected]: http://www.lisp4.netOpenLISP: http://inl.info.ucl.ac.be

mailto:[email protected]

http://www.lisp4.net/

http://inl.info.ucl.ac.be/

http://inl.info.ucl.ac.be/

Documents

Cisco Global Routing Summit, August, 2008 Vince Fuller (for the LISP crew) Introduction to LISP+ALT