Dino - thanks for the response. On the major issues, it looks like both [A] and [B] involve only the text in this draft and nothing beyond, which is good news. I have a simple text suggestion for [A], but it looks like [B] is going to require some careful editing, as one of the primary causes is that the draft is sloppy in using the same symbol "G" to represent both EID and RLOC multicast groups. On the minor issues, I have text suggestions for three of the four, and I'd like to temporarily defer further discussion the IPv6 UDP zero checksum "tarpit" in favor of resolving everything else first. On the nits/editorial comments, all the suggestions in your email are fine with me. FWIW, I regard that portion of a review as almost entirely subject to the draft authors' discretion (and editorial taste). > >> [A] EID mobility vs. EID prefixes > > ... from the start of the LISP design (circa 2007), an prefix is what moves. > And a specific EID is simply a /32 or /128 prefix. Here is a practical > example: A statement that the mobility use cases need to employ /32 and /128 prefixes, and not anything coarser should suffice. That should be added to Section 5. > >> [B] LISP Multicast vs. EID/RLOC separate > >> > >> - 6. Multicast > >> > >> This is interesting, multicast addresses (G) look like they're an exception > > They are really not. My concern is that as I read the draft, it leaves me with the strong impression that the same multicast addresses (G) are being used in both the overlay (as EIDs) and the underlay (as RLOCs). From your response, I conclude that this is not the case (and I have no argument with that). Rather, Section 6 needs to bluntly state that multicast addresses are mapped between EID and RLOC space at both ITRs and ETRs, so that the following inference is obvious from the text (it's currently not obvious): > So it makes perfect sense to register multicast addresses to the mapping > system as EIDs and they can map to RLOCs of sites that have joined the group. As part of this, I strongly recommend moving away from use of "G" to refer to multicast groups in both the overlay and underlay. Careful use of G-EID and G-RLOC would significantly improve clarity. --- If the above are done for [A] and [B] in Sections 5 and 6, then the text for the use cases in Section 7 should not need further attention. --- > >> -- Minor Issues -- > >> > >> There seems to be an implicit assumption that the end host and its > >> ITR (xTR) are in the same domain or Autonomous System. For incremental > > This is true when you call the domain a "LISP site". But if the site is > unchanged and one uses PITRs, maybe even close to the site, like in a PE > router, then the PITR is definitely in another AS. Looking at the text, it seems that "LISP site" and "domain" are the same concept for this draft. That would be useful to state, IMHO but I'll leave the decision on whether to do so to you and the draft authors. On rereading, my concerns seem to be triggered mostly by this sentence in Section 3.2: The edge consists of LISP sites (e.g., an Autonomous System) that use EID addresses. I think a small change to the last sentence in that paragraph would resolve my concern without distracting from the narrative: OLD EIDs do not contain inter-domain topological information and because of this, EIDs are usually routable at the edge (within LISP sites) or in the non-LISP Internet. NEW EIDs do not contain inter-domain topological information and because of this, EIDs are usually routable at the edge (within LISP sites) or in the non-LISP Internet; see Section 3.5 for discussion of LISP site internetworking with non-LISP sites and domains in the Internet. > >> Despite multiple mentions of incremental deployment, I did not > >> see a discussion of how that might be accomplished. > > There are PxTRs and NATs. And references to the LISP interworking RFC. Ok, can we just say so in Section 3.5? Adding the following sentence to the end of the section would suffice: PITRs, PETRs and LISP-NAT support incremental deployment of LISP by providing significant flexibility in location of the boundaries between the LISP and non-LISP portions of the network, and making it reasonable to change those boundaries over time. > >> - 3.3.1. LISP Encapsulation > >> > >> the source port is selected by > >> the ITR and ignored on reception. > >> > >> Please mention multipathing (e.g., ECMP and LAG) as possible influences > >> on how source ports are selected, as this imposes some limits on what an > >> ITR can reasonably do. > > ECMP/LAG don't influence which source port is selected. It is a 5-tuple hash > of the inner header that selects a source port that influences how an underlay > router would load-split traffic. Please state that a 5-tuple hash is used. ECMP/LAG is among the important reasons why, but that doesn't need to be stated if you prefer not to. An example of something that needs to be excluded is that using a random number generator to set the source port would be wrong - I could suggest citing draft-ietf-dart-dscp-rtp for related discussion (and lots more details), but I don't think that's necessary. -- IPv6 zero UDP checksum > My head spins every time I hear about this subject. This subject has been > talked about from 100s of people for a decade. We have CRC on links, we have > apps that use TCP and UDP checksums. Nuf said. Understood - there's more than one set of scars on this one :-(. Let's come back to this topic after we've resolved everything else, and please keep in mind that I tagged this as a minor issue, not a major one (e.g., the above changes for [A] and [B] are far more important, IMHO). Thanks, --David > -----Original Message----- > From: Dino Farinacci [mailto:farinacci@xxxxxxxxx] > Sent: Wednesday, February 11, 2015 2:19 PM > To: Joel M. Halpern > Cc: Black, David; Albert Cabellos; Damien Saucez; ops-dir@xxxxxxxx; > ietf@xxxxxxxx; lisp@xxxxxxxx > Subject: Re: [lisp] OPS-Dir review of draft-ietf-lisp-introduction-11 > > > I will leave most of these for the authors to comment on. > > See my comments inline. Thanks David for your detailed review and commentary. > > > With regard to your question about incremental deployment, that is the > domain of the LISP Deployment document, and was deliberately only lightly > covered here. I am not sure what we can do to address your comment without > duplicating the entirety of that document. > > That is the risk we may have with many of your comments. We have a lot of > detail in the already 9 published RFCs and this document really is to take > all that detail and summarize as an easily understandable description of a > cohesive design. > > > With regard to UDP Zero, this was approved by the IESG and published as an > RFC. It is part of the way the protocol is defined. If there are specific > changes you would like to see in the explanatory text, I am sure > > Definitely agreed. In fact we instigated UDP zero. And I continually talk to > hardware engineers and they all believe we made the right decision. So hats > off to the IETF for being practical. > > > we could include them. If you are looking for a change in the behavior, > this document can not make changes to the LISP behavior. > > Yes, an important point. > > >> I found a couple of major issues that I hope arise from the > >> summarization of LISP in this draft, as opposed to being problems in > >> the actual LISP protocols. I also found a few minor issues, the most > >> important of which is the need for additional security considerations > >> discussion on misdelivery, with particular attention to VPNs. > > Thanks a ton. > > >> -- Major issues -- > >> > >> [A] EID mobility vs. EID prefixes > >> > >> - 5. Mobility > >> > >> I understand how this works when mapping is per-EID, but how does this work > >> when the EID of the system that moves is part of an EID prefix, as > discussed > >> in Section 3.4.1? Even if the answer is a long version of "Don't do that!" > >> it should be explained. > > No, from the start of the LISP design (circa 2007), an prefix is what moves. > And a specific EID is simply a /32 or /128 prefix. Here is a practical > example: > > You have a cluster of servers that communicate together for a particular > application. They application cluster is running in a set of VMs. Those VMs > are assigned EIDs from a common power-of-2 EID-prefix. Those VMs are currently > running in a brick-and-mortar data center. Now there is a desire to move the > VM cluster to a cloud provider. What is moved is the EID-prefix of the > cluster. The mapping system is told that the EID-prefix is changing its RLOC- > set from the brick-and-mortar xTRs to the cloud providers xTRs. > > >> > >> - 7.4. LISP for Virtual Machine Mobility in Data Centers > >> > >> I don't understand how this works when EID prefixes are used, as each VM > >> has its own EID or EIDs, hence the entire prefix range does not move when > >> the VM moves. > >> > >> For OPS-Dir, this EID prefix issue [A] falls under A.1.1 in Appendix A > >> of RFC 5706: Has deployment been discussed? and specifically under: > >> > >> * Is the proposed specification deployable? If not, how could > >> it be improved? > >> > >> as EID prefixes appear to be undeployable for Mobility and VM Mobility > usage. > > See above example. > > >> [B] LISP Multicast vs. EID/RLOC separate > >> > >> - 6. Multicast > >> > >> This is interesting, multicast addresses (G) look like they're an exception > > They are really not. Since multicast addresses *identify* a group of > receivers, it is very much an EID and aheres to the definition of an EID. > Multicast addresses never had topological signficance but the state > representing a distribution tree does tell you were the members are (but the > identity of the members are not know in multicast). > > So it makes perfect sense to register multicast addresses to the mapping > system as EIDs and they can map to RLOCs of sites that have joined the group. > See draft-farinacci-signal-free-multicast as just one example. RFC6831 and > draft-farinacci-lisp-mr-signaling are other examples. > > >> to the EID/RLOC separation as the same destination IP multicast address > >> is used for both purposes. This could use some more discussion, as it's > >> unexpected based on the contents of the draft up to this point. > > I believe the level of detail we have in the introduction document is at the > right level or we'll err on having way too many details crop in. > > >> - 7.2. LISP for IPv6 Co-existence > >> > >> LISP encapsulations allows to transport packets using EIDs from a > >> given address family (e.g., IPv6) with packets from other address > >> families (e.g., IPv4). > >> > >> How does that work for multicast traffic, where the destination address > >> (G) has to be the same in both the inner and outer headers? Are ETRs > >> and ITRs expected to map IPv6 multicast addresses to IPv4 and v.v.? > > The mapping system can map an (S-EID-ipv6, group-ipv6) 2-tuple to a RLOC set > that looked like this (ipv4-multicast, ipv4-unicast) mean the ITR that > receives the packet from S-EID-ipv6 would replicate the packet and multicast > encapsulate to ipv4-multicast and unicast encapsualte to ipv4-unicast. > > >> - 7.3. LISP for Virtual Private Networks > >> > >> This also has multicast problems, as there is only one instance of each > >> multicast address (G) in the underlay network. I think I can figure out > how > > You can map from EID-G to RLOC-G one to one. But we have seen over the last > decade in a half that with general multicast deployment that many-to-1 is > desirable. Hence, now that we have a way to map with a network-based database, > we can map multiple EID-Gs to a single (or multiple) RLOC-Gs. > > >> to make multicast work for this use case, but it's not immediately obvious, > >> and the result when the same underlay multicast address is used by more > >> than one VPN could well deliver some traffic to ETRs that have to discard > > This is a necessary evil when the underlay is state challenged. But it is a > state/bandwidth tradeoff. We have found with MVPN deployment that the network > admin configures the underly or simply unicasts. > > >> it because the Instance ID is wrong (and that excessive delivery is a > >> security consideration, see minor issue on Section 8 below). I think an > >> explanation is in order. > > There are just too many combinations to make a high-level description simple > to understand. The current introduction text does a find job providing > references for someone to go off and get the details. > > >> -- Minor Issues -- > >> > >> There seems to be an implicit assumption that the end host and its > >> ITR (xTR) are in the same domain or Autonomous System. For incremental > > This is true when you call the domain a "LISP site". But if the site is > unchanged and one uses PITRs, maybe even close to the site, like in a PE > router, then the PITR is definitely in another AS. But note I said PITR and > not ITR. The reason being is because an ITR is configured with database- > mapping prefixes that is uses to encapsulate packets from such addresses. > Versus the PITR being an ITR with *no database-mappings* providing a much more > larger/or more aggregtable service. > > >> deployment, I don't think that's always the case, but I think that only > >> has editorial impact on this document, as I don't think any of the > >> fundamental LISP mechanisms are affected. The authors should look for > >> use of "domain" and "Autonomous System" and ensure that the text is > >> generalized to the case where the end host and ITR are more widely > >> separated. > > We are overloaded with terms that create topological or organization boundary. > Hence why we created "LISP site" which is also the same as a "LISP VPN site". > Where a "LISP site" that has multiple tennants would be multiple "LISP VPN > sites". > > >> Despite multiple mentions of incremental deployment, I did not > >> see a discussion of how that might be accomplished. There is some > > There are PxTRs and NATs. And references to the LISP interworking RFC. > > >> useful content in Section 3.5, but that's at best an incomplete > >> explanation. This is an OPS-Dir review concern - it falls under > >> A.1.3 in Appendix A of RFC 5706: Has the migration path been discussed? > >> > >> - 3.3.1. LISP Encapsulation > >> > >> the source port is selected by > >> the ITR and ignored on reception. > >> > >> Please mention multipathing (e.g., ECMP and LAG) as possible influences > >> on how source ports are selected, as this imposes some limits on what an > >> ITR can reasonably do. > > ECMP/LAG don't influence which source port is selected. It is a 5-tuple hash > of the inner header that selects a source port that influences how an underlay > router would load-split traffic. > > >> For OPS-Dir, this multipathing concern falls under A.1.4 in Appendix A of > >> RFC 5706: Have the Requirements on other protocols and functional > >> components been discussed? > >> > >> This decision was made because the > >> typical transport protocols used by the applications already include > >> a checksum, by neglecting the additional UDP encapsulation checksum > >> xTRs can forward packets more efficiently. > >> > >> Groan! I have an exquisite set of scars on UDP zero checksums for IPv6 > >> from working on the MPLS in UDP draft, so I may be overly sensitive to > >> this concern. The downside of this efficiency is that there is no > >> checksum coverage of the IPv6 header when zero UDP checksums are used. > >> That should at least be mentioned here, with a summary of why that's ok > >> - the detailed justification for why that's ok can be left to other > >> documents. > > My head spins every time I hear about this subject. This subject has been > talked about from 100s of people for a decade. We have CRC on links, we have > apps that use TCP and UDP checksums. Nuf said. > > >> > >> -- Nits/Editorial Comments -- > >> > >> - Top of p.4: > >> > >> The initial motivation in the LISP effort is to be find in the > >> > >> "find" -> "found" > >> > >> - Section 3.1, first bullet item > > We will certainly fixe these. Thanks. > > >> > >> Devices are assigned with relatively opaque identity > >> meaningful addresses that are independent of their topological > >> location. > >> > >> I don't understand "relatively opaque identity meaningful" and > >> suggest rewriting the sentence. In particular - opaque to what? > >> meaningful to what in what manner? > > Well beacuse it is as accurate as it can be. If automobiles are going to be > assigned EIDs from a VIN number allocation from a manufacture, the address is > relatively opaque. If a VM in a data-center is going to be assigned an EID > from the set of prefixes already being used and allocated to that data-center, > then there is a good chance that address is in a power-of-2 block that is > summarizable in the IGP. > > >> > >> - Section 3.2, second paragraph > >> > >> Judging from the figure, xTRs are the common case, with single- > >> function ITRs and ETRs being rare. It might be good to say that > >> and discuss when ITRs and ETRs that are not xTRs are appropriate > >> to use. > > When you want egress path selection to happen further out in the toplogical > from the source location, then you put an ITR-only system there. Where ingress > to the same source (destination in this direction), the ETR can be closer to > the destination. > > >> > >> - 3rd paragraph on p.7: > >> > >> > >> Finally, the LISP architecture emphasizes a cost effective > >> incremental deployment. > >> > >> I'd delete "cost effective" here and look for other occurrences > >> of "cost" as candidates for deletion. This is supposed to be > >> a technical document, so discussion of costs is a bit off-target. > > Fair enough. > > >> - First item after Figure 2: > >> > >> 1. HostA retrieves the EID_B of HostB, typically querying the DNS > >> and obtaining and A or AAAA record. > >> > >> "and A" -> "an A" (spelling checkers don't catch everything). > > Already noted and will be fixed. > > >> > >> - 3.3.1. LISP Encapsulation > >> > >> On the other hand, Recursive > >> tunnels are nested tunnels and are implemented by using multiple LISP > >> encapsulations on a packet. > >> > >> The above sentence seems out of place in the middle of a paragraph about > >> Re-encapsulating tunnels and routers - I suggest moving it down into its > >> own paragraph and perhaps adding a sentence about where/how Recursive > >> tunnels may be useful. > > Good suggestion and makes sense. > > >> - 3.3.2. LISP Forwarding State > >> > >> In the LISP architecture, ITRs keep just enough information to route > >> traffic flowing through it. > >> > >> "it." -> "them." > >> > >> Meaning that, ITRs retrieve from the > >> LISP Mapping System mappings between EID prefixes and RLOCs that are > >> used to encapsulate packets. > >> > >> This is the first use of the notion of EID prefixes. That concept should > >> be explained before it is used, although a forward reference to section > >> 3.4.1 may suffice. It might be better to rewrite this paragraph in terms > >> of EIDs and leave the notion of EID prefixes to section 3.4.1. > > Hmm, I'll let Albert and Damien decide if we should state "EID-prefixes" > everywhere instead of just "EID". > > >> > >> - 4.4. MTU Handling > >> > >> Additionally, LISP also recommends inferring reachability of locators > >> by using information provided by the underlay, in particular: > >> > >> It'd be useful to add a sentence or two about how LISP and the techniques > >> in this section interact with host use of PMTUD and PLPMTUD. > > This is a lot of detail because in RFC6830 we have 3 positions or options on > the subject. And we did provide a reference to RFC6830 for this topic. > > >> - Next to last paragraph on p.17: > >> > >> Additionally, LISP also recommends inferring reachability of locators > >> by using information provided by the underlay, in particular: > >> > >> This looks like it's a paragraph early and needs to be moved down to > >> after the paragraph that follows it. > > Agree. > > >> idnits 2.13.01 didn't find any nits. > >> > >> Thanks, > >> --David > > Thanks again David. > > Dino