Cisco Global Routing Summit, August, 2008 Vince Fuller (for the LISP crew) Introduction to LISP+ALT
Cisco Global Routing Summit, August, 2008Slide 2 Agenda What is the problem? What is LISP? Why Locator/ID Separation? Data Plane Operation Finding Mappings – LISP+ALT Open Issues
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 3 Problem Statement There are reasons to believe that current trends in the growth of routing and addressing state on the global Internet may cause difficulty in the long term The Internet needs an easier, more scalable mechanism for multi-homing with traffic engineering
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 4 Problem Statement An Internet-wide replacement of IPv4 with ipv6 represents a one-in-a-generation opportunity to either continue current trends or to deploy something truly innovative and sustainable As currently specified, routing and addressing with ipv6 is not significantly different than with IPv4 – it shares many of the same properties and scaling characteristics More at:
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 5 Scaling of Internet Routing State
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 6 Instead of IP addresses, two numbering spaces: –Endpoint Identifiers (EIDs): hierarchically assigned to sites along administrative lines (like DNS hostnames) Do not change on devices that remain associated with the site; think “PI” but not routable –Routing Locators (RLOCs): assigned according to network topology, like “PA” address assignments Locators are aggregated/abstracted at topological boundaries to keep routing state scalable When site’s connection to network topology changes, so do the locators – aggregation is preserved What is ID/Loc Separation?
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 7 Provider A /8 Provider B /8 R1R2 BGP End Site Benefit (1)Easier Transition to ipv6 (maybe) (2)Change provider without address change Lower OpEx for Sites and Providers (1)Improve site multi-homing (2)Improve provider traffic engineering (3)Reduce size of core routing tables What Features do I get? Site with PI Addresses
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 8 What is LISP? Locator/ID Separation Protocol Ground rules for LISP –Network-based solution –No changes to hosts whatsoever –No new addressing changes to site devices –Very few configuration file changes –Imperative to be incrementally deployable –Address family agnostic
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 9 New Network Elements Ingress Tunnel Router (ITR) –Finds EID to RLOC mapping –Encapsulates to Locators at source site Egress Tunnel Router (ETR) –Owns EID to RLOC mapping –Decapsulates at destination site
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 10 Packet Forwarding Provider A /8 Provider B /8 S ITR D ETR Provider Y /8 Provider X /8 S1 S2 D1 D2 PI EID-prefix /8 PI EID-prefix /8 DNS entry: D.abc.com A EID-prefix: /8 Locator-set: , priority: 1, weight: 50 (D1) , priority: 1, weight: 50 (D2) Mapping Entry > > Legend: EIDs Locators > > > Policy controlled by destination site
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 11 When the ITR has no Mapping ITR needs to obtain from ETR ITR sends Map Request (or Data Probe) ETR returns Map Reply But how do the ITR and ETR hook up? –Using the mapping system, of course
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 12 Mapping System: What and Why Need a scalable EID to Locator mapping lookup mechanism Network based solutions –Have query/reply latency –Can have packet loss characteristics –Or, have a full table like BGP does How does one design a scalable Mapping Service?
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 13 Scaling Constraints Build a large distributed mapping database service Scalability paramount to solution How to scale: (state * rate) If both factors large, we have a problem –state will be O(10 10 ) hosts Aggregate EIDs into EID-prefixes to reduce state –rate must be small Dampen locator reachability status and locator-set changes Each mapping system design does it differently
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 14 Tough Questions/Issues Where to store the mappings? How to find the mappings? Push model or pull model? Full database or cache? Secondary storage? How to secure mapping entries? How to secure control messages? Protecting infrastructure from attacks Control over packet loss and latency
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 15 Ideas Considered DNS – considered, many issues DHTs – considered, research pending CONS – new protocol, hybrid push+pull –Push EID-prefixes at top levels of hierarchy –Pull mappings from lower levels of hierarchy ALT – GRE/BGP based, current focus EMACS – like ALT, but multicast-based NERD – pure Push design
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 16 Why LISP+ALT was Selected Use existing technology where reasonable Low memory impact on ITR Optional data path to reduce latency Allow infrastructure players to achieve new revenue source
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 17 LISP+ALT: What and How Hybrid push/pull approach –ALT pushes aggregates - find ETRs for EID –ITR uses LISP to find RLOCs for specific EID Hierarchical EID prefix assignment –Aggregation of EID prefixes Tunnel-based overlay network BGP used to advertise EIDs on overlay Option for data-triggered Map-Replies
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 18 LISP-ALT Routers and the ALT LISP+ALT routers form “Alternative Logical Topology” (ALT) –Interconnected by tunnels (GRE or …) –eBGP used for EID prefix propagation –Isomorphic topology and EID assignment ITRs and ETRs connect at “edge” Issue: Who runs LISP+ALT routers? –ISPs, IXCs, RIRs, Neutral parties?
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 19 Tunnel and BGP Operation EID prefixes originated into BGP at edge –By ETRs (or by ALT router with “static route” to “low-opex” ETR) ITR learns EID prefixes via eBGP – From ALT router (“low-opex ITR” uses “static default” to ALT router) Map-Request forwarded into the ALT via first- hop ALT router –ALT forwards Map-Request to “owning” ETR for EID prefix ALT routers aggregate prefixes “upward” in the alternative topology
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 20 Legend: EIDs -> Green Locators -> Red GRE Tunnel Low Opex Physical link Data Packet Map-Request Map-Reply ETR ITR EID-prefix /24 LAT > > EID-prefix / > > > ALT-rtr ? > > ? > > ? < /24 < /24 < /16 ? LISP+ALT in action
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 21 Data-Triggered Mappings ITRs have the option of forwarding data for “un-mapped” EIDs into ALT –Effectively attached to Map-Request to ETR, delivered to destination host as side-effect LISP Map-Reply “triggered” from ETR to ITR, installed in ITR cache Following traffic uses cached RLOCs –Just like if Map-Request/Map-Reply done Issue: scaling/complexity/performance
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 22 Hierarchical EID assignment Provider A /8 Provider B /8 R1R2 PI EID-prefix / ISP allocates 1 locator address per physical attachment point (follows network topology) RIR allocates EID-prefixes (follows org/geo hierarchy) Site Legend: EIDs -> Green Locators -> Red
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 23 Issue: Mapping System Security ALT can use existing/proposed BGP security mechanisms (SBGP, etc.) DOS-mitigation using well-known control plane rate-limiting techniques Nonce in LISP protocol exchange More needed?
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 24 Issue: Large-site ETR Policy ALT separates ETR discovery from the ITR-ETR mapping exchange –Very coarse prefixes advertised globally –More-specific info exchanged where needed Regional ETRs could return more- specific mappings for simple TE Alternative to current practice of advertising more-specific prefixes
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 25 Large-site ETR policy example (someday, this will be a pretty, animated slide that shows how LISP and ALT can achieve the same “best exit” effect as advertising more- specifics with MEDs…today is not that day, unfortunately)
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 26 Issue: “low-opex” xTR BGP configuration complexity is a barrier to site-multihoming Remove xTR/CPE BGP requirement: –ITR has “static default EID-prefix route” to “first hop” ALT router –“first hop” ALT router has “static EID- prefix route” pointing to ETR –originates EID prefix on behalf of ETR
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 27 More open ALT issues Who runs the ALT network? –What’s the business model? –Should it be rooted at/run by the RIRs? –Different levels run by different orgs –Should it be free? OK to renumber to get “PI” EID prefix? Interworking/transition strategies (later) Work in standards/ops community (later) Others?
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 28 LISP Internet Drafts draft-farinacci-lisp-08.txt draft-fuller-lisp-alt-02.txt draft-lewis-lisp-interworking-01.txt draft-farinacci-lisp-multicast-00.txt draft-meyer-lisp-eid-block-01.txt draft-mathy-lisp-dht-00.txt draft-iannone-openlisp-implementation-01.txt draft-brim-lisp-analysis-00.txt draft-meyer-lisp-cons-04.txt draft-lear-lisp-nerd-04.txt draft-curran-lisp-emacs-00.txt
Introduction to LISP+ALTCisco Global Routing Summit, August, 2008Slide 29 Questions/Comments? Thanks! Contact us: Information: OpenLISP: