--- 1/draft-ietf-lisp-eid-block-mgmnt-06.txt 2016-04-06 09:16:00.426328307 -0700 +++ 2/draft-ietf-lisp-eid-block-mgmnt-07.txt 2016-04-06 09:16:00.458329107 -0700 @@ -1,52 +1,52 @@ Network Working Group L. Iannone Internet-Draft Telecom ParisTech Intended status: Informational R. Jorgensen -Expires: February 25, 2016 Bredbandsfylket Troms +Expires: October 8, 2016 Bredbandsfylket Troms D. Conrad Virtualized, LLC G. Huston APNIC - Asia Pacific Network Information Center - August 24, 2015 + April 6, 2016 LISP EID Block Management Guidelines - draft-ietf-lisp-eid-block-mgmnt-06.txt + draft-ietf-lisp-eid-block-mgmnt-07.txt Abstract This document proposes a framework for the management of the LISP EID - Prefix. The framework described relies on hierarchical distribution - of the address space, granting temporary usage of sub-prefixes of - such space to requesting organizations. + Address Block. The framework described relies on hierarchical + distribution of the address space, granting temporary usage of + prefixes of such space to requesting organizations. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on February 25, 2016. + This Internet-Draft will expire on October 8, 2016. Copyright Notice - Copyright (c) 2015 IETF Trust and the persons identified as the + Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as @@ -56,82 +56,82 @@ 1. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3 4. EID Prefix Registration Policy . . . . . . . . . . . . . . . . 3 5. EID Prefixes Registration Requirements . . . . . . . . . . . . 4 6. EID Prefix Request Template . . . . . . . . . . . . . . . . . 5 7. Policy Validity Period . . . . . . . . . . . . . . . . . . . . 6 8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 - 10. Procedures to be followed by RIPE NCC . . . . . . . . . . . . 7 + 10. Procedures to be followed by RIPE NCC . . . . . . . . . . . . 8 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 - 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 - 12.1. Normative References . . . . . . . . . . . . . . . . . . 8 - 12.2. Informative References . . . . . . . . . . . . . . . . . 8 - Appendix A. LISP Terms . . . . . . . . . . . . . . . . . . . . . 10 - Appendix B. Document Change Log . . . . . . . . . . . . . . . . . 12 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 + 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 + 12.1. Normative References . . . . . . . . . . . . . . . . . . 9 + 12.2. Informative References . . . . . . . . . . . . . . . . . 9 + Appendix A. Document Change Log . . . . . . . . . . . . . . . . . 10 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 1. Requirements Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Introduction The Locator/ID Separation Protocol (LISP - [RFC6830]) and related mechanisms ([RFC6831], [RFC6832], [RFC6833], [RFC6834], [RFC6835], - [RFC6836], [RFC6837]) separates the IP addressing space into two + [RFC6836], [RFC6837]) separate the IP addressing space into two logical spaces, the End-point IDentifier (EID) space and the Routing LOCator (RLOC) space. The first space is used to identify communication end-points, while the second is used to locate EIDs in the Internet routing infrastructure topology. The document [I-D.ietf-lisp-eid-block] requested an IPv6 address block reservation exclusively for use as EID prefixes in the LISP experiment. The rationale, intent, size, and usage of the EID address block are described in [I-D.ietf-lisp-eid-block]. This document proposes a management framework for the registration of - EID prefixes from that block, allowing the requesting organisation + EID prefixes from that block, allowing the requesting organization exclusive use of those EID prefixes limited to the duration of the LISP experiment. 3. Definition of Terms This document does not introduce any new terms related to the set of LISP Specifications ( [RFC6830], [RFC6831], [RFC6832], [RFC6833], - [RFC6834], [RFC6835], [RFC6836], [RFC6837]). To help the reading of - this document the terminology introduced by LISP is summarized in - Appendix A. + [RFC6834], [RFC6835], [RFC6836], [RFC6837]), but assumes that the + reader is familiar with the LISP terminology. + [I-D.ietf-lisp-introduction] provides an introduction to the LISP + technology, including its terminology. . 4. EID Prefix Registration Policy - The request registration of EID prefixes MUST be done under the + The request for registration of EID prefixes MUST be done under the following policies: 1. EID prefixes are made available in the reserved space on a temporary basis and for experimental uses. The requester of an experimental prefix MUST provide a short description of the intended use or experiment that will be carried out (see Section 6). If the prefix will be used for activities not documented in the original description, the renewal of the registration may be denied. - 2. EID prefix registrations SHOULD be renewed on a regular basis to + 2. EID prefix registrations MUST be renewed on a regular basis to ensure their use by active participants in the experiment. The - registration period is proposed to be 12 months. Registration - renewal SHOULD NOT cause a change in the registered EID prefix. - The conditions of registration renewal should no different to the - conditions of registration. + registration period is 12 months. A renewal SHOULD NOT cause a + change in the EID prefix registered in the previous request. The + conditions of registration renewal are the same as the conditions + of first EID prefix registration request. 3. It is preferable not to reuse EID prefixes whose registration is expired. When an EID prefix registration is removed from the registry, then the reuse of the EID prefix in a subsequent registration on behalf of a different end user should be avoided where possible. If the considerations of overall usage of the EID block prefix requires reuse of a previously registered EID prefix, then a minimum delay of at least one week between removal and subsequent registration SHOULD be applied by the registry operator. @@ -142,60 +142,59 @@ entries is to be specified in the announcement of the cessation of this experiment. 5. EID Prefixes Registration Requirements All EID prefix registrations MUST respect the following requirements: 1. All EID prefix registrations MUST use a globally unique EID prefix. - 2. If there is more than one registry operator, all operators MUST - use the same registry management policies and practices. - - 3. The EID Prefix registration information as specified in + 2. The EID Prefix registration information, as specified in Section 6, MUST be collected upon initial registration and - renewal, and made publicly available though interfaces allowing + renewal, and made publicly available through interfaces allowing both retrieval of specific registration details (search) and enumeration of the entire registry contents (e.g., [RFC7481], - whois, http, or similar access methods). + WHOIS, HTTP, or similar access methods). - 4. The registry operator MUST permit the delegation of EID prefixes + 3. The registry operator MUST permit the delegation of EID prefixes in the reverse DNS space to holders of registered EID prefixes. - 5. Anyone can obtain an entry in the EID prefix registry, on the + 4. Anyone can obtain an entry in the EID prefix registry, on the understanding that the prefix so registered is for the exclusive use in the LISP experimental network, and that their registration details (as specified in Section 6) are openly published in the EID prefix registry. 6. EID Prefix Request Template The following is a basic request template for prefix registration so to ensure a uniform process. Such a template is inspired by the IANA Private Enterprise Number online request form (http://pen.iana.org/pen/PenApplication.page). Note that all details in this registration become part of the - registry, and will be published in the LISP EID Prefix Registry. + registry and will be published in the LISP EID Prefix Registry. The EID Prefix Request template MUST at minimum contain: - 1. Organization (In case of individuals requesting an EID prefix + 1. Organization (In the case of individuals requesting an EID prefix this section can be left empty) (a) Organization Name (b) Organization Address (c) Organization Phone + (d) Organization WebSite + 2. Contact Person (Mandatory) (a) Name (b) Address (c) Phone (d) Fax (optional) @@ -206,33 +205,32 @@ (a) Prefix Size + Expressed as an address prefix length. (b) Prefix Size Rationale (c) Lease Period + Note Well: All EID Prefix registrations will be valid until the earlier date of 12 months from the date of - registration or 31 December 2017. + registration or MMMM/YYYY3. + All registrations may be renewed by the applicant for - further 12 month periods, ending on 31 December 2017. + further 12 month periods, ending on MMMM/YYYY3. + According to the 3+3 year experimentation plan, defined in [I-D.ietf-lisp-eid-block], all registrations MUST end - by 31 December 2017, unless the IETF community decides to - grant a permanent LISP EID address block. In the latter - case, registrations following the present document policy - MUST end by 31 December 2020 and a new policy (to be - decided - see Section 7) will apply starting 1 January - 2021. + by MMMM/YYYY3, unless the IETF community decides to grant + a permanent LISP EID address block. In the latter case, + registrations following the present document policy MUST + end by MMMM/YYYY6 and a new policy (to be decided - see + Section 7) will apply afterwards. 4. Experiment Description (a) Experiment and Deployment Description (b) Interoperability with existing LISP deployments (c) Interoperability with Legacy Internet 5. Reverse DNS Servers (Optional) @@ -244,109 +242,144 @@ (c) Name server name: (d) Name server address: (Repeat if necessary) 7. Policy Validity Period Policy outlined in the present document is tied to the existence of the experimental LISP EID block requested in - [I-D.ietf-lisp-eid-block] and valid until 31 December 2017. + [I-D.ietf-lisp-eid-block] and valid until MMMM/YYYY3. If the IETF decides to transform the block in a permanent allocation, the LISP EID block reserved usage period will be extended for three - years (until 31 December 2020) so to give time to the IETF to define, + years (until MMMM/YYYY6) so as to give time to the IETF to define, following the policies outlined in [RFC5226], the final size of the EID block and create a transition plan, while the policy in the present document will still apply. Note that, as stated in [I-D.ietf-lisp-eid-block], the transition of - the EID block into a permanent allocation, has the potential to pose + the EID block into a permanent allocation has the potential to pose policy issues (as recognized in [RFC2860], section 4.3) and hence discussion with the IANA, the RIR communities, and the IETF community will be necessary to determine appropriate policy for permanent EID - prefix management, which will be effective starting 1 January 2021. + prefix management, which will be effective after MMMM/YYYY6. + + [RFC Editor: please replace MMMM and all its occurrences in the + document with the month of publication of [I-D.ietf-lisp-eid-block] + as RFC.] + + [RFC Editor: please replace YYYY0 and all its occurrences in the + document with the year of publication of [I-D.ietf-lisp-eid-block] as + RFC.] + + [RFC Editor: please replace YYYY3 and all its occurrences in the + document with the year of publication of [I-D.ietf-lisp-eid-block] as + RFC plus 3 years, e.g., if published in 2016 then put 2019.] + + [RFC Editor: please replace YYYY6 and all its occurrences in the + document with the year of publication of [I-D.ietf-lisp-eid-block] as + RFC plus 6 years, e.g., if published in 2016 then put 2022.] 8. Security Considerations This document does not introduce new security threats in the LISP architecture nor in the Legacy Internet architecture. - For accountability reasons, and in line with the security + For accountability reasons and in line with the security considerations in [RFC7020], each registration request MUST contain accurate information on the requesting entity (company, institution, individual, etc.) and valid and accurate contact information of a referral person (see Section 6). 9. IANA Considerations - This document provides only management guidelines for the reserved - LISP EID prefix requested in [I-D.ietf-lisp-eid-block]. + IANA allocated the following IPv6 address block for experimental use + as LISP EID prefix [I-D.ietf-lisp-eid-block]: - There is an operational requirement for an EID registration service - that ensures uniqueness of EIDs according to the requirements - described in Section 5. Furthermore, there is an operational - requirement for EID registration service that allows a lookup of the - contact information of the entity that registered the EID. + o Address Block: 2001:5::/32 - IANA and RIPE NCC agreed for the latter to run such service on behalf - of the former, for the duration of the experiment and following the - procedures outlined in Section 10. + o Name: EID Space for LISP + + o RFC: [I-D.ietf-lisp-eid-block] + + o Further Details at: http://www.iana.org/assignments/ + iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml + + In order to grant requesting organisations and individuals exclusive + use of EID prefixes out of such reserved block (limited to the + duration of the LISP experiment as outlined in Section 7) there is an + operational requirement for an EID registration service. + + Provided that the policies and requirements outlined in Section 4, + Section 5, and Section 6 are respected, EID prefix registration is + accorded based on a "First Come First Served" basis. + + There is no hard limit in the number of registrations an organization + or individual can submit as long as information described in + Section 6 is provided, in particular point 4: "Experiment + Description". + + For the duration defined in [I-D.ietf-lisp-eid-block] RIPE NCC will + manage the the LISP EID prefix as described herein. Therefore, this + document has no IANA actions. 10. Procedures to be followed by RIPE NCC RIPE NCC will provide the registration service following the EID Prefix Registration Policy (Section 4) and the EID Prefix Registration Requirements (Section 5) provided in this document. The request form provided by RIPE NCC will include at least the information from the template in Section 6. RIPE NCC will make publicly available all received requests. While this document does not suggests any minimum allocation size, RIPE NCC is allowed to - introduce such minimum size for menagement purposes. + introduce such minimum size for management purposes. 11. Acknowledgments - Thanks to A. de la Haye, A. Cima, A Pawlik, J. Curran, A. Severin, B. - Haberman, T. Manderson, D. Lewis, D. Farinacci, M. Binderberger, D. - Saucez, E. Lear, for their helpful comments. + Thanks to A. Retana, J. Arko, P. Yee, A. de la Haye, A. Cima, A + Pawlik, J. Curran, A. Severin, B. Haberman, T. Manderson, D. Lewis, + D. Farinacci, M. Binderberger, D. Saucez, E. Lear, for their helpful + comments. The work of Luigi Iannone has been partially supported by the ANR-13- INFR-0009 LISP-Lab Project (www.lisp-lab.org) and the EIT KIC ICT- Labs SOFNETS Project. 12. References 12.1. Normative References [I-D.ietf-lisp-eid-block] Iannone, L., Lewis, D., Meyer, D., and V. Fuller, "LISP - EID Block", draft-ietf-lisp-eid-block-12 (work in - progress), May 2015. + EID Block", draft-ietf-lisp-eid-block-13 (work in + progress), February 2016. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ RFC2119, March 1997, . - [RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing - (CIDR): The Internet Address Assignment and Aggregation - Plan", BCP 122, RFC 4632, DOI 10.17487/RFC4632, - August 2006, . - [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, DOI 10.17487/RFC5226, May 2008, . 12.2. Informative References + [I-D.ietf-lisp-introduction] + Cabellos-Aparicio, A. and D. Saucez, "An Architectural + Introduction to the Locator/ID Separation Protocol + (LISP)", draft-ietf-lisp-introduction-13 (work in + progress), April 2015. + [RFC2860] Carpenter, B., Baker, F., and M. Roberts, "Memorandum of Understanding Concerning the Technical Work of the Internet Assigned Numbers Authority", RFC 2860, DOI 10.17487/RFC2860, June 2000, . [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The Locator/ID Separation Protocol (LISP)", RFC 6830, DOI 10.17487/RFC6830, January 2013, . @@ -390,139 +423,38 @@ [RFC7020] Housley, R., Curran, J., Huston, G., and D. Conrad, "The Internet Numbers Registry System", RFC 7020, DOI 10.17487/ RFC7020, August 2013, . [RFC7481] Hollenbeck, S. and N. Kong, "Security Services for the Registration Data Access Protocol (RDAP)", RFC 7481, DOI 10.17487/RFC7481, March 2015, . -Appendix A. LISP Terms - - LISP operates on two name spaces and introduces several new network - elements. This section provides high-level definitions of the LISP - name spaces and network elements and as such, it must not be - considered as an authoritative source. The reference to the - authoritative document for each term is included in every term - description. - - Legacy Internet: The portion of the Internet that does not run LISP - and does not participate in LISP+ALT or any other mapping system. - - LISP site: A LISP site is a set of routers in an edge network that - are under a single technical administration. LISP routers that - reside in the edge network are the demarcation points to separate - the edge network from the core network. See [RFC6830] for more - details. - - Endpoint ID (EID): An EID is a 32-bit (for IPv4) or 128-bit (for - IPv6) value used in the source and destination address fields of - the first (most inner) LISP header of a packet. A packet that is - emitted by a system contains EIDs in its headers and LISP headers - are prepended only when the packet reaches an Ingress Tunnel - Router (ITR) on the data path to the destination EID. The source - EID is obtained via existing mechanisms used to set a host's - "local" IP address. An EID is allocated to a host from an EID- - prefix block associated with the site where the host is located. - See [RFC6830] for more details. - - EID-prefix: A power-of-two block of EIDs that are allocated to a - site by an address allocation authority. See [RFC6830] for more - details. - - EID-Prefix Aggregate: A set of EID-prefixes said to be aggregatable - in the [RFC4632] sense. That is, an EID-Prefix aggregate is - defined to be a single contiguous power-of-two EID-prefix block. - A prefix and a length characterize such a block. See [RFC6830] - for more details. - - Routing LOCator (RLOC): A RLOC is an IPv4 or IPv6 address of an - egress tunnel router (ETR). A RLOC is the output of an EID-to- - RLOC mapping lookup. An EID maps to one or more RLOCs. - Typically, RLOCs are numbered from topologically aggregatable - blocks that are assigned to a site at each point to which it - attaches to the global Internet; where the topology is defined by - the connectivity of provider networks, RLOCs can be thought of as - Provider Aggregatable (PA) addresses. See [RFC6830] for more - details. - - EID-to-RLOC Mapping: A binding between an EID-Prefix and the RLOC- - set that can be used to reach the EID-Prefix. The general term - "mapping" always refers to an EID-to-RLOC mapping. See [RFC6830] - for more details. - - Ingress Tunnel Router (ITR): An Ingress Tunnel Router (ITR) is a - router that accepts receives IP packets from site end-systems on - one side and sends LISP-encapsulated IP packets toward the - Internet on the other side. The router treats the "inner" IP - destination address as an EID and performs an EID-to-RLOC mapping - lookup. The router then prepends an "outer" IP header with one of - its globally routable RLOCs in the source address field and the - result of the mapping lookup in the destination address field. - See [RFC6830] for more details. - - Egress Tunnel Router (ETR): An Egress Tunnel Router (ETR) receives - LISP-encapsulated IP packets from the Internet on one side and - sends decapsulated IP packets to site end-systems on the other - side. An ETR router accepts an IP packet where the destination - address in the "outer" IP header is one of its own RLOCs. The - router strips the "outer" header and forwards the packet based on - the next IP header found. See [RFC6830] for more details. - - Proxy ITR (PITR): A Proxy-ITR (PITR) acts like an ITR but does so on - behalf of non-LISP sites which send packets to destinations at - LISP sites. See [RFC6832] for more details. +Appendix A. Document Change Log - Proxy ETR (PETR): A Proxy-ETR (PETR) acts like an ETR but does so on - behalf of LISP sites which send packets to destinations at non- - LISP sites. See [RFC6832] for more details. + Version 07 Posted April 2016. - Map Server (MS): A network infrastructure component that learns EID- - to-RLOC mapping entries from an authoritative source (typically an - ETR). A Map Server publishes these mappings in the distributed - mapping system. See [RFC6833] for more details. + o Addressed editorial issues raised in Gen-Art review by Peter Yee. - Map Resolver (MR): A network infrastructure component that accepts - LISP Encapsulated Map-Requests, typically from an ITR, quickly - determines whether or not the destination IP address is part of - the EID namespace; if it is not, a Negative Map-Reply is - immediately returned. Otherwise, the Map Resolver finds the - appropriate EID-to-RLOC mapping by consulting the distributed - mapping database system. See [RFC6833] for more details. + o Removed "Definition of Terms" section as suggested by Peter Yee in + the Gen-Art review. - The LISP Alternative Logical Topology (ALT): The virtual overlay - network made up of tunnels between LISP+ALT Routers. The Border - Gateway Protocol (BGP) runs between ALT Routers and is used to - carry reachability information for EID-prefixes. The ALT provides - a way to forward Map-Requests toward the ETR that "owns" an EID- - prefix. See [RFC6836] for more details. + o Section "IANA Considerations" has been re-written to fix issue + raised by IESG, IANA, and P. Yee. - ALT Router: The device on which runs the ALT. The ALT is a static - network built using tunnels between ALT Routers. These routers - are deployed in a roughly-hierarchical mesh in which routers at - each level in the topology are responsible for aggregating EID- - Prefixes learned from those logically "below" them and advertising - summary prefixes to those logically "above" them. Prefix learning - and propagation between ALT Routers is done using BGP. When an - ALT Router receives an ALT Datagram, it looks up the destination - EID in its forwarding table (composed of EID-Prefix routes it - learned from neighboring ALT Routers) and forwards it to the - logical next-hop on the overlay network. The primary function of - LISP+ALT routers is to provide a lightweight forwarding - infrastructure for LISP control-plane messages (Map-Request and - Map-Reply), and to transport data packets when the packet has the - same destination address in both the inner (encapsulating) - destination and outer destination addresses ((i.e., a Data Probe - packet). See [RFC6830] for more details. + o Deleted bullet allowing multiple operators in the requirements + section. Due to the limited duration of the experiment one single + registration operator (RIPE) is sufficient. -Appendix B. Document Change Log + o Modified the dates, introducing variables, so to allow RFC Editor + to easily update dates by publication as RFC. Version 06 Posted August 2015. o Fixed Authors addresses and typo in section 10. Version 05 Posted July 2015. o Added explicit text about RIPE NCC providing the registration service during the temporary experiment.