Identifier-locator addressing for IPv6
draft-herbert-intarea-ila-00
This document is an Internet-Draft (I-D).
Anyone may submit an I-D to the IETF.
This I-D is not endorsed by the IETF and has no formal standing in the
IETF standards process.
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Expired".
|
|
---|---|---|---|
Authors | Tom Herbert , Petr Lapukhov | ||
Last updated | 2017-10-19 | ||
RFC stream | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | I-D Exists | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-herbert-intarea-ila-00
INTERNET-DRAFT Tom Herbert Intended Status: Informational Quantonium Expires: April 22, 2018 Petr Lapukhov Facebook October 19, 2017 Identifier-locator addressing for IPv6 draft-herbert-intarea-ila-00 Abstract This specification describes identifier-locator addressing (ILA) for IPv6. Identifier-locator addressing differentiates between location and identity of a network node. Part of an address expresses the immutable identity of the node, and another part indicates the location of the node which can be dynamic. Identifier-locator addressing can be used to efficiently implement overlay networks for network virtualization as well as solutions for use cases in mobility. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Copyright and License Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. Herbert Expires April 22, 2018 [Page 1] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4 1.2 Use cases . . . . . . . . . . . . . . . . . . . . . . . . . 6 2 Architectural overview . . . . . . . . . . . . . . . . . . . . . 6 2.1 Addressing . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.2 Network topology . . . . . . . . . . . . . . . . . . . . . . 7 2.3 Translations and mappings . . . . . . . . . . . . . . . . . 8 2.4 ILA routing . . . . . . . . . . . . . . . . . . . . . . . . 8 2.5 ILA domains . . . . . . . . . . . . . . . . . . . . . . . . 9 2.6 ILA control plane . . . . . . . . . . . . . . . . . . . . . 9 3 Address formats . . . . . . . . . . . . . . . . . . . . . . . . 10 3.1 ILA address format . . . . . . . . . . . . . . . . . . . . . 10 3.2 Locators . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.3 Identifiers . . . . . . . . . . . . . . . . . . . . . . . . 10 3.4 Standard identifier representation addresses . . . . . . . . 11 4 Optional identifier formats . . . . . . . . . . . . . . . . . . 12 4.1 Checksum neutral mapping . . . . . . . . . . . . . . . . . . 12 4.2 Identifier types . . . . . . . . . . . . . . . . . . . . . 12 4.2.1 Interface identifiers . . . . . . . . . . . . . . . . . 15 4.2.2 Locally unique identifiers . . . . . . . . . . . . . . . 15 4.2.3 Virtual networking identifiers for IPv4 . . . . . . . . 15 4.2.4 Virtual networking identifiers for IPv6 unicast . . . . 16 4.2.5 Virtual networking identifiers for IPv6 multicast . . . 17 4.2.6 Non-local address identifiers . . . . . . . . . . . . . 18 4.3 SIR addresses with formatted identifiers . . . . . . . . . . 19 4.3.1 SIR for locally unique identifiers . . . . . . . . . . . 19 4.3.2 SIR for virtual addresses . . . . . . . . . . . . . . . 20 4.3.2 SIR for non-local address identifiers . . . . . . . . . 20 5 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.1 Identifier to locator mapping . . . . . . . . . . . . . . . 20 5.2 Address translations . . . . . . . . . . . . . . . . . . . . 21 5.2.1 SIR to ILA address translation . . . . . . . . . . . . . 21 5.2.2 ILA to SIR address translation . . . . . . . . . . . . . 21 5.3 Virtual networking operation . . . . . . . . . . . . . . . . 22 Herbert Expires April 22, 2018 [Page 2] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 5.3.1 Crossing virtual networks . . . . . . . . . . . . . . . 22 5.3.2 IPv4/IPv6 protocol translation . . . . . . . . . . . . . 22 5.4 Transport layer checksums . . . . . . . . . . . . . . . . . 22 5.4.1 Checksum-neutral mapping . . . . . . . . . . . . . . . . 23 5.4.2 Sending an unmodified checksum . . . . . . . . . . . . . 25 5.5 Non-local address mapping . . . . . . . . . . . . . . . . . 25 5.6 Address selection . . . . . . . . . . . . . . . . . . . . . 26 5.7 Duplicate identifier detection . . . . . . . . . . . . . . . 26 5.8 ICMP error handling . . . . . . . . . . . . . . . . . . . . 26 5.8.1 Handling ICMP errors by ILA capable hosts . . . . . . . 26 5.8.2 Handling ICMP errors by non-ILA capable hosts . . . . . 27 5.9 Multicast . . . . . . . . . . . . . . . . . . . . . . . . . 27 6 Motivation for ILA . . . . . . . . . . . . . . . . . . . . . . . 28 6.1 Use cases . . . . . . . . . . . . . . . . . . . . . . . . . 28 6.1.1 Multi-tenant virtualization . . . . . . . . . . . . . . 28 6.1.2 Datacenter virtualization . . . . . . . . . . . . . . . 28 6.1.3 Mobile networks . . . . . . . . . . . . . . . . . . . . 29 6.2 Alternative methods . . . . . . . . . . . . . . . . . . . . 29 6.2.1 ILNP . . . . . . . . . . . . . . . . . . . . . . . . . . 29 6.2.2 Flow label as virtual network identifier . . . . . . . . 30 6.2.3 Extension headers . . . . . . . . . . . . . . . . . . . 30 6.2.4 Encapsulation techniques . . . . . . . . . . . . . . . . 31 7 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 31 8 References . . . . . . . . . . . . . . . . . . . . . . . . . . 32 8.1 Normative References . . . . . . . . . . . . . . . . . . . 32 8.2 Informative References . . . . . . . . . . . . . . . . . . 32 9 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 33 Appendix A: Communication scenarios . . . . . . . . . . . . . . . 34 A.1 Terminology for scenario descriptions . . . . . . . . . . . 34 A.2 Identifier objects . . . . . . . . . . . . . . . . . . . . . 35 A.3 Reference network for scenarios . . . . . . . . . . . . . . 35 A.4 Scenario 1: Object to task . . . . . . . . . . . . . . . . . 36 A.5 Scenario 2: Object to Internet . . . . . . . . . . . . . . . 36 A.6 Scenario 3: Internet to object . . . . . . . . . . . . . . . 36 A.7 Scenario 4: Tenant system to service . . . . . . . . . . . . 37 A.8 Scenario 5: Object to tenant system . . . . . . . . . . . . 37 A.9 Scenario 6: Tenant system to Internet . . . . . . . . . . . 38 A.10 Scenario 7: Internet to tenant system . . . . . . . . . . . 38 A.11 Scenario 8: IPv4 tenant system to object . . . . . . . . . 38 A.12 Tenant to tenant system in the same virtual network . . . . 39 A.12.1 Scenario 9: TS to TS in the same VN using IPV6 . . . . 39 A.12.2 Scenario 10: TS to TS in same VN using IPv4 . . . . . . 39 A.13 Tenant system to tenant system in different virtual networks . . . . . . . . . . . . . . . . . . . . . . . . . 39 A.13.1 Scenario 11: TS to TS in different VNs using IPV6 . . . 39 A.13.2 Scenario 12: TS to TS in different VNs using IPv4 . . . 40 A.13.3 Scenario 13: IPv4 TS to IPv6 TS in different VNs . . . 40 A.14 Scenario 14: Non-local address to tenant system . . . . . . 40 Herbert Expires April 22, 2018 [Page 3] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Appendix B: unique identifier generation . . . . . . . . . . . . . 41 B.1 Globally unique identifiers method . . . . . . . . . . . . . 41 B.2 Universally Unique Identifiers method . . . . . . . . . . . 42 Appendix C: Datacenter task virtualization . . . . . . . . . . . . 42 C.1 Address per task . . . . . . . . . . . . . . . . . . . . . . 42 C.2 Job scheduling . . . . . . . . . . . . . . . . . . . . . . . 43 C.3 Task migration . . . . . . . . . . . . . . . . . . . . . . . 43 C.3.1 Address migration . . . . . . . . . . . . . . . . . . . 44 C.3.2 Connection migration . . . . . . . . . . . . . . . . . . 44 Appendix D: Mobility in wireless networks . . . . . . . . . . . . 45 1 Introduction This specification describes the address formats, protocol operation, and communication scenarios of identifier-locator addressing (ILA). In identifier-locator addressing, an IPv6 address is split into a locator and an identifier component. The locator indicates the topological location in the network for a node, and the identifier indicates the node's identity which refers to the logical or virtual node in communications. Locators are routable within a network, but identifiers typically are not. An application addresses a peer destination by identifier. Identifiers are mapped to locators for transit in the network. The on-the-wire address is composed of a locator and an identifier: the locator is sufficient to route the packet to a physical host, and the identifier allows the receiving host to translate and forward the packet to the application. With identifier-locator addressing, network virtualization and addressing for mobility can be implemented in an IPv6 network without any additional encapsulation headers. Packets sent with identifier- locator addresses look like plain unencapsulated packets (e.g. TCP/IP packets). This method is transparent to the network, so protocol specific mechanisms in network hardware work seamlessly. These mechanisms include hash calculation for ECMP, NIC large segment offload, checksum offload, etc. Some of the concepts for ILA are adapted from Identifier-Locator Network Protocol (ILNP) ([RFC6740], [RFC6741]) which defines a protocol and operations model for identifier-locator addressing in IPv6. Section 6 provides a motivation for ILA and comparison of ILA with alternative methods that achieve similar functionality. 1.1 Terminology ILA Identifier-locator addressing. Herbert Expires April 22, 2018 [Page 4] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 ILA host An end host that is capable of performing ILA translations on transmit or receive. ILA router A network node that performs ILA translation and forwarding of translated packets. ILA node A network node capable of performing ILA translations. This can be an ILA router or ILA host. Locator A network prefix that routes to a physical host. Locators provide the topological location of an addressed node. ILA locators are a sixty-four bit prefixes. Identifier A number that identifies an addressable node in the network independent of its location. ILA identifiers are sixty-four bit values. Identifier address An IP address that contains an identifier. ILA address An IPv6 address composed of a locator (upper sixty-four bits) and an identifier (low order sixty-four bits). ILA domain A unique identifier namespace indicated by a SIR prefix. Each SIR prefix maps to ILA domain. ILA translation The process of translating the upper sixty-four bits of an IPv6 address. Translations may be from a SIR prefix to a locator or a locator to a SIR prefix. SIR Standard identifier representation. SIR prefix A sixty-four bit network prefix used to identify a SIR address. SIR address An IPv6 address composed of a SIR prefix (upper sixty- four bits) and an identifier (lower sixty-four bits). SIR addresses are visible to applications and provide a means to address nodes independent of their location. Virtual address An IPv6 or IPv4 address that resides in the address space of a virtual network. Such addresses may be translated to SIR addresses as an external Herbert Expires April 22, 2018 [Page 5] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 representation of the address outside of the virtual network, or they may be translated to ILA addresses for transit over an underlay network. Topological address An address that refers to a non-virtual node in a network topology. These address physical hosts in a network. Checksum-neutral mapping A method to preserve a correct transport layer checksum when performing ILA translation. When the upper sixty- four bits of an address are overwritten in an ILA translation, a modification can be made to the low order bits of the identifier to offset the checksum difference. 1.2 Use cases ILA use cases include datacenter virtualization, network virtualization, and mobility in cellular and other mobile networks. Section 6 provides details on these use cases. ILA operates at the network layer so it works with any transport layer protocol and can be used at intermediate devices or end nodes. An ILA implementation may include optimizations depending on where in the network it runs. 2 Architectural overview Identifier-locator addressing allows a data plane method to implement network virtualization without encapsulation and its related overheads. The service ILA provides is effectively layer 3 over layer 3 network virtualization (IPv4 or IPv6 over IPv6). 2.1 Addressing ILA performs translations on IPv6 address. There are two types of addresses introduced for ILA: ILA addresses and SIR addresses. ILA addresses are IPv6 addresses that are composed of a locator (upper sixty-four bits) and an identifier (low order sixty-four bits). The identifier serves as the logical addresses of a node, and the locator indicates the location of a node on the network. A SIR address (standard identifier representation) is an IPv6 address that contains an identifier and an application visible SIR prefix. SIR addresses are visible to the application and can be used as connection endpoints. When a packet is sent to a SIR address, an ILA router or host overwrites the SIR prefix with a locator corresponding Herbert Expires April 22, 2018 [Page 6] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 to the identifier. When a peer receives the packet, the locator is overwritten with the original SIR prefix before delivery to the application. In this manner applications only see SIR addresses, they do not have visibility into ILA addresses. ILA translations can transform addresses from one type to another. In network virtualization, virtual addresses can be translated into ILA and SIR addresses, and conversely ILA and SIR addresses can be translated to virtual addresses. 2.2 Network topology ILA nodes are nodes in the network that perform ILA translations. An ILA router is a node that performs ILA address translation and packet forwarding to implement overlay network functionality. ILA routers perform translations on packets sent by end nodes for transport across an underlay network. Packets received by ILA routers on the underlay network have their addresses reversed translated for reception at an end node. An ILA host is an end node that implements ILA functionality for transmitting or receiving packets. ILA nodes are responsible for transit of packets over an underlay network. On ingress, an ILA node (host or router) will translate the virtual or SIR address of a destination to an ILA address. At a peer ILA node, the reverse translation is performed before handing packets to an application. The figure below provides an example topology using ILA. ILA translations performed in one direction between Host A and Host B are denoted. Host A sends a packet with a destination SIR address (step (1)). An ILA router in the path translates the SIR address to an ILA address with a locator. The locator is set to a value that will route packets to a peer ILA node that Host B is downstream of. The packet is forwarded over the network and delivered to the peer ILA node (step 2). The peer ILA node, in this case another ILA router, translates the destination address back to a SIR address and forwards to the final destination (step 3). +--------+ +--------+ | Host A +-+ +--->| Host B | | | | (2) ILA (') | | +--------+ | ...addressed.... ( ) +--------+ V +---+--+ . packet . +---+--+ (_) (1) SIR | | ILA |----->-------->---->| ILA | | (3) SIR addressed +->|router| . . |router|->-+ addressed packet +---+--+ . IPv6 . +---+--+ packet / . Network . / . . +--+-++--------+ Herbert Expires April 22, 2018 [Page 7] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 +--------+ / . . |ILA || Host | | Host +--+ . .- -|host|| | | | . . +--+-++--------+ +--------+ ................ 2.3 Translations and mappings Address translation is the mechanism employed by ILA. Logical or virtual addresses are translated to topological IPv6 addresses for transport to the proper destination. Translation occurs in the upper sixty-four bits of an address, the low order sixty-four bits contains an identifier that is immutable and is not used to route a packet. Each ILA node maintains a mapping table. This table maps identifiers to locators. The mappings are dynamic as nodes with identifiers can be created, destroyed, or move in the network. Mappings are propagated amongst ILA routers or hosts in a network using mapping propagation protocols (mapping propagation protocols will be described in other specifications). Identifiers are not statically bound to a host on the network, and in fact their binding (or location) may change. This is the basis for network virtualization and device mobility. An identifier is mapped to a locator at any given time, and a set of identifier to locator mappings is propagated throughout a network to allow communications. The mappings are kept synchronized so that if an identifier migrates to a new location, its identifier to locator mapping is updated. 2.4 ILA routing ILA is intended to be sufficiently lightweight so that all the hosts in a network could potentially send and receive ILA addressed packets. In order to scale this model and allow for hosts that do not participate in ILA, a routing topology may be applied. A simple routing topology is illustrated below. +---------+--+ (1) Default SIR route |ILA router | (2) Translated dest. +->->->->->->->->->| |->->->->->+ | +------------+ | | V +--------++-----+ +-----++--------+ | || | | || | | Host || ILA | | ILA || Host | | ||host |->->->->->->->->->->->->->->| host|| | +--------++-----+ (5) Direct route +-----++--------+ . . . . (3) Resolve Herbert Expires April 22, 2018 [Page 8] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 (4) Resolve . . Request +--------------+ Reply . ..................>| | . | ILA resolver | ........................| | +--------------+ An ILA router can be addressed by an "anycast" SIR prefix so that it receives packets sent on the network with SIR addresses. When an ILA router receives a SIR addressed packet (step (1) in the diagram) it will perform the ILA translation and send the ILA addressed packet to the destination ILA node (step (2)). If a sending host is ILA capable the triangular routing can be eliminated by performing an ILA resolution protocol. This entails a host sending an ILA resolve request that specifies the SIR address to resolve (step (3) in the figure). An ILA resolver can respond to a resolve request with the identifier to locator mapping (step (4)). Subsequently, the ILA host can perform ILA translation and send directly to the destination specified in the locator (step (5) in the figure). The ILA resolution protocol will be specified in a companion document. In this model an ILA host maintains a cache of identifier mappings for identifiers that it is currently communicating with. ILA routers are expected to maintain a complete list of identifier to locator mappings within the SIR domains that they service. 2.5 ILA domains An ILA domain defines a namespace for identifiers. Identifiers must be unique within an ILA domain. Each SIR prefix maps to one ILA domain so that the combination of a SIR prefix and an identifier (a SIR address) uniquely identifies a node. More than one SIR prefix may be associated with a domain in which case SIR addresses with different SIR prefixes but the same identifier would refer to the same node. Locators MUST map to only one SIR domain in order to ensure that translation from a locator to SIR prefix is unambiguous. 2.6 ILA control plane ILA routers and ILA hosts assume a control plane that propagates the tables that map SIR addresses to ILA address (or just identifier to locator mappings). There are several possible methods for control planes that have been proposed including synchronized configuration, BGP, DNS, and NoSQL databases. Defining a specific control plane for ILA is out of scope of this document. Herbert Expires April 22, 2018 [Page 9] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 3 Address formats 3.1 ILA address format An ILA address is composed of a locator and an identifier where each occupies sixty-four bits (similar to the encoding in ILNP [RFC6741]). | 64 bits | 64 bits | +--------------------------------+-------------------------------+ | Locator | Identifier | +----------------------------------------------------------------+ Note that there is no technical reason why identifiers and locators must be sixty-four bits. Different sizes could be used. The split is somewhat arbitrary, however it does simplify the description and implementation. For instance, sixty-four bits is the size of a "long long" native data type in several computer architectures. It is conceivable that a different arrangement could be used for some ILA domain. However, for the purposes of this document we assume the 64/64 split. 3.2 Locators Locators are routable network address prefixes that create topological addresses for physical hosts within the network. They SHOULD be assigned from a global address block [RFC3587]. The format of an ILA address with a global unicast locator is: |<---------- Locator ----------->| |3 bits| N bits | M bits | 64 bits | +------+-------------+---------+---------------------------------+ | 001 | Global prefix | Subnet | Identifier | +------+---------------+---------+-------------------------------+ 3.3 Identifiers Identifiers uniquely identify logical nodes in an ILA domain. The format of an ILA identifier is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Herbert Expires April 22, 2018 [Page 10] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Identifiers are specified to be sixty-four bit values that are unstructured. A structure and format for identifiers MAY be defined for a domain; for instance the operator of an ILA domain may define the use of prefixes for its identifiers in order to facilitate hierarchies of its identifiers. Section 4 defines optional ILA formats that an ILA domain might impose locally that allow different types of identifiers as well as an indication of checksum neutral mapping. 3.4 Standard identifier representation addresses An identifier identifies objects or nodes in a network. For instance, an identifier may refer to a specific host, virtual machine, or tenant system. When a host initiates a connection or sends a packet, it uses an identifier to indicate the peer endpoint of the communication. The endpoints of an established connection context are also referenced by identifiers (encoded in SIR addresses). It is only when the packet is actually being sent over a network that the locator for the identifier needs to be resolved. In order to maintain compatibility with existing networking stacks and applications, identifiers are encoded in IPv6 addresses using a standard identifier representation (SIR) address. A SIR address is a combination of a prefix which occupies what would be the locator portion of an ILA address, and the identifier in its usual location. The format of a SIR address is: | 64 bits | 64 bits | +--------------------------------+-------------------------------+ | SIR prefix | Identifier | +----------------------------------------------------------------+ A SIR prefix SHOULD be a globally routable prefix per [RFC3587]. A globally routable SIR prefix facilitates connectivity between hosts on the Internet and ILA nodes. An ILA router between a site's network and the Internet can translate between SIR prefix and locator for an identifier. A network may have multiple SIR prefixes where each prefix defines a unique identifier space. Locators MUST only be associated with one SIR prefix. This ensures that if a translation from a SIR address to an ILA address is performed when sending a packet, the reverse translation at the receiver yields the same SIR address that was seen at the transmitter. This also ensures that a reverse checksum-neutral mapping can be performed at a receiver to restore the addresses that were included in a pseudo header for setting a transport checksum. Herbert Expires April 22, 2018 [Page 11] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 A standard identifier representation address can be used as the externally visible address for a node. This can used throughout the network, returned in DNS AAAA records [RFC3363], used in logging, etc. An application can use a SIR address without knowledge that it encodes an identifier. 4 Optional identifier formats This section describes optional identifier formats that allow for different types of identifiers, groups of identifiers, and checksum neutral mapping being applied. Note that identifiers are defined as unstructured fields, there is no required structure imposed on them. An administrator MAY impose an identifier format within an ILA domain. Any imposed structure is local only to the domain and all ILA nodes within the domain must agree on the format. A format might include optional elements as described below, or may include other elements customized for a domain. 4.1 Checksum neutral mapping Checksum neutral mapping is an optional mechanism that may be applied to an ILA address (see section 5.4.1 for description of checksum- neutral mapping). When employed the checksum neutral mapping occupies the low order sixteen bits of the identifier in a locator address. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identifier | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Checksum-neutral adjustment | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The presence of the checksum-neutral adjustment field must be unambiguous. An optional C-bit flag could be used in the identifier to indicate the checksum-neutral field is valid. The use of the C-bit is demonstrated below. Alternatively, within an ILA domain an operator could require it to be assumed that all ILA addresses have the checksum-neutral field set so that an explicit flag is not needed. Note that checksum-neutral adjustment is not used with SIR addresses. 4.2 Identifier types This section describes an optional identifier format that allows for different types of identifiers and an indication of checksum neutral mapping being applied. Herbert Expires April 22, 2018 [Page 12] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Note that the identifier type format is optional. If this is not used within an ILA domain then all ILA nodes assume that all identifiers are of the same type (locally unique identifier for instance). The optional type format of an ILA identifier with the checksum adjust flag is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type|C| Identifier | +-+-+-+-+ | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Fields are: o Type: Type of the identifier (see below). o C: The C-bit. This indicates that checksum-neutral mapping applied (see below). Presence of this field is optional. o Identifier: Identifier value. Identifier types allow standard encodings for common uses of identifiers. Defined identifier types are: 0: interface identifier 1: locally unique identifier 2: virtual networking identifier for IPv4 address 3: virtual networking identifier for IPv6 unicast address 4: virtual networking identifier for IPv6 multicast address 5: non-local address identfier 6-7: Reserved If the C-bit is set then the low order sixteen bits of an identifier contain the adjustment for checksum-neutral mapping (see section 4.4.1 for description of checksum-neutral mapping). The format of an identifier with checksum neutral mapping is: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 Herbert Expires April 22, 2018 [Page 13] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type|1| Identifier | +-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Checksum-neutral adjustment | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Herbert Expires April 22, 2018 [Page 14] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 4.2.1 Interface identifiers The interface identifier type indicates a plain local scope interface identifier. When this type is used the address is a normal IPv6 address without identifier-locator semantics. The purpose of this type is to allow normal IPv6 addresses to be defined within the same networking prefix as ILA addresses. Type bits and C-bit MUST be zero. The format of an ILA interface identifier address is: | 64 bits |3 bits|1| 60 bits | +----------------------------+------+---------------------------+ | Prefix | 0x0 |0| IID | +---------------------------------------------------------------+ 4.2.2 Locally unique identifiers Locally unique identifiers (LUI) can be created for various addressable objects within a network. These identifiers are in a flat space and must be unique within a SIR domain (unique within a site for instance). To simplify administration, hierarchical allocation of locally unique identifiers may be performed. The format of an ILA address with locally unique identifiers is: | 64 bits |3 bits|1| 60 bits | +----------------------------+------+---------------------------+ | Locator | 0x1 |C| Locally unique ident. | +---------------------------------------------------------------+ The figure below illustrates the translation from SIR address to an ILA address as would be performed when a node sends to a SIR address. Note the low order 16 bits of the identifier may be modified as the checksum-neutral adjustment. The reverse translation of ILA address to SIR address is symmetric. +----------------------------+------+---------------------------+ | SIR prefix | 0x1 |0| Identifier | +---------------------------------------------------------------+ | | | SIR prefix to locator C-bit if needed | V V V +----------------------------+------+---------------------------+ | Locator | 0x1 |C| Identifier | +---------------------------------------------------------------+ 4.2.3 Virtual networking identifiers for IPv4 This type defines a format for encoding an IPv4 virtual address and virtual network identifier within an identifier. The format of an ILA Herbert Expires April 22, 2018 [Page 15] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 address for IPv4 virtual networking is: | 64 bits |3 bits|1| 28 bits | 32 bits | +----------------------------+------+-----------+----------------+ | Locator | 0x2 |C| VNID | VADDR | +----------------------------------------------------------------+ VNID is a virtual network identifier and VADDR is a virtual address within the virtual network indicated by the VNID. The VADDR can be an IPv4 unicast or multicast address, and may often be in a private address space (i.e. [RFC1918]) used in the virtual network. Translating a virtual IPv4 address into an ILA or SIR address and the reverse translation are straight forward. Note that the low order 16 bits of the IPv6 address may be modified as the checksum-neutral adjustment and that this translation implies protocol translation between IPv4 and IPv6. +----------------+ | IPv4 address | +----------------+ ^ | V +----------------------------+------+-----------+----------------+ | Locator or SIR prefix | 0x2 |C| VNID | IPv4 address | +----------------------------------------------------------------+ 4.2.4 Virtual networking identifiers for IPv6 unicast In this format, a virtual network identifier and virtual IPv6 unicast address are encoded within an identifier. To facilitate encoding of virtual addresses, there is a unique mapping between a VNID and a ninety-six bit prefix of the virtual address. The format an IPv6 unicast encoding with VNID in an ILA address is: | 64 bits |3 bits|1| 28 bits | 32 bits | +------------------------------+------+--------------+-----------+ | Locator | 0x3 |C| VNID | VADDR6L | +----------------------------------------------------------------+ VADDR6L contains the low order 32 bits of the IPv6 virtual address. The upper 96 bits of the virtual address inferred from the VNID to prefix mapping. Note that for ILA translations the low order sixteen of the VADDR6L may be modified for checksum-neutral adjustment. The figure below illustrates encoding a tenant IPv6 virtual unicast address into a ILA or SIR address. Herbert Expires April 22, 2018 [Page 16] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 +----------------------------------------------+-----------------+ | Tenant prefix | VADDR6L | +-----------------------+-------------------------------+--------+ | | +-prefix to VNID-+ | | | v v +---------------------------+------+-----------+-----------------+ | Locator or SIR prefix | 0x3 |C| VNID | VADDR6L | +----------------------------------------------------------------+ This encoding is reversible, given an ILA address, the virtual address visible to the tenant can be deduced: +---------------------------+------+-----------+-----------------+ | Locator or SIR prefix | 0x3 |C| VNID | VADDR6L | +----------------------------------------+-----------------------+ | | +-VNID to prefix-+ | | | v v +----------------------------------------------+-----------------+ | Tenant prefix | VADDR6L | +----------------------------------------------------------------+ 4.2.5 Virtual networking identifiers for IPv6 multicast In this format, a virtual network identifier and virtual IPv6 multicast address are encoded within an identifier. /* IPv6 multicast address with VNID encoding in an ILA address */ | 64 bits |3 bits|1|28 bits |4 bits| 28 bits | +--------------------------+------+------------------------------+ | Locator | 0x4 |C| VNID |Scope | MADDR6L | +----------------------------------------------------------------+ This format encodes an IPv6 multicast address in an identifier. The scope indicates multicast address scope as defined in [RFC7346]. MADDR6L is the low order 28 bits of the multicast address. The full multicast address is thus: ff0<Scope>::<MADDRL6 high 12 bits>:<MADDRL6 low 16 bits> And so can encode multicast addresses of the form: ff0X::0 to ff0X::0fff:ffff The figure below illustrates encoding a tenant IPv6 virtual multicast Herbert Expires April 22, 2018 [Page 17] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 address in an ILA or SIR address. Note that low order sixteen bits of MADDR6L may be modified to be the checksum-neutral adjustment. | 12 bits | 4 bits| 84 bits | 28 bits | +---------+-------+-----------------------------------+----------+ | 0xfff | Scope | 0's | MADDR6L | +-------------+---------------------------------------------+----+ | | +------------------------------------+ | | | v v +--------------------------+------+------------------------------+ | Locator or SIR prefix | 0x4 |C| VNID |Scope | MADDR6L | +----------------------------------------------------------------+ This translation is reversible: +--------------------------+------+------------------------------+ | Locator or SIR prefix | 0x4 |C| VNID |Scope | MADDR6L | +----------------------------------------------------------------+ | | +------------------------------------+ | | | V V +---------+-------+-----------------------------------+----------+ | 0xfff | Scope | 0's | MADDR6L | +-------------+---------------------------------------------+----+ 4.2.6 Non-local address identifiers Non-local address identifiers allow mapping an arbitrary address to an ILA address. The mapping system contains an entry that associates an IPv6 address with an identifier. The associated IP address does not need to be a SIR address or even in the same routing domain. The format of a non-local address identifier is /* Non local identifier address mapping */ | 64 bits |3 bits|1| 44 bits | 16 bits | +--------------------------+------+------------------------------+ | Locator | 0x5 |C| Identifier | csum adj | +----------------------------------------------------------------+ If the checksum adjust field is present it is not part of the identifier that is used in the mapping lookup. The high order bits of the address were originally not a SIR prefix, so it cannot be assumed the checksum adjustment is based on s SIR prefix. The identifier is taken to be the forty-four bits that precede the checksum adjustment Herbert Expires April 22, 2018 [Page 18] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 field. When creating the ILA address, the checksum adjustment field is initialized to zero and then set based on checksum difference between the original non-local address and the ILA address. The figure below illustrates encoding an address into a locator address. /* Non local address identifier */ +----------------------------------------------------------------+ | Address | +----------------------------------------------------------------+ | +--------------+ | V +-------------------------------+--------------------------------+ | Locator | 0x5 |C| Identifier | Csum-adj | +-------------------------------+--------------------------------+ A reverse translation is performed based on a lookup in the mapping table on the identifier (44 bits as shown above). The result of the lookup provides the original address. +-------------------------------+--------------------------------+ | Locator | 0x5 |C| Identifier | Csum-adj | +-------------------------------+--------------------------------+ | +-------------+ | V +----------------------------------------------------------------+ | Address | +----------------------------------------------------------------+ 4.3 SIR addresses with formatted identifiers The format of a SIR address with a formatted identifier is: | 64 bits |3 bits|1| 60 bits | +--------------------------------+-------------------------------+ | SIR prefix | Type |0| Identifier | +----------------------------------------------------------------+ The C-bit (checksum-neutral mapping) MUST be zero for a SIR address. Type may be any identifier type except zero (interface identifiers) 4.3.1 SIR for locally unique identifiers Herbert Expires April 22, 2018 [Page 19] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 The SIR address for a locally unique identifier has format: | 64 bits |3 bits|1| 60 bits | +--------------------------------+-------------------------------+ | SIR prefix | 0x1 |0|Locally unique ident. | +----------------------------------------------------------------+ 4.3.2 SIR for virtual addresses A virtual address can be encoded using the standard identifier representation. For example, the SIR address for an IPv6 virtual address may be: | 64 bits |3 bits|1| 28 bits | 32 bits | +--------------------------------+------+------------+-----------+ | SIR prefix | 0x3 |0| VNID | VADDRL6 | +----------------------------------------------------------------+ Note that this allows three representations of the same address in he network: as a virtual address, a SIR address, and an ILA address. 4.3.2 SIR for non-local address identifiers A non-local address identifier can be encoded using the standard identifier representation. For example, an encoding may be: | 64 bits |3 bits|1| 44 bits | 16 bits | +--------------------------------+------+--------------+---------+ | SIR prefix | 0x5 |0| Identifier | 0 | +----------------------------------------------------------------+ Note that lower order sixteen bits are set to zero since that would be the checksum adjustment value bits if translated to an ILA address. 5 Operation This section describes operation methods for using identifier-locator addressing. 5.1 Identifier to locator mapping An application initiates a communication or flow using a SIR address or virtual address for a destination. In order to send a packet on the network, the destination address is translated by an ILA node in the path. An ILA node maintains a list of mappings from identifier to locator to perform this translation. Herbert Expires April 22, 2018 [Page 20] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 The mechanisms of propagating and maintaining identifier to locator mappings are outside the scope of this document. 5.2 Address translations With ILA, address translation is performed to convert SIR addresses to ILA addresses, and ILA addresses to SIR addresses. Translation is usually done on a destination address as a form of source routing, however translation on source virtual addresses to SIR addresses can also be done to support some network virtualization scenarios (see section Appendix A for examples). 5.2.1 SIR to ILA address translation When translating a SIR address to an ILA address, the SIR prefix in the address is overridden with a locator, and checksum neutral mapping may be performed. Since this operation is potentially done for every packet the process should be very efficient (particularly the lookup and checksum processing operations). The typical steps to transmit a packet using ILA are: 1) Host stack creates a packet with source address set to a local address (possibly a SIR address) for the local identity, and the destination address is set to the SIR address or virtual address for the peer. The peer address may have been discovered through DNS or other means. 2) An ILA node translates the packet to use the locator. If the original destination address is a SIR address then the SIR prefix is overwritten with the locator. If the original packet is a virtually addressed tenant packet then the virtual address is translated per section 4.2. The locator is discovered by a lookup in the locator to identifier mappings. 3) The ILA node performs checksum-neutral mapping if configured for that (section 5.4). 4) Packet is forwarded on the wire. The network routes the packet to the node indicated by the locator. 5.2.2 ILA to SIR address translation When a destination node (ILA router or end host) receives an ILA addressed packet, the ILA address MUST be translated back to a SIR address (or virtual address) before upper layer processing. The steps of receive processing are: Herbert Expires April 22, 2018 [Page 21] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 1) Packet is received. The destination locator is verified to match a locator assigned to the node. 2) A lookup is performed on the destination identifier to find if it addresses a local identifier. If match is found, either the locator is overwritten with SIR prefix (for locally unique identifier type) or the address is translated back to a tenant virtual address. 3) Perform reverse checksum-neutral mapping if C-bit is set (section 5.4). 4) Perform any optional policy checks; for instance that the source may send a packet to the destination address, that packet is not illegitimately crossing virtual networks, etc. 5) Forward packet to the application. 5.3 Virtual networking operation When using ILA with virtual networking identifiers, address translation is performed to convert tenant virtual network and virtual addresses to ILA addresses, and ILA addresses back to a virtual network and tenant's virtual addresses. Translation may occur on either source address, destination address, or both (see scenarios for virtual networking in Appendix A). Address translation is performed similar to the SIR translation cases described above. 5.3.1 Crossing virtual networks With explicit configuration, virtual network hosts may communicate directly with virtual hosts in another virtual network by using SIR addresses for virtualization in both the source and destination addresses. This might be done to allow services in one virtual network to be accessed from another (by prior agreement between tenants). See appendix A.13 for example of ILA addressing for such a scenario. 5.3.2 IPv4/IPv6 protocol translation An IPv4 tenant may send a packet that is converted to an IPv6 packet with ILA addresses. Similarly, an IPv6 packet with ILA addresses may be converted to an IPv4 packet to be received by an IPv4-only tenant. These are IPv4/IPv6 stateless protocol translations as described in [RFC6144] and [RFC6145]. See appendix A.12 for a description of these scenarios. 5.4 Transport layer checksums Herbert Expires April 22, 2018 [Page 22] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Packets undergoing ILA translation may encapsulate transport layer checksums (e.g. TCP or UDP) that include a pseudo header that is affected by the translation. ILA provides two alternatives do deal with this: o Perform a checksum-neutral mapping to ensure that an encapsulated transport layer checksum is kept correct on the wire. o Send the checksum as-is, that is send the checksum value based on the pseudo header before translation. Some intermediate devices that are not the actual end point of a transport protocol may attempt to validate transport layer checksums. In particular, many Network Interface Cards (NICs) have offload capabilities to validate transport layer checksums (including any pseudo header) and return a result of validation to the host. Typically, these devices will not drop packets with bad checksums, they just pass a result to the host. Checksum offload is a performance benefit, so if packets have incorrect checksums on the wire this benefit is lost. With this incentive, using checksum- neutral mapping is recommended. If it is known that the addresses of a packet are not included in a transport checksum, for instance a GRE packet is being encapsulated, then a source may choose not to perform checksum-neutral mapping. 5.4.1 Checksum-neutral mapping When a change is made to one of the IP header fields in the IPv6 pseudo-header checksum (such as one of the IP addresses), the checksum field in the transport layer header may become invalid. Fortunately, an incremental change in the area covered by the Internet standard checksum [RFC1071] will result in a well-defined change to the checksum value [RFC1624]. So, a checksum change caused by modifying part of the area covered by the checksum can be corrected by making a complementary change to a different 16-bit field covered by the same checksum. ILA can perform a checksum-neutral mapping when a SIR prefix or virtual address is translated to a locator in an IPv6 address, and performs the reverse mapping when translating a locator back to a SIR prefix or virtual address. The low order sixteen bits of the identifier contain the checksum adjustment value for ILA. On transmission, the translation process is: 1) Compute the one's complement difference between the SIR prefix Herbert Expires April 22, 2018 [Page 23] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 and the locator. Fold this value to 16 bits (add-with-carry four 16-bit words of the difference). 2) If the C-bit is to be used then add-with-carry the bit-wise not of the 0x1000 (i.e. 0xefff) to the value from #1. This compensates the checksum for setting the C-bit. 3) Add-with-carry the value from #2 to the low order sixteen bits of the identifier. 4) Set the resultant value from #3 in the low order sixteen bits of the identifier and set the C-bit if it is to be present. Note that the "adjustment" (the 16-bit value set in the identifier) is fixed for a given SIR to locator mapping, so the adjustment value can be saved in an associated data structure for a mapping to avoid computing it for each translation. On reception of an ILA addressed packet, if checksum-neutral mapping is applied to the packet (either the C-bit is set or its used is assumed for the ILA domain): 1) Compute the one's complement difference between the locator in the address and the SIR prefix that the locator is being translated to. Fold this value to 16 bits (add-with-carry four 16-bit words of the difference). 2) If the C-bit is used then add-with-carry 0x1000 to the value from #1. This compensates the checksum for clearing the C-bit. 3) Add-with-carry the value from #2 to the low order sixteen bits of the identifier. 4) Set the resultant value from #3 in the low order sixteen bits of the identifier and clear the C-bit if its present. This restores the original identifier sent in the packet. Note that receive checksum-neutral mapping process requires that the original upper sixty four bits in the address can be deduced. The method for this is different based on identifier type: o interface identifier: checksum-neutral mapping is not used. o locally unique identifier: the SIR prefix is inferred from the one to one mapping with a locator. o virtual network identifier for IPv4: the original upper sixty- four bits are assumed to be zero. Herbert Expires April 22, 2018 [Page 24] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 o virtual network identifier for IPv6 unicast: the VNID in the identifier is mapped to a tenant prefix that includes the original upper sixty-four bits. o virtual network identifier for IPv6 multicast: the original upper sixty-four bits can be deduced by from the scope field in the identifier and fixed field of the multicast address. o non-local address identifier: the identifier, not including the low order sixteen bits of the address, is used to lookup the original address. Since the full address is provided by the lookup, the process to undo a checksum-neutral mapping cam be obviated in this case 5.4.2 Sending an unmodified checksum When sending an unmodified checksum, the checksum is incorrect as viewed in the packet on the wire. At the receiver, ILA translation of the destination ILA address back to the SIR address occurs before transport layer processing. This ensures that the checksum can be verified when processing the transport layer header containing the checksum. Intermediate devices are not expected to drop packets due to a bad transport layer checksum. 5.5 Non-local address mapping Non-local addresses may be mapped into ILA addresses using non-local address identifiers. This allows transit of such addresses across the underlay of an ILA domain. This would be useful for handling addresses in a network that originate from an external source. An example of this would be roaming in cellular network so that a device can continue using addresses that are part of its home network. A packet may be forwarded to an ILA router that has a non-local destination address which is not a SIR address for the domain. An ILA router can perform a lookup on the full address in an alternate mapping table. If there is a match, an identifier is returned that reverses maps to the address. This identifier is in the ILA domain space and identifies the node with the non-local address. A normal mapping table lookup can then be done to get the locator for the node in the ILA domain. At a peer ILA router, a lookup is performed on the destination identifier in a table that maps the non-local address identifier to the original non-local address. If an entry is found, the address is set in the destination address and the packet is forward to the destination. Herbert Expires April 22, 2018 [Page 25] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Note that the non-local address to identifier mapping and its reverse mapping must be set in the table before hand. 5.6 Address selection There may be multiple possibilities for creating either a source or destination address. A node may be associated with more than one identifier, and there may be multiple locators for a particular identifier. The choice of locator or identifier is implementation or configuration specific. The selection of an identifier occurs at flow creation and must be invariant for the duration of the flow. Locator selection must be done at least once per flow, and the locator associated with the destination of a flow may change during the lifetime of the flow (for instance in the case of a migrating connection it will change). ILA address selection should follow specifications in Default Address Selection for Internet Protocol Version 6 (IPv6) [RFC6724]. 5.7 Duplicate identifier detection As part of implementing the locator to identifier mapping, duplicate identifier detection should be implemented in a centralized control plane. A registry of identifiers could be maintained (possibly in association with the identifier to locator mapping database). When a node creates an identifier it registers the identifier, and when the identifier is no longer in use the identifier is unregistered. The control plane should able to detect a registration attempt for an existing identifier and deny the request. 5.8 ICMP error handling A packet that contains an ILA address may cause ICMP errors within the network. In this case the ICMP data contains an IP header with an ILA address. ICMP messages are sent back to the source address in the packet. Upon receiving an ICMP error the host will process it differently depending on whether it is ILA capable. 5.8.1 Handling ICMP errors by ILA capable hosts If a host is ILA capable it can attempt to reverse translate the ILA address in the destination of a header in the ICMP data back to a SIR address that was originally used to transmit the packet. The steps are: 1) Assume that the upper sixty-four bits of the destination address in the ICMP data is a locator. Match these bits to a SIR address. If the host is only in one SIR domain, then the mapping to SIR address is implicit. If the host is in multiple Herbert Expires April 22, 2018 [Page 26] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 domains then a locator to SIR addresses table can be maintained for this lookup. 2) If the identifier includes checksum-neutral mapping, undo the checksum-neutral mapping using the SIR address found in #1 and the process in section 5.4.1. The resulting identifier address is potentially the original address used to send the packet. 3) Lookup the identifier in the identifier to locator mapping table. If an entry is found compare the locator in the entry to the locator (upper sixty-four bits) of the destination address in the IP header of the ICMP data. If these match then proceed to next step. 4) Overwrite the upper sixty-four bits of the destination address in the ICMP data with the found SIR address and overwrite the low order sixty-four bits with the found identifier (the result of undoing checksum-neutral mapping). The resulting address should be the original SIR address used in sending. The ICMP error packet can then be received by the stack for further processing. 5.8.2 Handling ICMP errors by non-ILA capable hosts A non-ILA capable host may receive an ICMP error generated by the network that contains an ILA address in IP header contained in the ICMP data. This would happen in the case that an ILA router performed translation on a packet the host sent and that packet subsequently generated an ICMP error. In this case the host receiving the error message will attempt to find the connection state corresponding to the packet header in the ICMP data. Since the host is unaware of ILA the lookup for connection state should fail. Because the host cannot recover the original addresses it used to send the packet, it won't be able any to derive any useful information about the original destination of the packet that it sent. If packets for a flow are always routed through an ILA router in both directions, for example ILA routers are coincident with edge routes in a network, then ICMP errors could be intercepted by an intermediate node which could translate the destination addresses in ICMP data back to the original SIR addresses. A receiving host would then see the destination address in the packet of the ICMP data to be that it used to transmit the original packet. 5.9 Multicast ILA is generally not intended for use with multicast. In the case of multicast, routing of packets is based on the source address. Neither Herbert Expires April 22, 2018 [Page 27] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 the SIR address nor an ILA address is suitable for use as a source address in a multicast packet. A SIR address is unroutable and hence would make a multicast packet unroutable if used as a source address. Using an ILA address as the source address makes the multicast packet routable, but this exposes ILA address to applications which is especially problematic on a multicast receiver that doesn't support ILA. If all multicast receivers are known to support ILA, a local locator address may be used in the source address of the multicast packet. In this case, each receiver will translate the source address from an ILA address to a SIR address before delivering packets to an application. 6 Motivation for ILA 6.1 Use cases 6.1.1 Multi-tenant virtualization In multi-tenant virtualization overlay networks are established for tenants to provide virtual networks. Each tenant may have one or more virtual networks and a tenant's nodes are assigned virtual addresses within virtual networks. Identifier-locator addressing may be used as an alternative to traditional network virtualization encapsulation protocols used to create overlay networks (e.g. VXLAN [RFC7348]). Tenant systems (e.g. VMs) run on physical hosts and may migrate to different hosts. A tenant system is identified by a virtual address and virtual networking identifier of a corresponding virtual network. ILA can encode the virtual address and a virtual networking identifier in an ILA identifier. Each identifier is mapped to a locator that indicates the current host where the tenant system resides. Nodes that send to the tenant system set the locator per the mapping. When a tenant system migrates its identifier to locator mapping is updated and communicating nodes will use the new mapping. 6.1.2 Datacenter virtualization Datacenter virtualization virtualizes networking resources. Various objects within a datacenter can be assigned addresses and serve as logical endpoints of communication. A large address space, for example that of IPv6, allows addressing to be used beyond the traditional concepts of host based addressing. Addressed objects can include tasks, virtual IP addresses (VIPs), pieces of content, disk blocks, etc. Each object has a location which is given by the host on which an object resides. Some objects may be migratable between hosts such that their location changes over time. Herbert Expires April 22, 2018 [Page 28] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Objects are identified by a unique identifier within a namespace for the datacenter (appendix B discusses methods to create unique identifiers for ILA). Each identifier is mapped to a locator that indicates the current host where the object resides. Nodes that send to an object set the locator per the mapping. When an object migrates its identifier to locator mapping is updated and communicating nodes will use the new mapping. A datacenter object of particular interest is tasks, units of execution for for applications. The goal of virtualzing tasks is to maximize resource efficiency and job scheduling. Tasks share many properties of tenant systems, however they are finer grained objects, may have a shorter lifetimes, and are likely created in greater numbers. Appendix C provides more detail and motivation for virtualizing tasks using ILA. 6.1.3 Mobile networks ILA may be applied as a solution for mobility in mobile networks (such as cellular networks). In mobile networks, devices such as smart phones move physically within the network. When a device moves it changes its point of attachment in the network. The goal of mobility is to provide a seamless transition when a device moves from one attachment point to another. Appendix D provides more detail and motivation for ILA in wireless networks. Each mobile device in a network may be assigned one or more identifiers to use in communications. The ILA mapping table has an entry for each identifier that maps to a locator indicating the current network point of attachment for the device. Nodes that send to the device set the locator per the mapping. When a mobile device moves to a new attachment point, then mapping table entries all of its associated identifiers are updated with a new locator. 6.2 Alternative methods This section discusses the merits of alternative solution that have been proposed to provide network virtualization or mobility in IPv6. 6.2.1 ILNP ILNP splits an address into a locator and identifier in the same manner as ILA. ILNP has characteristics, not present in ILA, that prevent it from being a practical solution: o ILNP requires that transport layer protocol implementations must be modified to work over ILNP. Herbert Expires April 22, 2018 [Page 29] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 o ILNP can only be implemented in end hosts, not within the network. This essentially requires that all end hosts need to be modified to participate in mobility. 6.2.2 Flow label as virtual network identifier The IPv6 flow label could conceptually be used as a 20-bit virtual network identifier in order to indicate a packet is sent on an overlay network. In this model the addresses may be virtual addresses within the specified virtual network. Presumably, the tuple of flow- label and addresses could be used by switches to forward virtually addressed packets. This approach has some issues: o Forwarding virtual packets to their physical location would require specialized switch support. o The flow label is only twenty bits, this is too small to be a discriminator in forwarding a virtual packet to a specific destination. Conceptually, the flow label might be used in a type of label switching to solve that. o The flow label is not considered immutable in transit, intermediate devices may change it. o The flow label is not part of the pseudo header for transport checksum calculation, so it is not covered by any transport (or other) checksums. 6.2.3 Extension headers To accomplish network virtualization an extension header, as a destination or routing option, could be used that contains the virtual destination address of a packet. The destination address in the IPv6 header would be the topological address for the location of the virtual node. Conceivably, segment routing could be used to implement network virtualization in this manner. This technique has some issues: o Intermediate devices must not insert extension headers [RFC8200]. o Extension headers introduce additional packet overhead which may impact performance. o Extension headers are not covered by transport checksums (as the Herbert Expires April 22, 2018 [Page 30] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 addresses would be) nor any other checksum. o Extension headers are not widely supported in network hardware or devices. For instance, several NIC offloads don't work in the presence of extension headers. 6.2.4 Encapsulation techniques Various encapsulation techniques have been proposed for implementing network virtualization and mobility. LISP is an example of an encapsulation that is based on locator identifier separation similar to ILA. The primary drawback of encapsulation is complexity and per packet overhead. For, instance when LISP is used with IPv6 the encapsulation overhead is fifty-six bytes and two IP headers are present in every packet. This adds considerable processing costs, requires considerations to handle path MTU correctly, and certain network accelerations may be lost. 7 IANA Considerations There are no IANA considerations in this specification. Herbert Expires April 22, 2018 [Page 31] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 8 References 8.1 Normative References [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", STD 86, RFC 8200, DOI 10.17487/RFC8200, July 2017, <https://www.rfc- editor.org/info/rfc8200>. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, February 2006. [RFC6296] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Prefix Translation", RFC 6296, June 2011. [RFC1071] Braden, R., Borman, D., Partridge, C., and W. Plummer, "Computing the Internet checksum", RFC 1071, September 1988. [RFC1624] Rijsinghani, A., "Computation of the Internet Checksum via Incremental Update", RFC 1624, May 1994. [RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, "Default Address Selection for Internet Protocol Version 6 (IPv6)", RFC 6724, September 2012. 8.2 Informative References [RFC6740] RJ Atkinson and SN Bhatti, "Identifier-Locator Network Protocol (ILNP) Architectural Description", RFC 6740, November 2012. [RFC6741] RJ Atkinson and SN Bhatti, "Identifier-Locator Network Protocol (ILNP) Engineering Considerations", RFC 6741, November 2012. [RFC1918] Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot, G., and E. Lear, "Address Allocation for Private Internets", BCP 5, RFC 1918, February 1996. [RFC3363] Bush, R., Durand, A., Fink, B., Gudmundsson, O., and T. Hain, "Representing Internet Protocol version 6 (IPv6) Addresses in the Domain Name System (DNS)", RFC 3363, August 2002. [RFC3587] Hinden, R., Deering, S., and E. Nordmark, "IPv6 Global Unicast Address Format", RFC 3587, August 2003. Herbert Expires April 22, 2018 [Page 32] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 [RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for IPv4/IPv6 Translation", RFC 6144, April 2011. [RFC8014] Black, D., Hudson, J., Kreeger, L., Lasserre, M., and T. Narten, "An Architecture for Data-Center Network Virtualization over Layer 3 (NVO3)", RFC 8014, DOI 10.17487/RFC8014, December 2016, <https://www.rfc- editor.org/info/rfc8014>. [GUE] Herbert, T., and Yong, L., "Generic UDP Encapsulation", draft-ietf-intarea-gue-04, work in progress. [GUESEC] Yong, L., and Herbert, T. "Generic UDP Encapsulation (GUE) for Secure Transport", draft-hy-gue-4-secure-transport- 03, work in progress 9 Acknowledgments The authors would like to thank Mark Smith, Lucy Yong, Erik Kline, Saleem Bhatti, Blake Matheny, Doug Porter, Pierre Pfister, and Fred Baker for their insightful comments for this draft; Roy Bryant, Lorenzo Colitti, Mahesh Bandewar, and Erik Kline for their work on defining and applying ILA; Kalyani Bogineni, Niranjan Avula, and Ratul Guha for insights regarding the mobility use case. Herbert Expires April 22, 2018 [Page 33] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Appendix A: Communication scenarios This section describes the use of identifier-locator addressing in several scenarios. A.1 Terminology for scenario descriptions A formal notation for identifier-locator addressing with ILNP is described in [RFC6740]. We extend this to include for network virtualization cases. Basic terms are: A = IP Address I = Identifier L = Locator LUI = Locally unique identifier VNI = Virtual network identifier VA = An IPv4 or IPv6 virtual address VAX = An IPv6 networking identifier (IPv6 VA mapped to VAX) SIR = Prefix for standard identifier representation VNET = IPv6 prefix for a tenant (assumed to be globally routable) Iaddr = IPv6 address of an Internet host An ILA IPv6 address is denoted by L:I A SIR address with a locally unique identifier and SIR prefix is denoted by SIR:LUI A virtual identifier with a virtual network identifier and a virtual IPv4 address is denoted by VNI:VA An ILA IPv6 address with a virtual networking identifier for IPv4 would then be denoted L:(VNI:VA) The local and remote address pair in a packet or endpoint is denoted A,A An address translation sequence from SIR addresses to ILA addresses Herbert Expires April 22, 2018 [Page 34] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 for transmission on the network and back to SIR addresses at a receiver has notation: A,A -> L:I,A -> A,A A.2 Identifier objects Identifier-locator addressing is broad enough in scope to address many different types of networking entities. For the purposes of this section we classify these as "objects" and "tenant systems". Objects encompass uses where nodes are address by local unique identifiers (LUI). In the scenarios below objects are denoted by OBJ. Tenant systems are those associated with network virtualization that have virtual addresses (that is they are addressed by VNI:VA). In the scenarios below tenant systems are denoted by TS. A.3 Reference network for scenarios The figure below provides an example network topology with ILA addressing in use. In this example, there are four hosts in the network with locators L1, L2, L3, and L4. There three objects with identifiers O1, O2, and O3, as well as a common networking service with identifier S1. There are two virtual networks VNI1 and VNI2, and four tenant systems addressed as: VA1 and VA2 in VNI1, VA3 and VA4 in VNI2. The network is connected to the Internet via a gateway. ` ............. . . +-----------------+ . Internet . +-----------------+ | Host L1 | . . | Host L2 | | +-------------+ | ............. | +-------------+ | | | TS VNI1:VA1 | | | | | TS VNI1:VA2 | | | +-------------+ +---+ +-----+-----+ +---+ +-------------+ | | +-------------+ | | | Gateway | | | +-------------+ | | | OBJ O1 | | | +-----+-----+ | | | TS VNI2:VA3 | | | +-------------+ | | | | | +-------------+ | +-----------------+ | ............. | +-----------------+ +-----. .-----+ +-----------------+ . Underlay . +-----------------+ | Host L3 | +-----. Network .---+ | Host L4 | | +-------------+ | | ............. | | +-------------+ | | | OBJ O2 | | | | | | VM VNI2:VA4 | | | +-------------+ +---+ +-----| +-------------+ | | +-------------+ | | +-------------+ | | | OBJ O3 | | | | Serv. S1 | | | +-------------+ | | +-------------+ | +-----------------+ +-----------------+ Herbert Expires April 22, 2018 [Page 35] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Several communication scenarios can be considered: 1) Object to object 2) Object to Internet 3) Internet to object 4) Tenant system to local service 5) Object to tenant system 6) Tenant system to Internet 7) Internet to tenant system 8) IPv4 tenant system to service 9) Tenant system to tenant system same virtual network using IPv6 10) Tenant system to tenant system in same virtual network using IPv4 11) Tenant system to tenant system in different virtual network using IPv6 12) Tenant system to tenant system in different virtual network using IPv4 13) IPv4 tenant system to IPv6 tenant system in different virtual networks 14) Non-local address to tenant system A.4 Scenario 1: Object to task The transport endpoints for object to object communication are the SIR addresses for the objects. When a packet is sent on the wire, the locator is set in the destination address of the packet. On reception the destination addresses is converted back to SIR representation for processing at the transport layer. If task T1 is communicating with task T2, the ILA translation sequence would be: SIR:O1,SIR:O2 -> // Transport endpoints on O1 SIR:O1,L3:O2 -> // ILA used on the wire SIR:O1,SIR:O2 // Received at O2 A.5 Scenario 2: Object to Internet Communication from an object to the Internet is accomplished through use of a SIR address (globally routable) in the source address of packets. No ILA translation is needed in this path. If object O1 is sending to an address Iaddr on the Internet, the packet addresses would be: SIR:O1,Iaddr A.6 Scenario 3: Internet to object Herbert Expires April 22, 2018 [Page 36] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 An Internet host transmits a packet to a task using an externally routable SIR address. The SIR prefix routes the packet to a gateway for the datacenter. The gateway translates the destination to an ILA address. If a host on the Internet with address Iaddr sends a packet to object O3, the ILA translation sequence would be: Iaddr,SIR:O3 -> // Transport endpoint at Iaddr Iaddr,L1:O3 -> // On the wire in datacenter Iaddr,SIR:O3 // Received at O3 A.7 Scenario 4: Tenant system to service A tenant can communicate with a datacenter service using the SIR address of the service. If TS VA1 is communicating with service S1, the ILA translation sequence would be: VNET:VA1,Saddr-> // Transport endpoints in TS SIR:(VNET:VA1):Saddr-> // On the wire SIR:(VNET:VA1):Saddr // Received at S1 Where VNET is the address prefix for the tenant and Saddr is the IPv6 address of the service. The ILA translation sequence in the reverse path, service to tenant system, would be: Saddr,SIR:(VNET:VA1) // Transport endpoints in S1 Saddr,L1:(VNET:VA1) // On the wire Saddr,VNET:VA1 // Received at the TS Note that from the point of view of the service task there is no material difference between a peer that is a tenant system versus one which is another task. A.8 Scenario 5: Object to tenant system An object can communicate with a tenant system through it's externally visible address. If object O2 is communicating with TS VA4, the ILA translation sequence would be: SIR:O2,VNET:VA4 -> // Transport endpoints at T2 SIR:O2,L4:(VNI2:VAX4) -> // On the wire Herbert Expires April 22, 2018 [Page 37] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 SIR:O2,VNET:VA4 // Received at TS A.9 Scenario 6: Tenant system to Internet Communication from a TS to the Internet assumes that the VNET for the TS is globally routable, hence no ILA translation would be needed. If TS VA4 sends a packet to the Internet, the addresses would be: VNET:VA4,Iaddr A.10 Scenario 7: Internet to tenant system An Internet host transmits a packet to a tenant system using an externally routable tenant prefix and address. The prefix routes the packet to a gateway for the datacenter. The gateway translates the destination to an ILA address. If a host on the Internet with address Iaddr is sending to TS VA4, the ILA translation sequence would be: Iaddr,VNET:VA4 -> // Endpoint at Iaddr Iaddr,L4:(VNI2:VAX4) -> // On the wire in datacenter Iaddr,VNET:VA4 // Received at TS A.11 Scenario 8: IPv4 tenant system to object A TS that is IPv4-only may communicate with an object using protocol translation. The object would be represented as an IPv4 address in the tenant's address space, and stateless NAT64 should be usable as described in [RFC6145]. If TS VA2 communicates with object O3, the ILA translation sequence would be: VA2,ADDR3 -> // IPv4 endpoints at TS SIR:(VNI1:VA2),L3:O3 -> // On the wire in datacenter SIR:(VNI1:VA2),SIR:O3 // Received at task VA2 is the IPv4 address in the tenant's virtual network, ADDR4 is an address in the tenant's address space that maps to the network service. The reverse path, task sending to a TS with an IPv4 address, requires a similar protocol translation. For object O3 communicate with TS VA2, the ILA translation sequence would be: Herbert Expires April 22, 2018 [Page 38] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 SIR:O3,SIR:(VNI1:VA2) -> // Endpoints at T4 SIR:O3,L2:(VNI1:VA2) -> // On the wire in datacenter ADDR4,VA2 // IPv4 endpoint at TS A.12 Tenant to tenant system in the same virtual network ILA may be used to allow tenants within a virtual network to communicate without the need for explicit encapsulation headers. A.12.1 Scenario 9: TS to TS in the same VN using IPV6 If TS VA1 sends a packet to TS VA2, the ILA translation sequence would be: VNET:VA1,VNET:VA2 -> // Endpoints at VA1 VNET:VA1,L2:(VNI1,VAX2) -> // On the wire VNET:VA1,VNET:VA2 -> // Received at VA2 A.12.2 Scenario 10: TS to TS in same VN using IPv4 For two tenant systems to communicate using IPv4 and ILA, IPv4/IPv6 protocol translation is done both on the transmit and receive. If TS VA1 sends an IPv4 packet to TS VA2, the ILA translation sequence would be: VA1,VA2 -> // Endpoints at VA1 SIR:(VNI1:VA1),L2:(VNI1,VA2) -> // On the wire VA1,VA2 // Received at VA2 Note that the SIR is chosen by an ILA node as an appropriate SIR prefix in the underlay network. Tenant systems do not use SIR address for this communication, they only use virtual addresses. A.13 Tenant system to tenant system in different virtual networks A tenant system may be allowed to communicate with another tenant system in a different virtual network. This should only be allowed with explicit policy configuration. A.13.1 Scenario 11: TS to TS in different VNs using IPV6 For TS VA4 to communicate with TS VA1 using IPv6 the translation sequence would be: VNET2:VA4,VNET1:VA1-> // Endpoint at VA4 VNET2:VA4,L1:(VNI1,VAX1)-> // On the wire VNET2:VA4,VNET1:VA1 // Received at VA1 Herbert Expires April 22, 2018 [Page 39] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Note that this assumes that VNET1 and VNET2 are globally routable between the two virtual networks. A.13.2 Scenario 12: TS to TS in different VNs using IPv4 To allow IPv4 tenant systems in different virtual networks to communicate with each other, an address representing the peer would be mapped into each tenant's address space. IPv4/IPv6 protocol translation is done on transmit and receive. For TS VA4 to communicate with TS VA1 using IPv4 the translation sequence may be: VA4,SADDR1 -> // IPv4 endpoint at VA4 SIR:(VNI2:VA4),L1:(VNI1,VA1)-> // On the wire SADDR4,VA1 // Received at VA1 SADDR1 is the mapped address for VA1 in VA4's address space, and SADDR4 is the mapped address for VA4 in VA1's address space. A.13.3 Scenario 13: IPv4 TS to IPv6 TS in different VNs Communication may also be mixed so that an IPv4 tenant system can communicate with an IPv6 tenant system in another virtual network. IPv4/IPv6 protocol translation is done on transmit. For TS VA4 using IPv4 to communicate with TS VA1 using IPv6 the translation sequence may be: VA4,SADDR1 -> // IPv4 endpoint at VA4 SIR:(VNI2:VA4),L1:(VNI1,VAX1)-> // On the wire SIR:(VNI2:VA4),VNET1:VA1 // Received at VA1 SADDR1 is the mapped IPv4 address for VA1 in VA4's address space. In the reverse direction, TS VA1 using IPv6 would communicate with TS VA4 with the translation sequence: VNET1:VA1,SIR:(VNI2:VA4) // Endpoint at VA1 VNET1:VA1,L4:(VNI2:VA4) // On the wire SADDR1,VA4 // Received at VA4 A.14 Scenario 14: Non-local address to tenant system A tenant system may have a global address that is non-local to the network. A host on the Internet or a tenant system may send packet to this address. The packet is forwarded by some means to a gateway or other ILA node (tunneling could be used to accomplish this). An ILA Herbert Expires April 22, 2018 [Page 40] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 node can crate a an ILA address for this using a non-local address identifier. For a node sending to a non-local address that is an address of task T2, the ILA translation sequence would be: SADDR,A // Endpoint at a host SADDR,L3:X // On the wire SADDR,A // Received by TS 2 Note that A is the non-local address, and X is is an identifier that maps to the non-local address. Appendix B: unique identifier generation The unique identifier type of ILA identifiers can address 2**60 objects (assuming the typed identifier format is used as described in section 4). This appendix describes some method to perform allocation of identifiers for objects to avoid duplicated identifiers being allocated. B.1 Globally unique identifiers method For small to moderate sized deployments the technique for creating locally assigned global identifiers described in [RFC4193] could be used. In this technique a SHA-1 digest of the time of day in NTP format and an EUI-64 identifier of the local host is performed. N bits of the result are used as the globally unique identifier. The probability that two or more of these IDs will collide can be approximated using the formula: P = 1 - exp(-N**2 / 2**(L+1)) where P is the probability of collision, N is the number of identifiers, and L is the length of an identifier. The following table shows the probability of a collision for a range of identifiers using a 60-bit length. Identifiers Probability of Collision 1000 4.3368*10^-13 10000 4.3368*10^-11 100000 4.3368*10^-09 1000000 4.3368*10^-07 Note that locally unique identifiers may be ephemeral, for instance a task may only exist for a few seconds. This should be considered when Herbert Expires April 22, 2018 [Page 41] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 determining the probability of identifier collision. B.2 Universally Unique Identifiers method For larger deployments, hierarchical allocation may be desired. The techniques in Universally Unique Identifier (UUID) URN ([RFC4122]) can be adapted for allocating unique object identifiers in sixty bits. An identifier is split into two components: a registrar prefix and sub-identifier. The registrar prefix defines an identifier block which is managed by an agent, the sub-identifier is a unique value within the registrar block. For instance, each host in a network could be an agent so that unique identifiers for objects could be created autonomously be the host. The identifier might be composed of a twenty-four bit host identifier followed by a thirty-six bit timestamp. Assuming that a host can allocate up to 100 identifiers per second, this allows about 21.8 years before wrap around. /* LUI identifier with host registrar and timestamp */ |3 bits|1| 24 bits | 36 bits | +------+-------------------+-------------------------------------+ | 0x1 |C| Host identifier | Timestamp Identifier | +----------------------------------------------------------------+ Appendix C: Datacenter task virtualization This section describes some details to apply ILA to virtualizing tasks in a datacenter. C.1 Address per task Managing the port number space for services within a datacenter is a nontrivial problem. When a service task is created, it may run on arbitrary hosts. The typical scenario is that the task will be started on some machine and will be assigned a port number for its service. The port number must be chosen dynamically to not conflict with any other port numbers already assigned to tasks on the same machine (possibly even other instances of the same service). A canonical name for the service is entered into a database with the host address and assigned port. When a client wishes to connect to the service, it queries the database with the service name to get both the address of an instance as well as its port number. Note that DNS is not adequate for the service lookup since it does not provide port numbers. With ILA, each service task can be assigned its own IPv6 address and therefore will logically be assigned the full port space for that Herbert Expires April 22, 2018 [Page 42] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 address. This a dramatic simplification since each service can now use a publicly known port number that does not need to unique between services or instances. A client can perform a lookup on the service name to get an IP address of an instance and then connect to that address using a well known port number. In this case, DNS is sufficient for directing clients to instances of a service. C.2 Job scheduling In the usual datacenter model, jobs are scheduled to run as tasks on some number of machines. A distributed job scheduler provides the scheduling which may entail considerable complexity since jobs will often have a variety of resource constraints. The scheduler takes these constraints into account while trying to maximize utility of the datacenter in terms utilization, cost, latency, etc. Datacenter jobs do not typically run in virtual machines (VMs), but may run within containers. Containers are mechanisms that provide resource isolation between tasks running on the same host OS. These resources can include CPU, disk, memory, and networking. A fundamental problem arises in that once a task for a job is scheduled on a machine, it often needs to run to completion. If the scheduler needs to schedule a higher priority job or change resource allocations, there may be little recourse but to kill tasks and restart them on a different machine. In killing a task, progress is lost which results in increased latency and wasted CPU cycles. Some tasks may checkpoint progress to minimize the amount of progress lost, but this is not a very transparent or general solution. An alternative approach is to allow transparent job migration. The scheduler may migrate running jobs from one machine to another. C.3 Task migration Under the orchestration of the job scheduler, the steps to migrate a job may be: 1) Stop running tasks for the job. 2) Package the runtime state of the job. The runtime state is derived from the containers for the jobs. 3) Send the runtime state of the job to the new machine where the job is to run. 4) Instantiate the job's state on the new machine. 5) Start the tasks for the job continuing from the point at which it was stopped. This model similar to virtual machine (VM) migration except that the runtime state is typically much less data-- just task state as Herbert Expires April 22, 2018 [Page 43] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 opposed to a full OS image. Task state may be compressed to reduce latency in migration. C.3.1 Address migration ILA facilitates address (specifically SIR address) migration between hosts as part of task migration or for other purposes. The steps in migrating an address might be: 1) Configure address on the target host. 2) Suspend use of the address on the old host. This includes handling established connections (see next section). A state may be established to drop packets or send ICMP destination unreachable when packets to the migrated address are received. 3) Update the identifier to locator mapping database. Depending on the control plane implementation this may include pushing the new mapping to hosts. 4) Communicating hosts will learn of the new mapping via a control plane either by participation in a protocol for mapping propagation or by the ILA resolution protocol. C.3.2 Connection migration When a task and its addresses are migrated between machines, the disposition of existing TCP connections needs to be considered. The simplest course of action is to drop TCP connections across a migration. Since migrations should be relatively rare events, it is conceivable that TCP connections could be automatically closed in the network stack during a migration event. If the applications running are known to handle this gracefully (i.e. reopen dropped connections) then this may be viable. For seamless migration, open connections may be migrated between hosts. Migration of these entails pausing the connection, packaging connection state and sending to target, instantiating connection state in the peer stack, and restarting the connection. From the time the connection is paused to the time it is running again in the new stack, packets received for the connection should be silently dropped. For some period of time, the old stack will need to keep a record of the migrated connection. If it receives a packet, it should either silently drop the packet or forward it to the new location. Herbert Expires April 22, 2018 [Page 44] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 Appendix D: Mobility in wireless networks ILA can be used in public wireless networks to provide a solution for mobility. Devices in a carrier network are referred to as User Equipment (UE) and can include smart phones, automobiles, and other IoT devices. UEs attach to provider network at base stations (eNodeB in carrier terminology). As the device moves, it may change it's point of attachment to a geographically close based station. A cellular network is composed of cells each of which has an eNodeB. A node may change cells several times over a time period. In order to provide seamless communications it is desirable that the existing connections of the device are preserved. ILA provides for this by assigning SIR addresses to UEs and deploying ILA routers in the network infrastructure. In a canonical architecture each base station (eNodeB) would have an ILA router, and there would be a number of ILA routers that serve as gateways between a provider's network and the Internet. When a host on the Internet sends to a UE's SIR address, a gateway ILA router will translate the address. The locator addresses the base station that is the current point of attachment. At the base station ILA router, the destination is translated back to a SIR address and delivered to a UE. A similar process can happen when two UEs in the network communicate. The wireless network use case is conceptually similar to network virtualization. In both scenarios, nodes have a point of attachment and can move to other points of attachment. The difference is that in network virtualization it is virtual machines that are mobile, in wireless networks it is real devices. The wireless use case has some unique properties: o These are often public networks so that privacy is a consideration. It is likely that devices may have many addresses assigned to promote privacy. o A single device might have many identifiers assigned to it. When a device moves, all of the identifiers must change to map to the same locator. o Devices move on their own accord so that mobility is unpredictable. o There are mostly real humans using devices so that human Herbert Expires April 22, 2018 [Page 45] INTERNET DRAFT draft-herbert-intarea-ila-00 October 19, 2017 identity and exposing geo location are concerns. Author's Address Tom Herbert Quantonium 4701 Patrick Henry Dr. Santa Clara, CA EMail: tom@herbertland.com Petr Lapukhov 1 Hacker Way Menlo Parck, CA EMail: petr@fb.com Herbert Expires April 22, 2018 [Page 46]