Network Working Group                                        M. Portoles
Internet-Draft                                             V. Ashtaputre
Intended status: Experimental                                  V. Moreno
Expires: October 9, 2016                                        F. Maino
                                                           Cisco Systems
                                                            D. Farinacci
                                                             lispers.net
                                                           April 7, 2016


         LISP L2/L3 EID Mobility Using a Unified Control Plane
                  draft-portoles-lisp-eid-mobility-00

Abstract

   The LISP control plane offers the flexibility to support multiple
   overlay flavors simultaneously.  This document specifies how LISP can
   be used to provide control-plane support to deploy a unified L2 and
   L3 overlay solution, as well as analyzing possible deployment options
   and models.

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on October 9, 2016.








Portoles, et al.         Expires October 9, 2016                [Page 1]


Internet-Draft         Unified L2 and L3 overlays             April 2016


Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Definition of Terms . . . . . . . . . . . . . . . . . . . . .   3
   3.  Reference System and Packet Flows . . . . . . . . . . . . . .   4
     3.1.  Reference System  . . . . . . . . . . . . . . . . . . . .   4
     3.2.  Packet Flows  . . . . . . . . . . . . . . . . . . . . . .   5
       3.2.1.  Bridged Traffic: Intra-subnet and Non-IP  . . . . . .   5
       3.2.2.  Routed Traffic: Inter-subnet  . . . . . . . . . . . .   6
       3.2.3.  ARP Resolution  . . . . . . . . . . . . . . . . . . .   6
   4.  LISP Protocol with L2 and L3 Support  . . . . . . . . . . . .   8
     4.1.  L2 and L3 Segmentation  . . . . . . . . . . . . . . . . .   8
     4.2.  Database Mappings in Unified L2 and L3 Overlays . . . . .   8
     4.3.  MAC as a Locator Record for ARP Resolution  . . . . . . .   9
     4.4.  LISP Mapping System . . . . . . . . . . . . . . . . . . .  11
     4.5.  Time-to-Live Handling in Data-Plane . . . . . . . . . . .  11
     4.6.  Using SMRs to Track Moved-Away State  . . . . . . . . . .  11
     4.7.  Non-Extended Subnets  . . . . . . . . . . . . . . . . . .  12
     4.8.  L2 Overlays and Multicast Groups  . . . . . . . . . . . .  12
     4.9.  L2 Broadcast, Unknown Unicast and Multicast traffic . . .  12
   5.  EID Mobility Support  . . . . . . . . . . . . . . . . . . . .  12
     5.1.  Reference Architecture  . . . . . . . . . . . . . . . . .  13
     5.2.  L2 Mobility: Packet Flow  . . . . . . . . . . . . . . . .  13
     5.3.  L3 Mobility: Packet Flow  . . . . . . . . . . . . . . . .  14
   6.  Optional Deployment Models  . . . . . . . . . . . . . . . . .  15
     6.1.  IP Forwarding of Intra-subnet Traffic . . . . . . . . . .  15
     6.2.  Data-plane Encapsulation Options  . . . . . . . . . . . .  16
     6.3.  L2-only Deployments . . . . . . . . . . . . . . . . . . .  17
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  18
   8.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  18
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  18
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .  18
     9.2.  Informative References  . . . . . . . . . . . . . . . . .  19



Portoles, et al.         Expires October 9, 2016                [Page 2]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  19

1.  Introduction

   This document describes the architecture and design options required
   to offer a unified L2 and L3 overlay solution with the LISP control-
   plane.

   The architecture takes advantage of the flexibility that LISP
   provides to simultaneously support different overlay flavors.  In
   this sense, while the LISP specification defines both data-plane and
   control-plane solutions, this document focuses on the use of the
   control-plane piece, which can be combined with the data-plane of
   choice (e.g., [VXLAN-GPE], [VXLAN], or [LISP].

   The recommended selection of whether a flow is sent over the L2 or
   the L3 overlay is mapped to bridged (intra-subnet or non-IP) or
   routed (inter-subnet) traffic, respectively.  This allows treating
   both overlays as separate segments, and enables L2-only and L3-only
   deployments (and combinations of them) without modifying the
   architecture.

   The unified solution for L2 and L3 overlays offers the possibility to
   extend subnets and routing domains (as required in state-of-art
   Datacenter and Enterprise architectures) with traffic optimization.

   An important use-case of the unified architecture is that, while most
   data centers are complete layer-3 routing domains, legacy
   applications either have not converted to IP or still use auto-
   discovery at layer-2 and assume all nodes in an application cluster
   belong to the same subnet.  For these applications, the L2-overlay
   limits the functionality to where the legacy app lives versus having
   to extend layer-2 into the network.

   Broadcast, Unknown and Multicast traffic on the overlay are supported
   by either replicated unicast, or underlay (RLOC) multicast as
   specified in [RFC6831], [I-D.ietf-lisp-signal-free-multicast].

2.  Definition of Terms

   LISP related terms are defined as part of the LISP specification
   [RFC6830], notably EID, RLOC, Map-Request, Map- Reply, Map-Notify,
   Ingress Tunnel Router (ITR), Egress Tunnel Router (ETR), Map- Server
   (MS) and Map-Resolver (MR).







Portoles, et al.         Expires October 9, 2016                [Page 3]


Internet-Draft         Unified L2 and L3 overlays             April 2016


3.  Reference System and Packet Flows

   This section introduces a reference system to support the description
   of the solution and it walks the supported packet flows.

3.1.  Reference System

   The following figure illustrates the reference system used to support
   the packet flow description.  The system presents 4 sites.  Site A
   and Site D provide access to different subnets (non-extended), while
   Site B and Site C extend a common subnet.  The xTR in each one of the
   sites registers EIDs from the sites with the LISP Mapping System and
   provides support to encapsulate overlay (EID) traffic through the
   underlay (RLOC space).

                            ,-------------.
                           (Mapping System )
                            -+------------+
                           +--+--+   +-+---+
                           |MS/MR|   |MS/MR|
                           +-+---+   +-----+
              .-._..-._.--._..|._.,.-._.,|-._.-_._.-.._.-.
          .-.'                                            '.-.
         (                    L3 Underlay                     )
          (                   (RLOC Space)                    )
          '.-._.'.-._.'--'._.'.-._.'.-._.'.-._.'.-._.'.-._.-.'
            /              |                 |               \
    RLOC=IP_A          RLOC=IP_B         RLOC=IP_C         RLOC=IP_D
    +-+--+--+          +-+--+--+         +-+--+--+         +-+--+--+
   .| xTR A |.-.      .| xTR B |.-.     .| xTR C |.-.     .| xTR D |.-.
  ( +-+--+--+   )    ( +-+--+--+   )   ( +-+--+--+   )   ( +-+--+--+   )
 .'   Site A   )   .'   Site B    )   .'   Site C   )   .'   Site D   )
 ( 1.0.0.0/24 .    ( 3.0.0.0/24  .    ( 3.0.0.0/24 .   (  2.0.0.0/24 .
 '--'._.'.     )    '--'._.'.     )    '--'._.'.    )   '--'._.'.     )
        /  '--'            |  '--'          |   '--'             \ '--'
    '--------'          '--------'        '--------'        '--------'
    :  End   :          :  End   :        :  End   :        :  End   :
    :Device 1:          :Device 2:        :Device 3:        :Device 4:
    '--------'          '--------'        '--------'        '--------'
    IP: 1.0.0.1         IP: 3.0.0.2       IP: 3.0.0.3       IP: 2.0.0.4
                     MAC: 0:0:3:0:0:2   MAC: 0:0:3:0:0:3

      Figure 1: Reference System Architecture with unified L2 and L3
                                 overlays







Portoles, et al.         Expires October 9, 2016                [Page 4]


Internet-Draft         Unified L2 and L3 overlays             April 2016


3.2.  Packet Flows

   The recommended selection between the use of L2 and L3 overlays is to
   map them to bridged (intra-subnet or non-IP) and routed (inter-
   subnet) traffic.  This section follows this recommendation to
   describe the packet flows.

   However, note that in a different selection approach, intra-subnet
   traffic MAY also be sent over the L3 overlay.  Section 6.1 specifies
   the changes needed to send all IP traffic using the L3 overlay and
   restricting the use of the L2 overlay to non-IP traffic.

   When required, the control plane makes use of two basic types of EID-
   to-RLOC mappings associated to end-hosts and in order to support the
   unified architecture:

   o  EID = <IID, MAC> to RLOC=<IP>.  This is used to support the L2
      overlay.

   o  EID = <IID, IP> to RLOC=<IP>.  This is the traditional mapping as
      defined in the original LISP specification and supports the L3
      overlay.

3.2.1.  Bridged Traffic: Intra-subnet and Non-IP

   Bridged traffic is encapsulated using the L2 overlay.  This section
   provides an example of the unicast packet flow and the control plane
   operations when in the topology shown in Figure 1, the End-Device 2
   in site B communicates with the End-Device 3 in site C.  In this case
   we assume that End Device 2, knows the MAC address of End-Device 3
   (e.g., learned through ARP).

   o  End-Device 2 sends an Ethernet/IEEE 802 MAC frame with destination
      0:0:3:0:0:3 and source 0:0:3:0:0:2.

   o  ITR B does a L2 lookup in its local map-cache for the destination
      MAC 0:0:3:0:0:3.  When the lookup of 0:0:3:0:0:3 is a miss, the
      ITR sends a Map-Request to the mapping database system looking up
      for MAC 0:0:3:0:0:3.

   o  The mapping systems forwards the Map-Request to ETR C, that has
      registered the EID-to-RLOC mapping for MAC 0:0:3:0:0:3.
      Alternatively, depending on the mapping system configuration, a
      Map-Server which is part of the mapping database system MAY send a
      Map-Reply directly to ITR B.






Portoles, et al.         Expires October 9, 2016                [Page 5]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   o  ETR C sends a Map-Reply to ITR B that includes the EID-to-RLOC
      mapping: MAC 0:0:3:0:0:3 -> RLOC=IP_C, where IP_C is the locator
      of ETR C.

   o  ITR B populates the local map-cache with the EID to RLOC mapping,
      and encapsulates all subsequent packets with a destination MAC
      0:0:3:0:0:3 using destination RLOC=IP_C.

3.2.2.  Routed Traffic: Inter-subnet

   Inter-subnet traffic is encapsulated using the L3 overlay.  The
   process to encapsulate this traffic is the same as described in the
   original specification [RFC6830].  We describe the packet flow here
   for completeness

   The following is a sequence example of the unicast packet flow and
   the control plane operations when in the topology shown in Figure 1
   End-Device 1, in LISP site A, wants to communicate with End-Device 4
   in LISP site D.  Note that both end systems reside in different
   subnets.  We'll assume that End-Device 1 knows the EID IP address of
   End-Device 4 (e.g. it is learned using a DNS service).

   o  End-Device 1 sends an IP packet frame with destination 2.0.0.4 and
      source 1.0.0.1.  As the destination address lies on a different
      subnet End-Device 1 sends the packet following its routing table
      to ITR A (e.g., it is its default gateway).

   o  ITR A does a L3 lookup in its local map-cache for the destination
      IP 2.0.0.4.  When the lookup of 2.0.0.4 is a miss, the ITR sends a
      Map-request to the mapping database system looking up for IP
      2.0.0.4.

   o  The mapping systems forwards the Map-Request to ETR D, that has
      registered the EID-to-RLOC mapping of IP 2.0.0.4.

   o  ETR D sends a Map-Reply to ITR A that includes the EID-to-RLOC
      mapping: EID IP 2.0.0.4 -> RLOC=IP_D, where IP_D is the locator of
      ETR D.

   o  ITR A populates the local map-cache with the EID to RLOC mapping,
      and encapsulates all subsequent packets with a destination IP
      2.0.0.4 using destination RLOC=IP_D.

3.2.3.  ARP Resolution

   A large majority of applications are IP based and, as a consequence,
   end systems are typically provisioned with IP addresses as well as
   MAC addresses.



Portoles, et al.         Expires October 9, 2016                [Page 6]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   In this case, to limit the flooding of ARP traffic and reduce the use
   of multicast in the RLOC network, the LISP mapping system is used to
   support ARP resolution at the ITR.

   In order to provide this support, ETRs handle and register an
   additional EID-to-RLOC mapping as follows,

   o  EID = <IID, IP> to RLOC = <MAC>.

   The following packet flow sequence describes the use of the LISP
   Mapping System to support ARP resolution for hosts residing in a
   subnet that is extended to multiple sites.  Using Figure 1, End-
   Device 2 tries to find the MAC address of End-Device 3.  Note that
   both have IP addresses within the same subnet:

   o  End-Device 2 sends a broadcast ARP message to discover the MAC
      address of End-Device 3.  The ARP request targets IP 3.0.0.3.

   o  ITR B receives the ARP message, but rather than flooding it on the
      overlay network sends a Map-Request to the mapping database system
      for IP 3.0.0.3.

   o  When receiving the Map-Request, the Map-Server sends a Proxy-Map-
      Reply back to ITR B with the mapping IP 3.0.0.3 -> MAC
      0:0:3:0:0:3.

   o  Using this Map-Reply, ITR B sends an ARP-Reply back to End-Device
      2 with the tuple IP 3.0.0.3, MAC 0:0:3:0:0:3.

   o  End-Device 2 learns MAC 0:0:3:0:0:3 from the ARP message and can
      now send a L2 traffic to End-Device 3.  When this traffic reaches
      ITR B is sent over the L2-overlay as described above in
      Section 3.2.1.

   This example shows how LISP, by replacing dynamic data plane learning
   (such as Flood-and-Learn) can reduce the use of multicast in the
   underlay network.

   Note that ARP resolution using the Mapping System is a stateful
   operation on the ITR.  The source IP,MAC tuple coming from the ARP
   request have to be stored to generate the ARP-reply when the Map-
   Reply is received.

   Note that the ITR SHOULD cache the ARP entry.  In that case future
   ARP-requests can be handled without sending additional Map-Requests.






Portoles, et al.         Expires October 9, 2016                [Page 7]


Internet-Draft         Unified L2 and L3 overlays             April 2016


4.  LISP Protocol with L2 and L3 Support

   This section describes the specific elements required to support a
   unified L2 and L3 overlay solution and the packet flows described in
   the previous section.

4.1.  L2 and L3 Segmentation

   LISP support of segmentation and multi-tenancy is structured around
   the propagation and use of Instance-IDs, and handled as part of the
   EID in control plane operations.  The encoding is described in
   [I-D.ietf-lisp-lcaf] and its use in [I-D.ietf-lisp-ddt].

   Depending on the particular deployment, both the L2 and L3 overlays
   can be segmented.  An Instance-ID can be used for L2 overlay
   segmentation (e.g., VLAN extension) and for L3 overlay segments
   (e.g., VRF extension or multi-VPN overlays).  In all cases, the
   Instance-ID is a 24-bit value.  Instance-IDs are unique to a Mapping
   System and MAY be used to identify the overlay type.

   An important aspect of L2 overlay segmentation is the mapping of
   VLANs to IIDs.  In this case a Bridge Domain (which is the L2
   equivalent to a VRF as a forwarding context) maps to an IID, a VLAN-
   ID may map 1:1 to a bridge domain or different VLAN-IDs on different
   ports may map to a common Bridge Domain, which in turn maps to an IID
   in the L2 overlay.  When ethernet traffic is double tagged, usually
   the external 802.1Q tag will be mapped to a bridge domain on a per
   port basis, and the inner 802.1Q tag will remain part of the payload
   to be handled by the overlay.  The IID should therefore be able to
   carry ethernet traffic with or without an 802.1Q header.  A port may
   also be configured as a trunk and we may chose to take the
   encapsulated traffic and map it to a single IID in order to multiplex
   traffic from multiple VLANs on a single IID.  These are all examples
   of local operations that could be effected on VLANs in order to map
   them to IIDs, they are provided as examples and are not exhaustive.

4.2.  Database Mappings in Unified L2 and L3 Overlays

   When an end-host is attached or detected in an ETR that provides
   L2-overlay and L3-overlay services, two Database Mapping entries are
   registered to the mapping system:

   o  The EID 2-tuple (IID, IP) with its binding to a corresponding ETR
      locator set (IP RLOC)

   o  The EID 2-tuple (IID, MAC) with its binding to a locator set (IP
      RLOC)




Portoles, et al.         Expires October 9, 2016                [Page 8]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   These two database mappings are the ones required to support L3 and
   L2 forwarding.

   The registration of these EIDs MUST follow the LCAF format as defined
   in [I-D.ietf-lisp-lcaf].

4.3.  MAC as a Locator Record for ARP Resolution

   When an end-host is attached or detected in an ETR that provides
   L2-overlay services and supports ARP resolution using the LISP
   control-plane, an additional mapping entry is registered to the
   mapping system:

   o  The EID 2-tuple (IID, IP) and its binding to a corresponding host
      MAC address.

   In this case both the xTRs and the Mapping System MUST support an
   EID-to-RLOC mapping where the MAC address is set as a locator record.

   This mapping is registered with the Mapping System using the
   following EID record structure,






























Portoles, et al.         Expires October 9, 2016                [Page 9]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   |                          Record TTL                           |
   |   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   E   | Locator Count | EID mask-len  | ACT |A|      Reserved         |
   I   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   D   | Rsvd  |  Map-Version Number   |         AFI = 16387           |
   |   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   r   |    Rsvd1     |     Flags      |   Type = 2    | IID mask-len  |
   e   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   c   |             4 + n             |        Instance-ID...         |
   o   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   r   |       ...Instance-ID          |        EID-AFI = 1 or 2       |
   d   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   |                    EID-Prefix (IPv4 or IPv6)                  |
   |   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  /|    Priority   |    Weight     |  M Priority   |   M Weight    |
   | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | M |        Unused Flags     |L|p|R|        AFI = 16387            |
   | A +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | C |    Rsvd1     |     Flags      |   Type = 1    |     Rsvd2     |
   | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | | |             2 + 6             |             AFI = 6           |
   | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | | |                    Layer-2 MAC Address  ...                   |
   | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  \| ... Layer-2 MAC Address       |
   +-> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+.

   An EID record with a locator record that carries a MAC address
   follows the same structure as described in [RFC6830].  However, some
   fields of the EID record and the locator record require special
   consideration:

   Locator Count:  This value SHOULD be set to 1.

   Instance-ID:  This is the IID used to provide L2-overlay
      segmentation.

   Priority and Weight:  IP to MAC bindings are one to one bindings.  An
      ETR SHOULD not register more than one MAC address in the locator
      record together with an IP based EID.  The Priority of the MAC
      address record is set to 255.  The Weight value SHOULD be ignored
      and the recommendation is to set it to 0.

   L bit:  This bit of the locator record SHOULD only be set to 1 when
      an ETR is registering its own IP to MAC binding.

   p bit:  This bit of the locator record SHOULD be set to 0.



Portoles, et al.         Expires October 9, 2016               [Page 10]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   R bit:  This bit of the locator record SHOULD be set to 0.

   Note that an IP EID record that carries a MAC address in the locator
   record, SHOULD be registered with the Proxy Map-Reply bit set.

4.4.  LISP Mapping System

   The interface between the xTRs and the Mapping System is described in
   [RFC6833] and this document follows the specification as described
   there.  When available, the registrations MAY be implemented over a
   reliable transport as described in
   [I-D.kouvelas-lisp-map-server-reliable-transport].

4.5.  Time-to-Live Handling in Data-Plane

   The LISP specification ([RFC6830]) describes how to handle Time-to-
   Live values of the inner and outer headers during encapsulation and
   decapsulation of packets when using the L3 overlay.  The same
   approach SHOULD be followed for the unified overlay.

   When using the L2 overlay and the encapsulated traffic is IP traffic,
   the Time-to-Live value of the inner IP header MUST remain unmodified
   at encapsulation and decapsulation.  Network hops traversed as part
   of the L2 overlay SHOULD be hidden to tools like traceroute and
   applications that require direct L2 connectivity.

4.6.  Using SMRs to Track Moved-Away State

   One of the key elements to support end-host mobility using the LISP
   architecture is the Solicit-Map-Request (SMR).  This is an special
   message by means of which an ETR can request an ITR to send a new
   Map-Request for a particular EID record.  In essence the SMR message
   is used as a signal to indicate a change in mapping information and
   it is described with detail in [RFC6830].  Section 5 provides a
   packet flow description of the mobility support in a unified overlay.

   In order to support mobility, an ETR SHALL maintain a list of EID
   records for which it has to generate a SMR message whenever it
   receives traffic with that EID as destination.  This is called an
   Away Table.

   The particular strategy to maintain an Away Table is implementation
   specific and it will be typically based on the strategy to detect the
   presence of hosts and the use of the Map-Notifies received from the
   Map-Server.  In essence the table SHOULD provide support to the
   following:





Portoles, et al.         Expires October 9, 2016               [Page 11]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   o  Keep track of end-hosts that were once connected to an ETR and
      have moved away.

   o  Support for L2 EID records, the 2-tuple (IID, MAC), for which a
      SMR message SHOULD be generated.

   o  Support for L3 EID records, the 2-tuple (IID, IP), for which a SMR
      message SHOULD be generated.

4.7.  Non-Extended Subnets

   The registration and access to non-extended subnets using the L3
   overlay follows [RFC6830].

   Note also that non-extended subnets can also be treated as non-LISP
   networks.  In that case, providing access to the subnet to
   participants of LISP overlays requires the use of a PxTR, following
   the specification in [RFC6830].

4.8.  L2 Overlays and Multicast Groups

   xTRs that offer L2 overlay services and are part of the same
   Instance-ID join a common Multicast Group.  When required, this group
   allows ITRs to send traffic that needs to be replicated (flooded) to
   all ETRs participating in the L2-overlay (e.g., broadcast traffic
   within a subnet).  When the core network (RLOC space) supports native
   multicast ETRs participating in the L2-overlay join a (*,G) group
   associated to the Instance-ID.

   When multicast is not available in the core network, each xTR that is
   part of the same instance-ID SHOULD join a (S,G) entry to the mapping
   system using the procedures described in
   [I-D.ietf-lisp-signal-free-multicast], where S is 0000-0000-0000/0
   and G is ffff-ffff-ffff/48.  This strategy allows and ITR to know
   which ETRs are part of the L2 overlay and it can head-end replicate
   traffic to.

4.9.  L2 Broadcast, Unknown Unicast and Multicast traffic

   Broadcast, Unknown Unicast and Multicast (BUM) traffic on the
   L2-overlay is supported by either replicated unicast, or underlay
   (RLOC) multicast.

5.  EID Mobility Support

   Support to end-host mobility is a basic requirement of state-of-art
   overlay solutions.  The unified overlay architecture described here
   supports mobility both over L2-overlays and L3-overlays.  This



Portoles, et al.         Expires October 9, 2016               [Page 12]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   section provides a packet flow sequence description of the mobility
   support, detailing the use of the elements defined in the previous
   section.

5.1.  Reference Architecture

   In order to support the packet flow description we use again the same
   example as in Figure 1.  In this particular case hosts may roam and
   we distinguish the case when we have L2-mobility (e.g., IP hosts move
   within their own subnet) or L3-mobility.


           /              |                 |               \
   RLOC=IP_A          RLOC=IP_B         RLOC=IP_C         RLOC=IP_D
   +-+--+--+          +-+--+--+         +-+--+--+         +-+--+--+
  .| xTR A |.-.      .| xTR B |.-.     .| xTR C |.-.     .| xTR D |.-.
 ( +-+--+--+   )    ( +-+--+--+   )   ( +-+--+--+   )   ( +-+--+--+   )
.'   Site A   )   .'   Site B    )   .'   Site C   )   .'   Site D   )
( 1.0.0.0/24 .    ( 3.0.0.0/24  .    ( 3.0.0.0/24 .   (  2.0.0.0/24 .
'            )     '            )
'--'._.'.     )    '--'._.'.     )    '--'._.'.    )   '--'._.'.     )
       /  '--'            |  '--'          |   '--'             \ '--'
   '--------'          '--------'        '--------'        '--------'
   :  End   :          :  End   :        :  End   :        :  End   :
   :Device 1:          :Device 2:        :Device 3:        :Device 4:
   '--------'          '--------'        '--------'        '--------'
 (IID1,1.0.0.1)      (IID1,3.0.0.2)     (IID1,3.0.0.3)    (IID1,2.0.0.4)
                  (IID2,0:0:3:0:0:2)   (IID2,0:0:3:0:0:3)

                 Figure 2: Reference Mobility Architecture

5.2.  L2 Mobility: Packet Flow

   The support to L2 mobility covers the requirements to allow an end-
   host to move from a given site to another and maintain correspondence
   with the rest of end-hosts that are connected to the same L2 domain
   (e.g. extended VLAN).  This support MUST ensure convergence of L2
   forwarding (MAC based) from the old location to the new one, when the
   host completes its move.

   The following is a sequence description of the packet flow when End-
   Device 2 in the figure moves to Site C, which is extending its own
   subnet network.

   o  When End-Device 2 is attached or detected in site C, ETR C sets up
      the database mapping corresponding to EID=<IID2, 0:0:3:0:0:2>.
      ETR C sends a Map-Register to the mapping system registering
      RLOC=IP_B as locator for EID=<IID2, 0:0:3:0:0:2>.



Portoles, et al.         Expires October 9, 2016               [Page 13]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   o  The Mapping System, after receiving the new registration for
      EID=<IID1, 0:0:3:0:0:2> sends a Map-Notify to ETR B with the new
      locator set (IP_B).  ETR B removes then its local database mapping
      and stops registering <IID2, 0:0:3:0:0:2>.

   o  Any PiTR or ITR participating in the same L2-overlay
      (corresponding to IID2) that was encapsulating traffic to
      0:0:3:0:0:2 before the migration continues encapsulating this
      traffic to ETR B.

   o  Once ETR B is notified by the Mapping system, when it receives
      traffic from an ITR which is destined to 0:0:3:0:0:2, it will
      generate a Solicit-Map-Request (SMR) message that is sent to the
      ITR for (IID2,0:0:3:0:0:2).

   o  Upon receiving the SMR the ITR sends a new Map-Request for the
      EID=<IID2,0:0:3:0:0:2>.  As a response ETR B sends a Map-Reply
      that includes the new EID-to-RLOC mapping for <IID2,0:0:3:0:0:2>
      with RLOC=IP_B.  This entry is cached in the L2 table of the ITR,
      replacing the previous one, and traffic is then forwarded to the
      new location.

5.3.  L3 Mobility: Packet Flow

   The support to L3 mobility covers the requirements to allow an end-
   host to move from a given site to another and maintain correspondence
   with the rest of end-hosts that are connected to the same L3 routing
   domain.  This support MUST ensure convergence of L3 forwarding (IPv4/
   IPv6 based) from the old location to the new one when the host
   completes its move.

   The following is a sequence description of the packet flow when End-
   Device 1 in the reference figure roams to site D:

   o  When End-Device 1 is attached or detected in site D, ETR D sets up
      the database mapping corresponding to EID=<IID1, 1.0.0.1>.  ETR D
      sends a Map-Register to the mapping system registering RLOC=IP_D
      as locator for EID=<IID1, 1.0.0.1>.  Now the mapping system is
      updated with the new EID-to-RLOC mapping (location) for End-Device
      1.

   o  The Mapping System, after receiving the new registration for
      EID=<IID1, 1.0.0.1> sends a Map-Notify to ETR A to inform it of
      the move.  Then, ETR A removes its local database mapping
      information and stop registering EID=<IID1, 1.0.0.1>.






Portoles, et al.         Expires October 9, 2016               [Page 14]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   o  Any ITR or PiTR participating in the L3 overlay (corresponding to
      IID1) that were sending traffic to 1.0.0.1 before the migration
      keep sending traffic to ETR A.

   o  Once ETR A is notified by the Mapping system, when it receives
      traffic from an ITR with destination 1.0.0.1, it generates a
      Solicit-Map-Request (SMR) back the ITR (or PiTR) for EID=<IID1,
      1.0.0.1>.

   o  Upon receiving the SMR the ITR invalidates its local map- cache
      entry for EID=<IID1, 1.0.0.1> and sends a new Map-Request for that
      EID.  The Map-Reply includes the new EID-to-RLOC mapping for End-
      Device 1 with RLOC=IP_D.

   o  Similarly, once the local database mapping is removed from ITR A,
      non-encapsulated packets arriving at ITR A from a local End-Device
      and destined to End-Device 1 result in a cache miss, which
      triggers sending a Map-Request for EID=<IID1, 1.0.0.1> to populate
      the map-cache of ITR A.

6.  Optional Deployment Models

   The support of an integrated L2 and L3 overlay solution takes
   multiple architectural design options, that depend on the specific
   requirements of the deployment environment.  While some of the
   previous describe specific packet flows and solutions based on the
   recommended solution, this section documents OPTIONAL design
   considerations that differ from the recommended one but that MAY be
   required on alternative deployment environments.

6.1.  IP Forwarding of Intra-subnet Traffic

   As pointed out at the beginning the recommended selection of the L2
   and L3 overlays is not the only one possible.  In fact, providing L2
   extension to some cloud platforms is not always possible and subnets
   need to be extended using the L3 overlay.

   In order to send all IP traffic (intra- and inter-subnet) through the
   L3 overlay the solution MUST change the ARP resolution process
   described in Section 3.2.3 to the following one (we follow again
   Figure 1 to drive the example.  End-Device 2 queries about End-Device
   3):

   o  End-Device 1 sends a broadcast ARP message to discover the MAC
      address of 3.0.0.3.

   o  ITR B receives the ARP message and sends a Map-Request to the
      Mapping System for 3.0.0.3.



Portoles, et al.         Expires October 9, 2016               [Page 15]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   o  In this case, the Map-Request is routed by the Mapping system
      infrastructure to ETR C, that will send a Map-Reply back to ITR B
      containing the mapping 3.0.0.3 -> RLOC=IP_C.

   o  ITR B populates its local cache with the received entry on the L3
      forwarding table.  Then, using the cache information it sends a
      Proxy ARP-reply with its own MAC (MAC_xTR_B) address to end End-
      Device 1.

   o  End-Device 1 learns MAC_ITR_B from the proxy ARP-reply and sends
      traffic with destination address 3.0.0.3 and destination MAC,
      MAC_xTR_B.

   o  As the destination MAC address is the one from xTR B, when xTR B
      receives this traffic is it forwarded using the L3-overlay.

   o  Note that when implementing this solution, when a host that is
      local to an ETR moves away, the ETR SHOULD locally send a
      Gratuitous ARP with its own MAC address and the IP of the moved
      host, to refresh the ARP tables of local hosts and guarantee the
      use of the L3 overlay when connecting to the remote host.

   It is also important to note that using this strategy to extend
   subnets through the L3 overlay but still keeping the L2 overlay for
   the rest of traffic MAY lead to flow asymmetries.  This MAY be the
   case in deployments that filter Gratuitous ARPs, or when moved hosts
   continue using actual L2 information collected before a migration.

6.2.  Data-plane Encapsulation Options

   The LISP control-plane offers independence from the data-plane
   encapsulation.  Any encapsulation format that can carry a 24-bit
   instance-ID can be used to provide the unified overlay.

   Common encapsulation formats that can be used are [VXLAN-GPE], [LISP]
   and [VXLAN]:

   o  VXLAN-GPE encap: This encapsulation format is defined in
      [I-D.ietf-nvo3-vxlan-gpe].  It allows encapsulation both L2 and L3
      packets and the VNI field directly maps to the Instance-ID used in
      the control plane.  Note that when using this encapsulation for a
      unified solution the P-bit is set and the Next-Protocol field is
      used (typically with values 0x1 (IPv4) or 0x2 (IPv6) in
      L3-overlays, and value 0x3 in L2-overlays).

   o  LISP encap: This is the encapsulation format defined in the
      original LISP specification [RFC6830].  The encapsulation allows
      encapsulating both L2 and L3 packets.  The Instance-ID used in the



Portoles, et al.         Expires October 9, 2016               [Page 16]


Internet-Draft         Unified L2 and L3 overlays             April 2016


      EIDs directly maps to the Instance-ID that the LISP header
      carries.  At the ETR, after decapsulation, the IID MAY be used to
      decide between L2 processing or L3 processing.

   o  VXLAN encap: This is a L2 encapsulation format defined in
      [RFC7348].  While being a L2 encapsulation it can be used both for
      L2 and L3 overlays.  The Instance-ID used in LISP signaling maps
      to the VNI field of the VXLAN header.  Providing L3 overlays using
      VXLAN generally requires using the ETR MAC address as destination
      MAC address of the inner Ethernet header.  The process to learn or
      derive this ETR MAC address is not included as part of this
      document.

6.3.  L2-only Deployments

   The Unified architecture that this document specifies allows the
   deployment of L3-only or L2-only overlays.  By having a single
   control plane where the mapping database can hold both MAC EIDs and
   IP EIDs, the deployment of L2-only or L3-only architectures consists
   in using only the relevant database mappings.

   The requirements and use of LISP to support a L3-only overlay are
   extensively documented in the original LISP specification and related
   documents.

   The provision of a L2-only overlay MUST provide support for intra-
   subnet connectivity of end-hosts belonging to the same tenant,
   including them in a unique L2 broadcast domain extended across the
   network.

   Provision such L2-only overlay SHALL take the following aspects into
   account, as described before in Section 4:

   o  When an end-host is attached the ETR maintains and registers the
      mappings EID = <IID, MAC> -> RLOC = <IP> and EID = <IID, IP> ->
      RLOC = <MAC>.  The second mapping is optional and is meant to be
      used for ARP resolution.

   o  An ITR and Mapping-System provides support for ARP lookup and MAC
      lookup using the lisp control-plane as described before in this
      document.

   o  xTRs MUST provide support for Broadcast, Unknown and Multicast
      (BUM) traffic through either replicated unicast or underlay (RLOC)
      multicast.






Portoles, et al.         Expires October 9, 2016               [Page 17]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   o  An ITR MUST treat a destination MAC for which it receives a
      Negative Map-Reply with Native Forward action as BUM traffic and
      replicate it to the ETRs in the Layer-2 overlay.

   o  To support end-host mobility, an ETR MUST be able to support an
      Away Table (as described above) to keep track of end-hosts and
      generate SMR messages when receiving traffic for end-hosts not
      locally attached.

   o  TTL value of the inner-IP header SHOULD not be modified when
      traversing the L2 overlay.

7.  IANA Considerations

   This memo includes no request to IANA.

8.  Acknowledgements

   This draft builds on top of two expired drafts that introduced the
   concept of LISP L2/L3 overlays (draft-maino-nvo3-lisp-cp and draft-
   hertoghs-nvo3-lisp-controlplane-unified).  Many thanks to the
   combined authors of those drafts, that SHOULD be considered main
   contributors of this draft as well: Vina Ermagan, Dino Farinacci,
   Yves Hertoghs, Luigi Iannone, Fabio Maino, Victor Moreno, and Michael
   Smith.

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC6830]  Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The
              Locator/ID Separation Protocol (LISP)", RFC 6830,
              DOI 10.17487/RFC6830, January 2013,
              <http://www.rfc-editor.org/info/rfc6830>.

   [RFC6831]  Farinacci, D., Meyer, D., Zwiebel, J., and S. Venaas, "The
              Locator/ID Separation Protocol (LISP) for Multicast
              Environments", RFC 6831, DOI 10.17487/RFC6831, January
              2013, <http://www.rfc-editor.org/info/rfc6831>.







Portoles, et al.         Expires October 9, 2016               [Page 18]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   [RFC6833]  Fuller, V. and D. Farinacci, "Locator/ID Separation
              Protocol (LISP) Map-Server Interface", RFC 6833,
              DOI 10.17487/RFC6833, January 2013,
              <http://www.rfc-editor.org/info/rfc6833>.

   [RFC7348]  Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
              L., Sridhar, T., Bursell, M., and C. Wright, "Virtual
              eXtensible Local Area Network (VXLAN): A Framework for
              Overlaying Virtualized Layer 2 Networks over Layer 3
              Networks", RFC 7348, DOI 10.17487/RFC7348, August 2014,
              <http://www.rfc-editor.org/info/rfc7348>.

9.2.  Informative References

   [I-D.ietf-lisp-ddt]
              Fuller, V., Lewis, D., Ermagan, V., and A. Jain, "LISP
              Delegated Database Tree", draft-ietf-lisp-ddt-04 (work in
              progress), March 2016.

   [I-D.ietf-lisp-lcaf]
              Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical
              Address Format (LCAF)", draft-ietf-lisp-lcaf-11 (work in
              progress), September 2015.

   [I-D.ietf-lisp-signal-free-multicast]
              Moreno, V. and D. Farinacci, "Signal-Free LISP Multicast",
              draft-ietf-lisp-signal-free-multicast-00 (work in
              progress), December 2015.

   [I-D.ietf-nvo3-vxlan-gpe]
              Quinn, P., Manur, R., Kreeger, L., Lewis, D., Maino, F.,
              Smith, M., Agarwal, P., Yong, L., Xu, X., Elzur, U., Garg,
              P., and D. Melman, "Generic Protocol Extension for VXLAN",
              draft-ietf-nvo3-vxlan-gpe-01 (work in progress), November
              2015.

   [I-D.kouvelas-lisp-map-server-reliable-transport]
              Cassar, C., Kouvelas, I., Lewis, D., Arango, J., and J.
              Leong, "LISP Map Server Reliable Transport", draft-
              kouvelas-lisp-map-server-reliable-transport-01 (work in
              progress), February 2016.

Authors' Addresses








Portoles, et al.         Expires October 9, 2016               [Page 19]


Internet-Draft         Unified L2 and L3 overlays             April 2016


   Marc Portoles Comeras
   Cisco Systems
   170 Tasman Drive
   San Jose, CA  95134
   USA

   Email: mportole@cisco.com


   Vrushali Ashtaputre
   Cisco Systems
   170 Tasman Drive
   San Jose, CA  95134
   USA

   Email: vrushali@cisco.com


   Victor Moreno
   Cisco Systems
   170 Tasman Drive
   San Jose, CA  95134
   USA

   Email: vimoreno@cisco.com


   Fabio Maino
   Cisco Systems
   170 Tasman Drive
   San Jose, CA  95134
   USA

   Email: fmaino@cisco.com


   Dino Farinacci
   lispers.net
   San Jose, CA
   USA

   Email: farinacci@gmail.com









Portoles, et al.         Expires October 9, 2016               [Page 20]