Identifier-Locator Addressing BOF 101 IETF, London, Nov 22, 2018 Local time: 18:10 - 19:10 Chairs: Joel Halpern, Samita Chakrabarti Responsible AD: Suresh Krishnan IAB Shepherd: Erik Nordmark Minute takers: Uma Chunduri, Alberto Rodriguez-Natal Jabber Scribe: Evangelos Haleplidis Online Agenda: https://datatracker.ietf.org/meeting/101/agenda/ Etherpad: http://etherpad.tools.ietf.org/p/notes-ietf-101-ila Agenda: 1.Chairs introduction Joel & Samita 2. Problem Statement, scope and issues Tom Herbert 3. Use cases: a. 5G User Mobility Network Kalyani Bogineni b. Data Center Network Tom Herbert 4. Q&A Joel and Samita started the meeting. Samita described ILA in a nutshell, the scope of the BOF, and she mentioned that goal is not to go into specific solutions of ID/LOC in general but to discuss the general problems in this area. The chairs also acknowledged that there are other solutions which have been discussed in various workgroups and hallway meetings in similar problem spaces. Joel: Scope of ILA BoF -- limited to problem space Samita: Proposed the agenda and the presentation started. First speaker was Tom Herbert. Tom: - Goal is to provide seamless mobility for multiple use case with high efficiency. - Use cases - Mobility related - DC Virtualization Network Virtualization and for converged networks - Problems: General problems - Encapsulation is a performance and overhead hit, tunneling considerations need to be made for payloads. Another issue is Identity is tied to location - this makes mobility difficult. Other issues: * General encapsulation issues with any existing networks. * Privacy in addressing - public network problems * Mobile anchor points - single point of failure For low latency application (AR/VR) support as well. Sri: Can you relate the Identity to location and whats is the problem? Tom: Identifier is tied with location presently. Putting these two together is an issue for mobility Tom: - Addressing and transformation procedure in ILA Salient properties of ILA - ID/LOC split - Performs address transformation (not NAT) - No Wire overhead (no encap or EH) - contained within network layer - Scope - Data plane and control plane aspects - LISP control plane can be leveraged or 3GPP control plane - Limitations - ILA is IPv6 only - ILA is not extensible (not for encryption and authentication kind of use cases) - more complexity of data plane vs. control plane and it would not support multicast, needs special consideration for ICMP handling - Scalability aspects - Number of mappings, rate of update to mappings, throughput in dataplane, managing state in a mapping system and mapping caches - Security Aspects - MS contains sensitive to PII (e.g. identity, geo-locations etc) - MS needs to be secure - Inter domain solutions - Privacy aspects - Privacy in addressing draft (draft-herbert-prefix-address-privacy), privacy vs. scalability - Locator privacy - DOSability - Mapping cache (potential target, cache driven..) - Virtualization use case - DC virtualization (every task gets is own IP address..) - Network Virtualization (tenant isolation, IPv4 to IPv6 address translation) Dave Allen: How identifiers are assigned - perhaps these need to be unique? Tom: ILA protocol draft appendix has some ideas - for DC we took separate IPv6 address prefix range. Address assignments in DC is based on registry +timestamp. Hopefully mapping systems can provide address collision detection Erik Nordmark: Interoperability with current IPv6 ? Tom: In the internet they don't know if address got ILA transformation, it just looks like normal Ipv6 address Erik KLein(on jabber): How does an supported UE get their ID? -- ie, UE and locator node interaction Answer: Anycast address is used for UE and locator interaction. Cost is 20 bits. Dave Allen : Did not see whole set of requirements and usecases (for example, BBF 5G Broadband) Suresh K : Goal for this BOF is to understand the problem Dino - Clarification required: How destination address can be correctly mapped? Margaret - Understands the two usecases - She points to some past work from 2008 which reveals issues with ICMP, zones, identity space for different address scopes Kalyani ===== 5G Mobility Use case - Acknowledgements - USe case - 3GPP architecture - Focus in the core network - Why ILA - Promise of elimination of tunnel, no overhead, especially for small packets - with 5G it's network densification - reduces backhaul capacity - ILA promises anchor-less mobility and simplifies network, reduce state information - support for low latency applications (reduced packet processing, no additional network functions needed at network edge) - 5G Protocol stack with ILA - Proposed architecture for ILA in REL16 - ILA as network slice with ILA-M at service based 3GPP control plane and UPFs as ILA-N and ILA-R - Flexible implementation ans scalability Sri: ILA-R is still your anchor" Kalyani: I will get to it in the next slides Dave: Does PDU contains IPv6 address? Kalyani: Yes Dave: How encapsulation is removed? Joel: Does packet starts with IPv6 address - it contains IPv6 and GTP? Tom: PDU is IP address from UE (we modify the destination address) - no encap PDU is the actual packet from the user. The packets get into the netowrk and then it gets transformed and transformed back. Looking into the model for /64 assignments. Joel: SIR prefixes are assigned to UEs Arashmid: Is there any internet working plan? Kalyani: This is only for IPv6 ILA Margeret: Fred baker did the checksum neutral mapping. What happens in case of dynamic routing or async mapping? Kalyani- I would come back ==== - Co-existence of mobility and security use existing schemes - Anchorless mobility - Going to the internet (both uplink and downlink) - UE to UE communication uses ILA-N cache Margeret: Didn't get the transformation Joel: we are running out of time .. take it towards the end - Recommendations Huan Huawei: It does address the mobility. It doesn't address the QFI aspect. in the GTP we have this Kalyani: This is only for iLA slice Huan Huawei: Then this could be used for only default QoS BoF Questions: ========== Jabber: How does this support /64 allocation Tom: With /64, upper 64 bits are used for both addess and identifier; Identifier is local. Around 20 bits for identifier and remaining for network Dave A: I know what ILA can address in some use cases but the requirements are not laid out for each Suresh: We want to see, people see this as a problem or not.. Dave: But don't rush off Mays AL-Naday: If you don't support and any cast how this can fit in some use cases Tom: This goes under requirements for that particular use case. Native multicasting is interesting as that uses source address. Mays AL-Naday: So u agree multicast is important in some cases - any cast?? Tom: Any cast need further work. An encoding can support multicast - as a whole solution, we need to suport multicast Lorenzo: This is a great fit for DC but not clear on the scope. The earlier slide doesn't work This is 3 orders of magnitude backwards, this solution doesn't work Kalyani: This is only for access network.. Joel: Documents have described a workable way to address this (scalability) Lorenzo: This can make it work actually Dino: If a SIR prefix is a source in the pkt - for the return packet how do you know if this is source or destination Tom: Source is not translated NTTE: What is the exact difference between ILA and ICN? Joel: these two are very different Tony Li: You are changing the fundamental architecture of host without changing the network. Why not bite the bullet and change the fundamental architecture? Tom: How do you solve the anchorless mobility. For DC use case, mobility case is very simple. It is nice to not to change the architecture completely. Tony: You are trying to solve multi-homing, mobility and seperating identifier through out the stack Joel: We are not comparing alternatives Margeret: I understood the 2 use cases. I understood the intended the scope. draft-wasserman-roundtrip in 2008, and encountered multiple problems - like you don't have zones in the address space; these issues are not properly clarified in the draft Tom: Transforming the destination address and routing the packet Margeret: How do you find the transformer Tom: ICMP is tricky, not beilving in global identifier spaces, identifiers are gonna be localized. Assume this is going to be contained. Margeret: How does this get into mapped again? You have to control the whole thing Padma: I do understood the problem space. Couple of clarifications. Privacy was a big topic on the mapping system. Long lived identity problem - how this is handled Tom: Identity is little bit a different - identity should not be visible on the packet and we should not ties the identifiers Padma: Is mapping system requirements are same as IDeas? Tom: Requirements are orthogonal and there are some similarities Sri: GTP-U does identifier, qos bits and bunch of other things. How are those other things supported? Kalyani: ILA mobility doesn't take all advanced features but rather only for IoT and low latency slices Erik Nordmark: If you care about ingress filtering then you need to consider both types of addresses (SIR prefix and regular address) At the very end a few questions were asked by co-chair Joel Halpern in order to sense the room: Joel: Do people understand the problem space described in this BOF meeting - Strong positive hum Joel : Hum if you didn't understand the problem space - no hum heard Joel: Scoping - folks understood the scope? Low humming sound Joel did not ask about whether the crowd understood the usecases as he mentioned that it was obvious not everyone understood the usecases. Suresh: Please do send the comments on the list, we can flush it out with further discussions. Positive humm for first question is the key. Thanks everyone. Meeting adjourned.