1 / 100

CS 598 MCC – Advanced Internetworks

CS 598 MCC – Advanced Internetworks. Future Internet Architecture Locator -/Identifier-Split Quirin Scheitle scheitl2@illinois.edu. Significant?.

makya
Download Presentation

CS 598 MCC – Advanced Internetworks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CS 598 MCC – Advanced Internetworks Future Internet Architecture Locator-/Identifier-Split Quirin Scheitle scheitl2@illinois.edu

  2. Significant? • “The so-called identifier/locator split is recognized by the Internet Engineering Task Force (IETF) community as a next big change in the Internet architecture.” [Cisco Internet Protocol Journal, Volume 12, Nr 1]

  3. Outline • Motivation: Shortcomings of the present Internet • How the idea of a Loc/Id-Split can solve most of these • Detailed look at two specific approaches • LISP • HIP

  4. Present system has lots of drawbacks • IP address is used as Locator and as Identifier • Results in a lot of problems, concerning: • Mobility • Scalability • Security • Addressing • Multi-Homing

  5. Locator-/Identifier-Split • An approach followed by many researchers right now • Common idea is to use IP addresses as Locators and introduce a new concept of Identifiers. • User actually connects to Identifier • Identifier typically carried in packet between IP and Transport layer.

  6. Don’t get mixed up! • The general research area on Locator-Identifier-Splits can be meant by the acronym LISP • LISP is also a name of a specific LISP-approach • I try to call the idea itself “Loc/Id-Split” • Enough people angry at Cisco for interfering in their google results for LISP programming language ;)

  7. The concept of LocID-Split IP B1 Host A Host B IP B2 ID 00:00:0B

  8. Host A connects to User/Host/Service/Content 00:00:0B LOOKUP user@provider.com? www.illinois.edu stream://Class-stream.illinois.edu content#f7839fd789 IP B1 Host A Host B IP B2 ID 00:00:0B

  9. Host A connects to User/Host/Service/Content 00:00:0B ANSWER 00:00:0b IP B1 Host A Host B IP B2 ID 00:00:0B

  10. Host A connects to User/Host/Service/Content 00:00:0B Looks like DNS? No, ID is actually used to establish connection ANSWER 00:00:0b IP B1 Host A Host B IP B2 ID 00:00:0B

  11. Host A connects to User/Host/Service/Content 00:00:0B IP B1 Opens connection to ID 00:00:0b Host A Host B IP B2 ID 00:00:0B

  12. So, how to send a packet to this “ID” 00:00:0B ? Mapping/Lookup of Locator – Different approaches IP B1 Opens connection to ID 00:00:0b Host A Host B IP B2 ID 00:00:0B

  13. This is where approaches differHost-based / Network-based / Mixture Packet typically looks like this: TCP/UDP Identifier IP IP B1 Host A Host B IP B2 ID 00:00:0B

  14. So, this looks complicated and like a lot of change? • Change might be not that big (compare HIP implementations) • Gains a lot of advantages!

  15. Mobility • Your ID does not actually change if you connect somewhere else • Right now it does most of the times, so your connections tear down • LocID-Split enables you to keep your connections alive while you’re moving and changing IPs (since they are bound to your ID!)

  16. Multi-Homing, Failover, Traffic Engineering 50% 50% IP B1 Host A Host B IP B2 ID 00:00:0B

  17. Multi-Homing, Failover, Traffic Engineering IP B1 Host A Host B IP B2 ID 00:00:0B [http://www.faqs.org/photo-dict/phrase/4243/toy-digger.html]

  18. Multi-Homing, Failover, Traffic Engineering Hey guys, please send packets to <ID> from now on to IP B2 !  Connections can stay alive! IP B1 Host A Host B IP B2 ID 00:00:0B

  19. Security • IDs can be authenticated • Able to provide true end-to-end security and identity • Network-Authentication approaches (HiiMAP) vs. Host-Authentication approaches (LISP) vs. Mixed (HiiMap) • Approaches reach from signing/encrypting each message to just validating userid on bootstrap • New approaches like using public keys as IDs or depositing them in the Mapping system

  20. Specific approaches • These were some of the advantages that can be gained, let’s have a look at specific approaches

  21. So, what are these various concepts? • LISP – Cisco, IETF • HIP – IETF • LISP and HIP rather evolutionary and for practical use

  22. “LISP” • Farinacci et al., first ideas in 2006 • Developed by Cisco, aiming to provide a fix to the routing table growth in a short time, with as little change as possible. [Hanka et al] • Network-only approach, aiming for quick deployment

  23. PI/PA Space • Organizations want IP addresses to be staticalIdentifiers of their services • Want to keep their neat /30 prefix over multiple ISP changes • ISPs want IP addresses to be a coherent block that gets traffic into their network • Want to allocate all their customers in a /8 prefix • Solves routing table growth problem • Dual aims come from dual use of IP as Locator and Identifier! • Organizations want to be identified, ISPs want to make sure their IP ranges are routed to them

  24. Concept • “LISP follows a network-based map-and-encapsulate scheme, this means no changes to hosts are needed, everything happens in the network. Also, in LISP, both identifiers and locators can be IP addresses or arbitrary elements like a set of GPS coordinates or a Mac address.” [lisp4.net]

  25. Why LISP was developed? • LISP originally conceived to address Internet Scaling • What causes scaling issues? • IP addresses denote both location and identity today • Overloaded IP address semantic makes efficient routing impossible • IPv6 does not fix this • Why are scaling issues bad? • Routers require gobs of expensive memory to hold the Internet Routing Table • It’s expensive for network builders • Replacing equipments for the wrong reason – to hold routing table rather than implementing new features • It’s not GREEN… “… routing scalability is the most important problem facing the Internet today and must be solved … ” Internet Architecture Board (IAB) October 2006 Workshop (written as RFC 4984)

  26. Reasons for growth • Everyone wants PI space • Multihoming • Traffic Engineering

  27. So, what do we gain? • Forwarding plane of routers can be very small and efficient as there is no incentive for anyone to have PI space anymore • Lookup namespace will be more complex, but is not in forwarding path

  28. LISP 1.x uses routable EIDs, LISP 2/3 do not. LISP 1.5 better incrementally deployable!

  29. So, this ID  Locator Lookup? • Remember: LISP wants as few changes to the current architecture as possible • Sounds like the weak point in these terms? (Scalability, Flexibility) • “In particular, although the base LISP specification defines the format of messages to query the mapping system and to receive responses from that system, it makes no assumptions on the architecture of potential mapping systems. As a result, several mapping systems have been proposed[0,1,4,5,6,10].” • Include DHTs [draft-hu-lisp-dht-00] • “Several such databases have been proposed, among them: LISP-CONS [CONS], LISP-NERD, [NERD] and LISP+ ALT [ALT]. “ [draft-ietf-lisp-ms-06] • LISP-ALT seems to be most popular right now • Builds overlay network with GRE tunnels and BGP announcements • Basically, provides a network architecture to route IDs to the correct ETR • Could not find proper discussion why this is any better than recent infrastructure? FIXME • (ID space not flat, still hierarchical, still prefixes announced via BGP?) Aggreation!

  30. Two similar problems out there • DNS: Rate is very small, state possibly infinite • BGP: Rate is significant, but state is smaller • Think about which goals these databases follow • DNS provides ID-to-IP Mapping • Not in forward path, speed less critical  Full Pull • BGP provides IP-to-Locator Mapping • Forward path, speed crucial  Full Push • ID-to-Locator Mapping somewhere in between, but where?

  31. Available Schemes • NERD, ALT, EMACS, CONS, DHTs… • Amount of research in this field shows that this is one of the very big topics in Locator/Identifier-Split!

  32. Problems with NERD? • Remember LISP aims for O(10^10) hosts [LISP Tutorial IETF Vancouver Dec2007]

  33. LISP-ALT: “Alternative Topology” • The most popular approach, used within the global test network • Uses a network of routers running BGP over GRE tunnels to build this “alternate topology” • ETRs announce their EID prefixes • Massive use of aggregation to achieve small routing tables

  34. LISP-Alt: Details • Still, ETRs are responsible for the EID-to-Locator mapping • ALT topology provides only knowledge which router owns which EID prefix • ITRs send map requests into ALT, ALT forwards this to the correct router • Router sends answer straight back to ITR • Data probes

  35. Why is ALT used? • Remember, LISP aims for fast implementation with reducing the routing table size • Uses BGPand GRE technology widely in use • Decentral • Very good for incremental deployment • Though, in my opinion, not an option for global scale deployment

More Related