To-Do list for Ivip
To the main Ivip page
Last update 2007-09-18.
This
is a list of things I want to think about and add to the next revision
of the Ivip Internet Draft. I was going to do version 01 in late
August but I don't have much time to work on this in the foreseeable
future. This To-Do list is poorly structured, I regret.
Additions are at the end.
I anticipate that end-users would pay some fees
to the UAS organisation which which they obtain one or more Ivip-mapped
addresses. This would flow, partially, to the RUAS (or the
end-user could be dealing directly with an RUAS). Some of this
would flow to whoever runs the Replicator system - at least levels 1, 2
and maybe 3. Also, perhaps some would flow to help fund the
"anycast core-ITRs".
Fees would be something like this:
- Annual fee in some proportion to number of IP addresses (or /64s for IPv6).
- Fee
per update to mapping. This may be per update, irrespective of
the number of IP addresses affected by the one update, or perhaps per
IP address affected. Mobile IP users are going to be generating a
lot of updates, which must be dutifully fanned out to all ITRDs and
QSDs. However, in general I guess mobile IP users are not going
to be having much traffic, so they wouldn't have many correspondent
hosts at any one time. This means that although the update goes
to every QSD in the world in a few seconds, very few, if any, of those
QSDs will need to send a Notify (cache invalidation) to one of their
queriers (QSDs, ITRCs or ITFHs).
- Arguably there might be some
fee for Ivip address users with very large volumes of packets going
through "anycast core-ITRs" towards whatever ETR they chose.
There have been a number of interesting things to work through regarding tunnel overhead, MTU limits and auto-discovery of maximum packet size
over a particular path. These came up in a really great series of
responses to a question I asked on the RAM list on 2007 July 20
(Australian time): msg01718.html
This is my response, and there may well be replies which are of interest:
Thanks for these great responses!
This
message also concerns my argument for making the tunneled packet's
outer source address be the same as the inner source address (outer SA = inner SA), as discussed in my second message in the thread: "ETRs checking src & dest addresses": msg01705.html See the discussion which follows for some important responses.
Read
these I-Ds and RFCs (I use these /html/ links because the indicate
later versions at the top of the page, and print with proper page
breaks):
Link Adaptation for IPv6-in-(foo)*-in-IPv4 Tunnels
tools.ietf.org/html/draft-templin-linkadapt-06
Path MTU Discovery
tools.ietf.org/html/rfc1191
MTU and Fragmentation Issues with In-the-Network Tunneling
tools.ietf.org/html/rfc4459 (done)
Packetization Layer Path MTU Discovery
tools.ietf.org/html/rfc4821 (partially read)
TCP Problems with Path MTU Discovery
tools.ietf.org/html/rfc2923
IPv6 Extensions for Multi-MTU Subnets
tools.ietf.org/html/draft-van-beijnum-multi-mtu-00
IP Tunneling Optimization in a Mobile Environment
tools.ietf.org/html/draft-haddad-mip6-tunneling-optimization-01
Generic Routing Encapsulation (GRE)
tools.ietf.org/html/rfc2784 (done)
IPv4 Reassembly Errors at High Data Rates
tools.ietf.org/html/draft-heffner-frag-harmful-05
IP Tunneling Optimization in a Mobile Environment
tools.ietf.org/html/draft-haddad-mip6-tunneling-optimization
IPv6 Extensions for Multi-MTU Subnets
tools.ietf.org/html/draft-van-beijnum-multi-mtu-00
Use "GRA" (Globally Routable Address) instead of "BRIP"?
Is there a WG concerned with path MTU discovery etc.? There was a PMTUD WG which produced RFC 4821.
See
the message I wrote to the RAM list on 2007-07-28: "Re: [RAM] ITR
complexity & security (ICMP) in LISP-NERD/CONS & eFIT-APT": http://www1.ietf.org/mail-archive/web/ram/current/msg01769.html
Likewise see the ../errata/ page.
(#PMTUD_kaput) PMTUD impossible even with outer SA = inner SA
I think my earlier ideas of tunneling with outer SA = inner SA will not
enable the sending host to discover non-reachability or do Path MTU
Discovery (PMTUD) as I wrote about below, because the ICMP DU code 4
message it gets will have a different IP header and following 8 bytes
than the packet it sent - at least if the MTU limit was exceeded in the
tunnel portion of the path.
Dave Meyer wrote:
> Agreed. As mentioned above, there is also the interaction
> with PMTU discovery; basically, it can be nontrivial to
> find the original source of the packet so you can send a
> a "fragmentation needed and DF set" back to the
> source. If indeed you can't find the source (multiple
> encaps or whatever), then the source's packets (those
> that have the DF bit set, i.e., doing PMTU discovery) get
> black-holed. Not sure if that was your question, but in
> any event...
I didn't ask specifically, but it is a really important point: Tunnels upset PMTU discovery.
Here
are some diagrams of left-to-right packet flow, with the outer header
Source Address and Destination Address, and the inner SA and DA for the
part of the path where the original packet is in a tunnel.
The first diagram is for the LISP/eFIT-APT approach of the outer SA being that of the ITR.
SH-----IR1----ITR~~~~~TR1~~~~~TR2~~~~~ETR----IR2-----RH
Outer
SA SH
SH ITR
ITR ITR
SH SH
DA RH
RH ETR
ETR ETR
RH RH
Inner
SA
SH SH SH
DA
RH RH RH
---- Raw
~~~~ Encapsulated
Now
I consider where an "ICMP Destination Unreachable - Fragmentation
Needed" (DUFN) message might be generated. I don't know enough
about this process to know if it is generated at the output of an
interface, and/or when arriving at an interface (perhaps due to the
innards of the router not being able to handle this length).
If IR1 generates the DUFN message, all will be well - at least it is not affected by the tunneling system.
Likewise
if the ITR generates the DUFN when it receives the raw packet.
But what if the ITR encapsulates the packet and then when attempting to
forward it, generates a DUFN? Does the maximum packet length vary
from one outgoing interface to another? How will this part of the
router know the problem is the responsibility of a particular sending
host and its own internal encapsulation function?
If Transit
Router TR1 generates the DUFN, the DUFN will be addressed to the
ITR. But the ITR can't know what to do with it, since as far as I
know, the DUFN doesn't mention anything about the contents of the
packet, which is the only place where the Sending Host's (SH's) address
is mentioned.
Likewise if the DUFN arises from arriving at TR2 or the ETR.
If
the DUFN is generated at the output of the ETR, it should be OK,
because it will be sent to the SH, not the ITR. Likewise if the
DUFN is generated at the internal router IR2 or the Destination Host
(DH).
The best which could be achieved with the above
arrangement is that the ITR has to store state that packets sent to a
particular address (the ETR's address) should be fragmented before
encapsulation. But how long does it retain this state for?
It all depends on the routing path, since it could be a cranky old TR2
which is complaining, and that may not be in the path for long.
Storing
this state and burdening the ITR's FIB with looking for it, for every
encapsulation operation, and then splitting the packet and sending two
encapsulated packets . . . this is really ugly. Also, I am not
sure how well LISP's or eFIT-ETR's communications would work with
packets being fragmented. There are some pretty fancy protocols
for communication, particularly between multiple ITRs and Default
Mappers in eFIT-ETR. (See my comparison message.)
Now
consider the situation with Ivip's approach of setting the outer SA the
same as the inner SA. This would be either with IP-in-IP (which
doesn't include the ITR's address) or with UDP encapsulation with
explicit mention of the ITRs address, if this was decided to be worth
the trouble to help with debugging - which seems quite possible.
SH-----IR1----ITR~~~~~TR1~~~~~TR2~~~~~ETR----IR2-----RH
Outer
SA SH
SH SH
SH SH
SH SH
DA RH
RH ETR
ETR ETR
RH RH
Inner
SA
SH SH SH
DA
RH RH RH
Now wherever the DUFN is generated, it will go back to the Sending Host, which I think is what is required.
The ITR doesn't have to look out for DUFN messages, or store any state, or do any optional fragmentation.
This way, the SA can fine-tune its packet size, per "RH" destination address, to the highest value which avoids fragmentation.
Unless
I have made some mistakes, then this looks like a second strong reason
for keeping "outer SA = inner SA", in addition to the powerful reason
(I think) which I raised in the thread "ETRs checking src & dest
addresses".
- Robin
Additions 2007-09-18
Properly read and discuss Bill Herrin's TRRP proposal:
Ideally, update the comparision and intro pages, but that would be a lot of work.
Devise
a new system for the Replicator system, along the lines I mentioned at
the end of this message (where I request help with Ivip):
xxx