LISP support for Multi-Tuple EIDs

This document describes how LISP handles lookups based on Extended-EIDs, i.e. tuples of n elements. Particularly it describes how the Tunnel Routers and the Mapping System operate when Extended-EIDs are in place, the different types of Extended-EIDs defined so far, how the lookup is performed for each Extended-EID type and which mapping databases are recommended to use depending on the kind of Extended-EIDs used.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

n-tuple: The term n-tuple is used in this document to describe the set of n elements present in a data packet (e.g. IP address, port, protocol) that can be used to identify unequivocally a packet or a set of packets. 5-tuple: The term 5-tuple is used in this document to describe the set comprised by 5 elements, being these the source IP address, the destination IP address, the level 4 protocol number, the level 4 protocol source port and the level 4 protocol destination port of a data packet. Extended-EID: This document uses the term Extended-EID to refer to any n-tuple (including a 5-tuple) used in a EID role. See as well Flow: The term flow is used in this document to refer to the sequence of packets identified by the same n-tuple. MT-[xTR, RTR, MS, MR]: A LISP [xTR, RTR, MS, MR] that supports the enhanced operation for Multi-Tuple Extended-EIDs described in this document. MT-TR: A LISP tunnel router (e.g. xTR, RTR) that supports the enhanced operation for Multi-Tuple Extended-EIDs described in this document, e.g. MT-xTR, MT-RTR. The rest of the terms are defined in their respective documents. See the LISP specification for most of the definitions, for LCAF and for RTR.

This document describes extensions for LISP to support Multi-Tuple Extended-EIDs. Protocol operation follows the specification defined on except for the following. Besides of IP mappings, a Mapping System can store Extended-EID mappings. Being Extended-EID a n-tuple identifying a flow. LISP routers perform look-ups based on these Extended-EIDs, instead of on destination IPs. Apart from using n-tuples instead of IPs, retrieving information from the Mapping System follows LISP standard mechanisms (i.e. Map-Request, Map-Reply).

LISP tunnel routers with enhanced operation for Multi-Tuple Extended-EIDs, or MT-TRs (MT-xTRs and MT-RTRs), behave as specified on and , with the particularity that MT-TRs perform mapping lookups based on Extended-EIDs (n-tuples). Any MT-TR must keep an internal map-cache indexed by Extended-EIDs. When a MT-TR receives a packet to encapsulate, it extracts the fields required by the n-tuple lookup in use and stores them in an Extended-EID structure. In the case of a 5-tuple lookup, it will extract the source address, destination address, level 4 protocol, source port (if any) and destination port (if any) from the packet. The MT-TR uses the Extended-EID to perform a look-up into the map-cache. The lookup process must follow the procedure described in section . If there is an entry on the map-cache that matches the Extended-EID, the MT-TR retrieves the mapping information, selects a destination RLOC and encapsulates the packet, as defined in If the map-cache of the MT-TR contains no entry for the Extended-EID, the MT-TR sends a Map-Request to a MT-MR. The MT-TR MUST be provisioned with the RLOC of at least one MT-MR. The Map-Request sent carries the Extended-EID (encoded in the specific LCAF for that Extended-EID type) in the EID-prefix field of the Map-Request. This Map-Request will eventually trigger a Map-Reply to be sent back the requester MT-TR, see section . This Map-Reply carries an Extended-EID on the EID-prefix field. The MT-TR stores, as defined in , the mapping for the Extended-EID.

Mapping System elements (comprising Map Servers and Map Resolvers) behave as specified on when implementing enhanced Multi-Tuple Extended-EIDs operation, with the particularity that MT-MRs resolve Map-Requests based on Extended-EIDs and MT-MSs store mappings indexed by Extended-EIDs. MT-MRs must be capable of processing Map-Requests with an Extended-EID on the EID-prefix field, of finding the appropriate MT-MS for the Extended-EID and of forwarding the Map-Request to it. This is done according to the lookup rules described in section and using the mapping database described in section which differs depending on the specific Extended-EID. LISP elements must perform the mapping update mechanisms defined in (e.g, SMR) using as EID the Extended-EID.

This section describes the Extended-EID types defined so far and the LCAFs to support them.

The 5-tuple LCAF is a combination of Application Data Type 4 and Source/Dest Type 12 LCAFs. Experimental deployment may indicate that a specific 5-tuple type LCAF is necessary.

This section describes the lookup process to be followed when using Extended-EID. At this point, this document only covers 5-tuple kind of Extended-EID lookups (with options for coarse or exact lookup). It is expected to include lookup mechanism for n-tuple lookups with more complex protocol combinations.

When using a coarse lookup for 5-tuple, the encoding described in is used to carry the Extended-EID. Note that a coarse lookup also covers exact lookups. The lookup is (logically) done at steps, one per each element of the tuple. The lookup MUST follow this strict order: Destination address Source address Protocol number Destination port Source port This means that for a given 5-tuple, the lookup process will first select from the available 5-tuples present in the system, the ones that match the destination address. Among them, those that also match the source address. This is iterated for the rest of the elements in the tuple. If a 5-tuple matches several entries, then the one with the longest prefix match or shortest port-range has priority. To clarify the process an example is provided below. Suppose that a MT-MS stores the mappings indexed by the tuples (A), (B), (C), (D) and (E), and that it receives Map-Request messages carrying the Extended-EIDs (T), (U), (V), (W), (X) and (Y).

When (T) is Map-Requested, the lookup could match both (A) and (B), however destination address has preference over source address and therefore (A) is returned. When (U) is Map-Requested, the lookup will return that no entry exists for the 5-tuple. When (V) is Map-Requested, the lookup will return (B). When (W) is Map-Requested, the lookup will return (C) and not (D), although both could match the tuple, since the destination port range is shorter in (C). When (X) is Map-Requested, the lookup will return (D). When (Y) is Map-Requested, the lookup will return (E). A port range of 0-65535 means any port.

In scenarios where 5-tuple coarse lookup is not required, the lookup can be optimized to only account for exact matchs. When using a exact lookup for 5-tuple, the encoding described in is used to carry the Extended-EID. The exact match lookup is performed by serializing the elements of the 5-tuple as a single vector of bits. The order to serialize the elements is the same that is described in This (unique) vector of bits is then used as the key to perform a exact match lookup over the available entries.

The mapping database, i.e. the system to interconnect (MT-)MRs and (MT-)MSs should be optimal for each one of the different Extended-EIDs types. This section covers recommended mapping databases for each of the Extended-EIDs described in this document.

The mapping database to be used for a coarse lookup of 5-tuples can leverage on the LISP-DDT mapping database since it supports multi-tuple lookups. Note that a LISP-DDT based database can support also a exact lookup.

Although a LISP-DDT based mapping database supports both coarse and exact lookups, the particularities of the latter benefit of using a mapping database optimized for flat namespaces rather than one optimized for hierarchical data. In that sense, the exact match mechanism should be supported by a DHT-like mapping database, such or [LISP-DHT].

Instance-ID is a special case to be considered. If it is in use, its lookup is resolved before the lookup for the Extended-EID begins (regardless of the Extended-EID type). In terms of implementation this means that if the Instance-ID is present, it will have always more priority that any other field within the multi-tuple EID. In other words, Instance-ID is the high-order parts of the destination and source addresses and a longest match lookup should be applied to it before looking up the address itself.

This memo includes no request to IANA.

Security Considerations TBD