draft-ietf-lisp-deployment-02.txt   draft-ietf-lisp-deployment-03.txt 
Network Working Group L. Jakab Network Working Group L. Jakab
Internet-Draft A. Cabellos-Aparicio Internet-Draft A. Cabellos-Aparicio
Intended status: Informational F. Coras Intended status: Informational F. Coras
Expires: May 4, 2012 J. Domingo-Pascual Expires: September 13, 2012 J. Domingo-Pascual
Technical University of Catalonia Technical University of
Catalonia
D. Lewis D. Lewis
Cisco Systems Cisco Systems
November 1, 2011 March 12, 2012
LISP Network Element Deployment Considerations LISP Network Element Deployment Considerations
draft-ietf-lisp-deployment-02.txt draft-ietf-lisp-deployment-03.txt
Abstract Abstract
This document discusses the different scenarios for the deployment of This document discusses the different scenarios for the deployment of
the new network elements introduced by the Locator/Identifier the new network elements introduced by the Locator/Identifier
Separation Protocol (LISP). Separation Protocol (LISP).
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 36 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 4, 2012. This Internet-Draft will expire on September 13, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 30 skipping to change at page 2, line 31
3.1. Map-Servers . . . . . . . . . . . . . . . . . . . . . . . 11 3.1. Map-Servers . . . . . . . . . . . . . . . . . . . . . . . 11
3.2. Map-Resolvers . . . . . . . . . . . . . . . . . . . . . . 12 3.2. Map-Resolvers . . . . . . . . . . . . . . . . . . . . . . 12
4. Proxy Tunnel Routers . . . . . . . . . . . . . . . . . . . . . 13 4. Proxy Tunnel Routers . . . . . . . . . . . . . . . . . . . . . 13
4.1. P-ITR . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4.1. P-ITR . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4.2. P-ETR . . . . . . . . . . . . . . . . . . . . . . . . . . 14 4.2. P-ETR . . . . . . . . . . . . . . . . . . . . . . . . . . 14
5. Migration to LISP . . . . . . . . . . . . . . . . . . . . . . 16 5. Migration to LISP . . . . . . . . . . . . . . . . . . . . . . 16
5.1. LISP+BGP . . . . . . . . . . . . . . . . . . . . . . . . . 16 5.1. LISP+BGP . . . . . . . . . . . . . . . . . . . . . . . . . 16
5.2. Mapping Service Provider (MSP) P-ITR Service . . . . . . . 16 5.2. Mapping Service Provider (MSP) P-ITR Service . . . . . . . 16
5.3. Proxy-ITR Route Distribution (PITR-RD) . . . . . . . . . . 17 5.3. Proxy-ITR Route Distribution (PITR-RD) . . . . . . . . . . 17
5.4. Migration Summary . . . . . . . . . . . . . . . . . . . . 19 5.4. Migration Summary . . . . . . . . . . . . . . . . . . . . 19
6. Security Considerations . . . . . . . . . . . . . . . . . . . 20 6. Step-by-Step BGP to LISP Migration Procedure . . . . . . . . . 20
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 6.1. Customer Pre-Install and Pre-Turn-up Checklist . . . . . . 20
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 20 6.2. Customer Activating LISP Service . . . . . . . . . . . . . 21
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20 6.3. Cut-Over Provider Preparation and Changes . . . . . . . . 22
9.1. Normative References . . . . . . . . . . . . . . . . . . . 20 7. Security Considerations . . . . . . . . . . . . . . . . . . . 22
9.2. Informative References . . . . . . . . . . . . . . . . . . 21 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 21 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
10.1. Normative References . . . . . . . . . . . . . . . . . . . 23
10.2. Informative References . . . . . . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 24
1. Introduction 1. Introduction
The Locator/Identifier Separation Protocol (LISP) addresses the The Locator/Identifier Separation Protocol (LISP) addresses the
scaling issues of the global Internet routing system by separating scaling issues of the global Internet routing system by separating
the current addressing scheme into Endpoint IDentifiers (EIDs) and the current addressing scheme into Endpoint IDentifiers (EIDs) and
Routing LOCators (RLOCs). The main protocol specification Routing LOCators (RLOCs). The main protocol specification
[I-D.ietf-lisp] describes how the separation is achieved, which new [I-D.ietf-lisp] describes how the separation is achieved, which new
network elements are introduced, and details the packet formats for network elements are introduced, and details the packet formats for
the data and control planes. the data and control planes.
skipping to change at page 20, line 6 skipping to change at page 20, line 6
Late transition | may decrease | slower increase | slower increase Late transition | may decrease | slower increase | slower increase
LISP Internet | considerable decrease LISP Internet | considerable decrease
It is expected that PITR-RD will co-exist with LISP+BGP during the It is expected that PITR-RD will co-exist with LISP+BGP during the
migration, with the latter being more popular in the early transition migration, with the latter being more popular in the early transition
phase. As the transition progresses and the MSP P-ITR and PITR-RD phase. As the transition progresses and the MSP P-ITR and PITR-RD
ecosystem gets more ubiquitous, LISP+BGP should become less ecosystem gets more ubiquitous, LISP+BGP should become less
attractive, slowing down the increase of the number of routes in the attractive, slowing down the increase of the number of routes in the
DFZ. DFZ.
6. Security Considerations 6. Step-by-Step BGP to LISP Migration Procedure
6.1. Customer Pre-Install and Pre-Turn-up Checklist
1. Determine how many current physical service provider connections
the customer has and their existing bandwidth and traffic
engineering requirements.
This information will determine the number of routing locators,
and the priorities and weights that should be configured on the
xTRs.
2. Make sure customer router has LISP capabilities.
* Obtain output of 'show version' from the CE router.
This information can be used to determine if the platform is
appropriate to support LISP, in order to determine if a
software and/or hardware upgrade is required.
* Have customer upgrade (if necessary, software and/or hardware)
to be LISP capable.
3. Obtain current running configuration of CE router. A suggested
LISP router configuration example can be customized to the
customer's existing environment.
4. Verify MTU Handling
* Request increase in MTU to (1556) on service provider
connections. Prior to MTU change verify that 1500 byte packet
from P-xTR to RLOC with do not fragment (DF-bit) bit set.
* Ensure they are not filtering ICMP unreachable or time-
exceeded on their firewall or router.
LISP, like any tunneling protocol, will increase the size of
packets when the LISP header is appended. If increasing the MTU
of the access links is not possible, care must be taken that ICMP
is not being filtered in order to allow for Path MTU Discovery to
take place.
5. Validate member prefix allocation.
This step is to check if the prefix used by the customer is a
direct (Provider Independent), or if it is a prefix assigned by a
physical service provider (Provider Allocated). If the prefixes
are assigned by other service provivers then a Letter of
Agreement is required to announce prefixes through the Proxy
Service Provider.
6. Verify the member RLOCs and their reachability.
This step ensures that the RLOCs configured on the CE router are
in fact reachable and working.
7. Prepare for cut-over.
* If possible, have a host outside of all security and filtering
policies connected to the console port of the edge router or
switch.
* Make sure customer has access to the router in order to
configure it.
6.2. Customer Activating LISP Service
1. Customer configures LISP on CE router(s) from service provider
recommended configuration.
The LISP configuration consists of the EID prefix, the locators,
and the weights and priorities of the mapping between the two
values. In addition, the xTR must be configured with Map-
Resolver(s), Map-Server(s) and the shared key for registering to
Map-Server(s). If required, Proxy-ETR(s) may be configured as
well.
In addition to the LISP configuration, the following:
* Ensure default route(s) to next-hop external neighbors are
included and RLOCs are present in configuration.
* If two or more routers are used, ensure all RLOCs are included
in the LISP configuration on all routers.
* It will be necessary to redistribute default route via IGP
between the external routers.
2. When transition is ready perform a soft shutdown on existing eBGP
peer session(s)
* From CE router, use LIG to ensure registration is successful.
* To verify LISP connectivity, ping LISP connected sites. See
http://www.lisp4.net/ and/or http://www.lisp6.net/ for
potential candidates.
* To verify connectivity to non-LISP sites, try accessing major
Internet sites via a web browser.
6.3. Cut-Over Provider Preparation and Changes
1. Verify site configuration and then active registration on Map-
Server(s)
* Authentication key
* EID prefix
2. Add EID space to map-cache on proxies
3. Add networks to BGP advertisement on proxies
* Modify route-maps/policies on P-xTRs
* Modify route policies on core routers (if non-connected
member)
* Modify ingress policers on core routers
* Ensure route announcement in looking glass servers, RouteViews
4. Perform traffic verification test
* Ensure MTU handling is as expected (PMTUD working)
* Ensure proxy-ITR map-cache population
* Ensure access from traceroute/ping servers around Internet
* Use a looking glass, to check for external visibility of
registration via several Map-Resolvers (e.g.,
http://lispmon.net/).
7. Security Considerations
Security implications of LISP deployments are to be discussed in Security implications of LISP deployments are to be discussed in
separate documents. [I-D.saucez-lisp-security] gives an overview of separate documents. [I-D.saucez-lisp-security] gives an overview of
LISP threat models, while securing mapping lookups is discussed in LISP threat models, while securing mapping lookups is discussed in
[I-D.ietf-lisp-sec]. [I-D.ietf-lisp-sec].
7. IANA Considerations 8. IANA Considerations
This memo includes no request to IANA. This memo includes no request to IANA.
8. Acknowledgements 9. Acknowledgements
Many thanks to Margaret Wasserman for her contribution to the IETF76 Many thanks to Margaret Wasserman for her contribution to the IETF76
presentation that kickstarted this work. The authors would also like presentation that kickstarted this work. The authors would also like
to thank Damien Saucez, Luigi Iannone, Joel Halpern, Vince Fuller, to thank Damien Saucez, Luigi Iannone, Joel Halpern, Vince Fuller,
Dino Farinacci, Terry Manderson, Noel Chiappa, Hannu Flinck, and Dino Farinacci, Terry Manderson, Noel Chiappa, Hannu Flinck, and
everyone else who provided input. everyone else who provided input.
9. References 10. References
9.1. Normative References 10.1. Normative References
[I-D.ietf-lisp] [I-D.ietf-lisp]
Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, Farinacci, D., Fuller, V., Meyer, D., and D. Lewis,
"Locator/ID Separation Protocol (LISP)", "Locator/ID Separation Protocol (LISP)",
draft-ietf-lisp-15 (work in progress), July 2011. draft-ietf-lisp-15 (work in progress), July 2011.
[I-D.ietf-lisp-alt] [I-D.ietf-lisp-alt]
Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, "LISP Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, "LISP
Alternative Topology (LISP+ALT)", draft-ietf-lisp-alt-09 Alternative Topology (LISP+ALT)", draft-ietf-lisp-alt-09
(work in progress), September 2011. (work in progress), September 2011.
skipping to change at page 21, line 15 skipping to change at page 24, line 5
[I-D.ietf-lisp-sec] [I-D.ietf-lisp-sec]
Maino, F., Ermagan, V., Cabellos-Aparicio, A., Saucez, D., Maino, F., Ermagan, V., Cabellos-Aparicio, A., Saucez, D.,
and O. Bonaventure, "LISP-Security (LISP-SEC)", and O. Bonaventure, "LISP-Security (LISP-SEC)",
draft-ietf-lisp-sec-00 (work in progress), July 2011. draft-ietf-lisp-sec-00 (work in progress), July 2011.
[I-D.saucez-lisp-security] [I-D.saucez-lisp-security]
Saucez, D., Iannone, L., and O. Bonaventure, "LISP Saucez, D., Iannone, L., and O. Bonaventure, "LISP
Security Threats", draft-saucez-lisp-security-03 (work in Security Threats", draft-saucez-lisp-security-03 (work in
progress), March 2011. progress), March 2011.
9.2. Informative References 10.2. Informative References
[I-D.ietf-lisp-eid-block] [I-D.ietf-lisp-eid-block]
Iannone, L., Lewis, D., Meyer, D., and V. Fuller, "LISP Lewis, D., Meyer, D., Iannone, L., and V. Fuller, "LISP
EID Block", draft-ietf-lisp-eid-block-01 (work in EID Block", draft-ietf-lisp-eid-block-01 (work in
progress), October 2011. progress), October 2011.
[I-D.lear-lisp-nerd] [I-D.lear-lisp-nerd]
Lear, E., "NERD: A Not-so-novel EID to RLOC Database", Lear, E., "NERD: A Not-so-novel EID to RLOC Database",
draft-lear-lisp-nerd-08 (work in progress), March 2010. draft-lear-lisp-nerd-08 (work in progress), March 2010.
[cache] Jung, J., Sit, E., Balakrishnan, H., and R. Morris, "DNS [cache] Jung, J., Sit, E., Balakrishnan, H., and R. Morris, "DNS
performance and the effectiveness of caching", 2002. performance and the effectiveness of caching", 2002.
 End of changes. 13 change blocks. 
20 lines changed or deleted 159 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/