[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Nits]

Versions: 00

Network Working Group                                       R. Moskowitz
Internet-Draft                                            HTT Consulting
Intended status: Informational                                    GP. Li
Expires: August 3, 2019                                           S. Ren
                                                                  Huawei
                                                        January 30, 2019


                           FlexIP Addressing
                  draft-moskowitz-flexip-addressing-00

Abstract

   This memo proposes an unbounded Flexible Address Space (FAS),
   consisting of a publicly routable Global Address Part (GP) and a
   locally routable Local Address Part (LP).  It expands GP and LP to
   provide address privacy and special LP formats.  Use cases are also
   provided.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 3, 2019.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of



Moskowitz, et al.        Expires August 3, 2019                 [Page 1]


Internet-Draft              FlexIP Addressing               January 2019


   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Related Work  . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Terms and Definitions . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Requirements Terminology  . . . . . . . . . . . . . . . .   3
     2.2.  Notations . . . . . . . . . . . . . . . . . . . . . . . .   3
     2.3.  Definitions . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Flexible Address System . . . . . . . . . . . . . . . . . . .   4
     3.1.  Infinite address space  . . . . . . . . . . . . . . . . .   4
     3.2.  Textual representation  . . . . . . . . . . . . . . . . .   5
     3.3.  Some Assignment Principles  . . . . . . . . . . . . . . .   6
   4.  Expanding into the Flexible Address System  . . . . . . . . .   6
     4.1.  Adding a MapID to the Local Part  . . . . . . . . . . . .   6
     4.2.  FlexIP Addressing Privacy Concerns  . . . . . . . . . . .   7
       4.2.1.  Address Privacy via a Cryptographic Mapping Function    7
     4.3.  Inbound FlexIP Address Considerations . . . . . . . . . .   8
     4.4.  Adding a MapID to the Global Part . . . . . . . . . . . .   8
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   7.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .   9
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   9
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   9
   Appendix A.  FlexIP Addressing Local Part Use Cases . . . . . . .   9
     A.1.  Case 1: FlexIP METrie as Local Forwarding Part  . . . . .   9
     A.2.  Case 2: Layer 2 forwarding network  . . . . . . . . . . .  10
     A.3.  Case 3: IPv4/IPv6 forwarding network  . . . . . . . . . .  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10

1.  Introduction

   This memo defines a new IP address system, called the Flexible
   Address System (FAS).  Compared to the conventional fixed length IP
   system, FAS is designed with 2 infinite address spaces, Global and
   Local, that can support variable length IP addresses, called flexible
   addresses.  FAS has a global hierarchical structure of flexible
   addresses from the perspective of management.  This hierarchical
   structure may also be used in a local part of FAS.

   It proposes a number of different formats for the Local Part,
   including IPv4/6 addresses and IEEE 802 48 and 64 bit MAC addresses
   in addition to the unbounded FAS bit structure.





Moskowitz, et al.        Expires August 3, 2019                 [Page 2]


Internet-Draft              FlexIP Addressing               January 2019


   Further, it provides privacy of both the LP and customer bits of the
   GP through the use of a MapID (MID).  The MapID is explained for each
   use case.  It works differently when used for LP privacy than it does
   for GP privacy.

1.1.  Related Work

   PIP [RFC1621] provided for variable length addresses so that the size
   of the address could be adjusted to the demands of the particular
   environment, and to ensure the ability to meet any future networking
   requirements.  PIP also made a distinction of identifier from
   addresses.

   FlexIP has parallels in PIP, but takes advantages in advancements in
   Identities, routing, and provider networking.

2.  Terms and Definitions

2.1.  Requirements Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

2.2.  Notations

   ||   signifies concatenation of information - e.g., X || Y is the
      concatenation of X and Y.

   [x|y]  Either x or y.

2.3.  Definitions

   DI (Device Identifier):  The portion of the Local Part that
      Identifies the device interface.

   FAS (Flexible Address System):  The unbounded address space of
      FlexIP.

   GP (Global Part):  The globally routable portion of FAS.  It is
      textually represented to the left of a period in little endian
      format.

   GPF (Global Part Forwarding):  The global routing of a FAS addressed
      packet.






Moskowitz, et al.        Expires August 3, 2019                 [Page 3]


Internet-Draft              FlexIP Addressing               January 2019


   LP (Local Part):  The locally routable portion of FAS.  It is
      textually represented to the right of a period in big endian
      format.

   LPF (Local Part Forwarding):  The local routing of a FAS addressed
      packet.

   MID (MapID):  Index into the address mapping function used to provide
      address privacy.

   OV (Obfuscated Value):  The mapped value of the hidden address.

3.  Flexible Address System

   This section presents a new IP address system called Flexible Address
   System (FAS), in which the IP addresses can be with variable length,
   rather than the conventional fixed bits.

   FlexIP FAS addresses can simply be viewed as composed of two parts:
   Global (GP) and Local (LP).  The Global part is represented in little
   endian form (most significant adjacent to the period) and the Local
   Part is big endian.

          GP.LP

3.1.  Infinite address space

   From the perspective of address space management, flexible IP
   addresses (Flex-IP) can simply be viewed as composed of two parts:
   Global (GP) and Local (LP) Parts, as is shown below.


                                |
                        ...00 1 | 01
                       ...00 10 | 100
                     ...00 1010 | 0001
                    ...00 10010 | 100001
                    ...00 10010 | 1000010
                    ------------|-------------
           Infinite Global Part | Infinite Local Part


          Figure 1: Flexible address space and structure

   Figure 1 shows the structure of flexible IP addresses, which are
   represented in binary.  A flexible IP address commonly consists of
   two parts, the global part and the local part.  The global prefix is
   a network prefix used for management and assignment.  Each specified



Moskowitz, et al.        Expires August 3, 2019                 [Page 4]


Internet-Draft              FlexIP Addressing               January 2019


   global prefix can be treated as a natural number.  Thus, the number
   of available global prefix equals to natural number domain.

   While the local part is used to identify interfaces or hosts in a
   certain subnet, along with any local routing prefix.  The size of the
   local part can be any bits, determined by the allocation strategies.
   While for a specified subnet with delegated global part, its local
   part should be with fixed bits and cannot be changed once assigned.
   For different subnets, the size of their local parts can be same or
   different.  The local part consists of several units, which further
   consists of one bit or several bits.  The length of the local part
   should be an integer multiple of the unit size.  The size of unit can
   be any length but should be defined uniformly.

   Theoretically, both the global part and local address part are
   infinite.  The FAS address space can be expanded on demand and will
   never be exhausted.  Ideally, if unit size is set to 1 bit, FAS
   address space can evolve completely smooth, bit-by-bit.  Even with a
   bigger unit, FAS address space is still infinite and there is no need
   to prescribe a fixed or maximum length of the address space.

3.2.  Textual representation

   The global part can also be split into several units.  If there is an
   aliquant part when splitting, add auxiliary zeros on the left side.
   Then, by representing each unit as a decimal number, a flexible IP
   address can be represented textually with the conventional dotted-
   decimal form.  For example, as depicted in Figure 2, with 4bits as
   unit size, a 10bits address 10 0100 0110 with the first two bits as
   global part can be transformed to a 12bits address 00 10 0100 0110 by
   adding two auxiliary bits of zeros on the left side.  Then it can be
   further expressed in a textual format as 2.4.6.  Moreover, this
   address can also be expressed as 0.2.4.6, or even 0.0.2.4.6, which
   may provide more convenience in some cases like the routing lookup in
   the following sections.


                              Binary            Dotted decimal

   Effective address           10 0100 01 10  -->     2.0.0
   --------------------------------------------------------
   Expressional address       0010 0100 0110  -->   0.2.0.0
                         0000 0010 0100 0110      0.0.2.0.0


          Figure 2: Textual representation for FAS





Moskowitz, et al.        Expires August 3, 2019                 [Page 5]


Internet-Draft              FlexIP Addressing               January 2019


   For easy understanding and description, the binary address 10 0100
   0110 is called an effective address with 10 bits effective length.
   While 00 10 0100 0110 and 0.2.4.6 are called expression addresses
   with 12 bits expression length.  For special cases, the corresponding
   decimal dotted address 2.4.6 is called an effective address when
   described with 10bits effective length and called expression address
   when described with 12bits expression length.  This document will
   take 8 bits as the unit size to accommodate the custom of IPv4.

3.3.  Some Assignment Principles

   The FAS address should be centralized allocated by some organization
   liken IANA.  When allocating an address block to a company or an
   organization, the value of the global part should be specified.

   If the assigner is a Network Service Provider, they can further
   extend their global part to support their customers.  If they have
   multiple entries into their network and need to advertise different
   GP lengths, this will have an impact on the RIBs.

4.  Expanding into the Flexible Address System

   This simple view of a two-branched tree of addresses for FAS is a
   gross simplification as it hides complexities in both parts.  A
   simple view of the Global Part is that of an unbounded hierarchy to
   facilitate packet forwarding (GPF) between multiple public
   connectivity providers.  The Local Part minimally contains a local
   packet forwarding (LPF) hierarchy and a device 'interface' identifier
   (DI).  This is the simplest case for the Local Part.  The following
   expands to a deeper view of both parts.

4.1.  Adding a MapID to the Local Part

   A MapID (MID) provides an access mechanism to support a different
   presentation of the Local Part to the Global network.  The intention
   is to either provide privacy of the local part to the global network,
   or to provide address transformation of FlexIP global addresses to
   some local addressing structure.  A later section will describe using
   the MID in the Global Part.

   MID applies to inbound processing at the local network border router.
   It is the index to a table that defines the mapping function (e.g.
   lookup or math transform function) and any associated information
   (e.g. key value).  Within the local network, MID has no meaning
   (Appendix A.1 below).

   The MID has local significance and of no semantic value to the global
   FlexIP network nor to other local networks.  Thus its size cannot



Moskowitz, et al.        Expires August 3, 2019                 [Page 6]


Internet-Draft              FlexIP Addressing               January 2019


   easily be fixed.  Although there are use cases where its length could
   be zero (only a single mapping ever used), it is strongly recommended
   it always be present and its length be 8 bits.  It is the privacy
   mapping function that requires multiple values (see Section 4.2).

   Appendix A.3, below, presents an argument for global significance for
   MID for potentially one value (e.g.  MID=0).

4.2.  FlexIP Addressing Privacy Concerns

   A desired goal with FlexIP is to mask information about devices on
   the local network.  This includes and is not limited to the Device
   Identifier and Local Forwarding Part.  Not only is it desirable to
   stop a network observer from linking all traffic from a device by
   observing the DI portion of the address but also from learning about
   the local network design and what devices are, network-wise, close by
   sharing the same local forwarding information.

   There are two ways to obfuscate the LFP + DI address portion on the
   global network.  The most commonly used is a mapping approach where a
   gateway device stores the mapping of local to global addressing to
   produce an Obfuscated Value (OV).  The oldest, NAT, typically employs
   a many-to-one map (except for applications like PASV FTP).  Others
   include one-to-one mapping and encapsulation.  A second approach is a
   reversible function that transform the local to an obfuscated value.
   Packets are transformed bidirectionally as they cross the local
   gateway.

   To facilitate mappings choices in Local Part content a MapID (MID) is
   included as the first portion of the LP.

   Thus at this point we view the FlexIP address as:

          Locally - GP.LFP||DI
          Globally - GP.MID||OV


4.2.1.  Address Privacy via a Cryptographic Mapping Function

   Consider function F where:

          F(K, LFP||DI) = OV
          and
          F'(K, OV) = LFP||DI

   To provide privacy, K should change over time or some function based
   on packet content inspection.  To accommodate multiple, concurrent
   values of K, multiple MIDs are needed.  The nature of F is unknown at



Moskowitz, et al.        Expires August 3, 2019                 [Page 7]


Internet-Draft              FlexIP Addressing               January 2019


   this point.  Since Len(LFP||DI) is small and even variable within a
   local network, many current cryptographic functions are not safe to
   use.  Research is needed to find a safe function for this purpose.
   The actual function used will influence the nature of K lifetime and
   thus how many may exist at a given time.  If MID reuse is allowed, 8
   bits should be sufficient.

4.3.  Inbound FlexIP Address Considerations

   Devices that do not have native FlexIP addressing support, will
   require a network mapping that presents FlexIP addresses in a format
   understood by the device.  This is a highly local consideration.  It
   should present a one-to-one mapping of global to local.

4.4.  Adding a MapID to the Global Part

   A MID can also be used in the Global Part.  For example a provider
   may provide a privacy service to a customer by frequently changing
   the OV.  In this case the address may be:

          GFP||MID||OV.LP

   There are a number of limitations in using this approach.  It may not
   be viable if the customer needs outward-facing servers that are
   discoverable via DNS.

5.  IANA Considerations

   FAS will need an IP version number assignment.  The FAS header may
   have TLVs to manage.

   IANA may responsible for some level of FAS GP allocation.

6.  Security Considerations

   Address privacy is a major component of FAS, thus a careful
   evaluation of all address mapping methods is required.  Were a
   gateway performs table mappings between internal and external
   addresses, attention is needed ensure the privacy of the mapping
   table.  Where mapping is achieved via a crypto function, there are a
   different set of privacy concerns.

   Further, lifetime of use of an address needs to be a factor.
   Mappings should change regularly to minimize the attack of tracking
   flows with the same OV.






Moskowitz, et al.        Expires August 3, 2019                 [Page 8]


Internet-Draft              FlexIP Addressing               January 2019


7.  Acknowledgments

   TBD

8.  References

8.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

8.2.  Informative References

   [RFC1621]  Francis, P., "Pip Near-term Architecture", RFC 1621,
              DOI 10.17487/RFC1621, May 1994,
              <https://www.rfc-editor.org/info/rfc1621>.

Appendix A.  FlexIP Addressing Local Part Use Cases

A.1.  Case 1: FlexIP METrie as Local Forwarding Part

   A local network may deploy the full capability of the FlexIP METrie
   in its own internal tree.  In this case there can be three levels in
   the addresses and two MapIDs:

          GP.MID1||LFP1||MID2||LFP2||DI

   In this example, LFP2 may be as in case 3 below.

   It is possible to consider this as an infinite process of "layers of
   an onion", but it is best practice to only carry this to a global
   METrie and a single local METrie.  One valuable benefit of this case
   is the two levels of mappings which provides a level of privacy
   between portions of the local network.

   A simpler instance of local METrie use may be:

          GP.MID||LFP||DI

   Where GP and LFP are separated instances of the unbounded addressing
   and independent METrie trees.








Moskowitz, et al.        Expires August 3, 2019                 [Page 9]


Internet-Draft              FlexIP Addressing               January 2019


A.2.  Case 2: Layer 2 forwarding network

   There are two common layer 2 technologies for packet forwarding: IEEE
   802.1 and 802.15.10.  802.1 can be used on an 802.3/802.11 deployment
   and 802.15.10 on an 802.15.4 deployment.  In such a network, LFP may
   be null.  The DI would typically be the device MAC address and thus,
   a privacy mapping can be critical (don't expose the MAC address of a
   camera that has a known security flaw).  The DI could also be an IPv6
   Link Local address.  The FE80::/10 prefix need not be included in the
   mapping.

   Packets outbound from the local network will have some destination
   internal address that the border router maps to the global FlexIP
   address.

   Packets inbound to the local network need to source addresses mapped
   at the border router to the internal addressing format.  Without
   other knowledge, nothing is known about inbound packet source
   addresses.

A.3.  Case 3: IPv4/IPv6 forwarding network

   As IPv4 and IPv6 addressing naturally can be viewed as LFP||DI, they
   can directly replace those portions of a FlexIP address.  This allows
   for legacy networks to participate in FlexIP and for FlexIP to be
   used as the global infrastructure for an IPv4/v6 service provider.
   The address appears as:

          GP.MID||[IPv4|IPv6]

   Border gateway address processing is similar to Case 2.  Global
   agreement on a MID value to represent this case (e.g.  MID=0) could
   facilitate FlexIP infrastructure to be the connectivity between
   legacy IPv4/v6 networks.

Authors' Addresses

   Robert Moskowitz
   HTT Consulting
   Oak Park, MI  48237

   Email: rgm@labs.htt-consult.com









Moskowitz, et al.        Expires August 3, 2019                [Page 10]


Internet-Draft              FlexIP Addressing               January 2019


   Guangpeng Li
   Huawei
   Beijing  100095
   China

   Email: liguangpeng@huawei.com


   Shoushou Ren
   Huawei
   No. 156 of Beiqing Road, Haidian District
   Beijing  100095
   China

   Email: renshoushou@huawei.com




































Moskowitz, et al.        Expires August 3, 2019                [Page 11]


Html markup produced by rfcmarkup 1.129b, available from https://tools.ietf.org/tools/rfcmarkup/