Network Working Group                                         L. Iannone
Internet-Draft                                         Telecom ParisTech
Intended status: Informational                              R. Jorgensen
Expires: January 2, April 27, 2015                            Bredbandsfylket Troms
                                                               D. Conrad
                                                        Virtualized, LLC
                                                            July 1,
                                                               G. Huston
                         APNIC - Asia Pacific Network Information Center
                                                        October 24, 2014

                  LISP EID Block Management Guidelines
                 draft-ietf-lisp-eid-block-mgmnt-02.txt
                 draft-ietf-lisp-eid-block-mgmnt-03.txt

Abstract

   This document proposes an allocation a framework for the management of the LISP EID address prefix.
   Prefix.  The framework described relies on hierarchical distribution
   of the address space with sub-prefixes
   allocated on a space, granting temporary basis usage of sub-prefixes of
   such space to requesting organizations.

Status of this This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 2, April 27, 2015.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Requirements Notation . . . . . . . . . . . . . . . . . . . .  3   2
   2.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . .  3   2
   3.  Definition of Terms . . . . . . . . . . . . . . . . . . . . .   3
   4.  EID Prefix Allocation Registration Policy  . . . . . . . . . . . . . . . . .   3
   5.  EID Prefixes Allocation Registration Requirements  . . . . . . . . . . . . .  5   4
   6.  EID Prefix Request Template . . . . . . . . . . . . . . . . .  5   4
   7.  Policy Validity Period  . . . . . . . . . . . . . . . . . . . .  7   6
   8.  Security Considerations . . . . . . . . . . . . . . . . . . .  7   6
   9.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  8   6
   10. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  8   7
   11. References  . . . . . . . . . . . . . . . . . . . . . . . . . .  8   7
     11.1.  Normative References . . . . . . . . . . . . . . . . . .  8   7
     11.2.  Informative References . . . . . . . . . . . . . . . . .  9   7
   Appendix A.  LISP Terms . . . . . . . . . . . . . . . . . . . . . 10   8
   Appendix B.  Document Change Log  . . . . . . . . . . . . . . . . . 12  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . . . 13  11

1.  Requirements Notation

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

2.  Introduction

   The Locator/ID Separation Protocol (LISP - [RFC6830]) and related
   mechanisms ([RFC6831], [RFC6832], [RFC6833], [RFC6834], [RFC6835],
   [RFC6836], [RFC6837]) separates the IP addressing space into two
   logical spaces, the End-point IDentifier (EID) space and the Routing
   LOCator (RLOC) space.  The first space is used to identify
   communication end-points, while the second is used to locate EIDs in
   the Internet routing infrastructure topology.

   The document [I-D.ietf-lisp-eid-block] requested an IPv6 address
   block reservation exclusively for the allocation and assignment of use as EID prefixes. prefixes in the LISP
   experiment.  The rationale, intent, size, and usage of the EID
   address block are described in [I-D.ietf-lisp-eid-block].

   This document proposes a management framework for the allocation and
   assignment registration of
   EID addresses prefixes from that block based on temporary
   allocation block, allowing the requesting organisation
   exclusive use of portions those EID prefixes limited to the duration of the block to different requesting
   organizations.
   LISP experiment.

3.  Definition of Terms

   This document does not introduce any new terms related to the set of
   LISP Specifications ( [RFC6830], [RFC6831], [RFC6832], [RFC6833],
   [RFC6834], [RFC6835], [RFC6836], [RFC6837]).  To help the reading of
   this document the terminology introduced by LISP is summarized in
   Appendix A.

4.  EID Prefix Allocation Registration Policy

   The allocation request registration of EID prefixes MUST be done under the
   following policies:

   1.  EID addressing prefixes are made available in the reserved space on a
       temporary basis and for experimental uses.  The requester of an
       experimental prefix MUST provide a short description of the
       intended use or experiment that will be carried out (see
       Section 6).  If the prefix will be used for activities not
       documented in the original description, the renewal of the
       allocation
       registration may be denied or withdrawn (see Section 5). denied.

   2.  EID prefixes are allocated prefix registrations SHOULD be renewed on a lease/license regular basis for a limited
       period of time (which can be renewed).  The lease/license period
       SHOULD NOT be longer than one year in order to
       ensure their use by active participants in the leases
       and experiment.  The
       registration information about those leases period is kept
       reasonably up to date.

   3.  Exception proposed to the previous rule may be granted in cases in which
       the prefix has been delegated to an organization that will act as
       a registry for further sub-allocations.  Sub-allocations MUST
       abide by these policies as well as the allocation requirements
       outlined in Section 5.  Requests for 12 months.  Registration
       renewal SHOULD NOT cause a prefix delegation that
       will be used for further sub-allocations MUST clearly state such
       intent change in the short description registered EID prefix.
       The conditions of registration renewal should no different to the intended use document.

   4.  All
       conditions of registration.

   3.  When an EID prefix registration is removed from the allocations (renewed or not, including delegations and
       sub-allocations) MUST be returned by 31 December 2017, in
       accordance with registry,
       then the 3+3 years experimental allocation plan
       outlined in [I-D.ietf-lisp-eid-block].

   5.  Upon IETF review before 31 December 2017, reuse of the EID prefix space
       may become in a permanent allocation.  In this case existing
       allocations CAN be renewed and new allocations granted (still subsequent registration on
       behalf of a yearly temporary basis).  All allocations (renewed or not,
       including delegations and sub-allocations) MUST different end user should be returned by 31
       December 2020, in accordance to the 3+3 years plan outlined in
       [I-D.ietf-lisp-eid-block].  During avoided where possible.
       If the second 3 years phase considerations of overall usage of the experiment, following the policies outlined in [RFC5226], the
       IETF will decide the final EID prefix block size and elaborate
       the allocation prefix
       requires reuse of a previously registered EID prefix, then a
       minimum delay of at least one week between removal and management policies that will subsequent
       registration SHOULD be applied
       starting 1 January 2021.

   6.  When an allocation is freed because of non-renewal or by the
       termination registry operator.

   4.  All registrations of an experiment, the address space is returned to EID prefixes cease at the global pool time of free EID prefixes.  This freed allocation MUST
       NOT be announced through registration on Map Servers in the LISP
       mapping system for at least 72 hours to ensure
       expiration of all
       cached map entries in the global reserved experimental LISP infrastructure.

   7.  The EID prefix Block.  The
       further disposition of an allocation that is not renewed (or whose
       renewal has been denied) can be re-used after no less than one
       week from the date when these prefixes and the EID prefix is freed.  This delay will
       provide sufficient time for all cached map associated registry
       entries in the global
       LISP infrastructure to expire and will allow any management
       process for re-allocation is to be dealt with.

   8.  EID prefix allocations can be revoked as a result specified in the announcement of abuse,
       unjustified usage (e.g., not conforming the intended use provided
       at request time), failure to pay maintenance fees, legal court
       orders, etc.  Withdrawal can be enforced by filtering on Map
       Servers so to prevent map registration. cessation
       of this experiment.

5.  EID Prefixes Allocation Registration Requirements

   All EID prefix allocations (and delegations) registrations MUST respect the following requirements:

   1.  Allocations  All EID prefix registrations MUST be use a globally unique. unique EID
       prefix.

   2.  Requirements for allocation  If there is more than one registry operator, all operators MUST be
       use the same globally.  No
       regional/national/local variations are permitted. registry management policies and practices.

   3.  The EID Prefix registration information as specified in
       Section 6, MUST be maintained collected upon initial registration and
       renewal, and made publicly available through a searchable interface, preferably RDAP
       ([I-D.ietf-weirds-rdap-sec]) though interfaces allowing
       both retrieval of specific registration details (search) and optionally
       enumeration of the entire registry contents (e.g.,
       [I-D.ietf-weirds-rdap-sec], whois, http, or similar access methods.
       methods).

   4.  The registration information service should be reasonably
       reliable so to make such information readily available.  The
       allocation service SHOULD be provided during regular business
       hours in venue in which the allocation service is housed.

   5.  Facilities SHOULD exist to allow for registry operator MUST permit the delegation of EID prefixes
       in the reverse DNS for space to holders of registered EID address prefixes.  Reverse DNS delegation is
       not required, and may not be provided from

   5.  Anyone can obtain an entry in the beginning of EID prefix registry, on the
       understanding that the prefix so registered is for the exclusive
       use of in the EID Block.  However it may be made available on a
       later stage if operational requirements necessitate it or IETF
       decides it should be available.

   6.  Anyone, private persons, companies, or other entities can request
       EID space LISP experimental network, and those requests MUST be granted, provided that they
       can show a clear intent their registration
       details (as specified in carrying out LISP experimentation. Section 6) are openly published in the
       EID prefix registry.

6.  EID Prefix Request Template

   The following is a basic request template for prefix allocation (and
   delegation) registration so
   to ensure a uniform process.  Such a template is inspired by the IANA
   Private Enterprise Number online request form
   (http://pen.iana.org/pen/PenApplication.page).

   Note that all details in this registration become part of the
   registry, and will be published in the LISP EID Prefix Registry.

   The EID Prefix Request template MUST at minimum contain:

   1.  Organization (In case of individuals requesting an EID prefix
       this section can be left empty)

       (a)  Organization Name

       (b)  Organization Address

       (c)  Organization Phone

   2.  Contact Person (Mandatory)

       (a)  Name

       (b)  Address

       (c)  Phone

       (d)  Fax (optional)

       (e)  Email

   3.  EID Prefix Request (Mandatory)

       (a)  Prefix Size

       (b)  Prefix Size Rationale

       (c)  Lease Period

         +  Start Date

            +  End Date  Note that according Well: All EID Prefix registrations will be valid until
            the earlier date of 12 months from the date of registration
            or 31 December 2017.

         +  All registrations may be renewed by the applicant for
            further 12 month periods, ending on 31 December 2017.

         +  According to the 3+3 year allocation experimentation plan, defined in
            [I-D.ietf-lisp-eid-block], all allocations (and
            delegations) registrations MUST end by 31
            December 2017, unless the IETF community decides to grant a
            permanent LISP EID address block.  In the latter case, allocations (and delegations)
            registrations following the present document policy MUST end
            by 31 December 2020 and a new policy (to be decided - see
            Section 7) will apply starting 1 January 2021.

   4.  Experiment Description

       (a)  Experiment and Deployment Description

       (b)  Interoperability with existing LISP deployments

       (c)  Interoperability with Legacy Internet

   5.  Reverse DNS Servers (Optional)

       (a)  Name server name:

       (b)  Name server address:

       (c)  Name server name:

       (d)  Name server address:

       (Repeat if necessary)

7.  Policy Validity Period

   Policy outlined in the present document is tight tied to the existence of
   the experimental LISP EID block requested in
   [I-D.ietf-lisp-eid-block] and valid until 31 December 2017.

   If the IETF decides to transform the block in a permanent allocation,
   the LISP EID block allocation reserved usage period will be extended for three
   years (until 31 December 2020) so to give time to the IETF to define define,
   following the policies outlined in [RFC5226], the final size of the
   EID block and create a transition plan, while the policy in the
   present document will still apply.

   Note that, as stated in [I-D.ietf-lisp-eid-block], the transition of
   the EID block into a permanent allocation allocation, has the potential to pose
   policy issues (as recognized in [RFC2860], section 4.3) and hence
   discussion with the IANA, the RIR communities, and the IETF community
   will be necessary to determine appropriate policy for permanent EID
   prefix allocation and management, which will be effective starting 1 January 2021.

8.  Security Considerations

   This document does not introduce new security threats in the LISP
   architecture nor in the Legacy Internet architecture.

   For accountability reasons, and in line with the security
   considerations in [RFC7020], each allocation registration request MUST contain
   accurate information on the requesting entity (company, institution,
   individual, etc.) and valid and accurate contact information of a
   referral person (see Section 6).

9.  Acknowledgments

   Thanks to J.  Curran, A.  Severin, B.  Haberman, T.  Manderson, D.
   Lewis, D.  Farinacci, M.  Binderberger, for their helpful comments.

   The work of Luigi Iannone has been partially supported by the ANR-13-
   INFR-0009 ANR-
   13-INFR-0009 LISP-Lab Project (www.lisp-lab.org) and the EIT KIC ICT-
   Labs SOFNETS Project.

10.  IANA Considerations

   This document provides only management guidelines for the reserved
   LISP EID prefix requested and allocated in [I-D.ietf-lisp-eid-block].

   There is an operational requirement for an EID allocation registration service
   that ensures uniqueness of EIDs allocated according to the requirements
   described in Section 5.  Furthermore, there is an operational
   requirement for EID registration service that allows a lookup of the
   contact information of the entity to which that registered the EID was
   allocated. EID.

   IANA must is to ensure both of these services are provided, for the space
   directly allocated by IANA, provided in a globally
   uniform fashion for the duration of the experiment.

11.  References

11.1.  Normative References

   [I-D.ietf-lisp-eid-block]
              Iannone, L., Lewis, D., Meyer, D., and V. Fuller, "LISP
              EID Block", draft-ietf-lisp-eid-block-09 (work in
              progress), July 2014.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4632]  Fuller, V. and T. Li, "Classless Inter-domain Routing
              (CIDR): The Internet Address Assignment and Aggregation
              Plan", BCP 122, RFC 4632, August 2006.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              May 2008.

11.2.  Informative References

   [I-D.ietf-weirds-rdap-sec]
              Hollenbeck, S. and N. Kong, "Security Services for the
              Registration Data Access Protocol",
              draft-ietf-weirds-rdap-sec-06 draft-ietf-weirds-
              rdap-sec-06 (work in progress), February 2014.

   [RFC2860]  Carpenter, B., Baker, F., and M. Roberts, "Memorandum of
              Understanding Concerning the Technical Work of the
              Internet Assigned Numbers Authority", RFC 2860, June 2000.

   [RFC6830]  Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The
              Locator/ID Separation Protocol (LISP)", RFC 6830, January
              2013.

   [RFC6831]  Farinacci, D., Meyer, D., Zwiebel, J., and S. Venaas, "The
              Locator/ID Separation Protocol (LISP) for Multicast
              Environments", RFC 6831, January 2013.

   [RFC6832]  Lewis, D., Meyer, D., Farinacci, D., and V. Fuller,
              "Interworking between Locator/ID Separation Protocol
              (LISP) and Non-LISP Sites", RFC 6832, January 2013.

   [RFC6833]  Fuller, V. and D. Farinacci, "Locator/ID Separation
              Protocol (LISP) Map-Server Interface", RFC 6833, January
              2013.

   [RFC6834]  Iannone, L., Saucez, D., and O. Bonaventure, "Locator/ID
              Separation Protocol (LISP) Map-Versioning", RFC 6834,
              January 2013.

   [RFC6835]  Farinacci, D. and D. Meyer, "The Locator/ID Separation
              Protocol Internet Groper (LIG)", RFC 6835, January 2013.

   [RFC6836]  Fuller, V., Farinacci, D., Meyer, D., and D. Lewis,
              "Locator/ID Separation Protocol Alternative Logical
              Topology (LISP+ALT)", RFC 6836, January 2013.

   [RFC6837]  Lear, E., "NERD: A Not-so-novel Endpoint ID (EID) to
              Routing Locator (RLOC) Database", RFC 6837, January 2013.

   [RFC7020]  Housley, R., Curran, J., Huston, G., and D. Conrad, "The
              Internet Numbers Registry System", RFC 7020, August 2013.

Appendix A.  LISP Terms

   LISP operates on two name spaces and introduces several new network
   elements.  This section provides high-level definitions of the LISP
   name spaces and network elements and as such, it must not be
   considered as an authoritative source.  The reference to the
   authoritative document for each term is included in every term
   description.

   Legacy Internet:  The portion of the Internet that does not run LISP
      and does not participate in LISP+ALT or any other mapping system.

   LISP site:  A LISP site is a set of routers in an edge network that
      are under a single technical administration.  LISP routers that
      reside in the edge network are the demarcation points to separate
      the edge network from the core network.  See [RFC6830] for more
      details.

    Endpoint ID (EID):  An EID is a 32-bit (for IPv4) or 128-bit (for
      IPv6) value used in the source and destination address fields of
      the first (most inner) LISP header of a packet.  A packet that is
      emitted by a system contains EIDs in its headers and LISP headers
      are prepended only when the packet reaches an Ingress Tunnel
      Router (ITR) on the data path to the destination EID.  The source
      EID is obtained via existing mechanisms used to set a host's
      "local" IP address.  An EID is allocated to a host from an EID-
      prefix block associated with the site where the host is located.
      See [RFC6830] for more details.

   EID-prefix:  A power-of-two block of EIDs that are allocated to a
      site by an address allocation authority.  See [RFC6830] for more
      details.

   EID-Prefix Aggregate:  A set of EID-prefixes said to be aggregatable
      in the [RFC4632] sense.  That is, an EID-Prefix aggregate is
      defined to be a single contiguous power-of-two EID-prefix block.
      A prefix and a length characterize such a block.  See [RFC6830]
      for more details.

   Routing LOCator (RLOC):  A RLOC is an IPv4 or IPv6 address of an
      egress tunnel router (ETR).  A RLOC is the output of an EID-to-
      RLOC mapping lookup.  An EID maps to one or more RLOCs.
      Typically, RLOCs are numbered from topologically aggregatable
      blocks that are assigned to a site at each point to which it
      attaches to the global Internet; where the topology is defined by
      the connectivity of provider networks, RLOCs can be thought of as
      Provider Aggregatable (PA) addresses.  See [RFC6830] for more
      details.

    EID-to-RLOC Mapping:  A binding between an EID-Prefix and the RLOC-
      set that can be used to reach the EID-Prefix.  The general term
      "mapping" always refers to an EID-to-RLOC mapping.  See [RFC6830]
      for more details.

   Ingress Tunnel Router (ITR):  An Ingress Tunnel Router (ITR) is a
      router that accepts receives IP packets from site end-systems on
      one side and sends LISP-encapsulated IP packets toward the
      Internet on the other side.  The router treats the "inner" IP
      destination address as an EID and performs an EID-to-RLOC mapping
      lookup.  The router then prepends an "outer" IP header with one of
      its globally routable RLOCs in the source address field and the
      result of the mapping lookup in the destination address field.
      See [RFC6830] for more details.

   Egress Tunnel Router (ETR):  An Egress Tunnel Router (ETR) receives
      LISP-encapsulated IP packets from the Internet on one side and
      sends decapsulated IP packets to site end-systems on the other
      side.  An ETR router accepts an IP packet where the destination
      address in the "outer" IP header is one of its own RLOCs.  The
      router strips the "outer" header and forwards the packet based on
      the next IP header found.  See [RFC6830] for more details.

   Proxy ITR (PITR):  A Proxy-ITR (PITR) acts like an ITR but does so on
      behalf of non-LISP sites which send packets to destinations at
      LISP sites.  See [RFC6832] for more details.

   Proxy ETR (PETR):  A Proxy-ETR (PETR) acts like an ETR but does so on
      behalf of LISP sites which send packets to destinations at non-
      LISP sites.  See [RFC6832] for more details.

   Map Server (MS):  A network infrastructure component that learns EID-
      to-RLOC mapping entries from an authoritative source (typically an
      ETR).  A Map Server publishes these mappings in the distributed
      mapping system.  See [RFC6833] for more details.

   Map Resolver (MR):  A network infrastructure component that accepts
      LISP Encapsulated Map-Requests, typically from an ITR, quickly
      determines whether or not the destination IP address is part of
      the EID namespace; if it is not, a Negative Map-Reply is
      immediately returned.  Otherwise, the Map Resolver finds the
      appropriate EID-to-RLOC mapping by consulting the distributed
      mapping database system.  See [RFC6833] for more details.

   The LISP Alternative Logical Topology (ALT):  The virtual overlay
      network made up of tunnels between LISP+ALT Routers.  The Border
      Gateway Protocol (BGP) runs between ALT Routers and is used to
      carry reachability information for EID-prefixes.  The ALT provides
      a way to forward Map-Requests toward the ETR that "owns" an EID-
      prefix.  See [RFC6836] for more details.

   ALT Router:  The device on which runs the ALT.  The ALT is a static
      network built using tunnels between ALT Routers.  These routers
      are deployed in a roughly-hierarchical mesh in which routers at
      each level in the topology are responsible for aggregating EID-
      Prefixes learned from those logically "below" them and advertising
      summary prefixes to those logically "above" them.  Prefix learning
      and propagation between ALT Routers is done using BGP.  When an
      ALT Router receives an ALT Datagram, it looks up the destination
      EID in its forwarding table (composed of EID-Prefix routes it
      learned from neighboring ALT Routers) and forwards it to the
      logical next-hop on the overlay network.  The primary function of
      LISP+ALT routers is to provide a lightweight forwarding
      infrastructure for LISP control-plane messages (Map-Request and
      Map-Reply), and to transport data packets when the packet has the
      same destination address in both the inner (encapsulating)
      destination and outer destination addresses ((i.e., a Data Probe
      packet).  See [RFC6830] for more details.

Appendix B.  Document Change Log

   Version 03 Posted October 2014.

   o  Re-worded the document so to avoid confusion on "allocation" and
      "assignement".  The document now reffers to "registration".  As
      for comments by G.  Huston and M.  Binderberger.

   Version 02 Posted July 2014.

   o  Deleted the trailing paragraph of Section 4, as for discussion in
      the mailing list.

   o  Deleted the fees policy as of suggestion of G.  Huston and
      discussion during 89th IETF.

   o  Re-phrased the availability of the registration information
      requirement avoiding putting specific numbers (previously
      requiring 99% up time), as of suggestion of G.  Huston and
      discussion during 89th IETF.

   Version 01 Posted February 2014.

   o  Dropped the reverse DNS requirement as for discussion during the
      88th IETF meeting.

   o  Dropped the minimum allocation requirement as for discussion
      during the 88th IETF meeting.

   o  Changed Section 7 from "General Consideration" to "Policy Validity
      Period", according to J.  Curran feedback.  The purpose of the
      section is just to clearly state the period during which the
      policy applies.

   Version 00 Posted December 2013.

   o  Rename of draft-iannone-lisp-eid-block-mgmnt-03.txt.

Authors' Addresses

   Luigi Iannone
   Telecom ParisTech

   Email: ggx@gigix.net
   Roger Jorgensen
   Bredbandsfylket Troms

   Email: rogerj@gmail.com

   David Conrad
   Virtualized, LLC

   Email: drc@virtualized.org

   Geoff Huston
   APNIC - Asia Pacific Network Information Center

   Email: gih@apnic.net