LISP Working Group S. Barkai Internet-Draft B. Fernandez-Ruiz Intended status: Informational S. ZionB Expires: January 1, 2022 R. Tamir Nexar Inc. A. Rodriguez-Natal F. Maino Cisco Systems A. Cabellos-Aparicio J. Paillisse Vilanova Technical University of Catalonia D. Farinacci lispers.net September 5, 2021 Network-Hexagons: H3-LISP GeoState & Mobility Network draft-ietf-lisp-nexagon-14 Abstract This document specifies the use of H3 and LISP for Geolocation services, the utilization of geospatial data for mobility use-cases, supporting fresh HDMaps, Intelligent Driving, Cruise-Parking assists. This is achieved by: - Predefined addressable geospatial abstraction of road-segments. - EID Interface for detections and Uploads to geospatial-context. - EID Routing & Sharing hazards, blockages, parking, inventory.. - Compute-First brokering of geospatial production / consumption. - Predefined EID geospatial mcast channels to subscribed clients. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 1, 2022. Barkai, et al. Expires January 1, 2022 [Page 1] Internet-Draft LISP September 2021 Copyright Notice Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 3. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3 4. Deployment Assumptions . . . . . . . . . . . . . . . . . . . 4 5. Mobility Clients Network Services . . . . . . . . . . . . . . 4 6. Mobility Unicast-Multicast . . . . . . . . . . . . . . . . . 5 7. Security Considerations . . . . . . . . . . . . . . . . . . . 6 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 10. Normative References . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 1. Introduction The Locator/ID Separation Protocol (LISP) [I-D.ietf-lisp-rfc6830bis] splits IP addresses in two different namespaces, Endpoint Identifiers (EIDs) and Routing Locators (RLOCs). LISP uses map-and-encap approach (1) a Mapping System (distributed database) that stores and resolves EID-RLOC mappings and on (2) LISP tunnel routers (xTRs) encapsulating and decapsulating data packets based on content of those mappings. H3 (https://h3geo.org)is a geospatial indexing system using hexagonal grid that can be subdivided into finer and finer hexagonal grids, combining the benefits of a hexagonal grid with hierarchy. H3 supports sixteen resolutions. Each finer resolution has cells with 1/7 the area of the coarser resolution. Hexagons cannot be perfectly subdivided into seven hexagons, so the finer cells are approximately contained within a parent cell. Each cell is identified by 64bit HID. Barkai, et al. Expires January 1, 2022 [Page 2] Internet-Draft LISP September 2021 The Berkeley Deep Drive (BDD) (https://bdd-data.berkeley.edu) Industry Consortium investigates computer vision technologies for automotive applications and for taxonomy of published automotive classification. These standards are combined to create an in-network state reflecting condition of each hexagonal tile (~1sqm) in every road. The mobility H3-LISP network maps & encapsulates traffic between client endpoint identifiers (EID) and addressable geospatial contexts (H3-HID=>EID). The H3-LISP mobility network bridges timing and location gaps between production and consumption of information by clients of mobility data: o information producers: vision, sensory, LIADR, AI applications o information consumers: driving-apps, map-apps, command & control This is achieved by putting the physical world on a shared addressable geospatial context-grid of road-segments represented at the edge. Geospatial state sharing is done using this brokered-network of tile representation, an indirection which solves key issues in v2v information sharing. For example multiple vision perspectives, geo privacy, cyber security. These challenges arise when clients are asked to communicate directly when they do not really need to. A communication pattern which causes complexity and exposures. In non brokered v2v models, for a situation observable by some end points, it is unclear if the need-to-know end-points will receive: i. consistent, ii. conflicting, iii. multiple, or iv. no indications. As an example, when a vehicle experiences a sudden highway slow-down, sees brake lights or senses an accelerometer slowdown, there is no clear way for it to share this data with vehicles 20-30sec away. Or, when a vehicle crosses an intersection, observing opposite-lane obstruction such as: construction, double-park, commercial loading, garbage truck, or stopped school-bus.. there is no clear way for it to alert approachers from another direction as it drives away. Geospatial context indirection helps communicate advanced vision and radar annotations. As these are evolving technologies, relaying road enumerations using peer-to-peer poses interoperability challenges. Barkai, et al. Expires January 1, 2022 [Page 3] Internet-Draft LISP September 2021 These peer-to-peer limitations are inherent yet unnecessary, in most situations vehicles are not really proper peers. They happen to be in the same place at the same time. H3-LISP mobility network solves these limitations of direct vehicle-to-vehicle communication by brokering exchanges using addressable geospatial context. Bridging timing, security, privacy, and interoperability gaps between endpoints. Brokering is achieved by clients communicating via context, addressable tiles which aggregated and relay data using H3 EIDs. Clients can provide drivers with heads-up alerts on hazards/obstacles beyond the line of sight of driver and in-car sensors: over traffic, around blocks, far-side junction, beyond road turns or curvatures. This highlights the importance of networks for road safety and role in Autonomous Vehicle (AV) operation support (AV-OSS). To summarize the H3-LISP mobility use-case solution principles are: (1) MicroPartition: 64bit indexed geo-state per H3.r15 road-tiles (2) EnumState: 64bit state values of tile condition representation (3) Grouping: EID per H3.r9 geo-context for its H3.r15 road-tiles (4) Channels: H3.r9 EIDs multicast address for geo-state updates (5) Scale: EID addressable contexts distributed for throughput (6) Overlay: tunneled-network routes the mobility-network traffic (7) Signal-free: overlay is used to map-register for mcast channels (8) Layering: overlay tunnels used between client EIDs and H3 EIDs (9) Access: client/server XTRs tunnel traffic to-from the LISP RTRs (10) Control: RTRs register-resolve H3 EIDs and mcast subscriptions Barkai, et al. Expires January 1, 2022 [Page 4] Internet-Draft LISP September 2021 |-0-|-1-|-2-|-3-|-4-|-5-|-6-|-7-|-8-|-9-|-A-|-B-|-C-|-D-|-E-|-F-| | H3 Hexagon ID Key | |-0-|-1-|-2-|-3-|-4-|-5-|-6-|-7-|-8-|-9-|-A-|-B-|-C-|-D-|-E-|-F-| | H3 Hexagon State-Value | |---------------------------------------------------------------| Figure 1: 64 bit H3 ID, 64 bit compiled state value Each H3.r9 hexagon is an EID context with corresponding H3 hexagon ID. Bound to that context is a LISP xTR specified to encapsulate packets to and from EID context and LISP Edge. Edge RTRs are used to re -tunnel packets from clients to services. Each service is also a multicast source for updating clients on the state of the H3.r15 tiles, aggregated by the EID addressable geospatial context. 2. Requirements Language 3. Definition of Terms H3ServiceEID: Is an addressable aggregation of H3.r15 tiles. It functions as geospatial data association context for filtering, verifying, localizing, and propagating vehicles data uploads. It is a designated destination for physical world annotations, and an (s,g) source of multicast themed update channels. H3ServiceEID is itself an H3 hexagon, large enough to provide geo-spatial compute context, but not too large as to over-burden subscribers with too much information. For Mobility Network it is H3.r9. It has a light-weight LISP protocol stack to tunnel packets aka ServerXTR. The EID is an IPv6 EID that contains the H3 64-bit address numbering scheme. ServerXTR: Is a data-plane only LISP protocol stack implementation, it co-exists with H3ServiceEID process. When the server roams, the xTR is with it. ServerXTR encaps/decaps packets to/from EdgeRTRs. MobilityClient: Is a roaming application that may be a part of an automobile, part of a navigation application, part of municipal, state or federal government command and control application, or a street view consumer application. It has a light-weight LISP data-plane stack to tunnel packets, aka ClientXTR. MobilityClient EID: Is the IPv6 EID used by the Mobility Clients to source packets. The destination of such packets are only H3ServiceEIDs. The EID format is opaque and is assigned as part of the MobilityClient mobility-network authorization. ClientXTR: Is a data-plane only LISP protocol stack implementation co-located with the Mobility Client application. It encaps/ decaps packets from/to applications to/from EdgeRTRs. Barkai, et al. Expires January 1, 2022 [Page 5] Internet-Draft LISP September 2021 EdgeRTR: Is the core scale and structure of the LISP mobility network. EdgeRTRs proxy H3ServiceEIDs and MobilityClient H3ServiceEID mcast registration. EdgeRTRs aggregate MobilityClients/H3Services using tunnels to facilitate hosting-providers and mobile-providers for accessing the mobility network. EdgeRTRs decapsulate packets from ClientXTRs, ServerXTRs and re-encaps packets to the clients and servers tunnels. EdgeRTRs glean H3ServiceEIDs/MobilityClient EIDs when they decapsulates packets. EdgeRTRs store H3ServiceEIDs and RLOCs of where the H3ServiceEID is currently reachable from the map-cache. These mappings are registered to the LISP mapping so other EdgeRTRs know where to encapsulate for such EIDs. These mappings may be provisioned by dev-ops when H3Services are assigned EdgeRTRs. EdgeRTRs do not register MobilityClients' EIDs at the mapping as these are temporary-renewed while using the mobility network. Enterprises may provide their own EdgeRTRs to protect geo-privacy. ___ ___ H3ServiceEIDs ___ / \ H3ServiceEIDs ___ / \ ___ / | H3.r9 | ___ / | H3.r9 | / | H3.r9 \ ___ / / | H3.r9 \ ___ / | H3.r9 \ ___ / sXTR | H3.r9 \ ___ / sXTR \ ___ / sXTR | \ ___ / sXTR | sXTR | | sXTR | | | | | | | | | | | | | | + - - + - - EdgeRTR EdgeRTR - + - + - - + || ( ( (( || ( ) ( Network Hexagons ) ( H3-LISP ) ( Mobility Network ) (( ) || (( (()) () || || || = = = = = = = = = = = = = = || || EdgeRTR EdgeRTR .. .. .. .. .. .. .. .. ((((|)))) ((((|)))) ((((|)))) ((((|)))) /|\ RAN /|\ /|\ RAN /|\ .. .. .. .. .. Road tiled by 1 sqm H3.r15 ID-Ed Geo-States .. .. .. .. ___ ___ ___ .. .. ............. / \/ \/ \ << cXTR::MobilityClientB .. - - - - - - - H3.r15 H3.r15 H3.r15 - - - - - - - - - - - - MobilityClientA::cXTR >> \ ___ /\ ___ / ....................... Figure 2: H3.r15 state representation, H3.r9 state aggregation Barkai, et al. Expires January 1, 2022 [Page 6] Internet-Draft LISP September 2021 Figure 2 above describes the following entities: - MobilityClientA sees MobilityClientB future, and, vice versa - Clients: share information using addressable state routed by LISP - ClientXTR (cXTR): encapsulates over access network to EdgeRTR - ServerXTR (sXTR): encapsulates over cloud network to EdgeRTR - H3-LISP Mobility: overlay which spans cXTRs to sXTRs - Uploads: routed to appropriate tile by the LISP network - EdgeRTRs: perform multicast replication to edges and then cXTRs - Clients: receive tile-by-tile geo-state updates via the multicast 4. Deployment Assumptions The specification described in this document makes the following deployment assumptions: (1) Unique 64-bit HID is associated with each H3 geo-spatial tile (2) MobilityClients and H3ServiceEIDs share this well known index (3) 64-bit BDD state value is associated with each H3-indexed tile (4) Tile state is compiled 16 fields of 4-bits, or max 16 enums 0 1 2 3 4 5 6 |-0-|-1-|-2-|-3-|-4-|-5-|-6-|-7-|-8-|-9-|-A-|-B-|-C-|-D-|-E-|-F-| 0123012301230123012301230123012301230123012301230123012301230123 Figure 3: Nibble based representation, 16 fields x 16 enumerations We name the nibbles using hexadecimal index according to the position where the most significant nibble has index 0. Values are defined in section 9. Subscription of MobilityClients to mobility-network is renewed while on the move and is not intended as the basic connectivity. MobilityClients use DNS/AAA to obtain temporary EIDs/EdgeRTRs and use (LISP) data-plane tunnels to communicate using their temporary EIDs with the dynamically assigned EdgeRTRs. MobilityClient are otherwise unaware of the LISP network control plane and simply regard the data-plane tunnels as a virtual private network (VPN) that supports IPv6 EID to upload (Ucast) and Subscribe-to (Mcast) H3Services. Barkai, et al. Expires January 1, 2022 [Page 7] Internet-Draft LISP September 2021 In order to get access to the MobilityVPN, MobilityClients first authenticate with the MobilityVPN AAA Server. DIAMETER [RFC6733] based AAA is typically done at the provider edge (PE) by gateways. However, the typical case involves several types of CPE connected to a specific service provider. The Mobility VPN, on the other hand, may overlay a number of wireless networks and cloud-edge providers. It also involves dozens of Car-OEM, Driving-Applications, Smart- City vendors. This is why we require clients to first go through AAA in order to get both a MobilityClientEID and EdgeRTR RLOC. ClientXTR performs the following steps to use the mobility network: 1) obtain the address of the mobility network AAA server using DNS 2) obtain MobilityClientEID and EdgeRTR(s) from AAA DIAMETER server 3) renew authorization from AAA while using the mobility network Barkai, et al. Expires January 1, 2022 [Page 8] Internet-Draft LISP September 2021 MobilityClient DomainNameServer DIAMETER-AAA MobilityEdgeRTR | | | | | nslookup nexagon | | | |------------------->| | | |<-------------------| | | | Mobility AAA IP | | | | | | | | AAR(AVP:IMSI/User/Password/Toyota) | | |--------------------------------------->| | | | | ACR(AVP ClientEID)| | | |------------------>| | | |<------------------| | | | ACA(AVP ClientEID)| | AAA (Client::EID,EdgeRTR::RLOC) | | |<---------------------------------------| | | | | | . . . . . Activity: . | Upload to IPv6 H3ServiceEID, Subscribe MLDv2 H3ServiceEID | |----------------------------------------------------------->| . . . . |<-----------------------------------------------------------| | Signal freeing multicast Updates from H3ServiceEIDs | . . . . . . | | | | | AAR(Interim) | | |--------------------------------------->| ACR (Interim) | | | |------------------>| | | |<------------------| | | | ACA (Interim) | |<---------------------------------------| | | AAA (Interim) | | Figure 4: DNS and AAA Exchange for nexagon-network login Using this network login and re-login method we ensure that: - MobilityClientEIDs serve as credentials with the EdgeRTRs - EdgeRTRs are provisioned to whitelist MobilityClient EIDs - EdgeRTRs are not tightly coupled to H3.r9 areas (privacy/balance) - MobilityClients do not need to update EdgeRTRs while roaming The same EdgeRTR may serve several H3.r9 areas for ride continuity and several EdgeRTRs may load balance an H3.r9 area with high density of MobilityClients. When a MobilityClient ClientXTR is homed to EdgeRTR, it is able to communicate with H3ServiceEIDs. Barkai, et al. Expires January 1, 2022 [Page 9] Internet-Draft LISP September 2021 5. Mobility Clients Network Services The mobility network functions as a standard LISP overlay. The overlay delivers unicast and multicast packets across: - multiple access-networks and radio-access specifications - multiple edge providers, public, private, and hybrid clouds We use data-plane XTRs in the stack of each mobility client/server. ClientXTRs and ServerXTRs are homed to one or more EdgeRTRs. This structure allows for MobilityClients to "show up" at any time, behind any network provider in a given mobility network admin/NAT domain, and for any H3ServiceEID to be instantiated, moved, or failed-over to any rack in any cloud-provider. LISP overlay enables these roaming mobility network elements to communicate uninterrupted. This quality is insured by the LISP RFCs. The determination of identities for MobilityClients to always refer to the correct H3ServiceEID is insured by H3 geo-spatial HIDs. There are two options to associate ClientXTRs with LISP EdgeRTRs: i. Semi-random load-balancing by DNS/AAA In this option we assume that in a given metro edge a pool of EdgeRTRs can distribute the Mobility Clients load randomly between them and that EdgeRTRs are topologically equivalent. Each RTR uses LISP to tunnel traffic to and from other EdgeRTRs for MobilityClient with H3Service exchanges. MobilityClients home to EdgeRTRs. ii. Topological by anycast In this option we align an EdgeRTR with topological aggregation. Mobility Clients are roaming in an area home to that RTR and so is the H3 Server. There is only one hop across the edge overlay between clients and servers and mcast replication is more focused, but clients need to keep re-homing as they move. Barkai, et al. Expires January 1, 2022 [Page 10] Internet-Draft LISP September 2021 To summarize the H3LISP mobility network layout: (1) Mobility-Clients traffic is tunneled via data-plane ClientXTRs ClientXTRs are (multi) homed to EdgeRTR(s) (2) H3ServiceEID traffic is tunneled via data-plane ServerXTR ServerXTRs are (multi) homed to EdgeRTR(s) (3) EdgeRTRs use mapping service to resolve Ucast HIDs to RTR RLOCs EdgeRTRs also register to (Source, Group) H3ServiceEID multicasts MobilityClients <> ClientXTR EdgeRTR v v v < < < < Map-Assisted Mobility-Network Overlay < < < < v v > > > > EdgeRTR ServerXTR <> H3ServiceEID Figure 5: The Data Flow Between MobilityClients and H3ServiceEIDs 6. Mobility Unicast and Multicast Regardless of the way a given ClientXTR was associated with EdgeRTR, an authenticated MobilityClient EID can send: [64bitH3.15ID :: 64bitState]annotations to the H3.r9 H3ServiceEID. The H3.r9 EID can be calculated by clients algorithmically from the H3.15 localization. The ClientXTR encapsulates MobilityClient EID and H3ServiceEID from the ClientXTR with the destination of the EdgeRTR RLOC LISP port. EdgeRTRs then re-encapsulate annotation packets either to a remote EdgeRTR (option 1) or to homed H3ServiceEID ServerXTR (option 2). The remote EdgeRTR aggregating H3ServiceEIDs re-encapsulates MobilityClient EID to the ServerXTR, to the H3ServiceEID. The headers consist of the following fields: Outer headers = 40 (IPv6) + 8 (UDP) + 8 (LISP) = 56 Inner headers = 40 (IPv6) + 8 (UDP) + 4 (Nexagon Header) = 52 1500 (MTU) - 56 - 52 = 1392 bytes of effective payload Nexagon Header Type allows for kv tupples of vkkk flooding Type 0: reserved Type 1:key-value, key-value.. 1392 / (8 + 8) = 87 pairs Type 2:value, key,key,key.. (1392 - 8) / 8 = 173 H3-R15 IDs Type 3-255: unassigned Nexagon Header GZIP allows for compression, very effective for H3IDs At this point we designate 001 value if content was GZIP compressed. Additional values may be added in the future for compression types. Nexagon Header Reserved bits Nexagon Header kv count (in any format) Barkai, et al. Expires January 1, 2022 [Page 11] Internet-Draft LISP September 2021 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ |Version| Traffic Class | Flow Label | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Payload Length | Next Header | Hop Limit | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Source MobilityClientEID + | | | IPv6 + + | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Dest H3ServiceEID + | | | | + + | | | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port = xxxx | Dest Port = xxxx | \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ UDP | UDP Length | UDP Checksum | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | Type |gzip | Reserved | Pair Count = X| Nexgon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 6: Uploaded detections packet format Barkai, et al. Expires January 1, 2022 [Page 12] Internet-Draft LISP September 2021 To Summarize Unicast: (1) MobilityClients can send annotations are localized to H3.r15 tile. These annotations are sent to H3.r9 mobility H3ServiceEIDs (2) MobilityClient EID and H3ServiceEID HID are encapsulated: XTR <> RTR <> RTR <> XTR * RTRs can map-resolve re-tunnel HIDs (3) RTRs re-encapsulate original source-dest to ServerXTRs ServerXTRs decapsulate packets to H3ServiceEID Each H3.r9 Server is also an IP Multicast Source used to update subscribers on the aggregate state of the H3.r15 tiles in the H3.r9 server. This forms a multipoint to multipoint state channel per H3 location, where the aggregation has compute-first propagation. We use [RFC8378] signal-free multicast to implement mcast channels in the overlay. The mobility network has many channels, with thousands subscribers per channel. MobilityClients driving through/subscribing to an H3.r9 area can explicitly issue an [RFC4604] MLDv2 in order to subscribe, or, may be subscribed implicitly by the EdgeRTR. The advantage of explicit client MLDv2 registration as [RFC8378] trigger is that clients manage their own mobility mcast handover per location-direction vectors, and that it allows for otherwise silent non annotating clients. The advantage of EdgeRTR implicit registration is that less signaling required. MLDv2 signaling messages are encapsulated between the ClientXTR and EdgeRTR, therefore there is no requirement for the underlying network to support native multicast. If native access multicast is supported then MobilityClient registration to H3ServiceEID safety channels may be integrated with it, in which case mobile packet-core element supporting it will use this standard to register with the appropriate H3.r9 channels in its area. Barkai, et al. Expires January 1, 2022 [Page 13] Internet-Draft LISP September 2021 Multicast update packets are of the following structure: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ |Version| Traffic Class | Flow Label | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Payload Length | Next Header | Hop Limit | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Source H3-R9 EID Address + | | | IPv6 + + | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | + + | | | | + Group Address + | | | | + + | | | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port = xxxx | Dest Port = xxxx | \ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ UDP | UDP Length | UDP Checksum | / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | |Nexagon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / ~ Nexagons Payload ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 7: Mcast update packet header Barkai, et al. Expires January 1, 2022 [Page 14] Internet-Draft LISP September 2021 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | Type = 1 |gzip | Reserved | Pair Count = X|Nexagon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 8: Mcast update payload, key-value, key-value.. Barkai, et al. Expires January 1, 2022 [Page 15] Internet-Draft LISP September 2021 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \ | Type = 2 |gzip | Reserved |H3R15 Count = X|Nexagon +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ / | | + 64 Bit State + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + 64 Bit H3-R15 ID + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 9: Mcast update payload, value, key, key.. for larger areas The remote EdgeRTRs homing MobilityClients in turn replicate the packet to the MobilityClients registered with them. We expect an average of 600 H3.r15 tiles of the full 7^6 (~100K) possible in H3.r9 to be part of any road. The H3.r9 server can transmit the status of all 600 or just those with meaningful states based on updated SLA and policy. To Summarize: (1) H3LISP Clients tune to H3.r9 mobility updates using [RFC8378] H3LISP Client issue MLDv2 registration to H3.r9 HIDs ClientXTRs encapsulate MLDv2 to EdgeRTRs who register (s,g). (2) ServerXTRs encapsulate updates to EdgeRTRs who map-resolve (s,g) RLOCs EdgeRTRs replicate mobility update and tunnel to registered EdgeRTRs Remote EdgeRTRs replicate updates to ClientXTRs. Barkai, et al. Expires January 1, 2022 [Page 16] Internet-Draft LISP September 2021 7. Security Considerations The nexagon layer3 v2n network is inherently more secure and private then peer to peer alternatives because of the indirection. No car or infrastructure element communicates directly with MobilityClients. All information is conveyed using shared addressable geo-state. MobilityClients receive information only from geospatial channels originating from a trusted broker. MobilityClients have no indication as to the origin of the information. This is an important step towards better privacy, security, extendability, and interoperability compared with legacy layer2 protocols. In order to be able to use the nexagon mobility network for a given period, the mobility clients go through a DNS/AAA stage by which they obtain their clientEID identifiers-credentials and the RLOCs of EdgeRTRs they may use as gateways to the network. This MobilityClient <> EdgeRTR interface is the most sensitive in this network to privacy and security considerations. The traffic on the MobilityClient<>EdgeRTR interface is tunneled, and its UDP content may be encrypted; still, the EdgeRTR will know based on the LISP headers alone the MobilityClient RLOC and H3-R9 (~0.1sqkm) geo-spatial area to which a given client uploads or subscribes to. For this reason we envision the ability of enterprise or groups of users to "bring their own" EdgeRTRs. BYO-RTR masks individual clients' RLOC to H3-R9 association and is pre-provisioned to be able to use the mapping system and be on a white-list of EdgeRTRs aggregating H3ServiceEIDs. If the EdgeRTR functionality is delivered by 5GCore UPF then the only entity which can correlate underlay IP, User, and Geo- location is the regulated carrier, which can do so anyway. Beyond this hop, the mapping system does not hold MobilityClientEIDs, and remote EdgeRTRs are only aware of MobilityClient ephemeral EIDs, not actual RLOC or any other mobile-device identifiers. EdgeRTRs register in the mapping (s,g) H3-R9 multicast groups. Which clients use which EdgeRTR is not in the mapping system, only the AAA server is aware of that. The H3ServiceEIDs themselves decrypt and parse actual H3-R15 annotations; they also consider during this MobilityClientEID credentials to avoid "fake-news", but again these are only temporary EIDs allocated to clients in order to be able to use the mobility network and not for their actual IP. H3Services are provisioned to their EdgeRTRs, in the EdgeRTRs, and optionally also in the mapping system. Barkai, et al. Expires January 1, 2022 [Page 11] Internet-Draft LISP September 2021 In summary of main risk mitigations for the lisp-nexagon interface: (1) tapping: all communications are through dynamic tunnels therefore may be encrypted using IP-Sec or other supported point to point underlay standards. These are not static tunnels but LISP re-tunneling routers (RTRs) perform all nexagon Overlay aggregation. (2) spoofing: it is very hard to guess a MobilityClientEID valid for a short period of time. Clients and H3Services EIDs are whitelisted in EdgeRTRs, Clients using the AAA procedure, H3Services via dev-ops. (3) impersonating: efforts to use MobilityClients and H3Services RLOCs should be caught by the underlying service provider edge and access networks. EID impersonating is caught by EdgeRTR EID RLOC whitelist mismatch. (4) credibility: the interface crowd-sources geo-state and does not assume to trust single detections. Credit history track to MobilityClientEIDs by as part of normal H3Services fact checking, aggregate scores affect AAA credentials. (5) privacy: Only EdgeRTRs are aware of both clients' RLOC and geo-location, only AAA is aware of client IDs credentials and credit but not geo-location. Aggregate credit score span all H3Services administratively without source. 8. Acknowledgments We would like to kindly thank Joel Halperin for helping structure the AAA section and Geo-Privacy provisions, Luigi Lannone promoting LISP Compute First Networking (CFN) use-cases and shepherding this draft to completion. Barkai, et al. Expires January 1, 2022 [Page 17] Internet-Draft LISP September 2021 9. IANA Considerations State enum fields of H3 tiles: Field 0x0: Traffic Direction { 0x0 - null 0x1 - Lane North 0x2 - Lane North + 30 0x3 - Lane North + 60 0x4 - Lane North + 90 0x5 - Lane North + 120 0x6 - Lane North + 150 0x7 - Lane North + 180 0x8 - Lane North + 210 0x9 - Lane North + 240 0xA - Lane North + 270 0xB - Lane North + 300 0xC - Lane North + 330 0xD - junction 0xE - shoulder 0xF - sidewalk } field 0x1: Persistent or Structural { 0x0 - null 0x1- pothole light 0x2 - pothole severe 0x3 - speed-bump low 0x4 - speed-bump high 0x5 - icy 0x6 - flooded 0x7 - snow-cover 0x8 - snow-deep 0x9 - construction cone 0xA - gravel 0xB - choppy 0xC - blind-curve 0xD - steep-slope 0xE - low-bridge 0xF - unassigned } Barkai, et al. Expires January 1, 2022 [Page 18] Internet-Draft LISP September 2021 field 0x2: Transient Condition { 0x0 - null 0x1 - pedestrian 0x2 - bike scooter 0x3 - stopped car / truck 0x4 - moving car / truck 0x5 - first responder vehicle 0x6 - sudden slowdown 0x7 - oversized over-height vehicle 0x8 - red-light-breach 0x9 - light collision (fender bender) Ax - hard collision / casualty 0xB - collision course 0xC - collision debris 0xD - hard brake 0xE - sharp corner 0xF - freeing-parking } field 0x3: Traffic-light Cycle { 0x0 - null 0x1 - 1 seconds to green 0x2 - 2 seconds to green 0x3 - 3 seconds to green 0x4 - 4 seconds to green 0x5 - 5 seconds to green 0x6 - 6 seconds to green 0x7 - 7 seconds to green 0x8 - 8 seconds to green 0x9 - 9 seconds to green 0xA - 10 seconds or less 0xB - 20 seconds or less 0xC - 30 seconds or less 0xD - 60 seconds or less 0xE - green now 0xF - red now } Barkai, et al. Expires January 1, 2022 [Page 19] Internet-Draft LISP September 2021 field 0x4: Impacted Tile from Neighboring { 0x0 - null 0x1 - epicenter 0x2 - light yellow 0x3 - yellow 0x4 - light orange 0x5 - orange 0x6 - light red 0x7 - red 0x8 - light blue 0x9 - blue 0xA - green 0xB - light green 0xC - unassigned 0xD - unassigned 0xE - unassigned 0xF - unassigned } field 0x5: Transient, Cycle, Impacted, Valid for Next{ 0x0 - null 0x1 - 1sec 0x2 - 5sec 0x3 - 10sec 0x4 - 20sec 0x5 - 40sec 0x6 - 60sec 0x7 - 2min 0x8 - 3min 0x9 - 4min 0xA - 5min 0xB - 10min 0xC - 15min 0xD - 30min 0xE - 60min 0xF - 24hours } field 0x6: LaneRightsSigns { 0x0 - null 0x1 - yield 0x2 - speedLimit 0x3 - straightOnly 0x4 - noStraight 0x5 - rightOnly 0x6 - noRight 0x7 - rightStraight 0x8 - leftOnly 0x9 - leftStraight 0xA - noLeft 0xB - noUTurn 0xC - noLeftU 0xD - bikeLane 0xE - HOVLane 0xF - Stop } Barkai, et al. Expires January 1, 2022 [Page 20] Internet-Draft LISP September 2021 field 0x7: MovementSigns { 0x0 - null 0x1 - keepRight 0x2 - keepLeft 0x3 - stayInLane 0x4 - doNotEnter 0x5 - noTrucks 0x6 - noBikes 0x7 - noPeds 0x8 - oneWay 0x9 - parking 0xA - noParking 0xB - noStandaing 0xC - noPassing 0xD - loadingZone 0xE - railCross 0xF - schoolZone } field 0x8: CurvesIntersectSigns { 0x0 - null 0x1 - turnsLeft 0x2 - turnsRight 0x3 - curvesLeft 0x4 - curvesRight 0x5 - reversesLeft 0x6 - reversesRight 0x7 - windingRoad 0x8 - hairPin 0x9 - pretzelTurn 0xA - crossRoads 0xB - crossT 0xC - crossY 0xD - circle 0xE - laneEnds 0xF - roadNarrows } Barkai, et al. Expires January 1, 2022 [Page 21] Internet-Draft LISP September 2021 field 0x9: Current Tile Speed { 0x0 - null 0x1 - < 5kmh 0x2 - < 10kmh 0x3 - < 15kmh 0x4 - < 20kmh 0x5 - < 30kmh 0x6 - < 40kmh 0x7 - < 50kmh 0x8 - < 60kmh 0x9 - < 80kmh 0xA - < 100kmh 0xB - < 120kmh 0xC - < 140kmh 0xD - < 160kmh 0xE - > 160kmh 0xF - queuedTraffic } field 0xA: Vehicle / Pedestrian Traffic { 0x0 - null 0x1 - probability of ped/vehicle on tile close to 100% 0x2 - 95% 0x3 - 90% 0x4 - 85% 0x5 - 80% 0x6 - 70% 0x7 - 60% 0x8 - 50% 0x9 - 40% 0xA - 30% 0xB - 20% 0xC - 15% 0xD - 10% 0xE - 5% 0xF - probability of ped/vehicle on tile close to 0%, empty } filed 0xB - reserved field 0xC - reserved field 0xD - reserved field 0xE - reserved field 0xF - reserved Reserved fields and values are for future RFC extensions Barkai, et al. Expires January 1, 2022 [Page 22] Internet-Draft LISP September 2021 10. Normative References [I-D.ietf-lisp-rfc6830bis] Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A. Cabellos-Aparicio, "The Locator/ID Separation Protocol (LISP)", draft-ietf-lisp-rfc6830bis-36 (work in progress), September 2020. [RFC8378] Farinacci, D., Moreno, V., "Signal-Free Locator/ID Separation Protocol (LISP) Multicast", RFC8378, DOI 10.17487/RFC8378, May 2018, . [RFC6733] Fajardo, V., Ed., Arkko, J., Loughney, J., and G. Zorn, Ed., "Diameter Base Protocol", RFC 6733, DOI 10.17487/RFC6733, October 2012, . [RFC4604] Holbrook, H. Cain, B. Haberman, B., "Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener DiscoveryProtocol Version 2 (MLDv2) for Source-Specific Multicast", RFC4604, DOI 10.17487/RFC4604, August 2006, . Authors' Addresses Sharon Barkai Nexar CA USA Email: sbarkai@gmail.com Bruno Fernandez-Ruiz Nexar London UK Email: b@getnexar.com S ZionB Nexar Israel Email: sharon@fermicloud.io Barkai, et al. Expires January 1, 2022 [Page 23] Internet-Draft LISP September 2021 Rotem Tamir Nexar Israel rotemtamir@getnexar.com Alberto Rodriguez-Natal Cisco Systems 170 Tasman Drive San Jose, CA USA Email: natal@cisco.com Fabio Maino Cisco Systems 170 Tasman Drive San Jose, CA USA Email: fmaino@cisco.com Albert Cabellos-Aparicio Technical University of Catalonia Barcelona Spain Email: acabello@ac.upc.edu Jordi Paillisse-Vilanova Technical University of Catalonia Barcelona Spain Email: jordip@ac.upc.edu Dino Farinacci lispers.net San Jose, CA USA Email: farinacci@gmail.com