Network Working Group X. Xu Internet Draft Huawei Intended status: Informational Expires: February 2011 August 10, 2010 Routing Architecture for the Next Generation Internet (RANGI) draft-xu-rangi-04.txt Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on February 10, 2011. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Xu Expires February 10, 2011 [Page 1] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) Abstract IRTF Routing Research Group (RRG) is exploring a new routing and addressing architecture to address the issues with the current Internet, e.g., mobility, multi-homing, traffic engineering, and especially the routing scalability issue. This document describes a new identifier (ID)/locator split based routing and addressing architecture, called Routing Architecture for the Next Generation Internet (RANGI), in an attempt to deal with the above problems. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119]. Table of Contents 1. Introduction.................................................3 2. Architecture Description.....................................3 2.1. Host Identifiers........................................3 2.2. Host Locators...........................................5 2.3. Packet Formats..........................................6 2.4. ID->Locator Mapping Resolution..........................6 2.5. Routing and Forwarding System...........................8 2.6. Site Multi-homing and Traffic-Engineering...............9 2.7. Host Mobility and Multi-homing.........................10 2.8. Network Mobility.......................................11 3. Summary.....................................................11 4. Security Considerations.....................................12 5. IANA Considerations.........................................12 6. Acknowledgments.............................................12 7. References..................................................12 Xu Expires August 10, 2011 [Page 2] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) 1. Introduction The Default Free Zone (DFZ) routing table size has been growing at an increasing and potentially alarming rate for several years, which has detrimental impact on the routing system scalability and the routing convergence performance. This so-called routing scalability issue has drawn significant attention from both industry and academia. After much discussion following the IAB Routing and Addressing workshop [RAWS] in Amsterdam, a common conclusion was reached that the explosive growth in the DFZ routing table is mainly caused by the wide adoption of multi-homing, traffic engineering and provider- independent address. However, the underlying reason for this issue is the overloading of IP address semantics of both identifiers and locators. This overloading makes it impossible to renumber IP addresses in a topologically aggregatable way. At present, the IRTF Routing Research Group (RRG) is chartered to explore a new routing and addressing architecture which is expected to support the multi-homing, traffic-engineering, mobility and simplified renumbering features in a more scalable way. This document describes a new ID/locator split architecture, called Routing Architecture for the Next Generation Internet (RANGI), which aims to deal with the above issues. Similar with Host Identity Protocol (HIP) [RFC4423], RANGI also introduces a host identifier (ID) layer between the IPv6 network layer and the transport layer. As a result, the transport-layer associations (e.g., TCP connections) are no longer bound to IP addresses, but to the host IDs. Unlike HIP, RANGI adopts hierarchical and cryptographic host IDs which have delegation-oriented structure. As a result, the corresponding ID- >locator mapping system for such identifiers has a reasonable business model and clear trust boundaries. In addition, RANGI uses special IPv4-embeded IPv6 addresses as locators. With such locators, site-controlled traffic-engineering and simplified renumbering can be easily achieved, meanwhile, the deployment cost of this new architecture is reduced greatly. 2. Architecture Description 2.1. Host Identifiers In RANGI, host IDs are hierarchical and 128-bit long. As depicted in Figure 1, a host ID consists of two parts: the leftmost n bits (Note that the suitable value of "n" has not been determined yet, while the value of " n" is set to 64 in our current prototype) part is the Administrative Domain (AD) ID which has embedded organizational Xu Expires August 10, 2011 [Page 3] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) affiliation and global uniqueness, and the remaining part (i.e., the rightmost 128-n bits)is the Local Host ID which is generated by computing a cryptographic one-way hash function from a public key of the ID owner and auxiliary parameters, e.g., the ID owner's AD ID. The binding between the public key and the host ID can be verified by re-computing the hash value and by comparing the hash with the host ID. As these identifiers are expected to be used along with IPv6 addresses at both applications and APIs, especially in the RANGI transition mechanisms defined in [RANGI-PROXY], it is desired to explicitly distinguish host IDs from IPv6 addresses (i.e., locators) and vice versa. Hence, a separate prefix for identifiers SHOULD be allocated by the IANA. As a result, several leftmost bits in the AD ID field SHOULD be reserved to fill this dedicated prefix. |<------- n bits --------->|<-- 128-n bits-->| +--------------------------+-----------------+ | Administrative Domain ID | Local Host ID | +--------------------------+-----------------+ | \ | \ | \ | \ | \ +------------+--------------+-----------+ |Country Code|Authority Code|Region Code| <------Example +------------+--------------+-----------+ Figure 1. Host Identifier Structure The approach of generating hierarchical RANGI host IDs is similar to that for Cryptographically Generated Addresses (CGA) [RFC3972]. The major difference is that the prefix of the RANGI host ID is AD ID, rather than ordinary IPv6 address prefix. In CGA, the process of generating a new address takes three input values: a 64-bit subnet prefix, the public key of the address owner as a DER-encoded ASN.1 structure of the type SubjectPublicKeyInfo and the security parameter Sec, which is an unsigned three-bit integer. In contrast, the process of generating a hierarchical host ID in RANGI also takes three input values: the n-bit AD ID, the public key of the host ID owner and the security parameter Sec. Therefore, if we set the value of n to 64, the process of generating RANGI host IDs can be compatible with that for CGA. The benefits of using hierarchical host IDs in RANGI include but not limited to: 1) manage the global identifier namespace in a scalable way; 2) hold a reasonable economic model and clear trust boundaries Xu Expires August 10, 2011 [Page 4] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) in the corresponding ID->Locator mapping system; 3) ease the transition from the current Internet to RANGI. In RANGI, the global uniqueness of host IDs is guaranteed through some registration mechanism. Since the AD IDs are globally unique and owned by the corresponding host ID registration and administrative authorities of different countries respectively, the Local Host IDs are only REQUIRED to be unique within the corresponding AD scope. The resolution infrastructure for flat labels has no "pay-for-your- own" model, as names are stored at essentially random nodes (See Layered Naming Architecture (LNA) [LNA]). In contrast, the resolution infrastructure for hierarchical host IDs in RANGI has reasonable business model and clear trust boundaries since host IDs can be stored in the corresponding authoritative servers according to their organizational structures. To some extent, the business model of the ID->Locator mapping system in RANGI is similar to that for the Domain Name Service (DNS). In the RANGI transition mechanisms described in [RANGI-PROXY], the identifiers of RANGI hosts are treated as ordinary IPv6 addresses by legacy IPv6 hosts. Upon receives a packet with the destination address being a host ID, the router SHOULD forward the packet according to the destination IPv6 address as normal. In the end, the packet will be forwarded to a dedicated proxy that is responsible for translating the packets between RANGI and IPv6. Since the identifiers are hierarchical and delegation-oriented aggregatable, such identifier-based routing during transition period will not cause any routing scalability issue. For more details, please refer to [RANGI- PROXY]. 2.2. Host Locators The host locators in RANGI are ordinary IPv6 addresses. Since the IPv4/IPv6 coexistence and transition will last for a long period, in order to reduce the deployment cost of this new routing and addressing architecture, RANGI uses specific IPv4-embeded IPv6 addresses as locators. As shown in Figure 2, the leftmost 96-bit part of a locator is called Locator Domain Identifier (LD ID), while the rightmost 32-bit part is filled with an IPv4 address which is REQUIRED to be unique within the scope of corresponding LD. LD IDs are used to globally identify each site network which is allowed to adopt independent IPv4 address space (either public or private IPv4 addresses). Actually, LD IDs are Provider-Assigned (PA) /96 IPv6 prefixes which are topologically aggregatable in provider networks. Xu Expires August 10, 2011 [Page 5] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) |<------- 96 bits -------->|<---- 32 bits--->| +--------------------------+-----------------+ | LD ID | IPv4 | +--------------------------+-----------------+ Figure 2. Host Locator Structure Similar with the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) [RFC5214], this specific locator can be used for automatically tunneling IPv6 packets over IPv4 site networks. 2.3. Packet Formats RANGI reuse the IPv6 packet format to maximum extent. The host IDs are filled as options in the Destination Option Header, whereas the locators are filled as IPv6 addresses in the IPv6 header. Packets sent from a RANGI host can be protected by attaching the public key and auxiliary parameters and by signing the packets with the corresponding private key. The protection works without a certification authority or any security infrastructure. The details about the packet format and how to use IPsec to carry the data traffic will be described in the latter version of this draft or in a separate draft. 2.4. ID->Locator Mapping Resolution ID/locator split implies a need for storing and distributing the mappings from host IDs to locators. In RANGI, the mappings from Fully Qualified Domain Names (FQDNs) to host IDs are stored in the DNS system, while the mappings from host IDs to locators are stored in a distributed ID->Locator mapping system which can be built on the current DNS infrastrature. In a DNS based ID->Locator mapping system, if there are too many entries to be maintained by the authoritative servers of a given Administrative Domain (AD), Distribute Hash Table (DHT) technology can be used further to make these authoritative servers scale better. That is to say, the mappings maintained by a given AD will be distributed among a group of authoritative servers in a DHT fashion. As a result, the robustness feature of DHT is inherited naturally into the ID->Locator mapping system. Meanwhile, there is no trust issue since each AD authority runs its own DHT ring which maintains only mappings for the identifiers belonging to this AD. Xu Expires August 10, 2011 [Page 6] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) A detailed mapping lookup example is given as follows: 1. A host ID will be transformed to a FQDN format string. Firstly, a host ID is expressed as "country-code.authority-code.region- code.local-host-ID" by inserting dots between adjacent fields, then by reversing the fields and attaching with the suffix "rangiid.arpa." it is transformed into a FQDN-format string as "local-host-ID.region- code.authority-code.country-code.rangiid.arpa." 2. The FQDN-format string is used as a key to locate the authoritative DNS server which maintains the desired resource records. In order to facilitate such a lookup process, a new sub-domain " rangiid.arpa." needs to be inserted into the current domain name hierarchy. This sub-domain can delegate its own sub-domains according to the hierarchy of the FQDN-format string of the host ID. A new Resource Record (RR) named RANGI is also defined for the ID->Locator mappings, in which the NAME field is filled with the FQDN-format string of a host ID, while the RDATA field is filled with the corresponding locator information, including but not limited to an IPv6 address (i.e., locator) and its preference, and so on. The resolution infrastructure for flat names has no "pay-for-your- own" model, as the flat names are stored at essentially random nodes. In contrast, the resolution infrastructure for hierarchical host IDs, as used in RANGI, has reasonable business and trust models because hierarchical host IDs have clear organization affiliation. To prevent the Man-in-the-Middle attacks during mapping lookups, the DNS Security Extensions (DNSSEC) [RFC535] is strongly recommended for the origin authentication and integrity assurance of the DNS data. To prevent DNS recursive servers caching antique ID->Locator mapping information, the TTL of a RANGI RR for a mobile host SHOULD be set to 0 or a very small value. However, if a host (i.e., Correspondence Node) wants to cache the RR of the communicating host (i.e., Mobile Node), it can reset the TTL of that RR to a reasonable value internally. The Secure DNS Dynamic Update mechanism defined in [RFC3007] is directly used for dynamically updating the ID->Locator mapping entries in the ID->Locator mapping system in a secure way. Xu Expires August 10, 2011 [Page 7] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) 2.5. Routing and Forwarding System In RANGI, site networks (i.e., LDs) are connected to the IPv6 Internet via site border routers called Locator Domain Border Routers (LDBRs). LDBRd play the similar role as ISATAP [RFC5214] routers. A simple RANGI routing procedure is illustrated in Figure 3. Host A (as source host) looks up the locator of host B (as destination host) through the ID->Locator mapping system before communicating with host B. Since these two hosts are located in different LDs, A will tunnel the packets destined for B to one of its local LDBRs, e.g., BR1. Otherwise, A will tunnel the packets destined for B directly towards B's IPv4 address. Once the packets arrive at the LDBR of the destination site, e.g., BR4, it will tunnel the IPv6 packets towards B's IPv4 address which is the last four octets of the destination locator. +-------------+ +-------------+ +-------------+ +-------------+ | Payload | | Payload | | Payload | | Payload | +-------------+ +-------------+ +-------------+ +-------------+ |HI(A)->HI(B) | |HI(A)->HI(B) | |HI(A)->HI(B) | |HI(A)->HI(B) | +-------------+ +-------------+ +-------------+ +-------------+ |IPv6->IPv6 | |IPv6->IPv6 | |IPv6->IPv6 | |IPv6->IPv6 | | (A) (B) | | (A) (B) | | (A) (B) | | (A) (B) | +-------------+ +-------------+ +-------------+ +-------------+ |IPv4->IPv4 | |IPv4->IPv4 | | (A) (BR1) | | (BR4) (B) | +-------------+ +-------------+ |<- A to BR1 ->|<-BR1 to BR2 ->|<-BR3 to BR4 ->| |<-BR4 to B ->| +--------- ------ ---------| +---+ \ / \ / +---+ | A | \ / \ / /| B | +---+\\ \ / \ / // +---+ | \\ | | | | / | | \\ +---+ +---+ +---+ +---+// | | \|BR1+----+BR2+------+BR3+---+BR4+/ | | +---+ +---+ +---+ +---+ | | | | | | | \ LD #1 / \ Internet / \ LD #3 / \ / \ / \ / \ / \ / \ / ------ ------ ------ Figure 3. Routing Procedure Xu Expires August 10, 2011 [Page 8] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) LDBRs are dual-stack routers which could be able to perform source- based policy routing and source address rewriting according to traffic-engineering policies on the outgoing packets. Hosts can get the IPv4 addresses of their local LDBRs in several ways, e.g., a new Dynamic Host Configuration Protocol (DHCP) option, or a site-scope well-known anycast address dedicated for LDBRs. In RANGI, IPv6-over-IPv4 tunnels are deployed in the site networks. Hence, RANGI can achieve a smooth IPv4/IPv6 transition in the scope of site networks. 2.6. Site Multi-homing and Traffic-Engineering In RANGI, each multi-homed site shall be assigned a /96 IPv6 prefix from each upstream ISP. Each host inside the multi-homed site, in turn, has multiple locators by concatenating the provider-assigned /96 IPv6 prefix with its locally unique IPv4 address. Hosts register the mappings from their identifiers to locators on the ID->Locator mapping system. As shown in Figure 4, host A is a RANGI host inside a multi-homed site, and it has two locators which are respectively synthesized from the LD IDs delegated from ISP1 and ISP2 and its IPv4 address. Host A chooses either one as the source locator of the outgoing packets. Upon receiving the packets, the site border router, BR1, performs source-based policy routing. For example, if the source locator is from ISP1, the packets will be forwarded to ISP1, otherwise, they will be forwarded to ISP2. In addition, BR1 could also rewrite the LD ID of the source locator to the one assigned from another ISP according to the configured traffic-engineering policy, and then forward the packets to the corresponding ISP according to source-based policy routing. Similar to the GSE [GSE], the site- controlled traffic-engineering by rewriting the source LD ID will impact the path (upstream ISP) selection for both outgoing packets and returned packets. In addition, since each ID->locator mapping in the ID->Locator mapping system is associated with a preference. By setting different preference values for different locators of a given host which is located inside a multi-homed site network, the upstream ISP selection for the incoming traffic can also influenced. Xu Expires August 10, 2011 [Page 9] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) ---------- / \ | | +---+ | +BR2| | /+---+ | / | ISP#1 | / \ / /------ / \ / +---* \ / -------- | A | \ / +---+\\ \ / | \\ | / | \\ +---+ / | \|BR1+/ | +---+-- | | -- ---------- \ / -- / \ \ Site A / -- | | \ / -- +---+ | ------ -+BR3| | +---+ | | | \ ISP#2 / \ / -------- Figure 4. Site Multi-homing and Traffic-engineering 2.7. Host Mobility and Multi-homing To some extent, host multi-homing is similar to host mobility since their effects on the network and on correspondents are identical. In RANGI, when a host physically moves from one attachment point of network to another in the event of mobility or re-homing, it SHOULD inform its current correspondents of its new locator as soon as possible. Furthermore, it needs to update its locator information on the ID->Locator mapping authoritative server timely. In the case of simultaneous mobility, at least one of the communicating entities SHOULD resolve the correspondence node's new locator from the ID- >Locator mapping system so as to continue their communication. In order to allow legacy IPv6 hosts to initiate communicates with RANGI mobile hosts, many RANGI transit proxies SHOULD be deployed in the transit networks and each of them is dedicated to a bunch of Xu Expires August 10, 2011 [Page 10] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) identifiers in a given AD scope and is responsible for translating packets from IPv6 and RANGI, and vice versa. For more details, please refer to the transit proxy mechanism defined in [RANGI-PROXY]. 2.8. Network Mobility To mitigate the registration burden on the ID->Locator mapping system triggered by network mobility, NEMO mechanism [RFC3963] is reused in RANGI to support network mobility. That is to say, the mobile router is responsible for updating its current locator on its home agent. As a result, network mobility event is transparent to the hosts inside that mobile network. Details about network mobility will be explored in the latter version of this draft. 3. Summary RANGI achieves almost all of goals set by RRG, which are listed as follows: 1) Routing Scalability: Scalability is achieved by separating identifiers from locators. 2) Traffic Engineering: Hosts inside a multi-homed site can suggest the upstream ISP for outgoing and returned packets by using the appropriate source locator, while the local LDBRs have the final decision on the upstream ISP selection since they can perform site-controlled traffic-engineering through source locator rewritting. 3) Mobility and Multi-homing: Sessions will not be interrupted due to locator change in the case of mobility or re-homing. 4) Simplified Renumbering: When changing providers, the local IPv4 addresses of the site do not need to change. Hence the internal routers within the site don't need renumbering. 5) Decoupling Location and Identifier: Obvious. 6) Routing Stability: Since the locators are topologically aggregatable and the internal topology within the LD will not be disclosed outside, routing stability could be improved greatly. 7) Routing Security: RANGI reuses existing routing system and does not introduce any new security risk into the routing system. Xu Expires August 10, 2011 [Page 11] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) 8) Incremental Deployability: RANGI allows an easy transition from IPv4 networks to IPv6 networks. In addition, RANGI proxy allows RANGI-aware hosts to communicate to legacy IPv4 or IPv6 hosts, and vice-versa. 4. Security Considerations TBD. 5. IANA Considerations A specific prefix for host IDs needs to be assigned from the IPv6 address space. Two new options in the Destination Option Header need to be assigned for the host ID and its corresponding parameter date structure respectively. 6. Acknowledgments The author would like to thank Raj Jain, Xuewei Wang and Dacheng Zhang for their valuable contributions. Thanks SHOULD also be given to Paul Francis, Lixia Zhang, Brain Carpenter, Dave Oran, Joel Halpern, and Tony Li for their insightful comments. This research project is partially funded by the National"863" Hi- Tech Program of China. 7. References [RAWS] D. Meyer, L. Zhang, and K. Fall. "Report from the IAB Workshop on Routing and Addressing", Internet draft, draft-iab-raws- report-01.txt, work in progress, February 2007. [GOALS] T. Li, "Design Goals for Scalable Internet Routing", draft- irtf-rrg-design-goals-01, July 2007. [RFC4423] R. Moskowitz and P. Nikander, "Host Identity Protocol (HIP) Architecture", RFC 4423, May 2006. [RFC3972] T. Aura, "Cryptographically Generated Addresses (CGA)", RFC3972, Mar 2005. [RFC3963] V. Devarapalli, R. Wakikawa, A. Petrescu and P. Thubert "Network Mobility (NEMO) Basic Support Protocol", RFC 3963, January 2005. Xu Expires August 10, 2011 [Page 12] Internet-Draft Routing Architecture August, 2010 for the Next Generation Internet (RANGI) [RFC5214] F. Templin, T. Gleeson, "Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)", RFC 5214, March, 2008. [RFC2136] P. Vixie, S. Thomson, Y. Rekhter, J. Bound, "Dynamic Updates in the Domain Name System (DNS UPDATE)", RFC 2136, April 1997. [RFC2535] Eastlake, D., "Domain Name System Security Extensions", RFC 2535, March 1999. [RFC3007] B. Wellington, "Secure Domain Name System Dynamic Update", RFC 3007, November 2000. [H-DHT] L. Garces-Erice, E. Biersack, P. Felber, K. Ross, and G. Urvoy-Keller, "Hierarchical Peer-to-peer Systems", In Proc. Euro-Par 2003, Klagenfurt, Austria, 2003. [GSE] M. O'Dell, "GSE-An Alternative Addressing Architecture for IPv6", Internet-Draft, Feb 1997. [LNA] Hari Balakrishnan, Karthik Lakshminarayanan, Sylvia Ratnasamy,Scott Shenker, Ion Stoica and Michael Walfish, "A Layered Naming Architecture for the Internet", Proc. ACM SIGCOMM, Portland, Oregon, USA, August 30 - September 3, 2004. [RANGI-PROXY] X. Xu, "Transition Mechanisms for Routing Architecture for the Next Generation Internet (RANGI)", draft-xu-rangi- proxy-01.txt, July 2009. Authors' Addresses Xiaohu Xu Huawei Technologies, No.3 Xinxi Rd., Shang-Di Information Industry Base, Hai-Dian District, Beijing 100085, P.R. China Phone: +86 10 82882573 Email: xuxh@huawei.com