About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Documentation / networking / ila.txt




Custom Search

Based on kernel version 4.16.1. Page generated on 2018-04-09 11:53 EST.

1	Identifier Locator Addressing (ILA)
2	
3	
4	Introduction
5	============
6	
7	Identifier-locator addressing (ILA) is a technique used with IPv6 that
8	differentiates between location and identity of a network node. Part of an
9	address expresses the immutable identity of the node, and another part
10	indicates the location of the node which can be dynamic. Identifier-locator
11	addressing can be used to efficiently implement overlay networks for
12	network virtualization as well as solutions for use cases in mobility.
13	
14	ILA can be thought of as means to implement an overlay network without
15	encapsulation. This is accomplished by performing network address
16	translation on destination addresses as a packet traverses a network. To
17	the network, an ILA translated packet appears to be no different than any
18	other IPv6 packet. For instance, if the transport protocol is TCP then an
19	ILA translated packet looks like just another TCP/IPv6 packet. The
20	advantage of this is that ILA is transparent to the network so that
21	optimizations in the network, such as ECMP, RSS, GRO, GSO, etc., just work.
22	
23	The ILA protocol is described in Internet-Draft draft-herbert-intarea-ila.
24	
25	
26	ILA terminology
27	===============
28	
29	  - Identifier	A number that identifies an addressable node in the network
30			independent of its location. ILA identifiers are sixty-four
31			bit values.
32	
33	  - Locator	A network prefix that routes to a physical host. Locators
34			provide the topological location of an addressed node. ILA
35			locators are sixty-four bit prefixes.
36	
37	  - ILA mapping
38			A mapping of an ILA identifier to a locator (or to a
39			locator and meta data). An ILA domain maintains a database
40			that contains mappings for all destinations in the domain.
41	
42	  - SIR address
43			An IPv6 address composed of a SIR prefix (upper sixty-
44			four bits) and an identifier (lower sixty-four bits).
45			SIR addresses are visible to applications and provide a
46			means for them to address nodes independent of their
47			location.
48	
49	  - ILA address
50			An IPv6 address composed of a locator (upper sixty-four
51			bits) and an identifier (low order sixty-four bits). ILA
52			addresses are never visible to an application.
53	
54	  - ILA host	An end host that is capable of performing ILA translations
55			on transmit or receive.
56	
57	  - ILA router	A network node that performs ILA translation and forwarding
58			of translated packets.
59	
60	  - ILA forwarding cache
61			A type of ILA router that only maintains a working set
62			cache of mappings.
63	
64	  - ILA node	A network node capable of performing ILA translations. This
65			can be an ILA router, ILA forwarding cache, or ILA host.
66	
67	
68	Operation
69	=========
70	
71	There are two fundamental operations with ILA:
72	
73	  - Translate a SIR address to an ILA address. This is performed on ingress
74	    to an ILA overlay.
75	
76	  - Translate an ILA address to a SIR address. This is performed on egress
77	    from the ILA overlay.
78	
79	ILA can be deployed either on end hosts or intermediate devices in the
80	network; these are provided by "ILA hosts" and "ILA routers" respectively.
81	Configuration and datapath for these two points of deployment is somewhat
82	different.
83	
84	The diagram below illustrates the flow of packets through ILA as well
85	as showing ILA hosts and routers.
86	
87	    +--------+                                                +--------+
88	    | Host A +-+                                         +--->| Host B |
89	    |        | |              (2) ILA                   (')   |        |
90	    +--------+ |            ...addressed....           (   )  +--------+
91	               V  +---+--+  .  packet      .  +---+--+  (_)
92	   (1) SIR     |  | ILA  |----->-------->---->| ILA  |   |   (3) SIR
93	    addressed  +->|router|  .              .  |router|->-+    addressed
94	    packet        +---+--+  .     IPv6     .  +---+--+        packet
95	                   /        .    Network   .
96	                  /         .              .   +--+-++--------+
97	    +--------+   /          .              .   |ILA ||  Host  |
98	    |  Host  +--+           .              .- -|host||        |
99	    |        |              .              .   +--+-++--------+
100	    +--------+              ................
101	
102	
103	Transport checksum handling
104	===========================
105	
106	When an address is translated by ILA, an encapsulated transport checksum
107	that includes the translated address in a pseudo header may be rendered
108	incorrect on the wire. This is a problem for intermediate devices,
109	including checksum offload in NICs, that process the checksum. There are
110	three options to deal with this:
111	
112	- no action	Allow the checksum to be incorrect on the wire. Before
113			a receiver verifies a checksum the ILA to SIR address
114			translation must be done.
115	
116	- adjust transport checksum
117			When ILA translation is performed the packet is parsed
118			and if a transport layer checksum is found then it is
119			adjusted to reflect the correct checksum per the
120			translated address.
121	
122	- checksum neutral mapping
123			When an address is translated the difference can be offset
124			elsewhere in a part of the packet that is covered by the
125			the checksum. The low order sixteen bits of the identifier
126			are used. This method is preferred since it doesn't require
127			parsing a packet beyond the IP header and in most cases the
128			adjustment can be precomputed and saved with the mapping.
129	
130	Note that the checksum neutral adjustment affects the low order sixteen
131	bits of the identifier. When ILA to SIR address translation is done on
132	egress the low order bits are restored to the original value which
133	restores the identifier as it was originally sent.
134	
135	
136	Identifier types
137	================
138	
139	ILA defines different types of identifiers for different use cases.
140	
141	The defined types are:
142	
143	      0: interface identifier
144	
145	      1: locally unique identifier
146	
147	      2: virtual networking identifier for IPv4 address
148	
149	      3: virtual networking identifier for IPv6 unicast address
150	
151	      4: virtual networking identifier for IPv6 multicast address
152	
153	      5: non-local address identifier
154	
155	In the current implementation of kernel ILA only locally unique identifiers
156	(LUID) are supported. LUID allows for a generic, unformatted 64 bit
157	identifier.
158	
159	
160	Identifier formats
161	==================
162	
163	Kernel ILA supports two optional fields in an identifier for formatting:
164	"C-bit" and "identifier type". The presence of these fields is determined
165	by configuration as demonstrated below.
166	
167	If the identifier type is present it occupies the three highest order
168	bits of an identifier. The possible values are given in the above list.
169	
170	If the C-bit is present,  this is used as an indication that checksum
171	neutral mapping has been done. The C-bit can only be set in an
172	ILA address, never a SIR address.
173	
174	In the simplest format the identifier types, C-bit, and checksum
175	adjustment value are not present so an identifier is considered an
176	unstructured sixty-four bit value.
177	
178	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
179	     |                            Identifier                         |
180	     +                                                               +
181	     |                                                               |
182	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
183	
184	The checksum neutral adjustment may be configured to always be
185	present using neutral-map-auto. In this case there is no C-bit, but the
186	checksum adjustment is in the low order 16 bits. The identifier is
187	still sixty-four bits.
188	
189	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
190	     |                            Identifier                         |
191	     |                               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
192	     |                               |  Checksum-neutral adjustment  |
193	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
194	
195	The C-bit may used to explicitly indicate that checksum neutral
196	mapping has been applied to an ILA address. The format is:
197	
198	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
199	     |     |C|                    Identifier                         |
200	     |     +-+                       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
201	     |                               |  Checksum-neutral adjustment  |
202	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
203	
204	The identifier type field may be present to indicate the identifier
205	type. If it is not present then the type is inferred based on mapping
206	configuration. The checksum neutral adjustment may automatically
207	used with the identifier type as illustrated below.
208	
209	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
210	     | Type|                      Identifier                         |
211	     +-+-+-+                         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
212	     |                               |  Checksum-neutral adjustment  |
213	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
214	
215	If the identifier type and the C-bit can be present simultaneously so
216	the identifier format would be:
217	
218	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
219	     | Type|C|                    Identifier                         |
220	     +-+-+-+-+                       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
221	     |                               |  Checksum-neutral adjustment  |
222	     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
223	
224	
225	Configuration
226	=============
227	
228	There are two methods to configure ILA mappings. One is by using LWT routes
229	and the other is ila_xlat (called from NFHOOK PREROUTING hook). ila_xlat
230	is intended to be used in the receive path for ILA hosts .
231	
232	An ILA router has also been implemented in XDP. Description of that is
233	outside the scope of this document.
234	
235	The usage of for ILA LWT routes is:
236	
237	ip route add DEST/128 encap ila LOC csum-mode MODE ident-type TYPE via ADDR
238	
239	Destination (DEST) can either be a SIR address (for an ILA host or ingress
240	ILA router) or an ILA address (egress ILA router). LOC is the sixty-four
241	bit locator (with format W:X:Y:Z) that overwrites the upper sixty-four
242	bits of the destination address.  Checksum MODE is one of "no-action",
243	"adj-transport", "neutral-map", and "neutral-map-auto". If neutral-map is
244	set then the C-bit will be present. Identifier TYPE one of "luid" or
245	"use-format." In the case of use-format, the identifier type field is
246	present and the effective type is taken from that.
247	
248	The usage of ila_xlat is:
249	
250	ip ila add loc_match MATCH loc LOC csum-mode MODE ident-type TYPE
251	
252	MATCH indicates the incoming locator that must be matched to apply
253	a the translaiton. LOC is the locator that overwrites the upper
254	sixty-four bits of the destination address. MODE and TYPE have the
255	same meanings as described above.
256	
257	
258	Some examples
259	=============
260	
261	# Configure an ILA route that uses checksum neutral mapping as well
262	# as type field. Note that the type field is set in the SIR address
263	# (the 2000 implies type is 1 which is LUID).
264	ip route add 3333:0:0:1:2000:0:1:87/128 encap ila 2001:0:87:0 \
265	     csum-mode neutral-map ident-type use-format
266	
267	# Configure an ILA LWT route that uses auto checksum neutral mapping
268	# (no C-bit) and configure identifier type to be LUID so that the
269	# identifier type field will not be present.
270	ip route add 3333:0:0:1:2000:0:2:87/128 encap ila 2001:0:87:1 \
271	     csum-mode neutral-map-auto ident-type luid
272	
273	ila_xlat configuration
274	
275	# Configure an ILA to SIR mapping that matches a locator and overwrites
276	# it with a SIR address (3333:0:0:1 in this example). The C-bit and
277	# identifier field are used.
278	ip ila add loc_match 2001:0:119:0 loc 3333:0:0:1 \
279	    csum-mode neutral-map-auto ident-type use-format
280	
281	# Configure an ILA to SIR mapping where checksum neutral is automatically
282	# set without the C-bit and the identifier type is configured to be LUID
283	# so that the identifier type field is not present.
284	ip ila add loc_match 2001:0:119:0 loc 3333:0:0:1 \
285	    csum-mode neutral-map-auto ident-type use-format
Hide Line Numbers
About Kernel Documentation Linux Kernel Contact Linux Resources Linux Blog

Information is copyright its respective author. All material is available from the Linux Kernel Source distributed under a GPL License. This page is provided as a free service by mjmwired.net.