LISP WG, is there any objections to adding this text: There are several cases where segregation is needed at the EID level. For instance, this is the case for deployments containing overlapping addresses, traffic isolation policies or multi-tenant virtualization. For these and other scenarios where segregation is needed, Instance IDs are used.
as replacement to this text: When multiple organizations inside of a LISP site are using private addresses [RFC1918] as EID-Prefixes, their address spaces MUST remain segregated due to possible address duplication. An Instance ID in the address encoding can aid in making the entire AFI-based address unique. Thanks, Dino > On Oct 30, 2017, at 10:35 AM, Alberto Rodriguez-Natal > <[email protected]> wrote: > > Dino, > > I believe the following agreed edit was not included in -06. Not a big > deal, but maybe we should make a note to include it in -07. > > Alberto > >>>>>>> When multiple organizations inside of a LISP site are using private >>>>>>> addresses [RFC1918] as EID-Prefixes, their address spaces MUST remain >>>>>>> segregated due to possible address duplication. An Instance ID in the >>>>>>> address encoding can aid in making the entire AFI-based address >>>>>>> unique. >>>>>>> >>>>>>> [AR] This text is used to introduce the concept of Instance-IDs. I >>>>>>> don't think we should mention private addresses here. Instance ID may >>>>>>> be used even when not private addresses are in place or for purposes >>>>>>> other than possible address duplication. If anything, the private >>>>>>> addresses duplication should be an example only. >>>>>> >>>>>> Response (1). >>>>>> >>>>>> Making a reference to private addresses is actually very important. >>>>>> There are a lot of container and VMs within cloud provider deployments >>>>>> that use it. It is probably the most popular use-case of LISP. >>>>> >>>>> [AR2] My intention was to state that we should not tie Instance-IDs to >>>>> the address duplication problem of private addresses. Indeed, >>>>> preventing address duplication is one of the major use-cases for >>>>> Instance-IDs but they are applicable beyond that particular use-case. >>>> >>>> I don’t follow your point, the fact you use EIDs within an IID means the >>>> EIDs are private to that IID. Regardless if they are RFC1918 addresses or >>>> registry allocated addresses. >>> >>> [AR3] I would suggest the following text as a replacement for the >>> current paragraph. Feel free to edit as you see fit. >>> >>> "There are several cases where segregation is needed at the EID level. >>> For instance, this is the case for deployments containing overlapping >>> addresses, traffic isolation policies or multi-tenant virtualization. >>> For these and others scenarios where segregation is needed, Instance >>> IDs can be used.” >> >> I would like to hear if the working group agrees to add this text. If by >> then end of the week I hear no objections or changes, I will include it. _______________________________________________ lisp mailing list [email protected] https://www.ietf.org/mailman/listinfo/lisp
