Hi all,
I have some more questions regarding this draft.
* 3.1. LISP NAT Traversal Overview
/ The ETR encapsulates the Map-Register message in a LISP ECM header
destined//
// to the RTR's RLOC. The RTR strips the LISP ECM header, re-originates//
// the Map-Register message, and sends it to the Map-Server.
/At this point, it seems to me that the RTR sends a simple Map Register
(like it does
it previous version of the draft) instead of an Encap Map Register
* 4.3. LISP Map-Register Message
/The 6th bit in the ECM LISP header is allocated as the "R"//
// bit. The R bit indicates that the encapsulated Map-Register is to be//
// processed by an RTR. The 7th bit in the ECM header is allocated as//
// the "N" bit.
/I suppose that are the 6th and 7th bit after the Type field otherwise
it overlaps
with other flag bits. Maybe it could be indicated in the draft.
* /4.4. LISP Map-Notify//
//
// MS-RTR Authentication Data: The message digest used from the output//
// of the Message Authentication Code (MAC) algorithm. //*The entire
Map-*//*
*//* Notify payload*//is authenticated./
Do we also refer to the inner IP and UDP header with entire Map Notify
payload?
Why the RTR is changing the address of the inner IP header of ECM? Is
not possible to use
the external IP header to obtain required information like the RTR
address in the MS ?
1- Encap Map Reg -> int src ip: From ETR local locator to RTR address
2- Data Map Notify -> int dst IP: From RTR address to ETR local
locator /
/
Best regards
Albert López
El 08/11/17 a les 21:33, Vina Ermagan (vermagan) ha escrit:
Hi Albert,
³Map Register TTL² in the referenced paragraph is indeed the TTL for which
a Map Register stays valid in a Map Server. Suggested time in the RFC for
periodic Map Registers is 1 minute. And MS will expire the registration
after 3 minutes if it does not receive a renewal. So this TTL in RTR
should be set no larger than 3 minutes, and no smaller than 1 minute.
Unfortunately NAPT devices don¹t have a standard TTL for expiring their
address associations; some use 2 minutes as the threshold. So the 3 minute
recommendation for expiring a Map Register seems suitable here.
Hope this clarifies it.
Best,
Vina
On 11/6/17, 1:01 AM, "lisp on behalf of Albert López"
<lisp-boun...@ietf.org on behalf of alo...@ac.upc.edu> wrote:
In that case, I think that It would be better if the validation time /
expiration time of the locator associated with the ECM-ed Map Register &
ECM-ed Map Notify is related with the periodic time of sending ECM-ed
Map Registers.
Usually a hole in the nat box is less than two minutes so we send
periodic ECM Mag register to maintain this hole opened apart from
maintaining the status in the Map Server. If we use the TTL of the
record to maintain an entry in the Map Cacahe of the RTR, it is possible
we maintain an entry which is no longer valid or send packets to an
invalid rloc. What do you think?
Regards
Albert
El 03/11/17 a les 18:38, Dino Farinacci ha escrit:
The TTL in the Map-Register is the TTL returned in Map-Replies. So it
is the expiry time for a map-cache entry. Note it is the ³Record TTL² in
the EID-record which both appear in Map-Register and Map-Reply messages.
Dino
On Nov 3, 2017, at 1:35 AM, Albert López <alo...@ac.upc.edu> wrote:
Dear all,
In section 5.3 of the draft draft-ermagan-lisp-nat-traversal which
describe the RTR processing, it says that when the RTR receive and
ECM-ed Map Notify, once it is validated, it changes the state of the
associated map-cache entry to verified for the duration of the Map
Register TTL. What does it mean by Map Register TTL? it means the TTL
of the record of the Map Register or it is the same concept of the Map
Register TTL of the Map Server which is 3 minutes? If I understand
correctly, if we don't receive more Encap Map Register / Map Notify to
renew this verified period, the map-cache entry of the RTR expires, at
least the locator of the map-cache entry associated with the Encap Map
register.
"Once the authenticity of the message is verified,
RTR can confirm that the Map-Register message for the ETR with the
matching xTR-ID was accepted by the Map-Server. At this point the
RTR can change the state of the associated map-cache entry to
verified for the duration of the Map-Register TTL"
Thank you in advance.
Albert López
_______________________________________________
lisp mailing list
lisp@ietf.org
https://www.ietf.org/mailman/listinfo/lisp
_______________________________________________
lisp mailing list
lisp@ietf.org
https://www.ietf.org/mailman/listinfo/lisp
_______________________________________________
lisp mailing list
lisp@ietf.org
https://www.ietf.org/mailman/listinfo/lisp
