Network-Hexagons: H3-LISP Based Mobility Network
draft-barkai-lisp-nexagon-08
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
|
|
|---|---|---|---|
| Authors | Sharon Barkai , Bruno Fernandez-Ruiz , Sharon Barkai , Alberto Rodriguez-Natal , Fabio Maino , Albert Cabellos-Aparicio , Dino Farinacci | ||
| Last updated | 2019-09-10 (Latest revision 2019-09-07) | ||
| Replaced by | draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon, draft-ietf-lisp-nexagon | ||
| RFC stream | (None) | ||
| Formats | |||
| Additional resources | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-barkai-lisp-nexagon-08
Network Working Group A. Melnikov
Request for Comments: 5490 Isode Limited
Category: Standards Track March 2009
The Sieve Mail-Filtering Language --
Extensions for Checking Mailbox Status and Accessing Mailbox Metadata
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Abstract
This memo defines an extension to the Sieve mail filtering language
(RFC 5228) for accessing mailbox and server annotations, checking for
mailbox existence, and controlling mailbox creation on "fileinto"
action.
Melnikov Standards Track [Page 1]
RFC 5490 Sieve METADATA March 2009
Table of Contents
1. Introduction ....................................................2
2. Conventions Used in This Document ...............................2
3. "mailbox" and "mboxmetadata" Extensions .........................2
3.1. Test "mailboxexists" .......................................2
3.2. ":create" Argument to "fileinto" Command ...................3
3.3. Test "metadata" ............................................4
3.4. Test "metadataexists" ......................................4
4. "servermetadata" Extension ......................................5
4.1. Test "servermetadata" ......................................5
4.2. Test "servermetadataexists" ................................6
5. Security Considerations .........................................6
6. IANA Considerations .............................................7
7. Acknowledgements ................................................7
8. References ......................................................8
8.1. Normative References .......................................8
8.2. Informative References .....................................8
1. Introduction
This memo defines an extension to the Sieve mail filtering language
[SIEVE] for accessing mailbox and server annotations. This allows
for customization of the Sieve engine behaviour based on variables
set using [METADATA].
This document also defines an extension for checking for mailbox
existence and for controlling mailbox creation on "fileinto" action.
2. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [KEYWORDS].
Conventions for notations are as in [SIEVE] Section 1.1, including
the use of [ABNF].
This document is written with an assumption that readers are familiar
with the data model and terms defined in Section 3 of [METADATA].
3. "mailbox" and "mboxmetadata" Extensions
3.1. Test "mailboxexists"
Usage: mailboxexists <mailbox-names: string-list>
Melnikov Standards Track [Page 2]
RFC 5490 Sieve METADATA March 2009
The "mailboxexists" test is true if all mailboxes listed in the
"mailbox-names" argument exist in the mailstore, and each allows the
user in whose context the Sieve script runs to "deliver" messages
into it. When the mailstore is an IMAP server, "delivery" of
messages is possible if:
a. the READ-WRITE response code is present for the mailbox (see
Section 7.1 of [IMAP]), if IMAP Access Control List (ACL)
[IMAPACL] is not supported by the server, or
b. the user has 'p' or 'i' rights for the mailbox (see Section 5.2
of [IMAPACL]).
Note that a successful "mailboxexists" test for a mailbox doesn't
necessarily mean that a "fileinto" action on this mailbox would
succeed. For example, the "fileinto" action might put user over
quota. The "mailboxexists" only verifies existence of the mailbox
and whether the user in whose context the Sieve script runs has
permissions to execute "fileinto" on it.
The capability string for use with the require command is "mailbox".
Example: The following example assumes that the Sieve engine also
supports "reject" [REJECT] and "fileinto" [SIEVE]. However, these
extensions are not required in order to implement the "mailbox"
extension.
require ["fileinto", "reject", "mailbox"];
if mailboxexists "Partners" {
fileinto "Partners";
} else {
reject "This message was not accepted by the Mailstore";
}
3.2. ":create" Argument to "fileinto" Command
Usage: fileinto [:create] <mailbox: string>
If the optional ":create" argument is specified with "fileinto", it
instructs the Sieve interpreter to create the specified mailbox, if
needed, before attempting to deliver the message into the specified
mailbox. If the mailbox already exists, this argument is ignored.
Failure to create the specified mailbox is considered to be an error.
The capability string for use with the ":create" parameter is
"mailbox".
Melnikov Standards Track [Page 3]
RFC 5490 Sieve METADATA March 2009
3.3. Test "metadata"
Usage: metadata [MATCH-TYPE] [COMPARATOR]
<mailbox: string>
<annotation-name: string> <key-list: string-list>
This test retrieves the value of the mailbox annotation "annotation-
name" for the mailbox "mailbox" [METADATA]. The retrieved value is
compared to the "key-list". The test returns true if the annotation
exists and its value matches any of the keys.
The default match type is ":is" [SIEVE]. The default comparator is
"i;ascii-casemap" [SIEVE].
The capability string for use with the require command is
"mboxmetadata".
Annotations MUST be accessed with the permissions of the user in
whose context the Sieve script runs, and annotations starting with
the "/private" prefix MUST be those of the user in whose context the
Sieve script runs.
Example: The following example assumes that the Sieve engine also
supports the "vacation" [VACATION] extension. However, this
extension is not required in order to implement the "mboxmetadata"
extension.
require ["mboxmetadata", "vacation"];
if metadata :is "INBOX"
"/private/vendor/vendor.isode/auto-replies" "on" {
vacation text:
I'm away on holidays till March 2009.
Expect a delay.
.
}
3.4. Test "metadataexists"
Usage: metadataexists <mailbox: string> <annotation-names: string-
list>
The "metadataexists" test is true if all of the annotations listed in
the "annotation-names" argument exist (i.e., have non-NIL values) for
the specified mailbox.
Melnikov Standards Track [Page 4]
RFC 5490 Sieve METADATA March 2009
The capability string for use with the require command is
"mboxmetadata".
4. "servermetadata" Extension
4.1. Test "servermetadata"
Usage: servermetadata [MATCH-TYPE] [COMPARATOR]
<annotation-name: string> <key-list: string-list>
This test retrieves the value of the server annotation "annotation-
name" [METADATA]. The retrieved value is compared to the "key-list".
The test returns true if the annotation exists and its value matches
any of the keys.
The default match type is ":is". The default comparator is "i;ascii-
casemap".
The capability string for use with the require command is
"servermetadata".
Annotations MUST be accessed with the permissions of the user in
whose context the Sieve script runs, and annotations starting with
the "/private" prefix MUST be those of the user in whose context the
Sieve script runs.
Example: The following example assumes that the Sieve engine also
supports "variables" [VARIABLES], "enotify" [NOTIFY], and "envelope"
[SIEVE] extensions. However, these extensions are not required in
order to implement the "servermetadata" extension.
require ["enotify", "servermetadata", "variables", "envelope"];
if servermetadata :matches
"/private/vendor/vendor.isode/notification-uri" "*" {
set "notif_uri" "${0}";
}
if not string :is "${notif_uri}" "none" {
# :matches is used to get the MAIL FROM address
if envelope :all :matches "from" "*" {
set "env_from" " [really: ${1}]";
}
# :matches is used to get the value of the Subject header
if header :matches "Subject" "*" {
set "subject" "${1}";
}
Melnikov Standards Track [Page 5]
RFC 5490 Sieve METADATA March 2009
# :matches is used to get the address from the From header
if address :matches :all "from" "*" {
set "from_addr" "${1}";
}
notify :message "${from_addr}${env_from}: ${subject}"
"${notif_uri}";
}
4.2. Test "servermetadataexists"
Usage: servermetadataexists
<annotation-names: string-list>
The "servermetadataexists" test is true if all of the server
annotations listed in the "annotation-names" argument exist (i.e.,
have non-NIL values).
The capability string for use with the require command is
"servermetadata".
5. Security Considerations
Extensions defined in this document deliberately don't provide a way
to modify annotations.
A failure to retrieve data due to the server storing the annotations
being down or otherwise inaccessible may alter the result of Sieve
processing. So implementations SHOULD treat a temporary failure to
retrieve annotations in the same manner as a temporary failure to
retrieve a Sieve script. For example, if the Sieve script is stored
in the Lightweight Directory Access Protocol (LDAP) and the script
can't be retrieved when a message is processed, then the agent
performing Sieve processing can, for example, assume that the script
doesn't exist or delay message delivery until the script can be
retrieved successfully. Annotations should be treated as if they are
a part of the script itself, so a temporary failure to retrieve them
should be handled in the same way as a temporary failure to retrieve
the Sieve script itself.
Protocols/APIs used to retrieve annotations MUST provide at least the
same level of confidentiality as protocols/APIs used to retrieve
Sieve scripts. For example, if Sieve scripts are retrieved using
LDAP secured with Transport Layer Security (TLS) encryption, then the
protocol used to retrieve annotations must use a comparable mechanism
for providing connection confidentiality. In particular, the
protocol used to retrieve annotations must not be lacking encryption.
Melnikov Standards Track [Page 6]
RFC 5490 Sieve METADATA March 2009
6. IANA Considerations
IANA has added the following registrations to the list of Sieve
extensions:
To: iana@iana.org
Subject: Registration of new Sieve extension
Capability name: mailbox
Description: adds test for checking for mailbox existence and a new
optional argument to fileinto for creating a mailbox
before attempting mail delivery.
RFC number: this RFC
Contact address:
The Sieve discussion list &<----------------------|
| | | ACA(AVP ClientEID) |
| ACA (Client::EID,EdgeRTR::RLOC) | |
|<---------------------------------| |
| | | |
| Publish to H3ServiceEID / Subscribe MLDv2 H3ServiceEID |
|--------------------------------------------------------->|
|<---------------------------------------------------------|
| multicast Updates from H3ServiceEIDs |
| | | |
| ACR (Interim) | |
|--------------------------------->| ACR (Interim) |
| | |---------------------->|
| | |<----------------------|
| | | ACA (Interim) |
|<---------------------------------| |
| ACA (Interim) | |
Using this network-login / re-login method we ensure that:
- the MobilityClientEIDs serve as credentials with the specific EdgeRTRs
- EdgeRTRs are not tightly coupled to H3.r9 areas for privacy/load-balance
- Mobility Clients do not need to update EdgeRTRs while roaming in a metro
The same EdgeRTR may serve several H3.r9 areas for smooth ride continuity,
and, several EdgeRTRs may load balance a H3.r9 area with high density of
originating MobilityClient rides. When a MobilityClient ClientXTR is homed
to EdgeRTR it is able to communicate with H3ServiceEIDs.
5. Mobility Clients-Network-Services
The mobility network functions as a standard LISP VPN overlay.
The overlay delivers unicast and multicast packets across:
- multiple access-network-providers / radio-access-technologies.
- multiple cloud-edge hosting providers, public, private, hybrid.
We use data-plane XTRs in the stack of each mobility client and server.
ClientXTRs and ServerXTRs are homed to one or more EdgeRTRs at the LISP edge.
This structure allows for MobilityClients to "show-up" at any time,
behind any network-provider in a given mobility network administrative
domain (metro), and for any H3ServiceEID to be instantiated, moved, or
failed-over to - any rack in any cloud-provider. The LISP overlay enables
these roaming mobility network elements to communicate un-interrupted.
This quality is insured by the LISP RFCs. The determinism of identities for
MobilityClients to always refer to the correct H3ServiceEID is insured by H3
geospatial HIDs.
There are two options for how we associate ClientXTRs with LISP EdgeRTRs:
I. Semi-random load-balancing by DNS/AAA
In this option we assume that in a given metro edge a pool of EdgeRTRs can
distribute the Mobility Clients load randomly between them and that EdgeRTRs
are topologically more or less equivalent. Each RTR uses LISP to tunnel
traffic to and from other EdgeRTRs for MobilityClient with H3Service exchanges.
MobilityClients can (multi) home to EdgeRTRsRTRs throughout while moving.
II. Topological by any-cast
In this option we align an EdgeRTR with topological aggregation like in the
Evolved Packet Core (EPC) solution. Mobility Clients currently roaming in an
area home to that RTR and so is the H3 Server. There is only one hop across
the edge overlay between clients and servers and mcast replication is more
focused, but clients need to keep re-homing as they move.
To summarize the H3LISP mobility network layout:
(1) Mobility-Clients traffic is tunneled via data-plane ClientXTRs
ClientXTRs are (multi) homed to EdgeRTR(s)
(2) H3ServiceEID traffic is tunneled via data-plane ServerXTR
ServerXTRs are (multi) homed to EdgeRTR(s)
(3) EdgeRTRs use mapping service to resolve Ucast HIDs to RTR RLOCs
EdgeRTRs also register to (Source, Group) H3ServiceEID multicasts
MobilityClients <> ClientXTR <Access Provider > EdgeRTR v
v
v << Map-Assisted Mobility-Network Overlay << v
v
>> EdgeRTR <Cloud Provider> ServerXTR <> H3ServiceEID
6. Mobility Unicast and Multicast
Which ever way a ClientXTR is homed to an Edge RTR an authenticated
MobilityClient EID can send: [64bitH3.15ID :: 64bitState] annotation to the
H3.r9 H3ServiceEID. The H3.r9 IP HID can be calculated by clients
algorithmically form the H3.15 localized snapped-to-tile annotation.
The ClientXTR encapsulates MobilityClient EID and H3ServiceEID in a packet
sourced from the ClientXTR, destined to the EdgeRTR RLOC IP, Lisp port.
EdgeRTRs then re-encapsulate annotation packets either to remote EdgeRTR
(optionI) or to homed H3ServiceEID ServerXTR (option2).
The remote EdgeRTR aggregating H3ServiceEIDs re-encapsulates MobilityClient
EID to ServerXTR and from there to the H3ServiceEID.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
|Version| Traffic Class | Flow Label | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| Payload Length | Next Header | Hop Limit | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | |
+ + |
| | |
+ Source MobilityClientEID + |
| | IPv6
+ + |
| | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | |
+ + |
| | |
+ Dest H3ServiceEID + |
| | |
+ + |
| | /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port = xxxx | Dest Port = xxxx | \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ UDP
| UDP Length | UDP Checksum | /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
| Type |gzip | Reserved | Pair Count = X| Nexgon Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ /
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit State +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit State +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
To Summarize Unicast:
(1) MobilityClients can send annotation state localized an H3.r15 tile
These annotations are sent to an H3.r9 mobility H3ServiceEIDs
(2) MobilityClient EID and H3ServiceEID HID are encapsulated:
XTR <> RTR <> RTR <> XTR
* RTRs can map-resolve re-tunnel HIDs
(3) RTRs re-encapsulate original source-dest to ServerXTRs
ServerXTRs decapsulate packets to H3ServiceEID
Each H3.r9 Server is used by clients to update H3.r15 tile state is also an IP
Multicast channel Source used to update subscribers on the aggregate state of
the H3.r15 tiles in the H3.r9 Server.
We use rfc8378 signal free multicast to implement mcast channels in the
overlay. The mobility network has many channels and relatively few
subscribers per each. MobilityClients driving through or subscribing to a
a H3.r9 area can explicitly issue an rfc4604 MLDv2 in-order to subscribe, or,
may be subscribed implicitly by the EdgeRTR gleaning to ucast HID dest.
The advantage of explicit client MLDv2 registration trigger to rfc8378 is
that the clients manage their own mobility mcast hand-over according to their
location-direction moment vectors, and that it allows for otherwise silent, or,
non annotating clients. The advantage of EdgeRTR implicit registration is
less signaling required.
MLDv2 signaling messages are encapsulated between the ClientXTR and the LISP
EdgeRTR, therefore there is no requirement for the underlying network to
support native multicast. If native access multicast is supported (for example
native 5G multicast), then MobilityClient registration to H3ServiceEID
safety channels may be integrated to it, in which case the evolved-packet-core
(EPC) element supporting it (eNB) will use this standard to register with the
appropriate H3.r9 channels in its area.
Multicast update packets are of the following structure:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
|Version| Traffic Class | Flow Label | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| Payload Length | Next Header | Hop Limit | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | |
+ + |
| | |
+ Source H3-R9 EID Address + |
| | IPv6
+ + |
| | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | |
+ + |
| | |
+ Group Address + |
| | |
+ + |
| | /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port = xxxx | Dest Port = xxxx | \
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ UDP
| UDP Length | UDP Checksum | /
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
| | Nexagons Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ /
~ Nexagons Payload ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Outer headers = 40 (IPv6) + 8 (UDP) + 8 (LISP) = 56
Inner headers = 40 (IPv6) + 8 (UDP) + 4 (Nexagon Header) = 52
1500 (MTU) - 56 - 52 = 1392 bytes of effective payload
Type 1:key-value, key-value.. 1392 / (8 + 8) = 87 pairs
Type 2:value, key,key,key.. (1392 - 8) / 8 = 173 H3-R15 IDs
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
| Type = 1 |gzip | Reserved | Pair Count = X| Nexagon Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ /
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit State +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit State +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ \
| Type = 2 |gzip | Reserved |H3R15 Count = X| Nexagon Header
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ /
| |
+ 64 Bit State +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ 64 Bit H3-R15 ID +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
` The remote EdgeRTRs homing MobilityClients in-turn replicate the packet to the
MobilityClients registered with them.
We expect an average of 600 H3.r15 tiles of the full 7^6 (~100K) possible in
H3.r9 to be part of any road. The H3.r9 server can transmit the status of all
600 or just those with meaningful state based on update SLA and policy.
To Summarize:
(1) H3LISP Clients tune to H3.r9 mobility updates using rfc8378
H3LISP Client issue MLDv2 registration to H3.r9 HIDs
ClientXTRs encapsulate MLDv2 to EdgeRTRs who register (s,g)
(2) ServerXTRs encapsulate updates to EdgeRTRs who map-resolve (s,g) RLOCs
EdgeRTRs replicate mobility update and tunnel to registered EdgeRTRs
Remote EdgeRTRs replicate updates to registered ClientXTRs
7. Security Considerations
The nexagon layer3 v2v/v2i/c&c network is inherently more secure and private
then alternatives because of the indirection. No car or infrastructure element
ever communicates directly with MobilityClients. All information is conveyed
using shared / addressable geo-state. MobilityClients are supposed to receive
information only from the network as a trusted broker without indication as
to the origin of the information. This is an important step towards better
privacy, security, extendability, and interoperability.
In order to be able to use the nexagon mobility network for a given period,
the mobility clients go through a DNS/AAA stage by which they obtain their
clientEID identifiers-credentials and the RLOCs of EdgeRTRs they may use as
gateways to the network. This MobilityClient <> EdgeRTR is the most sensitive
interface in the network as far as privacy-security.
The traffic on the MobilityClient<>EdgeRTR interface is tunneled and its UDP
content may be encrypted, still, the EdgeRTR will know based on the LISP
headers alone the MobilityClient RLOC and H3-R9 (~0.1sqkm) geo-spatial area
a given client publishes in or subscribes to.
For this reason we envision the ability of enterprise or groups of users to
"bring their own" EdgeRTRs. BYO-RTR masks individual clients' IP-RLOC to
H3-R9 association and is pre-provisioned to be able to use the mapping system
and be on a white-list of EdgeRTRs aggregating H3ServiceEIDs.
Beyond this sensitive hop, the mapping system does not hold MobilityClientEIDs
and remote EdgeRTRs are only aware of MobilityClient ephemeral EIDs not their
actual IP RLOC or any other mobile-device identifiers. EdgeRTRs register in the
mapping (s,g) H3-R9 multicast groups, but which clients reside beyond which
EdgeRTR is not in the mapping system. The H3ServiceEIDs them selves of-course
decrypt and parse actual H3-R15 annotations, they also consider during this the
MobilityClientEID credentials to avoid "fake-news", but again these are only
temporary EIDs allocated to clients in-order to be able to use the mobility
network and not for their basic communications.
8. Acknowledgments
This work is partly funded by the ANR LISP-Lab project #ANR-
13-INFR-009 (https://lisplab.lip6.fr).
9. IANA Considerations
I. Formal H3 to IPv6 EID mapping
II. State enum fields of H3 tiles:
Field 0x State Freshness {
0x: less than 1Sec
1x: less than 10Sec
2x: less than 20Sec
3x: less than 40Sec
4x: less than 1min
5x: less than 2min
6x: less than 5min
7x: less than 15min
8x: less than 30min
9x: less than 1hour
Ax: less than 2hours
Bx: less than 8hours
Cx: less than 24hours
Dx: less than 1week
Ex: less than 1month
Fx: more than 1month
}
field 1x: Persistent or Structural {
0x - null
1x - pothole
2x - speed-bump low
3x - speed-bump high
4x - icy
5x - flooded
6x - snow-cover
7x - snow-deep
8x - construction cone
9x - gravel
}
field 2x: Transient Obstruction {
0x - null
1x - pedestrian
2x - bike
3x - stopped car / truck
4x - moving car / truck
5x - first responder vehicle
6x - sudden slowdown
7x - oversized-vehicle
8x - red-light-breach
9x - light collision (fender bender)
Ax - hard collision
Bx - collision with casualty
Cx - recent collision residues
Dx - hard brake
Ex - sharp cornering
}
field 3x: Traffic-light Cycle {
0x - green now
1x - 1 seconds to green
2x - 2 seconds to green
3x - 3 seconds to green
4x - 4 seconds to green
5x - 5 seconds to green
6x - 6 seconds to green
7x - 7 seconds to green
8x - 8 seconds to green
9x - 9 seconds to green
Ax - 10 seconds or less
Bx - 20 seconds or less
Cx - 30 seconds or less
Dx - 40 seconds or less
Ex - 50 seconds or less
Fx - red now
}
field 4x: impacted tile from neighboring {
0x - not impacted
1x - epicenter
2x - light yellow
3x - yellow
4x - light orange
5x - orange
6x - light red
7x - red
8x - light blue
9x - blue
}
field 5x: LaneRightsSigns {
0x - stop
1x - yield
2x - speedLimit
3x - straightOnly
4x - noStraight
5x - rightOnly
6x - noRight
7x - leftOnly
8x - noLeft
9x - noUTurn
Ax - noLeftU
Bx - bikeLane
Cx - HOVLane
}
field 6x: MovementSigns {
0x - noPass
1x - keepRight
2x - keepLeft
3x - stayInLane
4x - doNotEnter
5x - noTrucks
6x - noBikes
7x - noPeds
8x - oneWay
9x - parking
Ax - noParking
Bx - noStandaing
Cx - loadingZone
Dx - truckRoute
Ex - railCross
Fx - School
}
field 7x: CurvesIntersectSigns {
0x - turnsLeft
1x - turnsRight
2x - curvesLeft
3x - curvesRight
4x - reversesLeft
5x - reversesRight
6x - windingRoad
7x - hairPin
8x - 270Turn
9x - pretzelTurn
Ax - crossRoads
Bx - crossT
Cx - crossY
Dx - circle
Ex - laneEnds
Fx - roadNarrows
}
field 8x: Current Tile Speed {
0x - queued
1x - < 5kmh
2x - < 10kmh
3x - < 15kmh
4x - < 20kmh
5x - < 30kmh
6x - < 40kmh
7x - < 50kmh
8x - < 60kmh
9x - < 80kmh
Ax - < 100kmh
Bx - < 120kmh
Cx - < 140kmh
Dx - < 160kmh
Ex - < 180kmh
Fx - >= 200kmh
}
field 9x: Lanes and Shoulders {
0x - Lane >> Edge1
1x - Lane >> Vertex1
2x - Lane >> Edge2
3x - Lane >> Vertex2
4x - Lane >> Edge3
5x - Lane >> Vertex3
6x - Lane >> Edge4
7x - Lane >> Vertex4
8x - Lane >> Edge5
9x - Lane >> Vertex5
Ax - Lane >> Edge6
Bx - Lane >> Vertex6
Cx - Junction
Dx - sidewalk
Ex - shoulder
Fx - ditch
}
filed Ax - reserved
filed Bx - reserved
field Cx - reserved
field Dx - reserved
field Ex - reserved
field Fx - reserved
10. Normative References
[I-D.ietf-lisp-rfc6833bis]
Fuller, V., Farinacci, D., and A. Cabellos-Aparicio,
"Locator/ID Separation Protocol (LISP) Control-Plane",
draft-ietf-lisp-rfc6833bis-07 (work in progress), December
2017.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The
Locator/ID Separation Protocol (LISP)", RFC 6830,
DOI 10.17487/RFC6830, January 2013,
<https://www.rfc-editor.org/info/rfc6830>.
[RFC8378] Farinacci, D., Moreno, V., "Signal-Free Locator/ID Separation
Protocol (LISP) Multicast", RFC8378,
DOI 10.17487/RFC8378, May 2018,
<https://www.rfc-editor.org/info/rfc8378>.
Authors' Addresses
Sharon Barkai
Nexar
CA
USA
Email: sbarkai@gmail.com
Bruno Fernandez-Ruiz
Nexar
London
UK
Email: b@getnexar.com
S ZionB
Nexar
Israel
Email: sharon@fermicloud.io
Alberto Rodriguez-Natal
Cisco Systems
170 Tasman Drive
San Jose, CA
USA
Email: natal@cisco.com
Fabio Maino
Cisco Systems
170 Tasman Drive
San Jose, CA
USA
Email: fmaino@cisco.com
Albert Cabellos-Aparicio
Technical University of Catalonia
Barcelona
Spain
Email: acabello@ac.upc.edu
Jordi Paillissé-Vilanova
Technical University of Catalonia
Barcelona
Spain
Email: jordip@ac.upc.edu
Dino Farinacci
lispers.net
San Jose, CA
USA
Email: farinacci@gmail.com