Internet-Draft | LISP for Satellite Networks | August 2023 |
Farinacci, et al. | Expires 16 February 2024 | [Page] |
This specification describes how the LISP architecture and protocols can be used over satellite network systems. The LISP overlay runs on earth using the satellite network system in space as the underlay.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 16 February 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
This specification describes how a LISP overlay structure can run on top of a satellite network underlay. The approach is similar to how [I-D.haindl-lisp-gb-atn] is used in Aeronautical Telecommunications Networks and [I-D.farinacci-lisp-mobile-network] is used in cellular networks.¶
This satellite deployment use-case requires no changes to the LISP architecture or standard protocol specifications. In addition, any LISP implementations that run on a device with an existing satellite interface does not need to be upgraded.¶
Even though an overlay should not concern itself with the operation of an underlay, the requirements from [I-D.lhan-problems-requirements-satellite-net] are considered but outside the scope of this document.¶
The LISP overlay requirements are:¶
The diagram below illustrates a 4 satellite system where each have Inter-Satellite-Links (ISLs) for connectivity between them and edge satellites with RF links to Ground Stations. The EID connectivity to the xTRs is achieved via typical IP network connectivity where EIDs can be directly connected, one or more switch hops away, one or more router hops away, or any combination.¶
The LISP mapping system runs on the earth-resident Internet and requires reachability by xTRs before LISP encapsulation can occur over the satellite network underlay.¶
EIDs are known only to the overlay xTR nodes. EIDs are not routable or require state in the satellite network. This provides great value for scaling and EID mobility.¶
Here is how a packet flow sequence occurs from a source-EID to a destination-EID when the underlay is a satellite network:¶
The LISP mapping system holds EID-to-RLOC-set mappings. They are kept up to date by GS-xTRs and all the mechanisms from [RFC9301] are available for use. The mappings can contain RLOCs that are not GS-xTRs thereby allowing load-splitting between both satellite and terrestrial paths. The RLOC-set can also contain multicast RLOCs that can be reachable via satellite or terrestrial paths.¶
All of IPv4, IPv6, and MAC EIDs can be registered to the mapping system to create multi-address-family L3 overlays as well as L2 overlays on the satellite underlay. That is, GS-xTR RLOCs can be used with these EID address types.¶
Even though the satellite network is deployed to offer global Internet services, it may just carry routes and connectivity to GS- xTR addresses (their RLOC addresses). If this is the case, the LISP critical infrastructure may not be reachable by the satellite network or the satellite nodes themselves. Therefore, the mapping system can be deployed in GS-xTRs which can be reached by the satellite network.¶
This specification recommends the mapping system reside on earth and if the satellite network does offer global Internet connectivity, the mapping system can reside anywhere on earth. So even for rural based deployments of GS-xTRs, where the only connectivity is through a satellite interface link, the LISP critical infrastructure is always reachable.¶
When satellite connectivity changes from a GS-xTR within its coverage range, the RLOC of the GS-xTR does not change. Therefore, there is no need to update the mapping system when this happens. This provides more scale to the total system since the LISP overlay is providing a level of indirection.¶
EID-mobility [I-D.ietf-lisp-eid-mobility] is supported so devices can roam to other xTRs and are found by mapping system updates for remote xTRs encapsulating to the EID. GS-xTRs learn EIDs on the ground dynamically via the mechanisms in [I-D.ietf-lisp-eid-mobility].¶
The address format of a GS-xTR RLOC depends on the design of the satellite network system. The LISP RLOC formatting is flexible to accommodate new address types such as GPS coordinate based addressing or other forms of satellite addressing such as described in Section 7. The only requirement is that they are routable by the satellite network system.¶
If the satellite network supports IP forwarding and IP addresses are assigned to the RF-links on the GS-xTRs, then the satellite network just needs to make these "attachment point addresses" routable in the satellite network routing system. And if the satellite network desires to scale the route state in its routing system, it can use prefix aggregation, a local design matter to the satellite network routing system. When this is the case, the RLOC is a standard AFI encoded IPv4 or IPv6 address.¶
If the satellite network underlay supports a source-routing mechanism, the same approach can be used as a LISP overlay on a terrestrial underlay running Segment Routing [RFC8754]. The source-route is encoded in an RLOC-record stored in the mapping system that is formatted as a list of satellite hop addresses.¶
A satellite constellation network could perform packet forwarding with little or no control-plane. Using GPS (lat, long, alt) coordinate addressing, a satellte router could route packets physically closer to a destination GS-xTR. This technique uses opportunistic forwarding where decisions are made at the instant a satellite router receives a packet and needs to choose an ISL interface to get the packet closer to the destination.¶
The satellite router uses a packet header that contains the destination GPS address for the GS-xTR. The source GS-xTR prepends this header on the packet before it sends it on the RF uplink to the nearest satellite overhead. The satellte router can decide to send the packet to a next-hop satellite in the same orbit or to a next-hop satellite in an adjacent orbit, as long as the packet is getting closer to the destination GPS address. A satellite router decides the proximity of adjacent orbits to determine if the packet is actually getting closer to the destination GPS address.¶
For a given implementation, satellite routers in the same orbit or in adjacent orbits, which have good signal quality, exchange hello messages to advertise their position with a GPS address (lat, long, alt). These messages are very small in size and are sent periodically with second-granular frequency. This indicates to a satellite router, which direction to send the packet to get it closer to its GPS address location.¶
The RLOC probing procedures in [RFC9301] can provide underlay telemetry measurement [I-D.farinacci-lisp-telemetry] so the overlay can tell how well the satellite network is performing. And if the underlay under performs or telemetry metrics change, the GS-xTR can select another RLOC, possibly to a terrestrial RLOC.¶
There are no specific security considerations at this time for this use-case. However, existing LISP security functionality documented in [RFC9301], [RFC9303], [I-D.ietf-lisp-eid-anonymity], and [I-D.farinacci-lisp-ecdsa-auth] can be used when the LISP overlay runs over a satellite network underlay.¶
Data-plane encryption can be used to make the satellite underlay more secure. See LISP Data-Plane Confidentiality [RFC8061] for more details. This solution can work when packets take multiple satellite hops and/or Ground-Station hops.¶
There are no requests for IANA at this time.¶
This section will describe the various LISP deployment combinations as well as progress updates of testing LISP over SpaceX's Starlink satellite network [STARLINK].¶
In the following sections, the mapping system is running in a cloud provider VM and is accessible by all LISP xTRs in all the testing scenarios. The LISP RTR also runs in the VM which is providing NAT- traversal services as well as LISP to non-LISP connectivity [RFC6832] via LISP-NAT.¶
This test has not been performed at this time since we are seeking more Starlink participants. This section will be updated in the next document revision. We are not sure we will be able to test this case since the Starlink provided wifi-routers are doing NAT translation.¶
This test has not been performed at this time since we are seeking more Starlink participants. This section will be updated in the next document revision. When this occurs, packets will flow from GS-xTR to RTR to GS-xTR since NAT-traversal is occurring in the wifi- routers. The LISP-RTR is many hops away from the colocation-pop router, which has a direct connection to the satellite dish.¶
Starlink only supports a carrier-grade NAT (CGNAT) solution so the Decentralized-NAT procedures in [I-D.farinacci-lisp-lispers-net-nat] have been challenging to get the above configuration to work.¶
In this deployment scenario, the GS-xTR is a laptop, assigned an EID and communicating with the EID assigned to an xTR running in a cloud VM. Since NAT-traversal is used on the wifi-routers, packets flow through the LISP-RTR.¶
There are cases where Decentralized-NAT [I-D.farinacci-lisp-lispers-net-nat] can work from GS-xTR to LISP-xTR so packet flow does not traverse a third-party device like a LISP-RTR. Testing experience has revealed that Cloud Providers implement more standard NAT functionality versus limited translation functionality of a CGNAT.¶
The laptop is assigned EID 240.1.1.1 and LISP-xTR is assigned EID 240.11.11.11. Here is ping output initiated from the laptop:¶
laptop -> ping -c 5 240.11.11.11 PING 240.11.11.11 (240.11.11.11): 56 data bytes 64 bytes from 240.11.11.11: icmp_seq=0 ttl=62 time=xx ms 64 bytes from 240.11.11.11: icmp_seq=1 ttl=62 time=xx ms 64 bytes from 240.11.11.11: icmp_seq=2 ttl=62 time=xx ms 64 bytes from 240.11.11.11: icmp_seq=3 ttl=62 time=xx ms 64 bytes from 240.11.11.11: icmp_seq=4 ttl=62 time=xx ms --- 240.11.11.11 ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss¶
This test has not been performed at this time since we are seeking more Starlink participants. This section will be updated in the next document revision. When this occurs, packets will flow from GS-xTR to RTR to non-LISP-Host since both NAT-traversal and LISP-NAT support is required. The LISP-RTR is many hops away from the colo-pop router, which has a direct connection to the satellite dish.¶
In this deployment scenario, the GS-xTR is a laptop, assigned an EID and communicating with the non-EID assigned to non-LISP Host running in a cloud VM. When this occurs, packets will flow from GS-xTR to RTR to non-LISP-Host since both NAT-traversal and LISP-NAT support is required.¶
The laptop is assigned EID 240.1.1.1 and non-LISP-Host is the Google DNS server 8.8.8.8. Here is ping output initiated from the laptop:¶
laptop -> ping -c 5 -S 240.1.1.1 8.8.8.8 PING 8.8.8.8 (8.8.8.8) from 240.1.1.1: 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=43 time=xx ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=43 time=xx ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=43 time=xx ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=43 time=xx ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=43 time=xx ms --- 8.8.8.8 ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss¶
This may be a likely connectivity option since not all equipment connected to the satellite network will be LISP GS-xTRs.¶
This test has not been performed yet. In this test a device assigned with EID2 will be able to roam across GS-xTRs and keep connections up and running between EID1 and EID3. This can also happen when EID2 talks to a non-LISP host (via an RTR running LISP-NAT interworking services).¶
In this test scenario, EIDs are assigned to devices that reside behind GS-xTRs (via wireless or wired links) and do not run LISP. The GS-xTRs, which run LISP, encapsulate/decapsulate packets on behalf of the host devices. The GS-xTR RLOC addresses are routable by the satellite network (like in the previous test scenarios) allowing for the host devices to communicate while the satellite network keeps no state about EID addresses.¶
This test has not been performed. It will be tested when the satellite network has proven it can support ISL links and satellite routing reliably.¶
The GS-xTR sends packet natively for non-EID destination 8.8.8.8:¶
dino-macbook -> ping -c 5 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=56 time=25.741 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=17.197 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=17.870 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=56 time=21.806 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=56 time=16.966 ms --- 8.8.8.8 ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 16.966/19.916/25.741/3.400 ms¶
The GS-xTR sends encapsulated packets for EID destination 240.11.11.11:¶
dino-macbook -> ping -c 5 240.11.11.11 PING 240.11.11.11 (240.11.11.11): 56 data bytes 64 bytes from 240.11.11.11: icmp_seq=0 ttl=62 time=288.063 ms 64 bytes from 240.11.11.11: icmp_seq=1 ttl=62 time=325.043 ms 64 bytes from 240.11.11.11: icmp_seq=2 ttl=62 time=152.507 ms 64 bytes from 240.11.11.11: icmp_seq=3 ttl=62 time=191.567 ms 64 bytes from 240.11.11.11: icmp_seq=4 ttl=62 time=231.620 ms --- 240.11.11.11 ping statistics --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 152.507/237.760/325.043/62.591 ms dino-macbook -> mc 240.11.11.11 LISP Map-Cache for localhost:8080, hostname dino-macbook.lan, release 0.593 EID [1]240.11.11.11/32, uptime 0:00:39, ttl 1440m RLOC 18.237.14.154:43799, state unreach-state since 0:00:22, a-xtr1@tp-43799 packet-count: 2, packet-rate: 0 pps, byte-count: 168, bit-rate: 0.0 mbps rtts [-1, -1, -1], hops [?/?, ?/?, ?/?], latencies [?/?, ?/?, ?/?] RLOC 34.217.110.112, state up-state since 0:00:39, RTR packet-count: 17, packet-rate: 0 pps, byte-count: 1428, bit-rate: 0.0 mbps rtts [0.121, -1, -1], hops [26/22, ?/?, ?/?], latencies [0.083/0.034, ?/?, ?/?]¶
The authors would like to thank the LISP working group for their review of this specification. A special thank you goes to Lin Han for email discussions on this topic.¶