Internet Engineering Task Force (IETF)                     F. Maino, Ed.
Internet-Draft
Request for Comments: 9305                                         Cisco
Intended status:
Category: Standards Track                                       J. Lemon
Expires: January 27, 2021                                       Broadcom
ISSN: 2070-1721
                                                              P. Agarwal
                                                                Innovium
                                                                D. Lewis
                                                                M. Smith
                                                                   Cisco
                                                           July 26, 2020

                    LISP
                                                            October 2022

    Locator/ID Separation Protocol (LISP) Generic Protocol Extension
                         draft-ietf-lisp-gpe-19

Abstract

   This document describes extensions to the Locator/ID Separation
   Protocol (LISP) Data-Plane, data plane, via changes to the LISP header, to
   support multi-protocol multiprotocol encapsulation and allow to introduce the introduction of new
   protocol capabilities.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list  It represents the consensus of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid the IETF community.  It has
   received public review and has been approved for a maximum publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of six months this document, any errata,
   and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 27, 2021.
   https://www.rfc-editor.org/info/rfc9305.

Copyright Notice

   Copyright (c) 2020 2022 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified Revised BSD License text as described in Section 4.e of the
   Trust Legal Provisions and are provided without warranty as described
   in the Simplified Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Conventions . . . . . . . . . . . . . . . . . . . . . . .   3
     1.2.  Definition  Definitions of Terms . . . . . . . . . . . . . . . . . . .   3
   2.  LISP Header Without without Protocol Extensions . . . . . . . . . . .   3
   3.  LISP Generic Protocol Extension for LISP (LISP-GPE)  . . . . . . .   4
   4.  Implementation and Deployment Considerations  . . . . . . . .   6
     4.1.  Applicability Statement . . . . . . . . . . . . . . . . .   6
     4.2.  Congestion Control  Congestion-Control Functionality  . . . . . . . . . . . .   7
     4.3.  UDP Checksum  . . . . . . . . . . . . . . . . . . . . . .   8
       4.3.1.  UDP Zero Checksum Handling with IPv6  . . . . . . . .   8
     4.4.  DSCP, ECN, TTL, and 802.1Q  . . . . . . . . . . . . . . .  10
   5.  Backward Compatibility  . . . . . . . . . . . . . . . . . . .  11
     5.1.  Detection of ETR Capabilities . . . . . . . . . . . . . .  11
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  11
     6.1.  LISP-GPE Next Protocol Registry . . . . . . . . . . . . .  11
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  12
   8.  Acknowledgements and Contributors . . . . . . . . . . . . . .  12
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  13
     9.1.
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .  13
     9.2.
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  14
   Acknowledgments
   Contributors
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  16

1.  Introduction

   The LISP Data-Plane data plane is defined in [I-D.ietf-lisp-rfc6830bis]. [RFC9300].  It specifies an
   encapsulation format that carries IPv4 or IPv6 packets (henceforth
   jointly referred to as IP) in a LISP header and outer UDP/IP
   transport.

   The LISP Data-Plane data plane header does not specify the protocol being
   encapsulated and therefore and, therefore, is currently limited to encapsulating
   only IP packet payloads.  Other protocols, most notably the Virtual
   eXtensible Local Area Network (VXLAN) protocol [RFC7348] (which
   defines a similar header format similar to LISP), are used to encapsulate Layer-2
   Layer 2 (L2) protocols protocols, such as Ethernet.

   This document defines an extension for the LISP header, as defined in
   [I-D.ietf-lisp-rfc6830bis],
   [RFC9300], to indicate the inner protocol, enabling the encapsulation
   of Ethernet, IP IP, or any other desired protocol protocol, all the while
   ensuring compatibility with existing LISP deployments.

   A flag in the LISP header, called header -- the P-bit, P-bit -- is used to signal the
   presence of the 8-bit Next Protocol 'Next Protocol' field.  The Next Protocol 'Next Protocol'
   field, when present, uses 8 bits of the field that was allocated to
   the
   echo-noncing Echo-Noncing and map-versioning Map-Versioning features in
   [I-D.ietf-lisp-rfc6830bis]. [RFC9300].  Those two
   features are no longer available when the P-bit is used.  However,
   appropriate LISP-GPE
   (LISP LISP Generic Protocol Extension) Extension (LISP-GPE) shim headers
   can be defined to specify capabilities that are equivalent to echo-noncing Echo-
   Noncing and/or map-
   versioning. Map-Versioning.

   Since all of the reserved bits of the LISP Data-Plane data plane header have
   been allocated, LISP-GPE can also be used to extend the LISP Data-
   Plane data
   plane header by defining Next Protocol "shim" shim headers that implements implement
   new data plane functions not supported in the LISP header.  For
   example, the use of the Group-Based Policy (GBP) header
   [I-D.lemon-vxlan-lisp-gpe-gbp] [VXLAN-LISP]
   or of the In-situ In situ Operations, Administration, and Maintenance (IOAM)
   header
   [I-D.brockners-ippm-ioam-vxlan-gpe] [VXLAN-GPE] with LISP-GPE, LISP-GPE can be considered an extension to
   add support in the Data-Plane data plane for Group-Based Policy GBP functionalities or IOAM
   metadata.

1.1.  Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

1.2.  Definition  Definitions of Terms

   This document uses terms already defined in
   [I-D.ietf-lisp-rfc6830bis]. [RFC9300].

2.  LISP Header Without without Protocol Extensions

   As described in Section 1, the LISP header has no protocol identifier
   that indicates the type of payload being carried.  Because of this,
   LISP is limited to carrying IP payloads.

   The LISP header [I-D.ietf-lisp-rfc6830bis] [RFC9300] contains a series of flags (some defined,
   some reserved), a Nonce/Map-version field 'Nonce/Map-Version' field, and an
   instance ID/Locator-status-bit 'Instance ID/
   Locator-Status-Bits' field.  The flags provide flexibility to define
   how the various fields are encoded.  Notably, Flag bit 5 is the last
   reserved bit in the LISP header.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |N|L|E|V|I|R|K|K|            Nonce/Map-Version                  |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                 Instance ID/Locator-Status-Bits               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                           Figure 1: LISP Header

3.  LISP Generic Protocol Extension for LISP (LISP-GPE)

   This document defines two changes to the LISP header in order to
   support multi-protocol multiprotocol encapsulation: the introduction of the P-bit
   and the definition of a Next Protocol 'Next Protocol' field.  This document
   specifies the protocol behavior when the P-bit is set to 1, 1; no
   changes are introduced when the P-bit is set to 0.  The LISP-GPE
   header is shown in Figure 2 and described below.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |N|L|E|V|I|P|K|K|        Nonce/Map-Version/Next Protocol        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                 Instance ID/Locator-Status-Bits               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                         Figure 2: LISP-GPE Header

   P-Bit:  Flag bit 5 is defined as the Next Protocol bit.  The P-bit is
      set to 1 to indicate the presence of the 8 bit Next Protocol 8-bit 'Next Protocol'
      field.

   If the P-bit is clear (0) (0), the LISP header is bit-by-bit equivalent
   to the definition in [I-D.ietf-lisp-rfc6830bis]. [RFC9300].

   When the P-bit is set to 1, bits N, E, and V, and bits 8-23 of the
   'Nonce/Map-Version/Next Protocol' field MUST be set to zero on
   transmission and MUST be ignored on receipt.  Features equivalent to
   those that were implemented with bits N,E N, E, and V in
      [I-D.ietf-lisp-rfc6830bis], [RFC9300], such
   as echo-noncing Echo-Noncing and map-
      versioning, Map-Versioning, can be implemented by defining
   appropriate LISP-GPE shim headers.

   When the P-bit is set to 1, the LISP-GPE header is encoded as:

    0 x 0 0 x 1 x x
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |N|L|E|V|I|P|K|K|             0x0000            | Next Protocol |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                 Instance ID/Locator-Status-Bits               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                   Figure 3: LISP-GPE with P-bit set Set to 1

   Next Protocol:  When the P-bit is set to 1, the lower 8 bits of the
      first 32-bit word are used to carry a Next Protocol.  This Next
      Protocol 'Next
      Protocol' field contains the protocol of the encapsulated payload
      packet.

   This document defines the following Next Protocol values:

      0x00 :

   0x00:  Reserved

      0x01 :

   0x01:  IPv4

      0x02 :

   0x02:  IPv6

      0x03 :

   0x03:  Ethernet

      0x04 :

   0x04:  Network Service Header (NSH) [RFC8300]

   0x05 to 0x7D:  Unassigned

      0x7E,

   0x7E and 0x7F:  Experimentation and testing

   0x80 to 0xFD:  Unassigned (shim headers)

   0xFE, 0xFF:  Experimentation and testing (shim headers)

   The values are tracked in the IANA LISP-GPE "LISP-GPE Next Protocol Registry Protocol" registry,
   as described in Section 6.1.

   Next protocol Protocol values 0x7E, 0x7F and 0x7F, 0xFE, and 0xFF are assigned for
   experimentation and testing testing, as per [RFC3692].

   Next protocol Protocol values from Ox80 0x80 to 0xFD are assigned to protocols
   encoded as generic "shim" shim headers.  All shim protocols MUST use the
   header structure in Figure 4, which includes a Next Protocol 'Next Protocol' field.
   When shim headers are used with other protocols identified by next
   protocol Next
   Protocol values from 0x00 to 0x7F, all the shim headers MUST come
   first.

   Shim headers can be used to incrementally deploy new GPE features,
   keeping the processing of shim headers known to a given xTR Tunnel Router
   (xTR) implementation in the 'fast' path (typically an ASIC), Application-
   Specific Integrated Circuit (ASIC)) while punting the processing of
   the remaining new GPE features to the 'slow' path.

   Shim protocols MUST have the first 32 bits defined as:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |    Length     |   Reserved    | Next Protocol |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   ~                    Protocol Specific                    Protocol-Specific Fields                   ~
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                           Figure 4: Shim Header

   Where:

   Type:  This field identifies the different messages of this protocol.

   Length:  The  This field indicates the length, in 4-octet units, of this
      protocol message message, not including the first 4 octets.

   Reserved:  The use of this field is reserved to the protocol defined
      in this message.

   Next Protocol Field:  The next protocol Protocol:  This field contains the protocol of the encapsulated
      payload.  The values are tracked in the IANA
      LISP-GPE "LISP-GPE Next Protocol Registry
      Protocol" registry, as described in Section 6.1.

4.  Implementation and Deployment Considerations

4.1.  Applicability Statement

   LISP-GPE conforms, as an a UDP-based encapsulation protocol, to the UDP
   usage guidelines as specified in [RFC8085].  The applicability of these
   guidelines are is dependent on the underlay IP network and the nature of
   the encapsulated payload.

   [RFC8085] outlines two applicability scenarios for UDP applications, applications:
   1) the general Internet and 2) a controlled environment.  The  A
   controlled environment means a single administrative domain or
   adjacent set of cooperating domains.  A network in a controlled
   environment can be managed to operate under certain conditions whereas conditions,
   whereas, in the general
   Internet Internet, this cannot be done.  Hence  Hence,
   requirements for a tunnel protocol operating under a controlled
   environment can be less restrictive than the requirements of the
   general internet. Internet.

   The LISP-GPE scope of applicability is the same set of use cases
   covered
   by[I-D.ietf-lisp-rfc6830bis] by [RFC9300] for the LISP dataplane data plane protocol.  The common
   property of these use cases is a large set of cooperating entities
   seeking to communicate over the public Internet or other large
   underlay IP infrastructures, infrastructures while keeping the addressing and topology
   of the cooperating entities separate from the underlay and Internet
   topology, routing, and addressing.

   LISP-GPE is meant to be deployed in network environments operated by
   a single operator or adjacent set of cooperating network operators
   that fits fit with the definition of controlled environments in [RFC8085].

   For the purpose of this document, a traffic-managed controlled
   environment Traffic-Managed Controlled
   Environment (TMCE), outlined in [RFC8086], is defined as an IP
   network that is traffic-engineered and/or otherwise managed (e.g.,
   via the use of traffic rate limiters) to avoid congestion.
   Significant portions of the text in this Section section are based on
   [RFC8086].

   It is the responsibility of the network operators to ensure that the
   guidelines/requirements in this section are followed as applicable to
   their LISP-GPE deployments deployments.

4.2.  Congestion Control  Congestion-Control Functionality

   LISP-GPE does not natively provide congestion control congestion-control functionality and relies
   on the payload protocol traffic for congestion control.  As such such,
   LISP-GPE MUST be used with congestion controlled congestion-controlled traffic or within a
   network that is traffic managed to avoid congestion (TMCE).  An
   operator of a traffic managed traffic-managed network (TMCE) may avoid congestion by
   careful provisioning of their networks, rate-limiting rate limiting of user data
   traffic
   traffic, and traffic engineering according to path capacity.

   Keeping in mind the reccomendation recommendation above, new encapsulated payloads,
   when registered with LISP-GPE, MUST be accompained accompanied by a set of
   guidelines derived from [I-D.ietf-lisp-rfc6830bis]. Section 5 of [RFC9300].  Such new protocols
   should be designed for explicit congestion signals to propagate
   consistently from lower layer lower-layer protocols into IP.  Then  Then, the IP
   internetwork layer can act as a portability layer to carry congestion notification
   notifications from non-IP-aware congested nodes up to the transport
   layer (L4).  By following the guidelines in
   [I-D.ietf-tsvwg-ecn-encap-guidelines], [ENCAP-GUIDE], subnetwork
   designers can enable a layer-2 Layer 2 protocol to participate in congestion
   control without dropping packets packets, via propagation of explicit congestion
   notification (ECN Explicit
   Congestion Notification (ECN) data [RFC3168] ) to receivers.

4.3.  UDP Checksum

   For IP payloads, section Section 5.3 of [I-D.ietf-lisp-rfc6830bis] [RFC9300] specifies how to handle UDP Checksums
   checksums, encouraging implementors to consider UDP checksum usage
   guidelines in section Section 3.4 of [RFC8085] when it is desirable to
   protect UDP and LISP headers against corruption.

   In order to provide protect the integrity of LISP-GPE headers, options options, and
   payload, for example
   payloads (for example, to avoid mis-delivery misdelivery of payload payloads to different
   tenant systems in the case of data corruption, corruption), the outer UDP
   checksum SHOULD be used with LISP-GPE when transported over IPv4.
   The UDP checksum provides a statistical guarantee that a payload was
   not corrupted in transit.  These integrity checks are not strong from
   a coding or cryptographic perspective and are not designed to detect physical-
   layer
   physical-layer errors or malicious modification modifications of the datagram (see
   Section 3.4 of [RFC8085]).  In deployments where such a risk exists,
   an operator SHOULD use additional data integrity mechanisms mechanisms, such as
   those offered by IPSec. IPsec.

   An operator MAY choose to disable a UDP checksum and use a zero
   checksum if LISP-GPE packet integrity is provided by other data
   integrity
   mechanisms mechanisms, such as IPsec or additional checksums checksums, or if
   one of the conditions in Section 4.3.1 a, (a, b, c are or c) is met.

4.3.1.  UDP Zero Checksum Handling with IPv6

   By default, a UDP checksum MUST be used when LISP-GPE is transported
   over IPv6.  A tunnel endpoint MAY be configured for use with a zero
   UDP checksum if additional requirements described in this section are
   met.

   When LISP-GPE is used over IPv6, a UDP checksum is used to protect
   IPv6 headers, UDP headers headers, and LISP-GPE headers and payload payloads from
   potential data corruption.  As such such, by default default, LISP-GPE MUST use a
   UDP checksum when transported over IPv6.  An operator MAY choose to
   configure to operate with a zero UDP checksum if operating in a traffic managed
   traffic-managed controlled environment environment, as stated in Section 4.1 4.1, if
   one of the following conditions are is met:

   a.  It is known that the packet corruption is exceptionally unlikely
       (perhaps based on an operator's knowledge of equipment types in
       their underlay
       network) network), and the operator is willing to take a the
       risk of undetected packet corruption corruption.

   b.  It is judged determined through observational measurements (perhaps
       through historic or current traffic flows that use non zero a non-zero
       checksum) that the level of packet corruption is tolerably low low,
       and where the operator is willing to take the risk of undetected corruption
       corruption.

   c.  LISP-GPE payload is payloads are carrying applications that are tolerant of
       misdelivered or corrupted packets (perhaps through higher layer higher-layer
       checksum validation and/or reliability through retransmission) retransmission).

   In addition addition, LISP-GPE tunnel implementations using Zero a zero UDP
   checksum MUST meet the following requirements:

   1.  Use of a UDP checksum over IPv6 MUST be the default configuration
       for all LISP-GPE tunnels tunnels.

   2.  If LISP-GPE is used with a zero UDP checksum over IPv6 IPv6, then such
       xTR implementation implementations MUST meet all the requirements specified in
       section
       Section 4 of [RFC6936] and requirements requirement 1 as specified in section Section 5
       of [RFC6936] [RFC6936].

   3.  The ETR Egress Tunnel Router (ETR) that decapsulates the packet
       SHOULD check that the source and destination IPv6 addresses are
       valid for the LISP-GPE tunnel that is configured to receive Zero a
       zero UDP checksum and discard other packets for which that fail such check fails
       checks.

   4.  The ITR Ingress Tunnel Router (ITR) that encapsulates the packet MAY
       use different IPv6 source addresses for each LISP-GPE tunnel that
       uses Zero zero UDP checksum mode in order to strengthen the
       decapsulator's check of the IPv6 source address (i.e (i.e., the same
       IPv6 source address is not to be used with more than one IPv6
       destination address, irrespective of whether that destination
       address is a unicast or multicast address).  When this is not
       possible, it is RECOMMENDED to use each source address for as few
       LISP-GPE tunnels that use a zero UDP checksum as is feasible feasible.

   5.  Measures SHOULD be taken to prevent LISP-GPE traffic over IPv6
       with a zero UDP checksum from escaping into the general Internet.
       Examples of such measures include employing packet filters at the
       PETR
       Proxy Egress Tunnel Router (PETR) and/or keeping logical or
       physical separation of the LISP network from networks carrying General Internet in the
       general Internet.

   The above requirements do not change either the requirements specified in [RFC2460] as modified by [RFC6935]
   [RFC6935], [RFC6936], or the requirements
   specified in [RFC6936]. [RFC8200].

   The requirement to check the source IPv6 address in addition to the
   destination IPv6 address, plus the recommendation against the reuse
   of source IPv6 addresses among LISP-GPE tunnels tunnels, collectively provide
   some mitigation for the absence of UDP checksum coverage of the IPv6
   header.  A traffic-managed controlled environment that satisfies at
   least one of the three conditions listed at the beginning of this
   section provides additional assurance.

4.4.  DSCP, ECN, TTL, and 802.1Q

   When encapsulating IP (including over Ethernet) packets packets, [RFC2983]
   provides guidance for mapping DSCP packets that contain Differentiated
   Services Code Point (DSCP) information between inner and outer IP
   headers.  The Pipe model typically fits better Network with network
   virtualization.  The DSCP value on the tunnel header is set based on
   a policy (which may be a fixed value, one based on the inner traffic
   class, or some other mechanism for grouping traffic).  Some aspects
   of the Uniform model (which treats the inner and outer DSCP value as
   a single field by copying on ingress and egress) may also apply, such
   as the ability to remark the inner header on tunnel egress based on
   transit marking.  However, the Uniform model is not conceptually
   consistent with network virtualization, which seeks to provide strong
   isolation between encapsulated traffic and the physical network.

   [RFC6040] describes the mechanism for exposing ECN capabilities on IP
   tunnels and propagating congestion markers to the inner packets.
   This behavior MUST be followed for IP packets encapsulated in LISP-
   GPE.

   Though the Uniform model or the Pipe models model could be used for TTL (or
   Hop Limit in the case of IPv6) handling when tunneling IP packets,
   the Pipe model is more aligned with network virtualization.
   [RFC2003] provides guidance on handling TTL between inner IP header headers
   and outer IP tunnels; this model is more aligned with the Pipe model
   and is recommended for use with LISP-GPE for network virtualization network-virtualization
   applications.

   When a LISP-GPE router performs Ethernet encapsulation, the inner
   802.1Q [IEEE.802.1Q_2014] 3-bit priority code point (PCP) Priority Code Point ('PCP') field [IEEE.802.1Q_2014] MAY
   be mapped from the encapsulated frame to the DSCP codepoint of the DS
   Differentiated Services ('DS') field defined in [RFC2474].

   When a LISP-GPE router performs Ethernet encapsulation, the inner inner-
   header 802.1Q [IEEE.802.1Q_2014] VLAN Identifier (VID) [IEEE.802.1Q_2014] MAY be mapped
   to, or used to determine determine, the LISP Instance IDentifier 'Instance ID' (IID) field.

   Refer to Section 7 for consideration considerations about the use of integrity
   protection for deployments, such as the public Internet, concerned
   with on-path attackers.

5.  Backward Compatibility

   LISP-GPE uses the same UDP destination port (4341) allocated to LISP.

   When encapsulating IP packets to a non LISP-GPE capable router non-LISP-GPE-capable router, the
   P-bit MUST be set to 0.  That is, the encapsulation format defined in
   this document MUST NOT be sent to a router that has not indicated
   that it supports this specification specification, because such a router would
   ignore the P-bit (as described in [I-D.ietf-lisp-rfc6830bis]) [RFC9300]) and so would
   misinterpret the other LISP header fields fields, possibly causing
   significant errors.

5.1.  Detection of ETR Capabilities

   The discovery of xTR capabilities to support LISP-GPE is out of the
   scope of this document.  Given that the applicability domain of LISP-
   GPE is a traffic-managed controlled environment, ITR/ETR (xTR)
   configuration mechanisms may be used for this purpose.

6.  IANA Considerations

6.1.  LISP-GPE Next Protocol Registry

   IANA is requested to set up has created a registry of LISP-GPE "Next called "LISP-GPE Next Protocol".  These
   are 8-bit values.  Next Protocol values in the table below are
   defined in this document.  New values are assigned under the
   Specification Required policy [RFC8126].  The protocols that are
   being assigned values do not themselves need to be IETF standards
   track Standards
   Track protocols.

   +--------------+-------------------------------------+--------------+

        +===============+=============================+===========+
        | Next Protocol | Description                 | Reference |
        +===============+=============================+===========+
        | Protocol     |                                     |              |
   +--------------+-------------------------------------+--------------+
   | 0x0 0x00          | Reserved                    | This         |
   |              |                                     | Document RFC 9305  |
        +---------------+-----------------------------+-----------+
        | 0x1 0x01          | IPv4                        | This         |
   |              |                                     | Document RFC 9305  |
        +---------------+-----------------------------+-----------+
        | 0x2 0x02          | IPv6                        | This         |
   |              |                                     | Document RFC 9305  |
        +---------------+-----------------------------+-----------+
        | 0x3 0x03          | Ethernet                    | This         |
   |              |                                     | Document RFC 9305  |
        +---------------+-----------------------------+-----------+
        | 0x4 0x04          | NSH                         | This         |
   |              |                                     | Document RFC 9305  |
        +---------------+-----------------------------+-----------+
        | 0x05..0x7D 0x05-0x7D     | Unassigned                  |           |
        +---------------+-----------------------------+-----------+
        | 0x7E..0x7F 0x7E-0x7F     | Experimentation and testing | This         |
   |              |                                     | Document RFC 9305  |
        +---------------+-----------------------------+-----------+
        | 0x80..0xFD 0x80-0xFD     | Unassigned (shim headers)   |           |
        +---------------+-----------------------------+-----------+
        | 0x8E..0x8F 0xFE-0xFF     | Experimentation and testing (shim | This RFC 9305  |
        |               | (shim headers)              | Document           |
   +--------------+-------------------------------------+--------------+
        +---------------+-----------------------------+-----------+

                                  Table 1

7.  Security Considerations

   LISP-GPE security considerations are similar to the LISP security
   considerations and mitigation techniques documented in [RFC7835].

   LISP-GPE, as

   As is the case for many encapsulations that use optional extensions,
   LISP-GPE is subject to on-path adversaries that can make arbitrary
   modifications to the packet (including the P-Bit) P-bit) to change or remove
   any part of the payload, or claim to encapsulate any protocol payload
   type.  Typical integrity protection mechanisms (such as IPsec) SHOULD
   be used in combination with LISP-GPE by those protocol extensions
   that want to protect from against on-path attackers.

   With LISP-GPE, issues such as data-plane data plane spoofing, flooding, and
   traffic redirection may depend on the particular protocol payload
   encapsulated.

8.

9.  References

9.1.

8.1.  Normative References

   [I-D.ietf-lisp-rfc6830bis]
              Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A.
              Cabellos-Aparicio, "The Locator/ID Separation Protocol
              (LISP)", draft-ietf-lisp-rfc6830bis-32 (work in progress),
              March 2020.

   [IEEE.802.1Q_2014]
              IEEE, "IEEE Standard for Local and metropolitan area
              networks--Bridges and Bridged Networks", IEEE 802.1Q-2014,
              DOI 10.1109/ieeestd.2014.6991462, Std 802.1Q-
              2014, December 2014, <http://ieeexplore.ieee.org/servlet/
              opac?punumber=6991460>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC6040]  Briscoe, B., "Tunnelling of Explicit Congestion
              Notification", RFC 6040, DOI 10.17487/RFC6040, November
              2010, <https://www.rfc-editor.org/info/rfc6040>.

9.2.  Informative References

   [I-D.brockners-ippm-ioam-vxlan-gpe]
              Brockners, F., Bhandari, S., Govindan, V., Pignataro, C.,
              Gredler, H., Leddy, J., Youell, S., Mizrahi, T., Kfir, A.,
              Gafni,

   [RFC8174]  Leiba, B., Lapukhov, P., and M. Spiegel, "VXLAN-GPE
              Encapsulation for In-situ OAM Data", draft-brockners-ippm-
              ioam-vxlan-gpe-03 (work "Ambiguity of Uppercase vs Lowercase in progress), November 2019.

   [I-D.ietf-tsvwg-ecn-encap-guidelines] RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC9300]  Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A.
              Cabellos, Ed., "The Locator/ID Separation Protocol
              (LISP)", RFC 9300, DOI 10.17487/RFC9300, October 2022,
              <https://www.rfc-editor.org/info/rfc9300>.

8.2.  Informative References

   [ENCAP-GUIDE]
              Briscoe, B., Kaippallimalil, J., B. and P. Thaler, J. Kaippallimalil, "Guidelines for Adding
              Congestion Notification to Protocols that Encapsulate IP", draft-ietf-tsvwg-ecn-
              encap-guidelines-13 (work in progress), May 2019.

   [I-D.lemon-vxlan-lisp-gpe-gbp]
              Lemon, J., Maino, F., Smith, M., and A. Isaac, "Group
              Policy Encoding with VXLAN-GPE and LISP-GPE", draft-lemon-
              vxlan-lisp-gpe-gbp-02 (work
              Work in progress), April 2019. Progress, Internet-Draft, draft-ietf-tsvwg-ecn-
              encap-guidelines-17, 11 July 2022,
              <https://datatracker.ietf.org/doc/html/draft-ietf-tsvwg-
              ecn-encap-guidelines-17>.

   [RFC2003]  Perkins, C., "IP Encapsulation within IP", RFC 2003,
              DOI 10.17487/RFC2003, October 1996,
              <https://www.rfc-editor.org/info/rfc2003>.

   [RFC2460]  Deering, S. and R. Hinden, "Internet Protocol, Version 6
              (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460,
              December 1998, <https://www.rfc-editor.org/info/rfc2460>.

   [RFC2474]  Nichols, K., Blake, S., Baker, F., and D. Black,
              "Definition of the Differentiated Services Field (DS
              Field) in the IPv4 and IPv6 Headers", RFC 2474,
              DOI 10.17487/RFC2474, December 1998,
              <https://www.rfc-editor.org/info/rfc2474>.

   [RFC2983]  Black, D., "Differentiated Services and Tunnels",
              RFC 2983, DOI 10.17487/RFC2983, October 2000,
              <https://www.rfc-editor.org/info/rfc2983>.

   [RFC3168]  Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
              of Explicit Congestion Notification (ECN) to IP",
              RFC 3168, DOI 10.17487/RFC3168, September 2001,
              <https://www.rfc-editor.org/info/rfc3168>.

   [RFC3692]  Narten, T., "Assigning Experimental and Testing Numbers
              Considered Useful", BCP 82, RFC 3692,
              DOI 10.17487/RFC3692, January 2004,
              <https://www.rfc-editor.org/info/rfc3692>.

   [RFC6935]  Eubanks, M., Chimento, P., and M. Westerlund, "IPv6 and
              UDP Checksums for Tunneled Packets", RFC 6935,
              DOI 10.17487/RFC6935, April 2013,
              <https://www.rfc-editor.org/info/rfc6935>.

   [RFC6936]  Fairhurst, G. and M. Westerlund, "Applicability Statement
              for the Use of IPv6 UDP Datagrams with Zero Checksums",
              RFC 6936, DOI 10.17487/RFC6936, April 2013,
              <https://www.rfc-editor.org/info/rfc6936>.

   [RFC7348]  Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
              L., Sridhar, T., Bursell, M., and C. Wright, "Virtual
              eXtensible Local Area Network (VXLAN): A Framework for
              Overlaying Virtualized Layer 2 Networks over Layer 3
              Networks", RFC 7348, DOI 10.17487/RFC7348, August 2014,
              <https://www.rfc-editor.org/info/rfc7348>.

   [RFC7835]  Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID
              Separation Protocol (LISP) Threat Analysis", RFC 7835,
              DOI 10.17487/RFC7835, April 2016,
              <https://www.rfc-editor.org/info/rfc7835>.

   [RFC8085]  Eggert, L., Fairhurst, G., and G. Shepherd, "UDP Usage
              Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085,
              March 2017, <https://www.rfc-editor.org/info/rfc8085>.

   [RFC8086]  Yong, L., Ed., Crabbe, E., Xu, X., and T. Herbert, "GRE-
              in-UDP Encapsulation", RFC 8086, DOI 10.17487/RFC8086,
              March 2017, <https://www.rfc-editor.org/info/rfc8086>.

   [RFC8126]  Cotton, M., Leiba, B., and T. Narten, "Guidelines for
              Writing an IANA Considerations Section in RFCs", BCP 26,
              RFC 8126, DOI 10.17487/RFC8126, June 2017,
              <https://www.rfc-editor.org/info/rfc8126>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14,

   [RFC8200]  Deering, S. and R. Hinden, "Internet Protocol, Version 6
              (IPv6) Specification", STD 86, RFC 8174, 8200,
              DOI 10.17487/RFC8174,
              May 10.17487/RFC8200, July 2017, <https://www.rfc-editor.org/info/rfc8174>.
              <https://www.rfc-editor.org/info/rfc8200>.

   [RFC8300]  Quinn, P., Ed., Elzur, U., Ed., and C. Pignataro, Ed.,
              "Network Service Header (NSH)", RFC 8300,
              DOI 10.17487/RFC8300, January 2018,
              <https://www.rfc-editor.org/info/rfc8300>.

Acknowledgements

   [VXLAN-GPE]
              Brockners, F., Bhandari, S., Govindan, V., Pignataro, C.,
              Gredler, H., Leddy, J., Youell, S., Mizrahi, T., Kfir, A.,
              Gafni, B., Lapukhov, P., and Contributors M. Spiegel, "VXLAN-GPE
              Encapsulation for In-situ OAM Data", Work in Progress,
              November 2019, <https://datatracker.ietf.org/doc/html/
              draft-brockners-ippm-ioam-vxlan-gpe-03>.

   [VXLAN-LISP]
              Lemon, J., Ed., Maino, F., Smith, M., and A. Isaac, "Group
              Policy Encoding with VXLAN-GPE and LISP-GPE", Work in
              Progress, Internet-Draft, draft-lemon-vxlan-lisp-gpe-gbp-
              02, 30 April 2019, <https://datatracker.ietf.org/doc/html/
              draft-lemon-vxlan-lisp-gpe-gbp-02>.

Acknowledgments

   A special thank you goes to Dino Farinacci for his guidance and
   detailed review.  Thanks to Tom Herbert for the suggestion to assign
   codepoints for experimentations and testing.

   This Working Group (WG) document originated as draft-lewis-lisp-gpe;
   the following are its coauthors and contributors along with their
   respective affiliations at the time of WG adoption.

Contributors

   The editor of this document would like to thank and recognize them the
   following coauthors and contributors for their contributions.  These
   coauthors and contributors provided invaluable concepts and content
   for this document's creation.

   o

   Darrel Lewis, Lewis
   Cisco Systems, Inc.

   o

   Fabio Maino, Maino
   Cisco Systems, Inc.

   o

   Paul Quinn, Quinn
   Cisco Systems, Inc.

   o

   Michael Smith, Smith
   Cisco Systems, Inc.

   o

   Navindra Yadav, Yadav
   Cisco Systems, Inc.

   o

   Larry Kreeger

   o

   Jennifer Lemon, Lemon
   Broadcom

   o

   Puneet Agarwal, Agarwal
   Innovium

Authors' Addresses

   Fabio Maino (editor)
   Cisco Systems
   San Jose, CA  95134
   USA
   United States of America
   Email: fmaino@cisco.com

   Jennifer Lemon
   Broadcom
   270 Innovation Drive
   San Jose, CA  95134
   USA
   Email: jennifer.lemon@broadcom.com jalemon@meus.us

   Puneet Agarwal
   Innovium
   USA
   United States of America
   Email: puneet@acm.org

   Darrel Lewis
   Cisco Systems
   San Jose, CA  95134
   USA
   United States of America
   Email: darlewis@cisco.com

   Michael Smith
   Cisco Systems
   San Jose, CA 95134
   USA
   United States of America
   Email: michsmit@cisco.com