[Apn] 答复: comments and suggestions to the draft-yang-apn-sd-wan-usecase-00

Feng Yang <yangfeng@chinamobile.com> Thu, 10 September 2020 10:22 UTC

Return-Path: <yangfeng@chinamobile.com>
X-Original-To: apn@ietfa.amsl.com
Delivered-To: apn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20BFD3A12E1; Thu, 10 Sep 2020 03:22:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UREMEf-o1KfB; Thu, 10 Sep 2020 03:22:44 -0700 (PDT)
Received: from cmccmta3.chinamobile.com (cmccmta3.chinamobile.com [221.176.66.81]) by ietfa.amsl.com (Postfix) with ESMTP id 102B23A12C9; Thu, 10 Sep 2020 03:22:42 -0700 (PDT)
Received: from spf.mail.chinamobile.com (unknown[172.16.121.11]) by rmmx-syy-dmz-app12-12012 (RichMail) with SMTP id 2eec5f59fe65fd0-89379; Thu, 10 Sep 2020 18:22:30 +0800 (CST)
X-RM-TRANSID: 2eec5f59fe65fd0-89379
X-RM-TagInfo: emlType=0
X-RM-SPAM-FLAG: 00000000
Received: from cmccPC (unknown[223.69.29.65]) by rmsmtp-syy-appsvr06-12006 (RichMail) with SMTP id 2ee65f59fe659b8-128af; Thu, 10 Sep 2020 18:22:30 +0800 (CST)
X-RM-TRANSID: 2ee65f59fe659b8-128af
From: "Feng Yang" <yangfeng@chinamobile.com>
To: "'Linda Dunbar'" <linda.dunbar@futurewei.com>, "'apn'" <apn@ietf.org>
Cc: <draft-yang-apn-sd-wan-usecase@ietf.org>
References: <SN6PR13MB2334B2667ACE5A889AF5263C85260@SN6PR13MB2334.namprd13.prod.outlook.com>
In-Reply-To: <SN6PR13MB2334B2667ACE5A889AF5263C85260@SN6PR13MB2334.namprd13.prod.outlook.com>
Date: Thu, 10 Sep 2020 18:22:30 +0800
Message-ID: <044101d6875c$4a7bb2d0$df731870$@com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0442_01D6879F.589EF2D0"
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AdaG3JAeEh7/Lc92RWyufB5bME3N8QAfuMBQ
Content-Language: zh-cn
Archived-At: <https://mailarchive.ietf.org/arch/msg/apn/bpycOFIWultY2pxKcEmUbhqY3Bg>
Subject: [Apn] =?gb2312?b?tPC4tDogIGNvbW1lbnRzIGFuZCBzdWdnZXN0aW9ucyB0?= =?gb2312?b?byB0aGUgZHJhZnQteWFuZy1hcG4tc2Qtd2FuLXVzZWNhc2UtMDA=?=
X-BeenThere: apn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Application-aware Networking <apn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apn>, <mailto:apn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apn/>
List-Post: <mailto:apn@ietf.org>
List-Help: <mailto:apn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apn>, <mailto:apn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Sep 2020 10:22:54 -0000

Hi Linda,

 

Thanks for your comments. See my comments inline.

 

BR£¬

Feng Yang

 

·¢¼þÈË: Apn [mailto:apn-bounces@ietf.org] ´ú±í Linda Dunbar
·¢ËÍʱ¼ä: 2020Äê9ÔÂ10ÈÕ 03:25
ÊÕ¼þÈË: apn
³­ËÍ: draft-yang-apn-sd-wan-usecase@ietf.org
Ö÷Ìâ: [Apn] comments and suggestions to the draft-yang-apn-sd-wan-usecase-00

 

Authors of the draft-yang-apn-sd-wan-usecase-00:

 

Here are my comments and suggestion to  the draft. 

 

1.	The draft has stated in multiple sections that  ¡°APN can provide
value¡±, but  doesn¡¯t have much description on ¡°HOW  APN provides value¡±.
It would be very useful to  elaborate more details on HOW.  

[Feng] APN conveys application information such as application/user/flow
identifiers and SLA/service requirements along data packets into network and
make the network aware of applications and their requirements, so to provide
corresponding network services and guarantee their SLA requirements. 

 

This draft intends to describe the values which APN can provide to SD-WAN in
various usage scenarios, as below.

   2.1.  APN for Traffic Steering into Dedicated WAN

   2.2.  APN for Traffic Steering into Particular Cloud 

   2.3.  APN for Value-added Service Provisioning in SD-WAN

   2.4.  APN for Data Processing in SD-WAN 

 

Basically APN can be used in these scenarios to provide the fine-granularity
traffic steering and service operations in SD-WAN. The description of each
scenario can be further enhanced.

 

2.	Among the 4 major characteristics of SD-WAN described in
https://datatracker.ietf.org/doc/draft-ietf-bess-bgp-sdwan-usage/ , I think
the following two are closely relevant to APN: 

 

-              Some traffic flows can be forwarded based on their
application identifiers instead of based on destination IP addresses, by the
edge nodes placing the traffic flows onto specific overlay paths based on
their application requirement.  

 

p.s. The BESS-bgp-sdwan-usage draft assumes there is a Matching ¨C ACTION
configured at the Edge node indicating a specific n-tuple MATCHING for
assigning traffic to a specific UNDERLAY networks. 

It would be very beneficial to document how APN provide more than the
current practices of MATCHING ¨C PATH SELECTION.

 

-              The traffic flows forwarding can also be based on specific
performance criteria (e.g. packets delay, packet loos, jitter) to provide
better application performance by choosing the right underlay that meets or
exceeds the specified criteria.

Again, the BESS draft assumes there is a MATCHING - ACTION provisioning at
the Edge node indicating a specific n-tuple MATCHING for assigning traffic
to paths with specific Performance criteria. Does APN do it differently?  It
would be very beneficial to add more details. 

[Feng] Indeed, these two are closely relevant to APN. The difference which
APN made here is that APN can directly add the application-aware information
including application identifiers and the performance requirements in the
data packets and then to facilitate the matching & action performed at the
edge devices. Furthermore, this application-aware information can be further
utilized by the underlay networks for application-aware network service
provisioning. So APN can be taken as a technology to facilitate this
matching-action for traffic steering.

 

3.	Section 2.1 describes a classic deployment of SDWAN split traffic
among multiple WAN paths. It is not clear how does APN do differently than
today¡¯s MATCHING ¨C ACTION provisioning  based approach. 

[Feng] The same as above.

 

4.	Section 2.2 shows applications behind CPE connect to different
Clouds. How does APN facilitate? Does APN use enhanced DNS to route APP to
the desired destination? What if the Applications communication are all
encrypted? 

[Feng] The anycast address can be used here. According to the
application-aware information, the proper cloud can be selected and the
traffic can be routed along the path towards this cloud. 

 

5.	Section 2.3: how does APN recognize malicious applications? Most
today¡¯s applications communication are encrypted. 

[Feng] The potential security issues that may be imposed by APN were
discussed during the APN side meeting@ IETF108. Basically the existing
access control and network security mechanisms can be utilized. According to
the application-aware information, the traffic can be steered into
corresponding FW VAS for validating its legitimacy.

https://github.com/APN-Community/IETF108-Side-Meeting-APN/blob/master/6%20Sh
uping%20Peng%20-%20Huawei%20-%20Discussions%20%26%20Clarifications%20-%20%20
Privacy%20%26%20Security.pdf

 

6.	Section 2.4: Does APN steer packets based on the configured Matching
¨C ACTION paradigm? How APN recognize Data?  Are the Data attached to
packets? Or Data in specific database? Or Performance measurement data
collected by network devices? 

[Feng] With APN the application-aware information can be attached to the
packets, based on which the traffic can be steered. If the application-aware
information is not carried in the packets, it can utilize the existing
capability of the edge devices and this information can be recognized by the
edge devices. The matching-action policy can be configured by the network
operators. The performance measurement can be done by the existing
mechanisms such as iOAM which can be further integrated with APN to achieve
fine-granularity performance measurement and visualization.

 

 

Cheers, 

 

Linda Dunbar