Re: [arp222] ARP222 Charter statement and milestones

[Linda Dunbar <ldunbar@huawei.com>]

Hi Ron, 

 

Ron, 

 

Thank you very much for the suggestions. 

My comments are inserted below:

 

 

  _____  

From: ronc.ntear@gmail.com [mailto:ronc.ntear@gmail.com] On Behalf Of Ron
Cohen
Sent: Monday, August 30, 2010 11:43 AM
To: Linda Dunbar
Cc: Benson Schliesser; arp222@ietf.org
Subject: Re: [arp222] ARP222 Charter statement and milestones

 

Hi,

My comments - I'm going to echo some of Benson's and Anoop's points.

 

Separate the problem scope into:

 

1. Singe Data Center (DC)

2. Distributed Data Center (DDC)

3. Cloud Computing (CC)

 

[Linda] The first 2 bullets are valid scenarios for DC. But I don't see the
3rd one as an independent category for the ARP222 (or soon to be renamed
ARMD). I see that the Cloud computing could be some applications loaded to
Data Center. 

 

I'm concerned that we don't have sufficient understanding of the cloud
computing networking environment, and at this point in time we should
include an action item or goal to study the requirements of cloud computing
in this area. We should have CC providers participating in the discussion,
clarifying current practice and outstanding issues. I do not think that any
CC service allows multiple clients on the same broadcast domain due to
security concerns, and all services include some form of built-in firewalls
in the hypervisor level to enforce traffic separation. Until this is
clarified all mention of duplicate IP addresses of multiple clients on the
same VLAN, exhaustion of VLANs, etc should be removed from the charter. 

[Linda] First of all, including duplicated IP in one VLAN is not a main
objective. We can definitely remove it from the Charter. 

We are working together with our company's Cloud service BU on requirement.
Amazon's Virtual Private Cloud (http://aws.amazon.com/vpc/) allows client to
use their own IP addresses. It is definitely true that they won't allow
communication across different VPCs. As of now, Amazon doesn't even allow
any multicast among hosts within one VPC
(http://developer.amazonwebservices.com/connect/thread.jspa?messageID=150951
). 

 

There is distinction between Client Controlled subnets (e.g. Amazon's VPC)
and the actual subnets which connect all the physical servers. The Client
Controlled subnets are virtual subnets. When they are assigned to servers,
many of them will be assigned to one physical subnet in order to have the
VMmobility. You can use VLAN to distinguish VPCs. But, you will quickly used
up all the VLANs. 

That is my original intention. 

 

 

The current problem scope does not mention DDC explicitly, and it should. If
ARP222 becomes a working group some standardized version of Cisco's OTV or
similar will need to worked on. 

 

[Linda] The original name ARP222 (Address Resolution for Layer 2 to Anything
to Layer 2) intends to emphasize that one large Layer 2 could consists of
many pockets of Layer 2 which are interconnected by Layer 3 or MPLS. So it
does want to include DDC. Once we change the name to ARMD, we need to bring
it up in the Charter. 

 

I think that behavior changes within the hypervisor level should be
considered by ARP222. It is not clear to me whether this is in conflict with
'All solutions developed by ARP222 WG should not expect any behavior changes
on hosts, applications, or Virtual Machines being deployed in the market.' 

 

[Linda] I don't think the behavior changes within the Hypervisor should be
addressed by ARP222. 

 

I think that study of MOOSE or SEATLE should not be part of the goals and
milestones. This is not to say that these solutions are not adequate or that
they will not be considered.

 

[Linda] Agree. They are just some available solutions on the table which
people agreed to write a draft on. We should lump it together to GAP
analysis or existing solution analysis. 

 

I'm not clear why it should be explicitly mentioned that it is not allowed
to re-define DHCP. I suggest to remove.

 

[Linda] We were told by the ADs to state clearly what is in the scope and
what is not in the scope. That is why we have those statements. We don't
anticipate any changes to DHCP. 

 

 

 

Best,

Ron





On Fri, Aug 27, 2010 at 12:17 AM, Linda Dunbar <ldunbar@huawei.com> wrote:

Benson, 

 

Thank you very much for the suggestion. Let's see if other people have
similar comments or other suggestions. 

The goal of circulating the tentative Charter statement is to make needed
changes before submitting to the IESG in mid Sept. 

 

Linda 

 

  _____  

From: Benson Schliesser [mailto:bensons@queuefull.net] 
Sent: Thursday, August 26, 2010 3:12 PM


To: Linda Dunbar; arp222@ietf.org

Subject: Re: [arp222] ARP222 Charter statement and milestones

 

Linda -

 

I'd like to see a few modifications to the charter you've outlined:

 

1) I've already explained why I think the last design goal (overlapping IP
addresses within a single VLAN) should be removed.  I won't reiterate that
here.

 

2) The goal to "not break DHCP" should be modified to include any broadcast
and/or multicast protocols.  (Alternatively, broadcast and multicast support
can be required by a new goal to be added.)

 

3) The goal of supporting interconnect scenarios should explicitly include
L3VPN.  In case it isn't clear, that implies a goal of support for
overlapping IP addresses within the datacenter. (Albeit in different
broadcast domains, my comments in #1 above notwithstanding.)

 

4) A new goal should include a performance analysis of all solutions
considered.  This might explicitly acknowledge a role for negative caching
approaches, but that shouldn't be a requirement.

 

Cheers,

-Benson

 

 

 

On 12 Aug 10, at 6:14 PM, Linda Dunbar wrote:

 

Thank you all for coming to ARP222 Bar BOF at the 78th IETF and giving us
comments and suggestions on and between sessions. 

 

I put together the initial ARP222 Charter Statement and Milestones. Please
provide comments and suggestions.  

 

 

 

 

ARP 222: Address Resolution Protocol for Layer 2 to Anything to Layer 2

 

Description of Working Group:

As server virtualization is introduced to data centers, the number of hosts
in a data center can grow dramatically because each physical server, which
used to host one end-station, now can host many end-stations, or Virtual
Machines (20, 30, or hundreds of). Virtual Machines, with its flexible
add/delete and mobility features, not only makes it possible for achieving
better performance and better utilization on servers, they are also a very
important building block for Cloud Computing service to offer virtual
subnets and virtual hosts. The virtual subnets offered by Cloud Computing
service could allow clients to define their own subnets with its own IP
addresses and policies. 

This rapid growth of virtual hosts could tremendously impact to networks and
servers. One huge issue is frequent address resolution (IPv4) or neighbor
discovery (IPv6) requests from hosts. All hosts frequently send out those
requests due to their cache being aged out in minutes. With tens of
thousands of hosts (each with a distinct MAC address) in one Data Center,
the amount of address resolution packets per second is potentially more than
1,000 to 10,000/second. This rate imposes tremendous computational burden on
many hosts. 

Another big issue associated with huge number of virtual hosts in a data
center is potentially duplicated IP addresses within one VLAN which will
make traditional ARP or ND not working properly. Some load balance design
requires multiple hosts serving the same application to have the same IP
address but with different MAC addresses. Cloud Computing service could
allow users to have their own subnets with IP addresses and self defined
policies among those subnets. Some network designs need to put multiple
client subnets into one VLAN because the number of client subnets could be
in hundreds of thousands which is much more than 4095 VLANs. Under this
scenario, there could be duplicated IP addresses which are from different
client subnets ending up in one VLAN.  

The goal of this working group is to develop interoperable solutions to
solve those problems.  

The design should consider the following properties:

*        All solutions developed by ARP222 WG should not expect any behavior
changes on hosts, applications, or Virtual Machines being deployed in the
market. 

*        All solutions developed should not break DHCP. 

*        Evaluating the impact to IPv6 ND, and develop solutions accordingly
if needed. 

*        Should consider variety of solutions, including directory based,
proxy based, or cache based solutions. 

*        Include analysis of security concerns of IPv4 ARP requests from
malicious users. Evaluating potential security solutions and conclude if the
security threat can justify solutions. 

*        ARP222 assumes the direct links to individual hosts and virtual
machines are IEEE802.3 Ethernet links.  

*        Should consider scenarios of one Ethernet network being
interconnected by another network, which can be L2VPN, pure IP, Ethernet, or
others. 

*        Should consider address resolution solutions for one VLAN with
small number of duplicated IP addresses.  

 

Here are the items which should not be in the scope of the working group: 

*        Re-define DHCP behavior

*        Re-define security concern to IPv6 ND 

*        Direct links from hosts and virtual hosts are non Ethernet links 

*         

 

Goals and Milestones:

*        Charter statement

*        Problem Statements

*        Gap analysis 

*        Study of NHRP (RFC2332) & SCSP,  and their applicability to
Ethernet networks

*        Study and Analysis of MOOSE as a potential solution

*        Study and Analysis of SEATTLE as a potential solution.

 

 

Best Regards, Linda Dunbar

 

_______________________________________________
arp222 mailing list
arp222@ietf.org
https://www.ietf.org/mailman/listinfo/arp222

 


_______________________________________________
arp222 mailing list
arp222@ietf.org
https://www.ietf.org/mailman/listinfo/arp222