Re: [bess] A question about RFC 8317

Alexander Vainshtein <Alexander.Vainshtein@ecitele.com> Fri, 21 December 2018 07:34 UTC

Return-Path: <Alexander.Vainshtein@ecitele.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BA4912F1A6 for <bess@ietfa.amsl.com>; Thu, 20 Dec 2018 23:34:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Level:
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DC_PNG_UNO_LARGO=0.001, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=eci365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RAAUBq4QDW97 for <bess@ietfa.amsl.com>; Thu, 20 Dec 2018 23:34:01 -0800 (PST)
Received: from mail3.bemta25.messagelabs.com (mail3.bemta25.messagelabs.com [195.245.230.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DAE25127B4C for <bess@ietf.org>; Thu, 20 Dec 2018 23:34:00 -0800 (PST)
Received: from [46.226.52.197] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-1.bemta.az-b.eu-west-1.aws.symcld.net id E2/B1-09191-6679C1C5; Fri, 21 Dec 2018 07:33:58 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA2WTfUwbZRzHee6u1xtyeisFfjZskeo0Tq60urB z0WicMU2m2ZL9ZyB6HUfbWArri2NGIxnLxosbXeRlQDcG61hly8yYmk0zhsjsZClYEkDpKuFt DKbd4nQDcdZ7KVPjP08+z/P9Pt/f9y53FK6ZU+soodwjuJy8Q0+mEhueXnyCLW7KLjD2nGO4Y KgZ5/yxzVxs8T7JzbX0qrh4uJLgWuePI27m6Cfql9Xm+To/Mtcvn1WZA4ElzDy2Z0Rtjo0PY+ Z42y/kNvJNld1pKS1/W2WbHvoVL/v5U6K8tmcEq0DLzUQNSqUIpgOH+99ESWmjYQ5hELy1N7m ZQLB3ZEC0raJI5kXoPhUjJdYyeXBoXz2STLh04+PgnCykM09C65mvVIrpKRgItmIKbwJfpFpm glkHFzsqRA9F0Uwh9B/bqQw7iGCq34ckzypxmH/4hJyJmEy4N3BavoszWTA+0yYzMFqYjFwlF c6A+em/VIrfAhOz7Ug5z4FZX0it8BoYbquVSwMzRsLnPVXJIBZuNzTgCr8BS429mFQOmMfhsx uFin8GwdHTC4TiWQ/RSx8lQx2wFJ5OllgLXQcmCeVCHIe7ly8mB2SDf+ggrgg+Eo4sJuQkDbM DrvjvED6U2/Kvp2uRX2s1grEfB5Ek0Mxq+K55hlBMTqgd3YMrbIRbg21JfgY6228mOQ/O/hZG /z/PheW7NaTCORAdaVApHBCH3X5hxXN+tFu94qmvnVQfQ3QX4iwuu9XmKeHtDtZkNLIm07Os6 fl81pT/nIF/j7UYBC+7S3B7WJOB3+U2uHeX7HAUGZyCpxuJn3VRWf/x82jhpLUPPUph+gx6qi 67QPOwpbRot413295yeR2Cuw9lU5Qe6P2NorbaJViF8mK7Q/w3VmSg0vRaulmSaXcZX+K2WxV pAG2hfuhNNOFU1+Gqwzg1Ja9xea060+nHqVD1735cQzhLnYIui/66QYxgpAib1/lgwMr/N4zW 6NJplJKSokkrE1wlds9/9QWURSF9Ol0npaTZnZ4HPRbEiphYMfUVuaKH/0fSVaADF6KN9X094 znrOuLcNmRNRIN/GK++c+1979b8cKJp40RxDDI+yMvcunjptdB2feXl/WP7iKWwNzB0SrdW+2 HVuS+uZ7y+sTLNvDPzxs3Jdx/76Xtte37X4IXGxPVIzb0v0WxoM91/Zcud+Q2BP7GCh14dPHE tt3LTt49EjIWxl0Y7I3rCbeNN63GXm/8bDd3in3oEAAA=
X-Env-Sender: Alexander.Vainshtein@ecitele.com
X-Msg-Ref: server-23.tower-285.messagelabs.com!1545377634!6105554!1
X-Originating-IP: [52.41.248.36]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.14.24; banners=ecitele.com,-,-
X-VirusChecked: Checked
Received: (qmail 29693 invoked from network); 21 Dec 2018 07:33:57 -0000
Received: from us-west-2a.mta.dlp.protect.symantec.com (HELO EUR02-AM5-obe.outbound.protection.outlook.com) (52.41.248.36) by server-23.tower-285.messagelabs.com with AES256-SHA256 encrypted SMTP; 21 Dec 2018 07:33:57 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ECI365.onmicrosoft.com; s=selector1-ecitele-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LGt6YQfPZ6LJwcNVgPjrI7pMf6KFslWyno9a3jta0/E=; b=enZI06xtmYhS+pMI1jwOpFyXjzQ9hyQdaJiQ0gHK7xwzisJNKVadpmxMgn1gdwkejMo473HsXT6LjtGlAjxI/bUxiuAvSaFzXs/eUcyXMaOgsygyR0rrVCGf6Vqa62tTUzpEx//MbZRnn6udt+EuxffnkH/TQMxwwcW++HkxHEk=
Received: from AM0PR03MB3828.eurprd03.prod.outlook.com (52.135.146.29) by AM0PR03MB4177.eurprd03.prod.outlook.com (20.176.214.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1446.17; Fri, 21 Dec 2018 07:33:51 +0000
Received: from AM0PR03MB3828.eurprd03.prod.outlook.com ([fe80::dd0e:6be2:6377:6f6d]) by AM0PR03MB3828.eurprd03.prod.outlook.com ([fe80::dd0e:6be2:6377:6f6d%4]) with mapi id 15.20.1446.022; Fri, 21 Dec 2018 07:33:51 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>
To: "Ali Sajassi (sajassi)" <sajassi@cisco.com>
CC: "Samer Salam (ssalam)" <ssalam@cisco.com>, "John E Drake (jdrake@juniper.net)" <jdrake@juniper.net>, "ju1738@att.com" <ju1738@att.com>, "sboutros@vmware.com" <sboutros@vmware.com>, "jorge.rabadan@nokia.com" <jorge.rabadan@nokia.com>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: A question about RFC 8317
Thread-Index: AdSYUr9cSCgYcdt7R1u6vcshLnORdAAINGEAACL89vg=
Date: Fri, 21 Dec 2018 07:33:51 +0000
Message-ID: <AM0PR03MB3828C2AF7CC8D9FD829CBD3C9DB80@AM0PR03MB3828.eurprd03.prod.outlook.com>
References: <AM0PR03MB38289E905EE9421BA529727B9DBF0@AM0PR03MB3828.eurprd03.prod.outlook.com>, <B7FEDC8A-9A16-46F5-81EE-FC79CF6E9002@cisco.com>
In-Reply-To: <B7FEDC8A-9A16-46F5-81EE-FC79CF6E9002@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [40.67.251.241]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM0PR03MB4177; 6:hyhIGvKgPdmti5WZ8lWO5y2FJxFqBQBLkxecl3QtI10tPNSRPJZ8ZUXp5WQWqkfCZZkVoW7yePskp7+tOD1NsYQqbh7wrqKgqtss9Xq12fUlI6wndiXHkCh6WJqk8PQB9+QwX7+QRRrFwTuu78Ixm/qthgPfQ5VZ+/uaPudiAJ0OIQbZFOFpTWyZnBEQEoGaTmmRIgxLjls4OQ8BGQuQYZ/y5hEfhpt0R0k1p/QxEkwp8dlDT6Il7+8bF72k5eG/eRQH3CkehoUzrHtM1HCaa3Pna7PTGUw2La/Qf8hH+Fbi/3tI8hEHu6zOiCemfLniksRaPovpDN2xO2SnLStramgPPIDkfG9MFOYE8VHQrsBUaaDt3vU8ZnaW+yuv5TE/J1y//VM50Xa6i/iaPpJiTPbOTu7BqoIlZIjRYPXgTBHy4t9N5pLcXajMzCBjgd49r1n1VWE3syqxkzFiM0xqMQ==; 5:USMGmjnYXluHdheX1zkJzyFZR+Y0T8l4jxe4xjghJX1i60wU9xzVC2Vz5W0H1+8EzVIrKzXYJkBLe0BxxmDh+E/NWVSA8ehZ7SLf8BDOBQc0mcuNBRHqAsroiYworITxhXmvQmMeJxpamCBUdIjhFYZqqfEqje3/ExUYvgsgVtI=; 7:XEJBoqNiyhdM97Qqh6HPYMzGi0StuyhzW/kRpCHpbjJV0V5ut8KP8kd1/eaq4sMNJ3YIVlLfeZOnkk4l7T6Nw2RNvV9dWwYS6TaAf1s+GkMMheMJ4+rnBd2mIb+O46W1hv15QOGN+NOPqo6LRprVmQ==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 8d3c32a5-234a-4b78-cc24-08d66716a777
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(49563074)(7193020); SRVR:AM0PR03MB4177;
x-ms-traffictypediagnostic: AM0PR03MB4177:
x-microsoft-antispam-prvs: <AM0PR03MB417704DB8581F96E6ACD731F9DB80@AM0PR03MB4177.eurprd03.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(3230021)(999002)(5005026)(102415395)(6040522)(2401047)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231475)(944501520)(4983020)(52105112)(6055026)(149066)(150057)(6041310)(20161123562045)(20161123564045)(20161123558120)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(201708071742011)(7699051)(76991095); SRVR:AM0PR03MB4177; BCL:0; PCL:0; RULEID:; SRVR:AM0PR03MB4177;
x-forefront-prvs: 0893636978
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(136003)(346002)(366004)(376002)(39860400002)(199004)(189003)(51874003)(186003)(606006)(26005)(66066001)(4326008)(236005)(54906003)(9686003)(76176011)(86362001)(55016002)(3846002)(97736004)(7696005)(7736002)(6506007)(68736007)(229853002)(53546011)(6116002)(316002)(99936001)(14444005)(256004)(25786009)(74316002)(102836004)(2906002)(6436002)(733005)(54896002)(106356001)(54556002)(478600001)(6306002)(71200400001)(6246003)(71190400001)(8676002)(33656002)(8936002)(476003)(81156014)(81166006)(446003)(105586002)(5660300001)(14454004)(53936002)(486006)(99286004)(6916009)(72206003)(11346002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR03MB4177; H:AM0PR03MB3828.eurprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ecitele.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: EO0CSVMEx5ccW9nW9V9vJ+IKodnG32qALJEbR3pKmQJklcPAF+Je8wMJPvES6VbzP+r8H7QYcOxbW2amuJ6qqBhAdNrBay2PcaF8PZP18MP8zsZmp80RnSsjuBv//Lnu60XbiuHU1kerVmATuZDeaNJb0vyE52u0P69qY9v8b6e4p7Li6JNXnlJB1JYFgm+w+cWE/iZ1/lRHKPTd0uHnKaljE8xg+LARQcMfqisQQ7uloI3xqicQ9ArGcYDl/dTqu/zonQoDudPBl5qXG08Z9Y+XfELWiDLuVtvHqSn3cCD34lzWZKEfhbh6lXaAV+SY
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/related; boundary="_004_AM0PR03MB3828C2AF7CC8D9FD829CBD3C9DB80AM0PR03MB3828eurp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: ecitele.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8d3c32a5-234a-4b78-cc24-08d66716a777
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Dec 2018 07:33:51.4900 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2c514a61-08de-4519-b4c0-921fef62c42a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR03MB4177
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/YNAd8DtniUJ12Y6NL7HnFjfh-EA>
Subject: Re: [bess] A question about RFC 8317
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2018 07:34:04 -0000

Ali,
Lots of thanks for a prompt response.
I fully agree that tbe use case I've described can be addressed by the genegal techniques of RFC 8317.

I only wanted to u dersrand applicability of fbe "two RTs" scheme, and both Jorge and you confifm that it would result in undesirable behavior in this use case.

Regards,
Thumb typed by Sasha Vainshtein

________________________________
From: Ali Sajassi (sajassi) <sajassi@cisco.com>
Sent: Thursday, December 20, 2018 7:52:05 PM
To: Alexander Vainshtein
Cc: Samer Salam (ssalam); John E Drake (jdrake@juniper.net) ju1738@att.com; sboutros@vmware.com; jorge.rabadan@nokia.com; bess@ietf.org
Subject: Re: A question about RFC 8317

Hi Sasha,

The use case that you have described below is a legitimate use case and if we look at what happens in RFC 7432 baseline, there is no flooding there because MAC addresses among multi-homing PEs get synch’d up and thus even a PE in the all-active multi-homing group doesn’t receive a flow from a locally connected CE, the frames destined toward that CE will not get flooded. So, we should expect the same behavior for the E-TREE. We do get the same behavior from E-TREE (RFC 8317) by using the solution described section 4 which is a comprehensive solution that works for both scenarios 1 & 2. It uses ingress filtering for unicast traffic and egress filtering for BUM traffic while still using a single Route Target just like RFC 7432.

The use of two RTs in scenario-1, was intended to describe a very limited use case where no communications is needed among leaf PEs (e.g., Single Homing or Single-Active). However, in case of All-Active MH, we do need communications among leaf PEs and thus we should use the solution described in section 4.

Cheers,
Ali

From: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>
Date: Thursday, December 20, 2018 at 3:30 AM
To: Cisco Employee <sajassi@cisco.com>
Cc: "Samer Salam (ssalam)" <ssalam@cisco.com>, "John E Drake (jdrake@juniper.net)" <jdrake@juniper.net>, "ju1738@att.com" <ju1738@att.com>, "sboutros@vmware.com" <sboutros@vmware.com>, "jorge.rabadan@nokia.com" <jorge.rabadan@nokia.com>, "bess@ietf.org" <bess@ietf.org>
Subject: A question about RFC 8317

Ali and all,
I have read RFC 8317<https://tools.ietf.org/html/rfc8317>, and I would like to clarify a question dealing with Leaf ACs of an EVPN-based E-Tree service on All-Active Multi-Homed Ethernet Segments (MH ES).

The reference model for my question is shown in the Embedded diagram below.


[cid:image002.png@01D49865.895588B0]

It shows an EVPN E-tree service with one Root customer site and two leaf customer sites, where each Leaf CE is dual-homed to the same pair of PEs using two different All-Active multi-homed Ethernet Segments.

Suppose that the scheme with two RTs (one identifying the Root site and the other identifying the Leaf sites) is used as described in 4.3.1.

Suppose also that each MAC-VRF uses per MAC-VRF label assignment as defined in section 9.2.1 of RFC 7432, i.e., advertises exactly one EVPN application label that identifies it as the Egress MAC-VRF, while the disposition of the received Ethernet frame within this MAC-VRF is based on the destination MAC address. In this case the per MAC-VRF label can be also used as the “aliasing” label in the per EVI EAD route.

PE-1 will receive and accept per EVI EAD routes for both MH ES for PE-2 and PE-3 with the corresponding “aliasing” labels.

Suppose that MAC-VRF in PE-2 learns some {MAC, IP} pair  {X, Y}  locally from the Leaf CE-1 and advertises this pair in the EVPN MAC/IP Advertisement route. With the “two RTs” scheme this route will be accepted by the MAC-VRF in PE-1 but it will not be accepted by the MAC-VRF in PE3. As a consequence:

  *   MAC-VRF in PE-1 will know that this pair has been learned from the “blue” all-active MH ES, and therefore can decide to send locally received unicast frames with destination MAC address X to PE-3 using the corresponding “aliasing label”. No other labels will be included in the EVN encapsulation of such  frames because they are received from the Root AC.
  *   MAC-VRF in PE-3 will not know anything about MAC address X, therefore, when it receives an EVPN-encapsulated frame with this destination, it will treat it as an “unknown unicast” and flood it to both Leaf CE-1 (where it should be sent) and to Leaf CE-2 (where it should not be sent).

Is this what is really supposed to happen in this scenario? If not, what did I miss in the E-tree EVPN solution?

Regards, and lots of thanks in advance,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com


___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________


___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is 
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this 
transmission in error, please inform us by e-mail, phone or fax, and then delete the original 
and all copies thereof.
___________________________________________________________________________