IETF Logo Mail Archive

Re: [bess] Seeking Comments for EVPN-VPWS Service Edge Gateway

Sami Boutros <boutros.sami@gmail.com> Mon, 19 October 2015 20:39 UTC

Return-Path: <boutros.sami@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17F921ACC88 for <bess@ietfa.amsl.com>; Mon, 19 Oct 2015 13:39:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q6N-1VGV-2VB for <bess@ietfa.amsl.com>; Mon, 19 Oct 2015 13:39:35 -0700 (PDT)
Received: from mail-qk0-x22f.google.com (mail-qk0-x22f.google.com [IPv6:2607:f8b0:400d:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 155041ACD02 for <bess@ietf.org>; Mon, 19 Oct 2015 13:39:21 -0700 (PDT)
Received: by qkcy65 with SMTP id y65so24843093qkc.0 for <bess@ietf.org>; Mon, 19 Oct 2015 13:39:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=pPTi+ttNXWVBenXcrvx9MwKG3DoVBM20GpI7qsXoE4Y=; b=O93F4J/X1uYBb0M2cR8ub6iefRA1yconJ/75OiRAjt4SpoAg/ytHsFsYJSeuRbHLZR AAQ2RX5SehAtt7M+z4PoKiy8zsClu1Q52LtfF4dZ2aPo9UT8LqHZMRe5yMHgBEavd7rZ CfYA3Hlbe9ThwT3Zwq064VUg1k5pWAYyKBwX3RlBTS3UguZx4qBybkA6eWBDIkCh0e4x uztR97HD4THDb14krm88kzjA1NX//blBnr00IJvJ2re9xPEVHPstBDzXTmci0ANV20rO lPqw39JjohpkyC5Chcba+P4DvXJc+QVI+rz6sByMNK7Z+xQJstsOqvY6dNIp+RMrYn+8 vyjw==
X-Received: by 10.194.239.167 with SMTP id vt7mr34053652wjc.110.1445287159969; Mon, 19 Oct 2015 13:39:19 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.37.71 with HTTP; Mon, 19 Oct 2015 13:39:00 -0700 (PDT)
In-Reply-To: <1EDE9B87-E9DB-4BBA-A41C-AB138380E451@alcatel-lucent.com>
References: <CAFKBPj5X4qp0BfEJTn8wQV4bcvRd9XyyiHefxvv92WgzVw2xLQ@mail.gmail.com> <1EDE9B87-E9DB-4BBA-A41C-AB138380E451@alcatel-lucent.com>
From: Sami Boutros <boutros.sami@gmail.com>
Date: Mon, 19 Oct 2015 13:39:00 -0700
Message-ID: <CAFKBPj4afy-XwbQiaDVsJwjOhY84-k4x7AZCLYAHXSPxmgNXUg@mail.gmail.com>
To: "Rabadan, Jorge (Jorge)" <jorge.rabadan@alcatel-lucent.com>
Content-Type: multipart/alternative; boundary="089e013c60c0c4bbb305227b23f2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/bess/0yYyQwsJ91ef0PW7x46m-VPVBoE>
Cc: "bess@ietf.org" <bess@ietf.org>
Subject: Re: [bess] Seeking Comments for EVPN-VPWS Service Edge Gateway
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2015 20:39:41 -0000

Hi Jorge,


> --------------------------------------------------------------
>
>
> Abstract
>
>    This document describes how a service node can dynamically terminate
>    EVPN virtual private wire transport service (VPWS) from access nodes
>    and offer Layer 2, Layer 3 and Ethernet VPN overlay services to
>    Customer edge devices connected to the access nodes. Service nodes
>    using EVPN will advertise to access nodes the L2, L3 and Ethernet VPN
>    overlay services it can offer for the terminated EVPN VPWS transport
>    service. On an access node an operator can specify the L2 or L3 or
>    Ethernet VPN overlay service needed by the customer edge device
>    connected to the access node that will be transported over the EVPN-
>    VPWS service between access node and service node.
>
> /* [JORGE] it would be good to clearly state the benefit of doing this.
> The main advantages that I see are service extension with single-side
> provisioning (no need to provision new ACs at the service node). */
>
>
Sami: will update the abstract.

>
> <snip>
>
> 1  Introduction
>
>
> /* [JORGE] maybe this level of detail at the introduction is a bit
> confusing. I think it would be better to state what the goal and
> advantages are in the introduction and leave the details for the solution
> description. */
>
>
>
Sami: will update.


> <snip>
> ...
>
>
>
> 2.2  Scalability
>
>    (R2a) A single service node PE can be associated with many access
>    node PEs. The following requirements give a quantitative measure.
>
>    (R2b) A service node PE MUST support thousand(s) head-end connections
>    for a a given access node PE connecting to different overlay VRF
>    services on that service node.
>
>    (R2c) A service node PE MUST support thousand(s) head-end connections
>    to many access node PEs.
>
>
> /* [JORGE] It is hard to understand... should the following be better?:
>
> “ (R2b) A service node PE MUST support head-end functionality for
> thousands of access node PEs that are connected to different VRFs on the
> service node.
>   (R2c) A service node PE MUST support hundreds of thousands of CE
> connections through the attached access nodes."
> */
>
>
Sami: will update.

>
> <snip>
>
>
>
> 2.5 Multi-homing
>
>    TBD
>
> /* [JORGE] The solution should describe how to handle multi-homing at two
> levels:
> - Access node multi-homed to 2 or more Service nodes
> - CE node multi-homed to 2 or more access nodes (this one should be
> aligned with the EVPN-VPWS draft)
> */
>
>
Sami: Please have a look at the updated section in 01, as for the CE node
agreed that it should be aligned with EVPN-VPWS, and hence no need to
mention anything about it in the draft.

>
> <snip>
>
>
>
>
> 4 Solution Overview
>
>
>                        +---------+         +---------+
>                        |         |         |         |
>       +----+   +-----+ | IP/MPLS | +-----+ | IP/MPLS |
>       | CE |---| PE1 |-| Access  |-| PE2 |-| Core    |
>       +----+   +-----+ | Network | +-----+ | Network |
>                        |         |         |         |
>                        +---------+         +---------+
>                   <---- EVPN-VPWS ----><---- IP/MAC VRF --->
>
>
>    Figure 1: EVPN-VPWS Service Edge Gateway.
>    AN: Access node
>    SE: Service Edge node.
>
>    EVPN-VPWS Service Edge Gateway Operation
>
> /* [JORGE] Should this be section 4.1 on its own? */
>

Sami: sure will do.

>
>
>    At the service edge node, the EVPN Per-EVI Ethernet A-D routes will
>    be advertised with the ESI set to 0 and the Ethernet tag-id set to
>    (wildcard 0xFFFFFFF). The Ethernet A-D routes will have a unique RD
>    and will be associated with 2 BGP RT(s), one RT corresponding to the
>    underlay EVI i.e. the EVPN VPWS transport service that's configured
>    only among the service edge nodes, and one corresponding to the L2,
>    L3 or EVPN overlay service.
>
>    At the access nodes, the EVPN per-EVI Ethernet A-D routes will be
>    advertised as described in [draft-ietf-bess-evpn-vpws <
> https://tools.ietf.org/html/draft-ietf-bess-evpn-vpws>] with the ESI
>    field is set to 0 and for single homed CEs and to the CE's ESI for
>    multi-homed CE's and the Ethernet Tag field will be set to the VPWS
>    service instance identifier that identifies the EVPL or EPL service.
>    The Ethernet-AD route will have a unique RD and will be associated
>    with one BGP RT corresponding to the L2, L3 or EVPN overlay service
>    that will be transported over this EVPN VPWS transport service.
>
> /* [JORGE] What do you mean by EVPN overlay service in this context? why
> is it different from L2 or L3 service? should this be clarified in the
> introduction?
> Also by L2 and L3 are you referring to the encapsulation? i.e. L2 means
> ethernet over the EVI label and L3 IP over the EVI label? */
>
> /* [JORGE] If the service RTs are the same in the access and core network,
> PE2 should have two different peering sessions, one to the RR in the
> access network and one to the core RR. Is that the intend? if so, it may
> be good to clarify */
>
>
Sami:Can you please look at the updated version 01 and see what comments
still apply?

>
>
>
>
>    Service edge nodes on the underlay EVI will determine the primary
>    service node terminating the VPWS transport service and offering the
>    L2, L3 or Ethernet VPN service by running the on HWR algorithm as
>    described in [draft-mohanty-l2vpn-evpn-df-election <
> https://tools.ietf.org/html/draft-mohanty-l2vpn-evpn-df-election>] using
> weight
>    [VPWS service identifier, Service Edge Node IP address]. This ensure
>    that service node(s) will consistently pick the primary service node
>    even after service node failure. Upon primary service node failure,
>    all other remaining services nodes will choose another service node
>    correctly and consistently.
>
> /*[JORGE] Following EVPN, the DF election is based on the exchange of ES
> routes. Hence the assumption is that the two service nodes should
> advertise ES routes with a system-level ESI and an AD route per ES with
> the same ESI? The service node DF for a given service should send an AD
> per-EVI route with the P indication in the new EC defined in EVPN-VPWS. I
> believe all the
> existing procedures should be used, are you defining new ones? */
>
>
>
Sami: Please have a look at 01.


>
>    Single-sided signaling mechanism is used. The Service PE node that is
>    a DF for accepts to terminate the VPWS transport service from an
>    access node, the primary service edge node shall:- Dynamically create
>    an interface to terminate the service and shall attach this interface
>    to the overlay VPN service required by the access node to service its
>    customer edge device.- Responds to the Eth A-D route per EVI from the
>    access node by sending its own Eth A-D per EVI route by setting the
>    same VPWS service instance ID and downstream assigned MPLS label to
>    be used by the access node.
>
> /* [JORGE] Need to correct the format: the two bullets must go in
> different lines */
>
>
>
Sure will do.


>
>   <snip>
>
> 4.1 Multi-homing
>
> /* [JORGE] how bout the following scenario:
>
> Here AN1 and AN2 have a ESI for the CE. Regular EVPN-VPWS procedures
> should apply.
>
>                  +---------+         +---------+
> +----+   +-----+ |         | +-----+ |         |
> | CE +---+ AN1 +-+         +-+ SE2 +-+         |
> +--+-+   +-----+ | IP/MPLS | +-----+ | IP/MPLS |
>    |             | Access  |         | Core    |
>    |     +-----+ | Network | +-----+ | Network |
>    +-----+ AN2 +-+         +-+ SE3 +-+         |
>          +-----+ |         | +-----+ |         |
>                  +---------+         +---------+
>             <-----EVPN-VPWS-----><-----IP/MAC VRF---->
>
> */
>
>
> Sami: Exactly, regular EVPN VPWS should apply, and hence why do we need to
mention it?

Thanks,

Sami

>
>
>
>
> From:  BESS on behalf of Sami Boutros
> Date:  Wednesday, October 7, 2015 at 11:13 PM
> To:  "bess@ietf.org"
> Subject:  [bess] Seeking Comments for EVPN-VPWS Service Edge Gateway
>
>
> Hi,
>
>
> The draft proposes a dynamic mechanism to terminate the VPWS transport
> service at a service PE into an overlay L2 or L3 service based on a single
> side provisioning at the access PE.
>
>
> https://tools.ietf.org/html/draft-boutros-bess-evpn-vpws-service-edge-gateway-01
>
>
> Thanks,
>
>
> Sami
>
>

v2.23.0 | Report a Bug | By Email