[bess] AD Review of draft-ietf-bess-evpn-overlay-08
Alvaro Retana <aretana.ietf@gmail.com> Mon, 04 December 2017 21:49 UTC
Return-Path: <aretana.ietf@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B33D1128CD5; Mon, 4 Dec 2017 13:49:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7ct9E5SQlacf; Mon, 4 Dec 2017 13:49:25 -0800 (PST)
Received: from mail-ot0-x241.google.com (mail-ot0-x241.google.com [IPv6:2607:f8b0:4003:c0f::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 72AF4128BB7; Mon, 4 Dec 2017 13:49:25 -0800 (PST)
Received: by mail-ot0-x241.google.com with SMTP id v21so16127173oth.6; Mon, 04 Dec 2017 13:49:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:mime-version:date:message-id:subject:to:cc; bh=xplbdpkacz6S1PEGrgCoaLrMABXaGvuI/ONdO90mmKk=; b=WH+OAw6PdSKchgCmd9PcHJKzBh1qlz92jm8SRjt7pVgKDOuVJX1pdzkhou2XbG3VQJ ZRdl6CN87RU5YfhxO+PVL7Pc8ttrmBavty3L1bCXKRu22v98S0cns8L4UuNxH1J/Tky6 URoz0ZKtlivtoYVxRMdYdawDfk4Vp/7B3wwMkjfCaXpTv7hRAno0VBkLjyZAMW6lzX7L osulHP589us/UVzES06rWas0JLnHrBhh4YTOXX70QYkEmfZpg5F3BAXSIQfIXGQR3RCt bBrbjtXiNL6MV51WcfXJ3352Tb15h8JbA/aO1F2L1sRHU1ygLb794yQx/DQyoFzkfSCG 9n6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:date:message-id:subject:to:cc; bh=xplbdpkacz6S1PEGrgCoaLrMABXaGvuI/ONdO90mmKk=; b=ENaXG6tm0WAN0+qZp+ENeS+JYbCW+cWJ28mgamoTyl+sk7K01h9GrlwQy59eds7so4 qHmPo5oFStWY1hEyMwpatQ/F9+1Q/T8T16S70vUFHs7keVH1zyMZBUlup/80oIsdioO2 mCjM4UsYewVHVetLuiFi5VX0VTV5YYHR83lATuO3AmoZtxlrK79js5/SuhyEOFBloZ1O oX8iWnPm82VmrxGUmMbEJcxallHoy+lVOgFvCdcy/y5epm34feXkH1EW7fcIWlAAqKRI dmvTZNSUjVdJjJOaQHh8syPcG7VE2XcBEePuwBJpTifzUCHNy0bS+eMj1/uVMkAGOrxc cQog==
X-Gm-Message-State: AJaThX6Vx1OSfulUzoB4QrRCYzHu3W5IMdgWoeAOn8gqa/nuRcEMIZl2 PjywMSzqsyzTQvQzgtk7QvbTyosyzoshVOEGoaw=
X-Google-Smtp-Source: AGs4zMaz1AvdnzMacw5ztq7QpMVj5bsG4+eDUo//qF9c4bwHoxXqpZdl+gb7sbIKcNxqTsgbWzFRAyOxJjJKjAw/fnQ=
X-Received: by 10.157.22.183 with SMTP id c52mr16040361ote.317.1512424164612; Mon, 04 Dec 2017 13:49:24 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Mon, 4 Dec 2017 16:49:24 -0500
From: Alvaro Retana <aretana.ietf@gmail.com>
X-Mailer: Airmail (461)
MIME-Version: 1.0
Date: Mon, 04 Dec 2017 16:49:24 -0500
Message-ID: <CAMMESsw2x53Av-_zi5nL5czKCXYmi_mk0i6qyYYZDYHE8oo_tA@mail.gmail.com>
To: bess-chairs@ietf.org
Cc: Thomas Morin <thomas.morin@orange.com>, bess@ietf.org
Content-Type: multipart/alternative; boundary="001a1141c09014e01a055f8ab13a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/9x_rgwqxQYVXVGjC94YdIVBB9jk>
Subject: [bess] AD Review of draft-ietf-bess-evpn-overlay-08
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Dec 2017 21:49:28 -0000
Dear Authors: I just finished reading this document (finally!). I have a some comments (see below) which I think should be easy to address. I also have some bigger issues that we’ll need the Chairs’ help to solve: (1) Coordination with nv03 For the Chairs: Except for some clarification comments [1] related to the current version, I see no other traffic in the nvo3 list related to this document. Was there some other coordination that I’m missing? I am not questioning having this document in bess (that’s perfectly fine); I’m just raising the needed coordination with other WGs, from the Charter: "The working group will also coordinate with...NVO3 working group for coordination of protocols to support data center VPNs.” What about Geneve (draft-ietf-nvo3-geneve)? The nvo3 WG is focusing on Geneve as the Standard encapsulation, but this document doesn’t even mention it. (2) Document Status Why is this a Standards Track document? The Abstract/Introduction say that “this document describes how Ethernet VPN (EVPN) can be used as an NVO solution and explores applicability of EVPN functions and procedures.” -- if it’s just a description (as the text clearly is), and not a technical specification, then why it is not Informational? I can see how we could call it an Applicability Statement (rfc2026) and still publish it in the Standards Track. If we want to go that way, we would need some minor updates to make it clear that this is an Applicability Statement and is not intended to stand in for a Technical Specification. I am not clear on the process as it related to possible DownRefs (see below), but I’m willing to Last Call an Applicability Statement in the Standards Track…if that is what you want. Thanks! Alvaro. [1] https://mailarchive.ietf.org/arch/msg/nvo3/cd0hOfb966ROcL4t8JCrBD28bBg/?qid=c9f632dc5d6aab5e4b22972bb242baf0 Major: M1. Section 5.1.2.1 (Auto Derivation of RT) shows a “packet format” to illustrate how the RT can be auto-derived. Without any context, the description doesn’t make much sense: the fields are not described in order, the reader is expected to know about global and local administrative fields, the “A-bit” (or the Type field) are not mentioned in the description, people could probably guess that “D-ID” means “domain-id”, there’s no indication of what to do with that “packet format”, etc. Please clean the description up, include clearer explanations and some references can’t hurt. M1.2. What about 4-byte ASNs? M2. From 5.1.3 (Constructing EVPN BGP Routes): “...routes MAY be advertised with multiple encapsulation types as long as they use the same EVPN multi-homing procedures (section 8.3.1, Split Horizon)…”. Is Split Horizon an example, or the only multi-homing procedure that should be considered? Please be clear. M3. From 5.2 (MPLS over GRE): M3.1. “...when it is used in conjunction with EVPN the GRE key field SHOULD be present, and SHOULD be used to provide a 32-bit entropy field.” What are the cases when it is ok not to include the field, or use it for that purpose? IOW, why are these SHOULDs not MUSTs? Or maybe, when is the key field needed? M3.2. "The Checksum and Sequence Number fields are not needed and their corresponding C and S bits MUST be set to zero.” This is different than what rfc4023 specifies (not a problem). If you’re specifying the setting of the bits, then you should be more prescriptive with whether the fields are included of not; suggestion: "The Checksum and Sequence Number fields MUST NOT be included and the corresponding C and S bits in the GRE Packet Header MUST be set to zero.” M4. In 7.1 (Impact on EVPN BGP Routes & Attributes for VXLAN/NVGRE Encapsulation) M4.1. These 2 MUSTs seem out of place as they are used to explain, and not in a Normative way: “ ..the RD must be a unique value per EVI or per NVE as described in [RFC7432]. In other words, whenever there is more than one administrative domain for global VNI, then a unique RD MUST be used, or whenever the VNI value have local significance, then a unique RD MUST be used.” s/MUST/must M4.2. This SHOULD is also out of place because the standardization was already done in rfc7432 (this document is just mentioning it): “...as noted in section 8.6 of [RFC7432]...the single-homing ingress NVE SHOULD be able to…”. s/SHOULD/should M4.3. Section 10.2.1 then points back at the text in 7.1 using another SHOULD…again, s/SHOULD/should M5. 7.2 (Impact on EVPN Procedures for VXLAN/NVGRE Encapsulation) also includes a superfluous SHOULD: “...as noted in section 8.6 of [RFC7432]...a single-homing ingress NVE SHOULD implement…”. s/SHOULD/should M6. The introductory paragraph in Section 8.1 (EVPN Multi-Homing Features) says that it is used to "recap the multi-homing features of EVPN to highlight the encapsulation dependencies. The section only describes the features and functions at a high-level. For more details, the reader is to refer to [RFC7432].” However some of the 8.1.* sub-sections contain Normative language. Is that Normative language specifying new behavior introduced in this document, or highlighting the recap from rfc7432? If there’s no new behavior, then please use lower cases. If there is new behavior, then it would be nice to clarify that in 8.1. M7. In 8.3.1 (Split Horizon), this MUST is out of place because it is not specifying anything: “...other means of performing the split-horizon filtering function MUST be devised.” s/MUST/must M8. References M8.1. TUNNEL-ENCAP (aka draft-ietf-idr-tunnel-encaps) should be Normative, which btw is marked to Obsolete rfc5512; I mention this because both are listed in several parts, so you should take rfc5512 out. M8.2. These should also be Normative: RFC7348, NVGRE, VXLAN-GPE, RFC4023 Minor: P1. Please use the new Normative Language boilerplate (rfc8174). P2. From 7.1 (Impact on EVPN BGP Routes & Attributes for VXLAN/NVGRE Encapsulation): “...reduces the required routes and attributes to the following subset of four out of eight”. Please either list the attributes that are not needed, or put in a reference to where those can be found. (rfc7432 ??) P3. From 8.3.1 (Split Horizon): "In order to prevent unhealthy interactions…”. I would really like to see more here: what does “unhealthy interactions” mean? Can it result in loops or lost traffic or some other “bad” thing? I note that even through you “prohibit” the configuration, you don’t go as far as mandating that it not to be used (MUST NOT), which makes me want to understand more the potential effects…if it happens, what are the risks? P4. In 8.3.3 (Unknown Unicast Traffic Designation): “...the ingress PE MAY use a flag-bit in the VxLAN header to indicate BUM traffic type. Bit 6 of flag field in the VxLAN header is used for this purpose per section 3.1 of [VXLAN-GPE].” Suggestion: “…the ingress PE MAY set the BUM Traffic Bit (B bit) [VXLAN-GPE] to indicate BUM traffic.” P5. Security Considerations: I find that the suggestion of IPSec may be out of place in this document; this document pretty much just talks about how to use EVPN, it doesn’t really introduce new capabilities, so unless IPSec is mentioned in rfc7432 (which is not — and not even mentioned in this section), or recommended in rfc4271 (which is not) then I would refrain from including such recommendation here. In fact, I think that pointing at the Security Considerations of existing RFCs should be enough. P5.1. The reference to rfc4301 (beyond what VXLAN/NVGRE) mention seems like you’re trying too hard. I would just put explicit references to the encapsulations since they should be dealing with security themselves. P6. References: [KEYWORDS] shows up twice. I think that the reference to rfc4271 can be made Informative. Nits: N1. Section 3 (Terminology) literally transcribes several definitions from rfc7432/rfc7365 — while it is ok, I personally prefer just pointing at the definitions: it’s just easier to have the other RFCs be the authoritative source and not rely on maintaining the definitions in sync should they ever change. Suggestion: “The reader is expected to be familiar with the terminology in …”. N2. s/the VNI value have local significance/the VNI value has local significance N3. s/it is recommend/it is recommended N4. Please be consistent in naming references, some list the RFC number, while others a name...
- [bess] AD Review of draft-ietf-bess-evpn-overlay-… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… John E Drake
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Martin Vigoureux
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… thomas.morin
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Ali Sajassi (sajassi)
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Martin Vigoureux
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Ali Sajassi (sajassi)
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Ali Sajassi (sajassi)
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Ali Sajassi (sajassi)
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Alvaro Retana
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Ali Sajassi (sajassi)
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Thomas Morin
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Thomas Morin
- Re: [bess] AD Review of draft-ietf-bess-evpn-over… Ali Sajassi (sajassi)