Re: [bess] A question regarding draft-wang-bess-evepn-control-word

Alexander Vainshtein <Alexander.Vainshtein@ecitele.com> Wed, 24 October 2018 15:57 UTC

Return-Path: <Alexander.Vainshtein@ecitele.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AB26130EC9; Wed, 24 Oct 2018 08:57:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=eci365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zHh_1Bqb3Uft; Wed, 24 Oct 2018 08:57:13 -0700 (PDT)
Received: from mail1.bemta26.messagelabs.com (mail1.bemta26.messagelabs.com [85.158.142.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7DB9130EBC; Wed, 24 Oct 2018 08:57:11 -0700 (PDT)
Received: from [85.158.142.193] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-6.bemta.az-b.eu-central-1.aws.symcld.net id 40/03-11519-55690DB5; Wed, 24 Oct 2018 15:57:09 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA1WTbUhTURjHPffebVdzdZyaTyPD1htadyhJTaL oQ0JfiqAgKsLu9OZG21W3SauoJCpq1lb50rRyJhqipWVZFs3INLWyxAzCqJWWaKlUYu+L7t1d b18Ov/P8/+d5/udyLk2qPsnVNGe3cRaeNWnkYVRy/JfZzLri7k2J/rKFuur2ElJXV+eldEMvO 0idt+MAsZxaub91VLaysvIrsYbYKDPy+iz7FpnB3+iRZT8tkNvPObbloWuDMgcKoylcQYLnwr Bc3KhwMQHf6p8Q0mYAQddwG+VAobQcL4WG2ueCi6ajsBYKjq8VPSRuQ9A+PB7wROIVUDfepxA 5CqdC9V0XKXE6nO4rRSJTeA6c6moN1JWYhc+jR5A0zCUD5/XiwOFQvB4Gft6WiYzwVPh87zwh MoljoO+1J8CAMVTefERKHA3DAz+Dfj343pxFUn0muF+cVkgcCz2e/MAwwLcV0N7ZETQx8L6oK NhoFdR7vaR4S8Cz4MrQZsn/GMHIxY/BwQvg2Z2HMomz4Vm3QyGZnAhOVbQGm86AmqOvKEl4Qs Jg7eVgjOlwY8Ahl4RqBdz4UEQcQ0zpP9eTmIf9zyuo0sB3ioDOkteUVE+AsrzvQc9MKMx/pZA 4HnoLWoI8H86dfUeWI0UN0uktxkyDzcwaTUxSYiKTlLSQSWZ0KVp2J6PXcrlMOsfbLKwgatnt Vq11hzndlKHlOVsDEt5aRg61oQn1VGW2oGk0oYlWpjm7N6km67MydhhYqyHNkmvirC1oOk1rQ NlZKGgRFi6Ts281moQH+1sGOlwTpSSKBFlpzWbNVmOmJN1DqXS/+5CbpMcC68sSce19cFhYR8 58cZMqis/iOXWM0if2xuJhQy7/p/Xv36EHxaojlSgkJEQVns1ZzEbb//pbFEMjTaTSJUYIN/K 2PwneCuEIIZw7LhDOxv6V1Hlolm93Mtmw0ddSNSn0QdXlAmLZhN1hGIsYrHR1xPnJcU3XzoT6 A9s8jYW7Yg82lS6pc15tnvLi1qWtvveLU/qHuqeciG5vNulzfjQWmnMW7d485kotMan3VO319 jaPNE1o13aVN8wNiRllR+7P2RfW+qHMfzJtYt7qXZeu9Vc7/XEODWU1sEkJpMXK/gLYfrhQCQ QAAA==
X-Env-Sender: Alexander.Vainshtein@ecitele.com
X-Msg-Ref: server-31.tower-238.messagelabs.com!1540396625!694855!1
X-Originating-IP: [52.41.248.36]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.14.24; banners=ecitele.com,-,-
X-VirusChecked: Checked
Received: (qmail 27118 invoked from network); 24 Oct 2018 15:57:07 -0000
Received: from us-west-2a.mta.dlp.protect.symantec.com (HELO EUR01-DB5-obe.outbound.protection.outlook.com) (52.41.248.36) by server-31.tower-238.messagelabs.com with AES256-SHA256 encrypted SMTP; 24 Oct 2018 15:57:07 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ECI365.onmicrosoft.com; s=selector1-ecitele-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=11H7iptK5knQBDUVEV8mzOgXUeTm30BHu8Sjt8Ompyk=; b=BpwhalNxwu7b7UmAnmHs8VgcS3I2YMhD5ej+TfeYBVIz6+5wrIb8eGC3HOWUYKQIqsva/EkbP8tN9g28y2J12/EIV7wYGkbVc4N/liK9dEvFO4ojyxRqjb3a663Vs6Zl2uUQ66XKF5oHJFzfX2eETw/TnaL+cym4vcDueq/aTKE=
Received: from DB5PR0301MB1909.eurprd03.prod.outlook.com (10.167.226.155) by DB5PR0301MB2072.eurprd03.prod.outlook.com (10.167.227.154) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1250.30; Wed, 24 Oct 2018 15:57:00 +0000
Received: from DB5PR0301MB1909.eurprd03.prod.outlook.com ([fe80::d0bc:f20c:94cf:f479]) by DB5PR0301MB1909.eurprd03.prod.outlook.com ([fe80::d0bc:f20c:94cf:f479%2]) with mapi id 15.20.1273.019; Wed, 24 Oct 2018 15:57:00 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>
To: "Yutianpeng (Tim)" <yutianpeng@huawei.com>
CC: "draft-wang-bess-evpn-control-word.authors@ietf.org" <draft-wang-bess-evpn-control-word.authors@ietf.org>, "bess@ietf.org" <bess@ietf.org>, "Wanghaibo (Rainsword)" <rainsword.wang@huawei.com>
Thread-Topic: A question regarding draft-wang-bess-evepn-control-word
Thread-Index: AdRqrNk+JB1I7psBRa+73/QNemWcWQAALOQwAAKSsZAAAlraMAAC/Q+QAAK3uvAAJqtloAALchjwAAG/ZAA=
Date: Wed, 24 Oct 2018 15:57:00 +0000
Message-ID: <DB5PR0301MB19093F4853508D6F5D9385329DF60@DB5PR0301MB1909.eurprd03.prod.outlook.com>
References: <DB5PR0301MB19090FA060B80CCF658B8EC79DF50@DB5PR0301MB1909.eurprd03.prod.outlook.com> <1E61161D6E31D849BEA887261DB609348C770DEE@nkgeml514-mbx.china.huawei.com> <DB5PR0301MB190960ECA1045D82A0146F0A9DF50@DB5PR0301MB1909.eurprd03.prod.outlook.com> <1E61161D6E31D849BEA887261DB609348C770F2F@nkgeml514-mbx.china.huawei.com> <DB5PR0301MB190948BAF4E0D027083F87C09DF50@DB5PR0301MB1909.eurprd03.prod.outlook.com> <35FF0D51C8DAB54B95B0426331F984FF5208500A@lhreml523-mbx.china.huawei.com> <DB5PR0301MB19095391E7F3C12F3C89D5709DF60@DB5PR0301MB1909.eurprd03.prod.outlook.com> <35FF0D51C8DAB54B95B0426331F984FF52086169@lhreml523-mbx.china.huawei.com>
In-Reply-To: <35FF0D51C8DAB54B95B0426331F984FF52086169@lhreml523-mbx.china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.234.241.1]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB5PR0301MB2072; 6:JOSLpIDnN6QVIR4fpMsG/GLRyjlvXfl9ElEbOTPgGswRuflpDxFtZ2y2uW5sr8tOZSdBVF6d2vLpgzt90RTYMrzT0nr+DfD3CbkmrpUoSNgwNqDN51O8R15oPdw6tXbdCYBQMLoKnLf2vFoQWns/em+eT2q78g4aE2tYa9wi82qgcfcdDJqoBgFWJ55KRpD17coOkfJwcgnxx2WP9ewE4gnMe3ZcFTBx7sJ9isZT+1xLR4+PRtpwqaykm+AKT7fIY06IHKC+fbjQLVw7F/xP7Bc25d4cNLJeCs6widj7cIKQlfWMSgb+tP7muXs5JwaGJTLkJFPnnZMK/tzD3B3+KtbYlqdSSyM8A2KMuCoLIcQ8AuYoEgHLD2+P5HNAISjXLStFCtwS/SrZJx8IOL9cUR00IAe8qXMtI1uXjnqq7DpeWYzatsijdniddhWVvRv1zoMn1rTJa8rYTWa9Zn75WQ==; 5:dD6wxLycfNRD9YZBQUM6Oroolipqq/cPy1LBW5DPvsxe9gi90a+Ua0wLQP8Lk4cUCIxLhvoXqvZxWyuCjFgs7jBI+EZhKFd+g5YzdrC+u/mGEFvyZtSKMavFIpFxhcyHmOdd1JOMfbt+EelgaVm/r/DGItltr5D7l9r+4iwr1IM=; 7:VjYF4d+Nc+HA1z+cv+TJUWVlCI9El1SpY/ovxlyunVcC2THzxMa/60f4bAk/4qJECJjaSbfVP0NTMg8XjbmZshygMNlvEscNLIQZ3M7UZDTAo8TXDxW3/mDxuh3Q14anB4WAtdPRDORoDmqsbfrETelTsaPi9W5RfkNTnv+2x4n4SOS1yRzIoAdzCo90SUNhlZpQvegNVo0EooiO2tCDjh84GgR4tTJm09L1CJPXIDzfkHWt49foWKvqkT7ocuRy
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: fe6bb054-5a07-45e3-421f-08d639c95559
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(5600074)(711020)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:DB5PR0301MB2072;
x-ms-traffictypediagnostic: DB5PR0301MB2072:
x-microsoft-antispam-prvs: <DB5PR0301MB2072DEA83DC31A31109709849DF60@DB5PR0301MB2072.eurprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(279101305709854)(50582790962513)(21748063052155)(28532068793085)(190501279198761)(227612066756510);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231355)(944501410)(52105095)(6055026)(148016)(149066)(150057)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(20161123562045)(20161123564045)(201708071742011)(7699051)(76991095); SRVR:DB5PR0301MB2072; BCL:0; PCL:0; RULEID:; SRVR:DB5PR0301MB2072;
x-forefront-prvs: 083526BF8A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(396003)(366004)(376002)(136003)(346002)(252514010)(51444003)(65514003)(51874003)(129404003)(199004)(189003)(790700001)(8936002)(53546011)(6506007)(3846002)(6116002)(4326008)(53946003)(16200700003)(8676002)(25786009)(33656002)(2906002)(81156014)(81166006)(102836004)(9686003)(236005)(6306002)(54896002)(55016002)(561944003)(5660300001)(476003)(486006)(26005)(6916009)(105586002)(106356001)(66066001)(53936002)(16234385003)(446003)(11346002)(6246003)(5024004)(14444005)(68736007)(186003)(478600001)(7696005)(97736004)(256004)(966005)(72206003)(93886005)(316002)(86362001)(54906003)(7736002)(4744004)(71190400001)(71200400001)(14454004)(2900100001)(76176011)(6436002)(606006)(99286004)(74316002)(5250100002)(229853002)(559001)(569006); DIR:OUT; SFP:1102; SCL:1; SRVR:DB5PR0301MB2072; H:DB5PR0301MB1909.eurprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: ecitele.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: kSFg/EW5VtBK80Bi7EmM6gUQKItrd3fPROV/B374h49UsG8Hddu8aU6rGrhtEtPLuVyg3nBuxv4jnAtof4yl9/H7g4b9Zg1K09MwhIaLjwixb2VxOQvbh4rgQmgvG8VmUuB8If5+uZA6AsGOphlw+zW99gqLCsMPdvUnPIKn5EAkTGAyVS85dW7QM6P50L27w9O2lQi5V67oFqrzfeaMI9e3p4Pr9J47TzH4hkQW/eHG/l2Bw/lFFkpVxc0beau+CjrE+3hp+DGLe+csEGzNIE2mBGDkt4Zwd+oobBBd/0556gnOyxCzojkKNudxs6C/RALvaI8H+QcmWwlQuBEuIw8rGXZjV8v6gSeBjFxKzAA=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DB5PR0301MB19093F4853508D6F5D9385329DF60DB5PR0301MB1909_"
MIME-Version: 1.0
X-OriginatorOrg: ecitele.com
X-MS-Exchange-CrossTenant-Network-Message-Id: fe6bb054-5a07-45e3-421f-08d639c95559
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Oct 2018 15:57:00.1095 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2c514a61-08de-4519-b4c0-921fef62c42a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB5PR0301MB2072
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/3k5E68N-G26gCUDEtp5lj5BXoas>
Subject: Re: [bess] A question regarding draft-wang-bess-evepn-control-word
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 15:57:18 -0000

Tim,
Lots of thanks for your email, it really clarifies your approach.

Regarding your proposal to “isolate” PEs that do not support the CW - I suspect this is not practical.

EVPN-MPLS implementations are not REQUIRED to support usage of CW. Some EVPN-MPLS implementations that I am aware of explicitly state that the CW usage can be disabled for interoperability with other vendors, so I think that there EVPN implementations that do not support the CW have been deployed.


draft-ietf-pals-ethernet-cw<https://tools.ietf.org/html/draft-ietf-pals-ethernet-cw-07> (already in the RFC Editor queue in the AUTH48 state) says that “where both the ingress PE and the egress PE support the Ethernet pseudowire control word, then the CW MUST be used”.



Personally I think that this sets the goal that we should achieve in EVPN as well:

1.       All EVPN-MPLS implementations MUST support EVPN encapsulations without the CW

2.       An egress PE SHOULD indicate, per each L2VPN/EVPN route it advertises, whether it can handle received CW in the EVPN encapsulation for packets that are sent to it based on this route by ingress PEs, or not, and, if it can, how the presence of the CW is indicated.  This can be done using the CW Next-Hop Capability and the CWI label as explained in the draft

3.       An ingress PE that accepts a L2VPN/EVPN route with the CW next Hop Capability, MUST insert the CW and indicate its presence, if it supports CWI and CW insertion in the appropriate EVPN encapsulation. Please note that the ability to insert CWI and CW may differ for different L2VPN/EVPN routes. E.g.. the same PE can:

a.       Support the CWI and CW insertion in the EVPN encapsulation of “known unicast” frames and BUM frames if their encapsulation does not require insertion of the ESI label

b.       Not support CWI and CW insertion in the EVPN encapsulation of BUM frames if this inclusion of the ESI label in their encapsulation is required.



This approach would  meet with the old IETF design principle: “Be strict in what you transmit and liberal in what you receive”.

Hope this helps.

My 2c,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com

From: Yutianpeng (Tim) [mailto:yutianpeng@huawei.com]
Sent: Wednesday, October 24, 2018 5:32 PM
To: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>
Cc: draft-wang-bess-evpn-control-word.authors@ietf.org; bess@ietf.org; Wanghaibo (Rainsword) <rainsword.wang@huawei.com>
Subject: RE: A question regarding draft-wang-bess-evepn-control-word

Hi Sasha,
Thanks a lot for your advice.
I agree with you that CW is not mandatory for all traffic, mainly unicast. This draft focuses on CW capability advertisement and is applicable to traffic needs CW processing.  So far BUM should be not relevant to this draft. (Multicast might need CW potentially we realize recently, but we will visit this topic later.)
Some clarification on my proposal:
I believe we need a mechanism of negotiation on CW capabilities in EVPN ELAN. If you check PW or EVPN VPWS there is a clear procedure on negotiation between two ends.
Refer to: https://tools.ietf.org/html/rfc4447#section-6 and Appendix A<https://tools.ietf.org/html/rfc4447#appendix-A>
But as EVPN is MP2MP, in case of PE CW behavior can be different between PEs as there is no negotiation at all at the moment.
So this draft introduces CW capability which at least allows PEs within EVI knows the capability of each other. It also defines behavior after receiving CW capabilities.
What I proposed is the behavior in case CW capabilities across PEs are different. I mentioned a simple way of tearing down or isolate CW disabled PEs and raise an alarm, a bit similar to PW. The draft proposes a graceful way that traffic can be forwarded with a label advertised together with CW capability, such that egress PE can indicate CW via the label on the forwarding plane.
Happy for further discussion on this as CW of EVPN topic has been raised couple of times recently.
Thanks & Regards,
Tim

From: Alexander Vainshtein [mailto:Alexander.Vainshtein@ecitele.com]
Sent: 24 October 2018 09:39
To: Yutianpeng (Tim) <yutianpeng@huawei.com<mailto:yutianpeng@huawei.com>>
Cc: draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>; bess@ietf.org<mailto:bess@ietf.org>; Wanghaibo (Rainsword) <rainsword.wang@huawei.com<mailto:rainsword.wang@huawei.com>>
Subject: RE: A question regarding draft-wang-bess-evepn-control-word

Tim,
Lots of thanks for sharing your views.

Unfortunately, I doubt the approach that you propose: always use or do not use CW in the same EVI.

The problem, as I see it is that known unicast and BUM traffic may be handled differently when it comes to EVPN encapsulation:

1.       Section 18 of RFC 7432 explicitly states that “When sending EVPN-encapsulated packets over a P2MP LSP or P2P LSP, then the control word SHOULD NOT be used”

a.       This recommendation is quite reasonable because the LSPs in question are not affected by ECMP, so there is no need to use the CW to prevent ECMP-cause reordering

b.       It is quite possible to P2MP LSPs as the P-tunneling technology delivery of BUM traffic in EVPN while using MP2P LSPs for carrying known unicast traffic

c.       The bottom line: RFC 7432 defines the  scenario when the CW SHOULD be used in the EVPN encapsulation of the known unicast traffic but SHOULD NOT be used in the EVPN encapsulation of BUM traffic as valid

2.       I am aware (this information is publicly available) of at least one deployed EVPN implementation that:

a.       By default includes the CW in the EVPN encapsulation of known unicast traffic (this default behavior can be disabled by explicit configuration)

b.       Does not include the CW in the EVPN encapsulation of BUM traffic, presumably due to limitations imposed by the forwarding HW.

c.       The bottom line: inconsistent usage of CW in the EVPN encapsulation within the same EVI (with differences between known unicast and BUM traffic) is already a fact on the ground (at least, to some extent).

My 2c,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>

From: Yutianpeng (Tim) [mailto:yutianpeng@huawei.com]
Sent: Tuesday, October 23, 2018 5:48 PM
To: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>>; Wanghaibo (Rainsword) <rainsword.wang@huawei.com<mailto:rainsword.wang@huawei.com>>
Cc: draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>; bess@ietf.org<mailto:bess@ietf.org>
Subject: RE: A question regarding draft-wang-bess-evepn-control-word

Hi Sasha,
I am also thinking of this recently but haven’t talked with author yet.
What was in my mind the solution is actually simple: directly tear down (part of) the mac-VRF or EVI directly if CW capabilities not consistent, considering behavior in one EVI should keep consistent (personally believe).
I might tend to the mechanism as below:
If router A has CW capabilities and receive type 1 or type 2 routes without CW, then A should drop these routes and report an alarm.
If router A does not has CW capabilities and receive type 1 or type 2 routes with CW, then A should drop these routes and report an alarm.
I believe the behavior within EVI or Mac-VRF should keep consistent, otherwise, more questions will pop out.
Considering if a service is sensitive to packet misordering and it is ELAN, I tend to keep behavior within this ELAN consistent.
There could also be other problems with this approach, just share an idea so far open the discussion.
Regards, and lots of thanks in advance,
Tim

From: BESS [mailto:bess-bounces@ietf.org] On Behalf Of Alexander Vainshtein
Sent: 23 October 2018 14:42
To: Wanghaibo (Rainsword) <rainsword.wang@huawei.com<mailto:rainsword.wang@huawei.com>>
Cc: draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>; bess@ietf.org<mailto:bess@ietf.org>
Subject: Re: [bess] A question regarding draft-wang-bess-evepn-control-word

Dear Haibo,
Again,
Lots of thanks for a prompt response.

My reading of your response is as following:

1.       All egress PEs can receive EVPN-encapsulated packets without the CW

2.       All ingress PEs can sent EVPN-encapsulated packets without the CW

3.       An egress PE that can receive EVPN-encapsulated packets with the CW in the EVPN encapsulation,  must add the appropriate NH Capability attribute that indicates the CW-indicating label value (explicitly or implicitly) to all relevant EVPN routes.  This includes:

a.       Per-EVI Ethernet A-D route (EVPN Route Type 1). In this case the CWI label would follow the label advertised in the NLRI of this route

b.       MAC/IP Advertisement route (EVPN Type 2 route). In this case the CWI label would follow the label advertised in the NLRI as Label1, it would not be relevant for packets that are encapsulated using Label2 (used with the Symmetric EVPN IRB).

4.       An ingress PE that has received an EVPN route with the CW capability attribute wand that can support usage of CW in the EVPN encapsulation, will insert both the CWI advertised in the CW capability attribute, and the CW in the EVPN packets it sends to the corresponding egress PE.  If it does not support usage of CW in the encapsulation, it will not insert this label.

Is this understanding correct?

If yes, I still have a couple of questions:

1.       Suppose that you use ingress replication (IR) to deliver BUM traffic across EVPN. The Ingress Replication label would be advertised in the PTA attribute of the Inclusive Multicast Ethernet Tag Route (EVPN Type 3 route); it will not be part of the NLRI. Do you expect the same logic to be used with regard to CW capabilities and CWI label advertisement applied also to these routes?

2.       Per-ES Ethernet A-D Routes are advertised with the ECI expended Community that carries within the so-called ESI label. This label is included the EVPN encapsulation of BUM packets sent to the PE that is attached to the same multi-homed ES from which the original ES packet has been received. Do you expect the same logic to be used with regard to CW capabilities and CWI label advertisement applied also to these routes with the CWI label following the ESI label in the EVPN encapsulation of BUM packets?

Regards, and lots of thanks in advance,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>

From: Wanghaibo (Rainsword) [mailto:rainsword.wang@huawei.com]
Sent: Tuesday, October 23, 2018 2:34 PM
To: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>>
Cc: bess@ietf.org<mailto:bess@ietf.org>; draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>
Subject: RE: A question regarding draft-wang-bess-evepn-control-word

Hi Alexander,

The solution here is to carry the next hop capability attribute when the route is advertised. The capability carried here is the control word capability.
The specific format of the next hop capability can be referred to the draft.: <draft-ietf-idr-next-hop-capability>
                     +------------------------------+
                     | Capability Code (2 octets)   |
                     +------------------------------+
                     | Capability Length (2 octets) |
                     +------------------------------+
                     | Capability Value (variable)  |
                     ~                              ~
                     +------------------------------+
For the control word capability , it may encode as :
                     +------------------------------+
                     | CW Capabality Type (TBD)     |
                     +------------------------------+
                     | CW Length (0 or 3)           |
                     +------------------------------+
                     | CWI Label (may not exist)    |
                     +------------------------------+
CWI (Control word indication)

And the forwarding Packet example.
                     +------------------------------+
                     | Tunnel Label                 |
                     +------------------------------+
                     | EVI Label                    |
                     +------------------------------+
                     | CW Indicate Label            |
                     +------------------------------+
                     | Control word                 |
                     +------------------------------+

The difference between the two methods is that which value should be use for the control word capability indicates label.

Method 1, use reserved label, which should be assigned by IANA, (such as the entropy label, which is the value of 7)
If we use this method, then the control word capability attribute’s CW length use 0 is enough.
And the forwarding packet use the IANA specified value as the CWI (Control word indication) Label .(Perhaps 8 or others)

Method2, use normal value, which is assigned by router.
If we use this method, then the router must assign a label used for the CWI. Perhaps label. And the control word capability attribute’s CW length must be 3 and must contain the value in the update message.
The forwarding packet must use that value as the CWI label.

Regards,
Haibo

From: Alexander Vainshtein [mailto:Alexander.Vainshtein@ecitele.com]
Sent: Tuesday, October 23, 2018 6:09 PM
To: Wanghaibo (Rainsword) <rainsword.wang@huawei.com<mailto:rainsword.wang@huawei.com>>
Cc: bess@ietf.org<mailto:bess@ietf.org>; draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>
Subject: RE: A question regarding draft-wang-bess-evepn-control-word

Dear Haibo,
Lots of thanks for an extra-prompt response to my question.

There may be some misunderstanding here.

The draft says (the important text is highlighted):

      There are two methods to specified the control word indicator label:

      The first method is to apply for a reserved label to indicate
      whether the packet contains a control word;

      The second method is to apply for a new label when the sending
      router advertises the control word capability, which is used to
      indicate whether the control word is included in the packet.

My question referred just to the 2nd method, while your response seems to deal with the 1st one.

Did I miss something?

Regards,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>

From: BESS [mailto:bess-bounces@ietf.org] On Behalf Of Wanghaibo (Rainsword)
Sent: Tuesday, October 23, 2018 12:03 PM
To: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>>; draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>
Cc: bess@ietf.org<mailto:bess@ietf.org>
Subject: [bess] 答复: A question regarding draft-wang-bess-evepn-control-word

Hi Alexander,

The number of routes advertised by the Sender router in our solution will not change, but only carries a next hop capability attribute with control word capability
The Receiver router determines whether to carry the control word when forwarding packets according to its own capabilities.

The following figure is an example.:
PE1----------PE2
|-----------PE3
When PE1 advertises a route, it carries the next hop attribute of the control word capability. The routes received by PE2 and PE3 are the same.

If  PE2 do not support the control word, it will not carry the control word when forwarding packets to PE1.
PE1 cannot find the control word indication label when parsing the PE2 packet. PE1 will treat the packet as normal.

If  PE3 support the control word, it can add a control word when forwarding the packet to the PE1, and add the control word indication label specified by the PE1.
When the PE1 receives the packet and finds the control word indication label in the packet. PE1 will correctly process the control word.

Thanks
Haibo

发件人: Alexander Vainshtein [mailto:Alexander.Vainshtein@ecitele.com]
发送时间: 2018年10月23日 16:46
收件人: draft-wang-bess-evpn-control-word.authors@ietf.org<mailto:draft-wang-bess-evpn-control-word.authors@ietf.org>
抄送: bess@ietf.org<mailto:bess@ietf.org>
主题: A question regarding draft-wang-bess-evepn-control-word

Dear authors of draft-wang-bess-evpn-control-word<https://tools.ietf.org/html/draft-wang-bess-evpn-control-word-00>00>,
I have doubts regarding at least one of the approaches for negotiating the CW usage in the EVPN encapsulation between egress and ingress PE that is defined in the draft.

In the case when the egress PE can receive EVPN-encapsulated packets both with and without CW, the draft seems to propose (as one of the possibilities) advertisement of two EVPN routes for each ES or MAC/IP pair:

-          One of these routes would use the CW Capability to indicate that it refers to the EVPN encapsulation that uses the CW, and would carry the appropriate label in its NLRI

-          The other route would not use the CW Capability to indicate that it refers to the EVPN encapsulation that does not use the CW, and carry a different label in its NLRI

The ingress PE that accepts these routes would then use one of them based on its own ability to use the CW (or lack thereof), and use the corresponding label it its EVPN encapsulation, while  the DP in the egress PW would infer presence or absence of the CW from the received EVPN application label.

Unfortunately, I do not think that this can work because, as per RFC 7432<https://tools.ietf.org/html/rfc7432>32>, labels in the labeled NLRI of EVPN routes are not part of the route key for the purpose of the BGP route key processing, while the label is treated just as the BGP attribute. This means that, unless some form of BGP multi-path is enabled in the ingress PE (and in all RRs on the way between the egress PE and ingress PE) for the L2VPN/EVPN  AFI/SAFI, only one of these routes will be selected by the BGP selection process.

Did I miss something substantial here?

Regards, and lots of thanks in advance,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>


___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this
transmission in error, please inform us by e-mail, phone or fax, and then delete the original
and all copies thereof.
___________________________________________________________________________

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is 
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this 
transmission in error, please inform us by e-mail, phone or fax, and then delete the original 
and all copies thereof.
___________________________________________________________________________