[bess] Re: My comments on draft-ietf-bess-evpn-bfd (was:: [RTG-DIR]Re: [EXTERNAL] Rtgdir early review of draft-ietf-bess-evpn-bfd-07)

Alexander Vainshtein <Alexander.Vainshtein@rbbn.com> Tue, 29 October 2024 13:44 UTC

Return-Path: <alexander.vainshtein@rbbn.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 34C03C151061 for <bess@ietfa.amsl.com>; Tue, 29 Oct 2024 06:44:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.403
X-Spam-Level:
X-Spam-Status: No, score=-0.403 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, THIS_AD=1.7, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rbbn.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8q6bXmTf5rsS for <bess@ietfa.amsl.com>; Tue, 29 Oct 2024 06:44:16 -0700 (PDT)
Received: from usb-smtp-delivery-110.mimecast.com (usb-smtp-delivery-110.mimecast.com [170.10.153.110]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 756B7C14CF17 for <bess@ietf.org>; Tue, 29 Oct 2024 06:44:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rbbn.com; s=mimecast20230413; t=1730209455; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=7lp7uY/YoTBeeS8m9WnyEFsDhgfihv2nwYNG61imGUE=; b=sdslaAGrAyDyIOTY6eOzuX/dN5Fn3yg+vPFeJ1Pri++SidPtY78NCVdpO02zT65wSFpYXj VefO2MAWE1dmGpYl3DylrZWCQyEYeLJUjwMWvITtrUk6Ju+4xWHcF1WaWdr9Lghe5tiaBV ROrIisUMCRMcglaEx8LyTKYGntea12w=
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2171.outbound.protection.outlook.com [104.47.55.171]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id usb-mta-22-ux0yeeeFOUK-Bpt0RpeXPA-1; Tue, 29 Oct 2024 06:43:08 -0700
X-MC-Unique: ux0yeeeFOUK-Bpt0RpeXPA-1
Received: from PH0PR03MB6300.namprd03.prod.outlook.com (2603:10b6:510:e2::5) by CH2PR03MB5238.namprd03.prod.outlook.com (2603:10b6:610:a1::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8093.25; Tue, 29 Oct 2024 13:43:05 +0000
Received: from PH0PR03MB6300.namprd03.prod.outlook.com ([fe80::a48b:db16:775a:4a16]) by PH0PR03MB6300.namprd03.prod.outlook.com ([fe80::a48b:db16:775a:4a16%5]) with mapi id 15.20.8093.024; Tue, 29 Oct 2024 13:43:05 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>
To: Donald Eastlake <d3e3e3@gmail.com>
Thread-Topic: My comments on draft-ietf-bess-evpn-bfd (was:: [RTG-DIR]Re: [EXTERNAL] Rtgdir early review of draft-ietf-bess-evpn-bfd-07)
Thread-Index: AQHbHWFPXgdmUNNrxE+UixHLQiQwILKd0zZw
Date: Tue, 29 Oct 2024 13:43:05 +0000
Message-ID: <PH0PR03MB6300FD8F860F19AE864EDE61F64B2@PH0PR03MB6300.namprd03.prod.outlook.com>
References: <172649857459.4021334.16064172944993408610@dt-datatracker-68b7b78cf9-q8rsp> <PH0PR03MB63000A6128F35CBE1273C452F6612@PH0PR03MB6300.namprd03.prod.outlook.com> <CAF4+nEFbRbtD+EGVmqXeWjBdyowqJ+jngx4Xt44Hk3on-JJ2dw@mail.gmail.com> <PH0PR03MB63003630B4749B1810829E0CF67C2@PH0PR03MB6300.namprd03.prod.outlook.com> <CAF4+nEGz1SVOkCmhYykTaA=CWgWqcTBxZ6T6jMQrnO7Ooy5k8w@mail.gmail.com> <PH0PR03MB63002421673E6B245D37066BF67B2@PH0PR03MB6300.namprd03.prod.outlook.com>
In-Reply-To: <PH0PR03MB63002421673E6B245D37066BF67B2@PH0PR03MB6300.namprd03.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR03MB6300:EE_|CH2PR03MB5238:EE_
x-ms-office365-filtering-correlation-id: 325b446a-f859-4f88-e1ce-08dcf81f9dae
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|376014|1800799024|8096899003|38070700018
x-microsoft-antispam-message-info: sK3qtlrqJN83QfiAVudZhuzivx8E165Bhjxzynr7mAc/QsWmaFsWh1MtDb2IUpj/T+yOnOml553c9sKTmB2ci6fkVWFVkha0YLqQPNWSbf4UM1TESTMBMocAQ7y/BTg5JclBcaaGJg+kdPIOXZCmR/+LmkBcA+w/2jwLeu2DG9+gEonUs/sSDiNGbAS/2Uqx4gRXiANblD7Fsv0aY9jsWNIs+8vb5reawMsqg+d48snrbX/49LH/7AO68Q+Ps3sK6sqU3RNSt/D49I5X8FZQOn3D/MsRkapggxvboKER42do0pYS8Z9qEZBwic1LOVVh3+xj94aplEW/Dz1Zh5WJ+upDbhURR6hq0xR5DrC+hg1Dl7V+Zkr0SfkzQZY9L4kWn3fttD7NSbuxCo98lRceaYH9OdRoL5hAHhNBx4Ky8Kh+YaL4sL2n/eDXF58TUc+Y04PM4zNxY+Hx36fRqffwn4R7eqcE86lAKfKy5CDWC+jhUot/pKdt9vIRZHQR+y7+a1kUh44xlMJ/LfCvz1ms4lTFjpP7b+negCMPC5hhBqJDlOu1QB85PmBb2ipeuU+gMJbS6ujC4Uy5WxwnXyGV2dv9oVznpDRD9P73hGOpyt8g9fmR69sGWKfw34+zb9CCIEAzfeYqQunUaboddiVtcTUYT7dkL+1sdBTcIVbEd1ubSDlUV0Z2E9Xq+zYM9+bkdHlZ22X9qvW4wfoubU3vLGTTPP0MFbxl5EbmrYyq3PL+pKivKYOszSy0v8R0M17hq5Bk7/Ada0qng4MQEDOCYH7ycFRxrWG19qMCDf64cQHMOaDuXt0UyahBL/9D3yflIZZHi9f7sD48o7bXdgcJKt0j5cb/8j0o2VbE4gG5OwLpxGHKYpV3KdtbnHGZRpyUin1SI+mpxXuZAhdZRvr9+8RhuCpqenBCrNw6dTPXZzPOG/CmMhsckWsAzjKpmuPOCc24Odi7DtWmjDMl37L7FuGGqmm0e/PN8ckaWUt25ReTpZLZ1WluLgccCRol1tqguP8l8tZqvAs+1WHdeYcQ5PwZ58QB6rsoLlOIB5bJgq14/bt5yHAPlRGsmtoyghkZXIIfYMDeZDv/Nq1Yxv8IOeXM/63hMoY4RGiE5oHSKmx7fCjgGsHp/X6QyOpQTzYJO9Vvs6yU2jIjufEU0rIM792QyyRf8AlQ+tQD804k40qW7J68P7YGcJ3ylaIoZK8iUEkS7E/lq5WhZJB0yBQYwrIu1z+KKH79/+6i/xhaCmKxSMmwh9AU4jtQ2MJy2B3pilmCW2G7zjC1yU3i9IlZNwQia3txMVeoxw7ABlgDdfX3R3omzA808HC+2At+WZE1
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR03MB6300.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(8096899003)(38070700018);DIR:OUT;SFP:1102
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 5PwLbVUfOkJZ5hZaN93zPyCLDtVKkIV1WCMOkxKRvq5j0gkUdUlArz1fS26sDyfhemy7fv+YS2/RbJO84eLRo8fXfx3o1Cd8LvQskJlVXKX3kkGRxgnXSSx/IZMLV2mOIevBXKhlb+PwZ86W6KRs5fefoWw21X+6a+9ccsGlpGfQN0aNZ4JINY3rtcg8gYM+Bk76ua9hQCPRr/6prsWLzE4lpCgKtHWmg8XP84QQsCRjhX+Fb/dLH8a2U7ZnETz8cyyPJgIrIKw9K9BM1sQAbtTF0CXPzamAJ/REeDY3pgN+K8czcDLz/rseT4ZvhiwCh4fBXELhatReLdSwwsI72SgeU1dZxu8u54y1QEUgGm1czVHaCi4Aa5nFKcLctqpxM7iwhr1NIiWDTHUPehRu+leUxc4A+XKSqMVxLVLTCTyei0S52fKK/g6XOoIoLCUxOUhhnw8wH2MUxO5GguOxQfcGfr6fGhIIP7uZCeYRJbag+BDyp9y0iQKk7Es/iTe/FAMTZ5525WQ8v7Ak5ZuDl7SxM4Sv7iKdlDcRPebTiA8LmKr9isHVvxB6L32+d3YaZJ3zWdwiLiW64caDs2N1M7/4YMn3qFJd/WpIPmsKE0W4O/3ZgR+hR9A6qVH8YrQyOamwu3Z49l9mOMXCm1jnp07oaQ9MMOPKH3JJI5fbejiIvfNZXk34drF7gWk0LUZi0cH9WEeuyt1wihzgWuG04MjVh9kWPg1fk8DAxKd4oMiZ2NP5XdxtVC7eRdQTzIX8tU17Aw0HNLJLrTdknZUcpj9H5fu3/okqKltbqDhPk4L+HA8a93CX9cmCssSNMWwei55I4gF9vuQ7dqYlRJetjFoKdN3XX/H/LgWMrH7SRwK/VXGCOLwzybAEX+0vjJKz8HA62KBUDVgCFnIaISHQoAmJteHH3fXyw/NRJwBPeFTxmCZiDIS47ImxD/zyTjMDsl9kckXD6dnckXuMflk0gGwDftXfnLTXxAy//vwBOntgTGHF+Fqd5cDmH5pbwD0AyKDHf46grfYrefExNu8SJR+vdfWqYjAnNWKfz8C7yJc1CNLb6+a3RDLn0KUvgne5PZJD8UKCXn6rGVqNeszUfLoQ/4UKY0uq4i0vR2tHjyOpH/4PrxqgmZiNJTxfqAhWsQ5SalevXhBfmK1yBXfqoFUhk0VqvOlzWPGpZ5A7FpZJqYN0iRqZfPZMp4YVe4vVYYgVFiIIVvZNGXvQgJXGf2SKeqocBzu7e43ObMMxNxFCx/86+9dKY+c26V2Cw+PASSg6+ywUAPDf2b37SxK1QApJI5sMlaa9yrwlK7U5XZBQrdr1NFIralpfM8LsWKo5RsteYtrF9MYkZ81uXSRAECSi8F1lnGPLM7s8u69tK+NoU074hHXO1O2lEgCB7X4bH+r+P5a6guU/EJpIBBAVLyaIi5uNIvB0002Po0UZyaiG9jUf3nvanC1qtDCObPvd4XdtFDe7vaIK6suJeqagkA7ahDwW8a4u+K4ZeAPe4OALcltaGG7cijGgdZ73Q1yStc/NoBt8b/i8dGEUJnASnRALpEuf4JuCEzESFdPXPVlSB8BoMEKaxh1u4CNj7HzW
MIME-Version: 1.0
X-OriginatorOrg: rbbn.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR03MB6300.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 325b446a-f859-4f88-e1ce-08dcf81f9dae
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Oct 2024 13:43:05.2395 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: CgbeqhW4Y3m2dhKVkY4SaUUscmLx6bE/jw+u/cVx60UvVuheKgL6qJlDieqrPscOjoMwvJeMfYGm3pKffuEP4w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR03MB5238
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: rbbn.com
Content-Language: en-US
Content-Type: multipart/alternative; boundary="_000_PH0PR03MB6300FD8F860F19AE864EDE61F64B2PH0PR03MB6300namp_"
Message-ID-Hash: BDALREYNUJUBZZ3J35JWR3PGL4QOJYKJ
X-Message-ID-Hash: BDALREYNUJUBZZ3J35JWR3PGL4QOJYKJ
X-MailFrom: alexander.vainshtein@rbbn.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "bess@ietf.org" <bess@ietf.org>, "draft-ietf-bess-evpn-bfd.all@ietf.org" <draft-ietf-bess-evpn-bfd.all@ietf.org>, "rtg-dir@ietf.org" <rtg-dir@ietf.org>, "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [bess] Re: My comments on draft-ietf-bess-evpn-bfd (was:: [RTG-DIR]Re: [EXTERNAL] Rtgdir early review of draft-ietf-bess-evpn-bfd-07)
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/L-V40mAiRnl_PpD_8KFnLxoDuF8>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>

Donald and all,
More of the same.

As I see it, BFD for known unicast network layer in EVPN-MPLS can be considered as a special case of MPLS LSPs from the OAM POV.
Therefore, I have looked up Section 4 of RFC 5884<https://datatracker.ietf.org/doc/html/rfc5884#section-4> which defines theory of operations for BFD of MPLS LSPs.
This document says, (among other things, the relevant text is highlighted):

   To use BFD for fault detection on an MPLS LSP, a BFD session MUST be
   established for that particular MPLS LSP.  BFD Control packets MUST
   be sent along the same data path as the LSP being verified and are
   processed by the BFD processing module of the egress LSR.  If the LSP
   is associated with multiple FECs, a BFD session SHOULD be established
   for each FEC.  For instance, this may happen in the case of next-hop
   label allocation.  Hence, the operation is conceptually similar to
   the data plane fault detection procedures of LSP Ping.


To me this strongly suggests that, in the case of per MAC-VRF (or per MAC/VRF/BD) label allocation, a dedicated BFD session SHOULD be established for each specific MAC address that has been locally learned by this MAC-VRF/BD (because each MAC address represents a dedicated FEC).

My 2c,
Sasha

From: Alexander Vainshtein
Sent: Sunday, October 13, 2024 2:16 PM
To: Donald Eastlake <d3e3e3@gmail.com>
Cc: bess@ietf.org; draft-ietf-bess-evpn-bfd.all@ietf.org; rtg-dir@ietf.org; rtg-bfd@ietf.org
Subject: My comments on draft-ietf-bess-evpn-bfd (was:: [RTG-DIR]Re: [EXTERNAL] Rtgdir early review of draft-ietf-bess-evpn-bfd-07)
Importance: High

Donald,
Lots of thanks for your email and, again, my apologies for a delayed response.

My original comment on the EVPN-BFD  draft<https://mailarchive.ietf.org/arch/msg/bess/dkQWy6jSzra_QXoGgEh0iBFhxWQ/> included the following:

·       The underlay failures such as link failures, P and PE node failures etc.) should be monitored by their own monitoring mechanisms and should be quite aggressive for fast detection of failure and activation of the relevant protection mechanisms

·       EVPN Network Layer OAM should be limited to detecting failures in programming the labels/VNI advertised in various EVPN routes.  Such failures can occur, but hardly require fast monitoring mechanisms and EVPN LSP Ping (RFC 9489) already provides an on-demand OAM mechanism for detecting such failures

·       It is not clear when a specific BFD session is set up, and at what granularity (per MAC address? Per EVI? Per EVI Ethernet Tag> for EVI that implements VLAN-aware Bundle service interface ?)

·       Encapsulation of the BFD packets defined in Sections 6.1.1 and 6.2.1 include a  VAN ID field, but the draft does not specify how the value of this VLAN ID is defined.


I do not think that any of these comments has been addressed in the 08 version of the draft.

I can add that “excessively fast” detection of failures in programming the labels/VNI advertised in various EVPN routes may easily result in “false positives”.
Please consider the scenario in which:

1.      A certain MAC address has been locally learned by a certain PE and advertised in RT-2

2.      A remote PE has, based on this advertisement, has initiated a fast (detection time of tens of milliseconds) EVPN BFD session with the advertising PE for this MAC address

3.      The MAC address in question is now aged out, and the original advertising PE withdraws its RT-2 for this MAC address

4.      The remote PE detects failure of its fast EVPN BFD session for this MAC address before it receives and handles withdrawal of the original RT-2.

The obvious way to avoid such “false positives” would be to slow down detection of failures to the rate comparable with that of propagation of EVPN routes – but the, why should we use BFD?

I also think that the claim (in the Introduction section of the -08 draft) that “EVPN service restoration mechanisms (redundancy and recovery/convergence) are the most logical clients, in the [RFC5882] sense, for BFD sessions specified herein” is not justified because the draft does not specify how the former (EVPN recovery mechanisms) could be aware of existence of EVPN-BFD sessions. A good example of describing the relationship between the BFD sessions of a specific flavor and its client application can be found in Section 3 of RFC 7130<https://datatracker.ietf.org/doc/html/rfc7130#section-3>.

Finally, I do not think that using the UDP Port number that has been allocated for 1-hop IP BFD is a valid proposal. AFAIK, every other BFD Flavor that used IP/BFD encapsulation uses its own UDP Port number, and I do not see any reason for breaking this tradition. I am adding the BFD WG to the distribution list.

Hopefully, these notes will be useful.

Regards,
Sasha

From: Donald Eastlake <d3e3e3@gmail.com<mailto:d3e3e3@gmail.com>>
Sent: Wednesday, October 9, 2024 12:56 AM
To: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com<mailto:Alexander.Vainshtein@rbbn.com>>
Cc: bess@ietf.org<mailto:bess@ietf.org>; draft-ietf-bess-evpn-bfd.all@ietf.org<mailto:draft-ietf-bess-evpn-bfd.all@ietf.org>; rtg-dir@ietf.org<mailto:rtg-dir@ietf.org>
Subject: [RTG-DIR]Re: [EXTERNAL] Rtgdir early review of draft-ietf-bess-evpn-bfd-07

Hi Sasha,

On Sun, Oct 6, 2024 at 5:47 AM Alexander Vainshtein
<Alexander.Vainshtein@rbbn.com<mailto:Alexander.Vainshtein@rbbn.com>> wrote:
>
> Hi Donald,
>
> My apologies for a much-delayed response to your email.

No problem, I have not always been swift in responding...

> I am now reading the -08 version of the draft, and I will send a detailed response based on this document.
>
> At the same time, I would like to bring to your attention my detailed comments on the -07 version of the draft which I have asked to consider as any other LC comments on the draft.

Thanks for reminding me of those comments.

> I cannot yet say whether the -08 version addresses these comments or not.

In general, I think it does not address all of those comments.

On one particular item, I believe you suggest considering LSP Ping
rather than BFD. When I was added as a co-author on this draft, it was
already oriented to BFD and it has remained so. I believe you are the
only one who has posted on the BESS list suggesting a change to LSP
Ping. It would be nice if a few other people would chime in.

Thanks,
Donald
===============================
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
2386 Panoramic Circle, Apopka, FL 32703 USA
d3e3e3@gmail.com<mailto:d3e3e3@gmail.com>

> Regards,
>
> Sasha
>
>
>
> From: Donald Eastlake <d3e3e3@gmail.com<mailto:d3e3e3@gmail.com>>
> Sent: Monday, September 30, 2024 6:54 PM
> To: Alexander Vainshtein <Alexander.Vainshtein=40rbbn.com@dmarc.ietf.org<mailto:Alexander.Vainshtein=40rbbn.com@dmarc.ietf.org>>
> Cc: Mohamed Boucadair <mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com>>; bess@ietf.org<mailto:bess@ietf.org>; draft-ietf-bess-evpn-bfd.all@ietf.org<mailto:draft-ietf-bess-evpn-bfd.all@ietf.org>; rtg-dir@ietf.org<mailto:rtg-dir@ietf.org>
> Subject: [RTG-DIR]Re: [EXTERNAL] Rtgdir early review of draft-ietf-bess-evpn-bfd-07
>
>
>
> Hi Sasha,
>
> On Tue, Sep 17, 2024 at 8:27 AM Alexander Vainshtein
> <Alexander.Vainshtein=40rbbn.com@dmarc.ietf.org<mailto:Alexander.Vainshtein=40rbbn.com@dmarc.ietf.org>> wrote:
> >
> > Mohammed,
> >
> > Lots of thanks for the review.
> >
> > I have posted my concerns about the draft in question some time ago, and they are mainly orthogonal to the issues you raise.
> >
> > However, there is one important point that you are raising and that overlaps, to some extent, with some of my comments.
> >
> > You have written that you have failed finding “EVPN network layer” in 7432 or 7432bis, and your guess is that the authors may refer to the definition in Section 2.1 of RFC 9062.
>
> Yes, the draft does intend to refer to the network layer specified in
> Section 2.1 of RFC 9062 and hopefully that is clearer in the latest
> revision of the draft.
>
> > But I think that the real question here should be whether EVPN network layer exists at all, and, if yes, whether it could be monitored using BFD.
>
> Well, it seems to me that PEs exist and the paths between PEs that are
> used by EVPN exist and it can be useful to monitor those paths. It is
> convenient to have some name to use for the set of such paths. Is
> there some name you would prefer to "network layer"? It also seems to
> me that it can be monitored with BFD but it could be monitored in
> other ways.
>
> > Quoting from Section 9.2.1 of RFC 7432 (the relevant text is highlighted):
> >
> >
> > A PE may advertise the same single EVPN label for all MAC addresses
> > in a given MAC-VRF. This label assignment is referred to as a per
> > MAC-VRF label assignment. Alternatively, a PE may advertise a unique
> > EVPN label per <MAC-VRF, Ethernet tag> combination. This label
> > assignment is referred to as a per <MAC-VRF, Ethernet tag> label
> > assignment. As a third option, a PE may advertise a unique EVPN
> > label per <ESI, Ethernet tag> combination. This label assignment is
> > referred to as a per <ESI, Ethernet tag> label assignment. As a
> > fourth option, a PE may advertise a unique EVPN label per MAC
> > address. This label assignment is referred to as a per MAC label
> > assignment. All of these label assignment methods have their
> > trade-offs. The choice of a particular label assignment methodology
> > is purely local to the PE that originates the route.
> >
> >
> > This is definition is re-phrased (without any change in the semantics) in Section 9.2.1 of 7432bis as following:
> >
> >
> > The choice of a particular label assignment methodology is purely local to the PE that originates the route :¶
> > · A PE may advertise the same single EVPN label for all MAC addresses in a given MAC-VRF. This label assignment is referred to as a per MAC-VRF label assignment.
> > · Alternatively, a PE may advertise a unique EVPN label per <MAC-VRF, Ethernet tag> combination. This label assignment is referred to as a per <MAC-VRF, Ethernet tag> label assignment.
> > · As a third option, a PE may advertise a unique EVPN label per <ESI, Ethernet tag> combination. This label assignment is referred to as a per <ESI, Ethernet tag> label assignment.
> > · As a fourth option, a PE may advertise a unique EVPN label per MAC address. This label assignment is referred to as a per MAC label assignment.
> > All of these label assignment methods have their trade‑offs. An assignment per MAC-VRF label requires the least number of EVPN labels but requires a MAC lookup in addition to an MPLS lookup on an egress PE for forwarding. On the other hand, a unique label per <ESI, Ethernet tag> or a unique label per MAC allows an egress PE to forward a packet that it receives from another PE to the connected CE, after looking up only the MPLS labels without having to perform a MAC lookup. This includes the capability to perform appropriate VLAN ID translation on egress to the CE.
> >
> >
> > In both cases 4 (four) different options for allocating labels carried in the Label1 field of the NLRI of EVPN Type 2 routes are listed, and 7432bis explains that each of these options has its own trade-offs.
> >
> >
> > At the same time, Section 2.3 EVPN Network Layer OAM” of RFC 9062 says:
> >
> > EVPN Network OAM is visible to the PE nodes only. This OAM layer is analogous to Virtual Circuit Connectivity Verification (VCCV) [RFC5085] in the case of VPLS/VPWS. It provides mechanisms to check the correct operation of the data plane as well as a mechanism to verify the data plane against the control plane. This includes the ability to perform fault detection and diagnostics on:¶
> > · the MP2P tunnels used for the transport of unicast traffic between PEs. EVPN allows for three different models of unicast label assignment: label per EVI, label per <ESI, Ethernet Tag>, and label per MAC address. In all three models, the label is bound to an EVPN Unicast Forwarding Equivalence Class (FEC). EVPN Network OAM MUST provide mechanisms to check the operation of the data plane and verify that operation against the control plane view.
> >
> >
> > This text is slightly inconsistent with the text in 7432/7432bis (one of the four options of the latter is missing in the former). But in any case, the “EVPN network layer” in the specific PE may be associated not just with a specific MAC-VRF (or with a specific BD within a MAC-VRF) but with a specific NAC-VRF, locally attached Ethernet Segment} pair or even with a specific <MAC-VRF, locally learned MAC address> pair.
>
> An Errata should be filed against RFC 9062. Do you want to do this or should I?
>
> > And this raises a question about the number of EVPN BFD sessions that could be required to monitor such EVPN Network layer.
>
> If there are a vast number of logically distinct paths used by EVPN
> between PEs, then monitoring them all may be impractical.
>
> > Hope these notes will be useful.
>
> Thanks,
> Donald
> ===============================
> Donald E. Eastlake 3rd +1-508-333-2270 (cell)
> 2386 Panoramic Circle, Apopka, FL 32703 USA
> d3e3e3@gmail.com<mailto:d3e3e3@gmail.com>
>
> > Regards,
> >
> > Sasha
> >
> >
> >
> > From: Mohamed Boucadair via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>>
> > Sent: Monday, September 16, 2024 5:56 PM
> > To: rtg-dir@ietf.org<mailto:rtg-dir@ietf.org>
> > Cc: bess@ietf.org<mailto:bess@ietf.org>; draft-ietf-bess-evpn-bfd.all@ietf.org<mailto:draft-ietf-bess-evpn-bfd.all@ietf.org>
> > Subject: [EXTERNAL] [RTG-DIR]Rtgdir early review of draft-ietf-bess-evpn-bfd-07
> >
> >
> >
> > Reviewer: Mohamed Boucadair
> > Review result: Has Issues
> >
> > Hi authors,
> >
> > Thanks for the effort put into this document.
> >
> > Overall, the document reads well. The specification leverages existing
> > specifications with exceptions called out it in the document. This approach
> > seems reasonable, but there are some issues that need to be fixed. These are
> > highlighted in the detailed review (see below). A subset of them are
> > highlighted hereafter:
> >
> > # Better position the document: For example, I failed to find this "network
> > layer" defined in RFC7432 or 7432bis. I think that you are referring to the
> > layering in 2.1 of 9062. For example, you can consider adding a sentence in the
> > introduction about 2.1 of 9062 to position the layer you are considering.
> >
> > # 7432 or 7432bis: Any reason why the bis is cited explicitly here? Are there
> > parts of the spec that are not applicable to 7432? I don't think so, but it is
> > better clarify this in the doc rather than leaving the readers guess.
> >
> > # "future versions of this document" vs "other documents": The document says in
> > several places that "It is intended to address this in future versions of this
> > document.". The intended scope should be clarified.
> >
> > # Internal inconsistency:
> >
> > ## The document refers to TBD3 and cites Section 8, but there is no such
> > definition in the IANA section ## The document cites "dedicated unicast MAC"
> > and "dedicated multicast MAC" but these are not defined in the document.
> >
> > ## RFC 9026
> >
> > Previous sections state that 9026 is not mandatory and other mechanisms can be
> > used. However, Section This text seems to assume that it is always used:
> >
> > "It also contains a BFD Discriminator
> > Attribute [RFC9026] with BFD Mode TDB4 giving the BFD discriminator
> > that will be used by the tail.
> > "
> >
> > (note that s/TDB4/TBD2)
> >
> > # Redundant requirements: For example, the document says
> >
> > " The mechanisms specified in BFD for MPLS LSPs [RFC5884] [RFC7726] and
> > BFD for VXLAN [RFC8971] are, except as otherwise provided herein,
> > applied to test loss of continuity for unicast EVPN traffic.
> > "
> > but then
> >
> > " Once the BFD session is UP, the ends of the BFD session MUST NOT
> > change the local discriminator values of the BFD Control packets they
> > generate, unless they first bring down the session as specified in
> > [RFC5884].
> > "
> >
> > the intended behavior vs "local discriminator values" here is redundant with
> > this part in Section 7 of 5884:
> >
> > "Note that once the BFD session for the MPLS LSP is UP, either end of the BFD
> > session MUST NOT change the source IP address and the local discriminator
> > values of the BFD Control packets it generates, unless it first brings down the
> > session."
> >
> > No?
> >
> > # Detailed review can be found here, fwiw:
> >
> > * pdf:
> > https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/2024/draft-ietf-bess-evpn-bfd-07-rev%20Med.pdf<https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/2024/draft-ietf-bess-evpn-bfd-07-rev%20Med.pdf>
> > * doc:
> > https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/2024/draft-ietf-bess-evpn-bfd-07-rev%20Med.doc<https://github.com/boucadair/IETF-Drafts-Reviews/blob/master/2024/draft-ietf-bess-evpn-bfd-07-rev%20Med.doc>
> >
> > Feel free to grab whatever you think useful.
> >
> > Hope this helps.
> >
> > Cheers,
> > Med
> >
> >
> >
> > Disclaimer
> >
> > This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.