Re: [bess] [**EXTERNAL**] Re: EVPN VPWS BDF forwarding behavior at MH site

"Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com> Fri, 16 August 2019 22:54 UTC

Return-Path: <jorge.rabadan@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67263120104 for <bess@ietfa.amsl.com>; Fri, 16 Aug 2019 15:54:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.8
X-Spam-Level:
X-Spam-Status: No, score=-1.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5RxV0kTjVmqN for <bess@ietfa.amsl.com>; Fri, 16 Aug 2019 15:54:23 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80128.outbound.protection.outlook.com [40.107.8.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CC2D1200F8 for <bess@ietf.org>; Fri, 16 Aug 2019 15:54:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H4MxbwsAbTFueINncJL+eR9KFj+df6NfyyGDoB//KtUK9rM+GvJOqqos7/j7UruFRjfy9gmEKxqYWAMOOAo15EcZLDavGo9gt2oWOgjI9/GaoCYyXfvaJ/3INEb1bWzVeei65Y6Y9fqZTa0Z2fdNtSeL/SoME4SbBIMBVf4yKyRPbUHvAbvqY5OqySRuUXvI4Xxz149H8EgRWC6ZZ3Whn785Te9LG+zzojoRCYa/hqKyEuH6C7A87muNhIATQPgSjGg6Z13itRlFJlztzY/nIADjnMz1p1+FXoWeGtSgD+aaZUrx0ItH4msLeJDLXZ7DiuUawMtpcNIZrAViWP3K+w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IK0LeWTbutcQPecRJDs1zJjt5Z1RK6S7DK697kVnGhI=; b=FNXl+6ZsLM2HAZRyTfV2mTha4SuuSY/xcqWEowc0sy6fe5xHE3f+/KUsmYUq9zysrJhWHX/+FZeDF7xCln4slfK/M9nyH5qecmzmGz1x7lPbUEKKFzcBRRWBYIonHXad93fl+YJr8qiNMnwjNTBwbMI6+fEQOybRL95dSNGedcMYe01BvprfSbLHiLbOOl37KJQTWS7GSrpdNaW9R+Em9u7GlDKdQ8GIC6YtL6HyPwby2tIkfbNw2NlHU0FpqR73S2h7mChA9E0EBssi3VFQwzIMDjAdf4K/Kd8AJJlOkjSUmmZC7oFJzO2DQlTVcx7GwFCobp+D2IPI6GMwoeHI2Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IK0LeWTbutcQPecRJDs1zJjt5Z1RK6S7DK697kVnGhI=; b=i0oJpY08IKxMdZk5b/yM125YHGNR7NPEz+zQzNVf6oTxl+khPZ/I840HPm90Puh/I/bh1NFsNfJML/0dNwTmwbhGCGBpgS5tHq4iGXvw7LKp5Nl+w7DRxBmfitbqqHtFvKzIv9cs9sROhPvMIRQbPHibQ4fKrFyakKIN7jZfBtQ=
Received: from AM0PR07MB3844.eurprd07.prod.outlook.com (52.134.82.20) by AM0PR07MB6212.eurprd07.prod.outlook.com (10.186.174.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2178.15; Fri, 16 Aug 2019 22:54:19 +0000
Received: from AM0PR07MB3844.eurprd07.prod.outlook.com ([fe80::3d73:dcd3:2c93:24cb]) by AM0PR07MB3844.eurprd07.prod.outlook.com ([fe80::3d73:dcd3:2c93:24cb%7]) with mapi id 15.20.2178.016; Fri, 16 Aug 2019 22:54:19 +0000
From: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>
To: "Shah, Himanshu" <hshah@ciena.com>, gangadhara reddy chavva <meetgangadhara@gmail.com>, "UTTARO, JAMES" <ju1738@att.com>
CC: "Thirumavalavan Periyannan (thiperiy)" <thiperiy@cisco.com>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: [bess] [**EXTERNAL**] Re: EVPN VPWS BDF forwarding behavior at MH site
Thread-Index: AQHVUXXb9Hac1m1ta0m4Dcnq+9BSiab98s6A
Date: Fri, 16 Aug 2019 22:54:19 +0000
Message-ID: <DA947325-BE55-4FCA-A5FD-4C71B9027710@nokia.com>
References: <CAAG_SC_gizf5nRVGOL1XJ4nSHg_7RwP92wcgjqi9MCTMMiUA7A@mail.gmail.com> <3A8DD12F-E9CF-4B91-8B28-05344A82E752@cisco.com> <CAAG_SC8HrpfcvNM-jpbPb2TYsgUvuyc=9FboQJ8MsE7tVVQihg@mail.gmail.com> <B17A6910EEDD1F45980687268941550F4D898198@MISOUT7MSGUSRCD.ITServices.sbc.com> <CAAG_SC92AeYfdqt=FQMMHK0_W-2L6e0A5JNErBmd6EdzJgy4Lg@mail.gmail.com> <BF56C613-95CE-47AD-B517-961BDD7780D9@ciena.com>
In-Reply-To: <BF56C613-95CE-47AD-B517-961BDD7780D9@ciena.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1c.0.190812
authentication-results: spf=none (sender IP is ) smtp.mailfrom=jorge.rabadan@nokia.com;
x-originating-ip: [135.245.20.2]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 41f8829c-f132-40d0-1f30-08d7229cac4b
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:AM0PR07MB6212;
x-ms-traffictypediagnostic: AM0PR07MB6212:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM0PR07MB621226E74F3B7BBD7FBDA6BCF7AF0@AM0PR07MB6212.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0131D22242
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(376002)(366004)(136003)(39860400002)(346002)(396003)(189003)(199004)(53754006)(296002)(7736002)(316002)(54896002)(8676002)(4326008)(66446008)(66476007)(64756008)(36756003)(3846002)(26005)(71200400001)(5660300002)(66556008)(478600001)(6116002)(91956017)(110136005)(25786009)(102836004)(76116006)(53946003)(236005)(186003)(66066001)(2906002)(76176011)(54906003)(446003)(81156014)(6246003)(561944003)(6506007)(2616005)(6436002)(53546011)(86362001)(33656002)(81166006)(8936002)(476003)(486006)(6512007)(11346002)(6306002)(966005)(53936002)(14454004)(71190400001)(606006)(229853002)(99286004)(14444005)(58126008)(256004)(66946007)(6486002); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR07MB6212; H:AM0PR07MB3844.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: nokia.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: RS7wcajxoN3anmdo+q4T70SNiVo7p7ZA5E/aFHiDHbaG9vmaH0RY8PWzq/4tSfCRqGXJvOKN+215Teg3gIgKd0+MVnoyt3vg1eD5rqdBCpkR4R/HN2bZpjP8N4/cohKJkJ8XPAAuGJLjc2z7HgYGMT1hAx+sT6u7h5OTGH9BfY8W09FH9cpicI0MLF1G8cblgkhzoJact77tFAKCmE2g981NscUEkrU2FmGMSd2HMLsrbcqo19+5IPSWVz6AwvnLQMA6gHYbprs5/Nvej7n+3m/1D7FqcaU/jWIAsNPv+qaSuxZXT3XofIO76kHK1RbGCGz08LNoAYluFu3B14jU+7tDRgVjjHtaG3IF0MnMDmQPH05tZUTmkIdnNrN4Hmws8Q+dG3DqreHyUSgp4cABgivoBHmCk3kC1yQbqPb4ofo=
Content-Type: multipart/alternative; boundary="_000_DA947325BE554FCAA5FD4C71B9027710nokiacom_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 41f8829c-f132-40d0-1f30-08d7229cac4b
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Aug 2019 22:54:19.6042 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: zgiIWcJVOKEanogKzm+UwJzU3lIFQ4lm3oLdxhIx6I5YE0Fdquy05daX1m3xihmVT5q7zyIzsE89uPG/e0sTJA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB6212
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/Od61nDpc9ntcu95de-kztCvZPB4>
Subject: Re: [bess] [**EXTERNAL**] Re: EVPN VPWS BDF forwarding behavior at MH site
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Aug 2019 22:54:27 -0000

Note that RFC8584’s AC-DF capability is also supported by EVPN VPWS. Hence, in case of failure on the primary, the very same A-D per EVI route withdraw that causes the remote PE to switch to the backup PE, should make the BDF to take over as DF right away.

My two cents.

Thx
Jorge

From: BESS <bess-bounces@ietf.org> on behalf of "Shah, Himanshu" <hshah@ciena.com>
Date: Monday, August 12, 2019 at 6:24 PM
To: gangadhara reddy chavva <meetgangadhara@gmail.com>om>, "UTTARO, JAMES" <ju1738@att.com>
Cc: "Thirumavalavan Periyannan (thiperiy)" <thiperiy@cisco.com>om>, "bess@ietf.org" <bess@ietf.org>
Subject: Re: [bess] [**EXTERNAL**] Re: EVPN VPWS BDF forwarding behavior at MH site

Just so that we all are on same page –

You have PE1 & PE2 as MH peers with PE1 as primary while PE2 as backup for certain EVI with PE3 as remote PE.
The problem you describe is, what if PE3 quickly changes over the path to PE2, and PE2 has not yet changed to primary role.
The solution you propose is – Let PE2 be unidirectionally active (remote->local) even when in standby role.
This will prevent one way traffic loss. However, local to remote is delayed until PE2 becomes primary via EVPN means (DF election, etc)

You mentioned MH-IPBFD between PE1<->PE3 and BGP-PIC to activate path between PE3<->PE2.

So followings need to be considered –

-       PE1 and PE3 path is broken : meaning PE1 is alive but MH-IPBFD triggers

o   If path between PE1 and PE2 is not broken, withdraw of ES route by PE1 would cause DF reelection trigger,

may/may not be within BGP-PIC based resumption

-       PE1 has died – MH-IPBFD triggers

o   If PE1 & PE2 also had MH-IPBFD for liveliness check then PE2 can react faster

o   The danger with this scheme is that if path between PE1 and PE2 is broken but from both to PE3 is fine,

PE2 will elect itself as primary which results in both being active, EAD/EVI will conflict with EAD/ES which is still single-active.

o   There may be other complication on CE side with LACP becoming active and CE doing load-balancing.

All in all – Optimizing packet loss for one way communication may not necessarily be beneficial (if TCP, missing ACK will cause re-send anyway).
What would be important is to avoid sustained service blackouts.

Thanks,
Himanshu

From: BESS <bess-bounces@ietf.org> on behalf of gangadhara reddy chavva <meetgangadhara@gmail.com>
Date: Monday, August 12, 2019 at 5:53 PM
To: "UTTARO, JAMES" <ju1738@att.com>
Cc: "Thirumavalavan Periyannan (thiperiy)" <thiperiy@cisco.com>om>, "bess@ietf.org" <bess@ietf.org>
Subject: [**EXTERNAL**] Re: [bess] EVPN VPWS BDF forwarding behavior at MH site

Yes, Jim Uttaro, it is related to FXC, please let me know your comments on the below proposal.

Regards,
Gangadhar

On Mon, Aug 12, 2019 at 6:45 PM UTTARO, JAMES <ju1738@att.com<mailto:ju1738@att.com>> wrote:
I assume this discussion applies to FXC ( Flexible Cross Connect )..

Thanks,
              Jim Uttaro

From: BESS <bess-bounces@ietf.org<mailto:bess-bounces@ietf.org>> On Behalf Of gangadhara reddy chavva
Sent: Saturday, August 10, 2019 7:29 AM
To: Thirumavalavan Periyannan (thiperiy) <thiperiy@cisco.com<mailto:thiperiy@cisco.com>>
Cc: bess@ietf.org<mailto:bess@ietf.org>
Subject: Re: [bess] EVPN VPWS BDF forwarding behavior at MH site

Hi Thiru,

here is the clarifications for your questions.

this is basically primary PE reach ability /  availability can be determined through BFD/Multihop BFD, in this case FRR switch can happen very quickly at the remote PE, control plane convergence later.

please see in line answers for the below questions:
for faster convergence if we can install the route such that BDF can allow the traffic from remote PE towards to multi homed segment, we can forward the traffic received from the remote PE.

Gangadhar >> this explains the route programming at multi homed site, if elected PE is BDF, program the label path, so that traffic received from remote PE will be send to multi homed CE.

at the same time we shouldn't allow the traffic from multi homed site this leads to duplicate traffic on the remote PE. to achieve this we should not program the path from multi home site towards remote PE until this PE elected as DF for that VPWS instance.

Gangadhar >> again this is at BDF, we shouldn't allow the traffic from multi homed site CE to remote PE, for this BDF should not program the path towards remote PE, so at BDF if there is any traffic from CE will be get  dropped at BDF.


I hope this will clarify your question.

Regards,
Gangadhar



On Sat, Aug 10, 2019 at 2:50 AM Thirumavalavan Periyannan (thiperiy) <thiperiy@cisco.com<mailto:thiperiy@cisco.com>> wrote:
Hello Gangadhara,

How remote PE detect the DF failure? It’s based on EVI/AD Withdraw message from DF PE if so then NDF PE also received this route and changed its DF status at the same time Remote PE changed its nexthop to NEW DF PE.

The below info is not clear, could you please help me to understand.

for faster convergence if we can install the route such that BDF can allow the traffic from remote PE towards to multi homed segment, we can forward the traffic received from the remote PE.

at the same time we shouldn't allow the traffic from multi homed site this leads to duplicate traffic on the remote PE. to achieve this we should not program the path from multi home site towards remote PE until this PE elected as DF for that VPWS instance.

Thanks,
Thiru

On 09-Aug-2019, at 19:02, gangadhara reddy chavva <meetgangadhara@gmail.com<mailto:meetgangadhara@gmail.com>> wrote:
HI All,

i have one question on EVPN VPWS BDF forwarding behavior at MH site.
when PE is selected as BDF, it will communicate the EAD EVI route with B bit set to remote PE. so remote PE will install the FRR route with primary path towards DF PE and secondary path towards BDF.
when ever primary path get disconnected it will switch the path to secondary path quickly at remote PE. because of this data from the remote PE will reach to BDF very quickly, but if BDF is not programmed its path towards multi homed segment then traffic will be get dropped until control plane convergence and it will be elected as DF.

for faster convergence if we can install the route such that BDF can allow the traffic from remote PE towards to multi homed segment, we can forward the traffic received from the remote PE.

at the same time we shouldn't allow the traffic from multi homed site this leads to duplicate traffic on the remote PE. to achieve this we should not program the path from multi home site towards remote PE until this PE elected as DF for that VPWS instance.

can you please let me know if there are any problems with this kind of approach..

<image.png>

Regards,
Gangadhar






_______________________________________________
BESS mailing list
BESS@ietf.org<mailto:BESS@ietf.org>
https://www.ietf.org/mailman/listinfo/bess<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_bess&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=s7ZzB4JbPv3nYuoSx5Gy8Q&m=dw_cbEJEFGb2ttG_aLztLllgQ6WbTf5f6YdWdNY3Sgo&s=VYEDWxQx9AA9mJMDxJ8_BoKV0xANI0ORk2zfcb3cfF4&e=>