Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

John E Drake <> Sun, 25 March 2018 17:35 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 0F114126D05 for <>; Sun, 25 Mar 2018 10:35:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.711
X-Spam-Status: No, score=-0.711 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id r8dFtt8DilUu for <>; Sun, 25 Mar 2018 10:35:05 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3B5511200F1 for <>; Sun, 25 Mar 2018 10:35:05 -0700 (PDT)
Received: from pps.filterd ( []) by ( with SMTP id w2PGsKsq024647; Sun, 25 Mar 2018 09:57:09 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=JbcGVLp/MpGq/D1OIVb3WiSOQ7T6v4XO9/DXEjnlMc4=; b=aCDmddhQoXPrcHmtQhMp9mhEYt9X+dF5nXVrCOD296rQ91svXzcW1KqTeS8P3Ast/dD2 flgk44x2bEW4IF/VTxYJd2+Bgq1vMZpQZNEfHDhouBSuuUyJj9kzBEe9N5XjpLAxA9hs BPlWwF4LeotU+u6K6igfLicj1U8WZS4lbFeIwUHb5xEkzFESw8xDUimVX65L27Sd8PGm Dd1LZ6xKB6U041BvApgbkJU3qbSoM+Z2Ur4bXeCCWH7LAhutBdJScpGcHpscQmZP7VXh tVdM2xGvmevL5LJmDzKECTRPa9uKaTjUgcln56m33RcRO66SaRUZjTSUHd1PrbEqjdYb xw==
Received: from ( []) by with ESMTP id 2gwmmx9rr9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sun, 25 Mar 2018 09:57:09 -0700
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.631.5; Sun, 25 Mar 2018 16:57:07 +0000
Received: from ([fe80::e8c7:9c13:44b3:67e1]) by ([fe80::e8c7:9c13:44b3:67e1%3]) with mapi id 15.20.0631.009; Sun, 25 Mar 2018 16:57:04 +0000
From: John E Drake <>
To: "Ali Sajassi (sajassi)" <>
CC: "Rabadan, Jorge (Nokia - US/Mountain View)" <>, Eric Rosen <>, Sandy Breeze <>, "" <>
Thread-Topic: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description
Thread-Index: AQHTwTLSpKI1nWgbp0ukIa0wdFUT3aPcSQuAgAAhzICAAaOpAIABPcQAgABcuoCAAYSPgA==
Date: Sun, 25 Mar 2018 16:57:04 +0000
Message-ID: <>
References: <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: [2607:fb90:96a:959b:587c:e60f:b44:333c]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY4PR0501MB3764; 7:GyG8ScIXWlUMEcBV9V0BqUbrZgtj72tjrZ016zBCQBgta8o7UoUfq5IXuhfbX8bzTY+gdp2LbY601Me7Mdjx8uhwIU+OLWOs8DyfxvvAI3qWVDrZEtHdaLvrRZY7fTDr9ErrXCNtMfkqiUGv7oiTiRDeyK3DVwlg5uglyx9aEaMyMgQiuBajZuxz4WL8545UbndFduyyfdLcb9O6NF9014QNAN1OzQNjE77f57RNzr38gwUDvN1VPeYJcZHd9jcD
x-ms-exchange-antispam-srfa-diagnostics: SOS;SOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10019020)(376002)(346002)(396003)(366004)(39380400002)(39860400002)(189003)(199004)(11346002)(606006)(97736004)(54906003)(5890100001)(6436002)(316002)(446003)(5250100002)(6246003)(6116002)(229853002)(790700001)(966005)(46003)(7736002)(68736007)(478600001)(106356001)(36756003)(6916009)(6306002)(236005)(14454004)(53936002)(3280700002)(3660700001)(5003630100001)(6486002)(8656006)(76176011)(81156014)(4326008)(81166006)(33656002)(54896002)(102836004)(561944003)(25786009)(6512007)(53546011)(2616005)(99286004)(8936002)(83716003)(186003)(2900100001)(82746002)(8676002)(105586002)(2906002)(59450400001)(5660300001)(86362001)(93886005)(575784001)(6506007); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR0501MB3764;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: f6a438bb-1260-46e5-d945-08d592716fed
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:CY4PR0501MB3764;
x-ms-traffictypediagnostic: CY4PR0501MB3764:
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:(10436049006162)(138986009662008)(82608151540597)(100405760836317)(95692535739014);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231221)(944501327)(52105095)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041310)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:CY4PR0501MB3764; BCL:0; PCL:0; RULEID:; SRVR:CY4PR0501MB3764;
x-forefront-prvs: 0622A98CD5
received-spf: None ( does not designate permitted sender hosts)
x-microsoft-antispam-message-info: g0+tKQQS3wnw7fqstHbcxt4lJ+Pak7swb6yJnOFzTk0HoWTmhvjGNAIRImJuDwjhZFUrB4RKoCerDFzmzQreI9bHR8nw0ZOnykpR8V+b0cOWHD296JsI3iJtfeHQX8390A90CVR+aOvaBqrGBldCexEXLRAj58K7PrZ+nepPz0JUxGyD41YgjH2ZKWJEvAxVVk5H5CTiRm6mhtyMi8OsuJaMbe71cKPjFgsLQaM6NtmZ6SNIr5NohL6SiLNS+ORsEB/wZ3tWP0GvjWm3XA0/EZZzFYJX38fsQy5+syUDlBtWGfExzy0aplAxd51nqXwTGACN4ggRumVnym8sK6c3NQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_9999F37CC13C40579162D8D14FD58A68junipernet_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: f6a438bb-1260-46e5-d945-08d592716fed
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Mar 2018 16:57:04.8674 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0501MB3764
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-03-25_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803250206
Archived-At: <>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 25 Mar 2018 17:35:09 -0000


I don't mean to quibble but your option A also requires all PEs to be upgraded.  However, it's both a more mainstream upgrade and a better solution than the Sandy/Satya proposal.

Also, as we discussed last week, the SMET processing already includes what Sandy/Satya proposal wants to do.   I.e., when  a PE is no longer the DF on any of the ESes to which it is attached it withdraws its SMET routes.

Sent from my iPhone

On Mar 24, 2018, at 1:30 PM, Ali Sajassi (sajassi) <<>> wrote:

Hi Jorge,

As I pointed out in my previous email, the use of flag is not a viable option because it requires update to every single PE for it to be effective. Before getting too much into a new solution with many restrictions, we should evaluate the current mechanisms and if they fall short, then discuss new mechanism. In one of my emails (which got sent out of order because the connection on the plane is very slow), I talked about option-A:

The best solution for your use case is (option-A):

  1.  Enable DF election on per mcast flow – gives the best load-balancing for DF election among multicast flows and avoids FAT VLAN issue
  2.  Enable IGMP proxy and SMET route – avoid unnecessary replication/transmission of mcast flows over core


From: BESS <<>> on behalf of "Rabadan, Jorge (Nokia - US/Mountain View)" <<>>
Date: Saturday, March 24, 2018 at 3:58 AM
To: Eric C Rosen <<>>, Sandy Breeze <<>>, "<>" <<>>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

Eric, as discussed and you point out, one can easily interpret that IMET is not mandatory in some cases where multi-destination traffic is not needed. In any case, whether this document is Informational or Standards Track is probably not that important.

If this had to be done, out of the options you list, I think omitting the PTA would not be backwards compatible since the use of PTA is a MUST in RFC7432, so RRs wouldn’t like it. Maybe label zero could cause issues too. So maybe a flag is the least disruptive one if the document has to modify something.

I still think it may be better to proceed with the IMET withdraw procedure and clarify that it is only valid for:
a) BUM traffic in IR cases
b) BDs with no igmp/mld/pim proxy
c) BDs with no OISM or IRBs
d) BDs with I-ES associated to overlay tunnels and no other ACs

And any other restrictions/caveats we may need to add.

My 2 cents.

From: Eric C Rosen <<>>
Date: Friday, March 23, 2018 at 5:00 PM
To: "Rabadan, Jorge (Nokia - US/Mountain View)" <<>>, Sandy Breeze <<>>, "<>" <<>>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

[Jorge] my interpretation of RFC7432 is that IMET routes are mandatory to enable the handling of multi-destination traffic in a BD. But in a non-DF PE for a given ES and with no other ACs in the BD, assuming Ingress Replication, there is no such multi-destination traffic (Tx or Rx). So one could interpret that RFC7432 is ok with withdrawing the IMET route in that case.

If we consider the case of all-active multi-homing, then there may well be Tx multi-destination traffic in the scenario under discussion, as multicast traffic from a given ES could arrive at any PE attached to the ES, whether or not that PE is the DF.

The relevant section from RFC 7432 is:

11.  Handling of Multi-destination Traffic

   Procedures are required for a given PE to send broadcast or multicast
   traffic received from a CE encapsulated in a given Ethernet tag
   (VLAN) in an EVPN instance to all the other PEs that span that
   Ethernet tag (VLAN) in that EVPN instance.  In certain scenarios, as
   described in Section 12 ("Processing of Unknown Unicast Packets"), a
   given PE may also need to flood unknown unicast traffic to other PEs.

   The PEs in a particular EVPN instance may use ingress replication,
   P2MP LSPs, or MP2MP LSPs to send unknown unicast, broadcast, or
   multicast traffic to other PEs.

   Each PE MUST advertise an "Inclusive Multicast Ethernet Tag route" to
   enable the above.  The following subsection provides the procedures
   to construct the Inclusive Multicast Ethernet Tag route.  Subsequent
   subsections describe its usage in further detail.

Interestingly, this says that the IMET route is mandatory to enable "the above", where "the above" is "send broadcast or multicast traffic received from a CE".  Note it says "send", not "receive".

If P2MP tunnels are used for the BUM traffic, the IMET route is certainly required to support all-active multi-homing.  If IR is used, or if single-active multi-homing is used, one could argue that RFC 7432 didn't really need to require the IMET route.  However, it does.

[John] Wouldn’t it be better to have this draft define a bit in the Multicast Flags extended community (<>) indicating that that the originating PE is neither DF nor backup DF for this broadcast domain on any ES to which it is attached?  This allows us to always advertise the IMET route and makes the situation explicit.  I think the consensus is that this situation is rare so the number of IMET route updates shouldn’t be excessive and we could also say that this bit is only set by EVPN DC GWs.
If it's worth doing at all, this would be a better method.  Alternatives would be omitting the PMSI Tunnel attribute, or setting the MPLS label in the PMSI Tunnel attribute to 0.
[Sandy] We’d considered alternative methods other than withdraw, such as extended community or something specific in PMSI Tunnel Attribute.  Withdraw/don’t advertise RT3 approach was chosen for the following reasons;
·         Requires no change to protocol
Since the proposal changes the conditions under which an IMET route is originated, it is certainly changing the protocol.  (It's obvious that the finite state machine is changed.)  Perhaps what is meant is that the protocol change is backwards compatible with systems that implement only RFC7432.  But it does not appear to be backwards compatible with systems that have IRB, and the draft has no analysis of the impact on all the various extensions and proposed extensions to RFC7432.
·         Is computationally easier on all participating PE’s, to deal with a simple withdraw than to look for something in an update.  For instance, on transition from BDF to NDF for example
These are of course not the only considerations.

BESS mailing list<>