[bess] Queries and comments on draft-ietf-bess-bgp-sdwan-usage-20
"Dikshit, Saumya" <saumya.dikshit@hpe.com> Sun, 03 March 2024 11:43 UTC
Return-Path: <saumya.dikshit@hpe.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F859C14F5F3; Sun, 3 Mar 2024 03:43:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hpe.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gDSIsNVoR9MX; Sun, 3 Mar 2024 03:43:53 -0800 (PST)
Received: from mx0a-002e3701.pphosted.com (mx0a-002e3701.pphosted.com [148.163.147.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B6D4C14F5F2; Sun, 3 Mar 2024 03:43:53 -0800 (PST)
Received: from pps.filterd (m0134420.ppops.net [127.0.0.1]) by mx0b-002e3701.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 42395lUi000915; Sun, 3 Mar 2024 11:43:45 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hpe.com; h=from : to : cc : subject : date : message-id : content-type : mime-version; s=pps0720; bh=tYqRTmfG432hbFsi6Bl4UoHrDKJoIfeoIvCVvHeM29Q=; b=L26QXGRkbVCyZ9o+xPXO3G5W/Yqy1p7UBCfE3/B58QSzWHJRTkM2BP8jno1+fyIOB11S 3yUVJNM0QRy/1+OYXMuFvGbohNhqy9mqikaHnIBrWe9Lpfs3iF3jbKiDbj4M7H/Fk27y KcqoI2rf4Qgv7oMWMpHqHp/uIU1+cFxHlrDMX70xoctUnc7ueqEq+zBN7yAOCJmflgSM cQRiC0Kg0ONKL9fTtAFG7km9LubegKHdg7Aot29yu9gciUPmFewBbhCqyfYmXnNwmoZ5 A6qxE1nv5zBngd8vYKtIzK2Tc5SRVAnglmsZbyo6SVwUyL25OTjQJLrk6hKxMMmpbdCh qQ==
Received: from p2lg15074.it.hpe.com ([16.228.97.199]) by mx0b-002e3701.pphosted.com (PPS) with ESMTPS id 3wksg9jwgg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 03 Mar 2024 11:43:45 +0000
Received: from p1wg14923.americas.hpqcorp.net (unknown [10.119.18.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by p2lg15074.it.hpe.com (Postfix) with ESMTPS id 28B9CD2A7; Sun, 3 Mar 2024 11:43:34 +0000 (UTC)
Received: from p1wg14923.americas.hpqcorp.net (10.119.18.111) by p1wg14923.americas.hpqcorp.net (10.119.18.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Sat, 2 Mar 2024 23:43:33 -1200
Received: from P1WG14918.americas.hpqcorp.net (16.230.19.121) by p1wg14923.americas.hpqcorp.net (10.119.18.111) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42 via Frontend Transport; Sat, 2 Mar 2024 23:43:33 -1200
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (192.58.206.35) by edge.it.hpe.com (16.230.19.121) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.42; Sun, 3 Mar 2024 11:43:32 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ANmL5bgiP2QYC3KUwKm1YWRktM41xyGTxQkKWXdQS3umZd45KRSeEDE3dnVqhbSKFxcL4/ReiU7FInFgMlg1arbQwPIRzhPPFlVjEYrQObfJgfSSPYy5m268kYDjTEQhlJBstGU5NXfQ8VWt8dolF3ezQLlg+sUyFJY/r2+QbLDy306+qy0dMTxrxkGV4yPny3XnSkXIAajVqOoEFS5mKKwlVt8+QlzMGZXeaE/1AKQagV6wvSP8cGHS4o18EcpHR46I7SgKxMeSvxt4L11tO3VFfDGNSVBnPy/MZWRhzNiul620qcSUjaDFmjf+oLjjAMqD2QGDhiYJ9udKBvpzuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tYqRTmfG432hbFsi6Bl4UoHrDKJoIfeoIvCVvHeM29Q=; b=kVhHmIK8O1S4rg+OX3tFRdOBNRbtP38tAuicQyP2Mw0VcBrfYZjc7XZOnZmBXB96mUCVEorbBwLeJieEhJ1ruiiLyB95qHaTbhZUJovNFFEW5cnUZ1KEXieIXB0F8bpCm7UlTbHdzDVrxv8vouU3RoaJ+reixOk9UgxuXc9ImGwrNHH9L8wu4Cc0nsl1spiTrDx4U7driZVTeS4XR2ws4kd79D/IIyXy49tfxc4FimmnGXw4sLrgDdUYa7wZXi9DpEbxH1NsqfngPcPebwaynw+z+LbsNMTva6AWsGiTT4uy2el92yNwzHAD2E0i+bsDHz0rP9LKQm4aVHXrLFzn/g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=hpe.com; dmarc=pass action=none header.from=hpe.com; dkim=pass header.d=hpe.com; arc=none
Received: from SJ0PR84MB2110.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:a03:435::16) by SJ0PR84MB1433.NAMPRD84.PROD.OUTLOOK.COM (2603:10b6:a03:381::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7362.16; Sun, 3 Mar 2024 11:43:30 +0000
Received: from SJ0PR84MB2110.NAMPRD84.PROD.OUTLOOK.COM ([fe80::1886:d59f:a929:8023]) by SJ0PR84MB2110.NAMPRD84.PROD.OUTLOOK.COM ([fe80::1886:d59f:a929:8023%3]) with mapi id 15.20.7339.019; Sun, 3 Mar 2024 11:43:30 +0000
From: "Dikshit, Saumya" <saumya.dikshit@hpe.com>
To: Linda Dunbar <linda.dunbar@futurewei.com>, "sajassi@gmail.com" <sajassi@gmail.com>, John E Drake <jdrake@juniper.net>, "basil.najem@bell.ca" <basil.najem@bell.ca>
CC: "bess-chairs@ietf.org" <bess-chairs@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Queries and comments on draft-ietf-bess-bgp-sdwan-usage-20
Thread-Index: AdptX6XYfCjcTW1OSsuXoWtjJucotQ==
Date: Sun, 03 Mar 2024 11:43:30 +0000
Message-ID: <SJ0PR84MB2110D859B5404BC86DF3B32D945C2@SJ0PR84MB2110.NAMPRD84.PROD.OUTLOOK.COM>
Accept-Language: en-IN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR84MB2110:EE_|SJ0PR84MB1433:EE_
x-ms-office365-filtering-correlation-id: 7d888e0f-7303-471b-98ec-08dc3b7725f2
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 4nf8UsNd1y2LrCuF8VO0/mA+0gDkWHxVSgKsK6S4EoYb0lCz/2kEWVtdUbs85p5l+mqcyIEVg58xEYs4N46OYAJAQKLUO4kT5kfwmyaO0NDqzKMe7pJBiz9trc8dnE25TeU9lQ+nRvk2oiYmrIPBLlMIw965Z9jFLq+sn3IjEpBaLifsj9dMbO4t2wKUC6Y51Ale2Pqt+q7QD+95q36FqAjPW6l9NYyME7RsGwMclcpAMpJpLUnuOsMKKqriy//DxAEaB0eZrYYc6KBaUR5Hh/8ov10XKD7HBrmg0+HPMRvvwfYIo9wNwL5TA3V4khW+fitNeiY9IO8K4J7FJK3FCOoEAgUKKiH5SkUDANaftf5rhRolQjVsAQJ7RugBjmfBcfTJ9IpLqwfxlcxgPOn/YD2EMaJ+RfpEcRjA8xcT1G92oFNbcnUtl8EL1N3+Q7VauoZIzKyJpPD9lEedfhCp3nAbxD1jJdwp7upebYCrY8m1xdKCRwMYtheERiWu1p0PHvatq7qqUPWC87I8wYDIyQb6PSlnu6tNOVoF0a2zd+XWhUYT8UHtmdfAnU1mYytyrYny3MBM0EdDR2LvnFl3dkBHd0XN2YOD1hPVD0jWVs59cm5bgVf3NVqsuBA+EQhaoIew/TS3ahb9hILFmrfuI4aU4mfWOIrOnXRVyMvvtFg=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR84MB2110.NAMPRD84.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(376005)(38070700009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: mR0ux/BtYOltWyAi9Rw5yJYaQIJXm8+TKBoAARJGpOCoo9x8R1bW8bxfoyz0t/Ku4Xwhj4fLXE1cF4qqegRtA9veLAL/xIe5ZGyAj+XSWvX/lCaHq8fPY+v+cAmzof3vF9/1vKhRAGxqVfQNfvSs4VSt1D2/LtZKFw6wEF3P7g4tfBPUb48EoHOeKhAExxz23S/2YHPv74KtKoQfZrtBSRJPeOQvAm4xN4nr+XyMiqaQxLX1MGfJinHlcsQzDfuHMgvJ16HRjkSTfgW0E8lHZr2qLX6DgOgswL+Mh4lFpcvRSiL+tLx6APXROJ7ra27nB9h+ea4HhyV81jhPuLJKF6QzjrpPpPdD/qACGoMiYCFTDAPkQaJtx7Io98o2iB+7NnKsTxfk1r5nHNtqvLCfR5ypC5ufno0EUJ3NwPy88TyGLktxpESKRCxYdAQe4tVvcohez981jrEdG3oq4D5zQ2+QfqB+Ki4j+mQNyu5JIlw5BCPfxyLTS2fWjNoROWSpV0K2KiKgYY2RybLG/x60HCveGpJc0ujRZNRrW0EMzAMmEOMcmA+2VTrTu3B0sfOup6zrpPL5r5adb0IMrnqCtBvk9W2JeBU3GD6oWPMfa3M/Rs888l2/f8sbVGos4qfx9E45ksoaUeeAtpN8/8PELXFXDP8z/3wQsi4YBp5iVA5+ahPh82FxURjnIKNwx1X7rXX2p0kS5S+hQbH4GnlacYIAC5/lx4F6JssfGewwqHAjfC7Eeyd3QSUAWt1/GP4zBVOxWEjYYxdaxjZ4KUqTBxX+KiqsHAAMvl7J85gn8YekNNiLpXWHyOOc0LsQwSFLfbKR56cJPsf/ZRMEYnaJ9gjpG9sAMpDFWCIAC7HlJKKgGVKW8O6m7rUTVZUiVEMMhL7yreCHIOjdfUi9smnbkUYmPFpguCL37nKfHlId/n00O6/0y8qladC7aX5f5MvU3EiVAbWzY2fICESUcBEpjBdxzXRbkqpL4rOcbX6fVjlKWgthY5K0cITeSUUk48AnPLy8fISetwJbaDst6DUE7IVNkyCmH1YWrbU4p4CNkrklcXNVpG4a1ZYD7hju9Fb1znWRzy9klQIA9Fp5J1rXUOq2qvNSChcwim8M5v8zPDv+WN1b5zsMYm/hwfJ0FgfcbGuGXIQUVVhElDI+5TGToK54c/fJKdK9p8XZgNNit1rYFbpb94DfZM8SEGVE4/Fq7Jvcbz44vgm1FPIJYok9KP3LexRlFNDdKDM2dmweW3IZ0yYyZED/LG1AKz6IJvuZkV0f2ojbgdKkc8FpmkCBeytecrknQXKQR5JcFHCrEKFJMyPxtEPUrjjJg5CkYWxceMeWCNh3F+dlwAYKXf12481kDpt/1dAJ51j5TpwGkw7NCPJe/0I2G0Hy7FOL3ELGq93W2LHxAQ1J9oPlTbdPPBTzhrIO8F9EpKrgp72ykwg2Lw9HV5OpZomnFWG/PwgrFTEntVna/oUDAf0SjOQ2Vf0EJvFMna+2mxBF1kuSPh7rDswMAICBIAvQ3wXX/nVDWivB9QzWA1FngBeFoya857XnIaMtBZuFq8Ct1W75jdW5um2nF+YOKct1GWTZDzKB
Content-Type: multipart/alternative; boundary="_000_SJ0PR84MB2110D859B5404BC86DF3B32D945C2SJ0PR84MB2110NAMP_"
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR84MB2110.NAMPRD84.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 7d888e0f-7303-471b-98ec-08dc3b7725f2
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Mar 2024 11:43:30.3079 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hlbMlONF+Ms7ukI4rC2J7mWln3Ct2l2+5pP2GfOfvBdEWcQtURp8j3WJTOZKJ1G0HGlxp73lSLMQYpzmaxNbKQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR84MB1433
X-OriginatorOrg: hpe.com
X-Proofpoint-GUID: KGtDFnK3cAsAZCFLvL4gpJmfuS6Wg1bv
X-Proofpoint-ORIG-GUID: KGtDFnK3cAsAZCFLvL4gpJmfuS6Wg1bv
X-Proofpoint-UnRewURL: 0 URL was un-rewritten
MIME-Version: 1.0
X-HPE-SCL: -1
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-03-03_01,2024-03-01_03,2023-05-22_02
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 mlxlogscore=999 mlxscore=0 impostorscore=0 malwarescore=0 adultscore=0 bulkscore=0 priorityscore=1501 lowpriorityscore=0 clxscore=1011 spamscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2403030097
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/ZQf9CXMyTHccGgEgeK-wqde8pKo>
Subject: [bess] Queries and comments on draft-ietf-bess-bgp-sdwan-usage-20
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Mar 2024 11:43:57 -0000
Hello Authors of draft-ietf-bess-bgp-sdwan-usage, I have following comments/queries: >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-1: "over one or more underlay connectivity services by recognizing applications and determining forwarding" [SD] "Underlay" is being very generic ? it can be hierarchy of overlays on top of which "real security overlay is provisioned between the SD0WAN end points". I think it should be changed. >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-3.1.1 "As SD-WAN is an overlay network arching over multiple types of networks, MPLS L2VPN[RFC4761][RFC4762<https://datatracker.ietf.org/doc/html/rfc4762>]/L3VPN[RFC4364][RFC4659<https://datatracker.ietf.org/doc/html/rfc4659>] or pure L2 underlay can continue using the VPN ID (Virtual Private Network Identifier), VN-ID (Virtual Network Identifier), or VLAN (Virtual LAN) in the data plane to differentiate packets belonging to different SD-WAN VPNs. [SD] Why only native MPLS VPNs. EVPN based MPLS or over Vxlan fabric can also be extended over IPSec, or underlying MPLS underlay. >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-3.1.3 [SD] The section should explicitly mention, "dynamically provisioned policies based on evolving security threats and service provisioning" and also "dynamic segmentation" >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-3.1.5: "Each edge node informs the Route-Reflector (RR) [RFC4456<https://datatracker.ietf.org/doc/html/rfc4456>] on its interested SD-WAN VPNs. The RR only propagates the BGP UPDATE from an edge to others within the same SD-WAN VPN." [SD] Route-Reflector should be generalized to include Route-Servers in a over-the-WAN deployment of network fabrics. This may involve BGP instances deployments in different ASs (eBGP) >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-3.1 [SD] there is not requirement "scope for optimization of client routes at the WAN Gateway in the control plane" as the CE device can be lowly scaled w.r.t to FIB/RIB tables and performance/convergence of control plane. This one is not specific to dataplane/traffic optimization >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-4.1 : Client Service Provisioning Model [SD] Aggregation/Summarization of routes is an integral part of client provisioning >>> https://datatracker.ietf.org/doc/html/draft-ietf-bess-bgp-sdwan-usage-20#section-5.1: Why BGP as Control Plane for SD-WAN? [SD] One organic reason is that BPG is a tcp based protocol and hence can easily align with TLS based security. Regards, Saumya.
- [bess] Queries and comments on draft-ietf-bess-bg… Dikshit, Saumya
- Re: [bess] Queries and comments on draft-ietf-bes… Dikshit, Saumya