Re: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv

Ryan Bickhart <rbickhart@juniper.net> Fri, 29 March 2019 19:38 UTC

From: Ryan Bickhart <rbickhart@juniper.net>
To: Sandy Breeze <sandy.breeze=40eu.clara.net@dmarc.ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Question about draft-rbickhart-evpn-ip-mac-proxy-adv
Thread-Index: AQHU5VR4IGuWpxFJd0qKs5LaDbkbs6Yi+Ydw
Content-Class:
Date: Fri, 29 Mar 2019 19:38:22 +0000
Message-ID: <SN6PR05MB4046AF82DCFFF65485C2CD6EAA5A0@SN6PR05MB4046.namprd05.prod.outlook.com>
References: <867D94CC-421F-4524-B594-BCA04F1F1591@eu.clara.net>
In-Reply-To: <867D94CC-421F-4524-B594-BCA04F1F1591@eu.clara.net>
Accept-Language: en-US
Content-Language: en-US
dlp-product: dlpe-windows
dlp-version: 11.1.100.23
dlp-reaction: no-action
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbickhart@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-03-29T19:38:20.3341994Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Internal; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic; Sensitivity=Juniper Internal
x-originating-ip: [66.129.239.11]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: eeb2feec-3f3a-4d82-d1a0-08d6b47e1a9a
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(4618075)(2017052603328)(7153060)(7193020); SRVR:SN6PR05MB4848;
x-ms-traffictypediagnostic: SN6PR05MB4848:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <SN6PR05MB4848F53F64E57859A62DF79AAA5A0@SN6PR05MB4848.namprd05.prod.outlook.com>
x-forefront-prvs: 0991CAB7B3
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(366004)(376002)(346002)(396003)(39860400002)(199004)(189003)(110136005)(106356001)(105586002)(229853002)(316002)(55016002)(33656002)(102836004)(97736004)(186003)(2906002)(5660300002)(52536014)(81166006)(8676002)(7736002)(81156014)(9326002)(8936002)(74316002)(2501003)(66066001)(53546011)(6506007)(6346003)(5024004)(14444005)(68736007)(476003)(11346002)(446003)(71200400001)(256004)(26005)(71190400001)(486006)(6436002)(53936002)(25786009)(14454004)(478600001)(3846002)(6116002)(6306002)(99286004)(86362001)(9686003)(76176011)(6246003)(54896002)(790700001)(7696005)(80283002); DIR:OUT; SFP:1102; SCL:1; SRVR:SN6PR05MB4848; H:SN6PR05MB4046.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: kLyaGCqz8kFl3RRYw2ckdLmJsj4v5mX0YcyN0f/X/DwaJnwPDMxlvtFSZibr7LgMo1HhD/Ippt30ROi9oWSlIaAmFUZoCbP8c5kw8txqPf34zr95GPeSBHaELFAJpoVf1AJ4om1jmnPq6hBLLUkwBgd8Tht1NWan+8OjvI3AG9kFnheiygkWd2Aio8fegERFu9NZ5GnlaihQI843fqcR952AV67PF+Ejx2sB3YSfqi2c3jSzhu5oXLtPze4R2wXTSI3Qoz1BKB/9ae2QBAiifrFRki9nETnej6IsV/ciei2x37vhk7NswqufW+gITyBMP0mwX4xl/EJ0kB96I3qdFlqJJ3E9gqmDVJZksn3G8XUvPJxXqrnYPqU7crq9jpzflGo9oHmr7V0PXrW5TOugDcyKbqsud64hRkjbJkOeA04=
Content-Type: multipart/alternative; boundary="_000_SN6PR05MB4046AF82DCFFF65485C2CD6EAA5A0SN6PR05MB4046namp_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: eeb2feec-3f3a-4d82-d1a0-08d6b47e1a9a
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Mar 2019 19:38:22.4016 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR05MB4848
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-29_11:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1903290134
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/wEgs_ZBsr53mDzFLJkvniIN1ADA>
Subject: Re: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Mar 2019 19:38:46 -0000

Hi Sandy,

It is intentional that PE4 sees an RT2 for the CE1 MAC/IP advertised from PE2 and PE3 as well as PE1. The reason is that we want to cover the transition cases of link or node failure occurring on PE1. PE4 might be using CE1's IP carried in the RT2 for IRB or routing purposes and it is desirable for PE4 to maintain constant awareness of the existence of the CE1 IP across failures on PE1. Under normal 7432 behavior, if PE1 were the only PE advertising the RT2 for CE1's MAC/IP and PE1's link to the multihomed site goes down, PE1 might withdraw the RT2 before PE2/PE3 are able to learn the CE1 IP->MAC binding in the data plane and advertise it as a RT2 to PE4. By having PE2/PE3 originate the proxy advertisements, we avoid the case where the CE1 MAC/IP might completely disappear and later reappear in the EVPN when there is a failure on PE1. (Maybe a general L2 way of phrasing this concept is that you can do aliasing only for entities that you know about. If there is no trace of a MAC's existence left in the EVPN, you would flood rather than use aliasing.)

Thanks,
-Ryan




Juniper Internal
From: BESS <bess-bounces@ietf.org> On Behalf Of Sandy Breeze
Sent: Thursday, March 28, 2019 3:53 AM
To: bess@ietf.org
Subject: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv

Hi Wen,

First, thank you for this work, I see the problem you're trying to solve and support trying to do that.  I have some questions.

Lets say for example, PEs: 1,2,3 have CE1 attached on the same all-active ES.  PE4 is a remote PE participating in the same EVPN.  CE1's MAC/IP is learned in the dataplane by PE1 only, and PE1 originates the RT2 initially.

At this point, with standard 7432 mechanisms, PE4 can already have aliasing and backup paths to CE1 via PEs 2 and 3 without the need to see an RT2 from either PE2 or PE3.  What PE2 and PE3 might be missing locally, however, is ARP/ND state for CE1, which is and which your draft looks to solve in BGP.  (If my understanding is correct?)

Now if PE2 and PE3 support the proxy-adv mechanism, then they sync ARP/ND upon receipt of the RT2 from PE1.  Why do PE2 and PE3 then need to originate their own RT2?  If they originate RT2's then this can influence the forwarding decisions at other remote PE's like PE4, who lets say doesn't understand the proxy-adv bit in the ARP/ND extended community and will see the RT2 as originating from 3 different PE's.  Is that the intention of the draft or just a consequence?  Or is it the intention to keep the proxy-adv mechanism for use amongst the multihomed PE's only?

Thanks
Sandy

[bess] Question about draft-rbickhart-evpn-ip-mac… Sandy Breeze
Re: [bess] Question about draft-rbickhart-evpn-ip… Ryan Bickhart
Re: [bess] Question about draft-rbickhart-evpn-ip… UTTARO, JAMES
Re: [bess] Question about draft-rbickhart-evpn-ip… Wen Lin