IETF Logo Mail Archive

[bess] draft-thubert-bess-secure-evpn-mac-signaling and RFC9047 ARP/ND extended community

"Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com> Thu, 11 November 2021 18:58 UTC

Return-Path: <jorge.rabadan@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E2923A0EE3; Thu, 11 Nov 2021 10:58:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4x8zcWgTxwPi; Thu, 11 Nov 2021 10:58:53 -0800 (PST)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2117.outbound.protection.outlook.com [40.107.244.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DEEF23A0C7E; Thu, 11 Nov 2021 10:58:42 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hpQavDT+Iq0q7VvyHdm0D20yRo0lzR7d0vzxksXE4MuGJXIIhevTe6kxAjPd5ufj/G5UALS4vssokm5iIQymWjrhq1ivmGeBE5xx2jXV0lHIqUCp3PlwfrEVjZH88Kg6Cz9G18CiYlFj4ah+oautUSLJTlPT4sEsoIWqCjW0mz8pwr/0OiAneWCbSWDyOLDnFWgznP3zNn+Z5lFVyAi5lq3S5H0dOVMQwSUDC5IOtyDazFzduK86evwSm0hJZxVO36eJI6nXRLEJD1IXvX+RZjpZuD7nZov0bO7MQ4rYOFjnOmUwc35+sfytm3yL8CRApF6vmH4Z6MpuQKlzBmVEPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fsWD0dxsNv8+6mKh1hRyKbB6SVipkxrF1Ax++Zq4RsA=; b=nbpaxubR0kl3rA5YwMSMmrizx+nYo+ZsfC88P9XZfQ2avlIfLyJujAdHIgZpbGC91luDWLi3POhOqca4t3jcZ3m18UIp3QBoMi83hhqzREcxQ1Vuo36zVmDoUPdo6VcGFx+P+c3Wj7g56xd42mHikxGbyhfNjhJ2mNCsWR6QGK+XTKwqJQcFFAc5+wKuzvi1iQ0aQ/KdCIavFpVaX7CBkEn/UeP5ycLt8gued3sESlORKGT7Eihwsz3k8P8HVSZe7WSD/kIv4YLcnWmoCqkYDvuvqu0g82ROokiPjtB4Gy4u6qMMkqA5Esf8vW2o6/fcnEFOCiBRJ+zgh1ZyWqH7Qg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fsWD0dxsNv8+6mKh1hRyKbB6SVipkxrF1Ax++Zq4RsA=; b=SnpSkxSefzYO0ztU17hlYYxe4AJUkt77RvkPZmrOVBMF/PjAx1hucXgfvEm4oBMV9UcXY4XyepIRPxGaszyws0OvpYS6Gi2+ts1JhHkeOPaNE4j5xnBGh1vmrB+VKqESIW9nkl8XwgIdN0i+Z0ZekyAYEGpiIE2AeJeSi/RJ1F8=
Received: from BY3PR08MB7060.namprd08.prod.outlook.com (2603:10b6:a03:36d::19) by BYAPR08MB4535.namprd08.prod.outlook.com (2603:10b6:a03:52::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.17; Thu, 11 Nov 2021 18:58:40 +0000
Received: from BY3PR08MB7060.namprd08.prod.outlook.com ([fe80::c481:f856:9121:e]) by BY3PR08MB7060.namprd08.prod.outlook.com ([fe80::c481:f856:9121:e%7]) with mapi id 15.20.4669.016; Thu, 11 Nov 2021 18:58:40 +0000
From: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>
To: "draft-thubert-bess-secure-evpn-mac-signaling@ietf.org" <draft-thubert-bess-secure-evpn-mac-signaling@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: draft-thubert-bess-secure-evpn-mac-signaling and RFC9047 ARP/ND extended community
Thread-Index: AQHX1wR5Ay/kXnaxBEGBWLmiuGaoeA==
Date: Thu, 11 Nov 2021 18:58:39 +0000
Message-ID: <BY3PR08MB70605BEE1DBEDE562A638F8EF7949@BY3PR08MB7060.namprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bf17cb48-317a-4128-c7e9-08d9a5454652
x-ms-traffictypediagnostic: BYAPR08MB4535:
x-microsoft-antispam-prvs: <BYAPR08MB4535A357F600AFDC7733C955F7949@BYAPR08MB4535.namprd08.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: vwwrmsqdFFgewrtl7rrnOLcf62xuWJZGFo4+loaivm4P01/5fnTIMeTPRR29vLn45hRGYIEkj50slnuyn1f2feq/W3EyYsMFP9Mhn4Qsp3z3j0lfx4Qts3QFgdqKRv6D+h8kmGPKdK7EoFi+TYWEEqh1PsUDFz3P3LZeQal9/MOgOzBFtGWkTwpTf5GN6SwLdRT0pTtuXFQKQzmMHBIibuQWwsOMkpoZaAiBtpkObfhKMMBkrj7CnpehjZWlDKDzCp77vyteJRcHdyDLWjuDhvzdFsHTEjMYlkHNSS4jjn2LTqxN+XpEkxZWVqFjRoqtB8EbkfUz4pOC8ECkDcbhX7cDG4FSYJPUwXercSm8W+wpS7eSIe6PIAESzgqNcxhxwA4isEim/S2Sm41EdQ+DdSms14VkR9tt7P259pVwMbuWRkl7UMrPZxzda/vDZTi6PNrSjOYL+2CovLSskAh/k5yPg/q1ic0k4gjw1S36Og0zjrdSRH4FvMLuegjsBW3Wzf2wENDz9Pq5U2KAub7RL0imYmyV6+XLsC2Wu95lJeEwesXgQ26PV2yJRpptwtdi0oZXgzHNn2SwtfYtRP4YOmHAtl5o4vcvgAZQHacUl6CFfw2IUPIdNj3cZXMR0rSrkQRHKw/QJebZ71oF4XPymeWEJz0yQAMLg4reJXxVj57mpLXY7E4nwtd7/a2xlqfWO8rLI0ahYsUXImsF+JaKyg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY3PR08MB7060.namprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(2906002)(316002)(33656002)(82960400001)(66446008)(7696005)(66556008)(83380400001)(66476007)(110136005)(508600001)(52536014)(71200400001)(91956017)(64756008)(76116006)(5660300002)(66946007)(186003)(86362001)(450100002)(8676002)(38070700005)(55016002)(38100700002)(122000001)(6506007)(26005)(8936002)(9686003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: LinyxgBzS5hlllUPwRLSuNmBSssQEdd8nNLFCRZ0KqBcfljsSEMADegPQy/snQt2sm16QR7jM4PIu9D9ErajoE+fr+aRASnJobcBUfsAOm37YUN2WtAzv4jykB5e0oW7Ije8A+wXZkktu7Uq9vlWy8eJAJyDz41a8iM3BGsCprW6y86o7OmGDQn201+slD1MMRbT9ddUwCAbLbMedxSwh2x0Ye2+Cl3puQw8YTmrAmfa32dTCp3D6F+OJF1TdUfwIXTrbipXj1HIndJdfBXsdFGFSkW61Eunk5aO1qr5dUblxn/lukvWjuqh6kdeZ2hIthNID8Ws9SbJtzmzFfQ4fbG4s+i15jWbggb/wchD1ArwHkXQx/YYFiIMrKgIenRTGSh7GY9Y+Sd4az/+vZUOCyE5JO0qtCR/BKOHRTfQM3/MINsipd9sK7Ifyh3HtE0t4DfaRDlWvwbCV0uuZDehdJCwppppLnK3b7uddW9YOjE4flKYjQU45KfuRUb27ZLs7RC7/UGoiHHE+Zqw+kG4DkBWxQMPQjD/KqFNmJD36eblyoBkaWbBLI1UriVrmVno7ryT7TjKf8fKD2pjkkHqSFcwh77t/0IVdz8JuAnrtjxBPYFr7bGiGG+nflzlrHM6fD6bRoG08HvDXa6NHMURHSf1TuEEBjdc2eYSekhT8A/eRj/UjwwF3pqtMuhlnS2yzOmoelXaPOAYMyWbmwOKk1DPGTILvNXc3qa/bcPwFR0plSEW+mEvaH+tllDNvd/CUw19lbT4MNr+hv571fQD3ariT2yxzVwOmAPCQbOmknUD89Eg/eqA/jNJKT1ziEVBORo3zLUVgv0CEPWH07FltzZKyKUMEJI6zEaXwe3e9zP/KMRht5fTW5FRfcD/iJAr3rkHyivKZVDipUg0FADlXmT/p7UcVVNqif6iw8l/P5NGBzOSsMDt08thZS02PmzOqmHJZi6JhKQ9Nf0tXzt9sqB1WOWLvcJQpwwJcbUlwXGjbCmZZ3AGdgBrf7i//X3OQ/aoT/CtCnLJfuAVKJXuXH0asQmQCxrnn8KQXcYKQtLqsi0+LrdxXJ33rgE5LqESjZtWnviCTWdIPctucWIZhuUJY1SZIfG8NFurXIQiNDIBaQLZ+kAqJOUGj88h2690TDWr8PBNziUqpyh5rb6P3RPUtRNI9cCbKyT4M6cQLVe353NLO47S8dN12E8Z5qrETpXm22R5kxGOApLwapZKPDtOtUCMFdD+m5mve9H0s5wxtsCPWPbattxxSR1oZ5hiFJN5UK7eIHHK8IMY0gHDq84B1mLYWVXFQo0XRAETV7ShErr2kqSy/u37fnjWpv9FJb9RViGt9lkwr3QXGbk8KmljDYnThyXwhPPFmvDBUUtkS8jChJJEn+tWU90NEa3ezQoi0kP8EThfMPJ9gbk2ZUrw3hPMIcLqX/6bn3t+ZLx4WZn7IOyz2ck9+ITXk2FHqWGHrREageVLh+UueNNIU2Pjp5RGAMv4ULMKwrMEj2gmn7NWyZWllvLRXtgVI5WuxY+M5w3lGoon73+LLk/P52oEP5qTrkwx49/4wJ26SaYD1djJr92qLUVxgzDw/vWqOrPdxNlWvq6ZsPJ2+D0lYR1urkgfQk7xkyH8LdUe12U/XR5fxbhv5kEyxamrndSA
Content-Type: multipart/alternative; boundary="_000_BY3PR08MB70605BEE1DBEDE562A638F8EF7949BY3PR08MB7060namp_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY3PR08MB7060.namprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bf17cb48-317a-4128-c7e9-08d9a5454652
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Nov 2021 18:58:39.9169 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: m0Z5LkfAPnzcjn5C1xhAxPCYYVbW6Yr4tcdqLI35Cvat8HDXA0oNCeQ5S4ezOxJnFb/gwi9k1VOZgAZnMW06MQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR08MB4535
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/_wy6hN97DvLFmTffxcgpBgWdBFo>
Subject: [bess] draft-thubert-bess-secure-evpn-mac-signaling and RFC9047 ARP/ND extended community
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Nov 2021 18:59:03 -0000

Dear authors,

As requested by Pascal, this is an email mostly to suggest the use of the ARP/ND ext community.
Also some additional comments about this draft:


  1.  Minor one: the acronym that we are using in all the EVPN specs is “EVPN” and not “eVPN” – it seems the document is using both, it would be good to just use “EVPN”.



  1.  About this sentence – “Nevertheless, primary key of NRLI is still the IP/MAC/ESI combination” -> I think this is a mistake, the ESI is not part of the route key. The Ethernet Tag ID is, in addition to the MAC/IP and lengths.



  1.  As I suggested during the BESS session, the ARP/ND extended community might be a better fit for the some of the extensions, as opposed to the MAC mobility extended community. The ARP/ND extended community is defined in RFC9047.
     *   One of the reasons why I think the ARP/ND is a better fit is because the MAC Mobility ext community is used also with MAC/IP routes with IP=0, whereas the ARP/ND ext community is only used in MAC/IP routes with non-zero IP. Many times, a leaf will advertise first a MAC/IP route with IP=0 and later a MAC/IP route with a non-zero IP, both for the same MAC.
     *   An option could be to keep the TID+hash in the Mobility ext community sequence number, since from an EVPN perspective those two are really a sequence number, and move the rest of the flags defined in this document to the ARP/ND ext community.



  1.  Related to (3), the ARP/ND extended community already defines a way to signal that an IP->MAC binding belongs to an anycast IP (the O flag). Based on what I understood in your document, I think it would be ok to reuse that bit in your procedures, as opposed to define a new flag “A”


Thank you.
Jorge

v2.23.0 | Report a Bug | By Email