Re: [bess] I-D Action: draft-ietf-bess-dci-evpn-overlay-06.txt

"Rabadan, Jorge (Nokia - US/Mountain View)" <> Wed, 24 January 2018 07:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8B1A312D892 for <>; Tue, 23 Jan 2018 23:34:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id didyOBrPYWIl for <>; Tue, 23 Jan 2018 23:34:39 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 5495A12D847 for <>; Tue, 23 Jan 2018 23:34:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-nokia-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=QQkhyodMrkN1OINI/oOGRy3SkpxFKwhv5r0wblniEVg=; b=FYaMS8pJ1cJ9G0GpnpYTAZKJqqrrmGgP3/wSIeeJawV+MoblCO5EASVRIFcmpBzMTVZSqNDsnNt24SIhHxepSlQv7M23LjVTilzwZXEQO/jIfxSzgnlX2DP3KerN2oQfx/ZLyU7VNzsDHP203SrzsRsykipbaxbFhj7lUERGyAE=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.444.5; Wed, 24 Jan 2018 07:34:35 +0000
Received: from ([fe80::9029:c61f:9f4b:f39b]) by ([fe80::9029:c61f:9f4b:f39b%13]) with mapi id 15.20.0444.013; Wed, 24 Jan 2018 07:34:35 +0000
From: "Rabadan, Jorge (Nokia - US/Mountain View)" <>
To: Anoop Ghanwani <>
CC: "" <>
Thread-Topic: [bess] I-D Action: draft-ietf-bess-dci-evpn-overlay-06.txt
Thread-Index: AQHTk8W5tU21+OUzDUCTd7SgbMd2VaOAn8KAgAB3fYCAAR5SAIAAfzMA
Date: Wed, 24 Jan 2018 07:34:34 +0000
Message-ID: <>
References: <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
x-originating-ip: []
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM4PR07MB1459; 7:4Bnfqf9uFousKdRc/bQte8/ASeUodPisz0Jc9+aJaZVmJDkFZ1uphgpgNZBZhEybarlH+5kKSCFcpP993RNrLAtuZZu20NlHrUOuuXK6LJky+Caj69yIXExb39X79zTPCkSRTAsaLY0Fmm1cdDJrTeYlNII6CrwkSlmlKTcaHvgUD8pIeGMj4pUrOaSVueBJ2t0LzXz9dQaVV0RcH6CGuQfKtothw8E6xyR+NxUP0bCIx2esJFNm5bY0HGGJKVkL
x-ms-exchange-antispam-srfa-diagnostics: SSOS;SSOR;
x-forefront-antispam-report: SFV:SKI; SCL:-1; SFV:NSPM; SFS:(10019020)(346002)(376002)(39380400002)(39860400002)(366004)(396003)(199004)(189003)(377424004)(478600001)(53386004)(8936002)(3660700001)(790700001)(3280700002)(106356001)(966005)(6116002)(7736002)(99286004)(6306002)(3846002)(6512007)(76176011)(14454004)(236005)(54896002)(6436002)(82746002)(2950100002)(97736004)(86362001)(66066001)(83716003)(606006)(230783001)(33656002)(93886005)(6916009)(4326008)(2900100001)(36756003)(6506007)(5250100002)(59450400001)(26005)(102836004)(53546011)(2906002)(5660300001)(68736007)(53936002)(316002)(58126008)(2171002)(81156014)(81166006)(8676002)(6486002)(9326002)(229853002)(6346003)(25786009)(83506002)(105586002)(6246003); DIR:OUT; SFP:1102; SCL:1; SRVR:AM4PR07MB1459;; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
x-ms-office365-filtering-correlation-id: 02514338-917d-40f3-8ec3-08d562fceaad
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(2017052603307)(7193020); SRVR:AM4PR07MB1459;
x-ms-traffictypediagnostic: AM4PR07MB1459:
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:(28532068793085)(15479808377102)(158342451672863)(120809045254105)(82608151540597)(85827821059158)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231046)(11241501184)(806099)(2400081)(944501161)(10201501046)(6055026)(6041288)(20161123558120)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(6072148)(201708071742011); SRVR:AM4PR07MB1459; BCL:0; PCL:0; RULEID:; SRVR:AM4PR07MB1459;
x-forefront-prvs: 056297E276
received-spf: None ( does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is );
x-microsoft-antispam-message-info: 343/DDDyuIm6JH/yfhE4kDBmrHCtHblHW18CWcKiO2FuWf8NB0gOhu3MdvDkJWRuXP6G3wl28uzrEIfFZ96IvM99/vTTIUG8WtmDrlKkOW/ejfTtkLu4tnNMt8RhX8JZ
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_65A18602B4274306AB630487CFBE3BA9nokiacom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 02514338-917d-40f3-8ec3-08d562fceaad
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2018 07:34:35.0066 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR07MB1459
Archived-At: <>
Subject: Re: [bess] I-D Action: draft-ietf-bess-dci-evpn-overlay-06.txt
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 24 Jan 2018 07:34:42 -0000

Hi Anoop,

There are (lots of) cases where the NVEs reside in hypervisors, hence NVE and its hosts/VMs are co-located in the same server, and MAC/IP routes for the hosts are advertised as they come up (since they are learned thru the management/control plane). Check [1] which is written based on that.

In the evpn-overlay draft the NVEs are running EVPN.
Even if your controller and data plane are separated, if you have multiple controllers they will run EVPN.
Even if you have a single controller, it will run EVPN with the DC Gateway.

So, I’m afraid I disagree with your statement that EVPN in the DC means MAC are learned from the data path. In my experience there are many deployed DCs where EVPN is used and MACs are learned in the control/mgmt. plane.

Thank you.


From: <> on behalf of Anoop Ghanwani <>
Date: Wednesday, January 24, 2018 at 1:59 AM
To: "Rabadan, Jorge (Nokia - US/Mountain View)" <>
Cc: "" <>
Subject: Re: [bess] I-D Action: draft-ietf-bess-dci-evpn-overlay-06.txt

Thanks Jorge.

I'm struggling to understand the example.  When would all the MACs be learned in control/management plane _and_ BGP EVPN be in use in the DC?  In the normal case, if I'm using a controller in the DC with the NVEs in the servers, then there is no benefit to running EVPN in the DC.  And if I'm running EVPN in the DC, the common case (only case currently deployed?) is where MACs are learned from the data path at the NVEs and imported into BGP for transport to other NVEs, so I wouldn't satisfy the requirement for all MACs being learned in the control/management plane.

Is there a use case I am missing?


On Mon, Jan 22, 2018 at 10:54 PM, Rabadan, Jorge (Nokia - US/Mountain View) <<>> wrote:
Hi Annop,

This paragraph intended to clarify that (in the same section):

This document proposes that local policy determines whether MAC
   addresses and/or the Unknown MAC route are advertised into a given
   DC. As an example, when all the DC MAC addresses are learned in the
   control/management plane, it may be appropriate to advertise only the
   Unknown MAC route.

Is it not enough?

Thank you.

From: BESS <<>> on behalf of Anoop Ghanwani <<>>
Date: Tuesday, January 23, 2018 at 1:47 AM
To: "<>" <<>>
Subject: Re: [bess] I-D Action: draft-ietf-bess-dci-evpn-overlay-06.txt

I have a question about the following paragraph in this draft:

   The solution specified in this document uses the 'Unknown MAC' route

   which is advertised into a given DC by each of the DC's GWs.  This

   route is a regular EVPN MAC/IP Advertisement route in which the MAC

   Address Length is set to 48, the MAC address is set to

   00:00:00:00:00:00, the IP length is set to 0, and the ESI field is

   set to the DC GW's I-ESI.
How does an ingress NVE tell the difference between an unknown MAC DA that is reachable (but perhaps aged out) within the current DC versus a MAC DA that is reachable in a remote DC?  In the first case, the correct action would be to replicate to all NVEs that participate in the incoming packet's VN; in the second case the correct action is to unicast it to the DC GW.  Is this assumption that the DC GW will then take over the job of replicating to the NVEs within the DC?

It would be good if some clarification can be added to the document.


On Mon, Jan 22, 2018 at 1:11 PM, <<>> wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the BGP Enabled ServiceS WG of the IETF.

        Title           : Interconnect Solution for EVPN Overlay networks
        Authors         : Jorge Rabadan
                          Senthil Sathappan
                          Wim Henderickx
                          Ali Sajassi
                          John Drake
        Filename        : draft-ietf-bess-dci-evpn-overlay-06.txt
        Pages           : 27
        Date            : 2018-01-22

   This document describes how Network Virtualization Overlays (NVO) can
   be connected to a Wide Area Network (WAN) in order to extend the
   layer-2 connectivity required for some tenants. The solution analyzes
   the interaction between NVO networks running Ethernet Virtual Private
   Networks (EVPN) and other L2VPN technologies used in the WAN, such as
   Virtual Private LAN Services (VPLS), VPLS extensions for Provider
   Backbone Bridging (PBB-VPLS), EVPN or PBB-EVPN. It also describes how
   the existing Technical Specifications apply to the Interconnection
   and extends the EVPN procedures needed in some cases. In particular,
   this document describes how EVPN routes are processed on Gateways
   (GWs) that interconnect EVPN-Overlay and EVPN-MPLS networks, as well
   as the Interconnect Ethernet Segment (I-ES) to provide multi-homing,
   and the use of the Unknown MAC route to avoid MAC scale issues on
   Data Center Network Virtualization Edge (NVE) devices.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at<>.

Internet-Drafts are also available by anonymous FTP at:

BESS mailing list<>