[bess] Re: My question/comment aboutdraft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today

[Wei Wang <weiwang94@foxmail.com>]

Hi Ali,


Customer service segmentation is based on the Logical Access Identifier (LSI, i.e., access VNI) rather than the VLAN information in the original customer data. The main reasons are as follows:


1) The original customer data may not contain VLAN information. If this field is to be reused, it would be necessary to convert LSI/VNI to VLAN on the ingress PE side and then convert VLAN back to LSI/VNI on the egress PE side. Such conversions also require extensions in the control plane to transmit the corresponding relationship between LSI/VNI and VLAN. In addition, at the forwarding plane, the VLAN space is limited, making it unable to accommodate more branch customers under the same EVPN.


2) In our solution, service segmentation is based on branch sites within each metropolitan area network, rather than the VLAN information within the sites.


Best Regards,
Wei


         原始邮件
         
       
发件人：Ali Sajassi (sajassi) <sajassi@cisco.com&gt;
发件时间：2025年8月2日 02:17
收件人：Wei Wang <weiwang94@foxmail.com&gt;, Aijun Wang <wangaijun@tsinghua.org.cn&gt;, 'Alexander Vainshtein' <alexander.vainshtein@rbbn.com&gt;, bess@ietf.org <bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org <draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
主题：Re: [bess] Re: My question/comment aboutdraft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today



 Hi Wei,

 
 What you want to do is already supported by current RFCs and specifications.&nbsp;

 

Use EVPN-VPWS service to setup a PW identified by the access VNI to carry your VLANs traffic to your core PE. This PWs carries traffic for several VIDs and it is terminated on the core PE.


The core PE uses the concept of EVPN vES to map each VID to a different BD.


For encapsulation over the core network for VLAN-aware bundle service, you have two options: a) to use core-VNI+VID to identify the BD on the receiving core PE or b) to use core-VNI alone to identify the BD. In the latter case, each BD gets mapped  to a core-VNI. The choice is up to the receiving PE and transparent to the transmitting PE!


 
 Therefore, I don’t see any need for a new encapsulation and your proposal.

 
 Cheers,
 Ali

 
From: Wei Wang <weiwang94@foxmail.com&gt;
 Date: Friday, August 1, 2025 at 12:50 AM
 To: Ali Sajassi (sajassi) <sajassi@cisco.com&gt;, Aijun Wang <wangaijun@tsinghua.org.cn&gt;, 'Alexander Vainshtein' <alexander.vainshtein@rbbn.com&gt;, bess@ietf.org <bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org <draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
 Subject: Re: [bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today
 
 
 Hi Ali and Sasha,

 
 Let’s use VLAN-aware bundle to clarify why we need both Access VNI (LSI) and Core VNI in one VxLAN header.

 
 In traditional VLAN-aware bundle ([RFC7432]), multiple VIDs map to a single EVI. Isolation relies on VIDs (e.g., VID 10 vs. 20) to separate broadcast domains, even with overlapping MACs.

 
 In our Layer 3 scenario (LSI-aware bundle, the L3 equivalent), VIDs are replaced by LSIs (Access VNIs) to retain that "broadcast domain ID" role, while the core EVI maps to a Core VNI.

 
 If we only include Core VNI (no LSI), the core PE loses the LSI (like losing VID) and can’t distinguish traffic from overlapping MACs in shared Core VNI—breaking isolation, just as losing VID would in VLAN-aware bundle.

 
 Since standard VxLAN has only one VNI field, we extend it to carry both: Core VNI (for EVI) and LSI (for "VID-like" isolation).

 
 Best regards,
 Wei

 

 
 原始邮件


发件人：Ali Sajassi (sajassi) <sajassi=40cisco.com@dmarc.ietf.org&gt;
发件时间：2025年8月1日 00:59
收件人：Wei Wang <weiwang94@foxmail.com&gt;, Aijun Wang <wangaijun@tsinghua.org.cn&gt;, 'Alexander Vainshtein' <alexander.vainshtein@rbbn.com&gt;,  bess@ietf.org  <bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org <draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
主题：[bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today


 
 Wei,

 
You said: "the  critical challenge lies in how to&nbsp;physically encapsulate both in a single VxLAN packet&nbsp;to ensure end-to-end traffic isolation and correct mapping in a Layer 3 access scenario, which is not addressed by existing specifications.”

 
Please elaborate - i.e., give detailed explanation and use cases as to why both VNI need to be encapsulated in the same VxLAN packet. PWs are only stretched over access network (and NOT core network) and are  terminated onto service VRF. Therefore, they are not needed between VRFs over the core network!&nbsp;

 
Cheers,
Ali

 
From: Wei Wang <weiwang94@foxmail.com&gt;
 Date: Wednesday, July 30, 2025 at 6:34 PM
 To: Ali Sajassi (sajassi) <sajassi@cisco.com&gt;, Aijun Wang <wangaijun@tsinghua.org.cn&gt;, 'Alexander Vainshtein' <alexander.vainshtein@rbbn.com&gt;, bess@ietf.org <bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org <draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
 Subject: Re: [bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today
 
 
 Hi Ali,

 
 Thanks for your perspective. While we agree that the access EVPN-VPWS VNI and backbone VxLAN VNI are logically independent in terms of their roles—similar to MPLS labels or Q-tags—the critical challenge lies in how to&nbsp;physically encapsulate both in a single  VxLAN packet&nbsp;to ensure end-to-end traffic isolation and correct mapping in a Layer 3 access scenario, which is not addressed by existing specifications.

 
 Our proposal addresses this by extending the VxLAN header with an "S" flag and a 16-bit LSI field. When the "S" flag is set, the LSI field carries the access PW VNI, while the original VNI field retains the backbone VNI—enabling both identifiers to coexist  in one packet . This extension is precisely to bridge the gap between logical independence and practical encapsulation requirements in Layer 3 access scenarios.

 
 Best Regards,
 Wei

 
原始邮件


发件人：Ali Sajassi (sajassi) <sajassi=40cisco.com@dmarc.ietf.org&gt;
发件时间：2025年7月26日 01:03
收件人：Aijun Wang <wangaijun@tsinghua.org.cn&gt;, 'Alexander Vainshtein' <alexander.vainshtein@rbbn.com&gt;,  bess@ietf.org  <bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org <draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
主题：[bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today


 

Hi Aiju,

&nbsp;

The answer to your question is very easy. The access EVPN-VPWS VNI (representing a PW) is independent from the backbone EVPN VxLAN VNI representing ELAN, E-TREE, or IRB service just like the access MPLS label for PW is independent  from backbone EVPN MPLS label representing ELAN, E-TREE, or IRB service, just like Q-tag or Q-in-Q tag in the access is independent from VNI or MPLS label in the backbone.

&nbsp;

You should keep in mind that VNI does NOT need to be global. It can be domain specific and even down-stream assigned!

&nbsp;

Cheers,

Ali

&nbsp;

From: Aijun Wang <wangaijun@tsinghua.org.cn&gt;
 Date: Friday, July 25, 2025 at 1:50 AM
 To: Ali Sajassi (sajassi) <sajassi@cisco.com&gt;, 'Alexander Vainshtein' <Alexander.Vainshtein@rbbn.com&gt;, bess@ietf.org <bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org <draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
 Subject: RE: [bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today


Hi, Ali:

&nbsp;

It’s relatively easy to incorporate the MPLS based pseudowire into EVPN, as that described in RFC9784.

But, it is not easy to incorporate the VxLAN based PW into EVPN, although they are all VPWS.

&nbsp;

draft-wang-bess-l3-accessible-evpn wants just to fit the gap.

Or else, would you like to tell us how to encapsulate the access PW VNI information, together with the backbone VxLAN VNI information in the normal  VxLAN packet?

&nbsp;

Best Regards

&nbsp;

Aijun Wang

China Telecom

&nbsp;

&nbsp;

&nbsp;

&nbsp;

From: forwardingalgorithm@ietf.org&nbsp;<forwardingalgorithm@ietf.org&gt; On Behalf Of Ali Sajassi (sajassi)
 Sent:&nbsp;Friday, July 25, 2025 1:10 AM
 To:&nbsp;Aijun Wang <wangaijun@tsinghua.org.cn&gt;; 'Alexander Vainshtein' <Alexander.Vainshtein=40rbbn.com@dmarc.ietf.org&gt;; bess@ietf.org; draft-wang-bess-l3-accessible-evpn.authors@ietf.org
 Subject:&nbsp;[bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today


&nbsp;

Sasha,

Thanks for your question as I couldn’t figure out what this draft was trying to do on my quick glance ☺

&nbsp;

Aijun,

EVPN-VPWS (RFC8214) applies to both MPLS and VxLAN as described in the document. Furthermore, although RFC9784 is written with MPLS access network as an example, it can easily be applied to VxLAN access  since a VPWS instance can be either per RFC8214.

So, in light of these two RFCs, are there anything that you want to do that is not covered by these two RFCs?

&nbsp;

Cheers,

Ali

&nbsp;

&nbsp;

&nbsp;

From: Aijun Wang <wangaijun@tsinghua.org.cn&gt;
 Date: Thursday, July 24, 2025 at 10:54 AM
 To: 'Alexander Vainshtein' <Alexander.Vainshtein=40rbbn.com@dmarc.ietf.org&gt;, bess@ietf.org&nbsp;<bess@ietf.org&gt;, draft-wang-bess-l3-accessible-evpn.authors@ietf.org&nbsp;<draft-wang-bess-l3-accessible-evpn.authors@ietf.org&gt;
 Subject: [bess] Re: My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today


Hi, Sasha:

&nbsp;

Using the concept of virtual segment in RFC 9784 to access the core EVPN service is similar with our proposal.

The difference is that in RFC 9784, the access network is one MPLS based network, the PW can be identified by the corresponding MPLS label.

But, in our proposal, the access network is one Layer 3 Native IP network, there is no MPLS deployed in the access network.

&nbsp;

Then, some new solution (especially how to identify the logical session, how to transfer them via the control plane and how to encapsulate them in the  VxLAN packet should be defined.

&nbsp;

Does the above explanation address your concerns?

If so, we can add some procedure description for our proposal according to another expert’s comments.

&nbsp;

Thanks!

&nbsp;

Best Regards

&nbsp;

Aijun Wang

China Telecom

&nbsp;

From: forwardingalgorithm@ietf.org&nbsp;<forwardingalgorithm@ietf.org&gt; On Behalf Of Alexander Vainshtein
 Sent:&nbsp;Thursday, July 24, 2025 5:48 PM
 To: bess@ietf.org; draft-wang-bess-l3-accessible-evpn.authors@ietf.org
 Subject:&nbsp;[bess] My question/comment about draft-wang-bess-l3-accessible-evpn-10 at the BESS WG session today


&nbsp;

Hi all,

Just to repeat my question/comment asked at the BESS WG session in Madrid today:

&nbsp;

I have asked whether the authors considered using the PWs crossing the L3 domains as Virtual Ethernet Segments as described in Section 1.3 of RFC 9784?

&nbsp;

At the first glance, this could address all the problems with which this draft tries to cope.

&nbsp;

Regards,

Sasha

&nbsp;

&nbsp;

Disclaimer

This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential  and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately  and then delete all copies, including any attachments.