Re: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv
Wen Lin <wlin@juniper.net> Wed, 03 April 2019 03:06 UTC
Return-Path: <wlin@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FF8112045C for <bess@ietfa.amsl.com>; Tue, 2 Apr 2019 20:06:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, KHOP_DYNAMIC=0.85, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RBk2L7awfaLN for <bess@ietfa.amsl.com>; Tue, 2 Apr 2019 20:06:22 -0700 (PDT)
Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C01CF1200A3 for <bess@ietf.org>; Tue, 2 Apr 2019 20:06:21 -0700 (PDT)
Received: from pps.filterd (m0108162.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x3334BU5021543; Tue, 2 Apr 2019 20:06:19 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : subject : date : message-id : content-type : mime-version; s=PPS1017; bh=o8H0JcxIMnd+VY1uVLuoJC93QiWMbg5lSesUhfRwvfg=; b=yirBWHwxEReqp3j7QLKYiPbJjKY6nx9/wTMGoa8ILhXNxI+22AKa54RmrVJJ60Gffym1 QV8/T0kBsvVnmm7IkEF0W6EVVRonTrwVb9C40OEIH5mOezs/fkZZ5IW0ObsqiLQnR7/J RnRiGhGnzrj13UIwLAJ0om0zFlVxfLhURjXcd6LRcAVh0pj2AEqtQOSjmOhcRQqdaZ03 Pk3XRokcfo9Ygrkj1Ed/XHhsFv/KEK9nWThG9qPpdbub3bv5YiPEbLBPnsateqBV9g37 PhvdRHGyUwV7tz6iMryqVC5YimPfjbK8+l3Tsvcw6RK1iHKp9IMl0/gayQ1d3BmyyJ1U +Q==
Received: from nam03-by2-obe.outbound.protection.outlook.com (mail-by2nam03lp2059.outbound.protection.outlook.com [104.47.42.59]) by mx0b-00273201.pphosted.com with ESMTP id 2rmj20g5xm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 02 Apr 2019 20:06:19 -0700
Received: from BYAPR05MB5432.namprd05.prod.outlook.com (20.177.185.25) by BYAPR05MB6584.namprd05.prod.outlook.com (20.178.234.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1771.11; Wed, 3 Apr 2019 03:06:15 +0000
Received: from BYAPR05MB5432.namprd05.prod.outlook.com ([fe80::1d95:6a37:c8d9:1db0]) by BYAPR05MB5432.namprd05.prod.outlook.com ([fe80::1d95:6a37:c8d9:1db0%4]) with mapi id 15.20.1771.011; Wed, 3 Apr 2019 03:06:15 +0000
From: Wen Lin <wlin@juniper.net>
To: Ryan Bickhart <rbickhart=40juniper.net@dmarc.ietf.org>, Sandy Breeze <sandy.breeze=40eu.clara.net@dmarc.ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv
Thread-Index: AQHU6coz4lzx2S8IkEygn+6wOJJlzw==
Date: Wed, 03 Apr 2019 03:06:15 +0000
Message-ID: <6D355D18-1F1B-4764-8690-FF17F68EF20A@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.17.1.190326
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=True; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner=rbickhart@juniper.net; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2019-03-29T19:38:20.3341994Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Internal; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application=Microsoft Azure Information Protection; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method=Automatic; Sensitivity=Juniper Internal
x-originating-ip: [66.129.241.14]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1fe894b5-3c20-469d-cb97-08d6b7e1560a
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600139)(711020)(4605104)(4618075)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:BYAPR05MB6584;
x-ms-traffictypediagnostic: BYAPR05MB6584:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BYAPR05MB65846CB637998B54D22E6C67C8570@BYAPR05MB6584.namprd05.prod.outlook.com>
x-forefront-prvs: 0996D1900D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(39860400002)(346002)(366004)(396003)(136003)(199004)(189003)(316002)(2906002)(6506007)(58126008)(110136005)(3846002)(6116002)(106356001)(5660300002)(33656002)(478600001)(6486002)(14454004)(53546011)(476003)(2616005)(6246003)(186003)(102836004)(486006)(26005)(105586002)(25786009)(8676002)(81156014)(256004)(8936002)(71190400001)(229853002)(86362001)(71200400001)(6436002)(68736007)(81166006)(82746002)(66066001)(9326002)(14444005)(5024004)(7736002)(36756003)(54896002)(6306002)(6512007)(99286004)(2501003)(97736004)(83716004)(53936002)(80283002); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR05MB6584; H:BYAPR05MB5432.namprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: CblmtUmhZWx2URmoXyX7oLu6Rcyzo21vfSKeX/j/yscxUDfM4zwCwONWn+DjZ2TULWbpbTF6dVpTiOKibXcMyy4V6yYbG/tHg5156SDmRm8kM3NZeto4Q4DnYa8XQ2w8FgPuFA9WL46wfJvUItAAu6YLcU5w7bRnrmtIfyahdtovHfP5fC5WXn09fBSj6Q7Z68+wXgGkFLLICbQZRIsv7cPGN89tAixJJx6CbHV7KKHFvhPSvDbnl3ndfOTynQAH5EzwK2eVVsc5gV8qyOY8lyy/W3XqPdZdnKniHHK0XnGvxcuuKUZocBa7OOsNm9n9Nx39cM5PeBWaCnYd/l29qElIMtJVAwP3QetZOeBQSsWnEBrGFqaves11ZzApoUaHiM+z9k2ioPzdhpbXaHr4IEwTCL5v/QFPdF3w9xJbBKQ=
Content-Type: multipart/alternative; boundary="_000_6D355D181F1B47648690FF17F68EF20Ajunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 1fe894b5-3c20-469d-cb97-08d6b7e1560a
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Apr 2019 03:06:15.7335 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR05MB6584
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-04-03_01:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1904030017
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/hsvAcRjkgMcGQ7B7PWEPR1Ot3xA>
Subject: Re: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2019 03:06:24 -0000
Hi Sandy, Also for inter-subnet traffic, if there is no trace of MAC/IP in the EVPN network due PE1 node/access link failure, PE4 cannot just use flood to reach the destination host - PE4 has to ARP first to find out MAC/IP binding before it can send traffic to the destination host. Thanks, Wen From: BESS <bess-bounces@ietf.org> on behalf of Ryan Bickhart <rbickhart=40juniper.net@dmarc.ietf.org> Date: Friday, March 29, 2019 at 3:39 PM To: Sandy Breeze <sandy.breeze=40eu.clara.net@dmarc.ietf.org>, "bess@ietf.org" <bess@ietf.org> Subject: Re: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv Hi Sandy, It is intentional that PE4 sees an RT2 for the CE1 MAC/IP advertised from PE2 and PE3 as well as PE1. The reason is that we want to cover the transition cases of link or node failure occurring on PE1. PE4 might be using CE1's IP carried in the RT2 for IRB or routing purposes and it is desirable for PE4 to maintain constant awareness of the existence of the CE1 IP across failures on PE1. Under normal 7432 behavior, if PE1 were the only PE advertising the RT2 for CE1's MAC/IP and PE1's link to the multihomed site goes down, PE1 might withdraw the RT2 before PE2/PE3 are able to learn the CE1 IP->MAC binding in the data plane and advertise it as a RT2 to PE4. By having PE2/PE3 originate the proxy advertisements, we avoid the case where the CE1 MAC/IP might completely disappear and later reappear in the EVPN when there is a failure on PE1. (Maybe a general L2 way of phrasing this concept is that you can do aliasing only for entities that you know about. If there is no trace of a MAC's existence left in the EVPN, you would flood rather than use aliasing.) Thanks, -Ryan Juniper Internal From: BESS <bess-bounces@ietf.org> On Behalf Of Sandy Breeze Sent: Thursday, March 28, 2019 3:53 AM To: bess@ietf.org Subject: [bess] Question about draft-rbickhart-evpn-ip-mac-proxy-adv Hi Wen, First, thank you for this work, I see the problem you’re trying to solve and support trying to do that. I have some questions. Lets say for example, PEs: 1,2,3 have CE1 attached on the same all-active ES. PE4 is a remote PE participating in the same EVPN. CE1’s MAC/IP is learned in the dataplane by PE1 only, and PE1 originates the RT2 initially. At this point, with standard 7432 mechanisms, PE4 can already have aliasing and backup paths to CE1 via PEs 2 and 3 without the need to see an RT2 from either PE2 or PE3. What PE2 and PE3 might be missing locally, however, is ARP/ND state for CE1, which is and which your draft looks to solve in BGP. (If my understanding is correct?) Now if PE2 and PE3 support the proxy-adv mechanism, then they sync ARP/ND upon receipt of the RT2 from PE1. Why do PE2 and PE3 then need to originate their own RT2? If they originate RT2’s then this can influence the forwarding decisions at other remote PE’s like PE4, who lets say doesn’t understand the proxy-adv bit in the ARP/ND extended community and will see the RT2 as originating from 3 different PE’s. Is that the intention of the draft or just a consequence? Or is it the intention to keep the proxy-adv mechanism for use amongst the multihomed PE’s only? Thanks Sandy
- [bess] Question about draft-rbickhart-evpn-ip-mac… Sandy Breeze
- Re: [bess] Question about draft-rbickhart-evpn-ip… Ryan Bickhart
- Re: [bess] Question about draft-rbickhart-evpn-ip… UTTARO, JAMES
- Re: [bess] Question about draft-rbickhart-evpn-ip… Wen Lin