[bess] My concerns regarding draft-ietf-bess-evpn-bfd
Alexander Vainshtein <Alexander.Vainshtein@rbbn.com> Sat, 27 July 2024 00:17 UTC
Return-Path: <alexander.vainshtein@rbbn.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A74F6C1D52F8 for <bess@ietfa.amsl.com>; Fri, 26 Jul 2024 17:17:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.103
X-Spam-Level:
X-Spam-Status: No, score=-2.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=rbbn.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HFzMT41H5t3t for <bess@ietfa.amsl.com>; Fri, 26 Jul 2024 17:17:16 -0700 (PDT)
Received: from usb-smtp-delivery-110.mimecast.com (usb-smtp-delivery-110.mimecast.com [170.10.151.110]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83668C1DA1EC for <bess@ietf.org>; Fri, 26 Jul 2024 17:17:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rbbn.com; s=mimecast20230413; t=1722039435; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type; bh=8OU3ftAYr4vA8IuDf2tf2R4k8+UKTu+sWR/Xfka8th0=; b=g2SkdEFZIyj9/KfgNS4OdqvGRz3oH6X60tz8qAbhCIDGyvcQ8HYKbInoHf6WDQ9WkwefOn 201zjfyPZZR+F+1zM63LkhFBaF+68opcizQ+9TlKZSj6+5zu+j2BfTSzsm6ITfWS5hBC5i 5dE2rXfTx1yvwWVAEPGN3zswsEnHBcI=
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10lp2046.outbound.protection.outlook.com [104.47.55.46]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id usb-mta-42-VKTAWLSnPdWkXfqVGtwXHQ-3; Thu, 25 Jul 2024 13:13:28 -0700
X-MC-Unique: VKTAWLSnPdWkXfqVGtwXHQ-3
Received: from PH0PR03MB6300.namprd03.prod.outlook.com (2603:10b6:510:e2::5) by SA6PR03MB8009.namprd03.prod.outlook.com (2603:10b6:806:437::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.20; Thu, 25 Jul 2024 20:13:23 +0000
Received: from PH0PR03MB6300.namprd03.prod.outlook.com ([fe80::a48b:db16:775a:4a16]) by PH0PR03MB6300.namprd03.prod.outlook.com ([fe80::a48b:db16:775a:4a16%6]) with mapi id 15.20.7784.020; Thu, 25 Jul 2024 20:13:23 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@rbbn.com>
To: "draft-ietf-bess-evpn-bfd@ietf.org" <draft-ietf-bess-evpn-bfd@ietf.org>
Thread-Topic: My concerns regarding draft-ietf-bess-evpn-bfd
Thread-Index: AdretYYmItvnKf3IQFe6pGn1x/CAeA==
Importance: high
X-Priority: 1
Message-ID: <PH0PR03MB6300DEC15676D0F592AD44A8F6AB2@PH0PR03MB6300.namprd03.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH0PR03MB6300:EE_|SA6PR03MB8009:EE_
x-ms-office365-filtering-correlation-id: 4cc0d9cc-42dc-448c-6222-08dcace63c7f
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700018
x-microsoft-antispam-message-info: 08APPbMbSOZfMUX1j7hmmtglDie5+IC3C50k2r4I8Ax5strO+niI9CvzBlEb5NYPcajYNX2+5UzbkIkosaRLSrCwGpl+OyzgnoZ5cgboizf7XendA+rkg/y0H45zWptfG5h/mTjx0lTKo0t3f5d2bf58zL8SisqHdIoUywNedoMIOxeD53irx3RQYV++QZT8KkBfYnzTjgAMDHXmE0dqmCjrI7KYq3Y46QYzl59z2oUD5RMVCxXVZxYLGHN9y+D4OV6FDe1actaTx8XMqjqDUGGDMEQVW5eWnqWG1iqRwBylbTcMmBN3FcERaroEegVbvCYdyGpqThvEhXdKiIotIyiuzLXJ58g/ZKfsKjts5CkOxojc1dC6AIZim5AmKMXUNf2kdTS9mB9WE90vHVZJSPBxDqKzEwWmopfUamYlSSvsMMIaMDomjCu60X1jeNX6BSZZmf+gP8Lqhb3DtuwuJgdXI0hl0HPVc+0SBWEISHBfmUpjC3wuurKFbWeHptHuM8rzWJvh6+PqOdbCouXdx9i6UBU5Ibk5dujJ31wHMIWvJO4C/JNb4YZnQHJIwLvsXVUo7ns6xhuEoSCR1lYOpLMG8eOPwSOMMyEtbbzYhGJvMESHxuNdjJuBd65BwNk/UDIuZ7j3J3+cKkDFNhl53JTEGVqrromHXm5V3ndUdqzNHGm/5PTej+DRHMQOdtacozpopj/DkMrswDSISpusumEleVwbB2p/uJ2OH1a+G3vSfr5OAIuJBsr9y5FyII+IHxUrZRmP08qB3wMmWswyWhO5nEkf7RCSj3TKjZCDHtweo8tByINNdRdLmi9KL3n5rU7j2YqzClW5MWjX54nDUTk2cRN3qG52aRIX8e7IIRuyUXRKO/TOeKeK6Lrrc/ya4DznF5peYjLVyRjmE1VNwspQocVWsPhr5RY4Ay29umm/Dkrl2H0SILaTw6tE1TiSFfVcTJmdwEGKB2lTUj4ZbUMU6lZIf3KrMJ8eciKX/rn1jrbflTRmeiuT1cjkhbc5LOFKY8oPTllfRy6PCICKg2IVYfg5mieQZ9snuvhBRf2gGtPk57gZG64aPtCPwxinjVWLkjlGTqWKCCVOtYzrZE7ACO6P3LK6d/mD16zZxnrk/J6Xfj2bae9RELaDVOS6KKIRAEBDtDlTerclnh1j9IeY8kURdtf20/wt+WNxzyymIoKbCq+zFtYcP/fS5bdd4FkJ2wxzTsnHfIaXESkgnn1nRLAFvirect4GHZiaU3Rstz9gKYpcRFe+wg/eFIQB5pr6mTpSD9P0fGysGgijFkHW7jIO+xUv+3sw8NM5dE47q6VA2Den0Mylma2T+Ot3VySmZAgrrBSx7F85tG3udd26FvStauORLfc710m5m3M=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR03MB6300.namprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700018);DIR:OUT;SFP:1102
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 81gbNIoDhHYV6CxUSr9rzHeiC7CSwhsvBEI/miW0yp6LCICgGQ7aeo+EUdCFeSBSlEprLP8WVIGCDEEE4wSS7BQ2z6TLrHhcPHxouuX0+twizMSTyGHOvQW6zpGRUBjRYhVxfRaJGziKGzIXO4YQUAt+nLnGHvzk67kCC4JTJeadh0RtNTlrJrtJsGdT/aWwGrci81gRqjHr8CrhkPnwYiIYLp4hPTfJH8nlWMRImsE2XSBtrobhmPLzB/w+SpzcjfxuNVKPnfOVTZSQlv/ZZXuVyMo7EOinkaKH1Lux5K7Mj6BjfFYSjSI+OkHTBqk9rfA4jR/veOKSDL9v8Tdur7gJMl2vAg9vJgux6z2M8N0GUkEJkis7MawaM4rKbpuGGl3w47lJ0Rg9/8SWzrU3Krh1B7jvhBRXQC04Oood+jroOvac8CxXNrUV4yeRZ+DLooMO1QWQ/bKaJcU7bzLaoR/Tl5Lo4rhQNzB4Zcu8et6mQvhUfirYOZ4YODxB465wV3MslWK5lJVgat8jyEiATugOh6V6bwhQw2PNCC+PHRBuSl++8mMwExSeXfai0K/RBRzzjAAL/eSjDq9/PRhsaIEF1L8DMmw2aaJ0ZNmIRMMt8VI892D1/c7+0ZF72vKhUnM7K+BtGavXIFBbfmTpz6DJ4+UkhDuouji5ZyicTJeIzzpcY8Z4Cafb0EJTtbPbL+O6G3bc55q52PglTZg1aUB7pbsL17VH5+ZlOEvbwcTKSqBdDBEz+uHuRplBIO3h4msza+Q/c1+I9u74xvuhe7MIKvrFLhI9bSHYexWI5q4P4u9oNd8gA78w6vs6MkIFxakMzZ6lgNzyQtGa1D+9hL23Bv/Kfe1cP76kHDZB0MRjgZrilmZ5iY4QTKGUkamjXDmoiFGRehijn3nNKCJ7GYLVrSWAPrHeCv+Vqbu0ebyfDbN5dOxUaVR169puV+Xn66xH2YyUymcyPfE3G7lQraXLR8jwOOZAfMAQ9v5RXwQmJxI308VD/Y0OwjdbWOdBn1zlJjIJC+uMX6gz3B6WVA/cJIDQkZuf6J8OdcqLynM4OEvhjN+bNYgQbruI2DSgEqLGgHc2lye9k/kuEjMZRziDGa6uVbNQd/eturiKv0AzwDrZbIXU0/vUlK/vHqd+9HWZnmE+u8wCE3JvTcJ6PVAPnJMb3JTnwdxKF2i9+405z11p/iWIZYjWcRYVwO5rCTGcUIKz7kk/nLhvtoSY0B7iDNJs909rBTnn6FAm0aELmczUWzzDcYNa8lasKOZ2J9GqBm27+Vzv7qcrAKA867vTA5doh8GeTWTB685ycmb31es86/uVFtvneLM9nE89Jf7kuvAVfyay+FN5DUc9G5ykZ/gv8VO2JH50IERfUZuauXQXykMyw/2euIWQFSSDjofwmQEq7ZKcs/FqWPbqEbsRcTfTiopJa02oW1cowqiHjuxAvhcDPGWGtn76yxVTC8WGYC2jmGiWh9XwuD8AvAYyt8jAvQzIvpzviglpq6K64Bk8o8m/8B+IZx2CDCaCEIdW4WeU6FbLzo7l8lyJDBUp3p0o6A8CMMdrW61Rl/RFkxLmBvRJ/KcsK/69FA0Q+2q946LXyB4zMEdtHAxFC3sdM/4IVwPJQg8/9NVs1k4=
MIME-Version: 1.0
X-OriginatorOrg: rbbn.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR03MB6300.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4cc0d9cc-42dc-448c-6222-08dcace63c7f
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jul 2024 20:13:23.6794 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 29a671dc-ed7e-4a54-b1e5-8da1eb495dc3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lV9mK7pf8XaQx/xBIURM+l3Od/3P0nwIA1qXMJefPu/gAS6g3ZjD3e41a3i5C7YaqrFOWfMFc5EBpQi0takmgQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA6PR03MB8009
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: rbbn.com
Content-Language: en-US
Content-Type: multipart/alternative; boundary="_000_PH0PR03MB6300DEC15676D0F592AD44A8F6AB2PH0PR03MB6300namp_"
Message-ID-Hash: O6R6J7BC3MXFBUOLYHKU62ELTCKHSK7V
X-Message-ID-Hash: O6R6J7BC3MXFBUOLYHKU62ELTCKHSK7V
X-MailFrom: alexander.vainshtein@rbbn.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "bess@ietf.org" <bess@ietf.org>, BFD WG <rtg-bfd@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [bess] My concerns regarding draft-ietf-bess-evpn-bfd
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/lXi2BB6Fn95UW3bbJc0tL1mgiKQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>
Date: Sat, 27 Jul 2024 00:17:20 -0000
X-Original-Date: Thu, 25 Jul 2024 20:13:23 +0000
Hi all , I would like to share with you my serious concerns regarding the EVPN Network Layer Fault Management<https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-bfd-07> draft. These concerns are closely related to the email exchange with the authors of the draft that can be found here<https://mailarchive.ietf.org/arch/msg/bess/VfGN6fLORF9dylzoFjCmKLINjDM/>. I have decided to present them now because the WG Chairs have said yesterday that the draft is going to the WG LS. 1. Section 3 of the draft says that "In addition to detecting link failures in the EVPN network, BFD sessions at the network layer can be used to monitor the successful setup, such as label programming, of MP2P and P2MP EVPN tunnels transporting Unicast and BUM traffic. The scope of reachability detection covers the ingress and the egress EVPN PE (Provider Edge) nodes and the network connecting them". IMHO and FWIW this statement actually contradicts the OAM layering scheme: * The underlay failures such as link failures, P and PE node failures etc.) should be monitored by their own monitoring mechanisms and should be quite aggressive for fast detection of failure and activation of the relevant protection mechanisms * The OAM mechanisms used for the EVPN network layer should be separated from the mechanisms used in the underlay and should not be over-aggressive in order to avoid multiple instances of false detection of failures at the network layer. E.g., failure of the link in the undelay network that is detected by fast single-op IP BD (TFV 5880) and triggers appropriate local protection action (e.g., SR TI-LFA) should not be reported by the EVPN Network layer OAM mechanisms. * The above means that the EVPN Network Layer OAM should be limited to detecting failures in programming the labels/VNI advertised in various EVPN routes. Such failures can occur, but hardly require fast monitoring mechanisms: i. EVPN LSP Ping (RFC 9489) already provides an on-demand OAM mechanism for detecting such failures ii. It is worth noting that BFD has never been proposed as the Network Layer OAM mechanism for BGP/MPLS IP/VPN (RFC 4364) in the 20+ years period in which both mechanisms have been available and widely deployed. 1. IMHO and FWIW: * BFD sessions should be set up in accordance with the procedures defined in RFC 5882: i. Set up by some "client entity" thar listens to the session state transitions ii. Each BFD flavor defines the session uniqueness rules, and multiple client entities can listen to the same existing session if a new session cannot b set up without violating these rules iii. When the session exits its UP state (e.g., fails) , listening clients take appropriate actions * When a new BFD "flavor" is defined, explicit definition of potential client entities and actions they take upon failure of the session in question is highly- RFC 7130 provides a good example. However, such definitions are missing in the draft in question. In particular: i. It is not clear when a specific BFD session is set up, and at what granularity (per MAC address? Per EVI? Per EVI Ethernet Tag> for EVI that implements VLAN-aware Bundle service interface ?) ii. Should BFD sessions be activated for EVI/BD that are not attached to any MH ES? In this case EVI/BD would not advertise any per EVI Ethernet A-D routes, and only MAC/IP Advertisement routes carry the information MAC addresses and the labels associated with them, iii. What, if anything, should be done if a specific "EVPN BFD" BFD session fails? In particular, how should the customer traffic presumably affected by the failed session should be restored? 1. Encapsulation of the BFD packets defined in Sections 6.1.1 and 6.2.1 include a VAN ID field, but the draft does not specify how the value of this VLAN ID is defined. Please consider these notes as my WG LC comments if/when this LC is announced. Regards, Sasha Closely Disclaimer This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
- [bess] My concerns regarding draft-ietf-bess-evpnā¦ Alexander Vainshtein