[bess] EVPN Multihoming and Symmetric IRB

Muthu Arul Mozhi Perumal <muthu.arul@gmail.com> Wed, 24 April 2019 04:28 UTC

Return-Path: <muthu.arul@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8168A120133 for <bess@ietfa.amsl.com>; Tue, 23 Apr 2019 21:28:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B3LdWzUBL5FP for <bess@ietfa.amsl.com>; Tue, 23 Apr 2019 21:28:05 -0700 (PDT)
Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E52CC120075 for <bess@ietf.org>; Tue, 23 Apr 2019 21:28:04 -0700 (PDT)
Received: by mail-lj1-x22d.google.com with SMTP id y16so4703301ljg.1 for <bess@ietf.org>; Tue, 23 Apr 2019 21:28:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=yi2S34fDg6/X1F5ACsGg+9l4xYN4GtnGJEIuykWDSw4=; b=S31gACgves+V39LPthw1ZLblTTIXmTqFAR6YYS1zaS5jpHBNDZU/UgdAkxQIdLgrE6 e37X2AeEIHI9oxbsZPZrRPGAm/4yf+Xt7i1WeMMqb46OKKIRrLxBe9kqPukE88rtffub 8Z9WTfHRYqHIse8FjJdi9Fwvw4n6bpQK8Y/ZaixP4jSWJm0cmRbDAZ1xiXlMyiHoG5T7 dhA5nxRJE/OkrxDyaxsAy4lYMFSt8y1X3TXAqRFBD/4sRu8VxDUEgrBDPNg+OyJqqAyv jsIJaqipzQjI8Z4d87316f75gf0JdAX89iKL5EtdJX6W8+Az9lxfj5iezSuAUpxPgUfa LlGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=yi2S34fDg6/X1F5ACsGg+9l4xYN4GtnGJEIuykWDSw4=; b=f54uG4MlBKJZ6duzQQRmTlcXPKqys5zPSZz9nFCI+MHr7QKtfx1dqkWgkgSegVE+J0 7ZwcupCHe/otaqjFuja1m8hPKrGju9CeYt0RESMxOJ9HUMRwjcPF0ZMpuVuKqrPFrG5c 84xt6f5qhl8ric8A8KxD0+jAAvCr9B7AIkhoM9yfRg8FcsUR4x6exUxh8RMXX87ZphMj GMCcQQJSy9rZxR0oyVNtexXMnd544Za4J5+9DUrvlSxYwIqxKI9oC2+PV1/09reQmnO7 IxFyuwlFrxmE0lThUe7q25hixuD6UZEy49qokhzUmIM70VYp5ehbGQsgNFa7bGQtdmHQ Zwfw==
X-Gm-Message-State: APjAAAXzcM/d4e1Gacq24qPMQ5B3MOVjj5lpSW2BvO5BOGttHUi94ktj 6tNYUK6rMWXJtOsVRwD5DCMcMJ9RhiVmdXfbPZLs7idE
X-Google-Smtp-Source: APXvYqxJKmrlKHmqQqr36YwI5JhEesVf7Uc3HYloZs6XuPoSBc4BMULhgAmERO+H85wxk0a4kyFNoVmKd2h5Pge6r7Q=
X-Received: by 2002:a2e:2b16:: with SMTP id q22mr16204688lje.20.1556080082880; Tue, 23 Apr 2019 21:28:02 -0700 (PDT)
MIME-Version: 1.0
From: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>
Date: Wed, 24 Apr 2019 09:57:51 +0530
Message-ID: <CAKz0y8wAGjW6RxWRz5NTAiVYGjhFuG5EnYv9WmEbmo6rjm3VZQ@mail.gmail.com>
To: bess@ietf.org
Content-Type: multipart/alternative; boundary="000000000000950ed705873f2091"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/lalcX7ZJyUFZu1GrbfZ_qnLRDkM>
Subject: [bess] EVPN Multihoming and Symmetric IRB
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2019 04:28:08 -0000

Hi Everyone,

draft-ietf-bess-evpn-inter-subnet-forwarding does not explicitly describe
the implications of EVPN multihoming on IRB. It seems to assume that the
IRB procedures can be easily extrapolated to multihoming following RFC 7432
and it says so at least for the mobility procedures described in section 4.

However, I think there are key implications of multihoming for symmetric
IRB.

Fast Convergence:
Section 8.2 of RFC 7432 says the following:
<snip>
   Upon a failure in connectivity to the attached segment, the PE
   withdraws the corresponding set of Ethernet A-D per ES routes.  This
   triggers all PEs that receive the withdrawal to update their next-hop
   adjacencies for all *MAC addresses* associated with the Ethernet
   segment in question.  If no other PE had advertised an Ethernet A-D
   route for the same segment, then the PE that received the withdrawal
   simply invalidates the *MAC entries *for that segment.  Otherwise, the
   PE updates its next-hop adjacencies accordingly.
</snip>

Clearly, it describes fast convergence only for the MAC addresses of TSs
(and not for their IP addresses). In symmetric IRB, the ingress PE performs
a route lookup for the destination TS prefix in IP-VRF and forwards the
packet to the egress PE. Hence, the above fast convergence is not
applicable. It however is applicable for asymmetric IRB where the
destination subnet is configured in the ingress PE and it performs a lookup
in the BT corresponding to the destination subnet and forwards the frame.

Aliasing and Backup Path:
With symmetric IRB, the ingress PE cannot use alias label (i.e. label
advertised in AD per EVI route) to load balance traffic sent to egress PEs
multihomed to the same CE, since the egress PE needs to first perform a
route lookup for the destination prefix in the IP-VRF to forward the
packet. The ingress PE instead needs to rely on multipath techniques
applicable to L3VPN (such as BGP multipath).

Now, coming to the backup path, section 8.4 of RFC 7432 says the following:
<snip>
   The backup path is a closely related function, but it is used in
   Single-Active redundancy mode.  In this case, a PE also advertises
   that it has reachability to a given EVI/ES using the same combination
   of Ethernet A-D per EVI route and Ethernet A-D per ES route as
   discussed above, but with the "Single-Active" bit in the flags of the
   ESI Label extended community set to 1.  A remote PE that receives a
   MAC/IP Advertisement route with a non-reserved ESI SHOULD consider
   the *advertised MAC address* to be reachable via any PE that has
   advertised this combination of Ethernet A-D routes, and it SHOULD
   install a backup path for that MAC address.
</snip>

Clearly, it describes the backup path only for the MAC address of the TS
(and not for their IP address). Hence, it is not applicable to symmetric
IRB. It however is applicable to asymmetric IRB.

Is my understanding correct? Shouldn't the implications of multihoming on
symmetric IRB be explicitly captured
in draft-ietf-bess-evpn-inter-subnet-forwarding?

Regards,
Muthu