Re: [bess] bess: draft-zzhang-bess-mvpn-msdp-sa-interoperation

"Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net> Thu, 11 January 2018 16:42 UTC

Return-Path: <zzhang@juniper.net>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6781E12D86B; Thu, 11 Jan 2018 08:42:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MU2Yea3KENWK; Thu, 11 Jan 2018 08:42:47 -0800 (PST)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FBA512D0C3; Thu, 11 Jan 2018 08:42:47 -0800 (PST)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w0BGeAxx010024; Thu, 11 Jan 2018 08:42:33 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=PPS1017; bh=003j9SoI39rTLFNXAz3IK8r8fVHmmndXWiYfe4GLc/g=; b=daxsHzYQJ/xRVGo9Y3iK11vrjBmiR8Anc7v5JmMHpGgerU2uoc3+BbqCTRZL3A/fsSsT OTDEAroTc+Ewf1yDKW2BqEbJ2hkt3E8ReOjD+qjlfPYTvau5kHxDLksHEOCJeoNNQsk4 Gu2cWMEeMpusfSYertLl9zQXhU690FvfiBE1T5dpVtoOjVualuXWSGxiTMHjOz3GU4Ig xWOrvonjRVEn7y36gSrSiQNzqJBV52E1KF2rpeIQzPnLz95bjpMrkatGCWxeOV9RqRBt w4m1ZMKIIEWAF3DrxKaeUz50TnR3T9T8JSPMHpcTyffkNxl1yk/PQOTKva+OzVTTo+6u JQ==
Received: from nam03-by2-obe.outbound.protection.outlook.com (mail-by2nam03lp0055.outbound.protection.outlook.com [216.32.180.55]) by mx0a-00273201.pphosted.com with ESMTP id 2fdxs8heh6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 11 Jan 2018 08:42:32 -0800
Received: from CY1PR0501MB1340.namprd05.prod.outlook.com (10.160.226.145) by CY1PR0501MB2154.namprd05.prod.outlook.com (10.164.3.152) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.407.1; Thu, 11 Jan 2018 16:42:31 +0000
Received: from CY1PR0501MB1340.namprd05.prod.outlook.com ([10.160.226.145]) by CY1PR0501MB1340.namprd05.prod.outlook.com ([10.160.226.145]) with mapi id 15.20.0407.004; Thu, 11 Jan 2018 16:42:31 +0000
From: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>
To: Stig Venaas <stig@venaas.com>, Toerless Eckert <tte@cs.fau.de>
CC: MBONED WG <mboned@ietf.org>, Toerless Eckert <tte+ietf@cs.fau.de>, "Lenny Giuliano" <lenny@juniper.net>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: [bess] bess: draft-zzhang-bess-mvpn-msdp-sa-interoperation
Thread-Index: AQHTXPJFRb/XpCS5yk+cPU93+HFWMKMg0JcwgAA6qICAAhZbgIAAe5tQgAAYy4CAECuDAIA7SLlQ
Date: Thu, 11 Jan 2018 16:42:30 +0000
Message-ID: <CY1PR0501MB13409EF77769A87C15A6D0B4D4160@CY1PR0501MB1340.namprd05.prod.outlook.com>
References: <20171114024232.GF19390@faui40p.informatik.uni-erlangen.de> <DM5PR05MB31456805323BF32267D6BBEAD4200@DM5PR05MB3145.namprd05.prod.outlook.com> <alpine.DEB.2.02.1711221417300.10112@svl-jtac-lnx02.juniper.net> <20171124063041.GA21793@faui40p.informatik.uni-erlangen.de> <DM5PR05MB31452E571F227E67EEC50C95D4260@DM5PR05MB3145.namprd05.prod.outlook.com> <20171124152148.GB21793@faui40p.informatik.uni-erlangen.de> <CAHANBtJEaWqQ9hDiM0pyWAH4Trip99HNq1-jePF24OWn6ziGAg@mail.gmail.com>
In-Reply-To: <CAHANBtJEaWqQ9hDiM0pyWAH4Trip99HNq1-jePF24OWn6ziGAg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [66.129.241.13]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY1PR0501MB2154; 7:g/lfplrZ4jzrPlP7ctDB7a8PQxWXirYZq2Y1GdHeO/CFPiGol6SsS1jGHASwHCKPSiP3AR3mdGY2eXXzongeyuT+oBHqtVOc1dXHNp+/9fX+dH8vceyDoi08bU9XC80uAndAPpdSbzjXYk4kBuwipqMXkWvcYpggrTpimMwt1c72ANyLKL2ZLoyETG3wX3V5aoXzF1TinGkYCMjBjGw5EJQTDCssYuSRZI/8RkQLx0g48asCIM6KYaIeGH8K2Xn3
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 710f2583-7966-4871-3cbe-08d559124ee2
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(48565401081)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:CY1PR0501MB2154;
x-ms-traffictypediagnostic: CY1PR0501MB2154:
x-microsoft-antispam-prvs: <CY1PR0501MB215483F1EE5258B287AB9C08D4160@CY1PR0501MB2154.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(10436049006162)(138986009662008);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040470)(2401047)(5005006)(8121501046)(10201501046)(3002001)(93006095)(93001095)(3231023)(944501075)(6055026)(6041268)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(6072148)(201708071742011); SRVR:CY1PR0501MB2154; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CY1PR0501MB2154;
x-forefront-prvs: 0549E6FD50
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(376002)(39380400002)(366004)(39860400002)(346002)(24454002)(51914003)(13464003)(189003)(199004)(575784001)(478600001)(66066001)(4326008)(99286004)(2950100002)(966005)(86362001)(6506007)(59450400001)(53546011)(7696005)(110136005)(25786009)(76176011)(54906003)(93886005)(14454004)(2906002)(55016002)(305945005)(229853002)(2900100001)(6116002)(3846002)(33656002)(97736004)(102836004)(316002)(6246003)(53936002)(74316002)(7736002)(77096006)(81166006)(105586002)(106356001)(6306002)(9686003)(230783001)(8676002)(68736007)(5660300001)(6436002)(81156014)(3660700001)(3280700002)(8936002)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0501MB2154; H:CY1PR0501MB1340.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
x-microsoft-antispam-message-info: iuoRGQe2T96q15RXx14zHg3Ec748UA9T5YIBFVstGX5bwEjsri/fo1qO8mDNoZYKy+DQpKN65XKyblwu4f9DeQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 710f2583-7966-4871-3cbe-08d559124ee2
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jan 2018 16:42:30.9355 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0501MB2154
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-11_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801110230
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/qTk0c8PaPS9d5_8UVUAFZXEcqWM>
Subject: Re: [bess] bess: draft-zzhang-bess-mvpn-msdp-sa-interoperation
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jan 2018 16:42:50 -0000

Sorry for the late follow-up on this.

> -----Original Message-----
> From: Stig Venaas [mailto:stig@venaas.com]
> Sent: Monday, December 4, 2017 5:18 PM
> To: Toerless Eckert <tte@cs.fau.de>
> Cc: Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>et>; MBONED WG
> <mboned@ietf.org>rg>; Toerless Eckert <tte+ietf@cs.fau.de>de>; Lenny Giuliano
> <lenny@juniper.net>et>; bess@ietf.org
> Subject: Re: [bess] bess: draft-zzhang-bess-mvpn-msdp-sa-interoperation
> 
> Hi
> 
> On Fri, Nov 24, 2017 at 7:21 AM, Toerless Eckert <tte@cs.fau.de> wrote:
> > On Fri, Nov 24, 2017 at 02:26:39PM +0000, Jeffrey (Zhaohui) Zhang wrote:
> >> > a) I was asking Jeffrey in the WG meeting if he saw any difference
> >> >    between MSDP and 4610 wrt. to the applicability of your draft, and
> >> >    he also said no (as i think too), thats where this originated.
> >>
> >> On the spot I did make a mistake that I thought with 4610 the RPs would
> propagate registers (received from a C-RP) to another :-) Lenny caught that.
> 
> Isn't that exactly what 4610 does though? Any register received by one
> RP in the anycast RP set, is replicated and sent to each of the other
> routers in the set.

What I meant is that in the meeting I had thought a RP, say RP2, would forward the register that it receives from another RP, say RP1, to other RPs, say RP3. In RFC 4610, only registers from the DRs are propagated, directly to all RPs. RPs do not relay registers from a RP.

More below.

> 
> Stig
> 
> > Ok. But the fact that it does not just means tht 4610 just acts like
> > an MSDP mesh group, and your draft is equally applicable to MSDP mesh
> > groups and therefore equally to 4610 (IMHO).

With RFC 4610, the RP closest to the source DR sends the register from the source DR directly to all other RPs using its own address. With that put in an MVPN environment, a PE receiving an MVPN SA does not need to do anything additional - if it is an anycast RP it'll already have received the register from the anycast RP closest to the source DR.

The "register mesh" among the anycast RPs are simple register-driven stateless messages and we're not trying to optimize that. In case of MSDP you have control plane messages (over MSDP peering sessions) and states, and MSDP peers propagate SA messages. That what we're trying to optimize - remove that among the PEs.

> >
> > In fact, as soon as you have a setup that is not equivalent to
> > a mesh group, considerations for MSDP become more difficult.

The PEs that run MSDP essentially form an MSDP mesh-group by way of MVPN SAs. That MSDP mesh-group-equivalent integrates with the customer's MSDP infrastructure.

> >
> > [...]
> >
> >> >    it would be great to give
> >> >    examples of the so tht one can check if/how the proposed spec in your
> >> >    draft would work in the fce of those cases existing MSDP RPF rules
> >> >    (which can of course be quite complex).
> >>
> >> Yes more text would help. The idea is that MVPN SA messages would just be
> treated as MSDP SAs from the PE that originated the SAs. Those MSDP SAs
> received from true MSDP peers and those treated as MSDP SAs would follow
> the existing MSDP rules.
> >
> > Right. But the problem is when you have non-PE RPs running MSDP
> > without mesh group, so the MSDP connectivity is set up with the assumption
> > that some of the RPF rules apply to avid looping MSDP SAs. Now you
> introduce
> > an MVPN core represented in that MSDP SA RPF loop prevention, and
> > you need to look how that will work.

Upon further thoughts, the PEs running MSDP form a mesh-group by way of MVPN SA. Once you model it that way, things become a lot clearer.

> >
> > I have not tried to imagine any such complex non-mesh-group seteup
> > because i have not see this in the real world. If you have, then it would
> > be great to explain that example in the draft. But if you have any
> > such example from the real world, i think we have a more fundamental
> > problem:
> >
> > If there are really future important non-mesh group MSDP + MVPN examples,
> > that can not be converted better to mesh groups, then we have the
> > fundamental problem that we have no solution (yet) how to solve
> > such setup requirements with IPv6. Because we don't have MSDP there.
> > And we established it can't be converted to mesh-group. Aka: can't
> > be replaced with 6410.
> >
> > So, i would suggest the draft distinguishes between mesh-group
> > and non-mesh-group MSDP setups. For the mesh-group setups, it should
> > be defined to work equally for MSDP and 6410. For the non-mesh group
> > setup we shuold vet whether that case is declared to be "non-relevant/
> > non-supported" because we have no evidence of need in real-world... OR
> > we have to solve another IPv6 issue.

I think we can model it this way:

- A customer's MSDP infrastructure can be however they want it to be - meshed or non-meshed.
- For MVPN purpose, only one of the PEs need to run MSDP (so that it can originate MVPN SAs for learnt sources). If a customer does not need to have another PE to run MSDP, nothing else need to be done. That MSDP PE may not even be part of the MSDP mesh (if mesh is used).
- Assuming more than one PEs need to run MSDP. Those MSDP PEs will be part of a mesh group, which is either a mesh group of their own (for the PEs) and integrates into the larger non-mesh MSDP infrastructure, or a larger mesh group that includes other MSDP speakers.

Does that make sense?

Jeffrey

> >
> > Cheer
> >     Toerless
> >
> >> >
> >> > 3) Btw: It would be good if you would add some picture to your draft
> >> >    starting from section 2 to illustrate your text example PE1, PE2
> >> >    and so on.
> >>
> >> Sure.
> >>
> >> >
> >> >    Also, your draft says:
> >> >
> >> >      [RFC6514] only specifies that a PE receiving the MVPN SA routes, say
> >> >      PE2, will advertise (C-S,C-G) C-multicast routes if it has
> >> >      corresponding (C-*,C-G) state learnt from its CE
> >> >
> >> >    can you point me to the text in 6514 that says that ?
> >>
> >> The full text is the following:
> >>
> >> 14.2.  Receiver(s) within a Site
> >>
> >>    ...
> >>
> >>    When (as a result of receiving PIM messages from one of its CEs) a PE
> >>    creates, in one of its MVPN-TIBs, a (new) (C-*,C-G) entry with a non-
> >>    empty outgoing interface list that contains one or more PE-CE
> >>    interfaces, the PE MUST check if it has any matching Source Active
> >>    A-D routes.  If there is one or more such matching routes, and the
> >>    best path to C-S carried in the matching route(s) is reachable
> >>    through some other PE, then for each such route the PE MUST originate
> >>    a Source Tree Join C-multicast route.  If there is one or more such
> >>    matching routes, and the best path to C-S carried in the matching
> >>    route(s) is reachable through a CE connected to the PE, then for each
> >>    such route the PE MUST originate a PIM Join (C-S,C-G) towards the CE.
> >>
> >>    When, as a result of receiving a new Source Active A-D route, a PE
> >>    updates its VRF with the route, the PE MUST check if the newly
> >>    received route matches any (C-*,C-G) entries.  If there is a matching
> >>    entry, and the best path to C-S carried in the (A-D) route is
> >>    reachable through some other PE, the PE MUST originate a Source Tree
> >>    Join C-multicast route for the (C-S,C-G) carried by the route.  If
> >>    there is a matching entry, and the best path to C-S carried in the
> >>    (A-D) route is reachable through a CE connected to the PE, the PE
> >>    MUST originate a PIM Join (C-S,C-G) towards the CE.
> >>
> >> Jeffrey
> >>
> >> >
> >> > Cheers
> >> >     Toerless
> >> >
> >> > On Wed, Nov 22, 2017 at 02:38:09PM -0800, Leonard Giuliano wrote:
> >> > > Toerless,
> >> > >
> >> > > Thanks for the comments.  After thinking about your feedback on
> RFC4610 a
> >> > > bit, I'm not sure that case is applicable here.  Consider the 2 directions
> >> > > of interworking:
> >> > >
> >> > > 1) MSDP SA/AnycastRP_PIM_Register -> MVPN SA
> >> > >
> >> > > 2) MVPN SA -> MSDP SA/AnycastRP_PIM_Register
> >> > >
> >> > > As I understand, #1 is already covered by RFC6513/6514.  #2 is the
> missing
> >> > > piece that this draft attempts to address.  I don't believe #2 will be
> >> > > applicable for RFC4610, as these registers only go to members of the RP
> >> > > set.  And the RP set should be configured on all the C-RPs.  It wouldn't
> >> > > make much sense to have these registers transit the MVPN domain to
> go to
> >> > > an AnycastRP not in the configured RP set.
> >> > >
> >> > > Hope this is clear, and let me know if I'm missing anything.
> >> > >
> >> > > -Lenny
> >> > >
> >> > > | -----Original Message-----
> >> > > | From: BESS [mailto:bess-bounces@ietf.org] On Behalf Of Toerless
> Eckert
> >> > > | Sent: Monday, November 13, 2017 9:43 PM
> >> > > | To: bess@ietf.org
> >> > > | Cc: mboned@ietf.org
> >> > > | Subject: [bess] bess: draft-zzhang-bess-mvpn-msdp-sa-interoperation
> >> > > |
> >> > > | Jeffrey presented subject draft in mboned. Given how i am
> >> > > | not usually tracking BESS WG mailing list and may not be around:
> >> > > |
> >> > > | I would like to see subject draft to be adopted as a WG document in
> BESS
> >> > > | and become an update to RFC6514 (not to say bugfix ;-).
> >> > > |
> >> > > | Feeedback detail: The draft should be amended to fix the same
> problem
> >> > not only for
> >> > > | MSDP SA but also RFC4610 and probably accordingly change the draft
> >> > name.
> >> > > |
> >> > > | Cross-posted to mboned (sorry) because there where a couple of
> MBoned
> >> > > | participants expressing support for the draft in BESS and may like me
> not
> >> > > | be BESS regulars.
> >> > > |
> >> > > | Cheers
> >> > > |     Toerless
> >> >
> >> > --
> >> > ---
> >> > tte@cs.fau.de
> >> >
> >> > _______________________________________________
> >> > BESS mailing list
> >> > BESS@ietf.org
> >> > https://urldefense.proofpoint.com/v2/url?u=https-
> >> >
> 3A__www.ietf.org_mailman_listinfo_bess&d=DwICAg&c=HAkYuh63rsuhr6Scbf
> >> > h0UjBXeMK-
> >> >
> ndb3voDTXcWzoCI&r=f7wsLGcfzAWDNS6XNTBZwj_OLAOsZZqdrR2IDAzeZqE&
> >> > m=hQz-
> NA6r7ahWKqMy6aI7ZXX5lvGX1ubRovr3Co5_VNE&s=rC5k8JOSHYD-
> >> > XaNaPGxhtl-yyDQhzqd909XjwXnS5EI&e=
> >
> > --
> > ---
> > tte@cs.fau.de
> >
> > _______________________________________________
> > BESS mailing list
> > BESS@ietf.org
> > https://urldefense.proofpoint.com/v2/url?u=https-
> 3A__www.ietf.org_mailman_listinfo_bess&d=DwIBaQ&c=HAkYuh63rsuhr6Scbf
> h0UjBXeMK-
> ndb3voDTXcWzoCI&r=f7wsLGcfzAWDNS6XNTBZwj_OLAOsZZqdrR2IDAzeZqE&
> m=-Yv9chsv6onKxQxzY8Z78-ishwqkEXZgZw8700YWh1U&s=y-
> wCQjhPPdr7KMPCYNM8K1KXb5FSMT7O1w3NM_42OaQ&e=