[bess] Re: [Shepherding AD review] Pre-IETF Last-Call review of draft-ietf-bess-evpn-mh-split-horizon-08
"Jorge Rabadan (Nokia)" <jorge.rabadan@nokia.com> Thu, 20 June 2024 15:14 UTC
Return-Path: <jorge.rabadan@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43D1DC151707; Thu, 20 Jun 2024 08:14:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.252
X-Spam-Level:
X-Spam-Status: No, score=-2.252 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.148, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nokia.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9yKtErYItou3; Thu, 20 Jun 2024 08:14:48 -0700 (PDT)
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2057.outbound.protection.outlook.com [40.107.237.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5FAFFC14F6EC; Thu, 20 Jun 2024 08:14:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LP9BhOwTlVgOViNC5jUrD5yh01Q9Qt/tBHsiPH4azrbsXXcB27R5dSsiXMB5xSPNm84nJwz0avt2AHNzJDLEgm9qqpQtgG6YxjtDGQtK+hHoXMqAl1fRZOueDmnVe83lsXnFHs1FtJzVL37wy5PnoYXFySuqQ2489jxbQtGTZLB96fa+J0yhm9wLJxGQ+J4EuPmQNngLFfJ2a/cggNkYQjUYQDhAcwP5dvRgbD6ScDL5nX5gGPpKeLJ1hhTrJ51MzLX3vHra4m+ZRLOmLsuA9xjj2wOBTbTSuYuGoyOHZNjDm9+qHLBtZgYn9AEpoEY/+Ckx/V8y65C3lNjw5+I12w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eHlWCgBQ4OYsKCeN7C+vtArHkZxB2jhxkAkermadt9M=; b=OCrYuPzzVPjDJNxAUdNFZajf1a4Cq3t4/Nqr6J8MJxEL5j+51aAjU53uCxu1l0DH6zTIKbvVRw+kkelCwuTu2njJjyX2cNBONjxoCYZHjZDgkGAfjbDTIpzR/6aGDmshM4mQw9VqCPocQ5QYqJSRwcO2zdRsrOypN4GerZmBnwDqZjq7WPbnfcVtzqPRz2xq2F27PsHOT+EsLwdOF0IUG+eJ4yDQdkXZfD/dc1sFMincuroNDgrBoBJSpFr/uUHnnlUMg1U2is9mM4VyIu45SAkX1cP8DqKbAllnS3TJ4+SyyBlNS8fQkXHvgHT0CY9G5vc2ypwq78V3YihyoLA34Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eHlWCgBQ4OYsKCeN7C+vtArHkZxB2jhxkAkermadt9M=; b=iGn6cW3s/yZxeng8Mnhbuo4b1FpnqrLmv/HdKiD/VvNG33nx2TcuqHCrV4UJpsdSaAPymAm93CvwwCAtKkjQa2rZi8BS5OCmhhgGWrUyGEn9kN+zMZPxjqgbTW0yoRhvuKHF83YWz1JqRkBFsNIeV/72NdH3p/A5fdVhohjpwl/sxNJ1sPxC8LNUxdjoD9QdieMo13oH7Ag1rp3Skzu7krtrhN8BC2xdWsX2cfPb83Gs8z30Rsa0PB25bxVNDcvfRuhJ1O+m2AaAu0mUG3bbS6IRGVFDjYzzoPbirb6KeWGnSKTuKqmcVe4Mx8fA6qY4N8FIDon1semH70qI9p5zbw==
Received: from SA1PR08MB7215.namprd08.prod.outlook.com (2603:10b6:806:1a9::17) by PH0PR08MB8342.namprd08.prod.outlook.com (2603:10b6:510:166::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7698.19; Thu, 20 Jun 2024 15:14:39 +0000
Received: from SA1PR08MB7215.namprd08.prod.outlook.com ([fe80::b10c:f208:adaa:c369]) by SA1PR08MB7215.namprd08.prod.outlook.com ([fe80::b10c:f208:adaa:c369%5]) with mapi id 15.20.7698.020; Thu, 20 Jun 2024 15:14:39 +0000
From: "Jorge Rabadan (Nokia)" <jorge.rabadan@nokia.com>
To: "Gunter van de Velde (Nokia)" <gunter.van_de_velde@nokia.com>, 'BESS' <bess@ietf.org>
Thread-Topic: [Shepherding AD review] Pre-IETF Last-Call review of draft-ietf-bess-evpn-mh-split-horizon-08
Thread-Index: Adq8HMj6IWzIxN5PTdSTYPmU1l93swGQAipe
Date: Thu, 20 Jun 2024 15:14:39 +0000
Message-ID: <SA1PR08MB7215A6DF195B798B29908ECAF7CF2@SA1PR08MB7215.namprd08.prod.outlook.com>
References: <AS1PR07MB85896624830690B704ACEBA9E0C72@AS1PR07MB8589.eurprd07.prod.outlook.com>
In-Reply-To: <AS1PR07MB85896624830690B704ACEBA9E0C72@AS1PR07MB8589.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA1PR08MB7215:EE_|PH0PR08MB8342:EE_
x-ms-office365-filtering-correlation-id: 00b14071-4696-4b78-2fc1-08dc913bb443
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230037|366013|376011|1800799021|38070700015;
x-microsoft-antispam-message-info: ubl+nFnQdKoSTEQRJuZyxZG1rshVU5e9J/4mnWjl+EWJxeW1NStCjZwQ2VEiPLsFw1nU3fbihDThv0ggNKQfILDc5utwvA9YlV6X4kC75T1DLMMqYxGIMd+iWG2yJJ8ftbQiZBKxPVCDxn79XtvkUGS50qa7naa/6Hi9MKbg2GtF7AZkaB7utibIMhhNtBt0i50old0QTMYGRTZ5sxJE9locKCE6jp4Pe0w6gvnttw87Ye8UTA3i8H0sD2kbWH/caiVfwZngaKNXevXSiXq6YXrxCenaFT4ktS9AtFtq4i7KHix7Yhvj8sm+WDwV7VUMYpeLl8MavkD5IFoE+DZuN5pl0BRKDCGQqAKgeJtcQvWTo7GyXC8qTctHnXUcLlEThivbnPEDPSkHRc6k12ZUafQuv1pVGjHlJcXYzudW0raaMAiFY8FounHn8ZW8IZmGyiCnfuzS4oiAJaJDvna1RogkIHHKVvv8LHEoM80qgB7Uy5khcFDvKxLE0oElLO8Pi+k1EgUsUpy78MMnT7XYSQtmYP+YWyAhuWKCEIexDYH4Tbs0lzkEryN+qDVAsqSXSCdfpAJNzB0La3T3p/7jHq1wjvCcxLYqs9dXA2xZ25vLeQ0urYpRi46fUyRZVkM8c/nqE8odLpD6mwBFEtu/bePBYTUFP45q3KSWylv33FCHxKn+rzAWkin92gJURtXMrQosP0juhG7vcjgLNrslNqnQVHoSTXfB3A7tATada3BXcxAO6KLo3bZnPxMBXkiwqtkdKI3G0qf5WzDEz2aBAwYRsoPfUG9T75Y83hk7Plv6hr0/peQinpENG+RiNMtsxzVx8MvPHq1rOpjqN5tmxAFYzaEYgkpTb+/WgaWeCWAZ2KufmXhkJLdlWfe92V5Wj0J61RnbUUhiF7Re7oIYe+9Y8SQt3wKRf95FC1Z23P+Al05I4N3Z9ZvXb40NXPZkNh7zz48huF2fHzGKE41Tb7IqCo6APVXWOX+wD70Op3yDXo6dq4OFUxQ8kWDfwIr2kDCp1iy9nhUl5shA2zIt+egRm8orBJeSfnIn0cWGX9Posd7kPQaNrSBs1imMC4vca/V55nDUKNm6oHV5fcUUZ6Tsu4avN2oT4vy8Fay5QtkEAgzM/re3JQfQwYrvQRD1v76b238Qnp2a2zAMgrqOX7xhwMV3K8S5Fyxw56NV45N5Xaw1uJKceusL8M7gULJuD2lyadG7o7VtwAkXFZsoBmVVEVf+e8kT1ukTgUIU2COCvBOFbVFlWcSnXJZcM8IooVHrJaBrOJHAc/xmY0WOkkQ0+RdfxGkeNihvy+wmQrg4rc88+DRpnrBRaB46N5Gq
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SA1PR08MB7215.namprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230037)(366013)(376011)(1800799021)(38070700015);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: oNTwdVJ47TWWE3O1XwfpCRbpFs8NW+AnbIc66BtCdIOohaGDoXcKW/koozIxypWd7JY8dNYROoTb31I76cKziE1Hr39VQmjB07cHysG1Vhgi6Ni33ZSNgvomRjx0L4okJDQKJov/ElEVZmb0EaHENHFB2eKMMWbKjKEKUO1K5iB35AV6nQ/r2yVnBrpZ5LnZAYT0tswjKxYYRlAetMKGHTD1OUC2vXah/gik9o1I0MnlAhgVlV8CsWJyPOUa07JUjvASFV2BTpAWo8XgSqV/1DmDum2PGHjNAOK5i9uyeLdxGG0ua5v8T3w01k7st/ihIc5jVomkhZbeObg+uNRbS++Lu2MQ70Rn2XXX8Nn3BEAjEzZTEdgO3jKMJg3/XOeHfUlZox3sBNAUy9sMjHOUQt+QorWeHKV9E4xuyq81hFmC5kL/OxRLXi9UB2HmLM0WGJtkZf0+6BB7igcKiFZ0gknE1hMAnrEKMA+vUI/3hYo3eUaUdygUe8x9AYFUj4OMpXGdYe2ka+0VZrwa2mXwVxcfrgIctHknwmnTHo3ZO4IlE7ftcwkgAUL3D90FD7FLAn6UiFYvNgQz+k0/uIcsbTNpkDmOAADCHFVTrcOOzunvivgKdKfLd+EPu8if0ZsM1nFR+uPynpjc2/+oSi0dDB1t7lL9hE0CcowFj9szGsuUdB4Ah8ZngRh1rmUg4fqMeoiprsEHV9z+n3uqcx+ZXIOGvIBCCyuwnbwUmc1fUZt7JE4TK5eXaU8F2YJrGVCwHWomw1iQ1gcX22v8A4Hkv8CTr+C2UVidnyxnwbSLNkT/m2WXsSFMunzxqnEwT8fQ2PFU8yJR6Pi71JXb830gUvA1fUsqwazXYqpjTPWkH2akZI4TEzqbpDqhHNqEsbQGNeJdFIWKag1IdfwshndmGV6s/vYYZHuKzhFusWCQyhOoxpWG9mtgx/TKKwW/nPIO0gD2IT6qV9Om8ql12wUnK4qWD35Cowq+xlKVEB9wGQUk88tnM9gLSJhcfdZxyWsNngZR+8E1gR4Yic0Q5o8vp5Nx23DGTQsBx6P2t3z1s9Q38vjU3MNacXUOsJyRMXT371PZ8vU9YqL8abWKdhqeg5i7bZDPkqDNC9MqFGOR74AJWe8AcouH+Csf4xXbZaahTO2yfigO28TKm0prHRNXa5eNF1cudKMnVCvsPqONBKQO/3uOYXxnyei2/bzDesZYhmR8w1KQppYTn5QE0FWgGgb/dTYucUShwbzeIEzFtET7W7NYdLYHYT4VOwu5ca2w34WRx2xa/+Ehk+qaaVdx1DD4CflvGWL44D17aYzxVv9U1Eioiayp1u3M4tw3ywDZn5LSpcPJOWyGXNems/Yob6Mwx6jrEXjgLb9E+JZhI5Y1ww/1EwTxkXOyNrnNWB37/vxTDqW1Ps7MqVvo9uNWXS1UtgculUKEs9fudNOVZm3SKOj7DbFlubKEMbHJ2aWPrFLYnAO8USQHbL+6+rm8KO/kWFRtzGeQB8c46TEGnAksjN0EB/TXi5o2FwUFZwmbmZVut9qoKnZbcuuwGwQgQsu0OwfiwSSNhFnqlYgpyfFUhJVMERDZ/nl905Pi4uchSmJ07ZArztJYhoEAdzg1yQ==
Content-Type: multipart/alternative; boundary="_000_SA1PR08MB7215A6DF195B798B29908ECAF7CF2SA1PR08MB7215namp_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA1PR08MB7215.namprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 00b14071-4696-4b78-2fc1-08dc913bb443
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jun 2024 15:14:39.2844 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 3yA6y1G4LaLR5h/DQES8yTs0rO1Ik9U3WWwx+LsbnXG10KxsEqrZ2Sf7bepi8fpu9YvQf0Muxx/fOB20WC+1qA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR08MB8342
Message-ID-Hash: ZNMN3CEJE2PSJF7KP3MM7M53RWOD4FJX
X-Message-ID-Hash: ZNMN3CEJE2PSJF7KP3MM7M53RWOD4FJX
X-MailFrom: jorge.rabadan@nokia.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-bess.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-bess-evpn-mh-split-horizon@ietf.org" <draft-ietf-bess-evpn-mh-split-horizon@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [bess] Re: [Shepherding AD review] Pre-IETF Last-Call review of draft-ietf-bess-evpn-mh-split-horizon-08
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/qbx3SggZ66cTikHlHnBI7qZzvSk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Owner: <mailto:bess-owner@ietf.org>
List-Post: <mailto:bess@ietf.org>
List-Subscribe: <mailto:bess-join@ietf.org>
List-Unsubscribe: <mailto:bess-leave@ietf.org>
Hi Gunter, Thank you very much for your thorough review. You helped a lot to improve the readability. Your comments have been addressed in revision 09. Please see in-line with [jorge] to see how we resolved your comments. Thanks! Jorge From: Gunter van de Velde (Nokia) <gunter.van_de_velde@nokia.com> Date: Tuesday, June 11, 2024 at 9:34 AM To: 'BESS' <bess@ietf.org> Cc: draft-ietf-bess-evpn-mh-split-horizon@ietf.org <draft-ietf-bess-evpn-mh-split-horizon@ietf.org> Subject: [Shepherding AD review] Pre-IETF Last-Call review of draft-ietf-bess-evpn-mh-split-horizon-08 # Gunter Van de Velde, RTG AD, comments for draft-ietf-bess-evpn-mh-split-horizon-08 Hi Authors, Many thanks to Himanshu Shah for the RTG-DIR review and Jouni Korhonen for GENART review. Please find some review notes below. Before processing the draft further with the IESG and requesting IETF Last-Call, please have a look into these observations. I believe the document is well written. Mostly the observations are efforts to further enhance grammar/readablity and try to clarify some formal procedures. There is some need to expand with more content on the flags field for which the IANA section requests a new 8 bit flags registery. I also wonder if the 'RFC Required' is strict enough to contol the 8 bits. I am wondering if we should not enforce IETF consensus/review to allocate any of them? When the registry policy is set to "IETF Review" we make sure that there is an IETF track document. Individual submissions are not valid for requesting a code point with "IETF Review" policy. Also, would authors investigate if the not-yet-allocated flag bits are unused or reserved, and what the implied actions are for senders/recipients of the bits within the flags field are. And finally, where in the existing IANA registry will the new flags field registry be placed? It is not mentioned in the draft. [jorge] OK, IANA section changed accordingly. We reviewed other potential bits being used, and we only found: draft-ietf-bess-evpn-l2gw-proto-04<https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-l2gw-proto-04#name-iana-considerations> Which uses the allocation of “10” in the mutihoming redundancy mode field. Also, note that there were discussions about whether the request of the main registry (the EVPN ESI Label Ext community Flags registry) should be done here or in I-D.ietf-bess-rfc7432bis. We concluded that this might be moved depending on what document of the two gets published first. Thanks for all the hard work on this document. Before progressing i will be waiting for your feedback and your revised drafts. Please find below my observations when going through draft-ietf-bess-evpn-mh-split-horizon-08 #Review Observations #=================== 16 Ethernet Virtual Private Network (EVPN) is commonly used along with 17 Network Virtualization Overlay (NVO) tunnels, as well as MPLS and 18 Segment Routing tunnels. The EVPN multi-homing procedures may be 19 different depending on the tunnel type used in the EVPN Broadcast 20 Domain. In particular, there are two multi-homing Split Horizon 21 procedures to avoid looped frames on the multi-homed CE: ESI Label 22 based and Local Bias. ESI Label based Split Horizon is used for 23 MPLSoX tunnels, E.g., MPLSoUDP, whereas Local Bias is used for other 24 tunnels, E.g., VXLAN tunnels. The existing specifications do not 25 allow the operator to decide which Split Horizon procedure to use for 26 tunnel encapsulations that could support both. Examples of tunnels 27 that may support both procedures are MPLSoGRE, MPLSoUDP, GENEVE or 28 SRv6. This document updates the EVPN Multihoming procedures in 29 RFC8365 and RFC7432 so that an operator can decide the Split Horizon 30 procedure for a given tunnel depending on their own requirements. Maybe a proposed readability re-edit as follows helps reders of the abstract to understand the document intent better: " Ethernet Virtual Private Network (EVPN) is commonly used with Network Virtualization Overlay (NVO) tunnels, as well as MPLS and Segment Routing tunnels. The multi-homing procedures in EVPN may vary based on the type of tunnel used within the EVPN Broadcast Domain. Specifically, there are two multi-homing Split Horizon procedures designed to prevent looped frames on multi-homed Customer Edge (CE) devices: the ESI Label-based procedure and the Local Bias procedure. The ESI Label-based Split Horizon is applied to MPLS-based tunnels, such as MPLSoUDP, while the Local Bias procedure is used for other tunnels, such as VXLAN. Current specifications do not allow operators to choose which Split Horizon procedure to use for tunnel encapsulations that support both methods. Examples of tunnels that may support both procedures include MPLSoGRE, MPLSoUDP, GENEVE, and SRv6. This document updates the EVPN multi-homing procedures described in RFC 8365 and RFC 7432, enabling operators to select the appropriate Split Horizon procedure for a given tunnel based on their specific requirements. " [jorge] took your text, thanks! 85 Ethernet Virtual Private Network (EVPN) is commonly used with the 86 following tunnel encapsulations: 88 * Network Virtualization Overlay (NVO) tunnels as specified in 89 [RFC8365] 91 * MPLS and Segment Routing with MPLS data plane (SR-MPLS), as 92 specified in [RFC7432] 94 * Segment Routing with IPv6 data plane (SRv6), as specified in 95 [RFC9252]. The abstract mentions: MPLSoGRE, MPLSoUDP, GENEVE or SRv6 The list here does not explicit calls these out. Can relevant references be added? Also is an MPLS lsp considered as a tunnel in the context of this document? if yes, it maybe should be added next to referencing SRv6? [jorge] ok, done 97 The EVPN multihoming procedures may be different depending on the 98 tunnel type used in the EVPN Broadcast Domain. In particular, there 99 are two multihoming Split Horizon procedures to avoid looped frames 100 on the multihomed CE: ESI Label based and Local Bias. ESI Label 101 based Split Horizon is used for MPLS or MPLSoX tunnels, E.g., 102 MPLSoUDP [RFC7510], and its procedures described in [RFC7432]. Local 103 Bias is used by IP tunnels, E.g., VXLAN tunnels, and it is described 104 in [RFC8365]. From readability perspective, the following can be used to improve the text: " The EVPN multihoming procedures may vary depending on the type of tunnel utilized within the EVPN Broadcast Domain. Specifically, there are two multihoming Split Horizon procedures employed to prevent looped frames on multihomed Customer Edge (CE) devices: the ESI Label-based procedure and the Local Bias procedure. The ESI Label-based Split Horizon procedure is used for MPLS or MPLS-over-X (MPLSoX) tunnels, such as MPLS-over-UDP as specified in [RFC 7510], and its procedures are detailed in [RFC 7432]. Conversely, the Local Bias procedure is used for IP-based tunnels, such as VXLAN tunnels, and it is described in [RFC 8365]. " [jorge] ok, done 112 When EVPN is used for MPLS transport tunnels, an MPLS label 113 enables the Split Horizon filtering capability to support All- 114 Active multihoming. The ingress Network Virtualization Edge (NVE) 115 device adds a label corresponding to the source ES (an ESI label) 116 when encapsulating the packet. The egress NVE checks the ESI 117 label when attempting to forward a multi-destination frame out of 118 a local ES interface, and if the label corresponds to the same 119 site identifier (ESI) associated with that ES interface, the 120 packet is not forwarded. This prevents the occurrence of 121 forwarding loops for BUM traffic. 123 The ESI Label Split Horizon filtering SHOULD also be used with 124 Single-Active multihoming to avoid transient loops for in-flight 125 packets when the egress NVE takes over as Designated Forwarder for 126 an ES. I am wondering if the SHOULD in the above paragraph is something this document is adding to its formal procedures? if not, then i wonder why RFC2119 language is used. In the contex above it seems to be more a suggestion then a formal procedure description. In the below roposed rewrite, i used lowercase should. [jorge] I agree, this should be lower case. Changed. From readability perspective, the following can be used to improve the text: " When EVPN is employed for MPLS transport tunnels, an MPLS label facilitates Split Horizon filtering to support All-Active multihoming. The ingress Network Virtualization Edge (NVE) device appends a label corresponding to the source Ethernet Segment Identifier (ESI label) during packet encapsulation. The egress NVE verifies the ESI label when attempting to forward a multi-destination frame through a local Ethernet Segment (ES) interface. If the ESI label matches the site identifier (ESI) associated with that ES interface, the packet is not forwarded. This mechanism effectively prevents forwarding loops for Broadcast, Unknown Unicast, and Multicast (BUM) traffic. The ESI Label Split Horizon filtering should also be utilized with Single-Active multihoming to prevent transient loops for in-flight packets when the egress NVE assumes the role of Designated Forwarder for an ES. " [jorge] ok, done 130 Since IP tunnels (such as VXLAN or NVGRE) do not support the ESI 131 label (or any MPLS label at all), a different Split Horizon 132 filtering procedure must be used for All-Active multihoming. This 133 mechanism is called Local Bias and relies on the tunnel source IP 134 address to decide whether to forward BUM traffic to a local ES 135 interface at the egress NVE. 136 137 In a nutshell, every NVE tracks the IP address(es) associated with 138 the other NVE(s) with which it has shared multihomed ESs. When 139 the egress NVE receives a BUM frame encapsulated in a IP tunnel, 140 it examines the source IP address in the tunnel header (which 141 identifies the ingress NVE) and filters out the frame on all local 142 interfaces connected to ESes that are shared with the ingress NVE. 143 144 Due to this behavior at the egress NVE, the ingress NVE's behavior 145 is also changed to perform replication locally to all directly 146 attached ESes (regardless of the Designated Forwarder election 147 state) for all BUM ingress from the access ACs. Because of this 148 "local" replication at the ingress NVE, this approach is referred 149 to as Local Bias. 150 151 Local Bias cannot be used for Single-Active multihoming, since the 152 ingress NVE brings operationally down the Attachment Circuits 153 (ACs) for which it is non-Designated Forwarder (hence local 154 replication to non-Designated Forwarder ACs cannot be done). This 155 means transient in-flight BUM packets may be looped back to the 156 originating site by new elected Designated Forwarder egress NVEs. >From readability perspective, the following can be used to improve the text: " Since IP tunnels, such as VXLAN or NVGRE, do not support the ESI label or any MPLS label, an alternative Split Horizon filtering procedure must be implemented for All-Active multihoming. This mechanism, known as Local Bias, relies on the source IP address of the tunnel to determine whether to forward Broadcast, Unknown Unicast, and Multicast (BUM) traffic to a local Ethernet Segment (ES) interface at the egress Network Virtualization Edge (NVE). In summary, each NVE monitors the IP address(es) of other NVEs with which it shares multihomed ESs. Upon receiving a BUM frame encapsulated in an IP tunnel, the egress NVE inspects the source IP address in the tunnel header, which identifies the ingress NVE. The egress NVE then filters out the frame on all local interfaces connected to ESs that are shared with the ingress NVE. Due to this behavior at the egress NVE, the ingress NVE is required to perform local replication to all directly attached ESs, regardless of the Designated Forwarder election state, for all BUM traffic ingressing from the access Attachment Circuits (ACs). This local replication at the ingress NVE is the basis for the term Local Bias. Local Bias is not suitable for Single-Active multihoming, as the ingress NVE deactivates the ACs for which it is not the Designated Forwarder. Consequently, local replication to non-Designated Forwarder ACs cannot occur, leading to the potential for transient in-flight BUM packets to be looped back to the originating site by newly elected Designated Forwarder egress NVEs. " [jorge] ok, done 158 [RFC8365] states that Local Bias is used only for IP tunnels, and ESI 159 Label based Split Horizon for IP-based MPLS tunnels. However, IP- 160 based MPLS tunnels, such as MPLSoGRE or MPLSoUDP, are also IP tunnels 161 and can potentially support both procedures, since they can carry ESI 162 Labels and they also use a tunnel IP header where the source IP 163 address identifies the ingress NVE. 164 165 Similarly, some IP tunnels that carry an identifier of the source ES 166 in the tunnel header, may potentially follow either procedure too. 167 Some examples are GENEVE or SRv6: >From readability perspective, the following can be used to improve the text: " [RFC 8365] specifies that Local Bias is exclusively utilized for IP tunnels, while ESI Label-based Split Horizon is employed for IP-based MPLS tunnels. However, IP-based MPLS tunnels, such as MPLS over GRE (MPLSoGRE) or MPLS over UDP (MPLSoUDP), are also categorized as IP tunnels and have the potential to support both procedures. These tunnels are capable of carrying ESI labels and also utilize a tunnel IP header in which the source IP address identifies the ingress Network Virtualization Edge (NVE). Similarly, certain IP tunnels that include an identifier for the source Ethernet Segment (ES) in the tunnel header may also potentially support either procedure. Examples of such tunnels include GENEVE and SRv6. " [jorge] ok, done with minor adjustments. 174 * In an SRv6 tunnel, the source IP address also identifies the 175 ingress NVE, however, by default, and as described in [RFC9252] 176 the ingress PE will add information in the SRv6 packet so that the 177 egress PE can identify the source ES of the BUM packet. That 178 information is the ESI filtering argument (Arg.FE2) of the service 179 Segment Identifier (SID) received on an A-D per ES route from the 180 egress PE. It would be good to mention that Arg.FE2 is described in RFC 9252/8986. Reference added to the below revised textblob edit: >From readability perspective, the following can be used to improve the text: " In an SRv6 tunnel, the source IP address identifies the ingress NVE. By default, and as outlined in [RFC 9252], the ingress PE adds specific information to the SRv6 packet to enable the egress PE to identify the source ES of the BUM packet. This information is the ESI filtering argument (Arg.FE2) [RFC9252][RFC8986] of the service Segment Identifier (SID) received on an A-D per ES route from the egress PE. " [jorge] ok, done 182 Table 1 shows different tunnel encapsulations and their supported and 183 default Split Horizon method. In the case of GENEVE, the default 184 Split Horizon Type (SHT) depends on whether the Ethernet Option with 185 Source ID TLV is negotiated. In the case of SRv6, the default SHT is 186 listed as ESI label filtering in the Table, since the behavior is 187 equivalent to that of ESI Label filtering. In this document, ESI 188 Label filtering refers to the Split Horizon filtering based on the 189 existence of a source ES identifier in the tunnel header. >From readability perspective, the following can be used to improve the text: " Table 1 presents various tunnel encapsulations along with their supported and default Split Horizon methods. For GENEVE, the default Split Horizon Type (SHT) is contingent upon the negotiation of the Ethernet Option with the Source ID TLV. In the case of SRv6, the default SHT is specified as ESI Label filtering in the table, as its behavior is analogous to that of ESI Label filtering. In this document, ESI Label filtering refers to the Split Horizon filtering based on the presence of a source Ethernet Segment (ES) identifier in the tunnel header. " [jorge] ok, done 201 Any other tunnel encapsulation (different from the encapsulations in 202 Table 1) that can be classified into any of the four encapsulation 203 groups above, supports Split Horizon based on the following rules: 204 205 * IP-based MPLS tunnels and SRv6 tunnels can support both Split 206 Horizon filtering methods 207 208 * (SR-)MPLS tunnels only support ESI Label based Split Horizon 209 filtering 210 211 * IP tunnels support Local Bias Split Horizon and may support ESI 212 Label based Split Horizon, if they include a method to identify 213 the source ESI in the header. >From readability perspective, the following can be used to improve the text: " Any tunnel encapsulation not listed in Table 1 that can be categorized into one of the four encapsulation groups mentioned above will support Split Horizon filtering based on the following rules: * IP-based MPLS tunnels and SRv6 tunnels are capable of supporting both Split Horizon filtering methods. * (SR-)MPLS tunnels only support ESI Label-based Split Horizon filtering. * IP tunnels support Local Bias Split Horizon filtering and may also support ESI Label-based Split Horizon filtering, provided they incorporate a mechanism to identify the source ESI in the header. " [jorge] ok, done 244 The ESI Label method works for All-Active and Single-Active, while 245 Local Bias only works for All-Active. In addition, the ESI Label 246 method works across different network domains, whereas Local Bias is 247 limited to networks with no next hop change between the NVEs attached 248 to the same ES. However, some operators prefer the Local Bias 249 method, since it simplifies the encapsulation, consumes less 250 resources on the NVEs and the ingress NVE always forwards locally to 251 other interfaces, reducing the delay to reach multihomed hosts. 253 This document extends the EVPN multihoming procedures so that an 254 operator can decide the Split Horizon procedure for a given NVO 255 tunnel depending on their own specific requirements. The choice of 256 Local Bias or ESI Label Split Horizon is now allowed for tunnel 257 encapsulations that support both methods, and it is advertised along 258 with the EVPN A-D per ES route. IP tunnels that do not support both 259 methods, E.g., VXLAN or NVGRE, will keep following [RFC8365] 260 procedures >From readability perspective, the following can be used to improve the text: " The ESI Label method is applicable for both All-Active and Single-Active configurations, whereas the Local Bias method is suitable only for All-Active configurations. Moreover, the ESI Label method is effective across different network domains, while Local Bias is constrained to networks where there is no change in the next hop between the NVEs attached to the same ES. Nonetheless, some operators favor the Local Bias method due to its simplification of the encapsulation process, reduced resource consumption on NVEs, and the fact that the ingress NVE always forwards traffic locally to other interfaces, thereby decreasing the delay in reaching multihomed hosts. This document extends the EVPN multihoming procedures to allow operators to select the preferred Split Horizon method for a given NVO tunnel according to their specific requirements. The choice between Local Bias and ESI Label Split Horizon is now permissible for tunnel encapsulations that support both methods, and this selection is advertised along with the EVPN A-D per ES route. IP tunnels that do not support both methods, such as VXLAN or NVGRE, will continue to adhere to the procedures specified in [RFC 8365]. " [jorge] ok, done 295 * EVI and EVI-RT: EVPN Instance and EVI Route Target. A group of 296 NVEs attached to the same EVI will share the same EVI-RT. Why not split out in two entries instead of one entry in the terminology list? [jorge] sure, done 307 * MPLSoUDP: Multi-Protocol Label Switching over User Datagram 308 Protocol, [RFC7510] Should the terminology not be extended to MPLS-over-UDP in the description? Same is valid for the next few entries in the list. [jorge] hmm.. I tried to expand it. Check it out please. 343 EVPN extensions are needed so that NVEs can advertise their 344 preference for the Split Horizon method to be used in the ES. 345 Figure 1 shows the ESI Label extended community that is always 346 advertised along with the EVPN A-D per ES route. All the NVEs 347 attached to an ES advertise an A-D per ES route for the ES, including 348 this extended community that conveys the information for the 349 multihoming mode (All-active or Single-Active), as well as the ESI 350 Label to be used (if needed). It would be helpful to specify where the ESI Label extended community is defined: section "7.5. ESI Label Extended Community" of RFC7432. >From readability perspective, the following can be used to improve the text: "Extensions to EVPN are required to enable NVEs to advertise their preferred Split Horizon method for a given ES. Figure 1 illustrates the ESI Label extended community (RFC7432 Section7.5), which is consistently advertised alongside the EVPN A-D per ES route. All NVEs connected to an ES advertise an A-D per ES route for that ES, including the extended community, which communicates information regarding the multihoming mode (either All-Active or Single-Active) and, if necessary, specifies the ESI Label to be utilized." [jorge] ok, done 363 * A value of 0 means that the multihomed ES is operating in All- 364 Active mode. 365 366 * A value of 1 means that the multihomed ES is operating in Single- 367 Active mode. This is not entirely correct. section7.5 defines indeed the "Single-Active" bit, but is is All-Active "redundancy" mode and the Single-Active "redundancy" mode. I suggest to be formally correct and add the word "redundancy". [jorge] ok, done 369 Section 5 creates a registry for the Flags octet, where the "Single- 370 Active" bit is the low-order bit of the RED (multihoming redundancy 371 mode) field It is not entirely clear that the RED field is new to a reader. We should consider making this more explicit. Not sure if the remainder of this document provides extra context on the motivation why a new field is defined?. What about the following: " Section 5 establishes a registry for the Flags octet, designating the "Single-Active" bit as the low-order bit of the newly defined Redundancy (RED) field for multihoming modes. " [jorge] ok, tried to expand and not use RED, since I agree it may be confusing. 375 [RFC8365] does not add any explicit indication about the Split 376 Horizon method in the A-D per ES route. In this document, the 377 [RFC8365] Split Horizon procedure is the default behavior and assumes 378 that Local Bias is used only for IP tunnels, and ESI Label based 379 Split Horizon for IP-based MPLS tunnels. This document defines the 380 two high-order bits in the Flags octet (bits 6 and 7) as the "Split 381 Horizon Type" (SHT) field, where: >From readability perspective, the following can be used to improve the text: " [RFC 8365] does not include any explicit indication regarding the Split Horizon method in the A-D per Ethernet Segment (ES) route. In this document, the Split Horizon procedure defined in [RFC 8365] is considered the default behavior, presuming that Local Bias is employed exclusively for IP tunnels, while ESI Label-based Split Horizon is used for IP-based MPLS tunnels. This document specifies that the two high-order bits in the Flags octet (bits 6 and 7) constitute the "Split Horizon Type" (SHT) field, where: " [jorge] ok, done 391 0 0 --> Default SHT. Backwards compatible with [RFC8365] Is it not required to mention that there is backwards compatibility with RFC7432 also? Theflags field is defined in sectio 7.5 of RFC7432? [jorge] ok, added reference to RFC7432. 421 * An SHT value different than 00 expresses the intent to use a 422 specific Split Horizon method, but does not reflect the actual 423 operational SHT used by the advertising NVE, unless all the NVEs 424 attached to the ES advertise the same SHT. I believe that formal RFC2119 language to explain this is desired. [jorge] IMO, using RFC2119 language does not convey the meaning of that bullet. It is more like a warning of what that SHT value indicates. I left it as is for the moment. 439 As an example, egress NVEs that support IP-based MPLS tunnels, E.g., 440 MPLSoGRE or MPLSoUDP, will advertise A-D per ES route(s) for the ES 441 along with the BGP Encapsulation extended community [RFC9012] 442 indicating the encapsulation (MPLSoGRE or MPLSoUDP) and MAY use the 443 SHT = 01 or 10 to indicate the intent to use Local Bias or ESI Label, 444 respectively. 445 446 An egress NVE MUST NOT use an SHT value different from 00 when 447 advertising an A-D per ES route with encapsulation VXLAN, NVGRE, MPLS 448 or no BGP tunnel encapsulation extended community [RFC9012]. We 449 assume that, in all these cases, there is no Split Horizon method 450 choice, and therefore the SHT value MUST be 00. A received route 451 with one of the above encapsulation options and SHT value different 452 from 00 SHOULD be treat-as-withdraw. 453 454 An egress NVE advertising A-D per ES route(s) for an ES with 455 encapsulation GENEVE MAY use an SHT value of 01 or 10. A value of 01 456 indicates the intent to use Local Bias, irrespective of the presence 457 of an Ethernet option TLV with a non-zero Source-ID 458 [I-D.ietf-bess-evpn-geneve]. A value of 10 indicates the intent to 459 use ESI Label based Split Horizon. A value of 00 indicates the 460 default behavior in Table 1, that is, use Local Bias if no ESI-Label 461 exists in the Ethernet option TLV or no Ethernet option TLV 462 whatsoever. Otherwise the ESI Label Split Horizon method is used. 463 464 The above procedures assume a single encapsulation supported in the 465 egress NVE. Section 3 describes additional procedures for NVEs 466 supporting multiple encapsulations. How do some of the rules apply to routers not aware or not supporting SHT? [jorge] the routers not supporting this spec, advertise an implicit SHT=00, so they behave as in RFC8365/7432. And the routers supporting this spec will receive SHT=00 and will fall back to the existing behavior. A brief rewording for readability and removing the usage of the word 'we': "As an example, egress NVEs that support IP-based MPLS tunnels, such as MPLSoGRE or MPLSoUDP, will advertise A-D per ES routes for the ES along with the BGP Encapsulation extended community, as defined in [RFC 9012]. This extended community indicates the encapsulation type (MPLSoGRE or MPLSoUDP) and may use the SHT value of 01 or 10 to signify the intent to use Local Bias or ESI Label, respectively. An egress NVE MUST NOT use an SHT value other than 00 when advertising an A-D per ES route with encapsulation types such as VXLAN, NVGRE, MPLS, or no BGP tunnel encapsulation extended community, as specified in [RFC 9012]. In all these cases, it is presumed that there is no choice for the Split Horizon method; therefore, the SHT value MUST be set to 00. If a route with any of the mentioned encapsulation options is received and has an SHT value different from 00, it SHOULD be treated as a withdrawal. An egress NVE advertising A-D per ES route(s) for an ES with GENEVE encapsulation MAY use an SHT value of 01 or 10. A value of 01 indicates the intent to use Local Bias, regardless of the presence of an Ethernet option TLV with a non-zero Source-ID, as described in [I-D.ietf-bess-evpn-geneve]. A value of 10 indicates the intent to use ESI Label-based Split Horizon. A value of 00 indicates the default behavior outlined in Table 1, which is to use Local Bias if no ESI-Label is present in the Ethernet option TLV, or if there is no Ethernet option TLV. Otherwise, the ESI Label Split Horizon method is applied. These procedures assume a single encapsulation supported in the egress NVE. Section 3 describes additional procedures for NVEs supporting multiple encapsulations." [jorge] ok, done 470 This document also updates [RFC8365] in the value that is advertised 471 in the ESI Label field of the ESI Label extended community, as 472 follows: 474 * The A-D per ES route(s) for an ES MAY have an ESI Label value of 475 zero if the SHT value is 01. Section 2.2 specifies the cases 476 where the SHT can be 01. An ESI Label value of zero avoids the 477 allocation of Labels in the cases where they are not used (Local 478 Bias). 480 * The A-D per ES route(s) for an ES MAY have an ESI Label value of 481 zero for VXLAN or NVGRE encapsulations. A rewording from readability perspective " This document also updates [RFC 8365] regarding the value that is advertised in the ESI Label field of the ESI Label extended community, as follows: * The A-D per ES route(s) for an ES MAY have an ESI Label value of zero if the SHT value is 01. Section 2.2 specifies the scenarios where the SHT can be 01. An ESI Label value of zero eliminates the need to allocate labels in cases where they are not utilized, such as in the Local Bias method. * The A-D per ES route(s) for an ES MAY have an ESI Label value of zero for VXLAN or NVGRE encapsulations. " [jorge] ok, done 490 An NVE has an administrative SHT value for an ES (the one that is 491 advertised along with the A-D per ES route) and an operational SHT 492 value (the one that is actually used irrespective of what the NVE 493 advertised). The administrative SHT matches the operational SHT if 494 all the NVEs attached to the ES have the same administrative SHT. 495 496 This document assumes that an [RFC7432] or [RFC8365] implementation 497 that does not support this document, ignores the value of all the 498 Flags in the ESI Label extended community except for the Single- 499 Active bit. Based on this assumption, a non-upgraded NVE will ignore 500 an SHT different from 00. As soon as an upgraded NVE receives at 501 least one A-D per ES route for the ES with SHT value of 00, it MUST 502 revert its operational SHT to the default Split Horizon method, as in 503 Table 1, and irrespective of its administrative SHT. 504 505 As an example, consider an NVE attached to ES N that receives two A-D 506 per ES routes for N from different NVEs, NVE1 and NVE2. If the route 507 from NVE1 has SHT = 00 and the one from NVE2 an SHT = 01, the NVE 508 MUST use the default Split Horizon method in Table 1 as operational 509 SHT, irrespective of its administrative SHT. 510 511 All the NVEs attached to an ES with operational SHT value of 10 MUST 512 advertise a valid non-zero ESI Label. If the operational SHT value 513 is 01, the ESI Label MAY be zero. If the operational SHT value is 514 00, the ESI Label MAY be zero only if the default encapsulation 515 supports Local Bias only and the NVEs do not check the presence of a 516 valid non-zero ESI Label. 517 518 If an NVE changes its operational SHT value from 01 (Local Bias) to 519 00 (Default SHT) as a result of a new non-upgraded NVE present in the 520 ES, and it previously advertised a zero ESI Label, it MUST send an 521 update with a non-zero valid ESI Label, unless all the non-upgraded 522 NVEs in the ES support Local Bias only. As an example, suppose NVE1 523 and NVE2 use MPLSoUDP as encapsulation, they are attached to the same 524 Ethernet Segment ES1 and advertise an SHT value of 01 (Local Bias) 525 and a zero ESI label value. Suppose NVE3 does not support this 526 specification and joins ES1, therefore advertises an SHT of 00 527 (default). Upon receiving NVE3's A-D per ES route, NVE1 and NVE2 528 MUST send an update of their A-D per ES route for ES1 with a non-zero 529 valid ESI label value. The assumption is that NVE3 supports only the 530 default ESI label based Split Horizon filtering. A rewording from readability perspective " A NVE maintains an administrative SHT value for an Ethernet Segment (ES), which is advertised alongside the A-D per ES route, and an operational SHT value, which is the one actually used regardless of what the NVE has advertised. The administrative SHT matches the operational SHT if all the NVEs attached to the ES have the same administrative SHT. This document assumes that an implementation of [RFC 7432] or [RFC 8365] that does not support the specifications in this document will ignore the values of all the Flags in the ESI Label extended community, except for the Single-Active bit. Based on this assumption, a non-upgraded NVE will disregard any SHT value other than 00. If an upgraded NVE receives at least one A-D per ES route for the ES with an SHT value of 00, it MUST revert its operational SHT to the default Split Horizon method, as described in Table 1, irrespective of its administrative SHT. For instance, consider an NVE attached to ES N that receives two A-D per ES routes for N from different NVEs, NVE1 and NVE2. If the route from NVE1 has an SHT value of 00 and the one from NVE2 has an SHT value of 01, the NVE MUST use the default Split Horizon method specified in Table 1 as its operational SHT, regardless of its administrative SHT. All NVEs attached to an ES with an operational SHT value of 10 MUST advertise a valid, non-zero ESI Label. If the operational SHT value is 01, the ESI Label MAY be zero. If the operational SHT value is 00, the ESI Label may be zero only if the default encapsulation supports Local Bias exclusively, and the NVEs do not require the presence of a valid, non-zero ESI Label. If an NVE changes its operational SHT value from 01 (Local Bias) to 00 (Default SHT) due to the presence of a new non-upgraded NVE in the ES, and it previously advertised a zero ESI Label, it MUST send an update with a valid, non-zero ESI Label, unless all the non-upgraded NVEs in the ES support only Local Bias. For example, consider NVE1 and NVE2 using MPLSoUDP as encapsulation, attached to the same Ethernet Segment ES1, and advertising an SHT value of 01 (Local Bias) with a zero ESI Label value. Suppose NVE3, which does not support this specification, joins ES1 and advertises an SHT value of 00 (default). Upon receiving NVE3's A-D per ES route, NVE1 and NVE2 MUST update their A-D per ES routes for ES1 to include a valid, non-zero ESI Label value. The assumption here is that NVE3 only supports the default ESI Label-based Split Horizon filtering. " [jorge] ok, done. 534 As specified by [RFC8365], an egress NVE that supports multiple data 535 plane encapsulations (I.e., VXLAN, NVGRE, MPLS, MPLSoUDP, GENEVE) 536 needs to indicate all the supported encapsulations using BGP 537 Encapsulation extended communities defined in [RFC9012] with all EVPN 538 routes. This section clarifies the multihoming Split Horizon 539 behavior for NVEs advertising and receiving multiple BGP 540 Encapsulation extended communities along with the A-D per ES routes. 541 This section uses a notation of {x,y} to indicate the encapsulations 542 advertised in BGP Encapsulation extended communities [RFC9012], with 543 x and y being different encapsulation values. 544 545 It is important to remember that an NVE MAY advertise multiple A-D 546 per ES routes for the same ES (and not only one), each route 547 conveying a number of Route Targets (RT). We refer to the total 548 number of Route Targets in a given ES as RT-set for that ES. Any of 549 the EVIs represented in the RT-set will have its RT included in one 550 (and only one) A-D per ES route for the ES. When multiple A-D per ES 551 routes are advertised for the same ES, each route MUST have a 552 different Route Distinguisher. This section can use a textual readability and grammar update. THe proposed rewrite removes the usage of the word 'we' as it is unclear in formla procedures who exactly is 'we'? What about the following: " As specified in [RFC 8365], an NVE that supports multiple data plane encapsulations (e.g., VXLAN, NVGRE, MPLS, MPLSoUDP, GENEVE) must indicate all supported encapsulations using BGP Encapsulation extended communities as defined in [RFC 9012] for all EVPN routes. This section provides clarification on the multihoming Split Horizon behavior for NVEs that advertise and receive multiple BGP Encapsulation extended communities along with the A-D per ES routes. This section uses the notation {x, y} to denote the encapsulations advertised in BGP Encapsulation extended communities, where x and y represent different encapsulation values. It is important to note that an NVE MAY advertise multiple A-D per ES routes for the same ES, rather than a single route, with each route conveying a set of Route Targets (RT). The total set of Route Targets associated with a given ES is referred to as the RT-set for that ES. Each of the EVIs represented in the RT-set will have its RT included in one, and only one, A-D per ES route for the ES. When multiple A-D per ES routes are advertised for the same ES, each route must have a distinct Route Distinguisher. " [jorge] ok, done 568 This document extends this behavior as follows: 570 a. An A-D per ES route for ES-x may be advertised with multiple 571 encapsulations where some support a single Split Horizon method. 572 In this case, the SHT value MUST be 00. As an example, {VXLAN, 573 NVGRE}, {VXLAN, GENEVE} or {MPLS, MPLSoGRE, MPLSoUDP} can be 574 advertised in an A-D per ES route. In all those cases SHT MUST 575 be 00. 576 577 b. An A-D per ES route for ES-y may be advertised with multiple 578 encapsulations where all of them support both Split Horizon 579 methods. In this case the SHT value MAY be 01 if the desired 580 method is Local Bias, or 10 if ESI Label based. For example, 581 {MPLSoGRE, MPLSoUDP, GENEVE} (or a subset) may be advertised in 582 an A-D per ES route with SHT value of 01. The ESI Label value in 583 this case MAY be zero. 584 585 c. If ES-z with RT-set composed of (RT1, RT2, RT3.. RTn) supports 586 multiple encapsulations that require a different Split Horizon 587 method, a different A-D per ES route (or group of routes) per 588 Split Horizon method MUST be advertised. For example, consider n 589 RTs in ES-z and: 590 591 * the EVIs corresponding to (RT1..RTi) support VXLAN, 592 * the ones for (RTi+1..RTm) (with i<m) support MPLSoUDP with 593 Local Bias, 594 595 * and the ones for (RTm+1..RTn) (with m<n) support GENEVE with 596 ESI Label based Split Horizon. 597 598 In this case, three groups of A-D per ES routes MUST be 599 advertised for ES-z: 600 601 * A-D per ES route group 1, including (RT1..RTi), with 602 encapsulation {VXLAN}, SHT = 00. The ESI Label MAY be zero. 603 604 * A-D per ES route group 2, including (RTi+1..RTm), with 605 encapsulation {MPLSoUDP}, SHT = 01. The ESI Label MAY be 606 zero. 607 608 * A-D per ES route group 3, including (RTm+1..RTn), with 609 encapsulation {GENEVE}, SHT = 10. The ESI Label MUST have a 610 valid value, different from zero, and the Ethernet option 611 [RFC8926] MUST be advertised. 612 613 As per [RFC8365], it is the responsibility of the operator of a given 614 EVI to ensure that all of the NVEs in that EVI support a common 615 encapsulation. If this condition is violated, it could result in 616 service disruption or failure. I did an effort to improve readability of these formal rules and hope i kept the original intent unchanged (i changed some words into uppercase RFC2119 language.. please confirm it was correctly processed): " This document extends the described behavior as follows: a. An A-D per ES route for ES-x may be advertised with multiple encapsulations, some of which support a single Split Horizon method. In this case, the Split Horizon Type (SHT) value MUST be 00. For instance, encapsulations such as {VXLAN, NVGRE}, {VXLAN, GENEVE}, or {MPLS, MPLSoGRE, MPLSoUDP} can be advertised in an A-D per ES route. In all these cases, the SHT value MUST be 00. b. An A-D per ES route for ES-y may be advertised with multiple encapsulations that all support both Split Horizon methods. In this case, the SHT value MAY be 01 if the preferred method is Local Bias, or 10 if the ESI Label-based method is desired. For example, encapsulations such as {MPLSoGRE, MPLSoUDP, GENEVE} (or a subset) MAY be advertised in an A-D per ES route with an SHT value of 01. The ESI Label value in this case MAY be zero. c. If ES-z with an RT-set composed of (RT1, RT2, RT3... RTn) supports multiple encapsulations requiring different Split Horizon methods, a distinct A-D per ES route (or group of routes) for each Split Horizon method MUST be advertised. For example, consider an ES-z with n Route Targets (RTs) where: * The EVIs corresponding to (RT1...RTi) support VXLAN. * The EVIs for (RTi+1...RTm) (with i < m) support MPLSoUDP with Local Bias. * The EVIs for (RTm+1...RTn) (with m < n) support GENEVE with ESI Label-based Split Horizon. In this scenario, three groups of A-D per ES routes MUST be advertised for ES-z: * A-D per ES route group 1, including (RT1...RTi), with encapsulation {VXLAN}, and an SHT value of 00. The ESI Label MAY be zero. * A-D per ES route group 2, including (RTi+1...RTm), with encapsulation {MPLSoUDP}, and an SHT value of 01. The ESI Label MAY be zero. * A-D per ES route group 3, including (RTm+1...RTn), with encapsulation {GENEVE}, and an SHT value of 10. The ESI Label MUST have a valid, non-zero value, and the Ethernet option as defined in [RFC 8926] MUST be advertised. As per [RFC 8365], it is the responsibility of the operator of a given EVI to ensure that all NVEs within that EVI support a common encapsulation. Failure to meet this condition may result in service disruption or failure. " [jorge] ok, done 618 4. Security Considerations 617 620 The same security considerations described in [RFC7432] relevant to 621 multihoming apply to this document. 622 623 In addition, this document modifies the [RFC8365] procedures for 624 Split Horizon filtering, providing the operator with a choice between 625 Local Bias and ESI Label based filtering for the tunnels that support 626 both methods. A misconfiguration of the desired SHT to be used may 627 result in a forwarding behavior that is different from the intended 628 one. Other than that, this document describes procedures so that all 629 the PEs or NVEs attached to the same ES agree on a common SHT method, 630 therefore an attacker changing the configuration of the SHT should 631 not cause traffic disruption, only a change in the forwarding 632 behavior. The text here reads slightly odd. WHat about following readability rewrite: " The security considerations relevant to multihoming described in [RFC 7432] are applicable to this document. Additionally, this document modifies the procedures for Split Horizon filtering as outlined in [RFC 8365], offering operators a choice between Local Bias and ESI Label-based filtering for tunnels that support both methods. Misconfiguration of the desired Split Horizon Type (SHT) could lead to forwarding behaviors that differ from the intended configuration. Apart from this risk, this document describes procedures to ensure that all Provider Edge (PE) devices or Network Virtualization Edges (NVEs) connected to the same Ethernet Segment (ES) agree on a common SHT method. Consequently, unauthorized changes to the SHT configuration by an attacker should not cause traffic disruption but may result in alterations to forwarding behavior. " [jorge] ok, done 634 5. IANA Considerations In which parent IANA codepoint registration does the new flags registery sit? What is with bits 2, 3, 4, 5? reserved or unused? Please document somewhere in the document and prescribe what must happen by a sender and received of these fields. While i could not find a specific formal IETF normative description of unused or reserved bits the difference between "unused bits" and "reserved bits" is often as follows: * Reserved Bits: These are explicitly set aside for future use. They must be set to a specific value, usually zero, and ignored by receivers. Reserved bits ensure compatibility and extensibility for future updates or enhancements to the protocol. * Unused Bits: These bits currently have no defined function or purpose. They are not used in the protocol's operation and are typically ignored by both senders and receivers. Unused bits provide flexibility for potential future uses without specific handling requirements in the current specification. * Summary Reserved Bits: Explicitly set aside for future use with specific handling instructions. Unused Bits: Currently unassigned and ignored, providing flexibility for future definition. [jorge] added location of the registry, clarity in multiple tables, and used “unused” for the non-defined bits. 636 This document creates a registry called "EVPN ESI Label Extended 637 Community Flags" for the 1-octet Flags field in the ESI Label 638 Extended Community. New registrations will be made through the "RFC 639 Required" procedure defined in [RFC8126]. Initial registrations are 640 made for the "Multihoming redundancy mode" field in bits 0 and 1, as 641 follows: 643 +=====+=============================+ 644 | RED | Multihoming redundancy mode | 645 +=====+=============================+ 646 | 00 | All-Active mode | 647 +-----+-----------------------------+ 648 | 01 | Single-Active mode | 649 +-----+-----------------------------+ 651 Table 2 Is there a reason the registration procedure is "RFC Required". There are only few (8) bits available and maybe there should be IETF consensus before allocating any of them. RFC Required "The RFC need not be in the IETF stream, but may be in any RFC stream (currently an RFC may be in the IETF, IRTF, IAB, or Independent Submission streams [RFC5742])." If the setting is slightly more strict "IETF Review" then the following applies: " With the IETF Review policy, new values are assigned only through RFCs in the IETF Stream -- those that have been shepherded through the IESG as AD-Sponsored or IETF working group documents [RFC2026] [RFC5378], have gone through IETF Last Call, and have been approved by the IESG as having IETF consensus." [jorge] changed to “IETF Review” The motivation for 2 bits where only 1 bit is used is unusual. Is the high-order bit of RED for future use or is is reserved (because some implementation is squatting on it?) or are they unused? There should be guidelines about what value the unuased bit is set and what recipients should/must set the value. [jorge] the high order bit is defined in draft-ietf-bess-evpn-l2gw-proto-04<https://datatracker.ietf.org/doc/html/draft-ietf-bess-evpn-l2gw-proto-04#name-iana-considerations>, but for this spec I think this should be unused.. 653 In addition, this document requests the registration of the "Split 654 Horizon Type" field in bits 6 and 7 of the Flags Octet of the EVPN 655 ESI Label extended community. This field is called "Split Horizon 656 Type" bits and it is defined as follows: 658 +=====+===========================+ 659 | SHT | Split Horizon Type value | 660 +=====+===========================+ 661 | 00 | Default SHT | 662 +-----+---------------------------+ 663 | 01 | Local Bias | 664 +-----+---------------------------+ 665 | 10 | ESI Label based filtering | 666 +-----+---------------------------+ 667 | 11 | Reserved | 668 +-----+---------------------------+ 670 Table 3 Is the setting SHT setting 11 "Reserved" or "Unused"? [jorge] changed to “unused”
- [bess] [Shepherding AD review] Pre-IETF Last-Call… Gunter van de Velde (Nokia)
- [bess] Re: [Shepherding AD review] Pre-IETF Last-… Jorge Rabadan (Nokia)
- [bess] Re: [Shepherding AD review] Pre-IETF Last-… Gunter van de Velde (Nokia)
- [bess] Re: [Shepherding AD review] Pre-IETF Last-… Jorge Rabadan (Nokia)