[bess] Document shepherd review of draft-ietf-bess-evpn-fast-df-recovery-05
"Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com> Mon, 08 August 2022 14:46 UTC
Return-Path: <matthew.bocci@nokia.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A37CC15C537; Mon, 8 Aug 2022 07:46:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.491
X-Spam-Level:
X-Spam-Status: No, score=-7.491 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OTt78f3dbNCG; Mon, 8 Aug 2022 07:46:16 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2100.outbound.protection.outlook.com [40.107.20.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C81DC15C52A; Mon, 8 Aug 2022 07:46:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lryQKCWWaZWWFc6Ecc527Za47jE/Ge+RsTOLUhHTmQ/+P8AfZBYVLqFst+lsZWSxQA3XjkXi+XwxeyPZA2U9XUf/KiScl6UF56VkiWD5vYXuMESiKGuDhTuxxg+pSMHJ7tnqs6ppG4/OzluvvCbwtHnd4qLYYKzxY9AYx1Hcj2AA93hrK4E8JPjl6iMTfCj4pxrg5VO5u8pHc3kwhp3h0WfxsalYnb5YyUjg9Unyxz5FKlbNm8rdFvbusrunhC8NKmXowmi9W76PrEV6vSW48LmQtu2BHiOwlv977P9p+vyzSn+ATmcN5QYZ3KS19Sumj7wOYznybrBQIn/bXce+yw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=96eL5lsuKuRt7FOUHa29v7YvQY1CO4ubYz6oLKmwjlI=; b=W+fASh3t2LWLvOpMAqPTA13Zzng3qucGnK0fiPVaHpylwRdWleY5zqkAc9aNsWuVjT/CYSqUOiqS6FTHnXQ/XZuZOBnf/HvBL6fk4OgxO1m5BeqIQiI5OI/Inr/XvdMEXnFNaI/xhL96zh3ACvGLz+RmmsvNM1BSqRiyWm3Wq06ZPY1itYn3WQVD8VAIqf3AqgAoFloxB6oqUMiChJJPt4xaf0ZdDIJFS1qEJj7In7zAmDW/4rrov3uNZxP4fXCKlOgLTK99jS+TOXtCw544eJKGFLqP3SAbEWi0Y4fT5tvfzs3gyo0w5RZCtpWuEjL01UWuVeWj+ubLZqGdIwB6kw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com; dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com; s=selector1-nokia-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=96eL5lsuKuRt7FOUHa29v7YvQY1CO4ubYz6oLKmwjlI=; b=Xxw4lfu7uuIdEQAdhME/oNfR8i31oUKiUKdF4f4RGUMUsAgU3nO9HS7TxazkqsnHvElEDb41osOF4PyhUBv4vEJz4xof1uRSXPzcTZZDc9tR2NF41ikTeaV2rkC1Cz4DK6BWcY8gu/71RVO2mRmdgI4I3UiZX8nYEJUL/m+VvB0=
Received: from VI1PR0701MB6991.eurprd07.prod.outlook.com (2603:10a6:800:17d::22) by PA4PR07MB7085.eurprd07.prod.outlook.com (2603:10a6:102:d1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5525.7; Mon, 8 Aug 2022 14:46:11 +0000
Received: from VI1PR0701MB6991.eurprd07.prod.outlook.com ([fe80::64a8:30e5:92ad:2114]) by VI1PR0701MB6991.eurprd07.prod.outlook.com ([fe80::64a8:30e5:92ad:2114%6]) with mapi id 15.20.5525.009; Mon, 8 Aug 2022 14:46:11 +0000
From: "Bocci, Matthew (Nokia - GB)" <matthew.bocci@nokia.com>
To: "draft-ietf-bess-evpn-fast-df-recovery@ietf.org" <draft-ietf-bess-evpn-fast-df-recovery@ietf.org>, "bess@ietf.org" <bess@ietf.org>
Thread-Topic: Document shepherd review of draft-ietf-bess-evpn-fast-df-recovery-05
Thread-Index: AQHYqzSPE7gg0ghiqEiLdJl2A4aCxw==
Date: Mon, 08 Aug 2022 14:46:11 +0000
Message-ID: <VI1PR0701MB6991D299153D61C8B92B0A36EB639@VI1PR0701MB6991.eurprd07.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3c89274e-ba0a-4cc5-9137-08da794cbc6b
x-ms-traffictypediagnostic: PA4PR07MB7085:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: OQHbK1OHhMdD2fizPWr3Cu1oAouYvegzdrswEX6AUUW4k/WuIai1Btb38rWUFCdoZUs7cXU/1rMOSjkJFpy9jwumFZpgDZx72v+PYG+mfh4+NSMgcrqjR7KYa3z6MmCiDQ2tx5kKIwvo9KhtYhRxKXIFwZRSoO5CcKuKbbSNZwthcGpQ1LzHQCjU5kfTSUyfbOf2RE5iDE41JgBnObk6BO3QMk9kOUaG55Jtzuo6fZmTJljg2hGdfTxlFFLtgbbwnPKq9ueqzzbneGEgZxiLXJD63WGM8o0JqRMlBBs4cZbwYvpC0Gkye9vNXlk2lPx/h8xcRGF82fpbHvtzVlOc8FJZjT6EXWKYHGbehSVxdNxSRWAfe/OS6bFKHejxv4AO/ZqtZYFczgXMWirZ51vbdONdvBxGOt05c6//PxEGeUL8jK4QpDRYDFFzQY65LVcIEs5Y0WZx4cbX/e52/QmkcQrJQHVuAPuZQ8umXdmbC4Mm1PO7s2QciJR93jtLOdKJvUyDFADX1KhslcgQwsHIJyEY1sJuFmAVnAQ5dUgy9tyxuvMRGgB5qIGjor8zor3/H0ncrtKYj8BpZ8EXb2jEE+PJyN2D3y3JnZkrZogGsKqR5OQvClvqy9cI4Ze1Y5oZmHuR0M8T6b+yEmMTKHjHF4cV81bY5fJ63e/e+0lD+1bSql6MxPnPoNUUwDUvaDgLmQLapOtygG3JYLnOXN2QwDb91mMOXB0ezdRYeg6OYM72IPz/XlZVMGc71QlhNUuNyNmjkJkEBYJORaWS6WS/zA86kubaCcUz4ifibD5yWNX3SLTHpKhBYuMwvk0SSIZ3
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR0701MB6991.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(39860400002)(396003)(346002)(366004)(136003)(376002)(83380400001)(110136005)(82960400001)(316002)(186003)(71200400001)(64756008)(9686003)(26005)(6506007)(86362001)(7696005)(41300700001)(478600001)(8936002)(55016003)(52536014)(5660300002)(2906002)(122000001)(66946007)(38100700002)(91956017)(66476007)(66446008)(450100002)(66556008)(33656002)(76116006)(8676002)(38070700005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: c8zPjMCMtYz9kbGAO+jcQV2ZS+fjBw7klQBG1725N0zuBsowMxkE7DIYhyM5PWg2AiTA81jN/guGlPQGyQ/iWFu4aS9jTY2k/F5O9PEmJ9MSsAkY9dIs3uFe/nOPqA5IFKsyZJiMeTXDIpNf6pOqXr73FJcsidYiqno/NCoD4BmwR+w46JTv8QRDwm3qRjUF3hR4sfOxe7jGwf3FXalxBUVXynplFVOfAjKum1eXJjsX1B0WjlwY0eBmaLn61arYy07TGWwyMgNGonk6z9uOQXBukBq1/aJd3ZLkpOvFyiMXSv9kz72451ox8gkGE4iaKRBpNxOH3mLJ8dXjiA5WcNf2awriQpuPqJ+M2/NQEs8XI+RD+5LfdT5dh7zbIgHt1rv/WCyEYl88Tj8R+hUwY/TKYwKqtjOzLnJ5oTq0609c7OxpoQUtsrWFfSX2VdQkhrT7NMZkwgwF/dCYT0aCYll8Vpj4MDnBsWgUFcKoffK7SMQOJEixhObNNSALBLROfMoOQOOaRy/xYIpp5du6RcN+pYjjc9ENlGUAWjDly3ufxkbkAmQzTvtXTI5lAvAblsSfpqoYtKXYHvlPwUMzfmC/fFKEW8cXj57WFnjRIZgFsJUtsblAXo/HcKY94uzliEZob1sF6KNmyZUKw4UZp/mrGAQDeoCkrpg1LbQqAJzQ+dxwgOs6ngKU13qgqaj4aSetoHfhABftZ13pRKEna3fJZqgkPxtILTm6wmCuLiyvpvePey0POZ/scLcYswZ13IvYDCwy0tiff5hn5smOtV2fcd7Hvx/bKr8NUrePIfX6AhWD96i2XV7KF5TgeuiVQWh/K8uql5zo6wYsKRTUcoXMtAwnsCinT0G3mhDR1dxN7X+if2N33zweF63wjSl0/xMQ3TIzpwvN48a4OHNAZojXIGAagVrmZWnADF6/kDWSEUmN2Z92UusFQ5yHj21sAMWBVyUJgmhm97lrhS/lgt1Kr2Ql80/XLca9qDTs0ykyTonOwBVlHTkcDGuchQ0uQsiNYJLk4YhVMa09vCRCRTQckbxl3gL/X0i98QJdVjz+a7iEgkzohLl7UbE08oCd6nlXk3soKxdKOAgqeorRwdriBg+Iw3Dzt/l+4S6WApPDg2AoNHzXD6+fYWxNbotnjF4Oh0TwcDnqKibz46U7X8IMXiohtOG6BEX32brHtEmr9C/V6oXGTslqPwi4mIRk2fv7mq9ViBHVZuXTGM1aNQ1LNr5Y6KjxVUBGmriba3Ack3qc45peGnulvK6nZUrk1a85HVutf5f9Ph1mQhOMpdus33Mh2Ra3c64yC0AC3zLhfOWNm1qlnRA5MmqhB3U9sEsXR1SfCtSMe74MidXLwE1ewcXfU9eHBYaYSpcveynSl08cPAdivA8p6SYe1weQkyLaFx3jGuDr3Lrl0swq7uZALD6tzWf1HWzlyqtLyLMTZoAxYlFI7GvfjLmF6YP5k7U6YVCyc4fxJv1DuMfFcr0QskygbXcBawSREzoVfyIXp0NM5A0ObhNLvWuLVmjw8YyQ3fOf03IcVJMtWRuff6MnIIBIt0kgnZfKQkSBQtJdQJDC5yL61wsKeBU5RQ7aZN0GbJd3e6Oj1pTfRIZCGw==
Content-Type: multipart/alternative; boundary="_000_VI1PR0701MB6991D299153D61C8B92B0A36EB639VI1PR0701MB6991_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR0701MB6991.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3c89274e-ba0a-4cc5-9137-08da794cbc6b
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Aug 2022 14:46:11.1675 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4iddGUr31mip6XmRArqVbLg75KC5nWi6AlvB68vzo6/ODbCm/EqFuEJk7e6JCPOE4YK/6vW8QzQoWPU8vrxSDQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR07MB7085
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/8sWD9yym0O63KhxPuoX8broJ7Nk>
Subject: [bess] Document shepherd review of draft-ietf-bess-evpn-fast-df-recovery-05
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Aug 2022 14:46:22 -0000
Authors
As is customary, please find below my document shepherd review of this draft.
The comments are mainly of an editorial nature or suggest improvements to aid readability.
Please treat these comments (prepended with MB>) as you would any other working group last call comments.
Best regards
Matthew
===
Fast Recovery for EVPN Designated Forwarder Election
draft-ietf-bess-evpn-fast-df-recovery-05
Abstract
Ethernet Virtual Private Network (EVPN) solution provides Designated
MB> /Ethernet/The Ethernet
Forwarder election procedures for multihomed Ethernet Segments.
These procedures have been enhanced further by applying Highest
Random Weight (HRW) Algorithm for Designated Forwarded election in
order to avoid unnecessary DF status changes upon a failure. This
draft improves these procedures by providing a fast Designated
MB> /draft/document
Forwarder (DF) election upon recovery of the failed link or node
associated with the multihomed Ethernet Segment. The solution is
independent of number of EVIs associated with that Ethernet Segment
MB> /of number/of the number
and it is performed via a simple signaling between the recovered PE
and each of the other PEs in the multihoming group.
[...]
1. Introduction
Ethernet Virtual Private Network (EVPN) solution [RFC7432] is
MB> /Ethernet/The Ethernet
becoming pervasive in data center (DC) applications for Network
Virtualization Overlay (NVO) and DC interconnect (DCI) services, and
in service provider (SP) applications for next generation virtual
private LAN services.
[...]
The EVPN specification [RFC7432] describes DF election procedures for
MB> I think you just need to say [RFC7432] describes...
multihomed Ethernet Segments. These procedures are enhanced further
in [RFC8584] by applying Highest Random Weight Algorithm for DF
election in order to avoid DF status change unnecessarily upon a link
or node failure associated with the multihomed Ethernet Segment.
MB> I found the above hard to parse. Maybe replace it with:
"These procedures are enhanced further
in [RFC8584] by applying Highest Random Weight Algorithm for DF
election in order to avoid unnecessary DF status changes upon a link
or node failure associated with the multihomed Ethernet Segment."
[...]
1.1. Terminology
Provider Edge (PE): A device that sits in the boundary of Provider
and Customer networks and performs encap/decap of data from L2 to
L3 and vice-versa.
MB> Not sure you need to define PE as it is a well known term, but in any case I think
Your definition differs from ones I could find I previous RFCs. Maybe you can just delete it.
Designated Forwarder (DF): A PE that is currently forwarding
(encapsulating/decapsulating) traffic for a given VLAN in and out
of a site.
2. Challenges with Existing Solution
In EVPN technology, multiple PE devices have the ability to encap and
decap data belonging to the same VLAN. In certain situations, this
may cause L2 duplicates and even loops if there is a momentary
overlap of forwarding roles between two or more PE devices, leading
to broadcast storms.
EVPN [RFC7432] currently uses timer based synchronization among PE
devices in redundancy group that can result in duplications (and even
loops) because of multiple DFs if the timer is too short or
blackholing if the timer is too long.
Using split-horizon filtering (Section 8.3 of [RFC7432]) can prevent
loops (but not duplicates), however if there are overlapping DFs in
MB> I suggest you split the sentence to make it more readable:
"...(but not duplicates). However, if there are..."
two different sites at the same time for the same VLAN, the site
identifier will be different upon re-entry of the packet and hence
the split-horizon check will fail, leading to L2 loops.
[...]
However, upon PE insertion or port bring-up (recovery event), HRW
MB> Do you mean "...or port bring-up following a recovery event,"?
also cannot help as a transfer of DF role to the newly inserted
device/port must occur while the old DF is still active.
+---------+
+-------------+ | |
| | | |
/ | PE1 |----| | +-------------+
/ | | | MPLS/ | | |---CE3
/ +-------------+ | VxLAN/ | | PE3 |
CE1 - | Cloud | | |
\ +-------------+ | |---| |
\ | | | | +-------------+
\ | PE2 |----| |
| | | |
+-------------+ | |
+---------+
Figure 1: CE1 multihomed to PE1 and PE2.
In the Figure 1, when PE2 is inserted or booted up, PE1 will transfer
MB> /transfer/transfer the
DF role of some VLANs to PE2 to achieve load balancing. However,
because there is no handshake mechanism between PE1 and PE2,
duplication of DF roles for a given VLAN is possible. Duplication of
DF roles may eventually lead to duplication of traffic as well as L2
loops.
Current EVPN specification [RFC7432] and [RFC8584] relies on a timer-
MB> /specification/specifications
MB> /relies/rely
based approach for transferring the DF role to the newly inserted
device. This can cause the following issues:
* Loops/Duplicates if the timer value is too short
* Prolonged Traffic Blackholing if the timer value is too long
3. DF Election Synchronization Solution
The solution relies on the concept of common clock alignment between
partner PEs participating to a common Ethernet Segment. The main
idea is to have all peering PEs of that Ethernet Segment perform DF
election, and apply their resulting carving state, at a same well-
known time.
MB> It would be clearer if you could identify the partner YEs on a figure e.g. Figure 1
The DF Election procedure, as described in [RFC7432] and as
optionally signalled in [RFC8584], is applied. All PEs attached to a
given Ethernet Segment are clock-synchronized; using a networking
MB> /clock-synchronized;/clock-synchronized
protocol for clock synchronization (e.g. NTP, PTP, etc.). Newly
inserted device PE or during failure recovery of a PE, that PE
communicates the current time to peering partners plus the remaining
peering timer time left.
MB> The first part of the above does not parse. Do you mean "When a new PE is inserted
or an existing PE device recovers,..."?
This constitutes an "end time" or "absolute
time" as seen from local PE. That absolute time is called "Service
Carving Time" (SCT).
A new BGP Extended Community is advertised along with Ethernet
MB> Maybe say it is the "Service Carving Timestamp" here.
Segment route (RT-4) to communicate to other partners the Service
Carving Time.
Upon reception of that new BGP Extended Community, partner PEs know
MB> /know/can determine
exactly its carving time. The notion of skew is introduced to
eliminate any potential duplicate traffic or loops. They add a skew
MB> Who is "they". Do you mean "The receiving partner PEs"?
(default = -10ms) to the Service Carving Time to enforce this. The
previously inserted PE(s) must carve first, followed shortly(skew) by
the newly insterted PE.
To summarize, all peering PEs carve almost simultaneously at the time
announced by newly added/recovered PE. The newly inserted PE
initiates the SCT, and carves immediately on peering timer expiry.
The previously inserted PE(s) receiving Ethernet Segment route (RT-4)
with a SCT BGP extended community, carve shortly before Service
Carving Time.
3.1. Advantages
MB> This section seems out of place in a protocol spec. I suggest moving this text to the end of the
introduction.
There are multiples advantages of using the approach. Here is a non-
exhaustive list:
* A simple uni-directional signaling is all that is needed
* Backwards-compatible: PEs supporting only older [RFC7432] shall
simply discard unrecognized new "Service Carving Timestamp" BGP
Extended Community
* Multiple DF Election algorithms can be supported:
- [RFC7432] default ordered list ordinal algorithm (Modulo),
- [RFC8584] highest-random weight, etc.
* Independent of BGP transmission delay regarding Ethernet Segment
route (RT-4)
* Agnostic of the time synchronization mechanism used (e.g. NTP,
PTP, etc.)
[…]
3.2. BGP Encoding
[…]
This capability is used in conjunction with the agreed upon DF Type
(DF Election Type). For example if all the PEs in the Ethernet
Segment indicated that they have Time Synchronization capability and
they want the DF type to be HRW, then HRW algorithm is used in
S/then HRW/then the HRW
conjunction with this capability.
- [bess] Document shepherd review of draft-ietf-bes… Bocci, Matthew (Nokia - GB)
- Re: [bess] Document shepherd review of draft-ietf… Luc Andre Burdet (lburdet)