Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

"Ali Sajassi (sajassi)" <sajassi@cisco.com> Mon, 26 March 2018 04:53 UTC

Return-Path: <sajassi@cisco.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A5B3129C6B for <bess@ietfa.amsl.com>; Sun, 25 Mar 2018 21:53:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -12.521
X-Spam-Level:
X-Spam-Status: No, score=-12.521 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h3CGOFNKzLcZ for <bess@ietfa.amsl.com>; Sun, 25 Mar 2018 21:53:52 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2844612711B for <bess@ietf.org>; Sun, 25 Mar 2018 21:53:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=56728; q=dns/txt; s=iport; t=1522040032; x=1523249632; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=p+li/z/onXNQGbTVgD+USZuEY2I62miGnN7/zfUdT4c=; b=gsxheoIRdxMaylafbVXDW8QAkJKuNEur6gqygwmdi2RI+NeeqaC/5Dai x/v67EKdm+YXbirJPl2jTN3Cwk07WOOdfDs1neB4k+AACrHZRYB6UDRhP OOTz+RN7I+kYE3Gj/LQdUX5vTCEfCqsSD7Ne0Yul57sebd04E3QSE9DSn I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D/AACRfLha/51dJa1eGQEBAQEBAQEBAQEBAQcBAQEBAYJNRS9hcCgKg1KIAI0NgVMhgRGSURSBcgsihGMCGoNWITQYAQIBAQEBAQECayiFJQEBAQQjCkELEAIBCBEDAQIhAQYDAgICMBQJCAIEAQ0FFAeED2QPqxiCIIN4AYRGghqHWIIUgQwiDIFcfYMTAQECARh/EQESARItFgiCQzCCJAOHCT9EiB0hhnUIAoVQgk+GEIEwOYNvhmGHJoFthjwCERMBgSQBHDhhcXAVOioBghgJgWhajU8BNW8BAY1eDRiBCIEXAQE
X-IronPort-AV: E=Sophos; i="5.48,363,1517875200"; d="scan'208,217"; a="88817133"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by alln-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Mar 2018 04:53:50 +0000
Received: from XCH-RTP-015.cisco.com (xch-rtp-015.cisco.com [64.101.220.155]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id w2Q4rokx004286 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 26 Mar 2018 04:53:50 GMT
Received: from xch-rtp-005.cisco.com (64.101.220.145) by XCH-RTP-015.cisco.com (64.101.220.155) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 26 Mar 2018 00:53:49 -0400
Received: from xch-rtp-005.cisco.com ([64.101.220.145]) by XCH-RTP-005.cisco.com ([64.101.220.145]) with mapi id 15.00.1320.000; Mon, 26 Mar 2018 00:53:49 -0400
From: "Ali Sajassi (sajassi)" <sajassi@cisco.com>
To: John E Drake <jdrake@juniper.net>, "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>, Eric Rosen <erosen@juniper.net>, Sandy Breeze <sandy.breeze@eu.clara.net>, "Satya Mohanty (satyamoh)" <satyamoh@cisco.com>
CC: "bess@ietf.org" <bess@ietf.org>, "Ali Sajassi (sajassi)" <sajassi@cisco.com>
Thread-Topic: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description
Thread-Index: AQHTwTLSpKI1nWgbp0ukIa0wdFUT3Q==
Date: Mon, 26 Mar 2018 04:53:49 +0000
Message-ID: <65CFEEAF-14A9-4897-8530-4EC01A6A3895@cisco.com>
References: <53C24F41-B86F-4FE1-8041-721C95C7E7F0@nokia.com> <b4272e23-0b57-bc23-0840-4a4eb0991966@juniper.net> <373D0F59-2947-4370-9BDC-081E03867B2E@nokia.com> <493dc791-599b-b36c-5855-87059b12fb16@juniper.net> <52EFFC0D-0948-44CC-BBC5-AD9E1A2E45AD@nokia.com> <07BD5AF9-A898-4EF3-9FD2-DE1566A7F51E@cisco.com> <9999F37C-C13C-4057-9162-D8D14FD58A68@juniper.net>
In-Reply-To: <9999F37C-C13C-4057-9162-D8D14FD58A68@juniper.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.b.0.180311
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.24.90.119]
Content-Type: multipart/alternative; boundary="_000_65CFEEAF14A9489785304EC01A6A3895ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/rYDT-L9dlFPpnLaIpdj38lkblfo>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2018 04:53:55 -0000

I had some further discussions with the authors of the draft and we have reached the following conclusions:


  1.  The solution that they will capture in their draft will be based on option-A which is:
     *   Enable DF election on per mcast flow – this gives the best load-balancing for DF election among multicast flows and avoids FAT VLAN issue
     *   Enable IGMP proxy and SMET route – avoid unnecessary replication/transmission of mcast flows over core
  2.  They will re-spin their draft as informational and capture their use case along with the requirements and the solution
  3.  We will need to update the text in per-mcast-flow-df-election draft, igmp-mld-proxy draft, and pim-proxy draft to capture vES in addition to ES and in future drafts, we should make sure that both ES and vES are captured

Cheers,
Ali

From: John E Drake <jdrake@juniper.net>
Date: Sunday, March 25, 2018 at 9:57 AM
To: Cisco Employee <sajassi@cisco.com>
Cc: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>, Eric Rosen <erosen@juniper.net>, Sandy Breeze <sandy.breeze@eu.clara.net>, "bess@ietf.org" <bess@ietf.org>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

Ali,

I don't mean to quibble but your option A also requires all PEs to be upgraded.  However, it's both a more mainstream upgrade and a better solution than the Sandy/Satya proposal.

Also, as we discussed last week, the SMET processing already includes what Sandy/Satya proposal wants to do.   I.e., when  a PE is no longer the DF on any of the ESes to which it is attached it withdraws its SMET routes.

Sent from my iPhone

On Mar 24, 2018, at 1:30 PM, Ali Sajassi (sajassi) <sajassi@cisco.com<mailto:sajassi@cisco.com>> wrote:

Hi Jorge,

As I pointed out in my previous email, the use of flag is not a viable option because it requires update to every single PE for it to be effective. Before getting too much into a new solution with many restrictions, we should evaluate the current mechanisms and if they fall short, then discuss new mechanism. In one of my emails (which got sent out of order because the connection on the plane is very slow), I talked about option-A:

The best solution for your use case is (option-A):

  1.  Enable DF election on per mcast flow – gives the best load-balancing for DF election among multicast flows and avoids FAT VLAN issue
  2.  Enable IGMP proxy and SMET route – avoid unnecessary replication/transmission of mcast flows over core

Cheers,
Ali

From: BESS <bess-bounces@ietf.org<mailto:bess-bounces@ietf.org>> on behalf of "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com<mailto:jorge.rabadan@nokia.com>>
Date: Saturday, March 24, 2018 at 3:58 AM
To: Eric C Rosen <erosen@juniper.net<mailto:erosen@juniper.net>>, Sandy Breeze <sandy.breeze@eu.clara.net<mailto:sandy.breeze@eu.clara.net>>, "bess@ietf.org<mailto:bess@ietf.org>" <bess@ietf.org<mailto:bess@ietf.org>>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

Eric, as discussed and you point out, one can easily interpret that IMET is not mandatory in some cases where multi-destination traffic is not needed. In any case, whether this document is Informational or Standards Track is probably not that important.

If this had to be done, out of the options you list, I think omitting the PTA would not be backwards compatible since the use of PTA is a MUST in RFC7432, so RRs wouldn’t like it. Maybe label zero could cause issues too. So maybe a flag is the least disruptive one if the document has to modify something.

I still think it may be better to proceed with the IMET withdraw procedure and clarify that it is only valid for:
a) BUM traffic in IR cases
b) BDs with no igmp/mld/pim proxy
c) BDs with no OISM or IRBs
d) BDs with I-ES associated to overlay tunnels and no other ACs

And any other restrictions/caveats we may need to add.

My 2 cents.
Jorge


From: Eric C Rosen <erosen@juniper.net<mailto:erosen@juniper.net>>
Date: Friday, March 23, 2018 at 5:00 PM
To: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com<mailto:jorge.rabadan@nokia.com>>, Sandy Breeze <sandy.breeze@eu.clara.net<mailto:sandy.breeze@eu.clara.net>>, "bess@ietf.org<mailto:bess@ietf.org>" <bess@ietf.org<mailto:bess@ietf.org>>
Subject: Re: [bess] draft-mohanty-bess-evpn-bum-opt-00 - clarification on problem description

[Jorge] my interpretation of RFC7432 is that IMET routes are mandatory to enable the handling of multi-destination traffic in a BD. But in a non-DF PE for a given ES and with no other ACs in the BD, assuming Ingress Replication, there is no such multi-destination traffic (Tx or Rx). So one could interpret that RFC7432 is ok with withdrawing the IMET route in that case.

If we consider the case of all-active multi-homing, then there may well be Tx multi-destination traffic in the scenario under discussion, as multicast traffic from a given ES could arrive at any PE attached to the ES, whether or not that PE is the DF.

The relevant section from RFC 7432 is:

11.  Handling of Multi-destination Traffic

   Procedures are required for a given PE to send broadcast or multicast
   traffic received from a CE encapsulated in a given Ethernet tag
   (VLAN) in an EVPN instance to all the other PEs that span that
   Ethernet tag (VLAN) in that EVPN instance.  In certain scenarios, as
   described in Section 12 ("Processing of Unknown Unicast Packets"), a
   given PE may also need to flood unknown unicast traffic to other PEs.

   The PEs in a particular EVPN instance may use ingress replication,
   P2MP LSPs, or MP2MP LSPs to send unknown unicast, broadcast, or
   multicast traffic to other PEs.

   Each PE MUST advertise an "Inclusive Multicast Ethernet Tag route" to
   enable the above.  The following subsection provides the procedures
   to construct the Inclusive Multicast Ethernet Tag route.  Subsequent
   subsections describe its usage in further detail.

Interestingly, this says that the IMET route is mandatory to enable "the above", where "the above" is "send broadcast or multicast traffic received from a CE".  Note it says "send", not "receive".

If P2MP tunnels are used for the BUM traffic, the IMET route is certainly required to support all-active multi-homing.  If IR is used, or if single-active multi-homing is used, one could argue that RFC 7432 didn't really need to require the IMET route.  However, it does.

[John] Wouldn’t it be better to have this draft define a bit in the Multicast Flags extended community (https://tools.ietf.org/html/draft-ietf-bess-evpn-igmp-mld-proxy-01<https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dbess-2Devpn-2Digmp-2Dmld-2Dproxy-2D01&d=DwMGaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=-DXB84eU9m4cIlq2OOcCJCQQAwJXQQswyu3F0kG0VNo&m=rs8r_tXnIDIv9e5NNgiXOy5yYuE10r6x9al8H6FgK04&s=V42kiY3ngmDNxMKmk5GgHmy9LcMGdOXpcvbereFtUR8&e=>) indicating that that the originating PE is neither DF nor backup DF for this broadcast domain on any ES to which it is attached?  This allows us to always advertise the IMET route and makes the situation explicit.  I think the consensus is that this situation is rare so the number of IMET route updates shouldn’t be excessive and we could also say that this bit is only set by EVPN DC GWs.
If it's worth doing at all, this would be a better method.  Alternatives would be omitting the PMSI Tunnel attribute, or setting the MPLS label in the PMSI Tunnel attribute to 0.
[Sandy] We’d considered alternative methods other than withdraw, such as extended community or something specific in PMSI Tunnel Attribute.  Withdraw/don’t advertise RT3 approach was chosen for the following reasons;
·         Requires no change to protocol
Since the proposal changes the conditions under which an IMET route is originated, it is certainly changing the protocol.  (It's obvious that the finite state machine is changed.)  Perhaps what is meant is that the protocol change is backwards compatible with systems that implement only RFC7432.  But it does not appear to be backwards compatible with systems that have IRB, and the draft has no analysis of the impact on all the various extensions and proposed extensions to RFC7432.
·         Is computationally easier on all participating PE’s, to deal with a simple withdraw than to look for something in an update.  For instance, on transition from BDF to NDF for example
These are of course not the only considerations.





_______________________________________________
BESS mailing list
BESS@ietf.org<mailto:BESS@ietf.org>
https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_bess&d=DwICAg&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=CRB2tJiQePk0cT-h5LGhEWH-s_xXXup3HzvBSMRj5VE&m=OdMuRFQV6omnCDf3TmywTtn1VPIRaTJK4ryi6yVwveE&s=QAWt42753vZzfOQ0mJP32Xk-D7_QwwEloKLv2jirKNg&e=