IETF Logo Mail Archive

Re: [bess] VXLAN BGP EVPN Question

Gyan Mishra <hayabusagsm@gmail.com> Mon, 27 April 2020 04:34 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B9A53A0A53 for <bess@ietfa.amsl.com>; Sun, 26 Apr 2020 21:34:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[AC_DIV_BONANZA=0.001, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tEQ3cGrgNb5D for <bess@ietfa.amsl.com>; Sun, 26 Apr 2020 21:34:23 -0700 (PDT)
Received: from mail-il1-x136.google.com (mail-il1-x136.google.com [IPv6:2607:f8b0:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC4983A09A5 for <bess@ietf.org>; Sun, 26 Apr 2020 21:34:22 -0700 (PDT)
Received: by mail-il1-x136.google.com with SMTP id u189so15478416ilc.4 for <bess@ietf.org>; Sun, 26 Apr 2020 21:34:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ieMsTECYuxSgBtoxpduGxaVhGK2LLchH8JmnPFJrXw0=; b=euE1SN/BE7MkeAZzc4EewNdwvXCKY/9un/85yOGriQclIo5ljuECY3FwNHOXRwNjLr 7ybdddSHgoMRl7XGtQR8q5Nu9/SvQDrgs2fcNhqSPzpiC3A48fWYnonDvKV5FSiafI+V OTio7uZic7iOwCa5cl/d7TO3od+bgcJjybouyzmDPc+MUN9QnnqXqcJueH3D9Sn4ktrs VZTvbkVjkcfTgCTezjc5CGySgNX7pbktwcCS7ETodPAVzdKfHSMOFSdw+gqMi9+1D9Si qEDMJKnraOa9FwewfqWg/Np+pqD/d/qf+VKNgvfGxJCV6UUsKgACEMmFfteMuvSszb+w TaYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ieMsTECYuxSgBtoxpduGxaVhGK2LLchH8JmnPFJrXw0=; b=HYT7RHzFEKGIgAQbyE3U0YZ3Ky1CtnBBgA+zb8wk2+0kxEcMOizs7tFczarvWgvDgh e7c0nXMi0ya8NpsV+sldXByDz5u0kklSAE4g2JGTJWn66Th0fkeJKAmqmfRuKCBUZmLe Dbb6psZAqvsqe1gjnrbAlamQl22qu4e76E1qLkxsTKJ3ORz/IEqZcKSiMqUe+bEyJ8j3 HayolVTmh0WQWfuzF02tDumYTH5Nko9QGRfuUwhwvdIq7fRFKIB3Lfy47+FtpMseH03E lJdEYduKBMoZ5ZUDpBuDWElNiKy6eVP3uzjXU389xJN39oiHajZoNQJYIHgVmOkOjgQg ZIpQ==
X-Gm-Message-State: AGi0PuaYGrYZ4NO4MjogUPSoNWU1hoZ25qTR9dku6bBBSRL0NHqbD7lU RWi6xIm11HBo24Gz8qOkL+3CQLgbnFeQDPeG1eY=
X-Google-Smtp-Source: APiQypKz/whWvCbQguB5Avs1IOTRzAn8lLU+3fs5n88WwUGe/CuAUm7n0YAHGiTv/gzIZtOGpSp/P7e+wl5mmqi57as=
X-Received: by 2002:a92:ce50:: with SMTP id a16mr19174549ilr.186.1587962061577; Sun, 26 Apr 2020 21:34:21 -0700 (PDT)
MIME-Version: 1.0
References: <CABNhwV1kPDhRcuqS8GOpTiKoyk_QHKVXa582JUznLvKfXQe54w@mail.gmail.com> <CABNhwV352jKVSu2Jwf9dRgzmjc05gvmLo_CL5EGuR12en-7Z_A@mail.gmail.com> <CABNhwV0Tww-8SxBocQBZ4vuj7DMW44ymN4ux4h1JoaYNENnioQ@mail.gmail.com> <8193067d-3b28-40fc-8c96-3f3c528ece6c@Spark> <CABNhwV227BzgCy4JURSqYE_OZ4EgtETSKJ0jZ3yrHEHLuSqVuQ@mail.gmail.com> <0B536455-62B0-434A-9FD8-D5DBB51ACA9E@nokia.com> <CABNhwV0GpszLRrCWxdGYY6-2TkwyjH4FfAFR6ybrjr9K-WGS6Q@mail.gmail.com> <E0E3A8BE-7087-4E2C-951C-4639D151A993@nokia.com> <FFD6C035-8B14-4A1A-A8B5-3472E62CABA7@cisco.com> <CABNhwV3_tps9J=NTjiZQ9T=DbmoFXNkx3ULpaw5DkKkkmSedQg@mail.gmail.com> <FC401FB0-9182-4180-A2C8-D688D2F5A654@nokia.com> <CABNhwV3tUkV20xekWJNhyoHqCAq7vX4bbkFB=RLL0N7onvrHQw@mail.gmail.com>
In-Reply-To: <CABNhwV3tUkV20xekWJNhyoHqCAq7vX4bbkFB=RLL0N7onvrHQw@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Mon, 27 Apr 2020 00:34:10 -0400
Message-ID: <CABNhwV0pFNLiNNjSp3P2SDio1sxAuMSjGspS-6Z=3Ois7CHgGg@mail.gmail.com>
To: "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>
Cc: BESS <bess@ietf.org>, Jeff Tantsura <jefftant.ietf@gmail.com>, "Lukas Krattiger (lkrattig)" <lkrattig@cisco.com>, "sajassi@cisco.com" <sajassi@cisco.com>
Content-Type: multipart/alternative; boundary="00000000000098e4c005a43e3afa"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/u3Uz-lWbDgqZWH4Py6wQVptAjoE>
Subject: Re: [bess] VXLAN BGP EVPN Question
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2020 04:34:29 -0000

Thank you all for the responses and overall Verizon will be looking forward
to the DCI overlay draft being published and implemented by vendors.

The major gain with this draft over multi site with the re-origination of
RD and VNI translation on the gateways preventing the automatic inter pod
inter site flooding creating the selective advertisement feature.  Not the
same as conversation learning where only active local flows within a fabric
are flooded inter fabric.

Verizon and am sure many other operators would benefit greatly with this
draft.

I had another question vxlan evpn NVO3 RFC RFC 8365.

So with the advent of EVPN architecture it had really paved the way for a
new NG L2 vpn architecture primarily from the gain over VPLS in the core or
L2 data center domain is the separation of control plane and data plane.
So how that is achieved by BGP EVPN procedures as we know with the type 1
a-d ES discovery of host AC single or all active multi homed hosts the
concept of “Mac-IP” learning in the control plane separation from NVE
overlay tunnel  local to remote leaf data plane forwarding for local or
globally significant L2 and L3 VNIs.

The other major benefit of vxlan evpn architecture over vpls or traditional
L2 domains is that broadcast is eliminated and converted to BUM constrained
multicast support of ASM and not SSM in the underlay  natively without MVPN
procedures.

With that unicast is carried in the data plane over NVE tunnel L3 VNI and
multicast is carried over the same NVE tunnel using L2 VNI. So here without
MVPN procedures only ASM is supported for BUM traffic.  I believe putting
my PIM WG hat on is that SSM does not support network based source
discovery and so the source and destination anycast vtep leaf cannot be
discovered.

 However if NG MVPN PMSI-UI-MI inclusive or aggregate inclusive trees are
used for scalability then SSM is supported as the discovery happens via
MVPN route type 7 for SSM and  and type 5 and 6 for ASM. I did notice in
the draft that a lot of the similar MVPN procedures for p-tunnel are
replicated using the same RFC 6513-6514.  I noticed that IR as it is
unicast replication and not multicast and does have more processing load
that there is a chance of
With IR their is a chance of transient packet duplication and with that
their is a special vxlan GPC encapsulation.  How does that work and is that
part of the MVPN procedures or is that available with IR w/o MVPN
procedures.

Also with vxlan EVPN architecture as I mentioned the big gain is the
separation of control and data plane with the Type 2 Mac mobility routes
learned via BGP in the control plane.

>From a practical standpoint and benefit of vxlan evpn is that it is
impossible to have a routing loop not only would the control plane not
build but the data plane NVE overlay tunnel would not come up so from a
technical perspective and major benefit of vxlan evpn is that a day N vxlan
deployment it is impossible to have a routing loop that could cause a
meltdown.  I guess if someone injected a host route for leaf vtep would be
no different then in MPLS world someone injecting a FEC into the core but
that is easy to build controls to prevent.

As far a Unicast traffic type 2 Mac mobility routing loop and is that
possible?

As far as unicast flow Mac mobility routing loop my thoughts are that since
we are using BGP standard BGP rules apply that Spine reflects routes
beteeen the rr client leafs and that following standard BGP advertisement
rules the rr client can to advertise back a Mac that was reflected to it by
another leaf and if the loop had to first happen in the control plane for
it to happen in the data plane.

How about BUM traffic routing loop and is that possible?

Section 8.3.1 split horizon with local bias for vxlan encapsulation would
be the means of BUM traffic loop protection.  So what it’s saying below is
that with the “local bias” feature if you have a pair of leafs with anycast
vtep shared IP that Is the one trackers that it filters on the anycast vtep
IP shared and only floods out to all local multi homed hosts for multicast
with the anycast vtep source.  So that way any Mac looped and sourced from
any remote anycast vtep is dropped.


   Every NVE tracks the IP address(es) associated with the other NVE(s)
   with which it has shared multihomed ESs.  When the NVE receives a
   multi-destination frame from the overlay network, it examines the
   source IP address in the tunnel header (which corresponds to the
   ingress NVE) and filters out the frame on all local interfaces
   connected to ESs that are shared with the ingress NVE.  With this
   approach, it is required that the ingress NVE perform replication
   locally to all directly attached Ethernet segments (regardless of the
   DF election state) for all flooded traffic ingress from the access
   interfaces (i.e., from the hosts).  This approach is referred to as
   "Local Bias", and has the advantage that only a single IP address
   need be used per NVE for split-horizon filtering, as oppo


I read through the RFC many times and was looking for any feature that
would prevent unicast or multicast  Mac mobility routing loops.


8.1.5 DF election

For vxlan L2 VNIs where you have a pair of leafs that have all active multi
homed hosts connections to the pair does DF election still occur if both
leafs share an VIP secondary address called the anycast vtep address to
build the NVE tunnel.  Since it’s a single share NVE tunnel between the
pair or multiple leafs I would think there is no DF election.

8.1.4 Aliasing and backup paths

When the NVE overlay data plane tunnel builds the full mesh between all
leafs and with the L3 architecture from the TOR leaf to spine with
traditional ECMP hash based routing polarization occurs with flows and
traffic is not evenly load balanced as compare to multi homed all active
host to leaf layer bundle hashing.   So now with this aliasing of the
backup paths should we see close to even load sharing between all the leaf
to spine node links.  Are their any other tweaks necessary maybe based on
L2 VNI even odd numbering distribution between leaf to spine links.

Kind regards

Gyan

On Sun, Apr 26, 2020 at 7:50 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:

>
> Jorge
>
> In the BGP EVPN NVO RFC 8365 there are  controls built in for Mac flooding
> related to intra pod with all active multi homed hosts. So with any multi
> home failure the mass mac withdrawal all NVEs reconverge to new next hop
> when the ES of failed gateway is withdrawn.  Also the backup path aliasing
> for multi homed always active for load balancing of remote NVEs. Split
> horizon filtering for BUM traffic to prevent looping back to different ES
> gateway connected to host.
>
>
> So with the DCI overlay draft those same EVPN procedures for intra pod NVE
> to help with convergence and  flooding is now applied to the inter pod
> stitched NVE  via the UMR route for BUM traffic.
>
> So the new UMR route type prevents re-flooding when the routes are all
> known via alias to redundant gateway similar to the backup path aliasing
> for load balancing intra-site.
>
> Kind regards
>
> Gyan
>
> On Sun, Apr 26, 2020 at 10:02 AM Rabadan, Jorge (Nokia - US/Mountain View)
> <jorge.rabadan@nokia.com> wrote:
>
>> Hi Gyan,
>>
>>
>>
>> Actually we started with the evpn dci draft in 2013 :-)
>>
>>
>>
>> The way I see the unknown mac route it saves flooding if all the MACs in
>> the POD/DC are known beforehand. The unknown unicast traffic can be aliased
>> to the GWs. In case of failure in one of the GWs, the AD per-ES route for
>> the I-ES will be withdrawn (mass withdraw for all EVIs) and the unknown
>> traffic can be sent to the redundant GWs. So this failure won’t generate
>> any extra flooding.
>>
>>
>>
>> Thanks.
>>
>> Jorge
>>
>>
>>
>> *From: *Gyan Mishra <hayabusagsm@gmail.com>
>> *Date: *Saturday, April 25, 2020 at 8:45 AM
>> *To: *"Lukas Krattiger (lkrattig)" <lkrattig@cisco.com>, "
>> sajassi@cisco.com" <sajassi@cisco.com>
>> *Cc: *BESS <bess@ietf.org>, Jeff Tantsura <jefftant.ietf@gmail.com>,
>> "Rabadan, Jorge (Nokia - US/Mountain View)" <jorge.rabadan@nokia.com>
>> *Subject: *Re: [bess] VXLAN BGP EVPN Question
>>
>>
>>
>>
>>
>> + Ali
>>
>>
>>
>> Lukas
>>
>>
>>
>> I noticed that Ali was on the multi site draft which I which expired in
>> 2017 around the same time the DCI overlay  draft was submitted.  I went
>> through the logs but did not go through the mail archives to see what
>> happen to multi site draft.  My guess is these were two competing drafts
>> and multi site was geared solely to EVPN procedures for vxlan encapsulation
>> and thus did not achieve WG adoption, where your DCI overlay draft accounts
>> for every encapsulation type using EVPN procedures and is more
>> comprehensive approach to DCI providing an improved solution to Multisite
>> vxlan overlay stitching.
>>
>>
>>
>> I like the re-origination of the VNI and RD idea using local context on
>> the gateway as an additional control mechanism which prevents Type 2 mac-ip
>> routes from being flooded between pods that should not without flood
>> filters. With the multi site feature there are no control and all mobility
>> routes are flooded unfortunately active or not.
>>
>>
>>
>> With this draft is it possible to add a feature for conversation learning
>> of only active flows when the type 1 BGP a-d is sent for initial BUM
>> advertisement for arp or nd, there could be a snooping mechanism similar to
>> IGMP snooping that discovers the active flow and thus creates the control
>> plane level type 2 Mac-IP state followed by being flooded in data plane NVE
>> tunnel overlay.  I think this concept could apply intra site fabric leaf to
>> leaf but I think would be extremely beneficial for inter pod or inter site.
>>
>>
>>
>> This could be separate feature or option to the selective advertisement.
>>
>>
>>
>> So the selective advertisement works in conjunction with re-origination
>> of RD and locally significant VNI.
>>
>>
>>
>> So what I would envision with the conversation learning active flow
>> detection feature you would use global VNI and now only the active type-2
>> Mac-IP routes would be propagated inter pod or site.
>>
>>
>>
>> This feature would be a tremendous benefit to operators and help with mac
>> scale.
>>
>>
>>
>> In our Cisco multisite feature implementations we do use the recommended
>> BUM traffic multi site feature specific suppression applied on the BGW.  So
>> that definitely helps with the BUM suppression for sure.
>>
>>
>>
>> In section 3.5.1 UMR - so the route type is like a default Mac route 0/48
>> with ESI set to DCI gateway I-ESI for all active multi homing, and so
>> instead of flooding all mac’s and have to rely on mass mac withdrawals
>> during a failure, now only the UMR is withdrawn.  Is that correct?
>>
>>
>>
>> That’s a huge savings on resources.
>>
>>
>>
>> Kind regards
>>
>>
>>
>> Gyan
>>
>>
>>
>> On Fri, Apr 24, 2020 at 3:25 PM Lukas Krattiger (lkrattig) <
>> lkrattig@cisco.com> wrote:
>>
>> Thanks Jorge and Jeff for guiding all the way thru the features and
>> functions we have around, in DCI-overlay and Multi-Site.
>>
>>
>>
>> Gyan,
>>
>>
>>
>> Specific to the VNI distribution, BUM handling and the re-origination in
>> Multi-Site.
>>
>> With re-origination, the RDs are changed on the GW node. With this in
>> mind, the VNI could be Global or local significant. In the case of local
>> significants, we can stitch VNIs together (ie (VNI1 - GW - VNI2 - GW -
>> VNI3).
>>
>> Further, MAC- or IP-VRFs that are not supposed to be extended to a remote
>> Sites will not advertise any MAC or IP routes beyond the local GW. This way
>> you will keep the control-plane clean and avoid unnecessary creation of
>> flood lists. This is what we call selective advertisement, which is
>> different than conversational learning. Conversational learning could be a
>> complement to selective advertisement. The unknown MAC approach that Jorge
>> mentioned is a different approach for similar optimizations.
>>
>> In addition to ARP suppression, in the specific Cisco implementation of
>> Multi-Site, we provide a BUM traffic policer to rate limit between Sites.
>> This policer are located on the GW and acts in the egress direction.
>>
>>
>>
>> So with the DCI EVPN VNI translation does that end up netting the desired
>> effect control plane segregation from data plane and providing that reduced
>> size Mac VRF showing only active interesting traffic type 2 Mac-IP routes
>> intra pod within the DC.
>>
>>
>>
>> In a certain way, yes
>>
>>
>>
>> Kind Regards
>>
>> -Lukas
>>
>>
>>
>>
>>
>> On Apr 24, 2020, at 7:21 AM, Rabadan, Jorge (Nokia - US/Mountain View) <
>> jorge.rabadan@nokia.com> wrote:
>>
>>
>>
>> Hi Gyan,
>>
>>
>>
>> The dci evpn overlay draft indeed provides that segmentation. EVPN routes
>> are readvertised at the GWs with change in RD/VNI/Nhop, and this certainly
>> optimizes the BUM replication. From end leaf nodes. The draft also
>> introduces the use of an unknown Mac route that the GWs can advertise to
>> their local POD, as opposed to readvertise all the received MAC routes.
>> This can be used under the assumption that if a mac is unknown for a leaf,
>> it must be somewhere beyond the GW. Finally, the draft also allows you to
>> use an I-ES for multihoming and have all-active to two or more GWs.
>>
>>
>>
>> Note that this draft has multiple implementations, and the only reason
>> why is not an RFC yet is due to a normative reference that must be cleared
>> first.
>>
>>
>>
>> Thanks.
>>
>> Jorge
>>
>>
>>
>> *From: *Gyan Mishra <hayabusagsm@gmail.com>
>> *Date: *Friday, April 24, 2020 at 3:54 PM
>> *To: *"Rabadan, Jorge (Nokia - US/Mountain View)" <
>> jorge.rabadan@nokia.com>
>> *Cc: *BESS <bess@ietf.org>, Jeff Tantsura <jefftant.ietf@gmail.com>
>> *Subject: *Re: [bess] VXLAN BGP EVPN Question
>>
>>
>>
>>
>>
>> Hi Jorge
>>
>>
>>
>> I read through the draft and it sounds this vxlan segmentation is similar
>> to multi site segmented multi part LSP used for DCI.   How  does this
>> option compare or contrast with the multi site draft below.
>>
>>
>>
>> With DCI evpn overlay you mentioned, the VNIs on the ASBRs are translated
>> and not global.  Interesting.
>>
>>
>>
>> With multi site the VNIs are Globally significant inter of intra site and
>> an RT rewrite happens for the BGW to BGW middle segment to establish for
>> the NVE to be stitched.
>>
>>
>>
>> So with the DCI EVPN VNI translation does that end up netting the desired
>> effect control plane segregation from data plane and providing that reduced
>> size Mac VRF showing only active interesting traffic type 2 Mac-IP routes
>> intra pod within the DC.
>>
>>
>>
>> Multi site DCI
>>
>> https://datatracker.ietf.org/doc/draft-sharma-multi-site-evpn/
>>
>>
>>
>>
>>
>> Kind regards
>>
>>
>>
>> Gyan
>>
>>
>>
>> On Fri, Apr 24, 2020 at 3:07 AM Rabadan, Jorge (Nokia - US/Mountain View)
>> <jorge.rabadan@nokia.com> wrote:
>>
>> Hi Gyan,
>>
>>
>>
>> If I may, note that:
>>
>>
>> https://tools.ietf.org/html/draft-ietf-bess-dci-evpn-overlay-10#section-4.6
>>
>>
>>
>> Also provides vxlan segmentation, and while the description is based on
>> DCI, you can perfectly use it for inter-pod connectivity.
>>
>>
>>
>> Thanks.
>>
>> Jorge
>>
>>
>>
>> *From: *BESS <bess-bounces@ietf.org> on behalf of Gyan Mishra <
>> hayabusagsm@gmail.com>
>> *Date: *Friday, April 24, 2020 at 5:21 AM
>> *To: *Jeff Tantsura <jefftant.ietf@gmail.com>
>> *Cc: *BESS <bess@ietf.org>
>> *Subject: *Re: [bess] VXLAN BGP EVPN Question
>>
>>
>>
>>
>>
>> Hi Jeff
>>
>>
>>
>> Yes - Cisco has a draft for multi site for use cases capability of inter
>> pod or inter site segmented path between desperate POD fabrics intra DC or
>> as DCI option inter DC without MPLS.  The segmentation localizes BUM
>> traffic and has border gateway DF election for BUM traffic that is
>> segmented stitched between PODs as I mentioned similar to inter-as L3 vpn
>> opt b.  There is a extra load as you said on the BGW border gateway
>> performing the network vtep dencap from leaf and then again encap towards
>> the egress border gateway.  Due to that extra load on the border gateway
>> it’s not recommended to have spine function on BGW thus an extra layer for
>> multi site to be scalable.  Definitely requires proprietary asic and not
>> merchant silicon or white box solution.  The BUM traffic is much reduced as
>> you stated from multi fabric connected super spine or single fabric spine
>> that contains all leafs.  That decoupling sounds like incongruent control
>> and data plane with Mac only Type 2 routes which would result in more BUM
>> traffic  but it sounds like that maybe trade off of conversation learning
>> only active flows versus entire data center wide Mac VRF being learned
>> everywhere.  I wonder if their is an option to have that real decoupling of
>> EVPN control plane and vxlan data plane overlay that does not impact
>> convergence but adds stability and only active flow Type 2 Mac learner
>> across the fabric.
>>
>>
>>
>> https://datatracker.ietf.org/doc/draft-sharma-multi-site-evpn/
>>
>>
>>
>> Kind regards
>>
>>
>>
>> Gyan
>>
>>
>>
>> On Thu, Apr 23, 2020 at 6:04 PM Jeff Tantsura <jefftant.ietf@gmail.com>
>> wrote:
>>
>> Gyan,
>>
>>
>>
>> "Multi site” is not really an IETF terminology, this is a solution
>> implement by NX-OS, there’s a draft though. Its main functionality is to
>> localize VxLAN tunnels and provide segmented path vs end2end full mesh of
>> VxLAN tunnels (participating in the same EVI). We are talking HER here.
>>
>> The feature is heavily HW dependent as it requires BUM re-encapsulation
>> at the boundaries (leaf1->BGW1-BGW2->leaf2..n). So good luck seeing it soon
>> on low end silicon.
>>
>> It doesn’t eliminate BUM traffic but significantly reduces the span of
>> “broadcast domain” and reduces the need for large flood domains (modern HW
>> gives you ~512 large flood groups, obviously depending on HW)
>>
>>
>>
>> Wrt your question about Mac conversation learning - this is an
>> implementation issue, nothing in EVPN specifications precludes you of doing
>> so, moreover in the implementation I was designing (in my previous life) we
>> indeed decoupled data plane learning from control plane advertisement so
>> control plane was aware of “Active” flows.  Needless to say - this creates
>>  an additional layer of complexity and all kinds of funky states in the
>> system ;-).
>>
>>
>>
>> Hope this helps
>>
>>
>>
>> Cheers,
>>
>> Jeff
>>
>> On Apr 23, 2020, 8:30 AM -0700, Gyan Mishra <hayabusagsm@gmail.com>,
>> wrote:
>>
>>
>>
>>
>>
>> Slight clarification with the arp traffic.  What I meant was broadcast
>> traffic translated into BUM traffic with the EVPN architecture is there any
>> way to reduce the amount of BUM traffic with a data center design
>> requirement with vlan anywhere sprawl with 1000s of type 2 Mac mobility
>> routes being learned between all the leaf VTEPs.
>>
>>
>>
>> The elimination of broadcast is a tremendous gain and with broadcast
>> suppression of multicast that does help but it would be nice to not have
>> such massive Mac tables type 2 route churn chatter with a conversation
>> learning where only active flows are are in the type 2 rib.
>>
>>
>>
>> Kind regards
>>
>>
>>
>> Gyan
>>
>>
>>
>> On Wed, Apr 22, 2020 at 6:47 PM Gyan Mishra <hayabusagsm@gmail.com>
>> wrote:
>>
>>
>>
>> In the description of the vxlan BGP evpn scenario has a typo on the
>> multisite feature segmented LSP inter pod with the RT auto rewrite which is
>> similar to MPLS inter-as option b not a.
>>
>>
>>
>> Kind regards
>>
>>
>>
>> Gyan
>>
>>
>>
>> On Wed, Apr 22, 2020 at 5:57 PM Gyan Mishra <hayabusagsm@gmail.com>
>> wrote:
>>
>>
>>
>> All
>>
>>
>>
>> Had a question related to vxlan BGP EVPN architecture specifications
>> defined in BGP EVPN NVO3 overlay RFC 8365 and VXLAN data plane RFC 7348.
>>
>>
>>
>> In a Data Center environment where you have a multiple PODs individual
>> fabrics per POD connected via a super spine extension using a Multi site
>> feature doing auto rewrite of RTs to stitch the NVE tunnel between pods
>> similar to inter-as option A.
>>
>>
>>
>> So in this scenario where you have vlan sprawl everywhere with L2 and L3
>> VNIs everywhere as if it were a a single L2 domain.  The topology is a
>> typical vxlan spine leaf topology where the L3 leafs are the TOR switch so
>> very small physical  L2 fault domain. So I was wondering if with the vxlan
>> architecture if this feature below is possible or if their is a way to do
>> so in the current specification.
>>
>>
>>
>> Cisco use to have a DC product called “fabric path” which was based on
>> conversation learning.
>>
>>
>>
>> Is there any way with existing vxlan BGP evpn specification or maybe
>> future enhancement to have a Mac conversation learning capability so that
>> only the active mac’s that are part of a conversations flow are the mac
>> that are flooded throughout the vxlan fabric.  That would really help
>> tremendously with arp storms so if new arp entries are generated locally on
>> a leaf they are not flooded through the fabric unless their are active
>> flows between leafs.
>>
>>
>>
>> Also is there a way to filter type 2 Mac mobility routes between leaf
>> switches at the control plane level based on remote vtep or maybe other
>> parameters..  That would also reduce arp storms BUM traffic.
>>
>>
>>
>> Kind regards
>>
>>
>>
>> Gyan
>>
>> --
>>
>> Gyan  Mishra
>>
>> Network Engineering & Technology
>>
>> Verizon
>>
>> Silver Spring, MD 20904
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>>
>>
>>
>>
>> --
>>
>> Gyan  Mishra
>>
>> Network Engineering & Technology
>>
>> Verizon
>>
>> Silver Spring, MD 20904
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>>
>>
>>
>>
>> --
>>
>> Gyan  Mishra
>>
>> Network Engineering & Technology
>>
>> Verizon
>>
>> Silver Spring, MD 20904
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>>
>>
>>
>>
>> _______________________________________________
>> BESS mailing list
>> BESS@ietf.org
>> https://www.ietf.org/mailman/listinfo/bess
>>
>> --
>>
>> Gyan  Mishra
>>
>> Network Engineering & Technology
>>
>> Verizon
>>
>> Silver Spring, MD 20904
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>>
>>
>>
>>
>> --
>>
>> Gyan  Mishra
>>
>> Network Engineering & Technology
>>
>> Verizon
>>
>> Silver Spring, MD 20904
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>>
>>
>>
>>
>> _______________________________________________
>> BESS mailing list
>> BESS@ietf.org
>> https://www.ietf.org/mailman/listinfo/bess
>>
>>
>>
>> --
>>
>> Gyan  Mishra
>>
>> Network Engineering & Technology
>>
>> Verizon
>>
>> Silver Spring, MD 20904
>>
>> Phone: 301 502-1347
>>
>> Email: gyan.s.mishra@verizon.com
>>
>>
>>
>>
>>
> --
>
> Gyan  Mishra
>
> Network Engineering & Technology
>
> Verizon
>
> Silver Spring, MD 20904
>
> Phone: 301 502-1347
>
> Email: gyan.s.mishra@verizon.com
>
>
>
> --

Gyan  Mishra

Network Engineering & Technology

Verizon

Silver Spring, MD 20904

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

v2.23.0 | Report a Bug | By Email