Re: [bess] Comments on draft-sajassi-bess-evpn-mvpn-seamless-interop-04

"Kesavan Thiruvenkatasamy (kethiruv)" <kethiruv@cisco.com> Mon, 15 July 2019 21:10 UTC

Return-Path: <kethiruv@cisco.com>
X-Original-To: bess@ietfa.amsl.com
Delivered-To: bess@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0696C120129 for <bess@ietfa.amsl.com>; Mon, 15 Jul 2019 14:10:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=U5LHOPZv; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ggxDLhSL
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HxnPz2rqI4yO for <bess@ietfa.amsl.com>; Mon, 15 Jul 2019 14:10:38 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4BBBE1200D6 for <bess@ietf.org>; Mon, 15 Jul 2019 14:10:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=34313; q=dns/txt; s=iport; t=1563225038; x=1564434638; h=from:to:subject:date:message-id:mime-version; bh=WslS/wDlMK18uC9GWjRm50m48EqsYgwnyWoYH56Wb5M=; b=U5LHOPZvASy81Atur1m56yG7PCkU7aUCi8O+K9knKwhr5dDF9K60JnT1 0W9Y1KEC4ptRjSGM2s2fnTQ4r+zxpvOcKhWnV2EUqSfuDqO7S90IDfDkp L7Dah/iS82IYzDFet8ArH+rp27e/yJlnVtNamNc+v4zx3C/HRZ8eceWfp g=;
IronPort-PHdr: =?us-ascii?q?9a23=3Ae0oVxhAP9oWFIBj6w7q7UyQJPHJ1sqjoPgMT9p?= =?us-ascii?q?ssgq5PdaLm5Zn5IUjD/qs03kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHw?= =?us-ascii?q?QAld1QmgUhBMCfDkiuL/P2by0gAdpqX15+9Hb9Ok9QS47z?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CfCgBl6yxd/5tdJa1mH4F6gRUvUAN?= =?us-ascii?q?qVSAECyiEHINHA45OTIFqgSOWUYJSA1QJAQEBDAEBIwoCAQGEQBmCTiM3Bg4?= =?us-ascii?q?BAwEBBAEBAgEFbYU8DIVLBhIRBAYTAQE4EQEIOAoCBDAnBAESFAcHgwABgR1?= =?us-ascii?q?NAx0BDgOhOQKBOIhgcX8zgnkBAQWBRkFAgkAYghMDBoE0i18XgUA/gRABJww?= =?us-ascii?q?Tghc1PoJhAgMBggqCXTKCJo54hH6Ia44GCQKCGYZYhG6IRhuCLYclhAyKLI0?= =?us-ascii?q?1h0iQCAIEAgQFAg4BAQWBZiIqgS5wFWUBgkGCSAIIEoNOhRSFP3KBKY8CAQE?=
X-IronPort-AV: E=Sophos;i="5.63,494,1557187200"; d="scan'208,217";a="595182831"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 15 Jul 2019 21:10:18 +0000
Received: from XCH-ALN-015.cisco.com (xch-aln-015.cisco.com [173.36.7.25]) by rcdn-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id x6FLAIVj006358 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 15 Jul 2019 21:10:18 GMT
Received: from xhs-aln-001.cisco.com (173.37.135.118) by XCH-ALN-015.cisco.com (173.36.7.25) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 15 Jul 2019 16:10:18 -0500
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by xhs-aln-001.cisco.com (173.37.135.118) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 15 Jul 2019 16:10:17 -0500
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 15 Jul 2019 16:10:17 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=htMRwn2RHIxlJIKnkWhIotzcaw0L2Z3Qcib7qZ6Z1aZ1zdh5vzbvD/UWS9LQ3wyxWdjpiWcRyimBBFLV9mYu1Eca3iGJ+lsVl0kBOR/F0ysvxicdraJ3feWo1b73fa9tLWO3ESm+KDSR2ZYmOlZOgnb7A3mlqEtNKD5wWZ7TAG6FRMUjrGJVdiqUhbRkenPSe/xTnZjEsBf8ohHPJ1VvTk2WbgFruz9/tJkKMlc2j1rTC+U6IqBXnczgVhh0FOJqLpCInoVPIDCojW88/ZQulclyRByJA0BJW3yPQhRvKnGHGYiLUHKN2+3t1RDGJuQ705T+6fEFYsfr/6JPjM7OVQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WslS/wDlMK18uC9GWjRm50m48EqsYgwnyWoYH56Wb5M=; b=JitXYAdeyMGMD5SCcFcuEjlBHG+zqU52q+5w3AKKkrLDReeyB+IrDY0NrHG2HV+HfvapLPnAuNPHIqBOyVvRqbVamVaXwMPc8P/YiMRQFJbUleh1cGRuSfriLs+cI/DXVpu4AKFH0ew4aoqCBOPcAnwW+E2gGHlHT6cPKqYwa3ZjZNCfpjKLkGKNvPcKtpuTxrXX39OgeycXlO+j2KkVjZ/RSPKEwPlcgW3nwvnoioY7RawprY5PZQrbzFRic5XrjOTYGIOWp4kkDPZBMSc8CKp/3sJayoGvWMxm3d8BfX1seGl6MEuDrRU3V2ud8gKcwTiDXhNdcdBmK5ZHiqs9VA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WslS/wDlMK18uC9GWjRm50m48EqsYgwnyWoYH56Wb5M=; b=ggxDLhSLqR6ZnxTcywEgCnEAnpHlZjFomAwAgLcmcZKfgMQUz3QXLbH8gVfCohPsMHM4XxRzNewGSgXXwp6eV/BQ08Oag6K1BcDF36W6kKAzfgPzycd2WHr4gMNWhjgxGzFyYliFwMbDuTOfxpom/MVGiZu/4jSguh1apw/zm8Y=
Received: from MWHPR11MB1726.namprd11.prod.outlook.com (10.169.233.137) by MWHPR11MB1631.namprd11.prod.outlook.com (10.172.56.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14; Mon, 15 Jul 2019 21:10:16 +0000
Received: from MWHPR11MB1726.namprd11.prod.outlook.com ([fe80::e9bf:eb4a:836b:a3b]) by MWHPR11MB1726.namprd11.prod.outlook.com ([fe80::e9bf:eb4a:836b:a3b%7]) with mapi id 15.20.2073.012; Mon, 15 Jul 2019 21:10:16 +0000
From: "Kesavan Thiruvenkatasamy (kethiruv)" <kethiruv@cisco.com>
To: "xiejingrong@huawei.com" <xiejingrong@huawei.com>, Bess WG <bess@ietf.org>
Thread-Topic: [bess] Comments on draft-sajassi-bess-evpn-mvpn-seamless-interop-04
Thread-Index: AQHVO1GyVJGEJ9kSeEWQczN98JqcDw==
Date: Mon, 15 Jul 2019 21:10:15 +0000
Message-ID: <777F9822-9782-4F05-83E7-93A8398B12C2@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1a.0.190609
authentication-results: spf=none (sender IP is ) smtp.mailfrom=kethiruv@cisco.com;
x-originating-ip: [2001:420:30d:1254:7dfc:2382:5987:7ed9]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 26675fc4-7ad3-4f76-d995-08d70968d5e5
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MWHPR11MB1631;
x-ms-traffictypediagnostic: MWHPR11MB1631:
x-ms-exchange-purlcount: 4
x-microsoft-antispam-prvs: <MWHPR11MB16317E8A05C128FCFF5BEB6BCACF0@MWHPR11MB1631.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00997889E7
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(396003)(376002)(136003)(39860400002)(346002)(43544003)(199004)(189003)(5024004)(14444005)(6512007)(256004)(6246003)(36756003)(86362001)(53936002)(8676002)(6306002)(66446008)(486006)(6486002)(66556008)(66946007)(66476007)(64756008)(81166006)(6506007)(2906002)(6436002)(476003)(81156014)(91956017)(76116006)(2616005)(2501003)(790700001)(186003)(8936002)(316002)(9326002)(110136005)(25786009)(58126008)(68736007)(14454004)(46003)(66574012)(606006)(7736002)(54896002)(102836004)(478600001)(99286004)(71200400001)(5660300002)(236005)(33656002)(229853002)(966005)(6116002)(71190400001)(523214003); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR11MB1631; H:MWHPR11MB1726.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: h8hDmqbmVEJiKq6D+tPn+Pn8+przKxgBcKuhIg9BhQnZv7l8h7yWRQ14cmEzZZ6AfV41iqFKl6uYsJHqLxYFH20epyDMRQNanNoMH6LMsoDwditCjKle4IaCROSmQaLIOlRS2oxgynBFM405tYXzMu/fqopiurM7vhGadAe4sQ+3mz1hJxCpzJ106nqtcYMYxIqSlnzXIouSgLL9UWFSooHBTcVlmUfHYu/0ZtU8DDyd4z5uHrc0VjVnk5uWDebE0wdMbtSLNM2AfN9ZVgtTC1EpWuYMP+wXbNwntf+qpJibJeN8hXw6tB86zll9cLWeATDkfYRm7ffbhKoIYpjbtyea+4xoml8cYMfoBx6ZRz2dr+i78wf3HiBUoQnMsXt2fDDrXN4UtPfdDnA6WKdC4u29wOPr3oa+UP9+S6xPi7M=
Content-Type: multipart/alternative; boundary="_000_777F982297824F0583E793A8398B12C2ciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 26675fc4-7ad3-4f76-d995-08d70968d5e5
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jul 2019 21:10:16.1600 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: kethiruv@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1631
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.25, xch-aln-015.cisco.com
X-Outbound-Node: rcdn-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/bess/yTMVTvIc6CGrwFzDLPJpsyKXSHQ>
Subject: Re: [bess] Comments on draft-sajassi-bess-evpn-mvpn-seamless-interop-04
X-BeenThere: bess@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: BGP-Enabled ServiceS working group discussion list <bess.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bess>, <mailto:bess-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bess/>
List-Post: <mailto:bess@ietf.org>
List-Help: <mailto:bess-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bess>, <mailto:bess-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 21:10:42 -0000

Hi Jingrong

Thanks for your comments. Please find responses below.

Regards,
Kesavan



[bess] Comments on draft-sajassi-bess-evpn-mvpn-seamless-interop-04

Xiejingrong <xiejingrong@huawei.com> Mon, 08 July 2019 11:47 UTCShow header<https://mailarchive.ietf.org/arch/msg/bess/SWY3fzK1unFbY5MYnD7dkaBSZ9I>

Hi



Thanks the authors to introduce this very useful, very clear draft.

I do think it deserves very much the adoption by the WG as an solution option.



Here are some minor comments after I read the latest draft (which I think does not affect the adoption):



6.  Solution Overview

   This section describes a multicast VPN solution based on [RFC6513]

   and [RFC6514] for EVPN PEs operating in IRB mode that want to perform

   seamless interoperability with their counterparts MVPN PEs.

[XJR] with or without their counterparts MVPN PEs (since this document covers both).



Kesavan>> This section covers with MVPN PE. Later section covers EVPN only PEs.





   EVPN-PEs advertise unicast routes as host routes using EVPN route

   type 2 for sources that are directly attached to a tenant BD that has

   been extended in the EVPN fabric. EVPN-PE may summarize sources (IP

   networks) behind a router that are attached to EVPN-PE or sources

   that are connected to a BD, which is not extended across EVPN fabric

   and advertises those routes with EVPN route type 5. EVPN host-routes

   are advertised as IPVPN host-routes to MVPN-PEs only incase of

   seamless interop mode.

[XJR] Editorial error. Incase of -> in case of



Kesavan>> Will take care in the next revision





   In gateway model, EVPN-PE advertises unicast routes as IPVPN routes

   along with VRI extended community for all multicast sources attached

   behind EVPN-PEs. All IPVPN routes SHOULD be summarized while

   adverting to MVPN-PEs.

[XJR] VRI is used before its definition ---- VRF Route Import(6514) or IPv6 VRF Route Import(rfc6515) in my opinion.





Kesavan>> Will take care in the next revision







   VRI is constructed as following:

      -  The 4-octet Global Administrator field MUST be set to an IP

         address of the PE.  This address SHOULD be common for all the

         IP-VRFs on the PE (e.g., this address may be the PE's loopback

         address or VTEP address).

      -  The 2-octet Local Administrator field associated with a given

         IP-VRF contains a number that uniquely identifies that IP-VRF

         within the PE that contains the IP-VRF.

[XJR] Does this document want to cover Underlay IPv6 network (described in RFC6515) ? If it does(I guess), then the VRI can be IPv6 VRF Route Import as pointed above, and the Global Administrator can be a 16-octet field.





Kesavan>>  Thanks for pointing this out.  Will add this in the next revision.







   EVPN PE MUST have Route Target Extended Community to import/export

   MVPN routes. In data center environment, it is desirable to have this

   RT configured using auto-generated method than static configuration.

[XJR] is it a new specification for EVPN PE to have RT Extended Community ? if it does not, then MUST word is unnecessary.





   The following is one recommended model to auto-generate MVPN RT:

      - The Global Administrator field of the MVPN RT MAY be set

        to BGP AS Number.

      - The Local Administrator field of the MVPN RT MAY be set to

        the VNI associated with the tenant VRF.

[XJR] It's very helpful to have a method to auto-generate RT. Should this case be pointed out to help decision of using this method or not : the VNI is 24bit, and the Local Administrator is 16bit ?





Kesavan>> This is an AS specific EC. Local Administrator field is 4 bytes







9.2.3.  Other Encapsulation

   In order to signal a different tunneling encapsulation such as NVGRE,

  GPE, or GENEVE the corresponding BGP encapsulation extended community

   [TUNNEL-ENCAP] SHOULD be appended to the MVPN I-PMSI and S-PMSI A-D

   routes. If the Tunnel Type field in the encapsulation extended-

   community is set to a type which requires Virtual Network Identifier

   (VNI), e.g., VXLAN-GPE or NVGRE [TUNNEL-ENCAP], then the MPLS label

   in the PMSI Tunnel Attribute MUST be the VNI associated with the

   customer MVPN. Same as in VXLAN case, a gateway is needed for inter-

   operation between the EVPN-IRB PEs and non-EVPN MVPN PEs.

[XJR] I suggest remove the over-thought about various Encapsulation, we have seen different BGP attribute other than the TUNNEL-ENCAP attribute in https://datatracker.ietf.org/doc/draft-geng-bier-ipv6-inter-domain/

Hope you have a look at that one, and see if this kind of BIERv6 tunnel be useful for some scenario this document want to solve ---- to have a non-segmented P2MP tunnel from TOR in SPDC to BNGs outside of the SPDC.

Welcome your comments as well.



Kesavan>>  We need to cover encapsulation methods used in the underlay.  Will check other draft that has been pointed out here and get back to you.





Thanks

Jingrong