[Bier] BIERv6 and BIERin6 support of MVPN-EVPN (bier-ipv6-requirements REQ-2) //FW: draft-xie-bier-ipv6-mvpn question:

"Xiejingrong (Jingrong)" <xiejingrong@huawei.com> Fri, 27 November 2020 03:35 UTC

Return-Path: <xiejingrong@huawei.com>
X-Original-To: bier@ietfa.amsl.com
Delivered-To: bier@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A7B2B3A112E for <bier@ietfa.amsl.com>; Thu, 26 Nov 2020 19:35:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oWxSgWGHCaxK for <bier@ietfa.amsl.com>; Thu, 26 Nov 2020 19:35:06 -0800 (PST)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A88F3A0C4C for <bier@ietf.org>; Thu, 26 Nov 2020 19:35:06 -0800 (PST)
Received: from fraeml701-chm.china.huawei.com (unknown [172.18.147.206]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4Cj0Zc0YlFz67Fyc for <bier@ietf.org>; Fri, 27 Nov 2020 11:33:12 +0800 (CST)
Received: from nkgeml709-chm.china.huawei.com (10.98.57.40) by fraeml701-chm.china.huawei.com (10.206.15.50) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2106.2; Fri, 27 Nov 2020 04:34:58 +0100
Received: from nkgeml705-chm.china.huawei.com (10.98.57.154) by nkgeml709-chm.china.huawei.com (10.98.57.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1913.5; Fri, 27 Nov 2020 11:34:56 +0800
Received: from nkgeml705-chm.china.huawei.com ([10.98.57.154]) by nkgeml705-chm.china.huawei.com ([10.98.57.154]) with mapi id 15.01.1913.007; Fri, 27 Nov 2020 11:34:56 +0800
From: "Xiejingrong (Jingrong)" <xiejingrong@huawei.com>
To: "Jeffrey (Zhaohui) Zhang" <zzhang@juniper.net>, BIER WG <bier@ietf.org>
Thread-Topic: BIERv6 and BIERin6 support of MVPN-EVPN (bier-ipv6-requirements REQ-2) //FW: draft-xie-bier-ipv6-mvpn question:
Thread-Index: AdbEawxlSP9QDEVLS0GhQMp4wmNRUw==
Date: Fri, 27 Nov 2020 03:34:56 +0000
Message-ID: <b22f0ba0cd2b455ab41f89aaed162c26@huawei.com>
Accept-Language: en-US, zh-CN
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.108.201.174]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/bier/wnWsAfDnc4GPPEU395TAC2qjci0>
Subject: [Bier] BIERv6 and BIERin6 support of MVPN-EVPN (bier-ipv6-requirements REQ-2) //FW: draft-xie-bier-ipv6-mvpn question:
X-BeenThere: bier@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "\"Bit Indexed Explicit Replication discussion list\"" <bier.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bier>, <mailto:bier-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bier/>
List-Post: <mailto:bier@ietf.org>
List-Help: <mailto:bier-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bier>, <mailto:bier-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2020 03:35:09 -0000

Hi Jeffrey, 

Thanks for raising this topic. 

Please see my comment below (both the question to BIERv6, and the question to BIERin6):
(I add some text to reflect both BIERv6 and BIERin6 in the topic).

Take care of life and Happy Thanksgiving! No hurry and these discussions can be done smoothly.

Thanks
Jingrong


-----Original Message-----
From: Jeffrey (Zhaohui) Zhang [mailto:zzhang@juniper.net] 
Sent: Thursday, November 26, 2020 11:07 PM
To: BIER WG <bier@ietf.org>rg>; Xiejingrong (Jingrong) <xiejingrong@huawei.com>
Subject: RE: draft-xie-bier-ipv6-mvpn question: 

Happy Thanksgiving (to those who celebrate this holiday)!
Now that my turkey is roasting in oven let me continue with the discussion.

-------

Reviving this old thread that I had with Jingrong on the BIER mailing list some time ago. I see that a new revision was posted recently, but it does not address the points below.

There are three main issues with BIERv6+MVPN solution. The last two below were already mentioned in the old thread.

1. On the egress, when you use the src address to do the lookup, you need a separate routing table, not the existing unicast table for it. I understand that one could argue that is ok. In addition, if a BFR in the middle somehow needs to send an ICMP back to the BFIR, would the src.DT4, src.DT6, src.DT46 in the original IPv6/BIER packet, now used as destination address of the ICMP packet, cause trouble on BFIR (would it be treated as a customer packet for the VPN)?

[XJR]No, it is not a separate routing table, but an Exact-Match(EM) lookup. Exactly the same as BIER-MPLS, using { BIFT-id(representing the SD) + BFIR-id(representing the Ingress PE) + Vpn Label } for the lookup.

2. To address scaling problem described in draft-ietf-bess-mvpn-evpn-aggregation-label (and earlier in this thread), you have to use a common function/arg part in different source addresses, and when doing the lookup, you have to extract that function/arg part out to do the lookup (instead of using the whole address as in unicast case). Now that is not much different from using MPLS label (for service only, not for transportation).

[XJR]We don't live in the concept of transportation/service or the like. It just works fine. IMO it's better to use ARG part though, and SRv6-NET-PGM Arg.FE2 gives a good example.

3. In case segmentation is needed (which I believe will be quite common - when you have a large BIER domain with say thousands of BFERs), this draft does not provide a solution (yet).

[XJR]No, It has a complete solution, no difference than other segmentation solutions.

For #3, with BIER-MPLS, when the segmentation point, which is a BFER in the upstream sub-domain, removes the BIER header, it'll see an MPLS service label for stitching  purpose - it swaps the label to a new service label associated with the PMSI, and impose a new BIER header for the downstream sub-domain (it's a BFIR in the downstream sub-domain). An alternative, which is not desired in my view, is not to use label stitching but do IP lookup in VRFs that is not needed in label stitching solution. This is discussed in https://tools.ietf.org/html/draft-zzhang-bess-mvpn-evpn-segmented-forwarding-00.

[XJR] It is an "implementary" problem.
When Eric Rosen design the BIER-MVPN RFC8556, he prefers a per-flow MPLS label to simplify the "lookup" procedure, but does not simplify the re-encapsulation of NEW-BIER header. It costs much in control-plane accordingly, and worsen the performance like Multicast (S,G) join latency.
It can be "implemented" otherwise, using "per-VPN" label too, without any new control-plane needed, and I would prefer this one.

Now come back to BIERv6. When segmentation is needed, you'll either have to do IP lookup, or use the func/arg part of the source address to do "stitching", which is really just reinventing the MPLS wheel.

[XJR] BIERv6 can do either of the above "implementation", by using a per-flow Src.DT address, or per-VPN Src.DT address. No additional control-plane seen except the current draft.

In summary, while BIERv6's BFIR->BFER encapsulation seemingly gives you parity with SRv6 based VPN solution, it actually deviates from SRv6 VPN unicast model significantly, and possible optimizations end up as reinventing the MPLS wheel.

[XJR] This is not a directly technical argument, but I like this open discussion too. BIERv6-VPN solution is some SRv6-VPN like design, it is also an evolution of MPLS wheel. But it is made as a "Non-MPLS" solution specifically in IPv6.

I can understand that some operators want to move away from MPLS transport, but I still think MPLS based solutions for services are superior when it comes to multicast.

[XJR] This is not a directly technical argument, but I like this open discussion too.
Yes, a pure MPLS solution is wonderful and can work in IPv6 nicely, but I am not sure it is always "superior" or "preferred".
When saying "Non-MPLS" solution in IPv6, I see the BIERv6-VPN and SRv6-VPN is an opinion (Since we are talking about MPLS, it includes both unicast and multicast).
BIERin6, on the other hand, is "hybrid"---- BIER could be running over IP/IP-GRE/IP-UDP in theory/paper, but for VPN the existing method that preferred is VPN-Label over BIER IMO.

Having said that, I understand that there will be operators insisting on using SRv6 based MVPN/EVPN and BIERin6 still works with it nicely due to its clean layering. The BFIR puts on the SRv6 header, optionally with fragmentation and ESP, and then hand the IPv6 packets to BIER layer, which treats the IPv6 packets as BIER payload. In this model, the destination address is a well-known (either IANA assigned or operator configured) multicast locator plus the func/arg portion that identifies the l2/l3vpn - well aligned with unicast model.

[XJR] Question of MVPN-EVPN support in BIERin6:
I have question on BIERin6 as well about the MVPN/EVPN support for "Non-MPLS" solution in IPv6.
The "existing" solution of MVPN in BIERin6 is RFC8556 (using VPN Label), and you seem to agree that this is something not Non-MPLS, and so you have "VXLAN/NVGRE/GENEVE" for Non-MPLS BIERin6-MVPN/EVPN. Am I understand correct ?

Jeffrey

-----Original Message-----
From: Xiejingrong (Jingrong) <xiejingrong@huawei.com>
Sent: Thursday, September 10, 2020 8:40 AM
To: Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>et>; BIER WG <bier@ietf.org>
Subject: RE: draft-xie-bier-ipv6-mvpn question:

[External Email. Be cautious of content]


Hi Jeffrey,
Thanks for your response !
Please see below inline (stripped unneeded text) marked with [xjr2].

Thanks
Jingrong

-----Original Message-----
From: Jeffrey (Zhaohui) Zhang [mailto:zzhang@juniper.net]
Sent: Thursday, September 10, 2020 8:04 PM
To: Xiejingrong (Jingrong) <xiejingrong@huawei.com>om>; BIER WG <bier@ietf.org>
Subject: RE: draft-xie-bier-ipv6-mvpn question:

Jingrong,

Please see zzh> below.


Juniper Business Use Only

-----Original Message-----
From: Xiejingrong (Jingrong) <xiejingrong@huawei.com>
Sent: Thursday, September 10, 2020 3:41 AM
To: Jeffrey (Zhaohui) Zhang <zzhang@juniper.net>et>; BIER WG <bier@ietf.org>
Subject: RE: draft-xie-bier-ipv6-mvpn question:

[External Email. Be cautious of content]


Hi Jeffrey,
Appreciate sincerely for raising discussions about the draft.
Please see my response inline below marked with [xjr]

Thanks
Jingrong

-----Original Message-----
From: Jeffrey (Zhaohui) Zhang [mailto:zzhang@juniper.net]
Sent: Thursday, September 10, 2020 4:36 AM
To: Xiejingrong (Jingrong) <xiejingrong@huawei.com>om>; BIER WG <bier@ietf.org>
Subject: draft-xie-bier-ipv6-mvpn question:


Zzh> While this draft is about MVPN (though you did talk about VNI below), there is no reason to have a different solution for EVPN, in which case every PE could be a BFIR.
[xjr2] OK. This draft has the same scaling problem surely, and DCB/VNI is particularly needed for such MP2MP model.

Zzh> Whether by signaling or by configuration, the key point is that the egress must carve out the same function portion of the source address for lookup. My understanding is that the locater/function/argument portions are not fixed.
[xjr2] Got it!

Besides, would you think it necessary to extend the "DCB label" to 24bit to cover the VNI length ?
Zzh> This is already covered in RFC8365:
[xjr2] Thanks ! Good to see the example exactly!

Can you elaborate the above scenario (BIERv6 packets unicast to BR and then replicated)? Is it a scenario that must be supported?
[xjr] The above scenario is covered in <draft-geng-bier-ipv6-inter-domain>, so it is not covered in this document, as this document mainly focuses on the "BGP-MVPN" protocol extension.
Zzh> If you're referring to the "peering" model in that draft, which is very controversy, it's better to not mention it here at all. That entire draft should be adequately discussed before other drafts start referring to it.
[xjr2] Got it!

When/where would the above two scenarios (non-segmented and segmented) be covered?
Zzh> I agree the BIFT construction is not the concern of this document - whether segmentation is used or not - and we don't even need to list BIFT construction as "out of scope" (this is referring to the non-segmentation case earlier).
[xjr2] Got it!

[xjr] Haven't considered segmented MVPN in detail yet, Will come back if I have any further thoughts.
Zzh> So the segmentation is not "out of the scope" (otherwise there is no complete solution) - it should be "for further study" or "provided in future revisions".
[xjr2] Good to learn the distinction of these terms in draft writing! Thanks!

Zzh> Thanks.
Zzh> Jeffrey

Thanks.
Jeffrey

Juniper Business Use Only

Juniper Business Use Only