IETF Logo Mail Archive

Re: [Idr] BGP Classful Transport Planes

Kaliraj Vairavakkalai <kaliraj@juniper.net> Mon, 19 October 2020 18:06 UTC

Return-Path: <kaliraj@juniper.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 803A93A0ED7 for <idr@ietfa.amsl.com>; Mon, 19 Oct 2020 11:06:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.087
X-Spam-Level:
X-Spam-Status: No, score=-0.087 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=juniper.net header.b=IYg5xWCF; dkim=pass (1024-bit key) header.d=juniper.net header.b=iYWZJI9t
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ya28jcsXeAV1 for <idr@ietfa.amsl.com>; Mon, 19 Oct 2020 11:06:27 -0700 (PDT)
Received: from mx0a-00273201.pphosted.com (mx0a-00273201.pphosted.com [208.84.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5ACC53A0EE5 for <idr@ietf.org>; Mon, 19 Oct 2020 11:06:25 -0700 (PDT)
Received: from pps.filterd (m0108159.ppops.net [127.0.0.1]) by mx0a-00273201.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 09JHvDMp012467; Mon, 19 Oct 2020 11:06:24 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=PPS1017; bh=MIQXitFO7wZnXI7E0QK47HRMcfv2jFhZJ3ZlW7HF/YE=; b=IYg5xWCFaFmM6EqdMezE1QU1CzQwbK6Ndv7BVOE64/1ZpND/c32rbt+WFirTmpG7E/pY EyX6IYlnn0/TxCoVfCk7wMk/o0BL+7SNvpeU9w5wihmwBbBYDy5Inuy76+eD3xTTUrTg 12ZtI0TlBfXKcuQGENG/VS6h1feNvIb5cwHzqpip2i173KHtES1I3lw9Bd3O+PLsaBjd z3ZapF1xHA/XhezSAXEZyU7x3X5lIACG7gHwgeTtqlN+7+RgpPjtohENTCX69cc1kRHq iubxTb7Qj2klPVh1kD4P7ejrqD8MzmjakhCYQWV3Tos1+ptOFFfH1z/RcrbjjEu95I7d /A==
Received: from nam02-sn1-obe.outbound.protection.outlook.com (mail-sn1nam02lp2050.outbound.protection.outlook.com [104.47.36.50]) by mx0a-00273201.pphosted.com with ESMTP id 347xjy2xwd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 19 Oct 2020 11:06:23 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fkywIhC6hJwNb/MbcIITYI/MRwu4CpgKlNh86IQR5njmsLJiI1Nr/d9/wdzYOW8KNCKpkmmaPKG+O9FKsYAFA+fktIS/KYcnFdQYTowivEFlJxngz2s6Aou+a7TghXVjOlgcJaaZWwkmtK4JsE0TUflVo5Ikv4mqnEwOyHP4FSLUUU5IIKJMzGMLs035RgGoLAwVY1FmaJBSodusoWUlUTpQYyGESieV8rPXoAsMZFpIJm3ws7rlOaWCNCQmWLE4kSxIxOx/zxjqAHxmEbXY4FzB+Yk4Mb42cb/kU9P2FCMSlPYB69tw57KwwzUxHv+gCfg5WMW2GIfPvlJzIVnUUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MIQXitFO7wZnXI7E0QK47HRMcfv2jFhZJ3ZlW7HF/YE=; b=gd9+kfdvRH98rVUXX3eqqZDNtX3Tse3mTKMYdLUpRIyoN+gH9SpRzRdJnib6Tvj0uRrF8D/oIiavzt1hC64sllXT3xGRIwGhJOTlEszIYfxcOGzLm7VlVTQqKcquqceL1D6d3oCH+xujJNVfGyxvGD5VbbFiBMRcd9G1R09u/68cofugzYfd816WhIBrJUehfvw+KBcDaXI+vNBPILtYqRh3ExRUCfRZebi6PXx4t1W5BikRXdge2hFzaGVmDBcN0HZDEOvLMbC1GAs+DuLtTMHBtwR4v+W4J6pmQOrI6cS+Kr05IR2UcyQ6XYocKgPdJHPt/9VALHly89Zi/BmjGA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=juniper.net; dmarc=pass action=none header.from=juniper.net; dkim=pass header.d=juniper.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MIQXitFO7wZnXI7E0QK47HRMcfv2jFhZJ3ZlW7HF/YE=; b=iYWZJI9t0SldIt5aDjKdaN4RI7blYLbTzoFkcyTfJ+sTigN0qIQyd0Nrj8sO2lJHiqN2XA5jP1/6pDP6pz8lNj1c0Qa6OogbvU3BuRTonKGvlalVtdm28Eldn4ZCp54jXmD0RPKsw++vKUsoyXitzaLhTZEVva21Sn2diyf4iUk=
Received: from BY5PR05MB7075.namprd05.prod.outlook.com (2603:10b6:a03:1bd::32) by BY5PR05MB6964.namprd05.prod.outlook.com (2603:10b6:a03:1ba::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.11; Mon, 19 Oct 2020 18:06:20 +0000
Received: from BY5PR05MB7075.namprd05.prod.outlook.com ([fe80::f944:d24a:1401:410f]) by BY5PR05MB7075.namprd05.prod.outlook.com ([fe80::f944:d24a:1401:410f%7]) with mapi id 15.20.3499.015; Mon, 19 Oct 2020 18:06:20 +0000
From: Kaliraj Vairavakkalai <kaliraj@juniper.net>
To: Gyan Mishra <hayabusagsm@gmail.com>, Robert Raszuk <robert@raszuk.net>
CC: Natrajan Venkataraman <natv@juniper.net>, "idr@ietf. org" <idr@ietf.org>
Thread-Topic: [Idr] BGP Classful Transport Planes
Thread-Index: AQHWpJpxW14vpdCoWEu7NQcRLbFx66mcARyAgAE8MYCAATFagIAAV+AA
Date: Mon, 19 Oct 2020 18:06:19 +0000
Message-ID: <BD0F986A-1A85-49E8-9FCA-80D1232B5C3A@juniper.net>
References: <CAOj+MMEdijdGVMKS3Qf-nabj0gZk+rrf7ygZ1H+6AyvxdP7xuA@mail.gmail.com> <59A888A2-682A-4A36-B80A-CC46DB02D1EA@juniper.net> <CAOj+MME2fY0HT0jKd-mVPgJPyModgwLwexb=XXsKxPxW91yfsw@mail.gmail.com> <CABNhwV0cCm+n0q8tvJuaU9ayhhWrLoFNbfSGogeAM+ecgt3L8A@mail.gmail.com>
In-Reply-To: <CABNhwV0cCm+n0q8tvJuaU9ayhhWrLoFNbfSGogeAM+ecgt3L8A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.42.20101102
msip_labels: MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits=0; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId=bea78b3c-4cdb-4130-854a-1d193232e5f4; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId=16a05daa-d855-4bef-81c6-2296b1ab0515; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate=2020-10-19T17:45:26Z; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method=Standard; MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name=Juniper Business Use Only;MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled=true;
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=juniper.net;
x-originating-ip: [66.129.242.10]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: a093479d-f793-4850-3ce4-08d87459ae6f
x-ms-traffictypediagnostic: BY5PR05MB6964:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BY5PR05MB6964645ADC86519731857EF2A21E0@BY5PR05MB6964.namprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qwQ2OTGmu8IDMRFLw0HJ7P8dAxBho1gueOkstJXM6I0dVJNwgXs3zD6jn2PqKPmITCAVrc9wHHiZozOpGlFTpr5GBdxbMFaqaowksPLlOvb5xd7raS2bZ6yiUGCzu20WdZD2Wxyg4Z4JEgO6FFTGAA1fiwP3OhAqGHGM3pjT7wIFQP4qzO1t9B14csYSIxaCBJik56Q/CwG5jMiz8EAfp9+NTfAtVn6Q0n6DRRWrRrOmKKYYDiAsehOrNqU3X4bJgDCLdoKK2VypS/MArAw7ZDxV7IdCC4dP6DoeojljRtrNj3miCUW/TMQASb7egd8j6otiEWHOE8/fRBfPJFoxGYJVeLjrnsNasD6ssFqRGB21QNxwh7QuUfLQJiVUEvfjNbHvTY8zslg3WVtnENuIlg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR05MB7075.namprd05.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(346002)(366004)(39860400002)(136003)(376002)(316002)(110136005)(166002)(6486002)(86362001)(76116006)(83380400001)(9326002)(2906002)(91956017)(54906003)(8936002)(5660300002)(66946007)(66476007)(66556008)(64756008)(66446008)(8676002)(30864003)(966005)(6506007)(2616005)(53546011)(71200400001)(26005)(186003)(478600001)(36756003)(33656002)(4326008)(6512007)(579004)(559001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: HV3llXw2sd82/LKnqzKkH7dkPwDHLMHd8U/qgZfhaVQSRsY8sSJ9xIFCXD4YnGfAdd61x85H9L+Rz/F3U1f6VlSWOGW96YuC9LCKB7SaDozvo4skpfK3cwacWehhmWdsU0VCBzcriV7Mzwk5d1DRYO7Dr+W1G0vB44ADtZS48Vy5a5Z6dlM18HQSuNnkuxUUzEb4HOgyyvkdbLOObWK0ovjgEgNF658bCyRrUcdhFD3sOVVQXC9eVwdn1pQsCiIcQKI1l1OmSiXr80dZjHeCwiBbXyRdPUJBX37duRLJuw2FPpuYBZdSG/Xz3m6Lav9WMCB8vta8pzX3KYcht1j9GOWt8M852CBKFGGOfCFsMhnGSye3k2o2Ni4Rf2cErPTTnS0k4gp2rQ9w1HJdk7w0k6EZ/x1diHjqip7K3X+oMUjjf5vqJL8LmJ3/kvgxaOrNpsJzmCgzxQEJTbFQPXLHT4g6da3UZWXWUzj4t0C0GIfKc0Xg43yRbAJgpRF2FFLxcyy2xJN1kWvO5TIj4Z/XCsthGB6icVqPjnHavMPHJRPUuvJRpbc2TtmK8y1y7PD1voMsEAGk4cgurJD9TKhO8j5GEtr0IQLW5yvTkK3EDOdn1gk4hyjTn3HoqPf2wa4j65Go4Q0sTX15Y3mbysgNxA==
Content-Type: multipart/alternative; boundary="_000_BD0F986A1A8549E89FCA80D1232B5C3Ajunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR05MB7075.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a093479d-f793-4850-3ce4-08d87459ae6f
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Oct 2020 18:06:19.8973 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: sn+zT6gC7aKE1M7kpBqxk6uE79MOx61EBv+ckG6z4oaqem1V9uryLjIbkIDh0dke98Z+pFFzIOqOJA6R/3VeDA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR05MB6964
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-10-19_08:2020-10-16, 2020-10-19 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 spamscore=0 bulkscore=0 clxscore=1011 phishscore=0 priorityscore=1501 malwarescore=0 adultscore=0 mlxscore=0 mlxlogscore=999 impostorscore=0 suspectscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2010190123
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/FUDzOjxnvHJT6uTJ18lEjADxMYg>
Subject: Re: [Idr] BGP Classful Transport Planes
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Oct 2020 18:06:32 -0000

Hi Gyan,

No, there is no impact to existing CsC deployments.

This draft creates a new SAFI that parallels BGP-LU in option-C deployments. I will clarify this with an explicit mention to option-C in the introduction.

The deficiency being addressed is: In today’s option-C deployments, if multiple classes(gold, bronze, etc) of tunnels exist to a destination PE1 in one domain, they can not be extended out to the adjacent domains by using BGP-LU, such that service-traffic in those domains is able to choose a certain class of tunnel.

The new SAFI 76 carries NLRI of the form RDx:PE1, such that route for each class is carried using a distinct RD and doesn’t hide the other classes. And a new type of RT is used to denote the transport-class of the tunnel. This RT is used to leak the transport-routes into transport-RIBs of the same class on the receiving nodes – just like what L3VPN family does.

The note about similarity with CsC was just that: CsC uses SAFI 128 (L3VN) family to carry transport-prefixes in the mother carrier. Similarly, this SAFI 76(BGP-CT) also carries transport-routes in option-C deployments.

Hope that clears the confusion. Thanks for the comments.

Kaliraj

From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sunday, October 18, 2020 at 10:52 PM
To: Robert Raszuk <robert@raszuk.net>
Cc: Kaliraj Vairavakkalai <kaliraj@juniper.net>, Natrajan Venkataraman <natv@juniper.net>, "idr@ietf. org" <idr@ietf.org>
Subject: Re: [Idr] BGP Classful Transport Planes

[External Email. Be cautious of content]

Hi Kaliraj,

I read the draft and had a few comments.

This draft creates a new SAFI 76 BGP-CT that parallels BGP-LU that is being used to fix a deficiency with CSC as far as the transport label being used as customer carrier Hierarchical VRF to the customer carrier customer VRF and not in a separate transport rib.

The framework behind CSC is that the backbone carrier PE runs BGP LU to customer carrier CE, and the transport routes are within SAFI 128 Customer carrier VRF. The PE-CE backbone to customer carrier must MPLS enabled. The Customer Carrier
would have a it’s own hierarchical customer VRFs that would be tunneled across the backbone carrier.

The customer carrier hierarchical VRF to its customers are tunneled over the backbone carrier.

The customer carrier transport routes are in a VRF SAFI 128 and don’t touch the backbone carrier global table.  BGP LU is enabled on the eBGP connection PE-CE for the transport label binding and is identical to inter-as Opt B usage of BGP-LU and then the customer carrier transport prefixes  routes sit in SAFI 128 eBGP VPN IPV4 VPN IPV6.

You mention in the draft inter-as opt B interchangeably with CSC which they both are similar but very different.  However, I believe you are trying to address deficiencies with only CSC.

As RFC 4364 CSC had been deployed for years by many carriers and it scales very well.  I am trying to understand the issues and gap related to CSC.

So with this new SAFI the intent is to not have a hierarchical VRF and instead this new BGP-CT Transport rib.

What is the impact to existing CSC deployments using hierarchical VRF.  How would you address backwards compatibility.


Kind Regards

Gyan

On Sun, Oct 18, 2020 at 7:39 AM Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>> wrote:
Hi Kaliraj,

Just a few points as a follow up on your note.

Ad 1 - The point was that you can carry mapping (or if you will stitching information) by extending with new draft encoding defined in draft-ietf-idr-tunnel-encaps.

As you know tunnel SAFI (5512) was deprecated and going forward the recommendation is to use a new encap attribute. That is why I suggest you consider the use of a new attribute attached to RFC3107 SAFI 4 instead of defining new SAFI.

Ad 2a - You say "it will work" then just a few lines below you admit the current draft only addresses MPLS stitching via ASBR/ABRs.

Ad 2b - All three points on value of MPLS Inter-AS or Inter-area stitching are quite questionable even in brownfield deployment. But that's not the point to debate any more here. Market will decide.

Ad 3 - No I was not asking for yet one more abuse of flowspec use case. I was not asking for new ACL based mapping to specific VRF either. If your draft is about "BGP Classful Transport" it better also define "Classful RIB" where forwarding decision is done not only based on destination address and its next hop but also on other fields in the packet. That was the first thing I was curious to see in your new SAFI definition but there is none.

Ad 4 - I was asking where exactly is the Longest Prefix Match performed ? Based on aggregates generated by which network element and which protocol ? What set of destinations does the aggregate cover ? Assuming option-C don't you still need to leak all /32s or /128s across the domains - or you assume RFC5283 is in use ? I think it would help whoever is reviewing this work to have an end to end illustration of how each SN/BN/RR hop service route and its next hop changes as well as how underlay transport and overlay tunnels are advertised at each BN with the use of real IP addresses and labels. Even Shraddha's blog post does not go into that level of details.

Many thx,
Robert



On Sun, Oct 18, 2020 at 1:47 AM Kaliraj Vairavakkalai <kaliraj@juniper.net<mailto:kaliraj@juniper.net>> wrote:
Hi Robert, thanks for the comments. Please see inline.

From: Robert Raszuk <robert@raszuk.net<mailto:robert@raszuk.net>>
Date: Saturday, October 17, 2020 at 8:30 AM
To: Kaliraj Vairavakkalai <kaliraj@juniper.net<mailto:kaliraj@juniper.net>>, Natrajan Venkataraman <natv@juniper.net<mailto:natv@juniper.net>>, Balaji Rajagopalan <balajir@juniper.net<mailto:balajir@juniper.net>>
Cc: "idr@ietf. org" <idr@ietf.org<mailto:idr@ietf.org>>
Subject: BGP Classful Transport Planes

[External Email. Be cautious of content]

Hi,

I have read https://tools.ietf.org/html/draft-kaliraj-idr-bgp-classful-transport-planes-01<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-kaliraj-idr-bgp-classful-transport-planes-01__;!!NEt6yMaO-gk!Xg6xfSibwETZhsptdOJv2QL0vVF8WVkztqeHhepYnVCyfQQAMILyPEH9JnXnhQDO$>
and have few questions & observations.

1.

> A domain boundary is demarcated by a rewrite of BGP nexthop to 'self' while
> readvertising tunnel routes in BGP.

For advertising tunneling in BGP we already have a number of options. Starting from RFC5512 through draft-ietf-idr-tunnel-encaps-19 or https://tools.ietf.org/html/draft-ietf-intarea-tunnels-10<https://urldefense.com/v3/__https:/tools.ietf.org/html/draft-ietf-intarea-tunnels-10__;!!NEt6yMaO-gk!Xg6xfSibwETZhsptdOJv2QL0vVF8WVkztqeHhepYnVCyfQQAMILyPEH9Jl8x4R7Q$>

Q: Do we really need more signalling extensions instead of working with existing protocols to accommodate new applications ?

This is not an extension parallel to TEA. The above para means to say, when BGP speaker does nexthop-self on a advertised transport-route, the details of the intra-domain tunnel used in the advertising-domain is hidden from the BGP-speaker in the other domain receiving the route. Because it sees as nexthop only the advertising BGP-speaker.

Such nexthop-self happens in
·   option-B VPNs, at the Service-ASBRs  (BGP-L3VPN families)
·   option-C VPNs, at the Transport-ASBRs or BGP ABRs (BGP-LU and BGP-CT are examples of this)

So this act of doing nexthop-self demarcate the boundary between two domains. That boundary either link on an inter-AS link, or an ABR.

May be I should clarify the statement to use “transport-route” instead of tunnel-route. Will that make it clear?

2.

> The path uses MPLS label-switching when crossing domain boundary

So if the network for any reason does not use MPLS in its data plane - what you are proposing here simply is not going to work. Just for clarity MPLS can be used for service plane demux while transport can still be pure IP.

It will work. There are two cases here:
·   intra-AS non-MPLS-tunnel.



As explained above, details of what type of intra-AS tunnel is used is confined to the tunnel boundary nodes. And we can encapsulate MPLS-traffic on other type of tunnels. So this will work.


·   Inter-AS non-MPLS data-plane.



Yes, in this document we take the case of inter-AS link running MPLS data-plane. Because that is the most prevalent deployment today. But we have put thought into how the mechanisms prescribed in this document can work with non-MPLS data-planes also. But they are out of scope of this document.



In brief, instead of doing MPLS label-swap on the inter-AS link, we can do plain IPv6 forwarding. We may have a separate document in future, that will explain how mechanisms in this document adapt to SRv6 data-plane.




In contrast if you are carrying your services with SRv6 across your domains you actually have Seamless SR for free without yet another BGP SAFI and stack of tunnels.

   Supporting inter-AS MPLS data-plane has the following advantages:
·   Uses and builds on top of deployment experience that we have gained thru the years.
·   Preserves returns on investment made in existing deployments. i.e. Brown-field networks.
·   Scales better. Because MPLS allows us to do build network hierarchies with nexthop chaining and label-stacks.

   But yes, if a green-field network decides to use IPv6 end-to-end, there are two ways it can be done:
·   Use IPv6 for control-plane, and MPLS in the data-plane.
·   Use IPv6 in the data-plane as-well. Even in this case, association of IPv6-tunnel endpoints with appropriate transport-class will be required. Which can be achieved with BGP-CT.

In summary, mechanisms described in BGP-CT are agnostic to
·   What type of tunneling technology is used in the intra-AS transport-layer
·   And what type of data-plane is used on the inter-AS links. Though the draft uses MPLS.

I will clarify the same in this draft. That, this draft uses MPLS as the defacto inter-AS data-plane, but the mechanisms will work with non-MPLS data-planes also. Future documents will specify details on how.

3.

>  Overlay routes carry sufficient indication of the Transport Classes they should be encapsulated over,
> in form of BGP community called the "mapping community".

My feedback here is that granularity to color routes and group routes into transport classes is not sufficient.

If I have a cluster of compute servers which I advertise as a single address block I must have ability to define and disseminate flows in/out such cluster on a per application basis (ideally per flow 5 tuple).

At min per dst port granularity would be must have. Just doing the dst based ip lookup and based on that placing the switching via proper color of inet.3 RIB will just not cut it.

Please note, BGP-Flowspec routes can be colored appropriately to achieve what you describe here. Flowspec becomes just another service-family that can resolve over transport-classes created by BGP-CT.

So, you could have an inet-unicast service-route advertised for the ‘cluster of compute servers’ with desired color mapping-community.

And further, inet-flowspec route with the 5-tuple can be advertised, with redirect-to-ip nexthop and color mapping community. Such that any flow mathing this flowspec route is redirected using the transport-class, that the color mapping community maps to.

Does that address this comment?

If yes, I can add some text to the draft describing the flowspec use-case.

4.

> Based on the mapping community, "route resolution" procedure on the ingress node selects from the
> corresponding Transport Class an appropriate tunnel whose destination matches (LPM) the nexthop
> of the overlay route.

Assume I am using inter-as option C across my domians.  So VPNv4 AF carries service routes with remote PEs next hops.

Can you elaborate or better update the draft with a new section describing in detail the relation between transport next hops, border nodes and service next hop for a given service route across 3 domains ?

Sure. We will add text to the draft describing this. in brief,

At the Transport BNs:
·   It will have BGP-CT route for remote-PE/32 in gold transport-RIB.
·   This BGP-CT route will be marked un-usable, if there is no routes in the gold transport-RIB matching remote-PE/32
·   It Will create mpls swap-routes when readvertising the BGP-CT route.

At the Ingress SN:
·   It will have the BGP-CT route for remote-PE/32 route in gold transport-RIB, when gold-connectivity exists end to end.
·   Service-routes carrying gold mapping-community will resolve using this gold transport-RIB route.

For example what is not stated in the draft - if LPM match is sufficient here do you depend on BGP-CT to remove the advertisements to remote overlay tunnel endpoints when such endpoint fails ?

Yes. The BGP-CT routes for a gold transport-class will fail resolving it’s nexthop if no gold tunnels exist. So, BGP-CT will not advertise it further. This is similar to the rules followed by any BGP-family regarding nexthop resolution.

Then how about not complete failure but partial service degradation (for example increased fabric drops) ? How do you intend to detect those and automate say "gold" class bypass around such BNs ?

BGP-CT will depend on the individual intra-domain transport-tunneling technologies to monitor such metrics, and classify whether ‘gold reachabilty’ exists to the nexthop in question. BGP-CT provides a way to collect such information procured from various intra-domain tunnels, and stich it across multiple domains and give an end to end picture to the service routes. How exactly such parameters are monitored will be left to the purview of the individual tunneling technologies.

e.g. RSVP or SRTE can monitor such parameters at nodes along the path, and give feedback to the RSVP/SRTE ingress node, which either adjusts the ingress route in gold transport-RIB, or takes down the gold transport-route. Which will trigger appropriate response in the BGP-CT layer.

5.

> baby carrier

Nice !

Never used such term when describing CSC to customers  :-)

Thanks! :)

Once we reach consensus on the various points discussed in this thread, we will update the draft.

Balaji, Natz, Shradha, please add if anything.

Thanks,
Kaliraj




Juniper Business Use Only
_______________________________________________
Idr mailing list
Idr@ietf.org<mailto:Idr@ietf.org>
https://www.ietf.org/mailman/listinfo/idr<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/idr__;!!NEt6yMaO-gk!U8HbQ5jZBlsxEu8405jmF-287HZ0Rs-PwJCc2URxQqPyf59kvSU9h1YXFcFZxEh2$>
--

[Image removed by sender.]<https://urldefense.com/v3/__http:/www.verizon.com/__;!!NEt6yMaO-gk!U8HbQ5jZBlsxEu8405jmF-287HZ0Rs-PwJCc2URxQqPyf59kvSU9h1YXFRulXXkX$>

Gyan Mishra

Network Solutions Architect

M 301 502-1347
13101 Columbia Pike
Silver Spring, MD



Juniper Business Use Only

v2.23.0 | Report a Bug | By Email