IETF Logo Mail Archive

Re: [Idr] Tunnel-Encap Gaps for SD-WAN described in draft-ietf-rtgwg-net2cloud-gap-analysis-02.txt

Robert Raszuk <robert@raszuk.net> Wed, 26 June 2019 23:32 UTC

Return-Path: <robert@raszuk.net>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 763DF12012A for <idr@ietfa.amsl.com>; Wed, 26 Jun 2019 16:32:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=raszuk.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id atPacCjsgElO for <idr@ietfa.amsl.com>; Wed, 26 Jun 2019 16:32:50 -0700 (PDT)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C27451200D5 for <idr@ietf.org>; Wed, 26 Jun 2019 16:32:49 -0700 (PDT)
Received: by mail-qt1-x834.google.com with SMTP id w17so466334qto.10 for <idr@ietf.org>; Wed, 26 Jun 2019 16:32:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raszuk.net; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=OH1/0Od9k3gUwwfIX1dYpua/S8d/AUSTRsm6U2bwVuk=; b=EC4Slyxq5YUW1N7ZIe/h+6SWFHFl+Uk49qLacSUUjIiFH+ZOHEs/G21/dKJPSH5utx iEcMqkQTPVXXV5nVTbQP1cBuNqnpxMAAREgv/n5o4nLZKoH13XFBuYpOBbJtY2G0xppU Tg0usMTyTRrlU2nN2JGC3c3rzZVykU8LIgniOQVMU/LU7Sm2h5fyDKlmeOEA45rD4cus T1+9SbmiE7O1ilMiVm5GopQ2EFE7NfjwT+KU4f/oaomyuZvmzNU1tze1+00H9+NDVijP R8AbwU4dq/dEDIgWZlTltOvHf38LqEGMKHkRyvLDlQI+LhofTuM5Cr4n9L3Peg++7f7t Mu1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=OH1/0Od9k3gUwwfIX1dYpua/S8d/AUSTRsm6U2bwVuk=; b=MPlTNvs+VmZVHjc6QbqF0I2IkxwfQB3T5axjK9dHOXdF2ddf0itz+YGoZVYoNcQhXd 5Xxe2nMA9BTfQsw8r5FDZu1Im1jGogaPwcJDb/yIByX9qVS0DPUowDPKBkdZLbKNQFPb kyE1j1Y5pSAcBebFlxsc+ZdzZNjJzNTxii7l0yr4rkQfmA+PHBa8JVUY3KzWGSicRKhQ X1Jh4zwDTmRfMYVif6PzeZoMQtFeTVgEOajxfqJDJtOA+vD8s7UEAd+5j1iQGJW9hE8z M//yBpwJFN8CQMImZtDKxgtnyfVMcQWd3vqYH18Fk4F0JHScTybDiGFmaLc1sSgoLfMJ NYyw==
X-Gm-Message-State: APjAAAUtnhejfYr2nw9EeKepX0y9FhUYNWWo611esD9DgL96ceHq7HJg s8ITk2xRxFp19NReyg24ZMdyvIuO+mRqTAs0+03BKw==
X-Google-Smtp-Source: APXvYqy/rQrDTCNUhwAmEMyNpx710hmAKbBT0QFQKXiT56Rqrj1ThtAei8c3XDKOWbISI63Sq0mvvmZbkwIrxGakg1o=
X-Received: by 2002:aed:228d:: with SMTP id p13mr506789qtc.208.1561591967804; Wed, 26 Jun 2019 16:32:47 -0700 (PDT)
MIME-Version: 1.0
References: <MN2PR13MB358267E50BCEB2E7795046B785E50@MN2PR13MB3582.namprd13.prod.outlook.com> <BYAPR05MB5029672CA347E6EC1B94E476C7E40@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB358228DB2D7DD56204660F6985E40@MN2PR13MB3582.namprd13.prod.outlook.com> <BYAPR05MB502933857FE0AFBA3390734DC7E40@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB3582B880C792E0519A3A91C385E40@MN2PR13MB3582.namprd13.prod.outlook.com> <BYAPR05MB5029581D97C82FA968601CCDC7E70@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB35826741E00B40BBFE12616085E70@MN2PR13MB3582.namprd13.prod.outlook.com> <4F580631-0E2D-4311-9EDC-E25A4862DD84@juniper.net> <BYAPR05MB5029D7B984EB0506C7773E63C7E20@BYAPR05MB5029.namprd05.prod.outlook.com> <CAOj+MMH-0qBkaroKJEdtjM1-7-ZjOY1mWBkS7hLo8FOC_5A+Og@mail.gmail.com> <BYAPR05MB50295A1AC3FB482F39249D0AC7E20@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB3582DDE034FA9E1C1D4970CD85E20@MN2PR13MB3582.namprd13.prod.outlook.com> <76C21490-A26F-4C88-9F04-FBE6B0F07D41@juniper.net> <MN2PR13MB358203E404B3A94C7D3F15AA85E20@MN2PR13MB3582.namprd13.prod.outlook.com> <D4DB28DD-D3BD-4F5B-95B4-D92BE6EEB584@juniper.net>
In-Reply-To: <D4DB28DD-D3BD-4F5B-95B4-D92BE6EEB584@juniper.net>
From: Robert Raszuk <robert@raszuk.net>
Date: Thu, 27 Jun 2019 01:32:36 +0200
Message-ID: <CAOj+MMEUiGRSMdnh9Y-oxEQjv7BXwhKi5vv+D76TnhNU2Q3FoA@mail.gmail.com>
To: John Scudder <jgs@juniper.net>
Cc: Linda Dunbar <linda.dunbar@futurewei.com>, John E Drake <jdrake@juniper.net>, "idr@ietf.org" <idr@ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008682ff058c42762b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/JItRKfqgXqjnzJkpSQIjVtxX-Us>
Subject: Re: [Idr] Tunnel-Encap Gaps for SD-WAN described in draft-ietf-rtgwg-net2cloud-gap-analysis-02.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 23:32:53 -0000

Under what scenarios, the address in “Remote endpoint sub-TLV” is different
from the ““UPDATE’s Network Address of Next Hop field”?


> When the tunnel endpoint is disjoint from the router that originates the
route carrying the tunnel-encap attribute. I think use cases are beyond the
> scope of the draft but it’s not hard to imagine one, for example a
controller (or controller-like device) directing traffic towards an
appliance that is
> capable of acting as a tunnel endpoint but doesn’t itself speak BGP.


I can think of even more basic example .. when UPDATE crosses EBGP boundary
between N number of ASes. Next hop field will be rewritten while tunnel
endpoint will stay. For example for the purpose of providing end to end
transport any inter-as application :) .












On Thu, Jun 27, 2019 at 1:23 AM John Scudder <jgs@juniper.net> wrote:

> (Still as an individual contributor of course.)
>
> On Jun 26, 2019, at 4:02 PM, Linda Dunbar <linda.dunbar@futurewei.com>
> wrote:
>
> [Linda] Your statement is indeed much clearer. Thank you.
>
>
> You are welcome.
>
> When a Node-A constructs this Tunnel-Encap UPDATE for routes attached to
> Node-A, does it use its own address in the “UPDATE’s Network Address of
> Next Hop field”?  Does it have the options of using Node-A’s “Loopback
> address”, or the address of one of the ports on Node-A’s ?
>
>
> Since the draft doesn’t supply any special rules for how to construct the
> next hop field, I would say existing rules apply. Generally all the options
> you listed are fine in normal BGP so I don’t see why they wouldn’t be here,
> too.
>
> If another node, say Node-B constructs this Tunnel-Encap UPDATE on behalf
> of Node-A,
>
>
> I’m not sure what this means.
>
> will the address in the “UPDATE’s Network Address of Next Hop field” same
> as the Node-A address?
>
>
> See previous.
>
> Under what scenarios, the address in “Remote endpoint sub-TLV” is
> different from the ““UPDATE’s Network Address of Next Hop field”?
>
>
> When the tunnel endpoint is disjoint from the router that originates the
> route carrying the tunnel-encap attribute. I think use cases are beyond the
> scope of the draft but it’s not hard to imagine one, for example a
> controller (or controller-like device) directing traffic towards an
> appliance that is capable of acting as a tunnel endpoint but doesn’t itself
> speak BGP.
>
> (Maybe this is what you meant by “on behalf of Node-A”? If so I don’t
> think it’s very important what the next hop is set to, although I think the
> most obvious and transparent thing would be to set it to an address of
> Node-B and list Node-A in the remote endpoint sub-tlv.)
>
> Apart from the plain reading of the text, the other reason I think the
> first interpretation is not correct is, how is a receiver supposed to know
> what “the originating node of the UPDATE message” is? Without specified
> procedures, that relate to fields within the message, it would be ambiguous.
> [Linda] Isn’t the Source Address of the UPDATE message same as the
> originating node of the UPDATE message?
>
>
> In BGP we have UPDATE messages and we have routes. UPDATE messages carry
> routes, but they aren’t the same as routes. Sometimes people talk about
> “forwarding UPDATEs” but that’s wrong. Routes are formally defined in RFC
> 4271 section 1.1:
>
>    Route
>       A unit of information that pairs a set of destinations with the
>       attributes of a path to those destinations.  The set of
>       destinations are systems whose IP addresses are contained in one
>       IP address prefix carried in the Network Layer Reachability
>       Information (NLRI) field of an UPDATE message.  The path is the
>       information reported in the path attributes field of the same
>       UPDATE message.
>
>
> A route can, and does, travel across multiple BGP peering sessions,
> potentially from one edge of the Internet to the other. By contrast, an
> UPDATE message never travels farther than from one peer to the next.
>
> So I guess we can say that the source address of the UPDATE message is the
> same as the originating node of the UPDATE message (or rather, the source
> address of the IP packet(s) carrying the TCP segment(s) that carry the
> UPDATE message is the same as an IP address of the originating node of the
> UPDATE message). But that has no guaranteed relevance to the *route*
> carried within the UPDATE message. To take a simple example, if the route
> is originated by PE1, sent to RR1, which sends it to RR2, which sends it to
> PE2, when PE2 considers the received UPDATE message, its source is RR2, but
> the originator of the route is PE1.
>
> —John
>

v2.14.0 | Report a Bug | By Email