Re: [Idr] Comments about BGP UPDATE for SDWAN Edge Discovery
Linda Dunbar <linda.dunbar@futurewei.com> Tue, 07 July 2020 21:07 UTC
Return-Path: <linda.dunbar@futurewei.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCF9C3A0AB5; Tue, 7 Jul 2020 14:07:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.078
X-Spam-Level:
X-Spam-Status: No, score=-2.078 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_RATIO_06=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bTfpCV933u7z; Tue, 7 Jul 2020 14:07:30 -0700 (PDT)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2138.outbound.protection.outlook.com [40.107.244.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 504BC3A0AB0; Tue, 7 Jul 2020 14:07:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=albD5BvxuP4Vzda/8zddWLRj37RmZV7RpiPFR8Sh6iIp3P/RGKUrvYBNorj+mb1lvuEplxufd0o6BkCbui3kajUm55IPX/+r6YZZASBnVz5gxZ5l20EydtDj7HtygE6EH6qNIilzEzlbvcge2+6FgtB0ekUHRKNp5QBwTTsYHM+GxLcMVI3kukQilNCvfYR8UtidlOG6XulDT9w+z+/euXN/cPjkSlFNFA+hHx+O5NmtkmiKW3xlo/I2lxlwwwZpijVeswDXT2MUSl0d6dg/ZJwEjtCQ6e1yAp53dIXGYlzTw4tQPc1lwoaBkPl0v7uRHg59VKV9Bn8J0HGP1x18Vg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=n/PnxbOE4jyzQIHR3JJ3YN0NQlh9WiR6PdmjqG+Il4s=; b=cy5aL9IxU8aR2KHb8ruicjeAejwQ0eYrjlSrtLjlBczpgMA0kOSw1oBdqhK/QXXDk8FPwYx7MbtnXUI3cDyiyv+NH0TBBtxD+tDx5NcwrSUtqeJVNdXiSZT+Im9ybbCaUbB6BtyBnBOKNEggcYjsTNko5OmkcXEvhGntQNOLwFKkQudNuhwK67c4Tnh3zPUe9tGuJDuWbKHOKu3jPJ7HHTTl0rnAkmAfLYDhsZ6ktdmG4Tlhryb2DtZqy4oS6Y7SZayhZiKQPfzHgDJSj5EgnwX8a9uuJniZ1KDOYDx8Bi18CpXrnkLxmsxZnKhERiqKiE/STvw/bV7mwK68RZpKZQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=futurewei.com; dmarc=pass action=none header.from=futurewei.com; dkim=pass header.d=futurewei.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=n/PnxbOE4jyzQIHR3JJ3YN0NQlh9WiR6PdmjqG+Il4s=; b=KMHsb4RlJajSdEdZYjmLKIfomrc/WUfdfXpee/uoPhxmqjK2JZRxI99xgu6g/QvNSP/1mVSwCvcGRvmq0WdhP8GDLnrqAkVt3AQLH8fqZXK7LHxJs2RYlzHKZQWgdeksK61FNt7GJYW120dzgRU6eyaXZYs9QC/zfAN871aURgg=
Received: from SN6PR13MB2334.namprd13.prod.outlook.com (2603:10b6:805:55::16) by SA0PR13MB3952.namprd13.prod.outlook.com (2603:10b6:806:72::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.8; Tue, 7 Jul 2020 21:07:24 +0000
Received: from SN6PR13MB2334.namprd13.prod.outlook.com ([fe80::783f:2d78:2f9f:3116]) by SN6PR13MB2334.namprd13.prod.outlook.com ([fe80::783f:2d78:2f9f:3116%7]) with mapi id 15.20.3174.020; Tue, 7 Jul 2020 21:07:24 +0000
From: Linda Dunbar <linda.dunbar@futurewei.com>
To: "Wanghaibo (Rainsword)" <rainsword.wang@huawei.com>, "draft-dunbar-idr-sdwan-edge-discovery@ietf.org" <draft-dunbar-idr-sdwan-edge-discovery@ietf.org>, "'idr@ietf. org'" <idr@ietf.org>
Thread-Topic: Comments about BGP UPDATE for SDWAN Edge Discovery
Thread-Index: AdZUK2fp0D6YN040S9Sxf/+BrzBFnQAbgCnA
Date: Tue, 07 Jul 2020 21:07:24 +0000
Message-ID: <SN6PR13MB23345499980E157748DCA25285660@SN6PR13MB2334.namprd13.prod.outlook.com>
References: <80c3fce20c5e406286fe2e2e10507906@huawei.com>
In-Reply-To: <80c3fce20c5e406286fe2e2e10507906@huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: huawei.com; dkim=none (message not signed) header.d=none;huawei.com; dmarc=none action=none header.from=futurewei.com;
x-originating-ip: [72.180.73.64]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7592c799-ec2b-4b40-02f0-08d822b9bf21
x-ms-traffictypediagnostic: SA0PR13MB3952:
x-microsoft-antispam-prvs: <SA0PR13MB39529D6560CAF36775FB0B1D85660@SA0PR13MB3952.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: HcFhMFYO1NPQADRWdgpFRKAyXST8JCSSo/vyp6uwjNxw/bOzp7jttHId4Q9vyUlqq3DDGvqZqz9/uPLRrCmU8mkB1n7clFfQdV1GWOGQJUFA6NtJqjz6XoBZzylvvra2UfVlDtxvXIfKNDwXYiQhphPUgzcyGGEN94+dk/jQW8oXictxBI+fVUZQ3yL/ZM1vRt/HGmYswoENaNhVAaz5IAtqczakQonYMHgwaY1g6rzlKRtOlkUmgbeS+qN/mps88kIY90Ili+Bg5Tki9PKjIECkOB73Zc1aa9dhRbi9XaNKkr+xOAKaYoEDGa5S8xGNIBsUycyt/u3dVzNIBm+SGPcspfnSbkT5QH52I/isMHBn7adBBnjum/KcOBCHmJZmBhAFqBzlJulRSTeh2qSaBw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SN6PR13MB2334.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(39840400004)(346002)(376002)(396003)(136003)(316002)(186003)(8936002)(83380400001)(166002)(478600001)(2906002)(33656002)(7696005)(15650500001)(110136005)(6506007)(53546011)(8676002)(5660300002)(86362001)(26005)(99936003)(55016002)(9686003)(44832011)(71200400001)(52536014)(76116006)(66556008)(66476007)(66446008)(66946007)(66576008)(64756008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: bXMLDerriNS8qbp7N7HwoqlTmmgQ1y3Q6KNTYD5lorFg3BwpPnBEZMw/UTTibAkjtQMK/VaVSR8NmtR5GfLK4vkSmAjHvw4XXijJnpmViqgkcamg79lDhi1oHTydiM0HigDSE4BYLjpqehUCoCYNUlGRQhR1So3te31FfHK4ru1NeJM9St0G9jE8pZ4CB9fHNzdS1MY2oQASI3XFByaF0quLrR3xu38y7SGJreAYbtRrcZl0xg/wYnJTnH0+sgm53v0WKZT+4jWv50uKKFMJfn0P50VlxOIUJuOQUypF/vNV2+HVaGkTGOfyEhnvwk9r7hB54DfPKqRLRe1xFPsQ+SzKKK+gityCXvvORtkQOmc/WpyGvUsNWSnQcsMaAAYlq2+ghCv48BiVOCBdNa/BpKHZ7PMaGQolExBbDBRbzgDWcsGB2ARO9n7ELnWAfCApqfAqrR5O3e/NSz4a0qJzhpGw4GzRWxbTNU+kp/dNbyg=
x-ms-exchange-transport-forked: True
Content-Type: multipart/related; boundary="_005_SN6PR13MB23345499980E157748DCA25285660SN6PR13MB2334namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SN6PR13MB2334.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7592c799-ec2b-4b40-02f0-08d822b9bf21
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jul 2020 21:07:24.2521 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: YtGGaYOcXZcSiuH6YNaUitP/tNroLVz1PF52o9Ig93RV26cBpuoyjlKNNdWYcHUTlmo7RTxhhQ76A2U7603hwg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR13MB3952
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/KA6Byyv14XbpkoEu_e3p9G-Qpwo>
Subject: Re: [Idr] Comments about BGP UPDATE for SDWAN Edge Discovery
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2020 21:07:33 -0000
Haobo, Thank you very much for the comment. What you suggested is an optimization. Using the Figure below as an example, there are multiple IPsec SAs terminated at 192.0.0.1 port and multiple IPsec SAs terminated 170.0.0.1 respectively on C-PE2. C-PE2 can use flat IPsec SA IDs to distinguish all the SAs, such as SA-ID =1~5 refers to the IPsec SAs terminated at the port 192.0.0.1. SA-ID = 100~105 refers to the IPsec SAs terminated at 170.0.0.1. Then the route update for prefix 10.1.1.x can just include a list of SA-IDs that the prefix 10.1.1.x can be carried in the Tunnel -Encap Attribute. [cid:image002.png@01D65478.B2B95F30] [cid:image006.png@01D65478.B2B95F30] What illustrated in the draft is the first step for IDR WG to agree upon the basic scheme. The optimization can be added after the IDR WG agrees upon the basic scheme of using pointer to SA ID, instead of attaching all the SA attributes. Linda Dunbar From: Wanghaibo (Rainsword) <rainsword.wang@huawei.com> Sent: Tuesday, July 7, 2020 7:22 AM To: draft-dunbar-idr-sdwan-edge-discovery@ietf.org; 'idr@ietf. org' <idr@ietf.org> Subject: Comments about BGP UPDATE for SDWAN Edge Discovery Hi authors, 3.2. Basic Schemes BGP UPDATE from C-PE2 for the attached client routes is like: Extended community: RT for SDWAN Instance 1 Prefix: 10.1.1.x; 20.1.1.x NH: C-PE 2 Tunnel Encap Attr [AFI/SAFI = 1/1) MPLS-in-GRE [tunnel type=11] Sub-TLV for MPLS-in-GRE [Section 3.2.6<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-dunbar-idr-sdwan-edge-discovery-00%23section-3.2.6&data=02%7C01%7Clinda.dunbar%40futurewei.com%7C196ceb7841244c30cba908d822706a8b%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637297213507921765&sdata=F8VGU3Hx4XxGxm5b8dbfZN4hyi6dnc6P8pkhOax%2BCv4%3D&reserved=0> of Tunnel-encap] IPSec SA for 192.0.0.1 [tunnel type=4] Tunnel-End-Point Sub-TLV [Section 3.1<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-dunbar-idr-sdwan-edge-discovery-00%23section-3.1&data=02%7C01%7Clinda.dunbar%40futurewei.com%7C196ceb7841244c30cba908d822706a8b%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637297213507931768&sdata=gXQxD%2FO0VLRAr%2BzcDRO4VJnm87nIdKUpGimPtcwFBjI%3D&reserved=0> of Tunnel-encap] IPsec SA sub-TLV [See the Section 5<https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-dunbar-idr-sdwan-edge-discovery-00%23section-5&data=02%7C01%7Clinda.dunbar%40futurewei.com%7C196ceb7841244c30cba908d822706a8b%7C0fee8ff2a3b240189c753a1d5591fedc%7C1%7C0%7C637297213507931768&sdata=M8%2FRDP%2Bkw3aBV6ktdVnVRqq4LTHAry8mqxxK8%2FoCeYY%3D&reserved=0>] Tunnel Encap Attr [AFI/SAFI = 1/1) IPSec SA for 170.0.0.1 Tunnel-End-Point Sub-TLV /*the address*/ IPsec SA sub-TLV // Here one client route contained several Tunnel-Encap Attribute, but for BGP Updates, any attribute should not appears more than once // Another question. Why we use this attrbute to associate client routes with SD-WAN routes? Perhaps we may use some simple info like color extend-community (like sr-policy) Regards Haibo
- [Idr] Comments about BGP UPDATE for SDWAN Edge Di… Wanghaibo (Rainsword)
- Re: [Idr] Comments about BGP UPDATE for SDWAN Edg… Linda Dunbar