IETF Logo Mail Archive

Re: [Idr] 6PE-Alt draft

"Rajiv Asati (rajiva)" <rajiva@cisco.com> Sun, 03 February 2008 16:02 UTC

Return-Path: <idr-bounces@ietf.org>
X-Original-To: ietfarch-idr-archive@core3.amsl.com
Delivered-To: ietfarch-idr-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 776AE3A6C8D; Sun, 3 Feb 2008 08:02:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.208
X-Spam-Level:
X-Spam-Status: No, score=-4.208 tagged_above=-999 required=5 tests=[AWL=0.108, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, J_CHICKENPOX_23=0.6, RCVD_IN_DNSWL_MED=-4, URIBL_RHS_DOB=1.083]
Received: from core3.amsl.com ([127.0.0.1]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EkyPtz48B15c; Sun, 3 Feb 2008 08:02:29 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3177E3A6C73; Sun, 3 Feb 2008 08:02:29 -0800 (PST)
X-Original-To: idr@core3.amsl.com
Delivered-To: idr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C4813A6C73 for <idr@core3.amsl.com>; Sun, 3 Feb 2008 08:02:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nKdan9+dMXR1 for <idr@core3.amsl.com>; Sun, 3 Feb 2008 08:02:26 -0800 (PST)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 167E63A6C6F for <idr@ietf.org>; Sun, 3 Feb 2008 08:02:26 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.25,298,1199682000"; d="scan'208";a="85357683"
Received: from rtp-dkim-2.cisco.com ([64.102.121.159]) by rtp-iport-1.cisco.com with ESMTP; 03 Feb 2008 11:03:57 -0500
Received: from rtp-core-2.cisco.com (rtp-core-2.cisco.com [64.102.124.13]) by rtp-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id m13G3vqh023843; Sun, 3 Feb 2008 11:03:57 -0500
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by rtp-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id m13G3ui3010773; Sun, 3 Feb 2008 16:03:57 GMT
Received: from xmb-rtp-20b.amer.cisco.com ([64.102.31.53]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Sun, 3 Feb 2008 11:03:56 -0500
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sun, 03 Feb 2008 11:03:56 -0500
Message-ID: <15B86BC7352F864BB53A47B540C089B604DAB4DB@xmb-rtp-20b.amer.cisco.com>
In-Reply-To: <77ead0ec0802011329x705024e3ubb514e9556238eb6@mail.gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Idr] 6PE-Alt draft
Thread-Index: AchlGZctdmM8cIfjR2GrfWVeU6o6TQAM3OTw
From: "Rajiv Asati (rajiva)" <rajiva@cisco.com>
To: Vishwas Manral <vishwas.ietf@gmail.com>
X-OriginalArrivalTime: 03 Feb 2008 16:03:56.0927 (UTC) FILETIME=[619730F0:01C8667E]
Authentication-Results: rtp-dkim-2; header.From=rajiva@cisco.com; dkim=pass ( sig from cisco.com/rtpdkim2001 verified; );
Cc: idr@ietf.org, Jan Novak <jjjnovak@hotmail.com>, Ooms Dirk <dirk@onesparrow.com>, "Francois Le Faucheur (flefauch)" <flefauch@cisco.com>
Subject: Re: [Idr] 6PE-Alt draft
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: idr-bounces@ietf.org
Errors-To: idr-bounces@ietf.org

Hi Vishwas,

> I agree the security part of VRF is incomparable. However what about
> the use of route distinguisher (RD) when the routes themselves are
> unique.

RD is certainly quite useful even if the VPN routes are unique.

Please consider the multi-homed VPN site in a BGP/VPN network having
route reflector(s). Even if the VPN routes (advertised by the
multi-homed VPN site) are unique, without RD, each remote PE routers in
the BGP/VPN network would get only one path to the VPN route (because
the Route Reflector would select and advertise only the bestpath). This
means no traffic loadsharing to the route(s) in multi-homed VPN site.

With RD, the loadsharing can be easily provided, assuming unique RD per
VRF per PE is put in place. This is already a common practice in
deployments out there.

Anyway, we digress from the main point in which your draft is proposing
an alternative to the 6PE, not to the 6VPE. 

Cheers,
Rajiv

PS: This could have also been solved if the BGP route reflector
advertised multiple paths besides the bestpath.


> -----Original Message-----
> From: Vishwas Manral [mailto:vishwas.ietf@gmail.com] 
> Sent: Friday, February 01, 2008 4:30 PM
> To: Rajiv Asati (rajiva)
> Cc: Jan Novak; idr@ietf.org; Francois Le Faucheur (flefauch); 
> Ooms Dirk
> Subject: Re: [Idr] 6PE-Alt draft
> 
> Hi Rajeev,
> 
> I agree the security part of VRF is incomparable. However what about
> the use of route distinguisher (RD) when the routes themselves are
> unique.
> 
> That is the reason the draft does not say it is replacing
> BGP-MPLS-IPv6 VPN, it says it could be used as an alternative to
> getting the same functionality, without having to actually implement
> the entire big peace of code required for the same, with added
> policies.
> 
> Thanks,
> Vishwas
> 
> On Feb 1, 2008 12:23 PM, Rajiv Asati (rajiva) 
> <rajiva@cisco.com> wrote:
> > Hi Vishwas,
> >
> > Good discussion.
> > It was interesting to see the following excerpt wrt 6VPE -
> >
> > > become IPv6 and the network may still have IPv4. If the assumption
> > > that each device in the IPv6 networks has a Global IPv6 
> address (not
> > > that IPv6 site local has been deprecated), we can do without the
> > > entire BGP MPLS IPv6 VPN functionality.
> >
> > Assuming PE-to-PE tunneling is still in place, yah, you are 
> right from
> > the routing perspective in 6VPE. But how would we prohibit 
> one IPv6 site
> > communicating with another IPv6 site belonging to different 
> enterprises.
> >
> > AFAIK, the benefit of having VRF is beyond just the 
> routing. And that's
> > one of the key components of BGP IP VPN functionality. 6VPE 
> indeed has
> > merits.
> >
> > Perhaps, you intended to point to something else in BGP IPv6 VPN
> > functionality.
> >
> > Cheers,
> > Rajiv
> >
> >
> > > -----Original Message-----
> > > From: Vishwas Manral [mailto:vishwas.ietf@gmail.com]
> > > Sent: Thursday, January 31, 2008 10:01 AM
> > > To: Jan Novak
> > > Cc: idr@ietf.org; Francois Le Faucheur (flefauch); Ooms Dirk
> > > Subject: Re: [Idr] 6PE-Alt draft
> > >
> > > Hi Jan,
> > >
> > > I am CC'ing the authors of the 6PE draft to get their 
> views. Let me
> > > explain the draft in greater detail however.
> > >
> > > In 6PE, MP-BGP SAFI family label is used to exchange 
> routes between 2
> > > 6PE routers (a new AFI/ SAFI combination is defined). 
> Each route is
> > > attached with a label (which may be the IPv6 Explicit 
> NULL label). In
> > > the data-plane this label is used as the inner label and the other
> > > label is the tunnel label, which gets the packet from source PE to
> > > destination PE. Once the packet gets to the destination 
> PE, the inner
> > > label is looked up and a POP operation is done on it and the IPv6
> > > header is looked up in the routing table.
> > >
> > > With 6PE-Alt, no additional signaling mechanism is 
> required. All we
> > > need to do is instead of using the signaled label as the 
> inner label,
> > > we use the IPv6 Explicit NULL label. The same operations 
> happen as 6PE
> > > without any explicit signaling of the labels with each 
> route. It helps
> > > prevent all the excess signaling and still providing the 
> exact same
> > > functionality. We are using the meaning implied in the 
> "Explicit NULL
> > > Label". We do not need to signal anything here.
> > >
> > > As an alternate, if you notice in IPv6, the end sites/ 
> devices will
> > > become IPv6 and the network may still have IPv4. If the assumption
> > > that each device in the IPv6 networks has a Global IPv6 
> address (not
> > > that IPv6 site local has been deprecated), we can do without the
> > > entire BGP MPLS IPv6 VPN functionality.
> > >
> > > Thanks,
> > > Vishwas
> > >
> > > On Jan 31, 2008 6:31 AM, Vishwas Manral
> > > <vishwas.ietf@gmail.com> wrote:
> > > > Hi Jan,
> > > >
> > > > You may be missing the scope of the document. There is a
> > > discussion in
> > > > the v6ops group too which .
> > > >
> > > > The idea is simple. We do not need to define a new AFI/ SAFI
> > > > combination to achieve the 6PE functionality. We can 
> just use the
> > > > meaning implied in the IPv6 Explicit NULL label. The 6PE
> > > RFC does talk
> > > > about allowing signaling for the Explicit NULL label in
> > > which case the
> > > > dataplane functionality becomes just the same, but in 6PE
> > > even that is
> > > > signaled using BGP extensions defined in RFC3107.
> > > >
> > > > Thanks,
> > > > Vishwas
> > > >
> > > >
> > > > On Jan 31, 2008 2:14 AM, Jan Novak <jjjnovak@hotmail.com> wrote:
> > > > >
> > > > >
> > > > > Hi,
> > > > >
> > > > > Just out of curiosity - lets say you have two IPv4 VPNs with
> > > > > overlapping set of Pes and both of them want to provide 6PE
> > > > > service.
> > > > > When the explicit-null encapsulated packets from two different
> > > > > VPNs (but same PE) arrive to the other side PE - how do you
> > > > > decide which is which - e.g. which packet should be shipped to
> > > > > which VPN ??
> > > > >
> > > > > Jan
> > > > >
> > > > >
> > > > > 
> _________________________________________________________________
> > > > > Telly addicts unite!
> > > > > http://www.searchgamesbox.com/tvtown.shtml
> > > >
> > >
> >
> > > _______________________________________________
> > > Idr mailing list
> > > Idr@ietf.org
> > > https://www1.ietf.org/mailman/listinfo/idr
> > >
> >
> 
_______________________________________________
Idr mailing list
Idr@ietf.org
http://www.ietf.org/mailman/listinfo/idr

v2.23.0 | Report a Bug | By Email