Re: [Idr] Tunnel-Encap Gaps for SD-WAN described in draft-ietf-rtgwg-net2cloud-gap-analysis-02.txt

"Ali Sajassi (sajassi)" <sajassi@cisco.com> Fri, 28 June 2019 04:59 UTC

Return-Path: <sajassi@cisco.com>
X-Original-To: idr@ietfa.amsl.com
Delivered-To: idr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53BC412006B; Thu, 27 Jun 2019 21:59:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Ube5VVzV; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=k2+5y7mk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Al-743eu_TK3; Thu, 27 Jun 2019 21:59:30 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C41E41200B2; Thu, 27 Jun 2019 21:59:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12321; q=dns/txt; s=iport; t=1561697969; x=1562907569; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=/MB390uAB9R0HLEnn10q+lRJ3RT7daPMhaafX1mcpYA=; b=Ube5VVzVQF2rP7mrGohHHsPjAATb3O2MkYWvxaHqVOGaEhXUccdEeXG/ iUT2iOAgcc4A8Gt1FmeDN+R8d++Dwbcv6TD3Wf9MifIPw/xykdGN1Nq6I EsTV/rGoAbb+HdozDLnZq2OGu260X9xtkuErQsHLIwMatzCwddnZUIwqK M=;
IronPort-PHdr: 9a23:tj3R2BJ5ogUzlPalqNmcpTVXNCE6p7X5OBIU4ZM7irVIN76u5InmIFeBvad2lFGcW4Ld5roEkOfQv636EU04qZea+DFnEtRXUgMdz8AfngguGsmAXFbyLvfxdC0SF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ATAAAxnhVd/5pdJa1mGgEBAQEBAgEBAQEHAgEBAQGBVQMBAQEBCwGBFC8kLANqVSAECygKhBKDRwOOXII2JZJwhFSBLoEkA1QJAQEBDAEBLQIBAYRAAheCaSM2Bw4BAwEBBAEBAgEFbYo3DIVKAQEBBBIRHQEBJRIBDwIBCBEDAQIrAgICMB0IAgQBDQUigwABgR1NAx0BApp3AoE4iGBxgTKCeQEBBYUJGIIRCYE0AYteF4F/gTgME4IeLj6CYQSBf4JqMoImjl6Ee5ZRCQKCFpN1G4IrlTOKAIMpgTCSI4NLAgQCBAUCDgEBBYFXAy6BWHAVZQGCQYJBERIUgzqKU3IBgSiMZwGBIAEB
X-IronPort-AV: E=Sophos;i="5.63,426,1557187200"; d="scan'208,217";a="582395443"
Received: from rcdn-core-3.cisco.com ([173.37.93.154]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 28 Jun 2019 04:59:27 +0000
Received: from XCH-RCD-020.cisco.com (xch-rcd-020.cisco.com [173.37.102.30]) by rcdn-core-3.cisco.com (8.15.2/8.15.2) with ESMTPS id x5S4xRGn024743 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 28 Jun 2019 04:59:27 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-020.cisco.com (173.37.102.30) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 27 Jun 2019 23:59:26 -0500
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Fri, 28 Jun 2019 00:59:26 -0400
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Fri, 28 Jun 2019 00:59:25 -0400
ARC-Seal: i=1; a=rsa-sha256; s=testarcselector01; d=microsoft.com; cv=none; b=dYqFF9vOf/QnzuFPIzjTApCI2w/O/APt2zzFpfud3sAE6EI1jI9V3BEaLGrmMB7ncamZv1qXb903ayDh7+Q9XC7MtmkgGXsG8ynVA1+gJawwQyPNRLOyQYxclPjnjRiqOrlCYcDnp2Obf3Uw3fEIjd9JNjWKcNhyRCNFHD23UXg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=testarcselector01; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/MB390uAB9R0HLEnn10q+lRJ3RT7daPMhaafX1mcpYA=; b=ux4Sb7gWAEpWH2JeFGQfcwln2LBsQtjQO+sc3d//V590/yXZ0YnBEcEyi97dy8EX1vapxXDXaiHgFif+fZ7q652C+jszl+KphbOxuZ0EQUlH70+O8376dd1aofUbBGlA6q7z8J6dk01gdN0yKCytPmfAonQcqU72vOsKXjAZZ/A=
ARC-Authentication-Results: i=1; test.office365.com 1;spf=none;dmarc=none;dkim=none;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/MB390uAB9R0HLEnn10q+lRJ3RT7daPMhaafX1mcpYA=; b=k2+5y7mkCXPryWG4jGrN6eXHTPlWjXxjuGyiPPSkCAn7bXq9I4Set51kIzgEbu1jLb2iWi9gCsiFMTSBnFXStVT9eZKoDMPwY89TcgeNTUZptCHJevvVO2vo+vBhpYvTi60UfuPRSejFqQ2HF0dLjT7+VS2x2Rz9sFvSVgvylCI=
Received: from BN8PR11MB3699.namprd11.prod.outlook.com (20.178.220.95) by BN8PR11MB3553.namprd11.prod.outlook.com (20.178.218.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2008.16; Fri, 28 Jun 2019 04:59:24 +0000
Received: from BN8PR11MB3699.namprd11.prod.outlook.com ([fe80::bd14:30eb:9d07:7d29]) by BN8PR11MB3699.namprd11.prod.outlook.com ([fe80::bd14:30eb:9d07:7d29%6]) with mapi id 15.20.2008.018; Fri, 28 Jun 2019 04:59:24 +0000
From: "Ali Sajassi (sajassi)" <sajassi@cisco.com>
To: Robert Raszuk <robert@raszuk.net>, John E Drake <jdrake@juniper.net>
CC: "idr@ietf.org" <idr@ietf.org>, Linda Dunbar <linda.dunbar@futurewei.com>, John E Drake <jdrake=40juniper.net@dmarc.ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Thread-Topic: [Idr] Tunnel-Encap Gaps for SD-WAN described in draft-ietf-rtgwg-net2cloud-gap-analysis-02.txt
Thread-Index: AdUm2V3OpdsU1OeER3S07GObn2sxqQAuM8HQAAeqFDAAAhbNoAAAx2nAAB0KTXAAA76b8AECmC2AAACO5/AAAFwXAAAFHBggAAEJnoAAM1/EgA==
Date: Fri, 28 Jun 2019 04:59:24 +0000
Message-ID: <7EEDFCBE-58EB-4562-A766-5A3610198AED@cisco.com>
References: <MN2PR13MB358267E50BCEB2E7795046B785E50@MN2PR13MB3582.namprd13.prod.outlook.com> <BYAPR05MB5029672CA347E6EC1B94E476C7E40@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB358228DB2D7DD56204660F6985E40@MN2PR13MB3582.namprd13.prod.outlook.com> <BYAPR05MB502933857FE0AFBA3390734DC7E40@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB3582B880C792E0519A3A91C385E40@MN2PR13MB3582.namprd13.prod.outlook.com> <BYAPR05MB5029581D97C82FA968601CCDC7E70@BYAPR05MB5029.namprd05.prod.outlook.com> <MN2PR13MB35826741E00B40BBFE12616085E70@MN2PR13MB3582.namprd13.prod.outlook.com> <4F580631-0E2D-4311-9EDC-E25A4862DD84@juniper.net> <BYAPR05MB5029D7B984EB0506C7773E63C7E20@BYAPR05MB5029.namprd05.prod.outlook.com> <CAOj+MMH-0qBkaroKJEdtjM1-7-ZjOY1mWBkS7hLo8FOC_5A+Og@mail.gmail.com> <BYAPR05MB50295A1AC3FB482F39249D0AC7E20@BYAPR05MB5029.namprd05.prod.outlook.com> <CAOj+MMGKdfb9HGh7TyPMWKtdhVZTVcyU3_pzVFaCmJvP=ny5cg@mail.gmail.com>
In-Reply-To: <CAOj+MMGKdfb9HGh7TyPMWKtdhVZTVcyU3_pzVFaCmJvP=ny5cg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1a.0.190609
authentication-results: spf=none (sender IP is ) smtp.mailfrom=sajassi@cisco.com;
x-originating-ip: [128.107.241.164]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 776e0105-fc9d-4857-6096-08d6fb856402
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN8PR11MB3553;
x-ms-traffictypediagnostic: BN8PR11MB3553:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <BN8PR11MB355300AEE02D69252B836969B0FC0@BN8PR11MB3553.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00826B6158
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(376002)(136003)(346002)(39860400002)(199004)(189003)(5660300002)(33656002)(316002)(71200400001)(76176011)(6506007)(71190400001)(53546011)(486006)(14444005)(99286004)(7736002)(5024004)(6512007)(66066001)(256004)(53936002)(58126008)(25786009)(110136005)(8676002)(36756003)(91956017)(14454004)(4326008)(54906003)(229853002)(86362001)(6436002)(186003)(3846002)(1941001)(6486002)(446003)(66946007)(11346002)(6116002)(73956011)(26005)(476003)(102836004)(6306002)(54896002)(2616005)(81156014)(6246003)(478600001)(81166006)(8936002)(68736007)(66556008)(66446008)(66476007)(64756008)(76116006)(2906002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN8PR11MB3553; H:BN8PR11MB3699.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: ZdG/PrWFFeW8Q8/C680B6nAU4JD/DlICh+xnwicmHDF/ftSUXBZYpzD5FLxOUPYEUSgb7m8KcMXV9rEM5RI4VPfL0belPzJn4jKBPLbYmfOQHb45D4pFKdFexXtsd4rJQ1Cma4KlBMiARvtb4fYv5sWL9XS2O12FSR03NrgIfGUgsVgxWCGiuy4IuMnfvd34iJ+/yH1e2O+ZnNls6q2vamKYPJqO1n4Psef8JDPnIR9l4hrE0mpOVJoqlGOjBTpvdsG2I8iq2nA4ANpAVt0/IHroRjeyuazW070IRzi9ipk0fmN9M2mmL3vU20vsPpywYP1SziuY5O8+c1sTGTaWzEbBVFnZV9iffMvgaj17IaA6BX5wiOTBQC5WfEe8hv0D46AnpSACQgE9QFAp+MGGoMmajrcELJepPkZdCbPQkVc=
Content-Type: multipart/alternative; boundary="_000_7EEDFCBE58EB4562A7665A3610198AEDciscocom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 776e0105-fc9d-4857-6096-08d6fb856402
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jun 2019 04:59:24.5254 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: sajassi@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3553
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.30, xch-rcd-020.cisco.com
X-Outbound-Node: rcdn-core-3.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/idr/v9ICMmozo7n22bZiT9tv1RUN_Ls>
Subject: Re: [Idr] Tunnel-Encap Gaps for SD-WAN described in draft-ietf-rtgwg-net2cloud-gap-analysis-02.txt
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/idr/>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Jun 2019 04:59:33 -0000

Robert, John:

First, I don’t see an issue with sending endpoint sub-TLV along with a route from underlay space. Second, [Tunnel-Encap] provides recursive resolution and coloring so that we don’t need to send the Tunnel Attribute with every VPN routes. Third, secure-evpn talks about route hierarchy for finer level of granularity of tunnel setup.

Robert, wrt section 3.1, I think this special case is in context of section 4.1.

Cheers,
Ali

From: Idr <idr-bounces@ietf.org> on behalf of Robert Raszuk <robert@raszuk.net>
Date: Wednesday, June 26, 2019 at 2:30 PM
To: John E Drake <jdrake@juniper.net>
Cc: "idr@ietf.org" <idr@ietf.org>, Linda Dunbar <linda.dunbar@futurewei.com>, John E Drake <jdrake=40juniper.net@dmarc.ietf.org>, "rtgwg@ietf.org" <rtgwg@ietf.org>
Subject: Re: [Idr] Tunnel-Encap Gaps for SD-WAN described in draft-ietf-rtgwg-net2cloud-gap-analysis-02.txt


[JD] You could issue an UPDATE for the tunnel endpoint itself which contained the tunnel encapsulation attribute sans an endpoint sub-TLV.

What next would this UPDATE contain ?

See there seems to be already a provision for what I think you are trying to do by this special case from section 3.1:


   There is one special case: the Remote Endpoint sub-TLV MAY have a

   value field whose Address Family subfield contains 0.  This means

   that the tunnel's remote endpoint is the UPDATE's BGP next hop.  If

   the Address Family subfield contains 0, the Address subfield is

   omitted, and the Autonomous System number field is set to 0.

Any routes that use that tunnel endpoint would also include the tunnel encapsulation attribute that contains only the endpoint sub-TLV.

Well one could argue that if you properly mark next hop with proper tunnel encapsulation selection and tunnel endpoint address you would not need to attach any tunnel attribute at all as simple BGP recursion will inherit the properties of next hop carried prefixes are pointing to.

Thx.
R.