IETF Logo Mail Archive

Re: [Idr] Discussions about RT-Constrain //RE: IETF-78 IDR minutes

Robert Raszuk <raszuk@cisco.com> Tue, 07 September 2010 09:03 UTC

Return-Path: <raszuk@cisco.com>
X-Original-To: idr@core3.amsl.com
Delivered-To: idr@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 570723A63EC for <idr@core3.amsl.com>; Tue, 7 Sep 2010 02:03:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.299
X-Spam-Level:
X-Spam-Status: No, score=-10.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TrdCv887jwrd for <idr@core3.amsl.com>; Tue, 7 Sep 2010 02:03:28 -0700 (PDT)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 96A043A676A for <idr@ietf.org>; Tue, 7 Sep 2010 02:03:28 -0700 (PDT)
Authentication-Results: rtp-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAN+chUxAZnwM/2dsb2JhbACgcXGjBIIjDAGYfoU9BIoY
X-IronPort-AV: E=Sophos;i="4.56,327,1280707200"; d="scan'208";a="156207767"
Received: from rtp-core-1.cisco.com ([64.102.124.12]) by rtp-iport-1.cisco.com with ESMTP; 07 Sep 2010 09:03:56 +0000
Received: from [192.168.1.61] (sjc-raszuk-87113.cisco.com [10.20.147.254]) by rtp-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id o8793sgT017797; Tue, 7 Sep 2010 09:03:55 GMT
Message-ID: <4C85FFFF.5000902@cisco.com>
Date: Tue, 07 Sep 2010 11:03:59 +0200
From: Robert Raszuk <raszuk@cisco.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: Jie Dong <dongjie_dj@huawei.com>
References: <OFE1DAC013.1BD3F321-ON48257796.005C9D6D-48257796.005C9D76@china.mobile> <4C852D5E.4080306@cisco.com> <004201cb4e40$a48a4670$ed9ed350$@com>
In-Reply-To: <004201cb4e40$a48a4670$ed9ed350$@com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: idr@ietf.org, lizhenqiang@chinamobile.com
Subject: Re: [Idr] Discussions about RT-Constrain //RE: IETF-78 IDR minutes
X-BeenThere: idr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: raszuk@cisco.com
List-Id: Inter-Domain Routing <idr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/idr>
List-Post: <mailto:idr@ietf.org>
List-Help: <mailto:idr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/idr>, <mailto:idr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Sep 2010 09:03:32 -0000

Hi Jie,

I think very careful RT allocation planning is needed in each 
multi-service network and this is regardless of rt-constrain use or not.

If you expect RT collisions to happen then I don't think prepending 
AFI/SAFI to an RT will be of any help.

You would be much better to propose modifications to the RT format 
itself to accomodate service encoding as part of it's value. Then 
automatically any protocol which uses RTs will inherit it.

But I don't think this is practically sound required, but clearly you 
have a different opinion. And I don't think AFI/SAFI+RT that much is 
needed. Providers usually already have their own ways to divide RT 
spaces among their services today just playing with available 8 octets.

If you think 8 octets is not enough maybe proposing 9 or 10 would 
address your concern of overlapping RTs for various types of VPNs.

 > RTs used in one type of VPN SHOULD be independent with any other
 > types of VPNs.

That would not generally not be a good practice. Perhaps for few 
migrations cases, but clearly not for long term deployment plan.

If you separate unicast from multicast the latter may have not work too 
well as it depends on unicast for it's RPF check. If you separate v4 
from v6 and sites that have a dual stack routing congruency requirement 
will just double the advertisement of RTs.

Cheers,
R.

> Hi Robert,
>
> Some further thoughts...
>
> Avoiding propagation and processing of unnecessary VPN routes is one
> important aspect. In addition, what we concern more is: with current
> RT-constrain mechanism [RFC4684] which uses one AFI/SAFI for all kinds of
> VPN services (including L3VPN, L2VPN, L1VPN, MVPN, and potential
> xxxVPNs...), configuration/deployment of one type VPN may affect other
> deployed VPNs in the network.
>
> As I said in my previous mail, such impact among different types VPNs can be
> more serious with more and more types of VPNs deployed in the network, and
> coexistence of static configured RT and automatic generated RT makes the RT
> collision among different types of VPNs much easier to occur, and it would
> become more and more difficult in planning and management of different types
> of VPNs when RT-constrain is deployed.
>
> RTs used in one type of VPN SHOULD be independent with any other types of
> VPNs. Thus it's straightforward and reasonable for RT-constrain to separate
> RT membership information of different AFI/SAFIs, which is what we proposed
> in our draft
> (http://tools.ietf.org/html/draft-dong-idr-vpn-route-constrain-01.txt).
>
>
> Best regards,
> Jie
>
>> -----Original Message-----
>> From: idr-bounces@ietf.org [mailto:idr-bounces@ietf.org] On Behalf Of
>> Robert Raszuk
>> Sent: Tuesday, September 07, 2010 2:05 AM
>> To: lizhenqiang@chinamobile.com
>> Cc: idr@ietf.org
>> Subject: Re: [Idr] Discussions about RT-Constrain //RE: IETF-78 IDR
> minutes
>>
>> Hello Zhenqiang,
>>
>> Many thx for your email. I have no doubt about your deployment case. In
>> fact I think what you are planning to do does make sense.
>>
>> But let's do not forget about the overall picture. RT-constrain's
>> primary objective was to help automate inter-as VPNs. Later we have
>> observed that it may also help to allow to store on RRs only those set
>> of routes which are desired. The fact that it allows limit the amount of
>> automated inbound filtering on the PEs is more or less the over all
>> positive side effect :)
>>
>> So RT-constrain in itself is an optimization. This draft would be an
>> optimization to the optimization.
>>
>> Reg the impact of IPv6 introduction how many VPN IPv6 routes are you
>> concerned with ? Note that there are production IPv4 deployments with
>> over 1 million IPv4 routes today and without rt-constrain deployed at all.
>>
>> Are you concerned with the need to drop unnecessary routes on inbound RR
>> ->  PE (which is a very cheap operation) on those PEs which do not need
>> them ? Or are you under impression that all PEs would need to store
>> those routes even if those would not be needed .. the latter would be
>> very easy to address without any protocol changes by your favorite BGP
>> implementation.
>>
>> Many thx,
>> R.
>>
>>
>>> Hi Robert and Jie,
>>>
>>> I am Zhenqiang Li from China Mobile. I think this draft is useful. We
>>> are now planning the IPv6 migration scheme. During the migration
>>> period, some sites of a specific service will introduce IPv6 first.
>>> These IPv6-enabled sites (still support IPv4) need to communicate
>>> with other sites belonging to this specific service, including both
>>> IPv6-enabled and IPv4-only sites. Because they are parts of one
>>> service, we want them to be in one VPN. Thus we give the IPv6 route
>>> the same RT as the IPv4 route of this service. By using the proposed
>>> scheme in this draft, we can control the IPv6 route distribution
>>> within the IPv6-enabled sites. This is also helpful to limit the
>>> potential impact of IPv6 introduction.
>>>
>>> Best Regards, Zhenqiang Li
>>> _______________________________________________ Idr mailing
>> list
>>> Idr@ietf.org https://www.ietf.org/mailman/listinfo/idr
>>>
>>
>> _______________________________________________
>> Idr mailing list
>> Idr@ietf.org
>> https://www.ietf.org/mailman/listinfo/idr
>
>

v2.23.0 | Report a Bug | By Email