Re: [Int-area] I-D Action: draft-ietf-intarea-tunnels-01.txt
Joe Touch <touch@isi.edu> Fri, 21 August 2015 22:30 UTC
Return-Path: <touch@isi.edu>
X-Original-To: int-area@ietfa.amsl.com
Delivered-To: int-area@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 589C41ACE99 for <int-area@ietfa.amsl.com>; Fri, 21 Aug 2015 15:30:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w37ehDU7CgSQ for <int-area@ietfa.amsl.com>; Fri, 21 Aug 2015 15:30:56 -0700 (PDT)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B8AA1ACE9A for <int-area@ietf.org>; Fri, 21 Aug 2015 15:30:56 -0700 (PDT)
Received: from [128.9.160.211] (mul.isi.edu [128.9.160.211]) (authenticated bits=0) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id t7LMTfsG018949 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 21 Aug 2015 15:29:46 -0700 (PDT)
To: "Templin, Fred L" <Fred.L.Templin@boeing.com>, Lucy yong <lucy.yong@huawei.com>
References: <20150720180452.16624.99273.idtracker@ietfa.amsl.com> <55AD3B17.50001@isi.edu> <2691CE0099834E4A9C5044EEC662BB9D571D2D2E@dfweml701-chm> <55D75C46.3050402@isi.edu> <2691CE0099834E4A9C5044EEC662BB9D571D2E39@dfweml701-chm> <55D788C5.1020107@isi.edu> <2691CE0099834E4A9C5044EEC662BB9D571D2ECA@dfweml701-chm> <55D799D4.8010605@isi.edu> <2691CE0099834E4A9C5044EEC662BB9D571D2F30@dfweml701-chm> <2134F8430051B64F815C691A62D9831832EE5F19@XCH-BLV-504.nw.nos.boeing.com>
From: Joe Touch <touch@isi.edu>
X-Enigmail-Draft-Status: N1110
Message-ID: <55D7A655.5070207@isi.edu>
Date: Fri, 21 Aug 2015 15:29:41 -0700
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <2134F8430051B64F815C691A62D9831832EE5F19@XCH-BLV-504.nw.nos.boeing.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <http://mailarchive.ietf.org/arch/msg/int-area/4IoGQfn4JgQL-17DYXg-7pYtFNY>
Cc: "int-area@ietf.org" <int-area@ietf.org>
Subject: Re: [Int-area] I-D Action: draft-ietf-intarea-tunnels-01.txt
X-BeenThere: int-area@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF Internet Area Mailing List <int-area.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/int-area>, <mailto:int-area-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/int-area/>
List-Post: <mailto:int-area@ietf.org>
List-Help: <mailto:int-area-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/int-area>, <mailto:int-area-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Aug 2015 22:30:59 -0000
On 8/21/2015 3:14 PM, Templin, Fred L wrote: > Here is a good definition of "link" from RFC4861: > > link - a communication facility or medium over which nodes can > communicate at the link layer, i.e., the layer > immediately below IP. Examples are Ethernets (simple > or bridged), PPP links, X.25, Frame Relay, or ATM > networks as well as Internet-layer (or higher-layer) > "tunnels", such as tunnels over IPv4 or IPv6 itself. It's frankly tautological: "a link is a thing that communicates over a link layer" Stepping into the "i.e.," part, it could be rewritten as: "a link is a communication layer that transits IP" > The same definition also shows up in RFC2460. > > RFC3819 (PILC) is entirely about links, and could also be cited. PILC is about subnets - i.e., multipoint links, not merely links. It similarly defines a subnet as anything that transits IP, though: A subnetwork refers to any network operating immediately below the IP layer to connect two or more systems using IP (i.e., end hosts or routers). This definition doesn't preclude IP as a subnetwork. However, if we want to differentiate a link from a tunnel, it fails. I'm not sure that's a bad thing. What I would like to do is: 1. Say basically as above - an Internet link layer is a comm system that transits IP 2. Note that, by this definition, IP tunnels are just as much links as Ethernet 3. Note that, by common convention, a "conventional" link is directly implemented on a physical layer whereas a tunnel is implemented at least one layer removed Note that, even by #3, if there were an IP implemented directly on a physical layer (which there could be), then it could carry IP traffic just like any other link layer. Joe > > Thanks - Fred > fred.l.templin@boeing.com > >> -----Original Message----- >> From: Int-area [mailto:int-area-bounces@ietf.org] On Behalf Of Lucy yong >> Sent: Friday, August 21, 2015 2:53 PM >> To: Joe Touch >> Cc: int-area@ietf.org >> Subject: Re: [Int-area] I-D Action: draft-ietf-intarea-tunnels-01.txt >> >> Hi Joe, >> >> [snip] >>> The draft clearly defines what is tunnel, how that is different than a >>> traditional link (OSI stacks based). IMO: a tunnel simulates a link; >>> but a link, by definition, is not a tunnel. >> >> We can create a definition, e.g.: >> >> a tunnel uses a transit communication system that cannot stand >> on its own >> >> a link uses a transit communication system that can stand on its >> own >> >> I.e., IP can't exist without Ethernet (or something equivalent), but ethernet can exist without ethernet. >> >> Put another way: >> >> links touch physical links >> >> tunnels don't >> >> That might be useful to add to the beginning of Section 3.1, however it's an artificial distinction. We are defining a tunnel as different >> from a link only in their implementation - not their behavior, IMO. >> [Lucy] Agree on this distinction. It aligns with the draft. >> >> Thanks, >> Lucy >> >> Joe >> >> >> >> >>> >>> Regards, >>> Lucy >>> >>> >>> >>> -----Original Message----- >>> From: Joe Touch [mailto:touch@isi.edu] >>> Sent: Friday, August 21, 2015 3:24 PM >>> To: Lucy yong >>> Cc: touch@isi.edu; int-area@ietf.org >>> Subject: Re: [Int-area] I-D Action: draft-ietf-intarea-tunnels-01.txt >>> >>> Hi, Lucy, >>> >>> Focusing on issues that needed clarification: >>> >>> On 8/21/2015 12:39 PM, Lucy yong wrote: >>> ... >>>> For an IP-in-IP tunnel, that L2 address is the IP address of the egress decapsulator at the receiving router. >>>> [Lucy] True, but it has implementation difference. This needs to be configured somehow. >>> >>> I'm assuming everything needs to be configured - there's no way to run a tunnel without configuring both ingress and egress. >>> >>> I would consider all the ingresses that lead to one egress as "one tunnel", i.e., a multipoint tunnel. Yes, that needs to be added to >> the description - so both one ingress to many egresses, many ingresses to one egress, and combinations thereof. >>> >>> >>>>> In fact, such tunnel endpoint >>>>> functions are a key technique for NVO3. Hope the draft can address >>>>> tunnel endpoint characteristics for this case as well, i.e. same and >>>>> difference compared to a network interface. >>>> >>>> The doc should go into more detail about this case, in which the >>>> difference is whether an IP address or a true L2 address >>>> differentiates the "network interface". >>>> [Lucy] IP does not have all characteristics that Ethernet has. >>> >>> IP is closer to an NBMA L2 (unless there's native broadcast or multicast between ingress and egress network N addresses), but it's >> largely equivalent to most other types of L2s. >>> >>>>> * Regarding tunnel encapsulation, the key driver for NVO3 is to >>>>> support multi-tenant environment, which results that multiple >>>>> virtual networks share one same tunnel. The draft may discuss/point >>>>> out how that impacts the tunnel (the link) operation and behavior >>>>> and individual virtual networks carried by a tunnel. >>>> >>>> Can you clarify? If these are separate virtual networks, how can they share a network interface unless they have a "gateway" to >> "relay" >>>> between the virtual networks? >>>> >>>> [Lucy] NVO3 means that a virtual network is implemented over an IP >>>> network where virtual network traffic is encapsulated at the edge >>>> node >>>> (NVE) and carried over the IP network. >>> >>> That's just a multipoint tunnel IMO. >>> >>>> [RFC7365] one edge node can >>>> server to multiple virtual networks and encapsulates virtual network >>>> traffic by VXLAN where a VNID is used to segregate virtual network >>>> traffic. >>> >>> AS I note below, that's equivalent to L2 aliasing. >>> >>>> As result, tunnel ingress encapsulates VN traffic with different >>>> VNIDs but outer IP addresses are the same. >>> >>> Whether you use multiple IPs or one IP with multiple VNIDs is a detail that does affect some aspects, but it's somewhat "in the >> details" for this doc. I.e., the VNID isn't substantially different than a UDP header between the two IP headers. >>> >>>> In short, one >>>> tunnel can carry the traffic and use the encapsulation to segregate >>>> the virtual network traffic. >>> >>> I would still not consider that one single tunnel, regardless of NVO3 terminology. >>> >>>> >>>> Or are you talking about something equivalent to a VLAN? (see below >>>> -- I think this might be a VLAN, in which case the text is easy to >>>> extend to explain). >>>> >>>> [Lucy] IMO: this is different from VLAN. VLAN technology is also >>>> virtual network technology but has different implementation. >>> >>> Yes, I didn't mean that they were identical in implementation but very similar in spirit. >>> >>>> Bridging >>>> technology does not use tunnel, it forms a virtual network by VLAN >>>> tag that is known to every nodes. >>> >>> Ethernet VLANs use an Ethernet L2 header and adds a VLAN ID extension. >>> >>> NVO3 uses a IP as an L2 header and adds a VNID extension. >>> >>> They're nearly identical in that regard; there are some other differences when it comes to broadcast, but that's about all AFAICT. >>> >>>>> * Text: From the perspective of the outermost hosts (Hsrc and >>>>> Hdst), the tunnel appears as a link between two routers (Ra and Rd). >>>>> >>>>> Comment: IMO: from M network view (i.e. topology), tunnel appears as >>>>> a link between two routers; the hosts (Hsrc and Hdst) are not aware of the >>>>> existence of Rc and Rd. >>>> >>>> The hosts can be aware of routers Ra and Rd (e.g., they see them in >>>> the hopcount decrement and might receive traceroute responses from >>>> them if they participate) but not Rb or Rc. >>>> >>>> Can you explain why you think Rd isn't visible to Hsrc and Hdst? >>>> >>>> [Lucy] Sorry, my mistate in the first place. It should be Rb and Rc. >>>> My origin point is that the link exists between Ra and Rd. >>> >>> That's what the doc already says. >>> >>>> The hosts are >>>> not aware of the link, M network (routers) are aware of it. >>> >>> Yes, directly, but the hosts are aware of the link in its impact on the hopcount and those routers can participate in traceroute if they >> want. >>> That's quite different from Rb and Rc. >>> >>> I'll clarify the text to be more clear, though. >>> >>> >>> ... >>> ... >>>> These principles should be more clear as to whether they're rules, >>>> observations, or interpretations. I'll address that in the next >>>> update. >>>> >>>> [Lucy] It is great if the draft will state out some principles rather >>>> than current interpretation. >>> >>> The answer depends a little on both. >>> >>>> The Internet Architecture was not >>>> designed for tunnel application before. >>> >>> IMO it was - we just call it L2. >>> >>>> Now there are various tunnel >>>> applications over the Internet. These principles are critical for >>>> what and How to evolve the Internet architecture to facilitate tunnel >>>> implementation and/or benefit to tunnel applications. >>> >>> Part of the point of the intro material is that tunnels are a natural part of the architecture IF we treat them correctly, which means >> both principles and how we interpret existing requirements. >>> >>> ... >>>>> * When an encapsulation header contains a UDP header (used over >>>>> IP net), a tunnel is still an IP tunnel although tunnel egress and >>>>> on the link it may be treated as UDP app., right? >>>> >>>> This document defines "IP tunnels" as tunnels that carry IP packets, >>>> regardless of the way in which they carry IP packets. It does focus >>>> on IP in IP but does also include a discussion on IP in other >>>> protocols (UDP in particular). >>>> >>>> [Lucy] I see. The document focuses on the M network that is IP and >>>> has a tunnel (link) between Ra and Rd. Tunnel endpoint implementation >>>> have two parts: provides the link function to M network, implement >>>> such link functions in N network. >>> >>> Exactly. >>> >>>> Since N network can be implemented >>>> by different network protocols, it is fair for the draft do not >>>> consider the link implementation. Thus some of my suggestion may not >>>> apply to this draft. (sorry) >>> >>> That's OK; the draft should be more clear on this, and we can decide otherwise (i.e., we can have a section that does focus on some >> implementation issues in specific). >>> >>> We do discuss many implementation issues but in a fairly abstract manner, i.e., as would apply to any link implementation. >>> >>> Joe >>> >>> >> >> _______________________________________________ >> Int-area mailing list >> Int-area@ietf.org >> https://www.ietf.org/mailman/listinfo/int-area
- [Int-area] I-D Action: draft-ietf-intarea-tunnels… internet-drafts
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Tom Herbert
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Templin, Fred L
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Templin, Fred L
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Templin, Fred L
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Joe Touch
- Re: [Int-area] I-D Action: draft-ietf-intarea-tun… Lucy yong