Re: [L1vpn] Good discussions
Acee Lindem <acee@cisco.com> Wed, 17 May 2006 21:16 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FgTNK-0005zW-25; Wed, 17 May 2006 17:16:10 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FgTNI-0005wI-K4 for l1vpn@ietf.org; Wed, 17 May 2006 17:16:08 -0400
Received: from sj-iport-5.cisco.com ([171.68.10.87]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FgTNI-0002m4-1O for l1vpn@ietf.org; Wed, 17 May 2006 17:16:08 -0400
Received: from sj-dkim-6.cisco.com ([171.68.10.81]) by sj-iport-5.cisco.com with ESMTP; 17 May 2006 14:16:07 -0700
X-IronPort-AV: i="4.05,138,1146466800"; d="scan'208"; a="278548823:sNHT34523042"
Received: from sj-core-4.cisco.com (sj-core-4.cisco.com [171.68.223.138]) by sj-dkim-6.cisco.com (8.12.11/8.12.11) with ESMTP id k4HLG7Dr006327; Wed, 17 May 2006 14:16:07 -0700
Received: from xbh-rtp-201.amer.cisco.com (xbh-rtp-201.cisco.com [64.102.31.12]) by sj-core-4.cisco.com (8.12.10/8.12.6) with ESMTP id k4HLFhsn013278; Wed, 17 May 2006 14:16:07 -0700 (PDT)
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-201.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 17 May 2006 17:16:05 -0400
Received: from [10.82.216.18] ([10.82.216.18]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 17 May 2006 17:16:04 -0400
Message-ID: <446B9294.8040903@cisco.com>
Date: Wed, 17 May 2006 17:16:04 -0400
From: Acee Lindem <acee@cisco.com>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Adrian Farrel <adrian@olddog.co.uk>
Subject: Re: [L1vpn] Good discussions
References: <00e301c676bc$f969fd80$0a23fea9@your029b8cecfe>
In-Reply-To: <00e301c676bc$f969fd80$0a23fea9@your029b8cecfe>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 17 May 2006 21:16:04.0723 (UTC) FILETIME=[1B38D430:01C679F7]
DKIM-Signature: a=rsa-sha1; q=dns; l=6153; t=1147900567; x=1148764567; c=relaxed/simple; s=sjdkim6001; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=acee@cisco.com; z=From:Acee=20Lindem=20<acee@cisco.com> |Subject:Re=3A=20[L1vpn]=20Good=20discussions; X=v=3Dcisco.com=3B=20h=3DgS2faM9UIwJ/7sT7061M6I0Nhzo=3D; b=qZfqGzYsAFPBM6xbJkJSkd7U2XTsAcf4MKJK+BpBIo3S3wYTONvxiW1Sf5W2Fp5GzbPjtyzZ tGwyWq9dyr+2GXBd/wMXAIMqB1md7PdqzuhCCS1HnSUZ+j6riOWPad8R;
Authentication-Results: sj-dkim-6.cisco.com; header.From=acee@cisco.com; dkim=pass ( sig from cisco.com verified; );
X-Spam-Score: 0.0 (/)
X-Scan-Signature: dbb8771284c7a36189745aa720dc20ab
Cc: l1vpn@ietf.org
X-BeenThere: l1vpn@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Layer 1 Virtual Private Networks <l1vpn.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/l1vpn>, <mailto:l1vpn-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/l1vpn>
List-Post: <mailto:l1vpn@lists.ietf.org>
List-Help: <mailto:l1vpn-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/l1vpn>, <mailto:l1vpn-request@lists.ietf.org?subject=subscribe>
Errors-To: l1vpn-bounces@lists.ietf.org
Hi Adrian, Adrian Farrel wrote: > Hi, > > It is good to see some constructive discussions on this list. > > I want to pick out a few points with a few to edging towards something > that passes for consensus. I am not specifically supporting (or > denying) the OSPF solution, but I have seen a lot of misconceptions > that need to be smoothed out. > > 1. Basic mode or Extended mode > You are all encouraged to think about the extended mode requirements > and the four models (including the per-VPN model). It is useful to > kick start this discussion, and valuable to look at how proposed > discovery solutions might work in the extended model. > BUT (!) > - The working group is focused on developing protocol solutions > for the basic mode at the moment. > - There are four extended mode solutions and it is *far* from > clear that the working group wants to support all four of them. > > 2. Comparison with L2/3 VPN work > Comparison is useful to pick up on lessons learned elsewhere. It is > valuable to consider how operators might operate VPNs across the board. > BUT (!) > - We must be clear that the L1VPN service is selling L1 connectivity. > There is no packet-based VPN here. > The quote "I don't see why one would want to offer VPNs on top > of these [L1 networks] without intervening L3 networks" entirely > misses the point of the L1VPN working group! I suggest that > contributors need to at least read the charter, but also the > framework I-D. > > 3. Scaling > There was a comment along the lines of the information in the IGP > being bounded by the routing domain, but the information in the VPN > being out of that control and bounded by information in the VPN(s). > For L1VPNs in the basic mode this is not true. The information is > bounded by the routing domain, but modified by the number of VPNs that > can connect. Since we use a per-port model for VPN connectivity, the > information is effectively bounded by the routing domain. > NOTE very clearly (!) > - In the basic mode, no VPN *site* membership is flooded across or > within the core network. When we discuss "VPN membership" we > mean that we are identifying which PEs have access to which VPNs. > > 4. Automesh > The Automesh I-D in CCAMP (draft-ietf-ccamp-automesh-01.txt) builds on > a piece of work in the OSPF working group > (draft-ietf-ospf-cap-08.txt). This defines a new opaque LSA (the > router information LSA) which can carry TLVs. The use of this new LSA > for automesh is actually almost identical to that proposed for L1VPN > membership, and I believe that one of the proposed uses of automesh is > to set up a full mesh of TE tunnels between the PEs that provide > access to the same VPN. In fact, the automesh draft is targeted at > IP/MPLS networks so the scaling concerns of automesh must be at least > greater than those for L1VPN. > I will be taking up the scaling issues associated with automesh with > the OSPF working group in the context of CCAMP. > > 5. Policy > My view of why one would apply policy to the distribution of VPN > membership information is that it relates to scaling and to > confidentiality. > - Scaling has been pretty well discussed, and there is also > a note above. It might be that in the future we need a solution > that scales much better than anything that an IGP can achieve. > Let us all hope for such successful and widespread deployments > of L1VPN in particular and GMPLS in general. > - Confidentiality relates to the spread of information between > networks. This is important if VPN internal information can > leak from one VPN to another. But in L1VPN basic mode > a. there is no exchange of information from the core to the > VPN > b. no VPN information is distributed through the core > So this question simply does not arises. All VPN membership > information that we are discussing is already present in the core > and we are simply debating how to get this information between > nodes within the core. > > 6. WG status / Experimental / Informational > It is certainly the case that a working group draft can be > informational or experimental. This discussion should not stop the > working group adopting any draft. > Further, those who participated in the discussion in Dallas should be > very clear that there was an agreement not to have a beauty contest at > this stage, but to see how things developed and let the market decide. > People who expressed that opinion and who now find their preferred I-D > adopted as a WG I-D would do well to maintain the opinion they > expressed in Dallas. > > > To me it seems that several vendors of optical equipment are > expressing the view that this is the solution that they want to build, > and I have not currently seen any overwhelming technical issues > blocking the working group from looking at this work further (please > tell me why I am wrong). However, I am concerned by the continued > opposition from the chair of the OSPF working group and feel that we > need to follow this up further. If there is no requirement to ever offer these L1VPN services outside of the environment described above then I'm less concerned with overloading OSPF or compatibility with :L2/L3 VPNs where BGP or LDP are used. As I stated in my previous post, I'd ask that this be clearly stated in the request for the IANA opaque LSA allocation. Additionally, being judicious about which applications use OSPF for information dissemination is not new nor a product of my invention. This is due to a number of factors including the desire to minimize OSPF flooding in order to minimize convergence time and maximize IGP robustness. It is also due to all the experience we have solving these types of problems with BGP and the BGP's ability to support policy on a peer basis. Thanks, Acee > > Thanks, > Adrian > > > _______________________________________________ > L1vpn mailing list > L1vpn@lists.ietf.org > https://www1.ietf.org/mailman/listinfo/l1vpn > _______________________________________________ L1vpn mailing list L1vpn@lists.ietf.org https://www1.ietf.org/mailman/listinfo/l1vpn
- [L1vpn] Good discussions Adrian Farrel
- Re: [L1vpn] Good discussions Acee Lindem