IETF Logo Mail Archive

RE: [Idr] New Version Notification for draft-hao-idr-flowspec-evpn-00.txt

Robert Raszuk <robert@raszuk.net> Fri, 22 August 2014 13:46 UTC

Return-Path: <rraszuk@gmail.com>
X-Original-To: l2vpn@ietfa.amsl.com
Delivered-To: l2vpn@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E24DF1A03A8; Fri, 22 Aug 2014 06:46:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iJuAlPAV85Eu; Fri, 22 Aug 2014 06:46:11 -0700 (PDT)
Received: from mail-ig0-x22f.google.com (mail-ig0-x22f.google.com [IPv6:2607:f8b0:4001:c05::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AB2B1A03A0; Fri, 22 Aug 2014 06:46:11 -0700 (PDT)
Received: by mail-ig0-f175.google.com with SMTP id uq10so14966137igb.8 for <multiple recipients>; Fri, 22 Aug 2014 06:46:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=rNJa3YFLtOY0wAaCOPQU3qlDs7z8H+gkK2fkv7CXv8I=; b=r4qO+bAF4+I0XiTRWr4MHQs5pr/oyIl8dfQGcHpIrJidb75o5PRGM3F4aD9HeUo28G pH4krG0jipGC8c3Bovo4G0egGAFWtXcCF724yo0yhUjpgysTTDQaPNfRN+MfvRR9C64e BoZlnYTTpwewrahxx090Q7007q3folxDIHIpHwgxqCCjfPSquNpmsijhw1QhwkKzuxUD 1Er3FOcnYnnNDPGmDOX3bx9ptqMtkvPUUx5cFc06ufA+Jd8T8ikmwbBqVcn5MOxXwIJn amWi0CAzw+aSiAg/WC3yxU/ByQi+GCSJ3irNtA45wQWB3wZoMQpFvML/FQBjeKV5Y+7m YU+g==
MIME-Version: 1.0
X-Received: by 10.50.79.201 with SMTP id l9mr11396130igx.17.1408715170761; Fri, 22 Aug 2014 06:46:10 -0700 (PDT)
Sender: rraszuk@gmail.com
Received: by 10.107.32.141 with HTTP; Fri, 22 Aug 2014 06:46:10 -0700 (PDT)
Received: by 10.107.32.141 with HTTP; Fri, 22 Aug 2014 06:46:10 -0700 (PDT)
In-Reply-To: <19516_1408708492_53F72F8C_19516_6719_1_9E32478DFA9976438E7A22F69B08FF9207DBD1@OPEXCLILM34.corporate.adroot.infra.ftgroup>
References: <20140820002030.18902.50278.idtracker@ietfa.amsl.com> <DD5FC8DE455C3348B94340C0AB5517334F7F21D1@nkgeml501-mbs.china.huawei.com> <B17A6910EEDD1F45980687268941550F06D74DB1@MISOUT7MSGUSRCD.ITServices.sbc.com> <DD5FC8DE455C3348B94340C0AB5517334F7F2339@nkgeml501-mbs.china.huawei.com> <29476_1408695761_53F6FDD1_29476_12929_1_9E32478DFA9976438E7A22F69B08FF9207DB14@OPEXCLILM34.corporate.adroot.infra.ftgroup> <CA+b+ERknOzLm_ixQ_RGP2=x=FRestmhoL3P4m=6qRHy5xV8ygA@mail.gmail.com> <19516_1408708492_53F72F8C_19516_6719_1_9E32478DFA9976438E7A22F69B08FF9207DBD1@OPEXCLILM34.corporate.adroot.infra.ftgroup>
Date: Fri, 22 Aug 2014 15:46:10 +0200
X-Google-Sender-Auth: oiWDcptlb4px6bQRzIB4QWTjSmw
Message-ID: <CA+b+ERk8+41uT4KM0oZqpe-aZO6NJ8bmVu9bDvf2Vw01jXY6TQ@mail.gmail.com>
Subject: RE: [Idr] New Version Notification for draft-hao-idr-flowspec-evpn-00.txt
From: Robert Raszuk <robert@raszuk.net>
To: "<stephane.litkowski@orange.com>" <stephane.litkowski@orange.com>
Content-Type: multipart/alternative; boundary="089e013cbb8a57d4b80501380f53"
Archived-At: http://mailarchive.ietf.org/arch/msg/l2vpn/-GPg9DCorSwH3lL9rD1azbsFLFA
Cc: l2vpn@ietf.org, "idr@ietf.org" <idr@ietf.org>, liuweihang <liuweihang@huawei.com>, "ju1738@att.com" <ju1738@att.com>
X-BeenThere: l2vpn@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Layer 2 Virtual Private Networks <l2vpn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/l2vpn>, <mailto:l2vpn-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/l2vpn/>
List-Post: <mailto:l2vpn@ietf.org>
List-Help: <mailto:l2vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/l2vpn>, <mailto:l2vpn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Aug 2014 13:46:14 -0000

> Is FS even comparable to openflow?
>
> [SLI] It may be used in a similar way

You must be joking ...

Best,
R.

>
> P2MP distribution has advantage when same type of information is required
to be present in large number of locations.
>
> [SLI] Right, and there are plenty of applications beyond DDoS.
>
>
>
> I think the attempt to build directed arcs with RTC for more and more
types of data is not right direction.
>
> [SLI] I don’t really see why you’re talking about RTC there …
>
>
>
> How about Opflex ?
>
> http://tools.ietf.org/html/draft-smith-opflex-00
>
> [SLI] May be another tool in the tool chest …
>
>
>
> Best,
> R.
>
> On Aug 22, 2014 10:22 AM, <stephane.litkowski@orange.com> wrote:
>
> Hi,
>
> I think this is a valuable addition, but I would like to see these MAC
filters being applicable also to IPv4 plugs (FS IPv4 & VPNv4)
>
> Moreover , the new AFI/SAFI should not be restricted to EVPN, any L2
interface may be interested by such filter (VPLS, basic L2 switching ...).
>
> Route distinguisher may be is missing ...
>
> Now more globally, may be it's time to think more globally about the
evolution of FS. I pretty see FS evolution largely beyond DDoS domain. FS
is a very good protocol for SDN applications. The question behind is do we
really need to work with multiple address families for each type of
"service"/"interface type" to filter or do we need to have a more global
model where we would be able to put any type of filter any where and apply
multiple actions (openflow like FS). Compared to openflow, FS has the magic
to enable multipoint distribution of actions.
>
> Best Regards,
>
> Stephane
>
>
> -----Original Message-----
> From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Haoweiguo
> Sent: Thursday, August 21, 2014 04:11
> To: UTTARO, JAMES; 'idr@ietf.org'; 'l2vpn@ietf.org'
> Cc: liuweihang
> Subject: [Idr] 答复: New Version Notification for
draft-hao-idr-flowspec-evpn-00.txt
>
> Hi Jim,
> Thanks for your comments. The BGP Flowspec procedures is illustrated as
following:
>
>                                           EVPN FlowSpec Session
        EVPN FlowSpec Session
> DDOS Detection Appliance--------------------------Egress
PE-----------------------------Ingress PE------CE2
>
               |
>
            CE1 DDOS Detection Appliance establishes EVPN flowspec session
with Egress PE, it detects DDOS attack traffic and generate ACL rule, the
ACL rule is announced to Egress PE through EVPN flowspec protocol, then the
egress PE announces it to ingress PE, finally ingress PE installs the ACL
rule for traffic filtering.
> DDOS Detection Appliance only needs to support EVPN flowspec function, it
doesn't need to support basic EVPN function.
> Thanks
> weiguo
> ________________________________________
> 发件人: UTTARO, JAMES [ju1738@att.com]
> 发送时间: 2014年8月21日 0:29
> 收件人: Haoweiguo; 'idr@ietf.org'; 'l2vpn@ietf.org'
> 抄送: liuweihang
> 主题: RE: New Version Notification for draft-hao-idr-flowspec-evpn-00.txt
>
> Weiguo,
>
>         I would like to better understand how a remote PE will "learn"
that it needs to deliver a FS path to the ingress PE?? It cannot come from
the CE as that is data plane learning. I would think that all FS paths have
to be disseminated by a centralized controller.
>
> Jim Uttaro
>
> -----Original Message-----
> From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Haoweiguo
> Sent: Tuesday, August 19, 2014 8:31 PM
> To: idr@ietf.org; l2vpn@ietf.org
> Cc: liuweihang
> Subject: [Idr] 答复: New Version Notification for
draft-hao-idr-flowspec-evpn-00.txt
>
> Hi All,
> We have submitted a draft of " Dissemination of Flow Specification Rules
for EVPN".  I will appriciate if you can give us some suggestions and
comments.
> Thanks
> weiguo
>
> ________________________________________
> 发件人: internet-drafts@ietf.org [internet-drafts@ietf.org]
> 发送时间: 2014年8月20日 8:20
> 收件人: Zhuangshunwan; Haoweiguo; liuweihang; Zhuangshunwan; liuweihang;
Haoweiguo
> 主题: New Version Notification for draft-hao-idr-flowspec-evpn-00.txt
>
> A new version of I-D, draft-hao-idr-flowspec-evpn-00.txt
> has been successfully submitted by Weiguo Hao and posted to the IETF
repository.
>
> Name:           draft-hao-idr-flowspec-evpn
> Revision:       00
> Title:          Dissemination of Flow Specification Rules for EVPN
> Document date:  2014-08-20
> Group:          Individual Submission
> Pages:          7
> URL:
http://www.ietf.org/internet-drafts/draft-hao-idr-flowspec-evpn-00.txt
> Status:
https://datatracker.ietf.org/doc/draft-hao-idr-flowspec-evpn/
> Htmlized:       http://tools.ietf.org/html/draft-hao-idr-flowspec-evpn-00
>
>
> Abstract:
>    This document defines BGP flow-spec extension for Ethernet traffic
>    filtering in EVPN network. A new BGP NLRI type (AFI=25, SAFI=TBD)
>    value is proposed to identify EVPN flow-spec application. A new
>    subset of component types and extended community also are defined.
>
>
>
>
> Please note that it may take a couple of minutes from the time of
submission until the htmlized version and diff are available at
tools.ietf.org.
>
> The IETF Secretariat
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>
_________________________________________________________________________________________________________________________
>
> Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez
recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme
ou falsifie. Merci.
>
> This message and its attachments may contain confidential or privileged
information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and
delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have
been modified, changed or falsified.
> Thank you.
>
> _______________________________________________
> Idr mailing list
> Idr@ietf.org
> https://www.ietf.org/mailman/listinfo/idr
>
>
_________________________________________________________________________________________________________________________
>
> Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez
recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme
ou falsifie. Merci.
>
> This message and its attachments may contain confidential or privileged
information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and
delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have
been modified, changed or falsified.
> Thank you.

v2.23.0 | Report a Bug | By Email