Re: Some observations/questions on inter-subnet and type-5 draft for EVPN
"Rabadan, Jorge (Jorge)" <jorge.rabadan@alcatel-lucent.com> Tue, 19 August 2014 17:25 UTC
Return-Path: <jorge.rabadan@alcatel-lucent.com>
X-Original-To: l2vpn@ietfa.amsl.com
Delivered-To: l2vpn@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 241D61A06DF
for <l2vpn@ietfa.amsl.com>; Tue, 19 Aug 2014 10:25:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.567
X-Spam-Level:
X-Spam-Status: No, score=-2.567 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.668]
autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id T4BtYy3Qpkza for <l2vpn@ietfa.amsl.com>;
Tue, 19 Aug 2014 10:25:16 -0700 (PDT)
Received: from smtp-fr.alcatel-lucent.com (fr-hpgre-esg-02.alcatel-lucent.com
[135.245.210.23])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id DC1E31A06DE
for <l2vpn@ietf.org>; Tue, 19 Aug 2014 10:25:15 -0700 (PDT)
Received: from fr711usmtp1.zeu.alcatel-lucent.com (unknown [135.239.2.122])
by Websense Email Security Gateway with ESMTPS id 330F94A7003;
Tue, 19 Aug 2014 17:25:10 +0000 (GMT)
Received: from FR711WXCHHUB01.zeu.alcatel-lucent.com
(fr711wxchhub01.zeu.alcatel-lucent.com [135.239.2.111])
by fr711usmtp1.zeu.alcatel-lucent.com (GMO) with ESMTP id s7JHPCUQ031906
(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL);
Tue, 19 Aug 2014 19:25:12 +0200
Received: from FR711WXCHMBA03.zeu.alcatel-lucent.com ([169.254.3.230]) by
FR711WXCHHUB01.zeu.alcatel-lucent.com ([135.239.2.111]) with mapi id
14.02.0247.003; Tue, 19 Aug 2014 19:25:12 +0200
From: "Rabadan, Jorge (Jorge)" <jorge.rabadan@alcatel-lucent.com>
To: Antoni Przygienda <antoni.przygienda@ericsson.com>, "l2vpn@ietf.org"
<l2vpn@ietf.org>
Subject: Re: Some observations/questions on inter-subnet and type-5 draft
for EVPN
Thread-Topic: Some observations/questions on inter-subnet and type-5 draft
for EVPN
Thread-Index: Ac+54Vj/kFnQLaMuTYuhBZ6GvOXmLQBLzcyAABNcYIAACkVcAA==
Date: Tue, 19 Aug 2014 17:25:12 +0000
Message-ID: <D018D609.4C8F4%jorge.rabadan@alcatel-lucent.com>
References: <2E4BB27CAB87BF43B4207C0E55860F181845DE@eusaamb103.ericsson.se>
<D017F35A.4C748%jorge.rabadan@alcatel-lucent.com>
<2E4BB27CAB87BF43B4207C0E55860F18188FDD@eusaamb103.ericsson.se>
In-Reply-To: <2E4BB27CAB87BF43B4207C0E55860F18188FDD@eusaamb103.ericsson.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.2.140509
x-originating-ip: [135.239.27.40]
Content-Type: multipart/alternative;
boundary="_000_D018D6094C8F4jorgerabadanalcatellucentcom_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/l2vpn/-X3Jwio2V2hHjYZcVlG3B0ZD4yg
X-BeenThere: l2vpn@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Layer 2 Virtual Private Networks <l2vpn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/l2vpn>,
<mailto:l2vpn-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/l2vpn/>
List-Post: <mailto:l2vpn@ietf.org>
List-Help: <mailto:l2vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/l2vpn>,
<mailto:l2vpn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Aug 2014 17:25:25 -0000
Tony, About the last comment, I think we can add something to the EVPN-IP-VPN interop draft. That could be the right place to do it. I can suggest a paragraph or two to the authors. Thank you. Jorge From: Antoni Przygienda <antoni.przygienda@ericsson.com<mailto:antoni.przygienda@ericsson.com>> Date: Monday, August 18, 2014 at 8:46 PM To: Jorge Rabadan <jorge.rabadan@alcatel-lucent.com<mailto:jorge.rabadan@alcatel-lucent.com>>, "l2vpn@ietf.org<mailto:l2vpn@ietf.org>" <l2vpn@ietf.org<mailto:l2vpn@ietf.org>> Subject: RE: Some observations/questions on inter-subnet and type-5 draft for EVPN Jorge, inline as well From: Rabadan, Jorge (Jorge) [mailto:jorge.rabadan@alcatel-lucent.com] Sent: Monday, August 18, 2014 8:17 PM To: Antoni Przygienda; l2vpn@ietf.org<mailto:l2vpn@ietf.org> Subject: Re: Some observations/questions on inter-subnet and type-5 draft for EVPN Tony, Thank you for your comments. Please see in-line. From: Antoni Przygienda <antoni.przygienda@ericsson.com<mailto:antoni.przygienda@ericsson.com>> Date: Saturday, August 16, 2014 at 11:07 PM To: "l2vpn@ietf.org<mailto:l2vpn@ietf.org>" <l2vpn@ietf.org<mailto:l2vpn@ietf.org>> Subject: Some observations/questions on inter-subnet and type-5 draft for EVPN So, wrapping around my head around EVPN type 5 and inter-subnet drafts and some observations (all on version -02 of type 5 and version -04 of inter-subnet) a) Nitpick first: in type-5 section 3.1 the IP Address Length field is not a particularly well chosen name for the field. It really is prefix length and other drafts use IP Address Length being 1 byte to indicate 4 bytes or 16 bytes and not mask length (e.g. evpn-07). I suggest changing to ‘IP Prefix Length’ or something like this. The reason why we called it IP Address Length was to keep it consistent with the route type 2 (at the time where the evpn draft suggested that the MAC Address Length might have been used as a prefix length). Now the draft evpn-07 clearly states that the MAC address length is 48, and IP address length 32 or 128. So yes, I think we can change the name to IP Prefix Length for clarity. Good suggestion. Thanks. [Tony said] ack b) The new BGP attribute have couple unclear things to it (I mean the ‘EVPN-GW-2-EVPN-GW tunnel attribute’ for lack of a clearly specified name (which I think it needs) in draft inter-subnet section 6) i. I assume the intention of lack of such an attribute is that the tunnel is MPLS and therefore the label-2=l3vpn-label since I don’t see an ‘MPLS-tunnel-type’ in the attribute ? But then, how do we figure out e.g. the MAC of the NVE. Did I misread completely or is that an oversight or did I get lost in all the tunneling ? ii. Bump-in-the-wire-use-case seems to indicate that the ‘EVPN-GW-2-EVPN-GW tunnel attribute’ is carried on route type 1 (but it seems it could be carried on the type-5 route with ESI!=0 equally well ? In the VRF-2-VRF case however it’s clear that type-5 is carrying the tunnel attribute so it may be more consistent to not stick it on type-1 albeit sticking it on type-1 is more consistent with it being stuck on RT-2 routes to resolve the MAC-2-tunnel in e.g. floating ip use case iii. It is not clear whether multiple tunnel attributes can be sent within a route & used for load balancing There are a couple of things that we need to fix and clarify in the next rev of both drafts. “i” is one of them. “iii” can be clarified too. About ii, the draft only suggests the use of the attribute for the VRF-to-VRF use-case. [Tony said] I reread the 5.4 (bump-in-the wire) and you’re correct, all the VXLAN is derived from the A-D-1. I assume the correct tunnel (vxLAN,nvGRE) is correlated purely by BGP next-hop then on which NVE2 and NVE3 reside so that makes it complete. I agree that in VRF-2-VRF case carrying it on type-5 makes sense (well, there is no other place since there is no type-2 advertised ;-) That answers ii) c) I start to ask myself whether we should start to think about IP route preferences in EVPN. Observe that currently we can install/use IP addresses/prefixes for IRB in EVPN assigned VRFs from multiple sources (or rather inter-subnet route on them) 1. IP-MAC (RT-2) containing /32 (incl. gateway attribute) 2. RT-5 containting /0 all the way to /32 3. Draft-inter seems to allow to use IP-VPN routes to be used for lookup incl. prefixes (if not explicitly then surely implicitly via RTs) 4. Redistribution from other protocols that do either IP prefix or IP-MAC bindings (but that’s kind of well-known protocol distance we have today already) Question here becomes: Should we specify the IP route preferences for all those routes being installed into the IP-VRF (or in broader sense, which address type should be preferred in inter-subnet lookup) ? If not, looping criteria start to become imaginable IMO if implementations do not agree on the protocol preference as was the case for a while in L3 routing. I believe all the protocols feeding a VRF routing table should have a different preference, but that is really a vendor specific implementation and it is not a new issue. As far as I know there is no RFC suggesting default routing preferences among routing protocols. In particular for EVPN to IP-VPN interworking, there are two things to bear in mind (again, nothing new if you compare it with IP-VPN to PE-CE BGP interworking): * Both types of IP prefixes, EVPN and IP-VPN must have different preference/distance. In the implementation I know of, by default, EVPN has lower preference than IP-VPN, which I think it makes sense. * In case of PE redundancy, routing loops may occur if both PEs exchange EVPN and IP-VPN prefixes for the same VRF. If that is the case, loops may be avoided by tagging the routes with e.g. site-of-origin communities and filtering out prefixes received with self-owned site-of-origin. [Tony said] yes, agreed to all you said. In l3 case @ certain point in time e’one copied Cisco values on startup & issue was resolved ;-) IPVPN over EVPN does make sense. Once the packet is thrown off using L3, the chance to loop is smaller & albeit delivery is without L2 shortcut, it will be ‘safer’ as well ;-) Maybe a paragraph stating ‘here be dragons’ would be good or some such suggestions like this one which is ‘SHOULD’ only. I have to think about the tagging, new angle to me. --- tony
- Some observations/questions on inter-subnet and t… Antoni Przygienda
- Re: Some observations/questions on inter-subnet a… Rabadan, Jorge (Jorge)
- RE: Some observations/questions on inter-subnet a… Antoni Przygienda
- Re: Some observations/questions on inter-subnet a… Rabadan, Jorge (Jorge)