Re: [Idr] New Version Notification for draft-hao-idr-flowspec-evpn-00.txt
Robert Raszuk <robert@raszuk.net> Fri, 22 August 2014 10:15 UTC
Return-Path: <rraszuk@gmail.com>
X-Original-To: l2vpn@ietfa.amsl.com
Delivered-To: l2vpn@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6543A1A0240; Fri, 22 Aug 2014 03:15:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tW216Kb09KIT; Fri, 22 Aug 2014 03:15:05 -0700 (PDT)
Received: from mail-ie0-x22d.google.com (mail-ie0-x22d.google.com [IPv6:2607:f8b0:4001:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 075E01A020A; Fri, 22 Aug 2014 03:15:04 -0700 (PDT)
Received: by mail-ie0-f173.google.com with SMTP id tr6so6165603ieb.4 for <multiple recipients>; Fri, 22 Aug 2014 03:15:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=d8vyXLtrQFiH75xcrR0t/M6mzfzTvSvjSom9JUeYf3s=; b=c7TS7FR9iyu0ViBQsfax1IeQ+yNgQRKSpYOhIJjU3TNdKHDibIPtRHLIw0pA/4XgGZ 2wGzIkExpmjJizucJ8cGe2QpT/kpaRQZkXwvB0CCxWFKdSogaPaAtrawjiF/6xX+t+44 Wuc1H6DWlRtCQR6XgFfcDpnlWPFV203N2X6XxzqII8PwOLTo9zVvd9CJLrnnYeygzI8B kugFPr9O4AHFqFsQ5qJhiSp2UVyl8PDir2z6S5zMgepTyDWU3lWkcnRqxmMdpdEmJtax G7xUzIPA3WjfZmy81yQrL+aleyL0dKDwSIzBgKIFWIm0sLRmtBHVio+G2s22Nj4bDZdK 7dWQ==
MIME-Version: 1.0
X-Received: by 10.50.79.132 with SMTP id j4mr26373048igx.9.1408702504373; Fri, 22 Aug 2014 03:15:04 -0700 (PDT)
Sender: rraszuk@gmail.com
Received: by 10.107.32.141 with HTTP; Fri, 22 Aug 2014 03:15:04 -0700 (PDT)
Received: by 10.107.32.141 with HTTP; Fri, 22 Aug 2014 03:15:04 -0700 (PDT)
In-Reply-To: <29476_1408695761_53F6FDD1_29476_12929_1_9E32478DFA9976438E7A22F69B08FF9207DB14@OPEXCLILM34.corporate.adroot.infra.ftgroup>
References: <20140820002030.18902.50278.idtracker@ietfa.amsl.com> <DD5FC8DE455C3348B94340C0AB5517334F7F21D1@nkgeml501-mbs.china.huawei.com> <B17A6910EEDD1F45980687268941550F06D74DB1@MISOUT7MSGUSRCD.ITServices.sbc.com> <DD5FC8DE455C3348B94340C0AB5517334F7F2339@nkgeml501-mbs.china.huawei.com> <29476_1408695761_53F6FDD1_29476_12929_1_9E32478DFA9976438E7A22F69B08FF9207DB14@OPEXCLILM34.corporate.adroot.infra.ftgroup>
Date: Fri, 22 Aug 2014 12:15:04 +0200
X-Google-Sender-Auth: CLvZmOFfGxOhVD0pGrYNOzdERQQ
Message-ID: <CA+b+ERknOzLm_ixQ_RGP2=x=FRestmhoL3P4m=6qRHy5xV8ygA@mail.gmail.com>
Subject: Re: [Idr] New Version Notification for draft-hao-idr-flowspec-evpn-00.txt
From: Robert Raszuk <robert@raszuk.net>
To: "<stephane.litkowski@orange.com>" <stephane.litkowski@orange.com>
Content-Type: multipart/alternative; boundary="089e01228e0c5e32690501351c28"
Archived-At: http://mailarchive.ietf.org/arch/msg/l2vpn/oDkHwxbAMCAA6lRGe0qoeYi3Zcg
Cc: "l2vpn@ietf.org" <l2vpn@ietf.org>, "idr@ietf.org" <idr@ietf.org>, liuweihang <liuweihang@huawei.com>, ju1738@att.com
X-BeenThere: l2vpn@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Layer 2 Virtual Private Networks <l2vpn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/l2vpn>, <mailto:l2vpn-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/l2vpn/>
List-Post: <mailto:l2vpn@ietf.org>
List-Help: <mailto:l2vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/l2vpn>, <mailto:l2vpn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Aug 2014 10:15:07 -0000
Stephane, Is FS even comparable to openflow? Are you one of them who believes that SDN = OF ? P2MP distribution has advantage when same type of information is required to be present in large number of locations. I think the attempt to build directed arcs with RTC for more and more types of data is not right direction. How about Opflex ? http://tools.ietf.org/html/draft-smith-opflex-00 Best, R. On Aug 22, 2014 10:22 AM, <stephane.litkowski@orange.com> wrote: > Hi, > > I think this is a valuable addition, but I would like to see these MAC > filters being applicable also to IPv4 plugs (FS IPv4 & VPNv4) > > Moreover , the new AFI/SAFI should not be restricted to EVPN, any L2 > interface may be interested by such filter (VPLS, basic L2 switching ...). > > Route distinguisher may be is missing ... > > Now more globally, may be it's time to think more globally about the > evolution of FS. I pretty see FS evolution largely beyond DDoS domain. FS > is a very good protocol for SDN applications. The question behind is do we > really need to work with multiple address families for each type of > "service"/"interface type" to filter or do we need to have a more global > model where we would be able to put any type of filter any where and apply > multiple actions (openflow like FS). Compared to openflow, FS has the magic > to enable multipoint distribution of actions. > > Best Regards, > > Stephane > > > -----Original Message----- > From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Haoweiguo > Sent: Thursday, August 21, 2014 04:11 > To: UTTARO, JAMES; 'idr@ietf.org'; 'l2vpn@ietf.org' > Cc: liuweihang > Subject: [Idr] 答复: New Version Notification for > draft-hao-idr-flowspec-evpn-00.txt > > Hi Jim, > Thanks for your comments. The BGP Flowspec procedures is illustrated as > following: > > EVPN FlowSpec Session > EVPN FlowSpec Session > DDOS Detection Appliance--------------------------Egress > PE-----------------------------Ingress PE------CE2 > > | > > CE1 DDOS Detection Appliance establishes EVPN flowspec session > with Egress PE, it detects DDOS attack traffic and generate ACL rule, the > ACL rule is announced to Egress PE through EVPN flowspec protocol, then the > egress PE announces it to ingress PE, finally ingress PE installs the ACL > rule for traffic filtering. > DDOS Detection Appliance only needs to support EVPN flowspec function, it > doesn't need to support basic EVPN function. > Thanks > weiguo > ________________________________________ > 发件人: UTTARO, JAMES [ju1738@att.com] > 发送时间: 2014年8月21日 0:29 > 收件人: Haoweiguo; 'idr@ietf.org'; 'l2vpn@ietf.org' > 抄送: liuweihang > 主题: RE: New Version Notification for draft-hao-idr-flowspec-evpn-00.txt > > Weiguo, > > I would like to better understand how a remote PE will "learn" > that it needs to deliver a FS path to the ingress PE?? It cannot come from > the CE as that is data plane learning. I would think that all FS paths have > to be disseminated by a centralized controller. > > Jim Uttaro > > -----Original Message----- > From: Idr [mailto:idr-bounces@ietf.org] On Behalf Of Haoweiguo > Sent: Tuesday, August 19, 2014 8:31 PM > To: idr@ietf.org; l2vpn@ietf.org > Cc: liuweihang > Subject: [Idr] 答复: New Version Notification for > draft-hao-idr-flowspec-evpn-00.txt > > Hi All, > We have submitted a draft of " Dissemination of Flow Specification Rules > for EVPN". I will appriciate if you can give us some suggestions and > comments. > Thanks > weiguo > > ________________________________________ > 发件人: internet-drafts@ietf.org [internet-drafts@ietf.org] > 发送时间: 2014年8月20日 8:20 > 收件人: Zhuangshunwan; Haoweiguo; liuweihang; Zhuangshunwan; liuweihang; > Haoweiguo > 主题: New Version Notification for draft-hao-idr-flowspec-evpn-00.txt > > A new version of I-D, draft-hao-idr-flowspec-evpn-00.txt > has been successfully submitted by Weiguo Hao and posted to the IETF > repository. > > Name: draft-hao-idr-flowspec-evpn > Revision: 00 > Title: Dissemination of Flow Specification Rules for EVPN > Document date: 2014-08-20 > Group: Individual Submission > Pages: 7 > URL: > http://www.ietf.org/internet-drafts/draft-hao-idr-flowspec-evpn-00.txt > Status: > https://datatracker.ietf.org/doc/draft-hao-idr-flowspec-evpn/ > Htmlized: http://tools.ietf.org/html/draft-hao-idr-flowspec-evpn-00 > > > Abstract: > This document defines BGP flow-spec extension for Ethernet traffic > filtering in EVPN network. A new BGP NLRI type (AFI=25, SAFI=TBD) > value is proposed to identify EVPN flow-spec application. A new > subset of component types and extended community also are defined. > > > > > Please note that it may take a couple of minutes from the time of > submission until the htmlized version and diff are available at > tools.ietf.org. > > The IETF Secretariat > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr > > > _________________________________________________________________________________________________________________________ > > Ce message et ses pieces jointes peuvent contenir des informations > confidentielles ou privilegiees et ne doivent donc > pas etre diffuses, exploites ou copies sans autorisation. Si vous avez > recu ce message par erreur, veuillez le signaler > a l'expediteur et le detruire ainsi que les pieces jointes. Les messages > electroniques etant susceptibles d'alteration, > Orange decline toute responsabilite si ce message a ete altere, deforme ou > falsifie. Merci. > > This message and its attachments may contain confidential or privileged > information that may be protected by law; > they should not be distributed, used or copied without authorisation. > If you have received this email in error, please notify the sender and > delete this message and its attachments. > As emails may be altered, Orange is not liable for messages that have been > modified, changed or falsified. > Thank you. > > _______________________________________________ > Idr mailing list > Idr@ietf.org > https://www.ietf.org/mailman/listinfo/idr >
- 答复: New Version Notification for draft-hao-idr-fl… Haoweiguo
- RE: New Version Notification for draft-hao-idr-fl… UTTARO, JAMES
- 答复: New Version Notification for draft-hao-idr-fl… Haoweiguo
- RE: New Version Notification for draft-hao-idr-fl… stephane.litkowski
- Re: [Idr] New Version Notification for draft-hao-… Robert Raszuk
- RE: [Idr] New Version Notification for draft-hao-… stephane.litkowski
- RE: [Idr] New Version Notification for draft-hao-… Robert Raszuk
- RE: [Idr] New Version Notification for draft-hao-… UTTARO, JAMES
- RE: [Idr] New Version Notification for draft-hao-… Robert Raszuk
- RE: [Idr] New Version Notification for draft-hao-… UTTARO, JAMES
- Re: [Idr] New Version Notification for draft-hao-… Robert Raszuk
- RE: New Version Notification for draft-hao-idr-fl… UTTARO, JAMES
- 答复: New Version Notification for draft-hao-idr-fl… Haoweiguo
- RE: [Idr] New Version Notification for draft-hao-… Dongjie (Jimmy)
- 答复: [Idr] New Version Notification for draft-hao-… Haoweiguo
- RE: [Idr] New Version Notification for draft-hao-… UTTARO, JAMES
- RE: [Idr] New Version Notification for draft-hao-… stephane.litkowski
- RE: New Version Notification for draft-hao-idr-fl… stephane.litkowski
- 答复: [Idr] New Version Notification for draft-hao-… Haoweiguo
- 答复: New Version Notification for draft-hao-idr-fl… Haoweiguo
- RE: New Version Notification for draft-hao-idr-fl… stephane.litkowski
- 答复: New Version Notification for draft-hao-idr-fl… Haoweiguo
- RE: New Version Notification for draft-hao-idr-fl… UTTARO, JAMES
- Re: [Idr] New Version Notification for draft-hao-… Robert Raszuk
- RE: New Version Notification for draft-hao-idr-fl… Bertrand Duvivier (bduvivie)