IETF Logo Mail Archive

Re: [L3sm] New Version Notification for draft-wu-l3sm-rfc8049bis-02.txt

David Ball <daviball@cisco.com> Wed, 30 August 2017 11:19 UTC

Return-Path: <daviball@cisco.com>
X-Original-To: l3sm@ietfa.amsl.com
Delivered-To: l3sm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABE1D132F1A for <l3sm@ietfa.amsl.com>; Wed, 30 Aug 2017 04:19:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NO4duEbc_eIK for <l3sm@ietfa.amsl.com>; Wed, 30 Aug 2017 04:19:20 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43EFF132F43 for <l3sm@ietf.org>; Wed, 30 Aug 2017 04:19:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=18992; q=dns/txt; s=iport; t=1504091956; x=1505301556; h=subject:to:cc:references:from:message-id:date: mime-version:in-reply-to; bh=V1UWwqf6/+3aHpSgGxGviBLCzbgJFwM2qgqF783lzU8=; b=Mf094bIvzTk38y5GhmKVY9g5qU3GjnQQOdXYwCD8LFxuXvlTAjQl+X87 6EpQAzdX0Pv+LQAb9G9Rtv5Bw85oBl4rL5ZitZBeDwyEr7/TtsrStFOUC qW1CkFBXQYS2lUS7lwtH7qgHWABhSNtt/Gd92VN/vFzdwOsgj/fIP78K5 E=;
X-IronPort-AV: E=Sophos;i="5.41,448,1498521600"; d="scan'208,217";a="657124892"
Received: from aer-iport-nat.cisco.com (HELO aer-core-3.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 30 Aug 2017 11:19:14 +0000
Received: from [10.63.68.124] ([10.63.68.124]) by aer-core-3.cisco.com (8.14.5/8.14.5) with ESMTP id v7UBJCLl018089; Wed, 30 Aug 2017 11:19:14 GMT
To: "ke-oogaki@kddi.com" <ke-oogaki@kddi.com>
Cc: Qin Wu <bill.wu@huawei.com>, "l3sm@ietf.org" <l3sm@ietf.org>, 'Stephane Litkowski' <stephane.litkowski@orange.com>, "adrian@olddog.co.uk" <adrian@olddog.co.uk>, "Jan Lindblad (jlindbla)" <jlindbla@cisco.com>
References: <B8F9A780D330094D99AF023C5877DABA9AA5D7A2@nkgeml513-mbx.china.huawei.com> <c76328ad-b71e-b2a3-92a4-b02beac2be7d@cisco.com> <B8F9A780D330094D99AF023C5877DABA9AABA8A4@nkgeml513-mbx.china.huawei.com> <00f001d31b2f$541e6f90$fc5b4eb0$@kddi.com> <7e9655f5-3ae8-11a1-6904-2ab75eb0b1a2@cisco.com> <B8F9A780D330094D99AF023C5877DABA9AACC84F@nkgeml513-mbx.china.huawei.com> <10a6c195-8959-2d51-ae14-3d93d89f973b@cisco.com> <af1a9f9e1bb487f871491bf7e9f806bc@iPhone>
From: David Ball <daviball@cisco.com>
Message-ID: <36dd5842-66ee-28ff-edbb-8e7e00afdfe1@cisco.com>
Date: Wed, 30 Aug 2017 12:19:12 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <af1a9f9e1bb487f871491bf7e9f806bc@iPhone>
Content-Type: multipart/alternative; boundary="------------AB28736BECBC23738987FF1E"
Content-Language: en-GB
Archived-At: <https://mailarchive.ietf.org/arch/msg/l3sm/qc1xsScj083NwUPbwlhi8EJNZAg>
Subject: Re: [L3sm] New Version Notification for draft-wu-l3sm-rfc8049bis-02.txt
X-BeenThere: l3sm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: L3VPN Service YANG Model discussion group <l3sm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/l3sm>, <mailto:l3sm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/l3sm/>
List-Post: <mailto:l3sm@ietf.org>
List-Help: <mailto:l3sm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/l3sm>, <mailto:l3sm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Aug 2017 11:19:23 -0000

Hi Kenichi,


On 25/08/2017 13:59, ke-oogaki@kddi.com wrote:
>
>> Hi Qin,
>>
>> Looking back at Jan's comments, I think his point was not that the
>> leaves should all be mandatory, but that they should either be
>> mandatory, or they should have descriptions that explain the meaning if
>> they are not present.  So I think we are basically in agreement (I said:
>> "Also this use case needs to be mentioned in the description for those
>> leaves.") - but I've copied Jan in case I have mis-interpretted what he
>> said.
>>
>> I disagree that the connection subnet is always requested by the
>> customer - a very common scenario where this is not the case is for
>> residential internet access.  In that case, the addresses used behind
>> the CE are typically from private address space, so the customer can be
>> confident that they won't conflict with whatever the provider has chosen
>> to use (and allocate with DHCP) on the PE/CE link.  Another common case
>> is where it is a provider-managed CE, so the connection addressing
>> applies to the downstream link from the CE to the customer, not to the
>> PE/CE link.  In this case the customer may not have any of their own
>> subnets (i.e. everything is directly connected (at L3) to the CE), so
>> there is no chance of a conflict.
> [KO] As an VPN service provider, our customer really specifies the addresses for provider-customer boundary links in our commercial service. I believe the other service providers also do so.

[DB] That's fine, we are not trying to preclude that case.  However, 
making the leaves mandatory means that it must always be done this way, 
i.e. that there are *never* cases where the provider chooses the 
addressing.  I don't believe that is the case.

> As the abstract says, this model is limited to BGP PE-based VPN service. Your scenario for a residential internet access is out of scope.

[DB] Cloud access, including internet access, is included in the model.

> As shown in a diagram at Section 6.11, the provider-managed CE case considers that customer routers exist under a provider-managed CE. In that case, we can easily imagine address conflict between a CE-customer router link and subnets under a customer router. Also, even if a site is a provider-managed CE site, but if any other site is a customer-managed CE site and allocates addresses by themselves, an address conflict must happen.

[DB] Yes; but there may be a case where there are no customer routers, 
just customer hosts connected directly to the provider-managed CE or 
connected directly to the PE (as described in section 6.11.2).  In this 
case there is no possibility of conflict.


     David



>>>   -----邮件原件-----
>>>   发件人: David Ball [mailto:daviball@cisco.com]
>>>   发送时间: 2017年8月23日 19:48
>>>   收件人: Ogaki, Kenichi; Qin Wu; l3sm@ietf.org
>>>   抄送: 'Stephane Litkowski'; adrian@olddog.co.uk
>>>   主题: Re: [L3sm] New Version Notification for draft-wu-l3sm-rfc8049bis-02.txt
>>>
>>>   On 22/08/2017 11:13, Ogaki, Kenichi wrote:
>>>
>>>>   Hi Qin,
>>>>
>>>>>          2. For the connection addresses, the provider's IP address/mask:
>>>>   As for dhcp related provider-addresses and the masks, these are not what SP provides, but the subnet which the customer requests to specify the leased address subnet. Then, these must be configurable.
>>>   So you're saying even when DHCP is used, the customer can request that addresses will be allocated from a specific subnet?  That's not something I've heard of, but ok. :)  These leaves should definitely be optional in that case, as the more normal case is that the customer does not request a specific subnet.  Also this use case needs to be mentioned in the description for those leaves.
>>>
>>>   [Qin]: Early on in the YANG Doctor review from Jan, one suggestion was to make provider-address and customer-address mandatory parameter.
>>>   https://www.ietf.org/mail-archive/web/l3sm/current/msg00677.html
>>>   We think his point is valid and have implemented his comment.
>>>   Talking with L3SM design team members recently, it has been agreed that all these parameters (irrespective of DHCP case or static case )are basically specified/requested by a customer.
>>>   Otherwise, address conflict occurs between provider-allocated subnets (PE-CE links) and customer-allocated subnets (under CE).
>>>   So for consistency, I think we should make all these parameters as mandatory parameters.
>>>
>>>         David
>>>
>>>>   Thanks,
>>>>   Kenichi
>>>>
>>>>   -----Original Message-----
>>>>   From: L3sm [mailto:l3sm-bounces@ietf.org] On Behalf Of Qin Wu
>>>>   Sent: Monday, August 21, 2017 5:39 PM
>>>>   To: David Ball; l3sm@ietf.org
>>>>   Cc: Stephane Litkowski; Kenichi Ogaki; adrian@olddog.co.uk
>>>>   Subject: Re: [L3sm] New Version Notification for
>>>>   draft-wu-l3sm-rfc8049bis-02.txt
>>>>
>>>>>   11. In accordance with the clarified scope, parts of the model that correspond
>>>>>           with information provided by the SP need to be marked with "config false".
>>>>>           I've identified the following, but there might be more.
>>>>>          1. The list of profiles of various types (i.e. l3vpn-service/vpn-profiles)
>>>>>          2. For the connection addresses, the provider's IP address/mask:
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv4/provider-dhcp/provider-address
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv4/provider-dhcp/mask
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv4/dhcp-relay/provider-address
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv4/dhcp-relay/mask
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv4/addresses/provider-address
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv4/addresses/mask
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv6/provider-dhcp/provider-address
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv6/provider-dhcp/mask
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv6/dhcp-relay/provider-address
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv6/dhcp-relay/mask
>>>>>         • l3vpn-service/sites/site/site-network-accesses/site-network-access/ip-connection/ipv6/addresses/provider-address
>>>>>         •
>>>>>   l3vpn-service/sites/site/site-network-accesses/site-network-access/ip
>>>>>   -connection/ipv6/addresses/mask
>>>>      
>>>>
>>>>   That sounds reasonable.
>>>>
>>>>   [Qin]: One more comment, we can not put ‘config false’ for
>>>>   l3vpn-service/vpn-profiles, since Config true leafrefs MUST NOT refer
>>>>   to config false data
>>>>
>>>>   This issue was discussed before, see discussion available at:
>>>>
>>>>   https://www.ietf.org/mail-archive/web/l3sm/current/msg00683.html
>>>>
>>>>
>>>>
>>>   --
>>>   David Ball
>>>   <daviball@cisco.com>
>>>
>> -- 
>> David Ball
>> <daviball@cisco.com>
>>
>>

-- 
David Ball
<daviball@cisco.com>

v2.23.0 | Report a Bug | By Email