Re: draft-ietf-l3vpn-gre-ip-2547-04.txt
Ron Bonica <rbonica@juniper.net> Tue, 02 August 2005 07:59 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dzrge-0003Oa-25; Tue, 02 Aug 2005 03:59:44 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dzrga-0003OM-Tw for l3vpn@megatron.ietf.org; Tue, 02 Aug 2005 03:59:42 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA28112 for <l3vpn@ietf.org>; Tue, 2 Aug 2005 03:59:38 -0400 (EDT)
Received: from ixe-nat1.juniper.net ([193.110.54.36] helo=up-smtp.jnpr.net) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1DzsD2-0000uH-5l for l3vpn@ietf.org; Tue, 02 Aug 2005 04:33:12 -0400
Received: from emailemea1.jnpr.net ([172.26.192.140]) by up-smtp.jnpr.net with Microsoft SMTPSVC(6.0.3790.211); Tue, 2 Aug 2005 08:59:20 +0100
Received: from pi-smtp.jnpr.net ([10.10.2.36]) by emailemea1.jnpr.net with Microsoft SMTPSVC(6.0.3790.211); Tue, 2 Aug 2005 08:59:19 +0100
Received: from proton.jnpr.net ([10.10.2.37]) by pi-smtp.jnpr.net with Microsoft SMTPSVC(5.0.2195.6713); Tue, 2 Aug 2005 03:59:17 -0400
Received: from [172.23.1.32] ([172.23.1.32]) by proton.jnpr.net with Microsoft SMTPSVC(6.0.3790.211); Tue, 2 Aug 2005 03:59:16 -0400
Message-ID: <42EF27D1.3060001@juniper.net>
Date: Tue, 02 Aug 2005 03:59:13 -0400
From: Ron Bonica <rbonica@juniper.net>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Scott Wainner <swainner@cisco.com>
References: <42EA8107.1010104@cisco.com> <42EA8FF9.6020708@cisco.com> <42EA94E7.30103@cisco.com> <42EDAC8E.7050208@juniper.net> <42EE1E73.7020101@cisco.com>
In-Reply-To: <42EE1E73.7020101@cisco.com>
X-Enigmail-Version: 0.89.5.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 02 Aug 2005 07:59:17.0139 (UTC) FILETIME=[14B66E30:01C59738]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b84f8c8fba0e1389e5eb998b64078964
Content-Transfer-Encoding: 7bit
Cc: raszuk@cisco.com, l3vpn@ietf.org
Subject: Re: draft-ietf-l3vpn-gre-ip-2547-04.txt
X-BeenThere: l3vpn@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: l3vpn.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:l3vpn@ietf.org>
List-Help: <mailto:l3vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=subscribe>
Sender: l3vpn-bounces@ietf.org
Errors-To: l3vpn-bounces@ietf.org
Agreed. I will make this change in the next version of the draft. -r Scott Wainner wrote: > I think that the following paragraph needs to be modified: > > The effect is to dynamically create an IP (or GRE) tunnel between the > ingress and egress PE routers. No apriori configuration of the > remote tunnel endpoints is needed. Note that these tunnels SHOULD > NOT be IGP-visible links, and routing adjacencies SHOULD NOT be > supported across these tunnel. Note also that the set of remote > tunnel endpoints is not known in advance, but is learned dynamically > via the BGP distribution of VPN-IP routes. The IP address of the > remote tunnel endpoints is carried in the Network Address of the Next > Hop field of the MP_REACH_NLRI BGP attribute [4] > > to: > > The IP address of the remote tunnel endpoints MAY be inferred from the > Network Address of the Next Hop field of the MP_REACH_NLRI BGP attribute > [4]. Note that the set of Next Hop Network Addresses is not known in > advance, but is learned dynamically via the BGP distribution of VPN-IP > routes. Assuming a consistent set of tunnel capabilities exist between > all the PE's and ASBR's, no apriori configuration of the remote tunnel > endpoints is needed. The entire set of PE and ASBR routers MUST have > the same tunnel capabilities if the dynamic creation of IP (or GRE) > tunnels is desired. The preference to use an IP (or GRE) tunnel MUST be > configured. A set of PE's using two or more tunnel mechanisms (i.e. > LSP, GRE, IP, etc.) MUST determine the tunnel type on a per peer basis. > The automatic association of tunnel capabilities on a per peer basis is > for future study. Note that these tunnels SHOULD NOT be IGP-visible > links and routing adjacencies SHOULD NOT be supported across these tunnel. > > Scott Wainner > > > Ron Bonica wrote: > >> Scott, Robert, >> >> Can we agree for now that draft-ietf-l3vpn-gre-ip-2547-04 is OK as is, >> and that we can save the discussion below for the day when we address >> automated signaling? >> >> Ron >> >> >> Scott Wainner wrote: >> >>> >>> >>> Robert Raszuk wrote: >>> >>>> Scott, >>>> >>>> The question is valid and the automated solution to the problem has >>>> been proposed many times :) >>>> >>>> Just for the reference please look at the below draft: >>>> >>>> http://community.roxen.com/developers/idocs/drafts/draft-raggarwa-ppvpn-tunnel-encap-sig-01.html >>> >>> >>> >>> >>> >>> >>> >>> >>> or alternatively .. >>> http://www.ietf.org/internet-drafts/draft-nalawade-kapoor-tunnel-safi-03.txt >>> >>> >>> Nevertheless, something must be signaled by the egress PE. >>> >>>> >>>> >>>> Before we finalize the automated way the provisioning tools are >>>> responsible for selecting the encapsulation of choice. >>> >>> >>> >>> >>> Certainly, a provisioning tool could specify the use of GRE, IP, or >>> LSP encap; however, it would have to be done on a per peer basis. >>> >>> In addition, a distinct tunnel end-point cannot be distinguished >>> from the Next Hop address without reverting back to statically >>> configuring IP tunnel end-points. >>> >>> Seems these requirements defeat the purpose of the draft. >>> >>> Scott >>> >>>> >>>> >>>> Cheers, >>>> R. >>>> >>>> >>>> >>>>> In reviewing draft-ietf-l3vpn-gre-ip-2547-04.txt, I noted the >>>>> following that requires some clarification: >>>>> >>>>>> 4.1 MPLS-in-IP/MPLS-in-GRE Encapsulation by Ingress PE >>>>>> >>>>>> The following description is not meant to specify an implementation >>>>>> strategy; any implementation procedure which produces the same >>>>>> result >>>>>> is acceptable. >>>>>> >>>>>> When an ingress PE router receives a packet from a CE router, it >>>>>> looks up the packet's destination IP address in a VRF that is >>>>>> associated with packet's ingress attachment circuit. This enables >>>>>> the (ingress) PE router to find a VPN-IP route. The VPN-IP route >>>>>> will have an associated VPN route label and an associated BGP Next >>>>>> Hop. The label is pushed on the packet. Then an IP (or IP+GRE) >>>>>> encapsulation header is prepended to the packet, creating an >>>>>> MPLS-in-IP (or MPLS-in-GRE) encapsulated packet. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> It appears that the ingress PE can choose to use MPLS-in-IP or >>>>> MPLS-in- >>>>> GRE implying that the egress MUST be able to perform both forms of >>>>> decapsulation. If the egress PE can only perform one form of >>>>> decapsulation, >>>>> how does the ingress PE determine which form of encapsulation is >>>>> preferred >>>>> or required? >>>>> >>>>> The IP source >>>>> >>>>>> address field of the encapsulation header will be an address of the >>>>>> ingress PE router itself. The IP destination address field of the >>>>>> encapsulation header will contain the value of the associated BGP >>>>>> Next Hop; this will be an IP address of the egress PE router. QoS >>>>>> information can be copied from the VPN packet to the GRE/IP tunnel >>>>>> header so that required forwarding behaviors can be maintained at >>>>>> each hop along the forwarding path. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>> The effect is to dynamically create an IP (or GRE) tunnel >>>>>> between the >>>>>> ingress and egress PE routers. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Presumably, the ingress PE and/or egress PE are also capable of >>>>> forwarding >>>>> packets via label switched paths (either between themselves or to >>>>> other >>>>> PE's or ASBR's). In a mixed environment, its conceivable that two >>>>> PE's >>>>> could only communicate via GRE or IP while a third could use an LSP >>>>> to the >>>>> one or the other PE. What means does the ingress PE use to determine >>>>> that the LSP should be used verses the GRE or IP encap? >>>>> >>>>>> No apriori configuration of the >>>>>> remote tunnel endpoints is needed. Note that these tunnels SHOULD >>>>>> NOT be IGP-visible links, and routing adjacencies SHOULD NOT be >>>>>> supported across these tunnel. Note also that the set of remote >>>>>> tunnel endpoints is not known in advance, but is learned >>>>>> dynamically >>>>>> via the BGP distribution of VPN-IP routes. The IP address of the >>>>>> remote tunnel endpoints is carried in the Network Address of the >>>>>> Next >>>>>> Hop field of the MP_REACH_NLRI BGP attribute [4] >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> This model assumes that the Network Address of the Next Hop field >>>>> is the >>>>> destination tunnel address. This may or may not be true. The >>>>> provider >>>>> may in fact want the externally accessible tunnel address to be >>>>> distinct >>>>> from the Next Hop address for a variety of reasons including security, >>>>> transitive tunnels, etc. How does the egress PE indicate to the >>>>> ingress >>>>> PE that the tunnel should NOT be built to the Next Hop address, but to >>>>> a designated tunnel address assigned on the egress PE? Likewise, how >>>>> does an ASBR determine that traffic to prefixes to a peer ASBR should >>>>> not be tunneled while prefixes to a peer PE should be tunneled. >>>>> >>>>> Seems that some form of signaling is required which is not defined >>>>> in this >>>>> draft. >>>>> >>>>> Scott Wainner >>>>> >>>>> >>>>> >>>>> Message: 1 >>>>> Date: Fri, 22 Jul 2005 17:31:30 -0700 (PDT) >>>>> From: Rick Wilder <rick@rhwilder.net> >>>>> Subject: draft-ietf-l3vpn-gre-ip-2547-04.txt. >>>>> To: l3vpn@ietf.org >>>>> Message-ID: <20050723003130.30954.qmail@web308.biz.mail.mud.yahoo.com> >>>>> Content-Type: text/plain; charset="iso-8859-1" >>>>> >>>>> L3VPN participants, >>>>> >>>>> >>>>> This begins a two-week last call for comments on >>>>> draft-ietf-l3vpn-gre-ip-2547-04.txt. >>>>> >>>>> Rick >>>>> >>>>> >>>>> >>>> >>>> >>> >> >
- draft-ietf-l3vpn-gre-ip-2547-04.txt Scott Wainner
- Re: draft-ietf-l3vpn-gre-ip-2547-04.txt Robert Raszuk
- Re: draft-ietf-l3vpn-gre-ip-2547-04.txt Scott Wainner
- Re: draft-ietf-l3vpn-gre-ip-2547-04.txt Ron Bonica
- Re: draft-ietf-l3vpn-gre-ip-2547-04.txt Robert Raszuk
- Re: draft-ietf-l3vpn-gre-ip-2547-04.txt Scott Wainner
- Re: draft-ietf-l3vpn-gre-ip-2547-04.txt Ron Bonica